Here we go again - ISP DPI, but is it interception?

James Firth james2 at
Mon Jul 26 22:26:02 BST 2010

Just saw this on The Register today.  Talk Talk seem to me in the process
of developing an unavoidable network feature which tracks the websites a
subscriber visits with the aim of offering a malware protection service:

Aside from the obvious legal question - does this amount to interception -
there of course is the practical question concerning whether a prosecution
could ever be initiated given the Heller-esque nature of our current
regime: one needs investigative resources to prove a crime has been
committed, but the police are unable or unwilling to investigate unless
one can bring sufficient proof that a crime has been committed.

(Or at least this appears to be the case with at least one previous
instance I'm familiar with.)

Plus there are the obvious security issues - systems I'm familiar with
track attempts at unauthorised access, either via IP mask or session
cookie.  This could at least have an impact on statistics when the shadow
service attempts to access (*presumably* without the correct
cookie/keys/session ID).

Whilst one can see the obvious benefits to less technologically capable
subscribers, I'm not at all comfortable with this approach.

The Register report the system is operated at least in part by Chinese
telco equipment manufacturer Huawei.

James Firth

More information about the ukcrypto mailing list