Mr Big & the Black Hats (was Unfinished Business)

[Communications Admin]

On Tue, 20 Jun 2000, Owen Lewis wrote:

> 
> ----- Original Message -----
> From: "David Swarbrick" <david@swarb.freeuk.com>
> To: <ukcrypto@maillist.ox.ac.uk>
> Sent: 19 June 2000 20:25
> Subject: Re: Mr Big & the Black Hats (was Unfinished Business)
> 
> 
> > >Plod will seek to
> > >seize as few keys as possible. Not because he is humanitarian minded but
> > >because it will promote efficiency and operational security. Plod will
> > >require to sieze the key of at least one member of Mr Big's gang. Since
> Plod
> > >will have a fair amount of information on the gang before they get to the
> > >point of having intercepts authorised, Plod should only infrequently
> seize a
> > >key from an 'innocent bystander'. However, there is little doubt that it
> > >will happen from time to time but, from first principles, one can expect
> > >that:
> > >
> > >        -    The total number of key seizures could be expected to be
> only a
> > >small fraction of the number of warranted interceptions of telephone
> calls,
> > >in itself not enormous.
> >
> > I anticipate that the reverse could/should be the case. To obtain Mr
> > Big's mail Plod will disrespect the privacy of each of the people whose
> > public key he has used.
> > It could magnify the number of warrants by factors of hundreds.
> 
> What does Plod want? He wants eincrimination that, one way or another will
> lead to Big's conviction and Plod's as idle a sod as the rest of us.
> 
> Big incriminates himself in his communications with his Black Hats and not
> with his tinker, tailor etc.To get that incrimination (by the method we are
> discussing) Plod need to seize the private key of one black hat whilst
> gagging him firmly. The business is not without operational risks and Plod
> will compound the risk of exposure for every additional key he will seize in
> a single operation. It is in his interest to keep to a minimum the number of
> keys he seizes. He needs at least the one private key. He also will want
> Big's public key.
> 
> As discussed there will be some exceptions, such as where Innocent is
> lawfully supplying goods to Big who inturn uses them for criminal purposes.
> I can't see these cases as being that many, nor for most of those is it
> likely that the Bg's commnications with Innocent will be encrypted but, I
> willingly admit, they  may be.
> > >
> > >        -    Of the very limited number key seizures, only a minority
> should
> > >arise from an 'innocent' association.
> >
> > Sorry Owen, but this is mere assertion. What possible vague generalities
> > lead you to such a general assumption.
> 
> See the above. Imagine you have to do the job. What are the risks? How can
> you diminish those risks? How can you stretch one man's time to do two men's
> work? Given the odd life I have led and still lead in some ways, its as
> simple to me as adding two twos to make four.
> 
> The nasty area than I see is if Plod were to apply this sledgehammer of
> seizure in trivial cases - as he may well yet if something is not done about
> his effective oversight. Low level decisions. Little or no intelligence (of
> any sort). No need for operational security maintained over extended
> periods. No, seize the teacher's computer and demand  his key all because
> the kid that doesn't like him said to his Mum that teacher was a dirty old
> man. Nasty. Very. And that, IMO, is the way in which the number of
> 'wrongful' seizures is most likely to occur, if  effective oversight
and
> reporting on Plod's use of this draconian power is not instituted.
> 
> > >        -    Key seizures from 'innocent bystanders' should be very
> quickly
> > >dropped as they will be generally useless for Plod's purposes.
> >
> > Not true. The whole history of the intelligence services is of paying no
> > respect at all to privacy.
> 
> It's not a matter of morality. It is a matter of resource management. Plod
> will either get what he needs or quickly move on. He will only hover where
> there is good reason to believe that a waiting game will pay off and the
> operational risk can be accepted. If he gets that wrong his boss will kick
> him because it'll be the boss's budget he's squandering.
> 
> > Plods are notorious for gossiping like little old ladies when
> > investigating something nice.
> 
> Sad but sometimes true. As said elsewhere Plod's sticky fingers (never mind
> the DSSS and the VAT man!) should be kept out of this sort of business. But
> few seemed to care when this elision of powers was first floated. From where
> we are now, can you, please, suggest anything more useful than:
> 
>         -    Ensuring than Innocent is indemnified against Plod's negligence
> or criminal abuse?
> 
>         -    Ensuring that detailed powers of oversight and reporting are
> written into the regulations with a requirement to that effect in the
> legislation itself?
> 
> Owen Lewis
> 
> 

Having followed the discussion(s) on RIP in the mailing list I have come
to the conclusion that there is something missing. The bill appears to be
designed to give powers for surviellance rather than providing for the
collection of evidence.

After all a key once siezed will become an item of evidence and as such
should be handled as any other piece of evidence under the rules of
PACE. So the measures Owen is looking for are in place.

However for intelligence purposes this openess is doubled edged. Persons
or organisations maybe 'looked at' to be eliminated from the line of
research. Any publicity of this could a) warn of the main target and
b) cast a slur on an innocent.

For LEA a judicial review process that is open to the public is part and
parcel of their normal working environment and reveals little of any
ongoing investigation or operations. Applying the same to intelligence and
security agencies would produce almost the direct opposite. The two
methods of operation can be likened to fishing with rod and reel and
trawling with a net. A lot of what is in the net will not make it to the
catch, it just happens to be in the net.