Here we go again - ISP DPI, but is it interception?

Charles Lindsey chl at
Wed Jul 28 12:38:59 BST 2010

On Tue, 27 Jul 2010 02:07:26 +0100, Peter Fairbrother  
<zenadsl6186 at> wrote:

> Sorry. missed a bit here.
> It would be lawful interception under 3(3) if it was being done "for  
> purposes connected with the .. operation of that (telecommunications)  
> service" - but I don't think it is.

It seems that they are monitoring their outbound servers to compile lists  
of IP addresses to which stuff is being sent. That would be perfectly  
legal if used, for example, to fine-tune their routeing tables.

But they go further by examining the port number and only including  
packets addressed to port 80 in their lists. That is trickier, but if they  
claim that part of the "telecommunications service" that they offer is  
blocking sites that dispense malware, spams, phishes, etc, then they might  
claim that this particular interception was for the purpose of providing  
that feature of their service.

What they MUST NOT do is to record the sending address of those packets,  
or to correlate that sending address with anything else. But they  
explicitly deny that they are doing that.

So basically, I think what they are doing is potentially a Good Thing, and  
most likely lawful.

Once they have a list of addresses of sites, they they are perfectly  
entitled to visit those sites (as is anybody else) and to probe them for  
malware. If the site declines their probes, or demands some password that  
they don't know, then the site is perfectly entitled to do that.

Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131                       
Email: chl at      Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9      Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5

More information about the ukcrypto mailing list