URLs, IPs and interception

Peter Fairbrother ukcrypto at chiark.greenend.org.uk
Sat, 01 Mar 2008 16:37:19 +0000 

Roland Perry wrote:
> In article <47C88EEE.9070806@zen.co.uk>, Peter Fairbrother 
> <zenadsl6186@zen.co.uk> writes
> 
>> S.2(5) says:
>> " (5) References in this Act to the interception of a communication in 
>> the course of its transmission by means of a postal service or 
>> telecommunication system do not include references to—
> 
> DO NOT include
> 
>> (a) any conduct that takes place in relation only to so much of the 
>> communication as consists in any traffic data
> 
> TRAFFIC DATA
> 
>> comprised in or attached to a communication (whether by the sender or 
>> otherwise) for the purposes of any postal service or telecommunication 
>> system by means of which it is being or may be transmitted; or

Yes. If an ISP looks at traffic data for the purposes of the 
telecommunication system then that's not interception.

But if an ISP looks at traffic data for any other reason, then it _is_ 
interception. Traffic data is still content.

The purposes of a telecommunications system are to "facilitate the 
transmission of communications".


> OR  (not AND)
> 
>> (b) any such conduct, in connection with conduct falling within 
>> paragraph (a), as gives a person who is neither the sender nor the 
>> intended recipient only so much access to a communication as is 
>> necessary for the purpose of identifying traffic data so comprised or 
>> attached. "
> 
>> So Phorm is out.
> 
> I don't think Phorm's mode of operation is well understood enough yet 
> amongst commentators (well, I haven't seen evidence of this) to know 
> exactly what it is sending to whom that might be interception.

Agreede the method of operation is still cloudy, but my point is that 
ISPs giving them ANY data, whether traffic data or other content, is 
interception.

> 
> And then there's the issue of consent.

Consent is irrelevant here, as it has to be both sides which consent to 
interception.
> 
> I'm reluctant to assume that BT's lawyers are completely wrong on this 
> issue. It's a huge risk if they are.
> 
>> And so is giving clickstream or URL data, or traffic data, to anyone 
>> unless authorised elsewhere.
> 
> Traffic data is never interception,

It doesn't say that anywhere in RIPA, at least not anywhere I can find.


but could be unlawfully given to
> third parties. URL data (aka Clickstream) is interception within the 
> legal definition that it's the "host machine" only which can be 
> identified. 

Identification is irrelevant to whether interception occurs or not.


Normally, in practice that means "everything up to the first
> /" but it's trivial to construct counterexamples in both directions, and 
> privacy can be infringed just seeing the IP address you browsed to [1].
> 
>> Am I incorrect here?
> 
> See the OR/AND issue, I think.

Sorry, I don't get that - an ISP can look at traffic data to facilitate 
the transmission of communications, or look at traffic more generally in 
order to identify traffic data - and neither is interception.

But so what? What does that have to do with them looking at traffic data 
for any other reason?

-- Peter Fairbrother