UK ISP Boss Highlights Technical Stupidity Of The Snooper's Charter Proposal

from the surveillance-magic dept

There's just something absolutely nutty when politicians with no technical knowledge whatsoever try to make technology policy, and it often crosses over into out-and-out slapstick when that technology policy involves surveillance. It's why we see things like talk of "golden keys" for encryption that somehow wouldn't be "backdoors" (even though they are). Over in the UK, they're going through something similar with the current "debate" (if you can call it that) over the latest Snooper's Charter bill, officially known as the "Investigatory Powers Bill" or the "IPBill."

A key element in the bill is the demand for "internet connection records." The draft bill has a whole section on these "ICRs" which it defines as:
A kind of communications data, an ICR is a record of the internet services a specific device has connected to, such as a website or instant messaging application. It is captured by the company providing access to the internet. Where available, this data may be acquired from CSPs by law enforcement and the security and intelligence agencies.

An ICR is not a person’s full internet browsing history. It is a record of the services that they have connected to, which can provide vital investigative leads. It would not reveal every web page that they visit or anything that they do on that web page.
That definition, by itself, seems somewhat self-contradictory, but we'll leave that aside for now. Adrian Kennard, the head of a small UK ISP, Andrews & Arnold, has filed some comments highlighting how technically clueless this idea is:
The explanatory notes, and one of the clauses in the bill, make use of the term “Internet Connection Record”. We are concerned that this creates the impression that an “Internet Connection Record” is a real thing, like a “Call Data Record” in telephony.

An ICR does not exist - it is not a real thing in the Internet. At best it may be the collection of, or subset of, communications data that is retained by an operator subject to a retention order which has determined on a case by case basis what data the operator shall retain. It will not be the same for all operators and could be very different indeed.

We would like to see the term removed, or at least the vague and nondescript nature of the term made very clear in the bill and explanatory notes.
From there, it goes even further, pointing out that the justification for needing these non-existent ICRs was a statement from UK Home Secretary Theresa May about how useful such info would be in finding a missing girl:
"Consider the case of a teenage girl going missing. At present we can ask her mobile provider for call records before she went missing which could be invaluable to finding her. But for Internet access, all we get is that the Internet was accessed 300 times. What would be useful would be to know she accessed twitter just before she went missing in the same way as we could see she make a phone call"
Except, as Kennard points out, that's not how the internet actually works. You don't "connect" to Twitter like that, because you're constantly connected to Twitter:
...in yesterday’s meeting I, and other ISPA members immediately pointed out the huge flaw in this argument. If the mobile provider was even able to tell that she had used twitter at all (which is not as easy as it sounds), it would show that the phone had been connected to twitter 24 hours a day, and probably Facebook as well. This is because the very nature of messaging and social media applications is that they stay connected so that they can quickly alert you to messages, calls, or amusing cat videos, without any delay.

It should be noted that it is quite valid for a “connection” of some sort to last a long time. The main protocol used (TCP) can happily have connections for hours, days, months or even years. Some protocols such as SCTP, and MOSH are designed to keep a single connection active indefinitely even with changes to IP addresses at each end and changing the means of connection (mobile, wifi, etc). Given the increasing use of permanent connections on mobile devices, it is easy to see how more and more applications will use such protocols to stay connected - making one “internet connection record” which could even have passed the 12 month time limit by the time it is logged.

Connections are also typically encrypted and have some data passing all the time, so it would not be practical for an ISP, even using deep packet inspection, to indicate that the girl “accessed twitter” right before she vanished, or even at all (just that there is a twitter app on the phone and logged in).
This seems like a rather important point: the people who put together the Snooper's Charter for spying on the internet don't seem to understand the first thing about how the internet actually works. And yet we're supposed to give them sweeping powers to spy on it? How does that make any sense?
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: adrian kennard, encryption, icr, internet connection records, investigatory powers bill, ipbill, metdata, snooper's charter, theresa may, uk
Companies: andrews & arnold


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 30 Nov 2015 @ 11:58am

    and because it IS SO STUPID is exactly why everyone's fears and concerns will be ignored and it will be brought into law! the idea is not and never will be to catch terrorists, but to keep the ordinary people under the 'scope, making sure they are not organising any protests against the government or members because of some other ridiculous thing they have done or intend to do, but want to keep secret!! and i doubt if any other UK government has been as secretive or underhanded as Cameron's lot!!

    link to this | view in chronology ]

  • icon
    Mason Wheeler (profile), 30 Nov 2015 @ 12:06pm

    This seems like a rather important point: the people who put together the Snooper's Charter for spying on the internet don't seem to understand the first thing about how the internet actually works. And yet we're supposed to give them sweeping powers to spy on it? How does that make any sense?

    I'm reminded of one of the more thought-provoking passages from Brandon Sanderson's epic, The Way of Kings:
    I walked from Abamabar to Urithiru. In this, the metaphor and experience are one, inseparable to me like my mind and memory. One contains the other, and though I can explain one to you, the other is only for me.

    I strode this insightful distance on my own, and forbade attendants. I had no steed beyond my well-worn sandals, no companion beside a stout staff to offer conversation with its beats against the stone. My mouth was to be my purse; I stuffed it not with gems, but with song. When singing for sustenance failed me, my arms worked well for cleaning a floor or hog pen, and often earned me a satisfactory reward.

    Those dear to me took fright for my safety and, perhaps, my sanity. Kings, they explained, do not walk like beggars for hundreds of miles. My response was that if a beggar could manage the feat, then why not a king? Did they think me less capable than a beggar?

    Sometimes I think that I am. The beggar knows much that the king can only guess. And yet who draws up the codes for begging ordinances? Often I wonder what my experience in life—my easy life following the Desolation, and my current level of comfort—has given me of any true experience to use in making laws. If we had to rely on what we knew, kings would only be of use in creating laws regarding the proper heating of tea and cushioning of thrones.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 30 Nov 2015 @ 12:12pm

    Stupid Geek

    Adrian Kennard obviously doesn't have a clue about how the internet works. Of course internet "connections" are just like telephone "calls". How could he not know that? Oh, wait, he's one of those "geeks", isn't he? That explains it. Well, thank goodness there are plenty of government officials to straighten his little geek ass out and "educate" him on how the internet really works.

    link to this | view in chronology ]

    • icon
      art guerrilla (profile), 30 Nov 2015 @ 4:39pm

      Re: Stupid Geek

      no, he's just a tool...
      *my* theory for why so many of these tech-ignorant ideas are floated, is because they DON'T want capable, knowledgeable, experienced nerds, et al to provide any significant advise and guidance (never mind leadership)...

      *that* would shoot down ALL their idiotic ideas; and they don't really care they are idiotic, they just want to out-bluster the other pols...

      actually listening to the nerderati and basing decisions on that could lead to well-measured and smart responses (which *might* include 'doing nothing', *gasp*), and we can't have that ! ! !

      (reminder: action is not achievement)

      link to this | view in chronology ]

    • identicon
      David, 1 Dec 2015 @ 1:19am

      Re: Stupid Geek

      Internet connections are not like telephone calls. Internet consists of multiple protocols. TCP connections are a bit like a telephone call (with continuity) but without the realtime guarantees. UDP is more like a hitch hiking network where the order of departure and arrival (if a packet does not get terminally lost after all) are not really synchronized. ICMP is like one-time semaphoring.

      And so on.

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 2 Dec 2015 @ 12:55pm

        Re: Re: Stupid Geek

        You obviously don't know as much as the people who put together the Snooper's Charter because they say otherwise and they have power!

        link to this | view in chronology ]

  • identicon
    Anonymous Coward, 30 Nov 2015 @ 12:20pm

    Formal education

    [Policymakers] don't seem to understand the first thing about how the internet actually works.
    Years and years ago, when I went back to school, my introductory, undergraduate networking course was 5 quarter-credits (we were on the quarter system), geared towards EEs and CSs (dual-listed course), and used an early edition of Andrew Tanenabum's Computer Networking as the course textbook.

    Most policymakers would not have the prerequisites to get into that introductory, undergraduate course.

    I don't know quite what to do about the problem. Obviously, that level of formal education isn't necessary for everyone. Many other people have informally picked up all that they need to become competent in their field, here and there as they went along. In fact, I myself was doing some professional computer networking before I decided to go back to school.

    But, otoh, when I start to think about diving into the distinctions between circuit-switching and packet-switching, and then talking about virtual-circuits on top… contrasting that with connected-oriented versus connectionless protocols… distinguishing between protocols and services… You know, I think that people who haven't had the advantage of a formal education are handicapped more than they might realize.

    Iow, they don't even know what they don't know.

    link to this | view in chronology ]

    • identicon
      Whoever, 30 Nov 2015 @ 12:36pm

      Re: Formal education

      Those policymakers don't understand how the Internet works, but they have an army of advisers, many of whom do understand how the Internet works. They have access to GCHQ, where there are lots of geeks who have an excellent understanding of how the Internet works.

      So, if the policymakers have plenty of people who can tell them that the proposed snooping isn't going to provide useful information, what is it for? IMHO, it is likely that there is an ulterior motive for the snooper's charter, which hasn't yet been revealed.

      link to this | view in chronology ]

  • icon
    Cybe R. Wizard (profile), 30 Nov 2015 @ 1:06pm

    Setting up non-existent ICRs is easy:

    ...if you only first make π equal to exactly 3.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 30 Nov 2015 @ 2:21pm

    All Internet Connection Packet Cookies must be downloaded to the Cloud Cache for strict Sniffing.

    link to this | view in chronology ]

  • identicon
    gezzerx, 30 Nov 2015 @ 6:10pm

    Vote the Bumbs out of Office

    Why would any true loyal Americans, be they Democrat or Republican, Male or Female, White,Black,Hispanic or other, vote for a Democrat or a Republican when both .parties have shown their willingness to subvert the Constitution, our Civil Liberties, and our National Sovereignty through the TPP (The Trans Pacific Partnership) and have been doing so for decades & the Governments own records have proven this to be true ! We are being sold out by the Democrats & Republicans ! It now has become a choice between Fascism or Liberty & Fascism is winning !

    Both parties have been complicit in this criminal activity. Some will say they don’t want to waste their vote, but you are already wasting your vote on Democrats & Republicans because they are the ones who have already betrayed us ! This should be a joint effort on the part of all Americans, Democrats,Republicans & Independent voters ! Organize now before its to late ! Your liberty is at stake and that of your children & grandchildren !

    We get the Government we deserve, and nothing will change until we stop electing Democrats & Republicans after all they are the ones subverting the Constitution, & they must be held to account both politically & legally !

    Both parties are owned by corporate America, two sides of the same coin ! Wise up America .

    No more lies, excuses, rationalizations,or justifications, the public needs to hold these officials to account to the fullest extent of the law under Title 18 sec. 241 & 242 (Google it), so any future traitors will know there will be consequences to such behavior.

    Unaccountable power is absolute power, & is absolutely corrupt !

    As Mr. Snowden said the Politicians are afraid of you ! Now is the time exercise you power, you
    may not get another chance !

    REMEMBER: POLITICIANS, BUREAUCRATS AND DIAPERS SHOULD BE CHANGED OFTEN AND FOR THE SAME REASON.

    Some words of true Patriots are as follows, as opposed to the words of false flag patriotism of today.

    He that is of the opinion money will do everything may well be suspected of doing everything for money.
    Benjamin Franklin

    He that is good for making excuses is seldom good for anything else.
    Benjamin Franklin

    Experience hath shown, that even under the best forms of government those entrusted with power have, in time, and by slow operations, perverted it into tyranny.
    Thomas Jefferson

    Rightful liberty is unobstructed action according to our will within limits drawn around us by the equal rights of others. I do not add 'within the limits of the law' because law is often but the tyrant's will, and always so when it violates the rights of the individual.
    Thomas Jefferson

    Tyranny is defined as that which is legal for the government but illegal for the citizenry."
    Thomas Jefferson.

    “But when a long train of abuses and usurpations, pursuing invariably the same object evinces a design to reduce them under absolute despotism, it is their right, it is their duty, to throw off such government, and to provide new guards for their future security,”
    Thomas Jefferson wrote this in the Declaration of Independence .

    In framing a government which is to be administered by men over men you must first enable the government to control the governed; and in the next place oblige it to control itself.
    James Madison

    Liberty may be endangered by the abuse of liberty, but also by the abuse of power.
    James Madison

    The liberties of a people never were, nor ever will be, secure, when the transactions of their rulers may be concealed from them.
    Patrick Henry

    "We the People are the rightful masters of BOTH Congress and the courts, not to overthrow the Constitution but to overthrow the men who pervert the Constitution"
    Abraham Lincoln

    America will never be destroyed from the outside. If we falter and lose our freedoms, it will be because we destroyed ourselves.
    Abraham Lincoln

    We should not forget the warning of President Eisenhower .
    https://www.youtube.com/watch?v=vLqWfWxqh_0
    The NSA is controlled & operated by the DOD & the MIC (Military Industrial Complex) Private Corporations.

    "The very word "secrecy" is repugnant in a free and open society; and we are as a people inherently and historically opposed to secret societies, to secret oaths and secret proceedings. We decided long ago that the dangers of excessive and unwarranted concealment of pertinent facts far outweighed the dangers which are cited to justify it."
    President John F. Kennedy
    Waldorf-Astoria Hotel
    April 27, 1961

    As is said in the law, falsus in uno, falsus in omnibus. ("False in one thing, false in all things" is an instruction given to jurors: if they find that a witness lied about an important matter, they are entitled to ignore everything else that witness said.) The Government has been lieing to the American public for decades !

    As a reminder Hermann Goering said at the Nuremberg Trials .
    "The people can always be brought to the bidding of the leaders. That is easy. All you have to do is tell them they are being attacked and denounce the pacifists for lack of patriotism and exposing the country to danger. It works the same way in any country."

    “Fascism should more appropriately be called Corporatism because it is a merger of state and corporate power.”
    Benito Mussolini

    Time to start removing the corporate Congress from office & defunding the NSA & the Police Surveillance state, to pre 9-11 levels & force them to comply with the law & impose jail time for non compliance under USC Title 18 Sec. 241 & 242 (Google it) .

    Only after the members of our 3 branches of Government, both Republicans & Democrats who conspired in this criminal conspiracy & violated the Constitution are prosecuted, should Mr. Snowden be charged with a crime. Prosecute those who broke the law first, in chronological order, then the Government can get around to Mr Snowden .

    The short version of the above is as follows:
    Any Government or Party that doesn't abide by the Constitution does not deserve our respect or support ! ! ! They are traitors !

    Disclaimer: Be advised it is possible, that this communication is being monitored by the National Security Agency or GCHQ. I neither condone or support any such policy, by any Government authority or third party that does not comply, as stipulated by the 4th Amendment of the U.S. Constitution.

    link to this | view in chronology ]

    • icon
      G Thompson (profile), 30 Nov 2015 @ 7:31pm

      Re: Vote the Bumbs out of Office

      hey dimwit...

      Your pasting of all things dumb is even more telling when this whole article was about the United Kingdom and not the USA.

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 30 Nov 2015 @ 9:50pm

        Re: Re: Vote the Bumbs out of Office

        Could be applied to the UK as well these days. Seems like every "first world" nation is letting itself slide into tyranny of a third world dictatorship.

        link to this | view in chronology ]

        • identicon
          Wendy Cockcroft, 1 Dec 2015 @ 6:57am

          Re: Re: Re: Vote the Bumbs out of Office

          And all at the same time too. Funny, that...

          link to this | view in chronology ]

  • identicon
    Anonymous Coward, 30 Nov 2015 @ 10:19pm

    link to this | view in chronology ]

  • identicon
    Spencer, 2 Dec 2015 @ 4:18am

    ICR

    The ICR sounds like the metadata being tracked by the NSA and GCHQ.

    link to this | view in chronology ]

  • identicon
    tranzy, 29 Dec 2016 @ 12:09pm

    Felice Anno nuovo

    Good information A lot of helpful info here thanks for sharing the post

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.