'Today' considers data retention and IMP

Richard Clayton ukcrypto at chiark.greenend.org.uk
Fri, 9 Jan 2009 12:47:53 +0000 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In article <a9f4d96f0901090220m7bef27dfw6d82d0f73c852994@mail.gmail.com>
, John Wilson <tugwilson@gmail.com> writes

>On Fri, Jan 9, 2009 at 8:54 AM, Richard Clayton <richard@highwayman.com> wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>[snip]
>
>> ...  I make the distinction between the IMP and CDB because I expect a
>> lot of the interest to be in the easy-to-understand question of whether
>> or not the comms data should be stored on a central database. However,
>> the really significant proposal of IMP is the mass deployment of Deep
>> Packet Inspection equipment (and/or flow monitoring systems) to allow
>> centralised monitoring and collection of traffic data... where that
>> traffic data may be at many different layers in the stack  (eg: picking
>> apart the SMTP protocol for people who don't use the ISP's server; or
>> analysing the x/y/z coordinates of avatars in Second Life !)
>
>Heard you on the Today program - very clear description of the issues,
>well done.
>
>Any idea if they have any plans to deal with people who use mail over
>SSL? 

If the encrypted connection is to an ISP then they will log the details
just as if it were not  (One reading of the incompetently written
Directive says that the log record should include the fact that a
different service was used)

If the connection is not to an ISP then the Data Retention Directive
doesn't apply to either end ...

>For example I use one Gmail account as web mail using https: and
>another via my desktop client using  SMTP over SSL (which is the
>default for GMail I think).

Since Google is in California, they are not bound to preserve anything
(albeit the concept of Google not recording things is so unlikely, that
you should assume that they log a great deal, including content, and
keep it for long periods...  read your agreement with them!)

However, that's part of the point of IMP ... once "black boxes" exist at
ISPs then it is trivial to detect the traffic data ... viz: that you
connected to Google, and then to estimate the size of the email that was
transferred. If you don't actually use https: but only log in securely
and thereafter work in the clear (very common for real webmail systems,
see UKCrypto passim) then the kit could in principle unpick the HTTP
traffic and the HTML structure and thereby deduce which mailbox you were
accessing ... which is traffic data (? well it all depends what level of
the stack you look at -- something can be content at one level and
traffic data at the next level up!)

- -- 
richard                                              Richard Clayton

They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety.         Benjamin Franklin

-----BEGIN PGP SIGNATURE-----
Version: PGPsdk version 1.7.1

iQA/AwUBSWdHeZoAxkTY1oPiEQKfIgCdFtjN+zb/KQSnIh/6WZ3DiYkVzWcAoLfu
hVSqD6RrU3XY7PvhD5l7XTxK
=qTAO
-----END PGP SIGNATURE-----