Here we go again - ISP DPI, but is it interception?
chl at clerew.man.ac.uk
Wed Jul 28 12:38:59 BST 2010
On Tue, 27 Jul 2010 02:07:26 +0100, Peter Fairbrother
<zenadsl6186 at zen.co.uk> wrote:
> Sorry. missed a bit here.
> It would be lawful interception under 3(3) if it was being done "for
> purposes connected with the .. operation of that (telecommunications)
> service" - but I don't think it is.
It seems that they are monitoring their outbound servers to compile lists
of IP addresses to which stuff is being sent. That would be perfectly
legal if used, for example, to fine-tune their routeing tables.
But they go further by examining the port number and only including
packets addressed to port 80 in their lists. That is trickier, but if they
claim that part of the "telecommunications service" that they offer is
blocking sites that dispense malware, spams, phishes, etc, then they might
claim that this particular interception was for the purpose of providing
that feature of their service.
What they MUST NOT do is to record the sending address of those packets,
or to correlate that sending address with anything else. But they
explicitly deny that they are doing that.
So basically, I think what they are doing is potentially a Good Thing, and
most likely lawful.
Once they have a list of addresses of sites, they they are perfectly
entitled to visit those sites (as is anybody else) and to probe them for
malware. If the site declines their probes, or demands some password that
they don't know, then the site is perfectly entitled to do that.
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Email: chl at clerew.man.ac.uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
More information about the ukcrypto