RIPA and file-sharing??
Clive D. W. Feather
ukcrypto at chiark.greenend.org.uk
Thu, 7 Feb 2008 18:35:33 +0000
-----BEGIN PGP SIGNED MESSAGE-----
In article <47AB0EFD.80002@callnetuk.com>, PeteM <otcbn@callnetuk.com>
writes
>>>> (3) We can find some other way to make my disclosure to them legal.
>>>> The first two are unacceptable to me, so that leaves the third. And
>>>>that is what Part 1 Chapter 2 was about.
>>>> If there was a fourth option, what was it?
>>> (4) Your disclosure to them shall be illegal and we shall *not* find
>>>some other way to make the disclosure legal, except by the
>>>established mechanism of a court order granted only after
>>>independent scrutiny.
>>>
>>> It shows how far we have come that even you - undoubtedly one of the
>>>good guys - didn't include this on your list of options.
>> That *is* a form of number 3,
>
>Not really. Your number 3 carries the implication that the system
>*will* force you to disclose something purely because the police want
>it.
Well, they will, even if that means a court order.
But at this point I think we're just arguing about terminology.
>> Let's suppose that 80% of requests for communications data are
>>unnecessary (an assumption I *don't* make); that still means 100,000
>>applications a year. Do you think there would actually have been
>>enough scrutiny to make it worthwhile?
>
>If justice demands that disclosure warrants should be properly
>scrutinised before being granted, then that's what should happen.
Perhaps. However, I'm not sure how much scrutiny is necessary for
name-and-address type queries.
>> Perhaps the line should have been drawn between name-and-address
>>queries and other ones. I really don't think that a magistrate or
>>judge can insert much into "we've found this phone number/email
>>address; we need a clue as to who it is before we go much further".
>
>He can at least impose some kind of proportionality. "Exactly what
>suspected offence are you investigating here, DC Perry? Do you really
>think disclosure of two years' phone records is justified for a charge
>of throwing an apple core from one's car into a hedge?"
We're not talking about phone records, just name-and-address from phone
number (or IP address).
The information you suggest - and more - is being provided to the person
signing the demand, and records are kept and can be scrutinised. It's
not clear to me that a court would do anything more.
>> But I didn't get to make that choice.
>
>None of us did, but it isn't good enough to say, "Oh well, the police
>want this power and we all know they'll get it in the end so let's just
>turn up our toes and give in". (I know that's not what you said, I'm
>just making the point). Resistance is not always futile. If the ISP
>industry hadn't cooperated quite so enthusiastically with the
>perpetrators of RIPA, we might have ended up with something not quite
>so close to a surveillance state.
I don't recall "cooperating enthusiastically" at all. Once it was
enacted, we pushed to get it running because it beat the alternatives.
But during the parliamentary process we were all concentrating on the
encryption stuff, remember?
Incidentally, I believe that the number of demands we receive under RIPA
is *less* than the number we got under the DPA regime. I suspect this is
due to greater scrutiny within the police.
- --
Clive D.W. Feather | Home: <clive@davros.org>
Tel: +44 20 8495 6138 (work) | Web: <http://www.davros.org>
Fax: +44 870 051 9937 | Work: <clive@demon.net>
Please reply to the Reply-To address, which is: <clive@davros.org>
-----BEGIN PGP SIGNATURE-----
Version: PGP SDK 3.0.2
iQEVAwUBR6tPdCNAHP3TFZrhAQHdFggArWRslFDDMDzvUkZS7lpMV6rB/3nzj5/5
kb15aqKzO1U9jRQZg+g0C1mRK9+hhIYhSwwdlQh7Vg0WYXf7deh8BwFlX0Pm8ldz
K9uZVjLwPArSAJSg0wU0TOxEp4EvZY7Ov+82dpUcaPnPUsuJtAfxFKk+CE4nV3p6
SzUqdzGTNcj6dcIGoBst8S3BF9T5JgfLL4QRKzoLGFZm4ieuzi1aWb6grcy+Z3sY
ry5HdMKblCrWGcpkcOKeXvM62DpwId1xPAJr8jgqIAv+wytxOm71K+OmbwXJyf+i
yj6oi3e8LEyBXYNvqBTP/CIem7JRPY/XpK75qWlUXHtZa2Z6GZFrYQ==
=Z4Y+
-----END PGP SIGNATURE-----