From amidgley at gmail.com  Wed Aug  1 08:34:47 2012
From: amidgley at gmail.com (Adrian Midgley)
Date: Wed, 1 Aug 2012 08:34:47 +0100
Subject: sorry, but ...
In-Reply-To: <50153B63.6030602@zen.co.uk>
References: <500F1A54.4040204@zen.co.uk> <500F2335.7090602@zen.co.uk>
	<500FA83C.2070209@gmx.net> <500FE86B.4010308@zen.co.uk>
	<op.wh1x0btp6hl8nm@clerew.man.ac.uk> <CML5xvHRHUEQFAKc@perry.co.uk>
	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk> <ORKqm7TXOsEQFAqA@perry.co.uk>
	<5013180A.2020800@zen.co.uk> <IeqblrkR8OFQFADx@perry.co.uk>
	<50153B63.6030602@zen.co.uk>
Message-ID: <CAN2jWyidaomKZy=HQkJ_iV-LGm7=3jeiFODEVj+U11qJVqgyfw@mail.gmail.com>

On 29 July 2012 14:32, Peter Fairbrother <zenadsl6186 at zen.co.uk> wrote:

> The RIPA word is "communication" not message (my fault), and I do not think
> the communication (as opposed to the packets or bits) is received until it
> has all reached some destination.


Perhaps a divergence, but I suspect the people making and interpreting
these rules may be similar to those in a local bureacracy who were
surprised when I remarked that their letters saying

"We contacted X but received no reply"

would better be phrased as "we wrote a letter to X...."


IE the bureaucrat assumes that an action by them with no feedback of
successful reception is a communication rather than a bottle thrown
into the sea in the hope of a favourable current and an interested
person on a far off beach - that communication is something they do
rather than a handshake and exchange.



-- 
Adrian Midgley   http://www.defoam.net/


From lists at internetpolicyagency.com  Wed Aug  1 09:34:02 2012
From: lists at internetpolicyagency.com (Roland Perry)
Date: Wed, 1 Aug 2012 09:34:02 +0100
Subject: sorry, but ...
In-Reply-To: <CAN2jWyidaomKZy=HQkJ_iV-LGm7=3jeiFODEVj+U11qJVqgyfw@mail.gmail.com>
References: <500F1A54.4040204@zen.co.uk> <500F2335.7090602@zen.co.uk>
	<500FA83C.2070209@gmx.net> <500FE86B.4010308@zen.co.uk>
	<op.wh1x0btp6hl8nm@clerew.man.ac.uk> <CML5xvHRHUEQFAKc@perry.co.uk>
	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk> <ORKqm7TXOsEQFAqA@perry.co.uk>
	<5013180A.2020800@zen.co.uk> <IeqblrkR8OFQFADx@perry.co.uk>
	<50153B63.6030602@zen.co.uk>
	<CAN2jWyidaomKZy=HQkJ_iV-LGm7=3jeiFODEVj+U11qJVqgyfw@mail.gmail.com>
Message-ID: <ohjj6Fb6nOGQFA8J@perry.co.uk>

In article 
<CAN2jWyidaomKZy=HQkJ_iV-LGm7=3jeiFODEVj+U11qJVqgyfw at mail.gmail.com>, 
Adrian Midgley <amidgley at gmail.com> writes
>> The RIPA word is "communication" not message (my fault), and I do not think
>> the communication (as opposed to the packets or bits) is received until it
>> has all reached some destination.
>
>Perhaps a divergence, but I suspect the people making and interpreting
>these rules may be similar to those in a local bureacracy who were
>surprised when I remarked that their letters saying
>
>"We contacted X but received no reply"
>
>would better be phrased as "we wrote a letter to X...."
>
>IE the bureaucrat assumes that an action by them with no feedback of
>successful reception is a communication rather than a bottle thrown
>into the sea in the hope of a favourable current and an interested
>person on a far off beach - that communication is something they do
>rather than a handshake and exchange.

A message in a bottle is somewhat of a single thing that's sent, whereas 
smoke signals are also communications, and surely must be considered as 
having been sent long before the fire is put out and the final puff of 
smoke emitted? In other words, it's one of those "flows" I keep 
mentioning, where the reception takes place continuously rather than in 
one "lump".
-- 
Roland Perry


From colinthomson1 at o2.co.uk  Wed Aug  1 11:12:21 2012
From: colinthomson1 at o2.co.uk (Tom Thomson)
Date: Wed, 1 Aug 2012 11:12:21 +0100
Subject: sorry, but ...
In-Reply-To: <ohjj6Fb6nOGQFA8J@perry.co.uk>
References: <500F1A54.4040204@zen.co.uk>
	<500F2335.7090602@zen.co.uk><500FA83C.2070209@gmx.net>
	<500FE86B.4010308@zen.co.uk><op.wh1x0btp6hl8nm@clerew.man.ac.uk>
	<CML5xvHRHUEQFAKc@perry.co.uk><op.wh3nj7gb6hl8nm@clerew.man.ac.uk>
	<ORKqm7TXOsEQFAqA@perry.co.uk><5013180A.2020800@zen.co.uk>
	<IeqblrkR8OFQFADx@perry.co.uk><50153B63.6030602@zen.co.uk><CAN2jWyidaomKZy=HQkJ_iV-LGm7=3jeiFODEVj+U11qJVqgyfw@mail.gmail.com>
	<ohjj6Fb6nOGQFA8J@perry.co.uk>
Message-ID: <0B7ABC756947493ABA3E20321026B1A1@your41b8d18ede>

Roland Perry wrote
> 
> A message in a bottle is somewhat of a single thing that's sent, whereas
> smoke signals are also communications, and surely must be considered as
> having been sent long before the fire is put out and the final puff of
> smoke emitted? In other words, it's one of those "flows" I keep
> mentioning, where the reception takes place continuously rather than in
> one "lump".

There is a difference between the message having being sent and part of the message having been sent.  Certainly the smoke signal message has not been sent until the last puff of the smoke signal has been emitted.  Of course it is utterly irrelevant whether the fire has been put out or not.   The fire may be used subsequently to send another message, which would be difficult if it had been put out.

Equally a message is received when it is all received.  "Part of the message is received" does not mean 2All of the message is received".

I can encrypt a message by first inverting the order of its bits to achieve an intermediate text, then sticking a nice long salt in front of that string (at least 1.75*network interface unit length bits, and at least as long as the cipher block length and at least as long as the key), then encrypting the result with a decent cipher, lets say AES,  (with block chaining), then inverting the order of the bits in the cyphertext.  If I then transmit the resulting cyphertext, no part of the message can be decrypted until the message has been received; and when the message has been received, all of the message can be decrypted.  I don't think anyone would claim that the meaning of "received" in that sentence is not the normal meaning of the word (which is the meaning I understand words in acts and in regulations made under acts to be required to be interpreted as carrying in cases when no different definition is explicitly provided by legislation) so I don't think it's like that the law will allow you to claim that the message has been received when it has been only partly received.

M



From tharg at gmx.net  Wed Aug  1 11:24:06 2012
From: tharg at gmx.net (Caspar Bowden (travelling))
Date: Wed, 01 Aug 2012 12:24:06 +0200
Subject: What is a "communication" (was Re: sorry, but ...
In-Reply-To: <t4$y8OLLgDGQFANU@perry.co.uk>
References: <500F1A54.4040204@zen.co.uk> <500F2335.7090602@zen.co.uk>
	<500FA83C.2070209@gmx.net> <500FE86B.4010308@zen.co.uk>
	<op.wh1x0btp6hl8nm@clerew.man.ac.uk> <CML5xvHRHUEQFAKc@perry.co.uk>
	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk>
	<ORKqm7TXOsEQFAqA@perry.co.uk> <5013180A.2020800@zen.co.uk>
	<IeqblrkR8OFQFADx@perry.co.uk> <50153B63.6030602@zen.co.uk>
	<9p2mosohI6FQFAGq@perry.co.uk> <5017D91C.1050209@gmx.net>
	<t4$y8OLLgDGQFANU@perry.co.uk>
Message-ID: <501903C6.8060506@gmx.net>

On 07/31/2012 09:54 PM, Roland Perry wrote:
> In article <5017D91C.1050209 at gmx.net>, "Caspar Bowden (travelling)" 
> <tharg at gmx.net> writes
>> It always seemed to me that "communication" had to be interpreted as 
>> a transmission of information at an arbitrary *logical* layer of the 
>> stack(s) - it might mean an e-mail, or a web page, or an IM, or a 
>> phone call, or an SMS etc. If a hacker was communicating by 
>> port-knocking, it might mean a datagram.
>>
>> So the interpretation of communication w.r.t. to whether something is 
>> internal or external, would not be affected by e.g. whether any 
>> dropped packets as part of an email message were received by a random 
>> router outside the UK (and perhaps "made available" to a engineer 
>> looking at a log file), but whether the (intended) sender and 
>> receiver are both in the UK.
>
> How do we extend that theory to the situation where there are many 
> receivers in many countries, 

In ***theory***, it should be that if all the recipients are inside the 
UK, then it's internal, but if at least one intended recipient is 
outside UK, then its external, but...

> and when no-one (barring the intermediary such as Facebook knows who 
> the receivers are, and only really dodgy stuff like geo-location by IP 
> address can determine where they are?

So that is one of the the things I wanted to get at with the amendments 
resulting in the Bassam letter. What that told us (in 2000) is in 
practice if the bits flow over an "external trunk" they are fair game, 
because of the vast wiggle-room provided, for the external interception 
apparatus (and can be exploited provided that they haven't been obtained 
"seeking" to evade the requirement for an ordinary warrant)

That's why this internal/external discussion is all angel-on-pinhead 
stuff IMHO. There doesn't seem to be any legal or policy impediment to 
regarding all bits that flow outside the UK as up for grabs by GCHQ (if 
they are caught by filters associated with *some* certificated warrant  
- for any of the usual triple of interception purposes - for external 
interception. And certificated warrants specify "factors" not persons 
targeted). Only the IoCC would be in a position to know or object, and 
he hasn't written publicly about external stuff since 1986, apart from 
what I have appended from the 2009 Report about Liberty & Others vs. UK 2008

For comparison, it looks like the NSA had to work much harder (up until 
9/11) to exclude *collection* of Americans' traffic (no doubt using such 
stuff as geo-IP), because FISA promised protection by nationality (but 
since Protect America 2007 and FISAAA 2008, the doctrine of collect 
first, worry about who is American later, became legitimized)

see http://publicintelligence.net/binney-nsa-declaration/

Caspar

IoCC 2009 Annual Report
http://www.ipt-uk.com/docs/4458_HC%20341%20Intercept.pdf

ECHR decision: Liberty v. UK

2.11     In paragraph 2.13 of my Annual Report for 2008 I highlighted 
the fact
that in July 2008 the European Court of Human Rights handed down judgment
in Liberty v. UK. The complaint was about interception of communications,
allegedly contrary to Article 8 of the Convention. The challenge related 
to the
way in which external interception was conducted under the previous 
legislation,
the Interception of Communications Act 1985 (IOCA). IOCA was replaced by
the Regulation of Investigatory Powers Act 2000 (RIPA) which was 
introduced to
take proper account of human rights and which contains additional 
foreseeability
requirements. The Home Office confirmed that they were considering whether
any additional measures were required in light of the Strasbourg judgment,
i.e., whether RIPA and the existing interception Code of Practice 
rectify legal
deficiencies identified by the European Court of Human Rights.

2.12     Whilst the Home Office believes that the issues raised in the 
Liberty case
have, to a large extent, already been addressed by the implementation of 
RIPA
and the Code, it has decided to make some changes. Following receipt of 
legal
advice it intends making a small number of amendments to the Code: chapter 5
(covering RIPA section 8(4) interception warrants) and chapter 6 
(safeguards).
These deal with how, post-interception, material gathered under warrant 
comes
to be examined, including giving a better indication of the filtering of 
extraneous
material via automated systems. The proposed revised draft Code of 
Practice was
issued by the Home Office for consultation on 12 March 2010 with a 
deadline for
responses of 7 June 2010.



From daccy2001 at yahoo.co.uk  Wed Aug  1 10:05:57 2012
From: daccy2001 at yahoo.co.uk (Andrew Bangs)
Date: Wed, 1 Aug 2012 10:05:57 +0100 (BST)
Subject: sorry, but ...
In-Reply-To: <50185620.5000307@zen.co.uk>
References: <500F1A54.4040204@zen.co.uk> <500F2335.7090602@zen.co.uk>
	<500FA83C.2070209@gmx.net> <500FE86B.4010308@zen.co.uk>
	<op.wh1x0btp6hl8nm@clerew.man.ac.uk> <CML5xvHRHUEQFAKc@perry.co.uk>
	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk>
	<ORKqm7TXOsEQFAqA@perry.co.uk> <5013180A.2020800@zen.co.uk>
	<IeqblrkR8OFQFADx@perry.co.uk> <50153B63.6030602@zen.co.uk>
	<9p2mosohI6FQFAGq@perry.co.uk> <50185620.5000307@zen.co.uk>
Message-ID: <1343811957.28957.YahooMailNeo@web29301.mail.ird.yahoo.com>

Intercepting at switches (vs literally 'on the wire') always reminds me of Zeno's arrow paradox. We somehow have to pretend that the thing to be intercepted is stationary if this is really different from doing it on the wire, or at least that it's received and then has stuff done to it before being sent on its way. Leaving aside the issue that a single packet in a single direction might not be the same as a communication (and I can't remember if that's important) a switch could decide what to do with a packet based on the first portion of the packet (and addressing information is usually conveniently placed at the front, rather than at the back, of a packet) and be already transmitting it to the next element in the network before the tail of the packet has been received. 


In other words, there isn't necessarily a point in time after a switch has received a message and before it sends it on again. Yes, a switch is a place between the wires, but it doesn't necessarily have the entire 'message' at any instant. 


(for anyone thirsty for further reading, "cut-through switching" is a phrase your favourite search engine could investigate)

Regards,
Andrew

________________________________
From: Peter Fairbrother <zenadsl6186 at zen.co.uk>
To: UK Cryptography Policy Discussion Group <ukcrypto at chiark.greenend.org.uk> 
Sent: Tuesday, 31 July 2012, 23:03
Subject: Re: sorry, but ...

Err, while I do not think you can intercept at each and every switch in the network, I have to disagree a little on point - there is little I can see in RIPA which implies or involves flowing, except between two places.

A switch is a place - intercepting the wires between switches is not the same as intercepting at a switch after the switch has received the message and before it sends it on again.


From lists at internetpolicyagency.com  Wed Aug  1 12:32:32 2012
From: lists at internetpolicyagency.com (Roland Perry)
Date: Wed, 1 Aug 2012 12:32:32 +0100
Subject: sorry, but ...
In-Reply-To: <0B7ABC756947493ABA3E20321026B1A1@your41b8d18ede>
References: <500F1A54.4040204@zen.co.uk> <500F2335.7090602@zen.co.uk>
	<500FA83C.2070209@gmx.net> <500FE86B.4010308@zen.co.uk>
	<op.wh1x0btp6hl8nm@clerew.man.ac.uk> <CML5xvHRHUEQFAKc@perry.co.uk>
	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk> <ORKqm7TXOsEQFAqA@perry.co.uk>
	<5013180A.2020800@zen.co.uk> <IeqblrkR8OFQFADx@perry.co.uk>
	<50153B63.6030602@zen.co.uk>
	<CAN2jWyidaomKZy=HQkJ_iV-LGm7=3jeiFODEVj+U11qJVqgyfw@mail.gmail.com>
	<ohjj6Fb6nOGQFA8J@perry.co.uk>
	<0B7ABC756947493ABA3E20321026B1A1@your41b8d18ede>
Message-ID: <IQp7WnjQPRGQFALo@perry.co.uk>

In article <0B7ABC756947493ABA3E20321026B1A1 at your41b8d18ede>, Tom 
Thomson <colinthomson1 at o2.co.uk> writes
>> A message in a bottle is somewhat of a single thing that's sent, whereas
>> smoke signals are also communications, and surely must be considered as
>> having been sent long before the fire is put out and the final puff of
>> smoke emitted? In other words, it's one of those "flows" I keep
>> mentioning, where the reception takes place continuously rather than in
>> one "lump".
>
>There is a difference between the message having being sent and part of
>the message having been sent.

So a phone call hasn't happened until I put down the receiver? Remember, 
this in the context of what RIPA prohibits someone intercepting. It's 
laughable to suggest RIPA allows you to intercept a phone call up until 
the phone is put down, on the grounds that it's not a "communication" 
until the phone call is complete.

-- 
Roland Perry


From lists at internetpolicyagency.com  Wed Aug  1 13:04:11 2012
From: lists at internetpolicyagency.com (Roland Perry)
Date: Wed, 1 Aug 2012 13:04:11 +0100
Subject: What is a "communication" (was Re: sorry, but ...
In-Reply-To: <501903C6.8060506@gmx.net>
References: <500F1A54.4040204@zen.co.uk> <500F2335.7090602@zen.co.uk>
	<500FA83C.2070209@gmx.net> <500FE86B.4010308@zen.co.uk>
	<op.wh1x0btp6hl8nm@clerew.man.ac.uk> <CML5xvHRHUEQFAKc@perry.co.uk>
	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk> <ORKqm7TXOsEQFAqA@perry.co.uk>
	<5013180A.2020800@zen.co.uk> <IeqblrkR8OFQFADx@perry.co.uk>
	<50153B63.6030602@zen.co.uk> <9p2mosohI6FQFAGq@perry.co.uk>
	<5017D91C.1050209@gmx.net> <t4$y8OLLgDGQFANU@perry.co.uk>
	<501903C6.8060506@gmx.net>
Message-ID: <khjg6Zn7sRGQFAty@perry.co.uk>

In article <501903C6.8060506 at gmx.net>, "Caspar Bowden (travelling)" 
<tharg at gmx.net> writes
>> How do we extend that theory to the situation where there are many 
>>receivers in many countries,
>
>In ***theory***, it should be that if all the recipients are inside the 
>UK, then it's internal, but if at least one intended recipient is 
>outside UK, then its external, but...

That was what I expected the situation to be, but with modern social 
networking it's really difficult to know if all your correspondents are 
in the UK. After all, do they publish their travel plans (OK, some 
social networks do). Did David Cameron take his laptop to Tuscany?

>> and when no-one (barring the intermediary such as Facebook knows who 
>>the receivers are, and only really dodgy stuff like geo-location by IP 
>>address can determine where they are?
>
>So that is one of the the things I wanted to get at with the amendments 
>resulting in the Bassam letter.

One solution would be to amend the law to talk about where people 
"purport" to be. eg I purport to be in Nottingham, UK; although very 
often I'll be reading Facebook when overseas, which might show up as 
traffic data. But for email it's worse than that, because I use a VPN 
back to my office and you'd have to ask the VPN operator where I was.

>What that told us (in 2000) is in practice if the bits flow over an 
>"external trunk" they are fair game

That's also to be expected, although these days you might well find 
UK-UK traffic going via AMSIX as well as LINX. Of course, the next 
question is "which side of LINX have you placed the sniffer box" - the 
UK side, or the leased line to the overseas peering partner.

>For comparison, it looks like the NSA had to work much harder (up until 
>9/11) to exclude *collection* of Americans' traffic (no doubt using 
>such stuff as geo-IP), because FISA promised protection by nationality 
>(but since Protect America 2007 and FISAAA 2008, the doctrine of 
>collect first, worry about who is American later, became legitimized)

How does that work for Americans living or travelling overseas?
-- 
Roland Perry


From tharg at gmx.net  Wed Aug  1 15:10:19 2012
From: tharg at gmx.net (Caspar Bowden (travelling))
Date: Wed, 01 Aug 2012 16:10:19 +0200
Subject: What is a "communication" (was Re: sorry, but ...
In-Reply-To: <khjg6Zn7sRGQFAty@perry.co.uk>
References: <500F1A54.4040204@zen.co.uk> <500F2335.7090602@zen.co.uk>
	<500FA83C.2070209@gmx.net> <500FE86B.4010308@zen.co.uk>
	<op.wh1x0btp6hl8nm@clerew.man.ac.uk> <CML5xvHRHUEQFAKc@perry.co.uk>
	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk>
	<ORKqm7TXOsEQFAqA@perry.co.uk> <5013180A.2020800@zen.co.uk>
	<IeqblrkR8OFQFADx@perry.co.uk> <50153B63.6030602@zen.co.uk>
	<9p2mosohI6FQFAGq@perry.co.uk> <5017D91C.1050209@gmx.net>
	<t4$y8OLLgDGQFANU@perry.co.uk> <501903C6.8060506@gmx.net>
	<khjg6Zn7sRGQFAty@perry.co.uk>
Message-ID: <501938CB.9090705@gmx.net>

On 08/01/2012 02:04 PM, Roland Perry wrote:
> the next question is "which side of LINX have you placed the sniffer 
> box" - the UK side, or the leased line to the overseas peering partner.

Indeed

> For comparison, it looks like the NSA had to work much harder (up 
> until 9/11) to exclude *collection* of Americans' traffic (no doubt 
> using such stuff as geo-IP), because FISA promised protection by 
> nationality (but since Protect America 2007 and FISAAA 2008, the 
> doctrine of collect first, worry about who is American later, became 
> legitimized)
>
> How does that work for Americans living or travelling overseas?

There's been a colossal row about this for 4 or 5 years

http://www.blueoregon.com/2007/12/wyden-americans/

http://www.washingtonpost.com/wp-dyn/content/article/2008/07/08/AR2008070802587.html
(spot the analogies to Bassam letter and overlapping warrants)

note also "such warrantless monitoring is permitted under the original 
FISA so long as the collection is done overseas." - that's actually 
wrong, unless you interpret the corresponding wiggle room as expansively 
as that in RIPA, which is what Wyden was (and is) banging on about

chickens roosting here
http://www.latimes.com/news/opinion/editorials/la-ed-fisa-20120525,0,6268550.story


Caspar



From lists at internetpolicyagency.com  Wed Aug  1 15:44:08 2012
From: lists at internetpolicyagency.com (Roland Perry)
Date: Wed, 1 Aug 2012 15:44:08 +0100
Subject: sorry, but ...
In-Reply-To: <50185620.5000307@zen.co.uk>
References: <500F1A54.4040204@zen.co.uk> <500F2335.7090602@zen.co.uk>
	<500FA83C.2070209@gmx.net> <500FE86B.4010308@zen.co.uk>
	<op.wh1x0btp6hl8nm@clerew.man.ac.uk> <CML5xvHRHUEQFAKc@perry.co.uk>
	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk> <ORKqm7TXOsEQFAqA@perry.co.uk>
	<5013180A.2020800@zen.co.uk> <IeqblrkR8OFQFADx@perry.co.uk>
	<50153B63.6030602@zen.co.uk> <9p2mosohI6FQFAGq@perry.co.uk>
	<50185620.5000307@zen.co.uk>
Message-ID: <ldzg1lB4CUGQFA+j@perry.co.uk>

In article <50185620.5000307 at zen.co.uk>, Peter Fairbrother 
<zenadsl6186 at zen.co.uk> writes
>>RIPA 1(1) says: "... at any place in the United Kingdom, any
>> communication in the course of its transmission..."
>>
>> Which is one of several references to "course of its transmission"
>> indicating that this is a continuous (flowing) process.
>
>Err, while I do not think you can intercept at each and every switch in 
>the network, I have to disagree a little on point - there is little I 
>can see in RIPA which implies or involves flowing, except between two 
>places.

Where do communications flow, if not between two places. Or are you 
becoming more alert to the one-to-many issue?

>A switch is a place - intercepting the wires between switches is not 
>the same as intercepting at a switch after the switch has received the 
>message and before it sends it on again.

Switches aren't generally store and forward, they deal in flows.

>What RIPA does talk about is the sender and the intended recipient of a 
>communication, and more, that those are the relevant places - and I 
>take that to mean at the level of eg the person who sends an email, and 
>the person who it is meant for, rather than eg the network or physical 
>or even application layers.

If I send an email to ukcrypto at chiark.greenend.org.uk who is the 
intended recipient? Surely not just you.

>>> And clearing up the stored comms NTL vs Ipswich question would be good
>>> too - the Police need a warrant from the HS to intercept telephone
>>> calls, but not to intercept email? Where's the sense in that?
>>
>> I continue to think that the decision in NTL was flawed. Remember that
>> it wasn't about intercepting emails as such, but revolved around a
>> provision enabling a "preservation order" [my words] for evidence that
>> was likely to be destroyed before that evidence could be obtained with a
>> production order.
>
>That was the immediate issue, perhaps, though imo focussing on it is a 
>bit of a red herring - the wider issue was whether the Police could in 
>effect intercept communications in transit in a public telecoms system 
>if they were emails, because they were stored in transit, but they 
>couldn't intercept such comms if they were not stored eg telephone calls.
>
>And that was why the decision was wrong imo, apart from being arbitrary 
>and making-up-law-on-the-fly-ish - the general protection against 
>interception of communications without a warrant signed by a Minister 
>was lost for email; and there is nothing I can find in PACE which 
>directly allowed the Police to demand stored emails from CSPs.

They can request production orders, which can demand stored emails.

>[1] I guess that a message left in Facebook is a stored communication.

Yes, very likely.

> If the Police etc have some power, perhaps under PACE a la NTL, to 
>obtain such stored messages without it contravening the 
>anti-interception provisions of RIPA,

Their production orders may not work if served on Facebook, wherever 
they are (not in the UK, I assume).

>could they just intercept all the Facebook traffic and filter out 
>everything which will not be a stored communication (ie Facebook 
>housekeeping traffic - oops that's mostly traffic data so they can get 
>that too) in order to obtain the stored comms under a PACE warrant?
>
>Can't see why not ...

No, you can't intercept everything just in case, and "sort it out 
later", that's the whole point.
-- 
Roland Perry


From lists at internetpolicyagency.com  Wed Aug  1 18:07:03 2012
From: lists at internetpolicyagency.com (Roland Perry)
Date: Wed, 1 Aug 2012 18:07:03 +0100
Subject: What is a "communication" (was Re: sorry, but ...
In-Reply-To: <khjg6Zn7sRGQFAty@perry.co.uk>
References: <500F1A54.4040204@zen.co.uk> <500F2335.7090602@zen.co.uk>
	<500FA83C.2070209@gmx.net> <500FE86B.4010308@zen.co.uk>
	<op.wh1x0btp6hl8nm@clerew.man.ac.uk> <CML5xvHRHUEQFAKc@perry.co.uk>
	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk> <ORKqm7TXOsEQFAqA@perry.co.uk>
	<5013180A.2020800@zen.co.uk> <IeqblrkR8OFQFADx@perry.co.uk>
	<50153B63.6030602@zen.co.uk> <9p2mosohI6FQFAGq@perry.co.uk>
	<5017D91C.1050209@gmx.net> <t4$y8OLLgDGQFANU@perry.co.uk>
	<501903C6.8060506@gmx.net> <khjg6Zn7sRGQFAty@perry.co.uk>
Message-ID: <Qsg9JZO3IWGQFAbX@perry.co.uk>

In article <khjg6Zn7sRGQFAty at perry.co.uk>, Roland Perry <lists at internetp
olicyagency.com> writes
>That's also to be expected, although these days you might well find UK-
>UK traffic going via AMSIX as well as LINX.

And this article plopped into my twitter feed just now:

<http://www.calgaryherald.com/technology/Mapping+privacy+concerns+Your+d
ata+crosses+borders+without+your+knowledge/7018373/story.html>
-- 
Roland Perry


From chl at clerew.man.ac.uk  Tue Aug  7 16:39:53 2012
From: chl at clerew.man.ac.uk (Charles Lindsey)
Date: Tue, 07 Aug 2012 16:39:53 +0100
Subject: What is a "communication" (was Re: sorry, but ...
In-Reply-To: <501903C6.8060506@gmx.net>
References: <500F1A54.4040204@zen.co.uk> <500F2335.7090602@zen.co.uk>
	<500FA83C.2070209@gmx.net> <500FE86B.4010308@zen.co.uk>
	<op.wh1x0btp6hl8nm@clerew.man.ac.uk> <CML5xvHRHUEQFAKc@perry.co.uk>
	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk>
	<ORKqm7TXOsEQFAqA@perry.co.uk> <5013180A.2020800@zen.co.uk>
	<IeqblrkR8OFQFADx@perry.co.uk> <50153B63.6030602@zen.co.uk>
	<9p2mosohI6FQFAGq@perry.co.uk> <5017D91C.1050209@gmx.net>
	<t4$y8OLLgDGQFANU@perry.co.uk> <501903C6.8060506@gmx.net>
Message-ID: <op.wioggrjh6hl8nm@clerew.man.ac.uk>

On Wed, 01 Aug 2012 11:24:06 +0100, Caspar Bowden (travelling)  
<tharg at gmx.net> wrote:

>> How do we extend that theory to the situation where there are many  
>> receivers in many countries,
>
> In ***theory***, it should be that if all the recipients are inside the  
> UK, then it's internal, but if at least one intended recipient is  
> outside UK, then its external, but...

I would have expected exactly the opposite.

If the message is from Alice (known to be in the UK, and easily shown to  
be such) via Facebook to Bob (who happens to be in the UK) and Others  
(outside the UK, and probably a bunch of villains) then if "they"  
intercept the message on its way to Facebook without warrant, they have  
intercepted a message from Alice to Bob, which is not allowed. End of  
story AFAICS.

If "they" imagine that they are intecepting messages from Alice to the  
villains, they have neverthelsss intercepted Alice to Bob (because the  
same message is sent to all of them). They can't pretend they have read  
the body of the message to the villains but carefully omitted to read the  
message to Bob, unless they are wearing glasses with some very peculiar  
filters in them indeed.

There is an onus on "them" not to break the law - how they avoid that is  
their problem but, in this case the technology is definitely against them.

-- 
Charles?H.?Lindsey?---------At?Home,?doing?my?own?thing------------------------
Tel:?+44?161?436?6131?                      
???Web:?http://www.cs.man.ac.uk/~chl
Email:?chl at clerew.man.ac.uk??????Snail:?5?Clerewood?Ave,?CHEADLE,?SK8?3JU,?U.K.
PGP:?2C15F1A9??????Fingerprint:?73?6D?C2?51?93?A0?01?E7?65?E8?64?7E?14?A4?AB?A5


From zenadsl6186 at zen.co.uk  Tue Aug  7 20:50:36 2012
From: zenadsl6186 at zen.co.uk (Peter Fairbrother)
Date: Tue, 07 Aug 2012 20:50:36 +0100
Subject: What is a "communication" (was Re: sorry, but ...
In-Reply-To: <op.wioggrjh6hl8nm@clerew.man.ac.uk>
References: <500F1A54.4040204@zen.co.uk>
	<500F2335.7090602@zen.co.uk>	<500FA83C.2070209@gmx.net>
	<500FE86B.4010308@zen.co.uk>	<op.wh1x0btp6hl8nm@clerew.man.ac.uk>
	<CML5xvHRHUEQFAKc@perry.co.uk>	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk>	<ORKqm7TXOsEQFAqA@perry.co.uk>
	<5013180A.2020800@zen.co.uk>	<IeqblrkR8OFQFADx@perry.co.uk>
	<50153B63.6030602@zen.co.uk>	<9p2mosohI6FQFAGq@perry.co.uk>
	<5017D91C.1050209@gmx.net>	<t4$y8OLLgDGQFANU@perry.co.uk>
	<501903C6.8060506@gmx.net> <op.wioggrjh6hl8nm@clerew.man.ac.uk>
Message-ID: <5021718C.1000203@zen.co.uk>

On 07/08/12 16:39, Charles Lindsey wrote:
> On Wed, 01 Aug 2012 11:24:06 +0100, Caspar Bowden (travelling)
> <tharg at gmx.net> wrote:
>
>>> How do we extend that theory to the situation where there are many
>>> receivers in many countries,
>>
>> In ***theory***, it should be that if all the recipients are inside
>> the UK, then it's internal, but if at least one intended recipient is
>> outside UK, then its external, but...
>
> I would have expected exactly the opposite.
>
> If the message is from Alice (known to be in the UK, and easily shown to
> be such) via Facebook to Bob (who happens to be in the UK) and Others
> (outside the UK, and probably a bunch of villains) then if "they"
> intercept the message on its way to Facebook without warrant, they have
> intercepted a message from Alice to Bob, which is not allowed. End of
> story AFAICS.
>
> If "they" imagine that they are intecepting messages from Alice to the
> villains, they have neverthelsss intercepted Alice to Bob (because the
> same message is sent to all of them). They can't pretend they have read
> the body of the message to the villains but carefully omitted to read
> the message to Bob, unless they are wearing glasses with some very
> peculiar filters in them indeed.
>
> There is an onus on "them" not to break the law - how they avoid that is
> their problem but, in this case the technology is definitely against them.
>

RIPA S.5(6): The conduct authorised by an interception warrant shall be 
taken to include?

(a) all such conduct (including the interception of communications not 
identified by the warrant) as it is necessary to undertake in order to 
do what is expressly authorised or required by the warrant;


-- Peter Fairbrother


From igb at batten.eu.org  Wed Aug  8 09:58:56 2012
From: igb at batten.eu.org (Ian Batten)
Date: Wed, 8 Aug 2012 09:58:56 +0100
Subject: What is a "communication" (was Re: sorry, but ...
In-Reply-To: <op.wioggrjh6hl8nm@clerew.man.ac.uk>
References: <500F1A54.4040204@zen.co.uk> <500F2335.7090602@zen.co.uk>
	<500FA83C.2070209@gmx.net> <500FE86B.4010308@zen.co.uk>
	<op.wh1x0btp6hl8nm@clerew.man.ac.uk> <CML5xvHRHUEQFAKc@perry.co.uk>
	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk>
	<ORKqm7TXOsEQFAqA@perry.co.uk> <5013180A.2020800@zen.co.uk>
	<IeqblrkR8OFQFADx@perry.co.uk> <50153B63.6030602@zen.co.uk>
	<9p2mosohI6FQFAGq@perry.co.uk> <5017D91C.1050209@gmx.net>
	<t4$y8OLLgDGQFANU@perry.co.uk> <501903C6.8060506@gmx.net>
	<op.wioggrjh6hl8nm@clerew.man.ac.uk>
Message-ID: <9E957DE5-4E56-4A6D-A743-A6F665297E66@batten.eu.org>


On 7 Aug 2012, at 16:39, "Charles Lindsey" <chl at clerew.man.ac.uk> wrote:

> On Wed, 01 Aug 2012 11:24:06 +0100, Caspar Bowden (travelling) <tharg at gmx.net> wrote:
> 
>>> How do we extend that theory to the situation where there are many receivers in many countries,
>> 
>> In ***theory***, it should be that if all the recipients are inside the UK, then it's internal, but if at least one intended recipient is outside UK, then its external, but...
> 
> I would have expected exactly the opposite.
> 
> If the message is from Alice (known to be in the UK, and easily shown to be such) via Facebook to Bob (who happens to be in the UK) and Others (outside the UK, and probably a bunch of villains) then if "they" intercept the message on its way to Facebook without warrant, they have intercepted a message from Alice to Bob, which is not allowed. End of story AFAICS.

That would depend on whether a point-to-multipoint message is deemed to be one message sent to a number of recipients, or a number of messages each sent to one message.  It clearly becomes multiple messages at the point of delivery (ie, it's sent to each recipient for final viewing via disjoint HTTP/whatever connections).  The technical and the legal view of this may differ, but I would be astounded if the government, or a court, would accept the argument that international traffic falls under the aegis of national law simply because one recipient is in the country.

ian



From chl at clerew.man.ac.uk  Wed Aug  8 10:49:11 2012
From: chl at clerew.man.ac.uk (Charles Lindsey)
Date: Wed, 08 Aug 2012 10:49:11 +0100
Subject: What is a "communication" (was Re: sorry, but ...
In-Reply-To: <5021718C.1000203@zen.co.uk>
References: <500F1A54.4040204@zen.co.uk> <500F2335.7090602@zen.co.uk>
	<500FA83C.2070209@gmx.net> <500FE86B.4010308@zen.co.uk>
	<op.wh1x0btp6hl8nm@clerew.man.ac.uk> <CML5xvHRHUEQFAKc@perry.co.uk>
	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk>
	<ORKqm7TXOsEQFAqA@perry.co.uk> <5013180A.2020800@zen.co.uk>
	<IeqblrkR8OFQFADx@perry.co.uk> <50153B63.6030602@zen.co.uk>
	<9p2mosohI6FQFAGq@perry.co.uk> <5017D91C.1050209@gmx.net>
	<t4$y8OLLgDGQFANU@perry.co.uk> <501903C6.8060506@gmx.net>
	<op.wioggrjh6hl8nm@clerew.man.ac.uk> <5021718C.1000203@zen.co.uk>
Message-ID: <op.wipuv91k6hl8nm@clerew.man.ac.uk>

On Tue, 07 Aug 2012 20:50:36 +0100, Peter Fairbrother  
<zenadsl6186 at zen.co.uk> wrote:

> On 07/08/12 16:39, Charles Lindsey wrote:

>> I would have expected exactly the opposite.
>>
>> If the message is from Alice (known to be in the UK, and easily shown to
>> be such) via Facebook to Bob (who happens to be in the UK) and Others
>> (outside the UK, and probably a bunch of villains) then if "they"
>> intercept the message on its way to Facebook without warrant, they have
>> intercepted a message from Alice to Bob, which is not allowed. End of
>> story AFAICS.
>>
>> If "they" imagine that they are intecepting messages from Alice to the
>> villains, they have neverthelsss intercepted Alice to Bob (because the
>> same message is sent to all of them). They can't pretend they have read
>> the body of the message to the villains but carefully omitted to read
>> the message to Bob, unless they are wearing glasses with some very
>> peculiar filters in them indeed.
>>
>> There is an onus on "them" not to break the law - how they avoid that is
>> their problem but, in this case the technology is definitely against  
>> them.
>>
>
> RIPA S.5(6): The conduct authorised by an interception warrant shall be  
> taken to include?
>
> (a) all such conduct (including the interception of communications not  
> identified by the warrant) as it is necessary to undertake in order to  
> do what is expressly authorised or required by the warrant;

Which is irrelevant to the case in question, which was concerned with  
interception *without* a warrant.


-- 
Charles?H.?Lindsey?---------At?Home,?doing?my?own?thing------------------------
Tel:?+44?161?436?6131?                      
???Web:?http://www.cs.man.ac.uk/~chl
Email:?chl at clerew.man.ac.uk??????Snail:?5?Clerewood?Ave,?CHEADLE,?SK8?3JU,?U.K.
PGP:?2C15F1A9??????Fingerprint:?73?6D?C2?51?93?A0?01?E7?65?E8?64?7E?14?A4?AB?A5


From lists at internetpolicyagency.com  Wed Aug  8 10:49:24 2012
From: lists at internetpolicyagency.com (Roland Perry)
Date: Wed, 8 Aug 2012 10:49:24 +0100
Subject: What is a "communication" (was Re: sorry, but ...
In-Reply-To: <9E957DE5-4E56-4A6D-A743-A6F665297E66@batten.eu.org>
References: <500F1A54.4040204@zen.co.uk> <500F2335.7090602@zen.co.uk>
	<500FA83C.2070209@gmx.net> <500FE86B.4010308@zen.co.uk>
	<op.wh1x0btp6hl8nm@clerew.man.ac.uk> <CML5xvHRHUEQFAKc@perry.co.uk>
	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk> <ORKqm7TXOsEQFAqA@perry.co.uk>
	<5013180A.2020800@zen.co.uk> <IeqblrkR8OFQFADx@perry.co.uk>
	<50153B63.6030602@zen.co.uk> <9p2mosohI6FQFAGq@perry.co.uk>
	<5017D91C.1050209@gmx.net> <t4$y8OLLgDGQFANU@perry.co.uk>
	<501903C6.8060506@gmx.net> <op.wioggrjh6hl8nm@clerew.man.ac.uk>
	<9E957DE5-4E56-4A6D-A743-A6F665297E66@batten.eu.org>
Message-ID: <Fm6YrPykYjIQFA5g@perry.co.uk>

In article <9E957DE5-4E56-4A6D-A743-A6F665297E66 at batten.eu.org>, Ian 
Batten <igb at batten.eu.org> writes
>> If the message is from Alice (known to be in the UK, and easily shown to be such) via Facebook to Bob (who happens to be in the UK) and
>>Others (outside the UK, and probably a bunch of villains) then if "they" intercept the message on its way to Facebook without warrant, they
>>have intercepted a message from Alice to Bob, which is not allowed. End of story AFAICS.
>
>That would depend on whether a point-to-multipoint message is deemed to be one message sent to a number of recipients, or a number of messages
>each sent to one message.

That's why this rather simple point needs clarifying in the legislation.

It's not a difficult technical concept, even if there might be complex 
policy issues involved.
-- 
Roland Perry


From tharg at gmx.net  Wed Aug  8 11:15:26 2012
From: tharg at gmx.net (Caspar Bowden (travelling))
Date: Wed, 08 Aug 2012 12:15:26 +0200
Subject: What is a "communication" (was Re: sorry, but ...
In-Reply-To: <op.wipuv91k6hl8nm@clerew.man.ac.uk>
References: <500F1A54.4040204@zen.co.uk> <500F2335.7090602@zen.co.uk>
	<500FA83C.2070209@gmx.net> <500FE86B.4010308@zen.co.uk>
	<op.wh1x0btp6hl8nm@clerew.man.ac.uk> <CML5xvHRHUEQFAKc@perry.co.uk>
	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk>
	<ORKqm7TXOsEQFAqA@perry.co.uk> <5013180A.2020800@zen.co.uk>
	<IeqblrkR8OFQFADx@perry.co.uk> <50153B63.6030602@zen.co.uk>
	<9p2mosohI6FQFAGq@perry.co.uk> <5017D91C.1050209@gmx.net>
	<t4$y8OLLgDGQFANU@perry.co.uk> <501903C6.8060506@gmx.net>
	<op.wioggrjh6hl8nm@clerew.man.ac.uk> <5021718C.1000203@zen.co.uk>
	<op.wipuv91k6hl8nm@clerew.man.ac.uk>
Message-ID: <50223C3E.2010109@gmx.net>

On 08/08/2012 11:49 AM, Charles Lindsey wrote:
> On Tue, 07 Aug 2012 20:50:36 +0100, Peter Fairbrother 
> <zenadsl6186 at zen.co.uk> wrote:
>
>> RIPA S.5(6): The conduct authorised by an interception warrant shall 
>> be taken to include?
>>
>> (a) all such conduct (including the interception of communications 
>> not identified by the warrant) as it is necessary to undertake in 
>> order to do what is expressly authorised or required by the warrant;
>
> Which is irrelevant to the case in question, which was concerned with 
> interception *without* a warrant.

I thought we were discussing the case of intercepting "external" vs. 
"internal" both of which require warrants (as opposed to stuff 
originating and finishing outside UK which requires no warrant at all - 
like all other countries AFAIK)

External stuff requires "certificated" warrants, and the Bassam letter 
and associated FIPR notes at http://www.fipr.org/rip/#Overlapping are 
all about how the wiggle room applies viz. (****)

/<<How do 8(3) and 15(3) interlock with clause 5(6)?/

Clause 5(6) allows, under the authority of an interception warrant, all 
such conduct as it is necessary to undertake in order to do what the 
warrant expressly authorises. This conduct can include the interception 
of communications - whether external or internal - not identified by the 
warrant. But such interception must be the minimum necessary to achieve 
the object of the warrant, and must be proportionate to that object. 
***** The clause applies equally to warrants complying with clause 8(1) 
and (3) *****. In the latter case it could, for example, make lawful the 
interception of internal communications where these mixed with external 
communications on a trunk used mainly for external purposes. 
Communications that originate and are received in the UK are always 
"internal"; as is well known, some of these will go abroad en route and 
so be carried on primarily external trunks. It is not possible to 
intercept the external communications on the trunk without intercepting 
the internal communications as well.>>

Caspar



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.chiark.greenend.org.uk/pipermail/ukcrypto/attachments/20120808/7982ec19/attachment.html>

From peter at pmsommer.com  Wed Aug  8 10:27:23 2012
From: peter at pmsommer.com (Peter Sommer)
Date: Wed, 08 Aug 2012 10:27:23 +0100
Subject: What is a "communication" (was Re: sorry, but ...
In-Reply-To: <9E957DE5-4E56-4A6D-A743-A6F665297E66@batten.eu.org>
References: <500F1A54.4040204@zen.co.uk> <500F2335.7090602@zen.co.uk>
	<500FA83C.2070209@gmx.net> <500FE86B.4010308@zen.co.uk>
	<op.wh1x0btp6hl8nm@clerew.man.ac.uk> <CML5xvHRHUEQFAKc@perry.co.uk>
	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk>
	<ORKqm7TXOsEQFAqA@perry.co.uk> <5013180A.2020800@zen.co.uk>
	<IeqblrkR8OFQFADx@perry.co.uk> <50153B63.6030602@zen.co.uk>
	<9p2mosohI6FQFAGq@perry.co.uk> <5017D91C.1050209@gmx.net>
	<t4$y8OLLgDGQFANU@perry.co.uk> <501903C6.8060506@gmx.net>
	<op.wioggrjh6hl8nm@clerew.man.ac.uk>
	<9E957DE5-4E56-4A6D-A743-A6F665297E66@batten.eu.org>
Message-ID: <502230FB.1050702@pmsommer.com>

Contributors to this thread might like to take a careful look at RIPA s 
2(1) which provides some definitions and addresses the issue of 
jurisidiction claimed by the UK courts:

"public telecommunications service" means any
telecommunications service which is offered or provided to, or
to a substantial section of, the public in any one or more parts
of the United Kingdom;
"public telecommunication system" means any such parts of a
telecommunication system by means of which any public
telecommunications service is provided as are located in the
United Kingdom;
"telecommunications service" means any service that consists in the
provision of access to, and of facilities for making use of, any
telecommunication system (whether or not one provided by the
person providing the service); and
"telecommunication system" means any system (including the
apparatus comprised in it) which exists (whether wholly or
partly in the United Kingdom or elsewhere) for the purpose of
facilitating the transmission of communications by any means
involving the use of electrical or electro-magnetic energy.

  *

  *

    "

and then s 2(4) and (5):


(2) For the purposes of this Act, but subject to the following provisions
of this section, a person intercepts a communication in the course of its
transmission by means of a telecommunication system if, and only if,he---
(a) so modifies or interferes with the system, or its operation,
(b) so monitors transmissions made by means of the system, or
(c) so monitors transmissions made by wireless telegraphy to or
from apparatus comprised in the system,
as to make some or all of the contents of the communication available,
while being transmitted, to a person other than the sender or intended
recipient of the communication.
(3) References in this Act to the interception of a communication do
not include references to the interception of any communication
broadcast for general reception.
(4) For the purposes of this Act the interception of a communication
takes place in the United Kingdom if, and only if, the modification,
interference or monitoring or, in the case of a postal item, the 
interception
is effected by conduct within the United Kingdom and the
communication is either---
(a) intercepted in the course of its transmission by means of a public
postal service or public telecommunication system; or
(b) intercepted in the course of its transmission by means of a private
telecommunication system in a case in which the sender or
intended recipient of the communication is in the United
Kingdom.
(5) References in this Act to the interception of a communication in the
course of its transmission by means of a postal service or
telecommunication system do not include references to---
(a) any conduct that takes place in relation only to so much of the
communication as consists in any traffic data comprised in or
attached to a communication (whether by the sender or
otherwise) for the purposes of any postal service or
telecommunication system by means of which it is being or may
be transmitted; or
(b) any such conduct, in connection with conduct falling within
paragraph (a), as gives a person who is neither the sender nor
the intended recipient only so much access to a communication
as is necessary for the purpose


The issue is where the interception or monitoring takes place

Peter Sommer


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.chiark.greenend.org.uk/pipermail/ukcrypto/attachments/20120808/c992f76b/attachment-0001.html>

From chl at clerew.man.ac.uk  Wed Aug  8 14:12:22 2012
From: chl at clerew.man.ac.uk (Charles Lindsey)
Date: Wed, 08 Aug 2012 14:12:22 +0100
Subject: What is a "communication" (was Re: sorry, but ...
In-Reply-To: <50223C3E.2010109@gmx.net>
References: <500F1A54.4040204@zen.co.uk> <500F2335.7090602@zen.co.uk>
	<500FA83C.2070209@gmx.net> <500FE86B.4010308@zen.co.uk>
	<op.wh1x0btp6hl8nm@clerew.man.ac.uk> <CML5xvHRHUEQFAKc@perry.co.uk>
	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk>
	<ORKqm7TXOsEQFAqA@perry.co.uk> <5013180A.2020800@zen.co.uk>
	<IeqblrkR8OFQFADx@perry.co.uk> <50153B63.6030602@zen.co.uk>
	<9p2mosohI6FQFAGq@perry.co.uk> <5017D91C.1050209@gmx.net>
	<t4$y8OLLgDGQFANU@perry.co.uk> <501903C6.8060506@gmx.net>
	<op.wioggrjh6hl8nm@clerew.man.ac.uk> <5021718C.1000203@zen.co.uk>
	<op.wipuv91k6hl8nm@clerew.man.ac.uk> <50223C3E.2010109@gmx.net>
Message-ID: <op.wip4awrc6hl8nm@clerew.man.ac.uk>

On Wed, 08 Aug 2012 11:15:26 +0100, Caspar Bowden (travelling)  
<tharg at gmx.net> wrote:

>> Which is irrelevant to the case in question, which was concerned with
>> interception *without* a warrant.
>
> I thought we were discussing the case of intercepting "external" vs.
> "internal" both of which require warrants (as opposed to stuff
> originating and finishing outside UK which requires no warrant at all -
> like all other countries AFAIK)

Ah! So Alice is outside the UK, but the place where the message is  
'exploded' is in a location where "they" can intercept it. At that stage  
they don't know who the recipients are (just that they are Alice's  
"friends"). They don't know whether Bob (in the UK) is one of them, so  
they get to see a message with anonymous recipients, now AFATCS related to  
Bob. So that is probably OK.

But if the messaging system does include To: addresses, in some envelope  
or otherwise, thay can hardly fail to notice that Bob (known to be in the  
UK) is a recipient, inless their cunning software edits him out of the  
recipients list before they get to read it.

Again, if the message is addressed to a mailing list expander, then the  
ultimate recipients are anonymous, but if the mailing list itself (which  
is the addressee at that point) is clearly UK-based, then they are stuck.

But the whole point of my series of messages is that "they" must be able  
to show "plausible deniability" that they are not intercepting messages  
addressed to UK recipients, and that how they achieve that is "their"  
problem.

-- 
Charles?H.?Lindsey?---------At?Home,?doing?my?own?thing------------------------
Tel:?+44?161?436?6131?                      
???Web:?http://www.cs.man.ac.uk/~chl
Email:?chl at clerew.man.ac.uk??????Snail:?5?Clerewood?Ave,?CHEADLE,?SK8?3JU,?U.K.
PGP:?2C15F1A9??????Fingerprint:?73?6D?C2?51?93?A0?01?E7?65?E8?64?7E?14?A4?AB?A5


From tharg at gmx.net  Wed Aug  8 15:24:33 2012
From: tharg at gmx.net (Caspar Bowden (travelling))
Date: Wed, 08 Aug 2012 16:24:33 +0200
Subject: What is a "communication" (was Re: sorry, but ...
In-Reply-To: <op.wip4awrc6hl8nm@clerew.man.ac.uk>
References: <500F1A54.4040204@zen.co.uk> <500F2335.7090602@zen.co.uk>
	<500FA83C.2070209@gmx.net> <500FE86B.4010308@zen.co.uk>
	<op.wh1x0btp6hl8nm@clerew.man.ac.uk> <CML5xvHRHUEQFAKc@perry.co.uk>
	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk>
	<ORKqm7TXOsEQFAqA@perry.co.uk> <5013180A.2020800@zen.co.uk>
	<IeqblrkR8OFQFADx@perry.co.uk> <50153B63.6030602@zen.co.uk>
	<9p2mosohI6FQFAGq@perry.co.uk> <5017D91C.1050209@gmx.net>
	<t4$y8OLLgDGQFANU@perry.co.uk> <501903C6.8060506@gmx.net>
	<op.wioggrjh6hl8nm@clerew.man.ac.uk> <5021718C.1000203@zen.co.uk>
	<op.wipuv91k6hl8nm@clerew.man.ac.uk> <50223C3E.2010109@gmx.net>
	<op.wip4awrc6hl8nm@clerew.man.ac.uk>
Message-ID: <502276A1.5020603@gmx.net>

On 08/08/2012 03:12 PM, Charles Lindsey wrote:
> ...
> But the whole point of my series of messages is that "they" must be 
> able to show "plausible deniability" that they are not intercepting 
> messages addressed to UK recipients, and that how they achieve that is 
> "their" problem.

So it is a critical point, and AFAIK there is only the Bassam letter to 
go on. Might I suggest Charles that you draft a letter to the 
Interception Commissioner, we tweak it a bit on the list, and then you 
write to him and ask him ? It's literally the only way to settle the 
point, and it would be interesting to see what the response is.

It also would have quite a lot of legal significance IMHO, if someone 
were later to start a IPT complaint (preliminary to a Strasbourg 
challenge) about the forseeability in the quality of law and oversight 
of the UK regime

Caspar


From zenadsl6186 at zen.co.uk  Wed Aug  8 18:56:29 2012
From: zenadsl6186 at zen.co.uk (Peter Fairbrother)
Date: Wed, 08 Aug 2012 18:56:29 +0100
Subject: What is a "communication" (was Re: sorry, but ...
In-Reply-To: <op.wipuv91k6hl8nm@clerew.man.ac.uk>
References: <500F1A54.4040204@zen.co.uk>
	<500F2335.7090602@zen.co.uk>	<500FA83C.2070209@gmx.net>
	<500FE86B.4010308@zen.co.uk>	<op.wh1x0btp6hl8nm@clerew.man.ac.uk>
	<CML5xvHRHUEQFAKc@perry.co.uk>	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk>	<ORKqm7TXOsEQFAqA@perry.co.uk>
	<5013180A.2020800@zen.co.uk>	<IeqblrkR8OFQFADx@perry.co.uk>
	<50153B63.6030602@zen.co.uk>	<9p2mosohI6FQFAGq@perry.co.uk>
	<5017D91C.1050209@gmx.net>	<t4$y8OLLgDGQFANU@perry.co.uk>
	<501903C6.8060506@gmx.net>	<op.wioggrjh6hl8nm@clerew.man.ac.uk>
	<5021718C.1000203@zen.co.uk> <op.wipuv91k6hl8nm@clerew.man.ac.uk>
Message-ID: <5022A84D.8030600@zen.co.uk>

On 08/08/12 10:49, Charles Lindsey wrote:
> On Tue, 07 Aug 2012 20:50:36 +0100, Peter Fairbrother
> <zenadsl6186 at zen.co.uk> wrote:
>
>> On 07/08/12 16:39, Charles Lindsey wrote:
>
>>> I would have expected exactly the opposite.
>>>
>>> If the message is from Alice (known to be in the UK, and easily shown to
>>> be such) via Facebook to Bob (who happens to be in the UK) and Others
>>> (outside the UK, and probably a bunch of villains) then if "they"
>>> intercept the message on its way to Facebook without warrant, they have
>>> intercepted a message from Alice to Bob, which is not allowed. End of
>>> story AFAICS.
>>>
>>> If "they" imagine that they are intecepting messages from Alice to the
>>> villains, they have neverthelsss intercepted Alice to Bob (because the
>>> same message is sent to all of them). They can't pretend they have read
>>> the body of the message to the villains but carefully omitted to read
>>> the message to Bob, unless they are wearing glasses with some very
>>> peculiar filters in them indeed.
>>>
>>> There is an onus on "them" not to break the law - how they avoid that is
>>> their problem but, in this case the technology is definitely against
>>> them.
>>>
>>
>> RIPA S.5(6): The conduct authorised by an interception warrant shall
>> be taken to include?
>>
>> (a) all such conduct (including the interception of communications not
>> identified by the warrant) as it is necessary to undertake in order to
>> do what is expressly authorised or required by the warrant;
>
> Which is irrelevant to the case in question, which was concerned with
> interception *without* a warrant.

They cannot intercept external traffic without a warrant. Assuming that 
their interception of external traffic would be lawful, then a warrant 
for external interception must have been issued.

The rules about external certificated warrants are a little different, 
but they are exactly the same RIPA section 5 warrants as are used to do 
domestic interception.


I reread your post, and this part stood out: "if "they" intercept the 
message on its way to Facebook without warrant...".

Even if the message is only from Alice  to the bad foreign guys, and not 
to Bob, it would still be illegal - they need a warrant to do that.

-- Peter Fairbrother


From zenadsl6186 at zen.co.uk  Wed Aug  8 19:10:40 2012
From: zenadsl6186 at zen.co.uk (Peter Fairbrother)
Date: Wed, 08 Aug 2012 19:10:40 +0100
Subject: What is a "communication" (was Re: sorry, but ...
In-Reply-To: <op.wip4awrc6hl8nm@clerew.man.ac.uk>
References: <500F1A54.4040204@zen.co.uk>
	<500F2335.7090602@zen.co.uk>	<500FA83C.2070209@gmx.net>
	<500FE86B.4010308@zen.co.uk>	<op.wh1x0btp6hl8nm@clerew.man.ac.uk>
	<CML5xvHRHUEQFAKc@perry.co.uk>	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk>	<ORKqm7TXOsEQFAqA@perry.co.uk>
	<5013180A.2020800@zen.co.uk>	<IeqblrkR8OFQFADx@perry.co.uk>
	<50153B63.6030602@zen.co.uk>	<9p2mosohI6FQFAGq@perry.co.uk>
	<5017D91C.1050209@gmx.net>	<t4$y8OLLgDGQFANU@perry.co.uk>
	<501903C6.8060506@gmx.net>	<op.wioggrjh6hl8nm@clerew.man.ac.uk>
	<5021718C.1000203@zen.co.uk>	<op.wipuv91k6hl8nm@clerew.man.ac.uk>
	<50223C3E.2010109@gmx.net> <op.wip4awrc6hl8nm@clerew.man.ac.uk>
Message-ID: <5022ABA0.40303@zen.co.uk>

On 08/08/12 14:12, Charles Lindsey wrote:

> But the whole point of my series of messages is that "they" must be able
> to show "plausible deniability" that they are not intercepting messages
> addressed to UK recipients, and that how they achieve that is "their"
> problem.
>

Ah, but they do not have to do that. There is no law which says they 
have to do that.

They only have (maybe someday) to show (to their pet stooge 
commissioner) that their conduct was lawful.

And in many circumstances, including the ones mentioned, intercepting 
traffic from Alice to Bob, even traffic which never leaves the country, 
_is_ lawful conduct. Even if there is no warrant which specifically 
authorises it.

If it is technically necessary in pursuit of a warrant which covers 
other things, it's lawful. If it's done in pursuit of traffic data, it's 
lawful. There are many other instances.

And that's just RIPA - the new bill makes things a lot worse.



-- Peter Fairbrother


From zenadsl6186 at zen.co.uk  Wed Aug  8 19:29:32 2012
From: zenadsl6186 at zen.co.uk (Peter Fairbrother)
Date: Wed, 08 Aug 2012 19:29:32 +0100
Subject: What is a "communication" (was Re: sorry, but ...
In-Reply-To: <502230FB.1050702@pmsommer.com>
References: <500F1A54.4040204@zen.co.uk>
	<500F2335.7090602@zen.co.uk>	<500FA83C.2070209@gmx.net>
	<500FE86B.4010308@zen.co.uk>	<op.wh1x0btp6hl8nm@clerew.man.ac.uk>
	<CML5xvHRHUEQFAKc@perry.co.uk>	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk>	<ORKqm7TXOsEQFAqA@perry.co.uk>
	<5013180A.2020800@zen.co.uk>	<IeqblrkR8OFQFADx@perry.co.uk>
	<50153B63.6030602@zen.co.uk>	<9p2mosohI6FQFAGq@perry.co.uk>
	<5017D91C.1050209@gmx.net>	<t4$y8OLLgDGQFANU@perry.co.uk>
	<501903C6.8060506@gmx.net>	<op.wioggrjh6hl8nm@clerew.man.ac.uk>	<9E957DE5-4E56-4A6D-A743-A6F665297E66@batten.eu.org>
	<502230FB.1050702@pmsommer.com>
Message-ID: <5022B00C.1090205@zen.co.uk>

On 08/08/12 10:27, Peter Sommer wrote:
>   Contributors to this thread might like to take a careful look at RIPA
> s 2(1) which provides some definitions and addresses the issue of

[...]

> (4) For the purposes of this Act the interception of a communication
> takes place in the United Kingdom if, and only if, the modification,
> interference or monitoring or, in the case of a postal item, the
> interception
> is effected by conduct within the United Kingdom


I often wonder what that means. Suppose I order an interception done 
while I'm in the UK, but all the other actions take place abroad - does 
that mean I have "effected the interception" by conduct within the UK?

In US corporate-speak I have, but maybe not in UK law-speak.

> and the communication is either?
> (a) intercepted in the course of its transmission by means of a public
> postal service or public telecommunication system; or
> (b) intercepted in the course of its transmission by means of a private
> telecommunication system in a case in which the sender or
> intended recipient of the communication is in the United
> Kingdom.


> (5) References in this Act to the interception of a communication in the
> course of its transmission by means of a postal service or
> telecommunication system do not include references to?
> (a) any conduct that takes place in relation only to so much of the
> communication as consists in any traffic data comprised in or
> attached to a communication (whether by the sender or
> otherwise) for the purposes of any postal service or
> telecommunication system by means of which it is being or may
> be transmitted; or
> (b) any such conduct, in connection with conduct falling within
> paragraph (a), as gives a person who is neither the sender nor
> the intended recipient only so much access to a communication
> as is necessary for the purpose

And here is another can of worms.

In general it is a principle of UK law that evidence once obtained can 
be presented, whether the obtaining was lawful or not.

I think that also applies to this situation where once the communication 
has been intercepted (except it isn't intercepted, because s.2(5) says 
it isn't - let's just say that they have seen the content) then they can 
use the content for lawful purposes like preventing or detecting crime.

I might be wrong, and a Judge might say that that secondary use of the 
content gave someone further access to the content, and it was thus not 
covered by 2(5). But it is not clear.


> The issue is where the interception or monitoring takes place

The "effecting" of the interception, no?


-- Peter Fairbrother


From chl at clerew.man.ac.uk  Thu Aug  9 10:54:54 2012
From: chl at clerew.man.ac.uk (Charles Lindsey)
Date: Thu, 09 Aug 2012 10:54:54 +0100
Subject: What is a "communication" (was Re: sorry, but ...
In-Reply-To: <5022B00C.1090205@zen.co.uk>
References: <500F1A54.4040204@zen.co.uk> <500F2335.7090602@zen.co.uk>
	<500FA83C.2070209@gmx.net> <500FE86B.4010308@zen.co.uk>
	<op.wh1x0btp6hl8nm@clerew.man.ac.uk> <CML5xvHRHUEQFAKc@perry.co.uk>
	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk>
	<ORKqm7TXOsEQFAqA@perry.co.uk> <5013180A.2020800@zen.co.uk>
	<IeqblrkR8OFQFADx@perry.co.uk> <50153B63.6030602@zen.co.uk>
	<9p2mosohI6FQFAGq@perry.co.uk> <5017D91C.1050209@gmx.net>
	<t4$y8OLLgDGQFANU@perry.co.uk> <501903C6.8060506@gmx.net>
	<op.wioggrjh6hl8nm@clerew.man.ac.uk>
	<9E957DE5-4E56-4A6D-A743-A6F665297E66@batten.eu.org>
	<502230FB.1050702@pmsommer.com> <5022B00C.1090205@zen.co.uk>
Message-ID: <op.wirptsgw6hl8nm@clerew.man.ac.uk>

On Wed, 08 Aug 2012 19:29:32 +0100, Peter Fairbrother  
<zenadsl6186 at zen.co.uk> wrote:

>> (5) References in this Act to the interception of a communication in the
>> course of its transmission by means of a postal service or
>> telecommunication system do not include references to?
>> (a) any conduct that takes place in relation only to so much of the
>> communication as consists in any traffic data comprised in or
>> attached to a communication (whether by the sender or
>> otherwise) for the purposes of any postal service or
>> telecommunication system by means of which it is being or may
>> be transmitted; or
>> (b) any such conduct, in connection with conduct falling within
>> paragraph (a), as gives a person who is neither the sender nor
>> the intended recipient only so much access to a communication
>> as is necessary for the purpose
>
> And here is another can of worms.
>
> In general it is a principle of UK law that evidence once obtained can  
> be presented, whether the obtaining was lawful or not.

Unless it is explicitly forbidden (e.g. evidence gained by interception  
may not be presented in court).

In this case, which explicitly contains the word "only", if they trawl for  
traffic data, and their "conduct" is so badly conducted that they pick up  
some non-traffic data, they may be able to "present" it in some sense, as  
you say, but they have still committed the crime of interception and a  
prosecution against them should succeed.

As I said in an earlier post, if their conduct included a filter that  
removed certain headers before they got to see it they might get away with  
it.

-- 
Charles?H.?Lindsey?---------At?Home,?doing?my?own?thing------------------------
Tel:?+44?161?436?6131?                      
???Web:?http://www.cs.man.ac.uk/~chl
Email:?chl at clerew.man.ac.uk??????Snail:?5?Clerewood?Ave,?CHEADLE,?SK8?3JU,?U.K.
PGP:?2C15F1A9??????Fingerprint:?73?6D?C2?51?93?A0?01?E7?65?E8?64?7E?14?A4?AB?A5


From chl at clerew.man.ac.uk  Thu Aug  9 10:59:36 2012
From: chl at clerew.man.ac.uk (Charles Lindsey)
Date: Thu, 09 Aug 2012 10:59:36 +0100
Subject: What is a "communication" (was Re: sorry, but ...
In-Reply-To: <5022A84D.8030600@zen.co.uk>
References: <500F1A54.4040204@zen.co.uk> <500F2335.7090602@zen.co.uk>
	<500FA83C.2070209@gmx.net> <500FE86B.4010308@zen.co.uk>
	<op.wh1x0btp6hl8nm@clerew.man.ac.uk> <CML5xvHRHUEQFAKc@perry.co.uk>
	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk>
	<ORKqm7TXOsEQFAqA@perry.co.uk> <5013180A.2020800@zen.co.uk>
	<IeqblrkR8OFQFADx@perry.co.uk> <50153B63.6030602@zen.co.uk>
	<9p2mosohI6FQFAGq@perry.co.uk> <5017D91C.1050209@gmx.net>
	<t4$y8OLLgDGQFANU@perry.co.uk> <501903C6.8060506@gmx.net>
	<op.wioggrjh6hl8nm@clerew.man.ac.uk> <5021718C.1000203@zen.co.uk>
	<op.wipuv91k6hl8nm@clerew.man.ac.uk> <5022A84D.8030600@zen.co.uk>
Message-ID: <op.wirp1mj26hl8nm@clerew.man.ac.uk>

On Wed, 08 Aug 2012 18:56:29 +0100, Peter Fairbrother  
<zenadsl6186 at zen.co.uk> wrote:

>> Which is irrelevant to the case in question, which was concerned with
>> interception *without* a warrant.
>
> They cannot intercept external traffic without a warrant. Assuming that  
> their interception of external traffic would be lawful, then a warrant  
> for external interception must have been issued.
>
> The rules about external certificated warrants are a little different,  
> but they are exactly the same RIPA section 5 warrants as are used to do  
> domestic interception.

Yes, I was assuming that external certificated warrants would be as common  
as muck, and be so broadly drafted as to permit almost any interception of  
external traffic, rendering them essentially meaningless.

-- 
Charles?H.?Lindsey?---------At?Home,?doing?my?own?thing------------------------
Tel:?+44?161?436?6131?                      
???Web:?http://www.cs.man.ac.uk/~chl
Email:?chl at clerew.man.ac.uk??????Snail:?5?Clerewood?Ave,?CHEADLE,?SK8?3JU,?U.K.
PGP:?2C15F1A9??????Fingerprint:?73?6D?C2?51?93?A0?01?E7?65?E8?64?7E?14?A4?AB?A5


From zenadsl6186 at zen.co.uk  Thu Aug  9 13:33:04 2012
From: zenadsl6186 at zen.co.uk (Peter Fairbrother)
Date: Thu, 09 Aug 2012 13:33:04 +0100
Subject: What is a "communication" (was Re: sorry, but ...
In-Reply-To: <op.wirptsgw6hl8nm@clerew.man.ac.uk>
References: <500F1A54.4040204@zen.co.uk>
	<500F2335.7090602@zen.co.uk>	<500FA83C.2070209@gmx.net>
	<500FE86B.4010308@zen.co.uk>	<op.wh1x0btp6hl8nm@clerew.man.ac.uk>
	<CML5xvHRHUEQFAKc@perry.co.uk>	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk>	<ORKqm7TXOsEQFAqA@perry.co.uk>
	<5013180A.2020800@zen.co.uk>	<IeqblrkR8OFQFADx@perry.co.uk>
	<50153B63.6030602@zen.co.uk>	<9p2mosohI6FQFAGq@perry.co.uk>
	<5017D91C.1050209@gmx.net>	<t4$y8OLLgDGQFANU@perry.co.uk>
	<501903C6.8060506@gmx.net>	<op.wioggrjh6hl8nm@clerew.man.ac.uk>	<9E957DE5-4E56-4A6D-A743-A6F665297E66@batten.eu.org>	<502230FB.1050702@pmsommer.com>
	<5022B00C.1090205@zen.co.uk> <op.wirptsgw6hl8nm@clerew.man.ac.uk>
Message-ID: <5023AE00.5070503@zen.co.uk>

On 09/08/12 10:54, Charles Lindsey wrote:
> On Wed, 08 Aug 2012 19:29:32 +0100, Peter Fairbrother
> <zenadsl6186 at zen.co.uk> wrote:
>
>>> (5) References in this Act to the interception of a communication
>>> in the course of its transmission by means of a postal service
>>> or telecommunication system do not include references to? (a) any
>>> conduct that takes place in relation only to so much of the
>>> communication as consists in any traffic data comprised in or
>>> attached to a communication (whether by the sender or otherwise)
>>> for the purposes of any postal service or telecommunication
>>> system by means of which it is being or may be transmitted; or
>>> (b) any such conduct, in connection with conduct falling within
>>> paragraph (a), as gives a person who is neither the sender nor
>>> the intended recipient only so much access to a communication as
>>> is necessary for the purpose
>>
>> And here is another can of worms.
>>
>> In general it is a principle of UK law that evidence once obtained
>> can be presented, whether the obtaining was lawful or not.
>
> Unless it is explicitly forbidden (e.g. evidence gained by
> interception may not be presented in court).


Not exactly. What is forbidden is presenting any evidence (including
intercepted content) which suggests that a s.5 warrant has been issued,
or that an illegal interception has taken place. s.18 is a bit more
complicated than that, but that's the gist.


For the sake of any doubt, I are talking here about a situation where eg 
a Policeman is searching for traffic data and incidentally sees message 
content as part of that search; and any further uses that data may then 
be put to, for example as intelligence or as evidence.


So if no illegal interception took place [1], and no warrant was
involved - as in the 2(5) situation we are talking about where people
are looking for traffic data and do not use or need a warrant - then 
evidence including content of messages can be presented in Court.

[1] no interception at all took place, even though they saw content; see 
5(a) above, and below.



> In this case, which explicitly contains the word "only", if they
> trawl for traffic data, and their "conduct" is so badly conducted
> that they pick up some non-traffic data, they may be able to
> "present" it in some

> sense, as you say, but they have still committed the crime of
> interception and a prosecution against them should succeed.


No, they have not committed any crime - they haven't even committed an 
interception, because s.2(5) specifically says they haven't, even though 
they monitored and saw content.

And s.18 would not prevent any product of the monitoring from being
presented in court, as no warrant was involved.


On 08/08/12 19:29, Peter Fairbrother continued:
> I think that also applies to this situation where once the
> communication has been intercepted (except it isn't intercepted,
> because s.2(5) says it isn't - let's just say that they have seen the
> content) then they can use the content for lawful purposes like
> preventing or detecting crime.
>
> I might be wrong, and a Judge might say that that secondary use of
> the content gave someone further access to the content, and it was
> thus not covered by 2(5). But it is not clear



I am going on about this further use of incidentally-seen content point 
a bit, as it is potentially very important in the context of the new 
bill which allows much more searching-for-traffic-data.

It's maybe not the intention, but any content incidentally seen during
those searches might well be fair game for further uses.

Perhaps most important of all, the content incidentally seen during the 
sort of searches envisaged in and made lawful by the new Bill would 
necessarily include the content of large chunks of the internet: almost 
all social network traffic content, and a whole lot more.

BTW, that "necessarily" is also the "necessary" in the final line of 
2(5). They cannot find secondary traffic data in a mass of content 
without looking at that content, it's simply not possible.




Now, can you see a Judge (or the "Supreme" Court) saying "you can't use 
this as intelligence even though you already have it (and have it 
legally)"?  I don't think it likely, based on similar decisions in the 
past.

Use in evidence may be slightly more controversial, but afaics legally 
the issue isn't any different.




On another point entirely (or perhaps not...), there is more than a hint 
of what is going on elsewhere in the fact that a certificated warrant 
cannot (usually) target communications to or from a person or place - 
they are for blanket fishing searches. They are of no use for anything else.

-- Peter Fairbrother


From chl at clerew.man.ac.uk  Thu Aug  9 22:20:22 2012
From: chl at clerew.man.ac.uk (Charles Lindsey)
Date: Thu, 09 Aug 2012 22:20:22 +0100
Subject: What is a "communication" (was Re: sorry, but ...
In-Reply-To: <5023AE00.5070503@zen.co.uk>
References: <500F1A54.4040204@zen.co.uk> <500F2335.7090602@zen.co.uk>
	<500FA83C.2070209@gmx.net> <500FE86B.4010308@zen.co.uk>
	<op.wh1x0btp6hl8nm@clerew.man.ac.uk> <CML5xvHRHUEQFAKc@perry.co.uk>
	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk>
	<ORKqm7TXOsEQFAqA@perry.co.uk> <5013180A.2020800@zen.co.uk>
	<IeqblrkR8OFQFADx@perry.co.uk> <50153B63.6030602@zen.co.uk>
	<9p2mosohI6FQFAGq@perry.co.uk> <5017D91C.1050209@gmx.net>
	<t4$y8OLLgDGQFANU@perry.co.uk> <501903C6.8060506@gmx.net>
	<op.wioggrjh6hl8nm@clerew.man.ac.uk>
	<9E957DE5-4E56-4A6D-A743-A6F665297E66@batten.eu.org>
	<502230FB.1050702@pmsommer.com> <5022B00C.1090205@zen.co.uk>
	<op.wirptsgw6hl8nm@clerew.man.ac.uk> <5023AE00.5070503@zen.co.uk>
Message-ID: <op.wislj8av6hl8nm@clerew.man.ac.uk>

On Thu, 09 Aug 2012 13:33:04 +0100, Peter Fairbrother  
<zenadsl6186 at zen.co.uk> wrote:

> For the sake of any doubt, I are talking here about a situation where eg  
> a Policeman is searching for traffic data and incidentally sees message  
> content as part of that search; and any further uses that data may then  
> be put to, for example as intelligence or as evidence.

But the "conduct" of Plod in this case is not covered by either (a) or (b)  
in:

(5) References in this Act to the interception of a communication in the
course of its transmission by means of a postal service or
telecommunication system do not include references to---
(a) any conduct that takes place in relation only to so much of the
communication as consists in any traffic data comprised in or
attached to a communication (whether by the sender or
otherwise) for the purposes of any postal service or
telecommunication system by means of which it is being or may
be transmitted; or
(b) any such conduct, in connection with conduct falling within
paragraph (a), as gives a person who is neither the sender nor
the intended recipient only so much access to a communication
as is necessary for the purpose

because it takes place in relation to a portion of the communication which  
does not consist of traffic data and it was not necessary to see that  
message content because he could/should have averted his eyes (aka used a  
properly designed filter) when he came to it.

Only if it could be demonstrated that designing such a filter was truly  
impossible could it be claimed that his conduct was "necessary".  
Otherwise, it WAS interception, and he had no warrant to legitimise it.

> [1] no interception at all took place, even though they saw content; see  
> 5(a) above, and below.

No, he is not covered at all by 5(a). There is a slight possibility that  
he might be covered by 5(b), but he would have to justify that.

> BTW, that "necessarily" is also the "necessary" in the final line of  
> 2(5). They cannot find secondary traffic data in a mass of content  
> without looking at that content, it's simply not possible.

Isn't it? Negatives are notoriously difficult to prove.

-- 
Charles?H.?Lindsey?---------At?Home,?doing?my?own?thing------------------------
Tel:?+44?161?436?6131?                      
???Web:?http://www.cs.man.ac.uk/~chl
Email:?chl at clerew.man.ac.uk??????Snail:?5?Clerewood?Ave,?CHEADLE,?SK8?3JU,?U.K.
PGP:?2C15F1A9??????Fingerprint:?73?6D?C2?51?93?A0?01?E7?65?E8?64?7E?14?A4?AB?A5


From colinthomson1 at o2.co.uk  Fri Aug 10 11:39:35 2012
From: colinthomson1 at o2.co.uk (Tom Thomson)
Date: Fri, 10 Aug 2012 11:39:35 +0100
Subject: What is a "communication" (was Re: sorry, but ...
In-Reply-To: <op.wislj8av6hl8nm@clerew.man.ac.uk>
References: <500F1A54.4040204@zen.co.uk>
	<500F2335.7090602@zen.co.uk><500FA83C.2070209@gmx.net>
	<500FE86B.4010308@zen.co.uk><op.wh1x0btp6hl8nm@clerew.man.ac.uk>
	<CML5xvHRHUEQFAKc@perry.co.uk><op.wh3nj7gb6hl8nm@clerew.man.ac.uk><ORKqm7TXOsEQFAqA@perry.co.uk>
	<5013180A.2020800@zen.co.uk><IeqblrkR8OFQFADx@perry.co.uk>
	<50153B63.6030602@zen.co.uk><9p2mosohI6FQFAGq@perry.co.uk>
	<5017D91C.1050209@gmx.net><t4$y8OLLgDGQFANU@perry.co.uk>
	<501903C6.8060506@gmx.net><op.wioggrjh6hl8nm@clerew.man.ac.uk><9E957DE5-4E56-4A6D-A743-A6F665297E66@batten.eu.org><502230FB.1050702@pmsommer.com>
	<5022B00C.1090205@zen.co.uk><op.wirptsgw6hl8nm@clerew.man.ac.uk>
	<5023AE00.5070503@zen.co.uk> <op.wislj8av6hl8nm@clerew.man.ac.uk>
Message-ID: <6AF05B7999F44DF994AF70B8D091471B@your41b8d18ede>


> -----Original Message-----
> From: ukcrypto-bounces at chiark.greenend.org.uk [mailto:ukcrypto-
> bounces at chiark.greenend.org.uk] On Behalf Of Charles Lindsey
> Sent: 09 August 2012 22:20
> To: UK Cryptography Policy Discussion Group
> Subject: Re: What is a "communication" (was Re: sorry, but ...
> 
> On Thu, 09 Aug 2012 13:33:04 +0100, Peter Fairbrother
> <zenadsl6186 at zen.co.uk> wrote:
> 
> > For the sake of any doubt, I are talking here about a situation where eg
> > a Policeman is searching for traffic data and incidentally sees message
> > content as part of that search; and any further uses that data may then
> > be put to, for example as intelligence or as evidence.
> 
> But the "conduct" of Plod in this case is not covered by either (a) or (b)
> in:
> 
> (5) References in this Act to the interception of a communication in the
> course of its transmission by means of a postal service or
> telecommunication system do not include references to---
> (a) any conduct that takes place in relation only to so much of the
> communication as consists in any traffic data comprised in or
> attached to a communication (whether by the sender or
> otherwise) for the purposes of any postal service or
> telecommunication system by means of which it is being or may
> be transmitted; or
> (b) any such conduct, in connection with conduct falling within
> paragraph (a), as gives a person who is neither the sender nor
> the intended recipient only so much access to a communication
> as is necessary for the purpose
> 
> because it takes place in relation to a portion of the communication which
> does not consist of traffic data and it was not necessary to see that
> message content because he could/should have averted his eyes (aka used a
> properly designed filter) when he came to it.
> 
> Only if it could be demonstrated that designing such a filter was truly
> impossible could it be claimed that his conduct was "necessary".
> Otherwise, it WAS interception, and he had no warrant to legitimise it.
> 
> > [1] no interception at all took place, even though they saw content; see
> > 5(a) above, and below.
> 
> No, he is not covered at all by 5(a). There is a slight possibility that
> he might be covered by 5(b), but he would have to justify that.
> 
> > BTW, that "necessarily" is also the "necessary" in the final line of
> > 2(5). They cannot find secondary traffic data in a mass of content
> > without looking at that content, it's simply not possible.
> 
> Isn't it? Negatives are notoriously difficult to prove.
> 
In addition to Charles' points above, there seems to me to be yet another problem if this content is used in investigations and/or in prosecutions since this will inevitably entail informing other police officers, and also crown prosecutors, solicitors, and barristers (or procurators fiscal, solicitors, and advocates elsewhere in the Kingdom) .  Even if Charles were wrong (I don't for a moment imagine he is, but that's by the bye) and the content had not yet been intercepted, it would now be being made available to another party, and that making available is not an inevitable consequence of of obtaining the traffic data (since the policeman originally concerned is clearly capable of separating the traffic data and passing only that on to his superiors (or his juniors or colleagues or the prosecuting officials) so it is quite certainly an interception, and hence illegal since there is no warrant.

M.



From zenadsl6186 at zen.co.uk  Sun Aug 12 00:08:12 2012
From: zenadsl6186 at zen.co.uk (Peter Fairbrother)
Date: Sun, 12 Aug 2012 00:08:12 +0100
Subject: What is a "communication" (was Re: sorry, but ...
In-Reply-To: <6AF05B7999F44DF994AF70B8D091471B@your41b8d18ede>
References: <500F1A54.4040204@zen.co.uk>	<500F2335.7090602@zen.co.uk><500FA83C.2070209@gmx.net>	<500FE86B.4010308@zen.co.uk><op.wh1x0btp6hl8nm@clerew.man.ac.uk>	<CML5xvHRHUEQFAKc@perry.co.uk><op.wh3nj7gb6hl8nm@clerew.man.ac.uk><ORKqm7TXOsEQFAqA@perry.co.uk>	<5013180A.2020800@zen.co.uk><IeqblrkR8OFQFADx@perry.co.uk>	<50153B63.6030602@zen.co.uk><9p2mosohI6FQFAGq@perry.co.uk>	<5017D91C.1050209@gmx.net><t4$y8OLLgDGQFANU@perry.co.uk>	<501903C6.8060506@gmx.net><op.wioggrjh6hl8nm@clerew.man.ac.uk><9E957DE5-4E56-4A6D-A743-A6F665297E66@batten.eu.org><502230FB.1050702@pmsommer.com>	<5022B00C.1090205@zen.co.uk><op.wirptsgw6hl8nm@clerew.man.ac.uk>	<5023AE00.5070503@zen.co.uk>
	<op.wislj8av6hl8nm@clerew.man.ac.uk>
	<6AF05B7999F44DF994AF70B8D091471B@your41b8d18ede>
Message-ID: <5026E5DC.4040502@zen.co.uk>

On 10/08/12 11:39, Tom Thomson wrote:
>
>> -----Original Message----- From:
>> ukcrypto-bounces at chiark.greenend.org.uk [mailto:ukcrypto-
>> bounces at chiark.greenend.org.uk] On Behalf Of Charles Lindsey Sent:
>> 09 August 2012 22:20 To: UK Cryptography Policy Discussion Group
>> Subject: Re: What is a "communication" (was Re: sorry, but ...
>>
>> On Thu, 09 Aug 2012 13:33:04 +0100, Peter Fairbrother
>> <zenadsl6186 at zen.co.uk>  wrote:
>>
>>> For the sake of any doubt, I are talking here about a situation
>>> where eg a Policeman is searching for traffic data and
>>> incidentally sees message content as part of that search; and
>>> any further uses that data may then be put to, for example as
>>> intelligence or as evidence.
>>
>> But the "conduct" of Plod in this case is not covered by either
>> (a) or (b) in:
>>
>> (5) References in this Act to the interception of a communication
>> in the course of its transmission by means of a postal service or
>> telecommunication system do not include references to--- (a) any
>> conduct that takes place in relation only to so much of the
>> communication as consists in any traffic data comprised in or
>> attached to a communication (whether by the sender or otherwise)
>> for the purposes of any postal service or telecommunication system
>> by means of which it is being or may be transmitted; or (b) any
>> such conduct, in connection with conduct falling within paragraph
>> (a), as gives a person who is neither the sender nor the intended
>> recipient only so much access to a communication as is necessary
>> for the purpose
>>
>> because it takes place in relation to a portion of the
>> communication which does not consist of traffic data and it was
>> not necessary to see that message content because he could/should
>> have averted his eyes (aka used a properly designed filter) when he
>> came to it.
>>
>> Only if it could be demonstrated that designing such a filter was
>> truly impossible could it be claimed that his conduct was
>> "necessary". Otherwise, it WAS interception, and he had no warrant
>> to legitimise it.
>>
>>> [1] no interception at all took place, even though they saw
>>> content; see 5(a) above, and below.
>>
>> No, he is not covered at all by 5(a).

Sorry, my mistake. Meant 5(b), of course.

>> There is a slight possibility that he might be covered by 5(b), but
>> he would have to justify that.

When, and who to?

>>> BTW, that "necessarily" is also the "necessary" in the final
>>> line of 2(5). They cannot find secondary traffic data in a mass
>>> of content without looking at that content, it's simply not
>>> possible.
>>
>> Isn't it? Negatives are notoriously difficult to prove.

Maybe we are on different pages - I am, initially at least, just saying 
that in order to filter traffic data from the stream he has to look at 
the stream, in order to filter it.

Whether a computer filter or a human does the filtering, the raw 
unfiltered feed has to be looked at. Plod cannot filter it without 
looking at it, it is impossible.


Now some prefiltering which does not see content is perhaps possible on 
an internet feed, eg if you are looking for Facebook traffic data then 
you should not look at traffic to Lloyds bank or mywebsite, which can be 
identified by traffic data in the packet headers.


Now I guess Plod might want to look at traffic to/from mywebsite in 
order to find traffic data. That does contain some traffic which is not 
generally available - I use private URLs for this, and eg sometimes 
place family ancestry data there for my family, but not the world, to see.

I might use other means to communicate with others though, including 
maybe steganographic messaging (I don't, but I might) - however if I did 
there would be no traffic data in my communications with 
mywebsiteserver, whether I used private URLs or steganographic means. 
Any traffic data would flow on other channels.

But I might be forgetful someday, and leave some traffic data in my 
communications with mywebsiteserver. So maybe Plod would feel justified 
in passing my traffic beyond the first traffic-data based prefilter.



Another question here, is traffic between me and mywebsiteserver a 
communication? Between the webcam I set up in the PM's toilet and my 
computer?

There is in general no sender and intended recipient which both have 
personhood status.

I digress.



Getting back to the point, or nearer anyway, I can't imagine Plod/GCHQ 
saying, "hmm should we include mywebsite in our detailed searches? There 
may be no traffic data there", but rather they would most likely say 
"include mywebsite, it may have traffic data, and excluding it would be 
far too fine-grained a prefilter to write - Hmmm, in general just pass 
through everything unless we are sure it doesn't contain secondary 
traffic data, because we are looking for secondary traffic data which 
may be deliberately obscured or hidden."


And so, where do they draw the line? At Lloyds bank? That might be okay, 
except Standard Chartered was just found to have been hiding 
transactions and communictions with Iranians, so we want to look at 
Standard Chartered, and who's tosqy that Lloysds is rosy cheeked and 
shiny clean too?


So I can't really see where a prefilter operating only on packet traffic 
data would have any function - Plod/GCHQ would want to look further, and 
could show reason why almost any site or connection or link might be 
passing messages to the bad guys, and they want at least the associated 
traffic data.



Go on few levels, rinse and repeat, and you'll find that unless it's 
actually spelled out that they can't look at content while looking for 
traffic data in this or that situation, then they can look at content 
for their filters.

So in order to see what the new bill actually means we have to see where 
it's spelled out where they can't look at content.

And ooops, that's nowhere.







>>
> In addition to Charles' points above, there seems to me to be yet
> another problem if this content is used in investigations and/or in
> prosecutions since this will inevitably entail informing other
> police officers, and also crown prosecutors, solicitors, and
> barristers (or procurators fiscal, solicitors, and advocates
> elsewhere in the Kingdom) .  Even if Charles were wrong (I don't for
> a moment imagine he is, but that's by the bye) and the content had
> not yet been intercepted, it would now be being made available to
> another party,

yes

and that making available is not an inevitable
> consequence of of obtaining the traffic data (since the policeman
> originally concerned is clearly capable of separating the traffic
> data and passing only that on to his superiors (or his juniors or
> colleagues or the prosecuting officials))

yes

so it is quite certainly an
> interception,


ah, exactly why please? The making available? Yes, that might make it an 
interception.


and hence illegal since there is no warrant.

You may be right - but the "policeman originally concerned" (in reality 
a GCHQ officer, I can't imagine anyone else is going to be appointed as 
the filter-operating agency, with access to all the internet) can see 
everything.

If he sees a murder or a terrorist attack being planned, would he be 
expected to keep silent?

I doubt it. And Lord Bassam's comments as reported by Caspar would seem 
to strongly suggest he would not.


Maybe they have some sort of intersecting warrants, issued post-facto, 
to cover this situation? Hmm, that might limit it to "serious crime".

What if he sees someone was planning to do a fraud, or a burglary, or 
shoplift, or break a window - or just be nasty to their grandma?



The real question is, What is really planned?

To answer that I think we have to look at capabilities rather than 
intentions, as we do not know their intentions but we can get some idea 
of their capabilities as expressed in Law. And it loks to mevery like 
the capabilities asked for are pratty much " see everything, all the time.


Why is it okay for them to see traffic data but not content? 
Historically it's just because telephone bills had lists of calls, and 
Plod wanted to see them to help with their enquiries. There is no 
natural right for Plod to see traffic data.

There is a natural right to _prevent_ Plod seeing message content, the 
right to privacy. and it also applies to unnecessary looking at traffic 
data, or anything else which is private which Plod do not need to do in 
order to protect us from crime - we agree to a small invasion in our 
privacy in order to benefit from the increased freedom from the 
disadvantageous effects of crime policing brings.

The problem is in the accounting.

The invasion of privacy must be more than offset (yes, more than offset, 
not just balanced - the natural right and condition is to privacy) by 
the benefit that the better policing made possible by the invasion of 
the right to privacy confers.

And I do not see that that is the case even now, and it will be much 
less so when/after/if the new bill is passed.


-- Peter Fairbrother


From pwt at iosis.co.uk  Sun Aug 12 06:43:42 2012
From: pwt at iosis.co.uk (Peter Tomlinson)
Date: Sun, 12 Aug 2012 06:43:42 +0100
Subject: What is a "communication" (was Re: sorry, but ...
In-Reply-To: <5026E5DC.4040502@zen.co.uk>
References: <500F1A54.4040204@zen.co.uk>	<500F2335.7090602@zen.co.uk><500FA83C.2070209@gmx.net>	<500FE86B.4010308@zen.co.uk><op.wh1x0btp6hl8nm@clerew.man.ac.uk>	<CML5xvHRHUEQFAKc@perry.co.uk><op.wh3nj7gb6hl8nm@clerew.man.ac.uk><ORKqm7TXOsEQFAqA@perry.co.uk>	<5013180A.2020800@zen.co.uk><IeqblrkR8OFQFADx@perry.co.uk>	<50153B63.6030602@zen.co.uk><9p2mosohI6FQFAGq@perry.co.uk>	<5017D91C.1050209@gmx.net><t4$y8OLLgDGQFANU@perry.co.uk>	<501903C6.8060506@gmx.net><op.wioggrjh6hl8nm@clerew.man.ac.uk><9E957DE5-4E56-4A6D-A743-A6F665297E66@batten.eu.org><502230FB.1050702@pmsommer.com>	<5022B00C.1090205@zen.co.uk><op.wirptsgw6hl8nm@clerew.man.ac.uk>	<5023AE00.5070503@zen.co.uk><op.wislj8av6hl8nm@clerew.man.ac.uk><6AF05B7999F44DF994AF70B8D091471B@your41b8d18ede>
	<5026E5DC.4040502@zen.co.uk>
Message-ID: <5027428E.2020502@iosis.co.uk>


On 12/08/2012 00:08, Peter Fairbrother wrote:
> The invasion of privacy must be more than offset (yes, more than 
> offset, not just balanced - the natural right and condition is to 
> privacy) by the benefit that the better policing made possible by the 
> invasion of the right to privacy confers.
>
> And I do not see that that is the case even now, and it will be much 
> less so when/after/if the new bill is passed.
>
I still wish that we could easily and routinely be able to encrypt email 
content. Then plod would have to ask for the keys.

Peter (the other one)



From lists at internetpolicyagency.com  Sun Aug 12 07:34:39 2012
From: lists at internetpolicyagency.com (Roland Perry)
Date: Sun, 12 Aug 2012 07:34:39 +0100
Subject: What is a "communication" (was Re: sorry, but ...
In-Reply-To: <5027428E.2020502@iosis.co.uk>
References: <500F1A54.4040204@zen.co.uk> <CML5xvHRHUEQFAKc@perry.co.uk>
	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk> <ORKqm7TXOsEQFAqA@perry.co.uk>
	<5013180A.2020800@zen.co.uk> <IeqblrkR8OFQFADx@perry.co.uk>
	<50153B63.6030602@zen.co.uk> <9p2mosohI6FQFAGq@perry.co.uk>
	<5017D91C.1050209@gmx.net> <t4$y8OLLgDGQFANU@perry.co.uk>
	<501903C6.8060506@gmx.net> <op.wioggrjh6hl8nm@clerew.man.ac.uk>
	<9E957DE5-4E56-4A6D-A743-A6F665297E66@batten.eu.org>
	<502230FB.1050702@pmsommer.com> <5022B00C.1090205@zen.co.uk>
	<op.wirptsgw6hl8nm@clerew.man.ac.uk> <5023AE00.5070503@zen.co.uk>
	<op.wislj8av6hl8nm@clerew.man.ac.uk>
	<6AF05B7999F44DF994AF70B8D091471B@your41b8d18ede>
	<5026E5DC.4040502@zen.co.uk> <5027428E.2020502@iosis.co.uk>
Message-ID: <mMNwRGG$50JQFAmS@perry.co.uk>

In article <5027428E.2020502 at iosis.co.uk>, Peter Tomlinson 
<pwt at iosis.co.uk> writes
>I still wish that we could easily and routinely be able to encrypt 
>email content. Then plod would have to ask for the keys.

PGP style of encryption or TLS?

And what do you count as "email" - there are very many non-port-25 
messaging systems these days (and that's part of plod's problem).
-- 
Roland Perry


From pwt at iosis.co.uk  Sun Aug 12 09:57:54 2012
From: pwt at iosis.co.uk (Peter Tomlinson)
Date: Sun, 12 Aug 2012 09:57:54 +0100
Subject: What is a "communication" (was Re: sorry, but ...
In-Reply-To: <mMNwRGG$50JQFAmS@perry.co.uk>
References: <500F1A54.4040204@zen.co.uk>
	<CML5xvHRHUEQFAKc@perry.co.uk><op.wh3nj7gb6hl8nm@clerew.man.ac.uk>
	<ORKqm7TXOsEQFAqA@perry.co.uk><5013180A.2020800@zen.co.uk>
	<IeqblrkR8OFQFADx@perry.co.uk><50153B63.6030602@zen.co.uk>
	<9p2mosohI6FQFAGq@perry.co.uk><5017D91C.1050209@gmx.net>
	<t4$y8OLLgDGQFANU@perry.co.uk><501903C6.8060506@gmx.net>
	<op.wioggrjh6hl8nm@clerew.man.ac.uk><9E957DE5-4E56-4A6D-A743-A6F665297E66@batten.eu.org><502230FB.1050702@pmsommer.com>
	<5022B00C.1090205@zen.co.uk><op.wirptsgw6hl8nm@clerew.man.ac.uk>
	<5023AE00.5070503@zen.co.uk><op.wislj8av6hl8nm@clerew.man.ac.uk><6AF05B7999F44DF994AF70B8D091471B@your41b8d18ede><5026E5DC.4040502@zen.co.uk>
	<5027428E.2020502@iosis.co.uk> <mMNwRGG$50JQFAmS@perry.co.uk>
Message-ID: <50277012.4070807@iosis.co.uk>


On 12/08/2012 07:34, Roland Perry wrote:
> In article <5027428E.2020502 at iosis.co.uk>, Peter Tomlinson 
> <pwt at iosis.co.uk> writes
>> I still wish that we could easily and routinely be able to encrypt 
>> email content. Then plod would have to ask for the keys.
>
> PGP style of encryption or TLS?
>
> And what do you count as "email" - there are very many non-port-25 
> messaging systems these days (and that's part of plod's problem).
I'm thinking of the USA program (www.nist.gov/nstic) to try to make the 
internet safe by use of eID methods (now using the buzzwords 'Identity 
Ecosystem'), although how far they have actually got in the last year 
I'm not sure [1]. Securely and easily being able to pass information 
between two parties should be a vital part of that. In Europe we have 
been trying (somewhat fitfully) for 10 years to solve the eID problem.

Peter

[1] On the web site see http://www.nist.gov/nstic/iesg.html :

Identity Ecosystem Steering Group to Launch August 15-16, 2012, in 
Chicago, Illinois



From lists at internetpolicyagency.com  Sun Aug 12 10:34:54 2012
From: lists at internetpolicyagency.com (Roland Perry)
Date: Sun, 12 Aug 2012 10:34:54 +0100
Subject: What is a "communication" (was Re: sorry, but ...
In-Reply-To: <50277012.4070807@iosis.co.uk>
References: <500F1A54.4040204@zen.co.uk> <ORKqm7TXOsEQFAqA@perry.co.uk>
	<5013180A.2020800@zen.co.uk> <IeqblrkR8OFQFADx@perry.co.uk>
	<50153B63.6030602@zen.co.uk> <9p2mosohI6FQFAGq@perry.co.uk>
	<5017D91C.1050209@gmx.net> <t4$y8OLLgDGQFANU@perry.co.uk>
	<501903C6.8060506@gmx.net> <op.wioggrjh6hl8nm@clerew.man.ac.uk>
	<9E957DE5-4E56-4A6D-A743-A6F665297E66@batten.eu.org>
	<502230FB.1050702@pmsommer.com> <5022B00C.1090205@zen.co.uk>
	<op.wirptsgw6hl8nm@clerew.man.ac.uk> <5023AE00.5070503@zen.co.uk>
	<op.wislj8av6hl8nm@clerew.man.ac.uk>
	<6AF05B7999F44DF994AF70B8D091471B@your41b8d18ede>
	<5026E5DC.4040502@zen.co.uk> <5027428E.2020502@iosis.co.uk>
	<mMNwRGG$50JQFAmS@perry.co.uk> <50277012.4070807@iosis.co.uk>
Message-ID: <yYN1U6a+i3JQFA1u@perry.co.uk>

In article <50277012.4070807 at iosis.co.uk>, Peter Tomlinson 
<pwt at iosis.co.uk> writes
>>> I still wish that we could easily and routinely be able to encrypt 
>>>email content. Then plod would have to ask for the keys.
>>
>> PGP style of encryption or TLS?
>>
>> And what do you count as "email" - there are very many non-port-25 
>>messaging systems these days (and that's part of plod's problem).
>I'm thinking of the USA program (www.nist.gov/nstic) to try to make the 
>internet safe by use of eID methods (now using the buzzwords 'Identity 
>Ecosystem'), although how far they have actually got in the last year 
>I'm not sure [1]. Securely and easily being able to pass information 
>between two parties should be a vital part of that. In Europe we have 
>been trying (somewhat fitfully) for 10 years to solve the eID problem.

That's more about e-commerce than e-mail, surely?
-- 
Roland Perry


From pwt at iosis.co.uk  Sun Aug 12 16:05:16 2012
From: pwt at iosis.co.uk (Peter Tomlinson)
Date: Sun, 12 Aug 2012 16:05:16 +0100
Subject: What is a "communication" (was Re: sorry, but ...
In-Reply-To: <yYN1U6a+i3JQFA1u@perry.co.uk>
References: <500F1A54.4040204@zen.co.uk>
	<ORKqm7TXOsEQFAqA@perry.co.uk><5013180A.2020800@zen.co.uk>
	<IeqblrkR8OFQFADx@perry.co.uk><50153B63.6030602@zen.co.uk>
	<9p2mosohI6FQFAGq@perry.co.uk><5017D91C.1050209@gmx.net>
	<t4$y8OLLgDGQFANU@perry.co.uk><501903C6.8060506@gmx.net>
	<op.wioggrjh6hl8nm@clerew.man.ac.uk><9E957DE5-4E56-4A6D-A743-A6F665297E66@batten.eu.org><502230FB.1050702@pmsommer.com>
	<5022B00C.1090205@zen.co.uk><op.wirptsgw6hl8nm@clerew.man.ac.uk>
	<5023AE00.5070503@zen.co.uk><op.wislj8av6hl8nm@clerew.man.ac.uk><6AF05B7999F44DF994AF70B8D091471B@your41b8d18ede><5026E5DC.4040502@zen.co.uk>
	<5027428E.2020502@iosis.co.uk><mMNwRGG$50JQFAmS@perry.co.uk>
	<50277012.4070807@iosis.co.uk> <yYN1U6a+i3JQFA1u@perry.co.uk>
Message-ID: <5027C62C.7060300@iosis.co.uk>


On 12/08/2012 10:34, Roland Perry wrote:
> In article <50277012.4070807 at iosis.co.uk>, Peter Tomlinson 
> <pwt at iosis.co.uk> writes
>>>> I still wish that we could easily and routinely be able to encrypt 
>>>> email content. Then plod would have to ask for the keys.
>>>
>>> PGP style of encryption or TLS?
>>>
>>> And what do you count as "email" - there are very many non-port-25 
>>> messaging systems these days (and that's part of plod's problem).
>> I'm thinking of the USA program (www.nist.gov/nstic) to try to make 
>> the internet safe by use of eID methods (now using the buzzwords 
>> 'Identity Ecosystem'), although how far they have actually got in the 
>> last year I'm not sure [1]. Securely and easily being able to pass 
>> information between two parties should be a vital part of that. In 
>> Europe we have been trying (somewhat fitfully) for 10 years to solve 
>> the eID problem.
>
> That's more about e-commerce than e-mail, surely?
Yes, and, while using say https, we ought to be able to encrypt the data 
content (using a key provided after we present our eID) separately from 
the transport layer.

Peter



From lists at internetpolicyagency.com  Mon Aug 13 08:24:22 2012
From: lists at internetpolicyagency.com (Roland Perry)
Date: Mon, 13 Aug 2012 08:24:22 +0100
Subject: What is a "communication" (was Re: sorry, but ...
In-Reply-To: <5027C62C.7060300@iosis.co.uk>
References: <500F1A54.4040204@zen.co.uk> <IeqblrkR8OFQFADx@perry.co.uk>
	<50153B63.6030602@zen.co.uk> <9p2mosohI6FQFAGq@perry.co.uk>
	<5017D91C.1050209@gmx.net> <t4$y8OLLgDGQFANU@perry.co.uk>
	<501903C6.8060506@gmx.net> <op.wioggrjh6hl8nm@clerew.man.ac.uk>
	<9E957DE5-4E56-4A6D-A743-A6F665297E66@batten.eu.org>
	<502230FB.1050702@pmsommer.com> <5022B00C.1090205@zen.co.uk>
	<op.wirptsgw6hl8nm@clerew.man.ac.uk> <5023AE00.5070503@zen.co.uk>
	<op.wislj8av6hl8nm@clerew.man.ac.uk>
	<6AF05B7999F44DF994AF70B8D091471B@your41b8d18ede>
	<5026E5DC.4040502@zen.co.uk> <5027428E.2020502@iosis.co.uk>
	<mMNwRGG$50JQFAmS@perry.co.uk> <50277012.4070807@iosis.co.uk>
	<yYN1U6a+i3JQFA1u@perry.co.uk> <5027C62C.7060300@iosis.co.uk>
Message-ID: <dj4OK3AmuKKQFA6f@perry.co.uk>

In article <5027C62C.7060300 at iosis.co.uk>, Peter Tomlinson 
<pwt at iosis.co.uk> writes
>>>>> I still wish that we could easily and routinely be able to encrypt 
>>>>>email content. Then plod would have to ask for the keys.
>>>>
>>>> PGP style of encryption or TLS?
>>>>
>>>> And what do you count as "email" - there are very many non-port-25 
>>>>messaging systems these days (and that's part of plod's problem).
>>> I'm thinking of the USA program (www.nist.gov/nstic) to try to make 
>>>the internet safe by use of eID methods (now using the buzzwords 
>>>'Identity Ecosystem'), although how far they have actually got in the 
>>>last year I'm not sure [1]. Securely and easily being able to pass 
>>>information between two parties should be a vital part of that. In 
>>>Europe we have been trying (somewhat fitfully) for 10 years to solve 
>>>
>>
>> That's more about e-commerce than e-mail, surely?
 >
>Yes, and, while using say https, we ought to be able to encrypt the 
>data content (using a key provided after we present our eID) separately 
>from the transport layer.

If that key is unique to the email service you are contacting, then such 
an arrangement is possible today. If it's one key for all email services 
it seems you may have invented the mother of all PKIs, and something 
that sounds a lot like a second transport layer.
-- 
Roland Perry


From chl at clerew.man.ac.uk  Mon Aug 13 11:07:20 2012
From: chl at clerew.man.ac.uk (Charles Lindsey)
Date: Mon, 13 Aug 2012 11:07:20 +0100
Subject: What is a "communication" (was Re: sorry, but ...
In-Reply-To: <5026E5DC.4040502@zen.co.uk>
References: <500F1A54.4040204@zen.co.uk> <500F2335.7090602@zen.co.uk>
	<500FA83C.2070209@gmx.net> <500FE86B.4010308@zen.co.uk>
	<op.wh1x0btp6hl8nm@clerew.man.ac.uk> <CML5xvHRHUEQFAKc@perry.co.uk>
	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk>
	<ORKqm7TXOsEQFAqA@perry.co.uk> <5013180A.2020800@zen.co.uk>
	<IeqblrkR8OFQFADx@perry.co.uk> <50153B63.6030602@zen.co.uk>
	<9p2mosohI6FQFAGq@perry.co.uk> <5017D91C.1050209@gmx.net>
	<t4$y8OLLgDGQFANU@perry.co.uk> <501903C6.8060506@gmx.net>
	<op.wioggrjh6hl8nm@clerew.man.ac.uk>
	<9E957DE5-4E56-4A6D-A743-A6F665297E66@batten.eu.org>
	<502230FB.1050702@pmsommer.com> <5022B00C.1090205@zen.co.uk>
	<op.wirptsgw6hl8nm@clerew.man.ac.uk> <5023AE00.5070503@zen.co.uk>
	<op.wislj8av6hl8nm@clerew.man.ac.uk>
	<6AF05B7999F44DF994AF70B8D091471B@your41b8d18ede>
	<5026E5DC.4040502@zen.co.uk>
Message-ID: <op.wiy42iq76hl8nm@clerew.man.ac.uk>

On Sun, 12 Aug 2012 00:08:12 +0100, Peter Fairbrother  
<zenadsl6186 at zen.co.uk> wrote:

> Maybe we are on different pages - I am, initially at least, just saying  
> that in order to filter traffic data from the stream he has to look at  
> the stream, in order to filter it.

Plod is a person. The bot running his filter is not. So if the  
(sufficiently smart) bot can remove the non-traffic data from the  
communication data before Plod gets to look at it, then it has not been  
"made available to any person". Yes, the bot writer (aka root) could log  
in and change the bot to divert it otherwise, but we have been around that  
one before, and I don't think it washes. If you follow that line of  
reasonong, then every router everything passes through is guilty of  
interception, because its operator "could" peek at all passing traffic.

All reasonable steps have been taken to prevent Plod seeing what he should  
not see, and a court is likely to be satisfied with that.
>
> Whether a computer filter or a human does the filtering, the raw  
> unfiltered feed has to be looked at. Plod cannot filter it without  
> looking at it, it is impossible.

No it's not. Plod does not filter it. Plod comes after the filter.

Whether a practical filter could be constructed by a person familiar with  
the algorithms used by Facebook, or whoever, is a separate issue. For the  
purposes of this discussion let us assume it is possible.

>
>
> Another question here, is traffic between me and mywebsiteserver a  
> communication?

Yes, you sent a communication to your websiteserver and it returned  
information of use to you. The identity of your websiteserver is traffic  
data. The actual query and its response is not.

> Between the webcam I set up in the PM's toilet and my computer?

Ditto, but there are plenty of better places in RIPA which they could  
catch you with in that situation. And the location of your webcam probably  
counts as traffic data, and a warrant to access what your webcam is seeing  
would surely follow in short order.


-- 
Charles?H.?Lindsey?---------At?Home,?doing?my?own?thing------------------------
Tel:?+44?161?436?6131?                      
???Web:?http://www.cs.man.ac.uk/~chl
Email:?chl at clerew.man.ac.uk??????Snail:?5?Clerewood?Ave,?CHEADLE,?SK8?3JU,?U.K.
PGP:?2C15F1A9??????Fingerprint:?73?6D?C2?51?93?A0?01?E7?65?E8?64?7E?14?A4?AB?A5


From dfawcus+lists-ukcrypto at employees.org  Mon Aug 13 21:57:55 2012
From: dfawcus+lists-ukcrypto at employees.org (Derek Fawcus)
Date: Mon, 13 Aug 2012 13:57:55 -0700
Subject: sorry, but ...
In-Reply-To: <1343811957.28957.YahooMailNeo@web29301.mail.ird.yahoo.com>
References: <op.wh1x0btp6hl8nm@clerew.man.ac.uk> <CML5xvHRHUEQFAKc@perry.co.uk>
	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk>
	<ORKqm7TXOsEQFAqA@perry.co.uk> <5013180A.2020800@zen.co.uk>
	<IeqblrkR8OFQFADx@perry.co.uk> <50153B63.6030602@zen.co.uk>
	<9p2mosohI6FQFAGq@perry.co.uk> <50185620.5000307@zen.co.uk>
	<1343811957.28957.YahooMailNeo@web29301.mail.ird.yahoo.com>
Message-ID: <20120813205755.GA7638@banjo.employees.org>

On Wed, Aug 01, 2012 at 10:05:57AM +0100, Andrew Bangs wrote:
> Intercepting at switches (vs literally 'on the wire') always reminds me of Zeno's arrow paradox.
> We somehow have to pretend that the thing to be intercepted is stationary if this is really different from doing it on the wire,
> or at least that it's received and then has stuff done to it before being sent on its way.

No pretense is necessary,  that is usually how they operate;  with store and forward on the routers/switches.

> (for anyone thirsty for further reading, "cut-through switching" is a phrase your favourite search engine could investigate)

I think there were some early switches which did cut through,  as a way of reducing
latency,  but the down side is that damaged packets can then propogate.

I don't know of any IP routers which do cut through forwarding when operating at the IP level.
Likewise for most MPLS switches.  The packet is fully received,  and checksums verified before
retransmission.

I think I may have read of some new optical switches (with an MPLS varient) which do something
like cut-through,  but it is more a case of lambda switching;  where certain MPLS tags get
associated with specific colours.  This would generally be in the core of the network,
and one is then in to having to use optical splices to intercept.

I would suggest that 90% (or more) of current internet routers/switches are store and forward,
even when the have hardware forwarding engines.

.pdf


From zenadsl6186 at zen.co.uk  Tue Aug 14 02:44:40 2012
From: zenadsl6186 at zen.co.uk (Peter Fairbrother)
Date: Tue, 14 Aug 2012 02:44:40 +0100
Subject: sorry, but ...
In-Reply-To: <20120813205755.GA7638@banjo.employees.org>
References: <op.wh1x0btp6hl8nm@clerew.man.ac.uk>
	<CML5xvHRHUEQFAKc@perry.co.uk>	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk>	<ORKqm7TXOsEQFAqA@perry.co.uk>
	<5013180A.2020800@zen.co.uk>	<IeqblrkR8OFQFADx@perry.co.uk>
	<50153B63.6030602@zen.co.uk>	<9p2mosohI6FQFAGq@perry.co.uk>
	<50185620.5000307@zen.co.uk>	<1343811957.28957.YahooMailNeo@web29301.mail.ird.yahoo.com>
	<20120813205755.GA7638@banjo.employees.org>
Message-ID: <5029AD88.9020804@zen.co.uk>

On 13/08/12 21:57, Derek Fawcus wrote:
> On Wed, Aug 01, 2012 at 10:05:57AM +0100, Andrew Bangs wrote:
>> Intercepting at switches (vs literally 'on the wire') always reminds me of Zeno's arrow paradox.
>> We somehow have to pretend that the thing to be intercepted is stationary if this is really different from doing it on the wire,
>> or at least that it's received and then has stuff done to it before being sent on its way.
>
> No pretense is necessary,  that is usually how they operate;  with store and forward on the routers/switches.
>
>> (for anyone thirsty for further reading, "cut-through switching" is a phrase your favourite search engine could investigate)
>
> I think there were some early switches which did cut through,  as a way of reducing
> latency,  but the down side is that damaged packets can then propogate.
>
> I don't know of any IP routers which do cut through forwarding when operating at the IP level.
> Likewise for most MPLS switches.  The packet is fully received,  and checksums verified before
> retransmission.
>
> I think I may have read of some new optical switches (with an MPLS varient) which do something
> like cut-through,  but it is more a case of lambda switching;  where certain MPLS tags get
> associated with specific colours.  This would generally be in the core of the network,
> and one is then in to having to use optical splices to intercept.
>
> I would suggest that 90% (or more) of current internet routers/switches are store and forward,
> even when the have hardware forwarding engines.



IIRC that's the way the internet was designed; it is built on packets 
rather than connections.

Cut through switching is considerably more complicated and expensive 
than store-and-forward; the expense is only really justifiable where 
very low latency is critical, eg in supercomputer networks.

It's not needed at all for the everyday internet.



[and I expect even cut through switches store-and-forward at least one 
bit, for a gazillionth of a second - a bit is not a communication, but 
then a packet is not usually the whole of a communication either]


[not even I would expect judges to fall for that... but what do I kno'?]


-- Peter F.




> .pdf
>
>



From zenadsl6186 at zen.co.uk  Tue Aug 14 03:44:49 2012
From: zenadsl6186 at zen.co.uk (Peter Fairbrother)
Date: Tue, 14 Aug 2012 03:44:49 +0100
Subject: What is a "communication"
In-Reply-To: <op.wiy42iq76hl8nm@clerew.man.ac.uk>
References: <500F1A54.4040204@zen.co.uk>
	<500F2335.7090602@zen.co.uk>	<500FA83C.2070209@gmx.net>
	<500FE86B.4010308@zen.co.uk>	<op.wh1x0btp6hl8nm@clerew.man.ac.uk>
	<CML5xvHRHUEQFAKc@perry.co.uk>	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk>	<ORKqm7TXOsEQFAqA@perry.co.uk>
	<5013180A.2020800@zen.co.uk>	<IeqblrkR8OFQFADx@perry.co.uk>
	<50153B63.6030602@zen.co.uk>	<9p2mosohI6FQFAGq@perry.co.uk>
	<5017D91C.1050209@gmx.net>	<t4$y8OLLgDGQFANU@perry.co.uk>
	<501903C6.8060506@gmx.net>	<op.wioggrjh6hl8nm@clerew.man.ac.uk>	<9E957DE5-4E56-4A6D-A743-A6F665297E66@batten.eu.org>	<502230FB.1050702@pmsommer.com>
	<5022B00C.1090205@zen.co.uk>	<op.wirptsgw6hl8nm@clerew.man.ac.uk>
	<5023AE00.5070503@zen.co.uk>	<op.wislj8av6hl8nm@clerew.man.ac.uk>	<6AF05B7999F44DF994AF70B8D091471B@your41b8d18ede>	<5026E5DC.4040502@zen.co.uk>
	<op.wiy42iq76hl8nm@clerew.man.ac.uk>
Message-ID: <5029BBA1.4050606@zen.co.uk>

On 13/08/12 11:07, Charles Lindsey wrote:
> On Sun, 12 Aug 2012 00:08:12 +0100, Peter Fairbrother
> <zenadsl6186 at zen.co.uk> wrote:
>
>> Maybe we are on different pages - I am, initially at least, just
>> saying that in order to filter traffic data from the stream he has
>> to look at the stream, in order to filter it.
>
> Plod is a person. The bot running his filter is not.

Legally, it is a person.

find a lawyer who says, here, publicly, that it isn't a person, and then
we'll talk about that, but otherwise...


So if the
> (sufficiently smart) bot can remove the non-traffic data from the
> communication data before Plod gets to look at it, then it has not
> been "made available to any person". Yes, the bot writer (aka root)
> could log in and change the bot to divert it otherwise, but we have
> been around that one before, and I don't think it washes.

I'm not going to get into this old argument any more, except to say that
your following paragraph does not follow.

And that I won last time anyone checked :)


> If you follow that line of reasoning, then every router everything
> passes through is guilty of interception, because its operator
> "could" peek at all passing traffic.

Could != did.

>
> All reasonable steps have been taken to prevent Plod seeing what he
> should not see, and a court is likely to be satisfied with that.
>>
>> Whether a computer filter or a human does the filtering, the raw
>> unfiltered feed has to be looked at. Plod cannot filter it without
>> looking at it, it is impossible.
>
> No it's not. Plod does not filter it. Plod comes after the filter.

Okay, I'll define it differently - hmmm, need a suitable name for the
filter operating agency envisaged in the Bill .. hasn't been decided yet
[]..- hmmm. perhaps GCHQ? - no, that's taken, let's say FHQ.


[] snort!

> Whether a practical filter could be constructed by a person familiar
> with the algorithms used by Facebook, or whoever, is a separate
> issue. For the purposes of this discussion let us assume it is
> possible.


Let's take an example, the chalk mark once beloved by fictional spies.
(aargh, I'm told it was actually often used in real life - well, you
live and learn).

Spy Alice places a chalk mark at spot x, and sometime later spy Bob
passes by the spot and sees it.

In doing so Bob receives a communication from Alice.

Now, can "a person familiar with the algorithms used by Facebook, or
whoever" write a filter to detect that?

I'm pretty sure he can't, he doesn't have the necessary information, ie
the placement, the viewing, or the significance of the chalkmark.

That's an extreme example, but more everyday ones are easy to find.

So no, I will not assume that it is possible for "a person familiar
with the algorithms used by Facebook to construct a practical filter" -
unless you care to define "practical" in specific and limited terms.


But that is not the point.

Or maybe it is - to pass all potential traffic data, the filter has to
pass all traffic.


>> Another question here, is traffic between me and mywebsiteserver a
>> communication?
>
> Yes, you sent a communication to your websiteserver and it returned
> information of use to you. The identity of your websiteserver is
> traffic data. The actual query and its response is not.


You probably can't have it both ways - my webserver is not a person. Or
is it?


-- Peter F


From zenadsl6186 at zen.co.uk  Tue Aug 14 04:38:55 2012
From: zenadsl6186 at zen.co.uk (Peter Fairbrother)
Date: Tue, 14 Aug 2012 04:38:55 +0100
Subject: What is a "communication"
In-Reply-To: <5029BBA1.4050606@zen.co.uk>
References: <500F1A54.4040204@zen.co.uk>	<500F2335.7090602@zen.co.uk>	<500FA83C.2070209@gmx.net>	<500FE86B.4010308@zen.co.uk>	<op.wh1x0btp6hl8nm@clerew.man.ac.uk>	<CML5xvHRHUEQFAKc@perry.co.uk>	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk>	<ORKqm7TXOsEQFAqA@perry.co.uk>	<5013180A.2020800@zen.co.uk>	<IeqblrkR8OFQFADx@perry.co.uk>	<50153B63.6030602@zen.co.uk>	<9p2mosohI6FQFAGq@perry.co.uk>	<5017D91C.1050209@gmx.net>	<t4$y8OLLgDGQFANU@perry.co.uk>	<501903C6.8060506@gmx.net>	<op.wioggrjh6hl8nm@clerew.man.ac.uk>	<9E957DE5-4E56-4A6D-A743-A6F665297E66@batten.eu.org>	<502230FB.1050702@pmsommer.com>	<5022B00C.1090205@zen.co.uk>	<op.wirptsgw6hl8nm@clerew.man.ac.uk>	<5023AE00.5070503@zen.co.uk>	<op.wislj8av6hl8nm@clerew.man.ac.uk>	<6AF05B7999F44DF994AF70B8D091471B@your41b8d18ede>	<5026E5DC.4040502@zen.co.uk>	<op.wiy42iq76hl8nm@clerew.man.ac.uk>
	<5029BBA1.4050606@zen.co.uk>
Message-ID: <5029C84F.2020708@zen.co.uk>

On 14/08/12 03:44, Peter Fairbrother wrote:
> On 13/08/12 11:07, Charles Lindsey wrote:

>>> Another question here, is traffic between me and mywebsiteserver a
>>> communication?
>>
>> Yes, you sent a communication to your websiteserver and it returned
>> information of use to you. The identity of your websiteserver is
>> traffic data. The actual query and its response is not.
>
>
> You probably can't have it both ways - my webserver is not a person. Or
> is it?

Missed a bit here - I was thinking of me placing something on the 'net 
by ftp'ing it to mywebserver, and whether that ftp is a communication in 
RIPA terms, and therefore interceptable.

mywebsever is (allegedly) at an ISP who do not look at the content 
therein, but for the sake of argument suppose it is a physical server in 
in my London flat (I wish).


I think it may not be a communication, as it does not have an intended 
recipient - except perhaps me, as the server operator, as opposed to me, 
as the sender?

I don't know.


but maybe ftp prolly cannot be intercepted because it is not a 
communication, even if some b#*#*#*d sees it all.


-- Peter Fairbother



From dfawcus+lists-ukcrypto at employees.org  Tue Aug 14 09:58:36 2012
From: dfawcus+lists-ukcrypto at employees.org (Derek Fawcus)
Date: Tue, 14 Aug 2012 01:58:36 -0700
Subject: What is a "communication"
In-Reply-To: <5029C84F.2020708@zen.co.uk>
References: <502230FB.1050702@pmsommer.com> <5022B00C.1090205@zen.co.uk>
	<op.wirptsgw6hl8nm@clerew.man.ac.uk> <5023AE00.5070503@zen.co.uk>
	<op.wislj8av6hl8nm@clerew.man.ac.uk>
	<6AF05B7999F44DF994AF70B8D091471B@your41b8d18ede>
	<5026E5DC.4040502@zen.co.uk> <op.wiy42iq76hl8nm@clerew.man.ac.uk>
	<5029BBA1.4050606@zen.co.uk> <5029C84F.2020708@zen.co.uk>
Message-ID: <20120814085836.GC86516@banjo.employees.org>

On Tue, Aug 14, 2012 at 04:38:55am +0100, Peter Fairbrother wrote:
> 

[about FTP]

> I think it may not be a communication, as it does not have an intended 
> recipient - except perhaps me, as the server operator, as opposed to me, 
> as the sender?
> 
> I don't know.
> 
> but maybe ftp prolly cannot be intercepted because it is not a 
> communication, even if some b#*#*#*d sees it all.

So,  maybe we should revive use of FTP for email? (see rfc475 and rfc751)
[no,  not really a serious suggestion]

Would the possibility of it being used for mail be sufficient to treat it as a communication?

.pdf


From lists at internetpolicyagency.com  Tue Aug 14 10:22:16 2012
From: lists at internetpolicyagency.com (Roland Perry)
Date: Tue, 14 Aug 2012 10:22:16 +0100
Subject: What is a "communication"
In-Reply-To: <20120814085836.GC86516@banjo.employees.org>
References: <502230FB.1050702@pmsommer.com> <5022B00C.1090205@zen.co.uk>
	<op.wirptsgw6hl8nm@clerew.man.ac.uk> <5023AE00.5070503@zen.co.uk>
	<op.wislj8av6hl8nm@clerew.man.ac.uk>
	<6AF05B7999F44DF994AF70B8D091471B@your41b8d18ede>
	<5026E5DC.4040502@zen.co.uk> <op.wiy42iq76hl8nm@clerew.man.ac.uk>
	<5029BBA1.4050606@zen.co.uk> <5029C84F.2020708@zen.co.uk>
	<20120814085836.GC86516@banjo.employees.org>
Message-ID: <bqTf4ZIIjhKQFAr1@perry.co.uk>

In article <20120814085836.GC86516 at banjo.employees.org>, Derek Fawcus 
<dfawcus+lists-ukcrypto at employees.org> writes
>> but maybe ftp prolly cannot be intercepted because it is not a
>> communication, even if some b#*#*#*d sees it all.
>
>So,  maybe we should revive use of FTP for email? (see rfc475 and rfc751)
>[no,  not really a serious suggestion]
>
>Would the possibility of it being used for mail be sufficient to treat it as a communication?

Of course ftp's a communication (for the purposes of RIPA interception).

It may well not be caught by the Data Retention Directive, because that 
specifically mentions Internet email and telephony,
-- 
Roland Perry


From Andrew.Cormack at ja.net  Tue Aug 14 12:42:36 2012
From: Andrew.Cormack at ja.net (Andrew Cormack)
Date: Tue, 14 Aug 2012 11:42:36 +0000
Subject: What is a "communication"
In-Reply-To: <5029C84F.2020708@zen.co.uk>
References: <500F1A54.4040204@zen.co.uk>	<500F2335.7090602@zen.co.uk>
	<500FA83C.2070209@gmx.net>	<500FE86B.4010308@zen.co.uk>
	<op.wh1x0btp6hl8nm@clerew.man.ac.uk>	<CML5xvHRHUEQFAKc@perry.co.uk>
	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk>	<ORKqm7TXOsEQFAqA@perry.co.uk>
	<5013180A.2020800@zen.co.uk>	<IeqblrkR8OFQFADx@perry.co.uk>
	<50153B63.6030602@zen.co.uk>	<9p2mosohI6FQFAGq@perry.co.uk>
	<5017D91C.1050209@gmx.net>	<t4$y8OLLgDGQFANU@perry.co.uk>
	<501903C6.8060506@gmx.net>	<op.wioggrjh6hl8nm@clerew.man.ac.uk>
	<9E957DE5-4E56-4A6D-A743-A6F665297E66@batten.eu.org>
	<502230FB.1050702@pmsommer.com>	<5022B00C.1090205@zen.co.uk>
	<op.wirptsgw6hl8nm@clerew.man.ac.uk>	<5023AE00.5070503@zen.co.uk>
	<op.wislj8av6hl8nm@clerew.man.ac.uk>
	<6AF05B7999F44DF994AF70B8D091471B@your41b8d18ede>
	<5026E5DC.4040502@zen.co.uk>	<op.wiy42iq76hl8nm@clerew.man.ac.uk>
	<5029BBA1.4050606@zen.co.uk> <5029C84F.2020708@zen.co.uk>
Message-ID: <61E52F3A5532BE43B0211254F13883AE09FBA78E@EXC001>

Offline at the moment so can't check, but IIRC the "TwitterJoke" judgment did conclude that a tweet on its way from the author to the Twitter site *was* a communication for Communications Act purposes (therefore capable of being malicious, though this particular one wasn't).

Can't think why the same wouldn't apply to an FTP transfer...

HTH
Andrew

--
Andrew Cormack
Chief Regulatory Adviser, Janet
t: +44 1235 822302
b: https://community.ja.net/blogs/regulatory-developments
Janet, the UK's research and education network
www.ja.net


> -----Original Message-----
> From: ukcrypto-bounces at chiark.greenend.org.uk [mailto:ukcrypto-
> bounces at chiark.greenend.org.uk] On Behalf Of Peter Fairbrother
> Sent: 14 August 2012 04:39
> To: UK Cryptography Policy Discussion Group
> Subject: Re: What is a "communication"
> 
> On 14/08/12 03:44, Peter Fairbrother wrote:
> > On 13/08/12 11:07, Charles Lindsey wrote:
> 
> >>> Another question here, is traffic between me and mywebsiteserver a
> >>> communication?
> >>
> >> Yes, you sent a communication to your websiteserver and it returned
> >> information of use to you. The identity of your websiteserver is
> >> traffic data. The actual query and its response is not.
> >
> >
> > You probably can't have it both ways - my webserver is not a person.
> Or
> > is it?
> 
> Missed a bit here - I was thinking of me placing something on the 'net
> by ftp'ing it to mywebserver, and whether that ftp is a communication
> in
> RIPA terms, and therefore interceptable.
> 
> mywebsever is (allegedly) at an ISP who do not look at the content
> therein, but for the sake of argument suppose it is a physical server
> in
> in my London flat (I wish).
> 
> 
> I think it may not be a communication, as it does not have an intended
> recipient - except perhaps me, as the server operator, as opposed to
> me,
> as the sender?
> 
> I don't know.
> 
> 
> but maybe ftp prolly cannot be intercepted because it is not a
> communication, even if some b#*#*#*d sees it all.
> 
> 
> -- Peter Fairbother
> 



From Andrew.Cormack at ja.net  Tue Aug 14 17:25:54 2012
From: Andrew.Cormack at ja.net (Andrew Cormack)
Date: Tue, 14 Aug 2012 16:25:54 +0000
Subject: What is a "communication"
In-Reply-To: <61E52F3A5532BE43B0211254F13883AE09FBA78E@EXC001>
References: <500F1A54.4040204@zen.co.uk>	<500F2335.7090602@zen.co.uk>
	<500FA83C.2070209@gmx.net>	<500FE86B.4010308@zen.co.uk>
	<op.wh1x0btp6hl8nm@clerew.man.ac.uk>	<CML5xvHRHUEQFAKc@perry.co.uk>
	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk>	<ORKqm7TXOsEQFAqA@perry.co.uk>
	<5013180A.2020800@zen.co.uk>	<IeqblrkR8OFQFADx@perry.co.uk>
	<50153B63.6030602@zen.co.uk>	<9p2mosohI6FQFAGq@perry.co.uk>
	<5017D91C.1050209@gmx.net>	<t4$y8OLLgDGQFANU@perry.co.uk>
	<501903C6.8060506@gmx.net>	<op.wioggrjh6hl8nm@clerew.man.ac.uk>
	<9E957DE5-4E56-4A6D-A743-A6F665297E66@batten.eu.org>
	<502230FB.1050702@pmsommer.com>	<5022B00C.1090205@zen.co.uk>
	<op.wirptsgw6hl8nm@clerew.man.ac.uk>	<5023AE00.5070503@zen.co.uk>
	<op.wislj8av6hl8nm@clerew.man.ac.uk>
	<6AF05B7999F44DF994AF70B8D091471B@your41b8d18ede>
	<5026E5DC.4040502@zen.co.uk>	<op.wiy42iq76hl8nm@clerew.man.ac.uk>
	<5029BBA1.4050606@zen.co.uk> <5029C84F.2020708@zen.co.uk>
	<61E52F3A5532BE43B0211254F13883AE09FBA78E@EXC001>
Message-ID: <61E52F3A5532BE43B0211254F13883AE09FBAB1A@EXC001>

> -----Original Message-----
> From: ukcrypto-bounces at chiark.greenend.org.uk [mailto:ukcrypto-
> bounces at chiark.greenend.org.uk] On Behalf Of Andrew Cormack
> Sent: 14 August 2012 12:43
> To: UK Cryptography Policy Discussion Group
> Subject: RE: What is a "communication"
> 
> Offline at the moment so can't check, but IIRC the "TwitterJoke"
> judgment did conclude that a tweet on its way from the author to the
> Twitter site *was* a communication for Communications Act purposes
> (therefore capable of being malicious, though this particular one
> wasn't).

Just checked. See para 25 of http://s3.documentcloud.org/documents/404552/chambers-v-dpp.pdf

> Can't think why the same wouldn't apply to an FTP transfer...
> 
> HTH
> Andrew
> 
> --
> Andrew Cormack
> Chief Regulatory Adviser, Janet
> t: +44 1235 822302
> b: https://community.ja.net/blogs/regulatory-developments
> Janet, the UK's research and education network
> www.ja.net
> 
> 
> > -----Original Message-----
> > From: ukcrypto-bounces at chiark.greenend.org.uk [mailto:ukcrypto-
> > bounces at chiark.greenend.org.uk] On Behalf Of Peter Fairbrother
> > Sent: 14 August 2012 04:39
> > To: UK Cryptography Policy Discussion Group
> > Subject: Re: What is a "communication"
> >
> > On 14/08/12 03:44, Peter Fairbrother wrote:
> > > On 13/08/12 11:07, Charles Lindsey wrote:
> >
> > >>> Another question here, is traffic between me and mywebsiteserver
> a
> > >>> communication?
> > >>
> > >> Yes, you sent a communication to your websiteserver and it
> returned
> > >> information of use to you. The identity of your websiteserver is
> > >> traffic data. The actual query and its response is not.
> > >
> > >
> > > You probably can't have it both ways - my webserver is not a
> person.
> > Or
> > > is it?
> >
> > Missed a bit here - I was thinking of me placing something on the
> 'net
> > by ftp'ing it to mywebserver, and whether that ftp is a communication
> > in
> > RIPA terms, and therefore interceptable.
> >
> > mywebsever is (allegedly) at an ISP who do not look at the content
> > therein, but for the sake of argument suppose it is a physical server
> > in
> > in my London flat (I wish).
> >
> >
> > I think it may not be a communication, as it does not have an
> intended
> > recipient - except perhaps me, as the server operator, as opposed to
> > me,
> > as the sender?
> >
> > I don't know.
> >
> >
> > but maybe ftp prolly cannot be intercepted because it is not a
> > communication, even if some b#*#*#*d sees it all.
> >
> >
> > -- Peter Fairbother
> >
> 



From bdm at fenrir.org.uk  Thu Aug 16 11:41:00 2012
From: bdm at fenrir.org.uk (Brian Morrison)
Date: Thu, 16 Aug 2012 11:41:00 +0100
Subject: What is a "communication" (was Re: sorry, but ...
In-Reply-To: <5027428E.2020502@iosis.co.uk>
References: <500F1A54.4040204@zen.co.uk> <500F2335.7090602@zen.co.uk>
	<500FA83C.2070209@gmx.net> <500FE86B.4010308@zen.co.uk>
	<op.wh1x0btp6hl8nm@clerew.man.ac.uk> <CML5xvHRHUEQFAKc@perry.co.uk>
	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk> <ORKqm7TXOsEQFAqA@perry.co.uk>
	<5013180A.2020800@zen.co.uk> <IeqblrkR8OFQFADx@perry.co.uk>
	<50153B63.6030602@zen.co.uk> <9p2mosohI6FQFAGq@perry.co.uk>
	<5017D91C.1050209@gmx.net> <t4$y8OLLgDGQFANU@perry.co.uk>
	<501903C6.8060506@gmx.net> <op.wioggrjh6hl8nm@clerew.man.ac.uk>
	<9E957DE5-4E56-4A6D-A743-A6F665297E66@batten.eu.org>
	<502230FB.1050702@pmsommer.com> <5022B00C.1090205@zen.co.uk>
	<op.wirptsgw6hl8nm@clerew.man.ac.uk> <5023AE00.5070503@zen.co.uk>
	<op.wislj8av6hl8nm@clerew.man.ac.uk>
	<6AF05B7999F44DF994AF70B8D091471B@your41b8d18ede>
	<5026E5DC.4040502@zen.co.uk> <5027428E.2020502@iosis.co.uk>
Message-ID: <20120816114100.0000314d@surtees.fenrir.org.uk>

On Sun, 12 Aug 2012 06:43:42 +0100
Peter Tomlinson <pwt at iosis.co.uk> wrote:

> I still wish that we could easily and routinely be able to encrypt
> email content. Then plod would have to ask for the keys.

But they won't, they'll confiscate every single computer or electronic
device they can find and you might get it back broken in a few years
time.

-- 

Brian Morrison


From chl at clerew.man.ac.uk  Fri Aug 17 12:23:13 2012
From: chl at clerew.man.ac.uk (Charles Lindsey)
Date: Fri, 17 Aug 2012 12:23:13 +0100
Subject: What is a "communication"
In-Reply-To: <5029C84F.2020708@zen.co.uk>
References: <500F1A54.4040204@zen.co.uk> <500F2335.7090602@zen.co.uk>
	<500FA83C.2070209@gmx.net> <500FE86B.4010308@zen.co.uk>
	<op.wh1x0btp6hl8nm@clerew.man.ac.uk> <CML5xvHRHUEQFAKc@perry.co.uk>
	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk>
	<ORKqm7TXOsEQFAqA@perry.co.uk> <5013180A.2020800@zen.co.uk>
	<IeqblrkR8OFQFADx@perry.co.uk> <50153B63.6030602@zen.co.uk>
	<9p2mosohI6FQFAGq@perry.co.uk> <5017D91C.1050209@gmx.net>
	<t4$y8OLLgDGQFANU@perry.co.uk> <501903C6.8060506@gmx.net>
	<op.wioggrjh6hl8nm@clerew.man.ac.uk>
	<9E957DE5-4E56-4A6D-A743-A6F665297E66@batten.eu.org>
	<502230FB.1050702@pmsommer.com> <5022B00C.1090205@zen.co.uk>
	<op.wirptsgw6hl8nm@clerew.man.ac.uk> <5023AE00.5070503@zen.co.uk>
	<op.wislj8av6hl8nm@clerew.man.ac.uk>
	<6AF05B7999F44DF994AF70B8D091471B@your41b8d18ede>
	<5026E5DC.4040502@zen.co.uk> <op.wiy42iq76hl8nm@clerew.man.ac.uk>
	<5029BBA1.4050606@zen.co.uk> <5029C84F.2020708@zen.co.uk>
Message-ID: <op.wi6m8z1q6hl8nm@clerew.man.ac.uk>

On Tue, 14 Aug 2012 04:38:55 +0100, Peter Fairbrother  
<zenadsl6186 at zen.co.uk> wrote:

>> You probably can't have it both ways - my webserver is not a person. Or
>> is it?

I don't see why not. How does it differ from Plod's filter that we  
discussed earlier? Bother are just apparatuses that handle communications  
and pass them on as directed, possibly with modifications.
>
> Missed a bit here - I was thinking of me placing something on the 'net  
> by ftp'ing it to mywebserver, and whether that ftp is a communication in  
> RIPA terms, and therefore interceptable.
>
> mywebsever is (allegedly) at an ISP who do not look at the content  
> therein, but for the sake of argument suppose it is a physical server in  
> in my London flat (I wish).
>
>
> I think it may not be a communication, as it does not have an intended  
> recipient - except perhaps me, as the server operator, as opposed to me,  
> as the sender?

Of course it is a communication. The fact that you have connected to port  
21 on your server is Traffic Data, and it you do it supiciously often,  
then I don't think Plod would have any difficulty persuading the SOS to  
issue a warrant to intercept it.

-- 
Charles?H.?Lindsey?---------At?Home,?doing?my?own?thing------------------------
Tel:?+44?161?436?6131?                      
???Web:?http://www.cs.man.ac.uk/~chl
Email:?chl at clerew.man.ac.uk??????Snail:?5?Clerewood?Ave,?CHEADLE,?SK8?3JU,?U.K.
PGP:?2C15F1A9??????Fingerprint:?73?6D?C2?51?93?A0?01?E7?65?E8?64?7E?14?A4?AB?A5


From chl at clerew.man.ac.uk  Fri Aug 17 12:41:19 2012
From: chl at clerew.man.ac.uk (Charles Lindsey)
Date: Fri, 17 Aug 2012 12:41:19 +0100
Subject: What is a "communication"
In-Reply-To: <5029BBA1.4050606@zen.co.uk>
References: <500F1A54.4040204@zen.co.uk> <500F2335.7090602@zen.co.uk>
	<500FA83C.2070209@gmx.net> <500FE86B.4010308@zen.co.uk>
	<op.wh1x0btp6hl8nm@clerew.man.ac.uk> <CML5xvHRHUEQFAKc@perry.co.uk>
	<op.wh3nj7gb6hl8nm@clerew.man.ac.uk>
	<ORKqm7TXOsEQFAqA@perry.co.uk> <5013180A.2020800@zen.co.uk>
	<IeqblrkR8OFQFADx@perry.co.uk> <50153B63.6030602@zen.co.uk>
	<9p2mosohI6FQFAGq@perry.co.uk> <5017D91C.1050209@gmx.net>
	<t4$y8OLLgDGQFANU@perry.co.uk> <501903C6.8060506@gmx.net>
	<op.wioggrjh6hl8nm@clerew.man.ac.uk>
	<9E957DE5-4E56-4A6D-A743-A6F665297E66@batten.eu.org>
	<502230FB.1050702@pmsommer.com> <5022B00C.1090205@zen.co.uk>
	<op.wirptsgw6hl8nm@clerew.man.ac.uk> <5023AE00.5070503@zen.co.uk>
	<op.wislj8av6hl8nm@clerew.man.ac.uk>
	<6AF05B7999F44DF994AF70B8D091471B@your41b8d18ede>
	<5026E5DC.4040502@zen.co.uk> <op.wiy42iq76hl8nm@clerew.man.ac.uk>
	<5029BBA1.4050606@zen.co.uk>
Message-ID: <op.wi6n25wf6hl8nm@clerew.man.ac.uk>

On Tue, 14 Aug 2012 03:44:49 +0100, Peter Fairbrother  
<zenadsl6186 at zen.co.uk> wrote:

>> Whether a practical filter could be constructed by a person familiar
>> with the algorithms used by Facebook, or whoever, is a separate
>> issue. For the purposes of this discussion let us assume it is
>> possible.
>
>
> Let's take an example, the chalk mark once beloved by fictional spies.
> (aargh, I'm told it was actually often used in real life - well, you
> live and learn).
>
> Spy Alice places a chalk mark at spot x, and sometime later spy Bob
> passes by the spot and sees it.
>
> In doing so Bob receives a communication from Alice.
>
> Now, can "a person familiar with the algorithms used by Facebook, or
> whoever" write a filter to detect that?
>
> I'm pretty sure he can't, he doesn't have the necessary information, ie
> the placement, the viewing, or the significance of the chalkmark.

How Plod knew how to observe the chalkmark is his secret; "Acting on  
information received" is the usual euphemism. But if he sees it, then he  
has intercepted a communication.

Now maybe the chalk mark is in one of those wartime forts in the Thames  
estuary which is claimed to be extra-territorial, and Plod observes it  
through a telescope on land. Maybe he even has one of those special  
warrants to observe international communications.

The technical details do not matter; if Plod has access to intelligence  
regarding the location, or to a tame geek who knows the Facebook  
algorithms, then he can try to make use of that knwledge. The questions we  
have to address are that, assuming he does possess the necessary  
intelligence somehow, whether or not his subsequent actions amount to  
illegal interception, or not.

-- 
Charles?H.?Lindsey?---------At?Home,?doing?my?own?thing------------------------
Tel:?+44?161?436?6131?                      
???Web:?http://www.cs.man.ac.uk/~chl
Email:?chl at clerew.man.ac.uk??????Snail:?5?Clerewood?Ave,?CHEADLE,?SK8?3JU,?U.K.
PGP:?2C15F1A9??????Fingerprint:?73?6D?C2?51?93?A0?01?E7?65?E8?64?7E?14?A4?AB?A5