URLs, IPs and interception

[Peter Fairbrother]

James Cox wrote:
> In response to your notes, my point was that law isn't black and white - 
> it's more a case of grey : i.e. how you interpret and argue it.
> 
> So lets review the act a little bit, i'm just skimming it (it is late!)
> 
> Firstly, as all laws here do, it makes it an offence to intercept only 
> in the UK:
> 
> s1 (1)
> 
>>  "It shall be an offence for a person intentionally and without
>> lawful authority to intercept, at any place in the United Kingdom..."
> 
> Therefore any system which routed traffic outside of the uk may be 
> permitted to capture information there and not necessarily be bound by 
> RIPA. Sealand, anyone?

No. No. No.

No. If any part of the communication (in terms of the sender or intended 
recipient) comes from or goes to the UK then RIPA applies.
> 
> Then the lack of clarity for Scotland:

There is no such lack of clarity (and I'm a Scot, dammit!) - in England, 
as in Scotland, the DPP/Procurator has to approve prosecutions. But they 
can't stop civil proceedings.



> 
> sounds like to me that any engineer would be unable to be prosecuted 
> under this act, if their job was to manage the routers which handle the 
> traffic...
snip

> s1 (3)
> 
>> (3) Any interception of a communication which is carried out at any
>> place in the United Kingdom by, or with the express or implied consent
>> of, a person having the right to control the operation or the use of a
>> private telecommunication system shall be actionable ...
> 
> Again this reads to me that anyone working on the system is excused from 
> prosecution as long as they have permission to do so. 

I've made similar mistakes, more then once (though I hope I haven't made 
the same mistake more than once) here, but what you are referring to 
confuses public and private communications systems providers - which 
difference has already taken up many posts here.

Public and private CSPs are not the same, and they operate under 
different rules. But, if they operate legally, they _all_ operate under 
RIPA.


Separating daily
> maintenance from intentional information gathering makes this one 
> interesting.
> 
> I've just got ten pages in of skimming a 114 page doc - it's a big 
> beast! lots of this redefines itself and amends itself. I'm sure the 
> scottish thing is dealt with later, as somehow would be the concept of 
> defining what managing vs intercept is which i brought up.
> 
> my point is that trying to define a black-and-white answer like you are 
> isn't a trivial exercise - there are lots of traps and pitfalls here.

In this case, it's absolutely clear-cut. It's illegal.

No if's, and's or but's - it's illegal. It's a criminal offense, under RIPA.

-- Peter Fairbrother