What is Communications Data?

[Richard Clayton]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In article <012438016373D411A0F300508BBD04A5022EB8E8@L01EB006>, Watkin
Simon <Simon.Watkin@homeoffice.gsi.gov.uk> writes

>Last week I promised to run past the list some thoughts on categories of
>communications data.
>
>Here they are.  This is just an **indicative** list for the purpose of
>**discussion** here.  Clearly if there were such an indicative list that
>might assist public authorities, data holders and, in cases of dispute, the
>courts to interpret the legislation.

So you're saying that this is not part of the preliminaries to a wide
consultation on how things should be ? but in this case a consultation
on how the existing RIP text is to be interpreted ((which as we all know
will be decided by a judge, but perhaps we can save a few people from
going to court on a hopeless cause??))

How disappointing :-(

>Firstly, the basics.  Communications data does **not** include the contents
>of a communication.
>
>Section 21(4) of the Regulation of Investigatory Powers Act 2000 explains
>what communications data" means.  It means information about communications
>(traffic data, s. 21(4)(a)), information about use of communications
>services ("service use data", s. 21(4)(b)), and information about
>communications service users ("service user data", s. 21(4)(c)).

...or in other words... we tried to explain some simple concepts to the
parliamentary draftsman and he came up with this gobbledegook.

However, some people saw through some of it (the access to the
"clickstream"), so we had to make a bodge at a late stage so as to
ensure the Lords didn't throw the whole thing out; and we ended up with
the neatest mess we could in the circumstances :-(

or perhaps Simon remembers it differently ?

>WHAT IS TRAFFIC DATA?
>
>Traffic data is referred to in section 21 (4) and explained in section 21
>(6).
>
>21 (4) (a) any traffic data ...... 
>
>.. identifying, or purporting to identify, any person, apparatus or location
>to or from which the communication is or may be transmitted (s. 21 (6)(a))

the word "purporting" turns up several times in the Act.....

... and having thought very carefully over some period about what this
phrasing actually means, I've come to the reluctant conclusion that this
makes:

        To: xx@xx.xx
and     From: yy@yy.yy

into traffic data, despite the existence of an SMTP conversation that
went
        MAIL FROM: aa@aa.aa
        RCPT TO: bb@bb.bb

and this conclusion doesn't seem entirely right to me.


Anyway, if this is indeed part of the wide consultation that offers at
least the glimmer of hope of constructing a sensible scheme which a wide
swathe of society can sign up to -- then it might be very helpful to
forget about all the exotic language in the RIP Act and start again with
some simple definitions that everyone thinks they understand -- and then
try and turn it into a law at the _end_ of this consultation process,
rather than starting from the existing law at the beginning.

The sort of ideas I would suggest are the notion of

    "reverse directory lookup"

        ie: mapping from cyberspace to the Real World
and

    "it's content if the sender wrote it"

        which even for "From" and "To" gives the right answer ...
        because the SMTP envelope is made by the system from the input
        that the user supplied.

what else might be needed ? certainly something that addresses the
different level of intrusion that cell-site location gives. That sounds
more like surveillance than comms data.

- -- 
richard                                              Richard Clayton

They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety.         Benjamin Franklin

-----BEGIN PGP SIGNATURE-----
Version: PGPsdk version 1.7.1

iQA/AwUBPc91gRfnRQV/feRLEQLdsgCggz5yQP2zYwo+ysSv//HZ4UkLGFMAn2mB
pGZVU0uGHxtZZYNnMQABgRrd
=vESn
-----END PGP SIGNATURE-----