'Today' considers data retention and IMP

[Roland Perry]

In article 
<a9f4d96f0901111113h3c34ad3fja242d88fde636d1a@mail.gmail.com>, John 
Wilson <tugwilson@gmail.com> writes
>>> Am I missing something here?
>>
>> That any surveillance/registration system can be worked around by
>> sufficiently determined and sophisticated crooks, but they still get enough
>> useful results.
>
>Quite so.
>
>The situation here, as I understand it, is that this aspect of the
>surveillance system is "worked round" by every EU user who uses a non
>EU based web-mail system and any future surveillance system will be
>"worked round" by any EU user who turns SSL on in Gmail (it takes two
>clicks and you'd be an idiot not to turn it on if you use the service
>outside your home).

Nevertheless, with at least a decade's experience of access to comms 
data, it was decided that the provisions of the Data Retention Directive 
were sufficiently useful, some of the time, to be worth it. And 
following on from that the same decisions about measures within IMP.

>A sufficiently sophisticated surveillance system is able to detect
>that it's being "worked round" and can use that information as part of
>an evaluation of the likelihood that the user merits further
>observation.

That's what some people say is the case regarding sending SMTP/POP3 mail 
which has been encrypted.

>However if the mechanism used is one that a large number
>of normal users use then the bad people disappear into the crowd.
>
>So the problem is not that bad people can evade the system it's that
>they can do so and not raise suspicion.

I don't think the intention is to trawl for "suspicious looking people", 
rather than examining the activities of people specifically under 
investigation. (I can hear people sharpening their pencils to tell me 
this is a rather naive point of view, but the sheer volume of data and 
lack of centralised police facilities to do the studies, would seem to 
preclude it).
-- 
Roland Perry