Mastering the Internet

Roland Perry ukcrypto at chiark.greenend.org.uk
Sun, 3 May 2009 22:35:31 +0100 

In article <49FDC647.6030708@zen.co.uk>, Peter Fairbrother 
<zenadsl6186@zen.co.uk> writes

>>Towards the end it relents:
>>          "Although the paper [work] does not say it, its clear
>>         implication is that those kinds of probes should be extended to
>>         cover the entire population for the purposes of monitoring
>>         communications data,2 said the industry source.
>
>How is it limited to comms data?

It's possible that the probes could be used to illegally extract a small 
amount of content - but that's an old story and dates back to the 
original RIPA debate.

If you wanted to use the probes to extract "all" comms data, then you 
are back to the central warehouse idea. There either will or won't be 
one, and if there is the probes are merely the way it's implemented.

On the other hand, if you wanted the probes to extract "all" content, 
then the amount of data involved is immense - every communication is 
likely to pass several probes and so the bandwidth back to Cheltenham 
will have to exceed the bandwidth within the UK Internet by an order of 
magnitude.

>>>any ISP installing a  "black box" will be acting illegally.

>>  An order is only required if the CSP resists a polite request to 
>>install  a permanent intercept capability.   It's not illegal to 
>>install one, just [currently] to operate it without  warrants to 
>>extract content from communications.
>
>Isn't be covered by 2(2)(a), modification [..] "as to make some or all 
>of the contents of the communication available, while being 
>transmitted, to a person other than the sender or intended recipient of 
>the communication"?

You have to modify *and* make it available. Just doing the modifying is 
entirely legal.

>Are the bytes made available to GCHQ  going to be somehow (?) 
>technically limited to comms data and not content by the ISPs/network 
>operators?

That's another ancient question, and the technical answer I guess is 
"probably not", but see my remarks above about the volumes of data.

>Note that it's the bytes which are made available, rather than any 
>bytes which are actually looked at, which is the definition. I can't 
>see that happening, but maybe.

No, "making available" doesn't mean saying "here, you can have these if 
you like". You actually have to *send* them.

>Otherwise, putting a black box on the network will make all the bytes, 
>including content, available to GCHQ.

Only if it's activated.

>And putting that black box in, unless you are required to do so by a 
>Statutory Order eg under s.12, is illegal interception.

Not until it's activated. And the s12 order is a red herring. All it 
allows is the *capability*, it doesn't give the authorities carte 
blanche to intercept anything and everything without a warrant 
afterwards.

That may be your fundamental misconception.

>Afaics there are no "if"s, "and"s or "but"s about it. GCHQ simply 
>promising to only look at comms data (unless they have a relevant 
>warrant) doesn't change anything, content is made available to them.

If the probes are activated, then you would have to trust them to only 
use them to grab content when warrants were in place. But you also need 
to trust them not to be illegally intercepting everyone's phone calls 
(especially the mobile ones) using other kinds of equipment they may 
have available.

>There is a mechanism to change this state of affairs, in s.12, and it 
>involves Parliament itself, so I can't see any reasonable Court saying 
>otherwise.

You misunderstand what s12 is all about.

Nevertheless, you might want to have a look at: "Regulation of 
Investigatory Powers (Maintenance of Interception Capability) Order 
2002" 2002/1931 which does seem to have gone through Parliament despite 
your earlier assertion that no such orders had been laid.
-- 
Roland Perry