Consultation on change to RIP interception definition ("unintentional interception")
matthew at pemble.net
Wed Nov 17 15:10:11 GMT 2010
On 17 November 2010 14:50, Andrew Cormack <Andrew.Cormack at ja.net> wrote:
> Sorry to come back to this, but I've been trying to make sense (again, lacking any draft amended text) of what might constitute an "unintentional unlawful interception". And failing, so I hope someone here can help.
Does the current wording of the Act make it a strict liability
offence? If not, then there must be mens rea. So, logically, you must
have intended to implement the interception (or be negligent as to
whether your act implemented an interception.)
Therefore, for it to have been "unintentionally unlawful", what could apply?
* A sincere but incorrect belief that the intention was lawful
(including presentation to a techie of an apparently legal warrant
that had been incorrectly processed)?
* An attempt to implement a lawful interception (either through
warrant or LBPR) which was incorrectly but not negligently applied and
resulting in a too-wide or otherwise non-approved interception?
> 1) postmaster attempts to re-direct a mis-addressed e-mail and puts a typo in the To: address?
> 2) postmaster does nothing, but a system fault results in all mails coming to him (yes, I've been there)
> 3) network manager runs a wireless sniffer to check a problem with his own network and picks up a packet from next door?
> 4) user turns on wifi card and receives packets from lots of wifi networks in addition to his own?
> 5) network manager uploads latest firmware to a network switch, thereby clearing its memory and turning it (for a while) into a broadcast hub?
I think all these, but particularly 2 and 5, lack any mens rea.
> All seem to satisfy most of the requirements of the definition, but even a civil penalty seems a bit harsh for most of them...
I would think that 5, depending on the organisation's change
management procedures, might be worth a strong word from their
manager. Otherwise it all (unless the email in 1 was especially
sensitive) falls into the "shit happens" category of IT issues.
More information about the ukcrypto