A consortium led by the American Council on Education (ACE) and Educause challenged the FCC's position that facilities-based Internet services and VoIP were covered under CALEA, arguing that they fell under the exempt category of Information Services. The U.S. Court of Appeals for the District of Columbia Circuit ruled in favor of the FCC 2-1 but did reaffirm that certain networks could be exempt.

The determination of what makes a network exempt, however, is not quite clear. A self-contained network that has absolutely no possible method to pass traffic to the Internet is clearly a private network and therefore not subject to CALEA. If an Internet connection was the sole CALEA determinant, the exempt/nonexempt question would not be an issue. However, that's not the case.

The CALEA tests

There are essentially two tests to determine whether or not a network connected to the Internet is exempt or not from CALEA. Note that this doesn't mean that the data is exempt from monitoring; it only aids in determining where the monitoring takes place.

The first question to answer is whether or not the network is private or not. As most corporate networks are not publicly accessible, they would be exempt from CALEA. On the other hand, an ISP by definition operates a large publicly accessible network and therefore would be expected to fall under CALEA.