UK ISP Boss Highlights Technical Stupidity Of The Snooper's Charter Proposal
from the surveillance-magic dept
There's just something absolutely nutty when politicians with no technical knowledge whatsoever try to make technology policy, and it often crosses over into out-and-out slapstick when that technology policy involves surveillance. It's why we see things like talk of "golden keys" for encryption that somehow wouldn't be "backdoors" (even though they are). Over in the UK, they're going through something similar with the current "debate" (if you can call it that) over the latest Snooper's Charter bill, officially known as the "Investigatory Powers Bill" or the "IPBill."A key element in the bill is the demand for "internet connection records." The draft bill has a whole section on these "ICRs" which it defines as:
A kind of communications data, an ICR is a record of the internet services a specific device has connected to, such as a website or instant messaging application. It is captured by the company providing access to the internet. Where available, this data may be acquired from CSPs by law enforcement and the security and intelligence agencies.That definition, by itself, seems somewhat self-contradictory, but we'll leave that aside for now. Adrian Kennard, the head of a small UK ISP, Andrews & Arnold, has filed some comments highlighting how technically clueless this idea is:
An ICR is not a person’s full internet browsing history. It is a record of the services that they have connected to, which can provide vital investigative leads. It would not reveal every web page that they visit or anything that they do on that web page.
The explanatory notes, and one of the clauses in the bill, make use of the term “Internet Connection Record”. We are concerned that this creates the impression that an “Internet Connection Record” is a real thing, like a “Call Data Record” in telephony.From there, it goes even further, pointing out that the justification for needing these non-existent ICRs was a statement from UK Home Secretary Theresa May about how useful such info would be in finding a missing girl:
An ICR does not exist - it is not a real thing in the Internet. At best it may be the collection of, or subset of, communications data that is retained by an operator subject to a retention order which has determined on a case by case basis what data the operator shall retain. It will not be the same for all operators and could be very different indeed.
We would like to see the term removed, or at least the vague and nondescript nature of the term made very clear in the bill and explanatory notes.
"Consider the case of a teenage girl going missing. At present we can ask her mobile provider for call records before she went missing which could be invaluable to finding her. But for Internet access, all we get is that the Internet was accessed 300 times. What would be useful would be to know she accessed twitter just before she went missing in the same way as we could see she make a phone call"Except, as Kennard points out, that's not how the internet actually works. You don't "connect" to Twitter like that, because you're constantly connected to Twitter:
...in yesterday’s meeting I, and other ISPA members immediately pointed out the huge flaw in this argument. If the mobile provider was even able to tell that she had used twitter at all (which is not as easy as it sounds), it would show that the phone had been connected to twitter 24 hours a day, and probably Facebook as well. This is because the very nature of messaging and social media applications is that they stay connected so that they can quickly alert you to messages, calls, or amusing cat videos, without any delay.This seems like a rather important point: the people who put together the Snooper's Charter for spying on the internet don't seem to understand the first thing about how the internet actually works. And yet we're supposed to give them sweeping powers to spy on it? How does that make any sense?
It should be noted that it is quite valid for a “connection” of some sort to last a long time. The main protocol used (TCP) can happily have connections for hours, days, months or even years. Some protocols such as SCTP, and MOSH are designed to keep a single connection active indefinitely even with changes to IP addresses at each end and changing the means of connection (mobile, wifi, etc). Given the increasing use of permanent connections on mobile devices, it is easy to see how more and more applications will use such protocols to stay connected - making one “internet connection record” which could even have passed the 12 month time limit by the time it is logged.
Connections are also typically encrypted and have some data passing all the time, so it would not be practical for an ISP, even using deep packet inspection, to indicate that the girl “accessed twitter” right before she vanished, or even at all (just that there is a twitter app on the phone and logged in).
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: adrian kennard, encryption, icr, internet connection records, investigatory powers bill, ipbill, metdata, snooper's charter, theresa may, uk
Companies: andrews & arnold
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
I'm reminded of one of the more thought-provoking passages from Brandon Sanderson's epic, The Way of Kings:
[ link to this | view in chronology ]
Stupid Geek
[ link to this | view in chronology ]
Re: Stupid Geek
*my* theory for why so many of these tech-ignorant ideas are floated, is because they DON'T want capable, knowledgeable, experienced nerds, et al to provide any significant advise and guidance (never mind leadership)...
*that* would shoot down ALL their idiotic ideas; and they don't really care they are idiotic, they just want to out-bluster the other pols...
actually listening to the nerderati and basing decisions on that could lead to well-measured and smart responses (which *might* include 'doing nothing', *gasp*), and we can't have that ! ! !
(reminder: action is not achievement)
[ link to this | view in chronology ]
Re: Stupid Geek
And so on.
[ link to this | view in chronology ]
Re: Re: Stupid Geek
[ link to this | view in chronology ]
Formal education
Most policymakers would not have the prerequisites to get into that introductory, undergraduate course.
I don't know quite what to do about the problem. Obviously, that level of formal education isn't necessary for everyone. Many other people have informally picked up all that they need to become competent in their field, here and there as they went along. In fact, I myself was doing some professional computer networking before I decided to go back to school.
But, otoh, when I start to think about diving into the distinctions between circuit-switching and packet-switching, and then talking about virtual-circuits on top… contrasting that with connected-oriented versus connectionless protocols… distinguishing between protocols and services… You know, I think that people who haven't had the advantage of a formal education are handicapped more than they might realize.
Iow, they don't even know what they don't know.
[ link to this | view in chronology ]
Re: Formal education
So, if the policymakers have plenty of people who can tell them that the proposed snooping isn't going to provide useful information, what is it for? IMHO, it is likely that there is an ulterior motive for the snooper's charter, which hasn't yet been revealed.
[ link to this | view in chronology ]
Setting up non-existent ICRs is easy:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Vote the Bumbs out of Office
Both parties have been complicit in this criminal activity. Some will say they don’t want to waste their vote, but you are already wasting your vote on Democrats & Republicans because they are the ones who have already betrayed us ! This should be a joint effort on the part of all Americans, Democrats,Republicans & Independent voters ! Organize now before its to late ! Your liberty is at stake and that of your children & grandchildren !
We get the Government we deserve, and nothing will change until we stop electing Democrats & Republicans after all they are the ones subverting the Constitution, & they must be held to account both politically & legally !
Both parties are owned by corporate America, two sides of the same coin ! Wise up America .
No more lies, excuses, rationalizations,or justifications, the public needs to hold these officials to account to the fullest extent of the law under Title 18 sec. 241 & 242 (Google it), so any future traitors will know there will be consequences to such behavior.
Unaccountable power is absolute power, & is absolutely corrupt !
As Mr. Snowden said the Politicians are afraid of you ! Now is the time exercise you power, you
may not get another chance !
REMEMBER: POLITICIANS, BUREAUCRATS AND DIAPERS SHOULD BE CHANGED OFTEN AND FOR THE SAME REASON.
Some words of true Patriots are as follows, as opposed to the words of false flag patriotism of today.
He that is of the opinion money will do everything may well be suspected of doing everything for money.
Benjamin Franklin
He that is good for making excuses is seldom good for anything else.
Benjamin Franklin
Experience hath shown, that even under the best forms of government those entrusted with power have, in time, and by slow operations, perverted it into tyranny.
Thomas Jefferson
Rightful liberty is unobstructed action according to our will within limits drawn around us by the equal rights of others. I do not add 'within the limits of the law' because law is often but the tyrant's will, and always so when it violates the rights of the individual.
Thomas Jefferson
Tyranny is defined as that which is legal for the government but illegal for the citizenry."
Thomas Jefferson.
“But when a long train of abuses and usurpations, pursuing invariably the same object evinces a design to reduce them under absolute despotism, it is their right, it is their duty, to throw off such government, and to provide new guards for their future security,”
Thomas Jefferson wrote this in the Declaration of Independence .
In framing a government which is to be administered by men over men you must first enable the government to control the governed; and in the next place oblige it to control itself.
James Madison
Liberty may be endangered by the abuse of liberty, but also by the abuse of power.
James Madison
The liberties of a people never were, nor ever will be, secure, when the transactions of their rulers may be concealed from them.
Patrick Henry
"We the People are the rightful masters of BOTH Congress and the courts, not to overthrow the Constitution but to overthrow the men who pervert the Constitution"
Abraham Lincoln
America will never be destroyed from the outside. If we falter and lose our freedoms, it will be because we destroyed ourselves.
Abraham Lincoln
We should not forget the warning of President Eisenhower .
https://www.youtube.com/watch?v=vLqWfWxqh_0
The NSA is controlled & operated by the DOD & the MIC (Military Industrial Complex) Private Corporations.
"The very word "secrecy" is repugnant in a free and open society; and we are as a people inherently and historically opposed to secret societies, to secret oaths and secret proceedings. We decided long ago that the dangers of excessive and unwarranted concealment of pertinent facts far outweighed the dangers which are cited to justify it."
President John F. Kennedy
Waldorf-Astoria Hotel
April 27, 1961
As is said in the law, falsus in uno, falsus in omnibus. ("False in one thing, false in all things" is an instruction given to jurors: if they find that a witness lied about an important matter, they are entitled to ignore everything else that witness said.) The Government has been lieing to the American public for decades !
As a reminder Hermann Goering said at the Nuremberg Trials .
"The people can always be brought to the bidding of the leaders. That is easy. All you have to do is tell them they are being attacked and denounce the pacifists for lack of patriotism and exposing the country to danger. It works the same way in any country."
“Fascism should more appropriately be called Corporatism because it is a merger of state and corporate power.”
Benito Mussolini
Time to start removing the corporate Congress from office & defunding the NSA & the Police Surveillance state, to pre 9-11 levels & force them to comply with the law & impose jail time for non compliance under USC Title 18 Sec. 241 & 242 (Google it) .
Only after the members of our 3 branches of Government, both Republicans & Democrats who conspired in this criminal conspiracy & violated the Constitution are prosecuted, should Mr. Snowden be charged with a crime. Prosecute those who broke the law first, in chronological order, then the Government can get around to Mr Snowden .
The short version of the above is as follows:
Any Government or Party that doesn't abide by the Constitution does not deserve our respect or support ! ! ! They are traitors !
Disclaimer: Be advised it is possible, that this communication is being monitored by the National Security Agency or GCHQ. I neither condone or support any such policy, by any Government authority or third party that does not comply, as stipulated by the 4th Amendment of the U.S. Constitution.
[ link to this | view in chronology ]
Re: Vote the Bumbs out of Office
Your pasting of all things dumb is even more telling when this whole article was about the United Kingdom and not the USA.
[ link to this | view in chronology ]
Re: Re: Vote the Bumbs out of Office
[ link to this | view in chronology ]
Re: Re: Re: Vote the Bumbs out of Office
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
ICR
[ link to this | view in chronology ]
Felice Anno nuovo
[ link to this | view in chronology ]