UKC

Anybody got a problem with GCHQ listening and watching everything that you do from now on?

http://uk.news.yahoo.com/monitoring-expansion-proposed-231042436.html

In reply to The Lemming: Why not.. Its only fair.. I listen to everything that GHCQ does..oops said too much !! Sorry , have to go the old bill are at the door

In reply to The Lemming: do they record phone calls and email contents yet?

In reply to The Lemming:

I assume someone who actually had something to hide could get around this fairly easily using an encrypted VPN or tunnelling service couldn't they?

In reply to The Lemming: As if they weren't listening to anything and everything they wanted before. Come on! FFS, they've been tapping into all of this stuff for donkeys years

In reply to woolsack: the intelligence of a lemming can be underestimated..

In reply to subalpine:


Not always.

In reply to The Lemming: I'm surprised nobody has come out with that great line about if you have done nothing wrong you have nothing to fear. Do people no longer think that way since perfectly innocent people have been whisked away and held for years without trial?

In reply to woolsack:

..or shot...

In reply to The Lemming:

Listening and reading the news, I'm still not happy with this whole thing.

Am I in the minority?

In reply to The Lemming:
When it made the news on Sunday I assumed it was an April Fools joke.

In reply to The Lemming:

I often see the outrage at companies like google tracking the sites you search for to help their advertising and various stuff in the same vein and think "why should we care?". I'm really not that bothered if someone wants to track something that really does me know harm.

However this is too much. It's ridiculous, unnecessary and invasive.

If the Government said it was going to introduce CCTV cameras into the bedroom, bathroom and livingrooms of every home, but would only be used as and when required for the "real time fighting of crime" would you give them the go ahead? It is the exact same principle in action.

In reply to The Lemming: Well it will provide a lot of employment at GCHQ to eaves drop on a nation and if someone wants to drop by, read my e-mails and list to my telephone conversations/text, God help them...........

In reply to Jaffacake:
I assume someone who actually had something to hide could get around this fairly easily using an encrypted VPN or tunnelling service couldn't they?

Depends the Chinese have got very good at picking up Tor and similar Onion proxies. So they can block most of the usual methods of covering your tracks. Encrypting your data provides a measure of security but unlike in the US the UK can force you to incriminate yourself by handing over encryption keys. Also a lot of monitoring is about who you contact rather than what you say and encryption won't prevent that. Techniques like steganography are coming back into fashion as they are harder to spot, why email an encriminating document when you can post a photo in plain sight?

The problem is that the level of equipment required to do this starts increasing the cost. I'm possibly more bothered about the government wasting £billions developing the infrastructure required to do anything useful with this than I am with them reading my email.

In reply to The Lemming:

I'm with you. It's totaly wrong. What is it with governments of this country? both set of cheating bastards are as bad as each other. Whoever is in power seems intent in turning us into a closely monitored state. The only thing that i could possibly say in favour of the tories is that they allways seemed to be anti surveillance culture and this is one area where i would agree that government should step away from the people. They will suggest ID cards next. and then privatise it.

In reply to bluebealach:


...what are the chances of a future government taking a dislike to certain planning decisions and making the obstructors dissapear so they can build a new shrine to communism where the golf course used to be?

Happens in China, could happen here in time.

Its not too far a leap from David Kelly to situations like that.

In reply to The Lemming: Apparently it will stop the all the terrorist that have been ravaging our innocent shores for the last decade.

In reply to The Lemming:
I think it is laughable.Anybody who uses an email etc at work will know that the company can easily go in and read your emials etc.There is only one answer, do not use any form of modern technolgy, and I know people who do this because of privacy issues. Reality is you should assume anybody can go in and read your emails etc etc.

A spat over nothing.

Encryption strength of a certain level is also illegal in this country. The highest levels used legally in e-commerce etc can not normally be decrypted by anyone, but government would be able to decrypt with the appropriate computing power. The USA also has legals about encryption export in that the highest levels allowed in the states are not allowed to be used legally outside the states meaning the USA will always be more secure in many ways than everyone else.

In reply to The Lemming:

Only at Westminster could we have the farcical spectacle of a LIBERAL Democrat telling us this is good. If there ever was a party that deserves the annihilation it is about to get it was the Lib Dems. They have no credibility on any subject. My own MP (Danny Alexander) will not get back in.

In reply to Milesy:
Are you sure about high strength encryption being illegal? I know the US lists certain encryption technolgies as being barred from shipment (AES256?) but I don't think possession is actually illegal.

The courts in the UK can require you to decrypt files or face a spell in jail, whereas in the US you are covered by your 5th ammendment rights and cannot be legally required to incriminate yourself.

In reply to The Lemming: Don't worry, if you aren't doing anything wrong then you've got nothing to worry about. This is why the world's governments welcome and encourage Wikileaks.

In reply to Ramblin dave:

Haha, +1. Well put sir.

In reply to The Lemming: We actually suggested that this work should be out-sourced to somebody far more qualified like, say, News International!
Doesn't look like they took us seriously though....bummer!

In reply to Reach>Talent:

It's not illegal, nor is it necessarily banned from export either.
The regulations are pretty confusing but there is plenty of software that use AES256 and export it from the US.

It's more of a notification mechanism than anything else now. I suspect they might take an interest if it's some kind of specialist encryption software and you won't be able to export to certain countries but in general it's okay.
They've realised that it's kind of pointless since they don't really have a monopoly on cryptographic technology any more, anyone can get access to and compile open source crypto software.

In reply to The Lemming:

Nah not too fussed. Between google, my phone provider and my bank the information is already out there anyway. The cost of implementing this policy on the other hand, does bother me.

I pity the bloke that has to sit and read through all our dry tooling debates.

In reply to Ramblin dave:
Is it wrong to look at busty milf creampies? It feels so right.

In reply to GCHQ: If you intercept any of my emails or telephone calls then you will be shat upon from a great height, your limbs will be torn from your body and you shall be fed to the birds and beasts of the land.

In reply to The Lemming:
Given the very limited details of exactly what has been proposed it's not exactly clear exactly what expansion is proposed.
Most of what people appear to be complaining about is already possible with checks and balances in place in law.

The biggest issue is that some companies - social media, email - are based in the USand thus under US legislation. It's difficult to imagine whatever law was passed in the UK would be enforceable over there.

The massive paranoia is somewhat misplaced, though undoubtedly makes people feel important. Do you really think that with cybercrime, fraud, paedophiles and serious terrorist threat (along with the mundane reality of everyday policing) that there are sufficient resources to even submit requests for data (lengthy and time consuming as they rightly are) let alone analyse the results, for anything but the most serious of serious crime.

In reply to woolsack:

I'm quite certain that no-one gives a toss what I say, even though I do occasionally speculate on how useless terrorists must be, and how they must also be an insignificant minority as we manage to live our lives relatively bomb free despite most of us I'm sure being able to think of dozens of ways to bomb places were we so inclined. Except we're not, because that wouldn't be very nice.

I don't really understand the problem of requiring a warrant. If that takes too long then propose changes to speed up the process, but what's wrong with you having to have reasonable cause to suspect someone before spying on them (I wonder if I've given 'them' reasonable cause to suspect me in this post?)

Or is it just who you communicate with and stuff so more aimed at seeing who it is that suspected terrorists are talking to so they can spy on them too?

In reply to nonymouse:

We're doing that already, under existing legislation and boy they're tedious

In reply to Dave 88:
I pity the bloke that has to sit and read through all our dry tooling debates.

Jihad, pornography, tax evasion. Another few dozen people will probably have to suffer this thread now

In reply to The Lemming:
Has the obligatory Daily Mash link been posted yet?
http://www.thedailymash.co.uk/news/society/totally-inept-losers-confident-t...

In reply to Jaffacake:

How useless terrorists are or how effective the security services are?
As you say - plotting an atrocity is easy - and there appear to be no shortage of anti western volunteers. Considering we appear unable to deport some
of them it's pretty resource intensive too.
Security service success is on prevention of attacks - not prosecution of offenders

In reply to The Lemming: hasn't Menwith hill been listening for years, looking for keywords and phrases is easy if they are typed, no people are needed to flag up an email that , mentions them, once flagged as suspicious i suppose more attention would be made by OnDutty and the likes
words like ,,,, well you can imagine what they would initially be looking for.

In reply to gd303uk:

On my fairly basic knowledge of the internet - a packet switched system where each packet can take a totally different route to It's destination I am not sure how "all" emails from "everyone" could even be monitored let alone scanned.

In reply to gd303uk: Sew itz owkay iff yew spel awl teh wirds rong? Nothing to worry about for most posters then.

This is a message for the real GCHQ...




































































Piss Off

In reply to off-duty:

>Security service success is on prevention of attacks - not prosecution of offenders

They are hoping to offset that failure with Ken Clarke's suggestion that secret trials where the defendant and his brief will never find out what evidence exists will somehow promote freedom and democracy.

D

In reply to Sir Chasm: lol

in reply to Onduty ; you're correct your basic knowladge of the internet will make you unsure of how all emails etc can be scanned, i dont think it would do the listeners any good if they revealed how, but it might be possible .
of course it is easy to deny such but why wouldn't they?
do you know what Menwith hill is set up to do?
http://www.cnduk.org/campaigns/no-to-us-missile-defence/menwith-hill

http://www.guardian.co.uk/world/2012/mar/01/menwith-hill-eavesdropping-base...

In reply to off-duty:


if you listen in at the right places you would stand a fairly good chance.
for same country use start with the ISPs, for other countries. For intercontinental there really isnt that many places you need to stick a sniffer on although bandwidth would be insane.

plus there are ways to persuade the packets to go the way you want (although peeps will notice sooner or later)

In reply to The Lemming:

The idea is now to CC Theresa May on all your emails from next Monday to save them some work - mayt@parliament.uk

In reply to Milesy:
It is the exact same principle in action.

If you see the world in black and white then yes, it is exact(ly) the same principle. In reality of course there are shades of grey. Most of us are happy with some intrusion into our privacy to prevent crime, the question is how much is appropriate. Since the level of intrusion proposed for email, web etc. is already in place for telephone calls, I am not sure this is as terrible as people are making out.

In reply to gd303uk:
Yep you are right to be paranoid, with 2500 people to monitor all telephone and internet communication from the UK via the US then it's almost certain that they are monitoring you as closely as if they are standing on your shoulder

Still if that's all happening already, what exactly is is about this new legislation that's got everybody worried?

In reply to ericoides:
If Theresa May saw what I was looking at on the internet she'd probably come.

In reply to ericoides:
Sorry I meant to say...and have me arrested.

In reply to Ken Lewis:

More likely to be a Mosque!

In reply to off-duty: i am not paranoid but what do you think a £43 million pound generator is powering? sinclair spectrum's.

In reply to off-duty:

Ah good point.

I would be quite interested to see behind the scenes how they find and stop terrorist threats, I imagine most of it is boring work but I'd find the process interesting.

I guess it's also harder than I think, as while I have plenty of ideas about how I would distribute a bomb I don't know the first thing about building them* or the slightest inclination to do so. I guess it's hard to find someone who would satisfy all three of those and as soon as you start talking to other people you risk attracting suspicion.

*I suspect if I had both paid more intention in class and been thinking of ways to build a bomb I probably would know a fair amount about it, I recall various methods being mentioned, I just didn't care enough to pay much attention.

I wonder how many potential threats a year they find and stop, I assume there aren't that many, but that's mostly because I think that most people are nice and don't want to blow their fellow people up, because that's not what nice people do.

I assume they don't get that much credit for any potential threats they help stop either. But no doubt get a hell of a lot of flak from various media outlets on the rare occasions they fail.

In reply to gd303uk:

Knowing the way government procurement works they are probably ZX80's

In reply to The Lemming:

If you think of this logically there is so much communication traffic that it would be quite impossible to ever listen to it all let alone monitor it for Mr and Ms Average, so 99.9% of us having nothing to worry about. However what it does enable CCHQ to do is to target known suspects and listen into, record and analize their communication traffic.

In reply to Trangia:

should have read GCHQ

In reply to off-duty:

i like it it wouldn't suprise me .

In reply to Trangia: I thought GCHQ and their ilk screened, using their magic software, almost everything for key words and phrases. So if I stuck to the point in this post I'd be fine, but if I mentioned that I was thinking of exploding something more dangerous than a specious argument within the Houses of Parliament, I'd end up having my every phone call, text message and electronic noodling examined for ill intent and contributing to the tedium of the job of someone that scruntinises these things.

However, I did like your use of the verb 'to analize'*, which surely deserves more widespread use.

T.
* amusing definitions welcome

In reply to The Lemming: Compared to my ex-wives, GCHQ are lightweights!

In reply to off-duty:


To me it's the government constantly passing laws that intrude on my privacy. At the moment it's not so bad, our government is a just and corruption free one (in the grand scheme of things) and as much as I dislike them I trust them not to do anything untoward with all this information.

However if the world was to change dramatically and rapidly all the infrastructure is in place for a totalitarian government to lock down society in no time whatsoever.

We have some odd notion that this won't happen as it hasn't happened in the majority of our life times, which is pathetic as it happened constantly throughout history, and as recently as 70 years ago in Europe. Now imagine Hitler's, Stalin's or Pol Pot's regimes with our levels of technological surveillance. The thought is quite terrifying.

In reply to Shaun L:

I'm not entirely convinced that the regimes of Hitler, Pol Pot and Stalin would require legislation to monitor their citizenry.
If the technology exists it'll get used.
Personally I'd rather it was used within a legislative framework.

In reply to off-duty: Would the legislation not make it much easier for a regime like that to take power though? Is it not easier to make laws than reverse them? It's like CCTV, once it's there it doesn't get taken away.

I guess it's too late now anyway, I'll just stick to plan B which is to scarper soon as.

In reply to The Lemming: I still think it stinks. If there's a suspicion, get a warrant.
Although I do suspect phone hacking & surveilance has been going on on the quiet...but what happens when there are 60 million x 3 emails to look at? is this a new way to get people off the dole, or to fund another useless IT firms xmas party, even if it doesn't work?

I'm suspicious that things will leak out, potential for blackmail/blacklists. If you had been looking a Greenpeace website, would you get a job in government or an oil firm that happens to donate money? Conspiracy to comit an illegal act is a crime.....wouldn't it be a handy way to neutaralise/remove people if you could have that as a lovely little set of emails? And conspiracy to cause a public nuisance might be a result of The idea is now to CC Theresa May on all your emails from next Monday to save them some work - mayt@parliament.uk. Denial of service attack?

My view is that terrorists / crims aren't that stupid and will still need detective work to catch. So we're back to square one, except The Man has tabs on all of us for typingcrime..and we've pissed a ton of money up the wall.

In reply to The Lemming:
and I hope they've got their headphones turned up for Abu's favourite track. Bomber.

http://www.youtube.com/watch?v=CdsFuwavfVs&feature=related

and i'm a scientist. I like to read about e.g. anthrax, emerging diseases etc as well as naked ladies. Does this mean I'll get on a list and get the rubberglove treatment next time i go on holiday?

In reply to Shaun L:

I haven't seen much more than rumours about what is proposed. Given that a large amount of legislation came into effect in 2000 (and was thus written. earlier) and internet communication had outgrown it even before it became law then I hope some of it will be updating RIPA.

Defining when surveillance is legal has the obvious effect of establishing when it is unlawful. It also provides the processes that must be gone through and the scrutiny that those steps will receive. Unless this legislation is further expanding when surveillance is lawful, or relaxing the scrutiny, neither of which appear to be suggested, then I don't think it is going to increase our descent into totalitarianism, in fact possibly the reverse.

In reply to thin bob:

As I mentioned earlier I think everything you mentioned is already occuring and is regulated and legislated. I haven't seen any suggestion that the authority required will be relaxed, and where warrants are required they will still be needed.

I haven't seen any suggestion that sites hosting websites such as Greenpeace will be required to retain your IP any more than it does already, leaving aside the problem in identifying YOU from the many dynamic IP addresses that have looked at that site. Apart from anything else the cost to reverse look up all those IP addressss would cripple a force budget.

In reply to Pursued by a bear:

analize: to examine things in great, pernicketty, some might say obssessive detail (origin from Freud, anal personality type)

In reply to The Lemming:

This has been going of for years, all that's happening now is GCHQ, dibble, and whatever other organisations they choose to admit exist gets its hands on the old tech, so the newfangled hyperdimesional quantum access stuff or what ever they decide to call it two weeks into the future that was also last week can get developed completely without any interference from the masses cos it never existed anyway.

So to answer you question no I don't care if anyone is listening, watching, or jacking off to their webcam whilst rocking out to Electirc Wizard in high definition; in fact I hope they are listening to this nonsense that I've just wasted 5 minutes of my life on, and next time you're passing lads can you fetch us a pint of milk please?

cheers.

In reply to The Lemming:

The bill is to enable them to monitor in real time who communicates with whom by whatever method landline, mobile, sms, email, chat etc. That can be done. Everything goes through the Internet backbone, mostly built by Cisco, and GCHQ have a tap into that. They will still require a warrant to examine the content of the messages. ISPs are already required under existing legislation to keep a log off all the sites you've visited etc. in thed previous 12 months.

In reply to Milesy:


Because of course, no-one but the US can invent encryption techniques...

Now, remind me, where does AES come from, for example? Ah yes, the AES candidate Rijndael. From Belgium...

In reply to The Lemming:

BTW, see if you can catch the discussion with Shami Chakrabarti from this morning's breakfast news. A clear and succint approach to the issue, as usual, outlining how the proposed changes are different from what goes on at the moment.

In reply to The Lemming:

This has absolutely no chance of getting through Parliament, as the Labour government tried to put through a similar bill a few years ago, and the Tories and Lib-Dems both opposed it.

Given that the new bill would therefore only have Labour supporting it, and the Tories and Lib-Dems voting against - otherwise they'd be two-faced hypocrites - and that Labour do not have a majority in Parliament, it will not get passed by the House of Commons.

In reply to Dominion:
And the Lib-Dems would never want to appear to be two-faced hypocrites, would they.

In reply to off-duty:

..or a polite request from News International accompanied by a wad of £20s.

In reply to Anonymous:

Nor Labour or the Conservatives, would either.



Actually, I've had a re-think about this bill.

It would have been really useful for the Leveson Inquiry to demand to see all communications between Rupert Murdoch and Rebekah Brooks over phone-hacking, all communications that Andy Coulson had with David Cameron and Rupert Murdoch, what James Murdoch really said about the "For Neville" email, and so on, and all the communications between Liam Fox and Adam Werritty (for example)

Perhaps, if scandals of that sort are subject to this sort of scrutiny, it might clean up Parliament.

So, I think in those circumstances it would be really useful.

And if those circumstances were the sort of thing that would get brought out into the open, then there is no chance in hell that this bill would pass Parliament...

In reply to Dominion:

If they got a judge to sign a warrant they could see them now.
It's already legislated for.

In reply to Removed User:

Yep, cos if you are going to be bent there is no better way than leaving a nice auditable trail.

In reply to off-duty: May I ask what you do for a living? I've always assumed you're in the police...

In reply to Shaun L:

Police. Why do you ask?

In reply to Shaun L:

In the police state that we've become we like to publish the law that regulates us for everyone to see
"Regulation of investigatory powers act 2000" and google.

In reply to off-duty: I was just curious. Oh, and I don't think we live in a police state, but I'd certainly like to keep it that way!

In reply to The Lemming:
Paedo 9/11.

In reply to The Lemming:

http://www.ted.com/talks/lang/en/mikko_hypponen_three_types_of_online_attac...

In reply to The Lemming:

No doubt Raytheon & Lockheed Martin have been lobbying the government on this one.

D

In reply to off-duty:

Although, I understand that at the time the decision was being made to publish the laws, it wasn't 100% clear whether they would or they wouldn't.

Greater eaavesdropping may not find the needle, it may just make the haystack bigger. However even if greater eavesdropping makes us safer I'm still against it.

When listening to phone calls and steaming open letters was the job of the KGB or the Stasi we (the West) were against it. Just because it's now online doesn't make it better.

A targetted warrant issued by the judiciary should be required.

In reply to off-duty:

...the key difference being that in the future they wont need to go through a judicial process in order to use this information.

I wonder if they will use it to see who is talking about posters critical of the olympics, so they can send round unwarranted olympic officials to force entry to private homes and confiscate them?

Will that be one of the uses?

In reply to elsewhere:


I believe MI5 and 6 both had rows of especially large kettles for letter opening

In reply to captain paranoia:


d'oh! getting my news items confused; Shami was talking about the proposed law to widen the use of 'in camera' court sessions. It was a bloke from ISPA who was talking cogently about the electronic surveillance issue...

http://www.ispa.org.uk/

In reply to Ken Lewis and elsewhere:

I would be interested if you have any links to that sort of detail in the proposals.
From what I understand there are no proposals to relax levels of scrutiny required. Which at present for content of emails would require a judicial warrant (and thus a targeted suspect/offence).

I certainly don't think there are proposals to give "unwarranted olympic officials" powers of entry, search and seizure; or to expand criminal law to make criticising the olympics a criminal or civil offence. Perhaps you can correct me on that ?

In reply to off-duty:
I googled and there was this:
http://www.dailymail.co.uk/news/article-1201171/Police-given-powers-enter-h...
(Brought in by the last authoritarian government, rather than the current one.)

This is mildly reassuring:

"Scotland Yard denied it had any plans to use the powers.
Assistant Commissioner Chris Allison said: 'We have no intention of using our powers to go in and take down demonstration posters.'"

They could have saved themselves a bit of embarrassment (and a few thousand quid) over "Wankergate" if they'd stuck to that spirit a year or so later.

http://www.guardian.co.uk/uk/2010/may/11/david-cameron-poster-police
http://hoffman.photoshelter.com/gallery-image/Wankergate/G0000Erp1cG.zBfE/I...

In reply to off-duty:
http://www.bbc.co.uk/news/uk-politics-17590363

David Davis warned that until now anyone wishing to monitor communications had been required to gain permission from a magistrate, but the planned changes would remove that protection.

Supposedly it's a record of who you communicate with (eg email & web addresses) rather than a record of what you communicate (ie email and web page content). That is such a dubious distinction on trivial "technical" grounds that it is just not credible. Something as ubiquitous as web email, Facebook, amazon reviews, UKC/ebay/other private messages etc etc etc means sender/recipient data is in web page content and not the URL.

There's no requirement for me to keep a log of who I speak with or who I exchange letters with and anybody who proposed such a thing would be regarded as an idiot. It is an equally bad idea to enforce such logging of sender/recipients for digital communications of the general public.

In reply to deepsoup:

Don't know much about that legislation you linked to in the Daily Mail - seems a bit bizarre - looks like someone trying to protect advertisers has written a heavy handed piece of legislation. I would imagine that the police won't use it (as they say in the article) - regardless of anything else it would have very little chance of standing up to a challenge under Article 10 - Freedom of Expression.

As for the "wankergate" issue. I would guess they were using existing public order legislation. They were acting on the basis that a woman had made a complaint about the poster and a court subsequently appears to have ruled that their actions were unlawful (presumably on human rights grounds - but I can't see any links to actual cases).
As usual the police are the whipping boys being the ones caught between complaining members of the public and those who feel they are just exercising rights to free speech.

In reply to elsewhere:

I don't think David Davis really knows what he's talking about. There i certainly no suggestion in the document you linked to that controls would be relaxed - and currently communications data - not content- does not require judicial approval.

It might appear a trial "technical" distinction but it is an important legal separation between communications data and content, requiring different levels of justification and authorisation.

There will never be a requirement for you to log your communications. Currently phone data is retained by companies, email data is retained and hosted on servers, a host of other data is retained by companies for commercial reasons. Legislation exists to enable police/government to access it. European legislation has been in force for some time in relation to the retention of data by internet service providers and similarly legislation exists as to how it can be accessed.

Ultimately the electronic evidence that is most likely to convict you of an offence would probably come from your own computer after executing a warrant at your home address.

In reply to off-duty:

Obtaining communications data (sender/recipients & not content) should require judicial approval to prevent fishing expeditions.


That legal distinction not credible beacuse the sender/recipient information is in the content of the web page (more precisely message bodies of http requests & http responses). The sender/recipient cannot be obtained without logging & accessing web page content.


That requirement should not be imposed on others who have access to my comminications either. If I'm a suspect get a warrant, otherwise get stuffed!

>Currently phone data is retained by companies, email data is retained and hosted on servers, a host of other data is retained by companies for commercial reasons. Legislation exists to enable police/government to access it. European legislation has been in force for some time in relation to the retention of data by internet service providers and similarly legislation exists as to how it can be accessed.

Basic data protection says retention should be minimised, data should be used only for the stated purpose it was gathered for (eg billing of usage) and data should be deleted as soon as possible.

I do not agree that police or govt should have access to that data without a warrant or a warrant within 24hrs. My digital data should be protected just like any information I have at home. Privacy is worthy of protection regardless of the medium of communication or storage.


The issue is not fear of conviction. The issue is freedom from an electronic Stasi.

In reply to elsewhere:

I appreciate that might be your opinion. Unfortunately it will require retraction of a number of laws already in existence. The requirement to go before a judge would have the knock on effect of making investigations much harder and perhaps more importantly to victim's much slower. And by investigations I am talking of a typical use of this data which might be to obtain comms data from the mobile phone of a suspect in a rape and phone of the victim in that offence to establish any contact/communication between the parties.

As it is the mechanism in place to prevent fishing expeditions is a complete justification for the request which is vetted then submitted to the appropriate rank of officer for authorisation. It is subject to review by the Information Commissioners and is recorded and retained in an auditable manner. It is also governed by RIPA legislation.


I am not enough of an internet buff to be able to comment in any detail. My understanding is that it would be more related to for example hotmail saying that a subject has sent emails to X, Y and Z on these dates and times. Of Skype saying that this "username" has contacted the user names X, Y and Z at these times and dates. No content provided.



As previous. Currently communications data (not content) is available without a warrant.


The Data Protection Act is overridden by the Code of Practice brought in under Part 11 of the Anti-terrorism, Crime and Security Act 2001. It is also subject to the European Data Retention directive. Some countries - notably Germany have ruled that the directive is in breach of it's laws in relation to privacy.



I totally agree with you in principle. The right to privacy, coupled with the right to freedom of expression are pretty basic rights.
Those rights are not carte blanche to act as you want without fear of any consequences, hence when they were enshrined in the convention of human rights they were established as qualified rights, which could be interfered with by the state for specific reasons - such as detection of crime, and under specific legal frameworks - hence RIPA.
As I have mentioned before - much of the data you want to be protected by a judge is already available and a warrant is not required.


The problem as I see it is that those opposed to state regulation or interference in their perceived privacy are, almost by definition the same class of people who almost automatically distrust the state and everything they do. The argument of "the thin end of the wedge" is rolled out with depressing regularity.
The sad reality is that the state really isn't interested in them. We have far too much to do dealing with real crime and real criminals.

At the risk of being accused of stereotyping, those who have these views tend to be educated and influential and there is a very real risk that in trying to tread a fine line between human rights and state powers, that line ends up being drawn so far on the side of rights that the state has it's arms so firmly tied it is unable to investigate anything.
This often isn't helped by the lack of exposure (stereotyping again I know!) that many of these people have to the crimes that the state requires these powers to investigate.
Sadly this is reflected with comments like "Paedo 9/11". It's easy to sneer and mock what you haven't had to endure - and as a case in point - the internet is a key enabling tool for pretty horrific sexual abuse of children.

In reply to off-duty:


There seem to be two key points.
a)the data mining aspect wouldnt need a warrant any longer. Now if you aint a tech buff you might miss the capability that will give you. It would put googles abilities to shame and the difference is i can block google (either by not using their services or with a couple of simple technical measures)
b)they are talking about copying data in real time. Now they might just not be being clear but, well, thats their problem and until they clarify I will assume it means full capability snooping.


really? This doesnt seem an opinion shared by all. For example blackberry handed over data without the need, they only wanted the warrant for the contents.


then the obvious solution is to protect that data and not let it more available.


wrong.


yeah the recent phone tapping scandals etc would say otherwise.
Thats the problem, give people access to stuff and some will misuse it.
Simple fact of life and the more capability you give the more it gets misused.
Either "in the line of duty" eg the spying on various peaceful campaigners using the number plate cameras or misusing the technology in flogging it to journalists etc.

In reply to off-duty:

Peado - yeah, yeah, yeah. If there is grounds for suspicion get a warrant, otherwise bugger off!

About 2000 UK citizens have died due to terrorism in my lifetime.
Of those, I estimate less than 100 in the last 15 years.
The UK is safer from terrorism now than it has been at any other time in the last half century.
The threat of terrorism does not justify monitoring the general public.

In reply to elsewhere:


Indeed. Somehow terrorism is now a matter of 'national security'. Cobblers is it. Nazi invasions are the stuff of national security. Suicide bombers aren't. 9-11 attacks aren't.

Dont do anything wrong and you dont have anything to worry about!

its unlucky for criminals, terrorists, tax evaders and gary glitter

In reply to off-duty:

Have a look at what the web (eg hotmail, facebook or whatever) shows when you don't look at the content. You would typically get a little more information than shown on these examples from wikipedia below but it would be inconceivable for a major website to include sender/recipient data in the non-content stuff below. If the site uses https (encryption for banking, ecommerce or privacy) you shouldn't even see that stuff below.

The idea that you can get sender/recipient for web email, messaging or social networking without looking at content is just not credible.
I may be wrong, but it looks to me that anybody saying you can get sender/recipient without content is not a techie or telling lies.

GET /index.html HTTP/1.1
Host: www.example.com

HTTP/1.1 200 OK
Date: Mon, 23 May 2005 22:38:34 GMT
Server: Apache/1.3.3.7 (Unix) (Red-Hat/Linux)
Last-Modified: Wed, 08 Jan 2003 23:11:55 GMT
Etag: "3f80f-1b6-3e1cb03b"
Accept-Ranges: bytes
Content-Length: 438
Connection: close
Content-Type: text/html; charset=UTF-8

Examples above taken from
http://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol#Client_request
http://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol#Server_response

In reply to elsewhere:

It's "Paedo" or even "Pedo". If there are grounds for suspicion I will carry on as normal thanks. If you want to make it even harder for me then change the law.
Communications data (not content) does not require a warrant.

The hysteria about "monitoring the general public" appears a little bit misplaced. These mechanisms have been in place since RIPA 2000 under legislation and were undoubtedly carried out in a manner that was not legislated prior to that.

In reply to off-duty:
So now it's hysteria to believe that digital communications should be as private as face to face conversation.

Yes, I would like a law change saying all communications and files are private unless a judicial warrant has been granted.

In reply to dissonance:

I am struggling to understand how communications data - of times, dates senders and recipients would provided a data mining resource with greater power than google - who I thought targetted ads at even the content of your gmail.

Real time monitoring - if it is anything like current legislation requires a either (or both) a very high level of authorisation and a very high level of justification - eg imminent threat to life.

Lets face it - if the authorities really want to snoop on you that inrutisvely they will. Wouldn't you rather it was legislated for - and thus could be regulated?



I'm not clear what you say here. Communication data of time/place/sender/recipient is provided through RIPA legislation - a warrant (at least) is only required for the contents. As you appear to state was required with blackberry.


If "someone" has the data then the authorities can get hold of it "somehow". Legislation at least provides regulation of the authorities behaviour.


Well, you can disagree, but I am not sure a flat "wrong" really proves anything.


The phone "tapping" scandals don't have any involvement of communications data/content as regards this issue. If bent cops were involved then it has been an involvement in providing telephone numbers to journalists. Reprehensible and illegal - but not really anything to do with this issue.

All technology can be misused. If it's use by the state is legislated then it's misuse can be illegal and punishable. If adhoc procedures are carried out outwith legislation (because the legislation really doesn't cope very well with the internet) then it's misuse by the authorities (or anyone else) might well not be illegal.

If data collection is being "misused" then the debate can be held - and it is a meaningful debate as both sides know what the law says, rather than the authorities being able to operate essentially unhindered by the regulation.
The authorities in general have a large amount of access to a large amount of data. Passing out information is illegal and quite rightly punished when it is found.

In reply to elsewhere:


headers and footers arent really considered as content, which would be the body of the message.

In reply to dissonance:

I agree. That's why I think anybody saying they'll get sender/recipient without looking at content (message body) is talking rubbish.

In reply to elsewhere:

If you intend that to include the call data from your phone network - ie the calls made/received, times and dates then you are about 12 years too late.
Bizarrely your request for a "judicial warrant" is actually a lower level of authorisation than would currently be required for an intercept warrant - but regardless - your electronic communication are and have been regulated in exactly the same manner as your face to face communication for the same period of time.

It's lucky you have survived unscathed from this gross intrusion on your privacy. You must exist on the fringes of society....

In reply to off-duty:


give google a choice between gmail ads and the google analytics tracking results and see how quickly they chose the latter.
Give them the choice of unblockable tracking and see how quick they bin off the analytics.
Thats the problem the sheer scope and inability to block it (install noscript and a cookie manager and watch google analytics go whistle) that this would give.
Actually the not blocking isnt quite true if someone really wanted to there are ways to make it pretty much unbreakable (vpn plus a redirect server or two in places the govs dont like this one).


You seem to be failing to understand the proposals
at present they would need to go to one hell of a lot of effort and cost, if they want to do that then good luck to them, they will be bored shitless pretty damn soon but hey we need to keep unemployment down.
With the proposals about direct links to the ISPs data warehouses it becomes nice and easy. Again take the use of number plate recognition etc.


yes for content they requested, for routing info they didnt.
See a problem with that?



you stated a claim, I disagreed with it.


of course it has. Police get access to toys, police sell access to others.
More toys they get the more intrusive it gets.


no, still failing to see why the requirement to install all the hardware at ISPs etc is a good thing?
Why not, ohh,just not make access so much easier?

In reply to elsewhere:

Again - I'm not a techie but doesn't a message header provide details of sender/recipient without including message content?

In reply to elsewhere:


it depends on what you are considering the header.
If webmail then it could be argued to be part of the content of the http request but if from an email client it wouldn't be (as it would be smtp).

In reply to dissonance:

All of this appears to be in relation to the intrusive manner that google data mines your content. There has never been any suggestion that this legislation will allow the authorities anywhere near that level of unfettered access to content/


I guess it comes down to where the line should be drawn between qualified rights to privacy and requirements to investigate serious crime in the 21st century. Bearing in mind that when google decide to log everything about everyone () for commercial reasons- they appear to be able to do it pretty easily, and people still appear to use google.

Sorry I simply don't understand what you are trying to say here.



Fair enough my reasoning was explained as - people who tend to disagree with the state increasing their powers of surveillance, tend to distrust the state. It seems reasonably logical to me. Your argument was "Wrong" (sic). Maybe you could expand on that point?


Again a fair point. However technology will advance and (eventaully) the authorities will get their hands on these toys. Their use needs to be regulated, the misuse of the data they provide - corruption, providing details to journo's etc - already is


This seems a valid point. Under the European Data Retention directive a large amount is already retained by ISP's. I would imagine that Facebook and other social networks already retain a lot as well - they certainly recognise my IP address and suggest friends to me from people viewing my home page.
If an ISP sees a commercial advantage in retaining that data it would do it - as per your example of google. Perhaps installing this hardware would be a form of social responsibility

In reply to dissonance:
I consider the header to be the the stuff before the blank line that terminates the header block.
I consider the content to be the message body after the blank line.
The content or message body contains the sender/recipient for webmail & social networking etc.

Any claim to be logging sender/recipient from within the content without logging the content lacks credibility because the sender/recipient data can be anywhere and in any format within the content.

In reply to elsewhere:


Leaving aside email using a local client, which will have all the sender/recipient in the header.
Even for webmail if the email provider is required to provide the info eg as blackberry were for their messaging service then it wouldnt be considered content.
Once the email gets sent, whether via web or local client, if you are listening in downstream then it will be in the standard format.
So while saying all email sender/receiver can be accessed without the content is wrong it certainly isnt impossible to get a lot of it.

In reply to off-duty:

It sounds like you mistrust the authorities more than I do.

In reply to off-duty:


There have been no limits suggested on it so far. Plus again it isnt just content, you can do wonders with just high level data and some of the data mining techniques. Really quite scary stuff, especially the de-anonymisation tricks.


Again you get to chose whether to use google plus you can fairly easily circumvent them.
Googles ability to snoop is actually quite limited, unless you buy into all their services (and i know plenty of people who loath the idea of cloud computing partially for this reason, being unable to protect data).
A closer comparison to the proposals is what Phorm came up with, search for them and BT and you will see it wasnt exactly appreciated by many users.


They got the high level info (times and peeps involved etc) without a warrant by all accounts.
They only did so for specific content of messages.


The majority of people i know who are concerned about this aint particularly distrustful of the state, at least beyond any other large organisation.
In fact given the desperate attempts to privatise everything the state may become secondary.


or they could just not be allowed it.


Facebook are different from ISPs and no they wont be recognising your IP address (it aint reliable enough given both dynamic assignment (less important now broadband modems tend to always be on) and NAT (eg multiple computers on a network sharing one outward IP(say in a shared house or company))) they will be having a look at cookies. If people want to give them that info, more fool them.
ISPs in many cases would prefer not to get the data, while it would be handy for being able to sell targeted advertising see the Phorm/BT story i mentioned above for why that is less attractive than people initially thought.
Since you mention Europe and their data laws, they have actually come up with some fairly hard hitting data privacy requirements particularly around cookies and the ability to track users.


and that most really dont want, well not without paying and being able to make a profit out of it, gives an argument against.