URLs, IPs and interception

Tom Thomson ukcrypto at chiark.greenend.org.uk
Sun, 2 Mar 2008 12:39:28 -0000 

No, it's not about enabling surveillance any more tha it's about
controiling ISPs, it's about regulating investigating.  Investigation
carried out for commercial purposes is still investigation; the statute
permits certain types of investigation to be carried out for certain
purposes when authrised by a suitable person who must have regard to
proportionality and so forth in making his decision whether to
authorize.  Those certain purposes include, for example, the
investigation of serious crime.  They don't include the sale of
processing of personal information for commercial profit.

You are completely wrong on the effect of contractual T&Cs as well.  If
I communicate with, for example, the Indian High Commission by means of
their web site, that communication may not bne intercepted (except as
provided for in RIPA) without both my consent and that of the Indian
High Commission; the terms and conditions of a contract to which the
Indian High Commission is not a party cannot in any sense include their
consent to that interception.

Nor can diverting the communication so that it passes outside the UK to
a place where RIPA doesn't apply evade the law:  that diversion is
clearly not done for the purposes of getting the communication from my
PC in London to the Indian High Commission also in London, and the
diversion itself is making the communication available to a third party
which is of course itself an interception taking place in the UK.

In many ways RIPA seems to be very careful to avoid the sort of
slippoing around the statute that you are asserting is going to work. Of
course other parts are badly drafted, it could all be expressed a good
deal more simply, and it has one enormous fault:  no-one in his right
mind believes that everyone inside the tent can be trusted, but
oversight is for practical purposes secret and completely ineffective -
we can't trust the bods inside the tent to enforce the law against their
friends or colleagues, so it maybe won't be enforced against big
business (phorm and its ISP friends).

M.

-----Original Message-----
From: ukcrypto-admin@chiark.greenend.org.uk
[mailto:ukcrypto-admin@chiark.greenend.org.uk] On Behalf Of James Cox
Sent: 01 March 2008 04:51
To: ukcrypto@chiark.greenend.org.uk
Subject: Re: URLs, IPs and interception
(much snipped)

as may i; i'd very much like to here from actual lawyers - though i
stick to my guns: outside of strictly criminal, law is mostly about
how you go about interpreting it. I suspect RIPA's function is about
enabling surveillance, not about prohibiting commercial activities
concerning click stream data. Therein lies my argument - as soon as
you find an edge case, you don't necessarily have a clear answer.