URLs, IPs and interception

Roland Perry ukcrypto at chiark.greenend.org.uk
Sat, 1 Mar 2008 17:11:39 +0000 

In article <47C9863F.3040708@zen.co.uk>, Peter Fairbrother 
<zenadsl6186@zen.co.uk> writes

>>> S.2(5) says:
>>> " (5) References in this Act to the interception of a communication 
>>>in  the course of its transmission by means of a postal service or 
>>>telecommunication system do not include references to—
>>  DO NOT include
>>
>>> (a) any conduct that takes place in relation only to so much of the 
>>>communication as consists in any traffic data
>>  TRAFFIC DATA
>>
>>> comprised in or attached to a communication (whether by the sender 
>>>or  otherwise) for the purposes of any postal service or 
>>>telecommunication  system by means of which it is being or may be 
>>>transmitted; or
>
>Yes. If an ISP looks at traffic data for the purposes of the 
>telecommunication system then that's not interception.
>
>But if an ISP looks at traffic data for any other reason, then it _is_ 
>interception. Traffic data is still content.

But the definition above says that interception does not include traffic 
data.

It may not have been written with this set of circumstances in mind, but 
what it does mean is that revealing traffic data to third party (eg a 
DNS server elsewhere) is not interception.

Of course, a full url is more than just traffic data, so I'm not sure 
why you are worrying this particular bone to death at the moment.

>>  I don't think Phorm's mode of operation is well understood enough 
>>yet  amongst commentators (well, I haven't seen evidence of this) to 
>>know  exactly what it is sending to whom that might be interception.
>
>Agreede the method of operation is still cloudy, but my point is that 
>ISPs giving them ANY data, whether traffic data or other content, is 
>interception.
>
>>  And then there's the issue of consent.
>
>Consent is irrelevant here, as it has to be both sides which consent to 
>interception.

And if one side is the ISP (as I've described earlier)?

>>  I'm reluctant to assume that BT's lawyers are completely wrong on 
>>this  issue. It's a huge risk if they are.
>>
>>> And so is giving clickstream or URL data, or traffic data, to anyone 
>>>unless authorised elsewhere.
>>  Traffic data is never interception,
>
>It doesn't say that anywhere in RIPA, at least not anywhere I can find.

See above.

>but could be unlawfully given to
>> third parties. URL data (aka Clickstream) is interception within the 
>>legal definition that it's the "host machine" only which can be 
>>identified.
>
>Identification is irrelevant to whether interception occurs or not.

If you identify the machine that the communication is heading towards, 
that (and only that) is traffic data. If it's traffic data then it's not 
interception.

-- 
Roland Perry