Is virus scanning interception?

[Ken Brown]

Peter Fairbrother wrote:
 
 
> The test under RIPA s3(3) isn't whether a user signed up for the service, or
> whether it was or could be provided manually: it's whether the interception
> is connected to the operation of a telecommunication service. That means
> things relating to passing messages ("the transmission of communications"),
> and nothing else.

There have been times, at both my present and previous place of work,
when we would not have been able to continue to pass messages had we not
intercepted MicroShit Word viruses.   As it was, we could, and we could 
watch people like the BBC and the Pentagon fall over when we stayed up.
Interception of mail (or other kinds of file transfer) by content is
necessary to the operation of the service. 

Maybe someone who just offered a pipe for other people to send bits down
and had no end users themselves could get away without scanning,  but
that isn't every provider. Or even many of them. And I wouldn't want to
promise anyone that there will /never/ be message content capable of
taking down a network interface or a router or a switch or even a phone
exchange.  In the present scheme of things vast numbers of people and
organisations provide telecommunications services. Often in
taking-in-each-other's-washing kinds of ways. This law covers company IT
departments, Internet cafes, schools, colleges, hospitals, even some
private individuals, as well as phone companies. 

For the rest of us who aren't international bandwidth providers, virus
scanning is 100% necessary for operation. If Andrew tells me (as he has
in the past, more than once) that anyone who reads a certain email in a
Word will send out hundreds of other emails to whoever, or that if a
certain HTTP GET request to an IIS web server might let someone else
take over that server and use it for sending spam, then if I can I will
block those GET requests or mail items before they get to my user's
machines. If I don't then the service we provide to everybody else will
fail - and we may well knock out other people's systems as well as we
flood them with spam or probes.

Virus scanning does relate to the passing of messages, because if we
don't scan them we won't be able to pass them.  If that form of
interception were to be illegal under RIP (it isn't) we'd have to carry
on doing it anyway. If we don't scan we can't pass.

You have to be right about the machine being an agent of a human
though.   Think Chinese rooms & Turing machines :-) If I wanted to read
a message from you, and depending on content choose to  act in various
ways, it is at least thought-experiment possible for me to devise a
machine that reads your message for me and recommends action to me. If
it is a virus scanner the choice of actions might just be "pass" or
"don't pass". If I want to intercept your communications with your
stockbroker the menu of actions may be richer.  In theory I can make a
machine do any act that I might choose to do given the circumstances. 

I assume that real people who use electronic systems for trading real
money use real encryption. Though I know that people who trade over
voice phone don't. I suppose there is less chance of a man in the middle
exploiting delay in voice communication to get their own trades in.
Though I doubt if many of the traders I've ever met think about that. 
(Even if the method has been the subject of more than one Hollywood
film!)

Of course business ethics are such that no reasonable person would
believe that any telecommunications provider would act illegally so as
to influence capital markets.


Ken Brown