"Warrants authorising phone taps treble"

Caspar Bowden ukcrypto at chiark.greenend.org.uk
Mon, 4 Feb 2008 17:02:53 +0000 

>From: ukcrypto-admin@chiark.greenend.org.uk [mailto:ukcrypto-admin@chiark.=
greenend.org.uk] On Behalf Of Roland Perry
...
>Roland, try READING the text you are so fond of relying on:

>Let's try it from a different angle.

(Without acknowledgement of the collapse of your previous basis of argument=
)

>A notice is served on a CSP to disclose comms data which *they* have. It
>can't ask them to [obtain and] disclose comms data that a different CSP
>has (legally forbidden, as well as logistically difficult for them).

True, but immaterial.

>An authorisation allows someone to collect the comms data from any CSP
>without that CSP's involvement.

Correct.

>It's all the same comms data, the same criteria.

No. An authorisation is NOT limited to [Roland quote] <<the data being "in =
the possession of" (or capable of being obtained by) a CSP>>

That is false. The clause you cited which you said imposed that condition, =
says no such thing, would be nice if you would consider acknowledging that.

Put it this way, if a really CSP big installs one of these (http://www.sili=
conbeat.com/entries/2006/04/12/the_secret_narus_spy_software_at_folsom_stre=
et.html) to fulfil black-box INTERCEPTION requirements (or is instructed to=
 split their pipe under the infamous S.94(2) of the Telecommunications Act =
1984[1]) where in RIPA does it prohibit an Agency with an Authorisation fro=
m acquiring every source and destination IP address of every packet? If tha=
t (function of the box) is under agency control, and the box sees the strea=
m of data, then an Authorisation would let them do that lawfully (or anythi=
ng lesser with filters that would be more proportionate).

Repeat and recurse at higher protocol stack levels...

I'm also worried that the infamous traffic data rider DOES NOT EXCLUDE an i=
nterpretation that seems to allow in full URLs by a backdoor.

21(4) In this Chapter "communications data" means any of the following-
(a) any traffic data comprised in or attached to a communication (whether b=
y the sender or otherwise) for the purposes of any postal service or teleco=
mmunication system by means of which it is being or may be transmitted;
(b) ANY INFORMATION which includes none of the contents of a communication =
(APART from any information falling within paragraph (a)) AND is about the =
USE made by any person-
(ii) in connection with the provision to ***OR USE BY ANY PERSON OF ANY*** =
telecommunications service, OF ANY part of a telecommunication system;

So do you think Sir Paul Kennedy sits down and stares at that clause every =
morning for half an hour over breakfast, with his RFCs spilling over into t=
he marmalade, trying to figure out what the hell it means? Or do you think =
he takes the word of Simon and the stalwart chaps in the West Country that =
everything is tickety-boo?

Ditto the IPT.

Nobody else matters.

BTW - I made the same arguments on this list in 2000, if anyone can be arse=
d to look it up.

[1] http://www.statutelaw.gov.uk/content.aspx?LegType=3DAll+Legislation&tit=
le=3Dtelecommunications+&Year=3D1984&searchEnacted=3D0&extentMatchOnly=3D0&=
confersPower=3D0&blanketAmendment=3D0&sortAlpha=3D0&TYPE=3DQS&PageNumber=3D=
1&NavFrom=3D0&parentActiveTextDocId=3D2232318&ActiveTextDocId=3D2232455&fil=
esize=3D3631

--
Caspar Bowden