SP? Re: What is Communications Data?

Quentin Campbell Q.G.Campbell at newcastle.ac.uk
Fri, 22 Nov 2002 11:02:52 -0000 

> -----Original Message-----
> From: Charles Lindsey [mailto:chl@clw.cs.man.ac.uk]=20
> Sent: 21 November 2002 19:04
> To: ukcrypto@chiark.greenend.org.uk
> Subject: SP? Re: What is Communications Data?
>=20
>=20
> 	On Thu, 21 Nov 2002 15:13:59 +0000
[snip]
>=20
> Well it would be a bit stupid to disclose just those because=20
> they are useless anyway. But if there is a part of the data=20
> (in a log file entry,
> say) that is admissible and a part that isn't, I don't see=20
> why the part that is cannot be disclosed on its own.
>=20
> It would be like saying that you cannot disclose the Received=20
> header of an email (which is surely traffic data under=20
> 21(4)(a)) because that would be disclosing "only a part of=20
> the data", and the "whole of the data" (the complete email)=20
> is clearly inadmissible.
>=20

You keep saying that S21(4)(a) defines "traffic data". It does not.

S21(4)(a) applies a legal test to data that has been defined as "traffic
data" by S21(6).

The purpose of this test and the other tests of S21(4) is to decide what
is "communications data". This is important because _only_ comunications
data can be handed over under Part I, Chpt. II.=20

"Traffic data" only becomes "communications data" if it passes any one
of the tests of S21(4). If it fails all those S21(4) tests it is still
"traffic data" but _cannot_ be handed over because it is not
communications data. =20

I accept that a "Received" header is traffic data because it
"purportedly identifies". But you cannot disclose the "Received" header
if it is not communications data as defined by the S21(4) tests.

The circumstances of each message will be different. You have to test
each message header in each message before you can determine whether it
is "communications data" or not. Mostly the headers will be
communications data.

Common sense does not come into it. This is a fact of law determined by
the way Part I, Chpt II of RIPA was drafted.

A "Received" header is _not_ communications data, even if it "traffic
data" as defined in S21(6), _unless_ it passes the test of S21(4)(a) and
is "traffic data for the purposes of any ...telecommunications system by
which it is being or may be transmitted".

If it is demonstrably not for the "purposes" of any telecomms system it
has or might pass through then it fails that test. The "Received" header
in my example POP mailbox message was clearly in this category.

If the "Received" header is demonstrably not about the use made by any
person of a telecomms service then it also fails the tests of S21(4)(b).
The ISP might have to check with the originating site of the message to
confirm their suspicion that it really is a bogus header but it still is
not communications data so can't be disclosed.

A "Received" header in any case fails the test of S21(4)(c) so is not
communications data by that test.

I am not suggesting that this is true of all "Received", "From" and "To"
message headers but it is certainly true in at least the real example I
gave.

Quentin
---
PHONE: +44 191 222 8209    Computing Service, University of Newcastle
FAX:   +44 191 222 8765    Newcastle upon Tyne, United Kingdom, NE1 7RU.
------------------------------------------------------------------------
"Any opinion expressed above is mine. The University can get its own."