What is a "communication" (was Re: sorry, but ...

Peter Fairbrother zenadsl6186 at zen.co.uk
Sun Aug 12 00:08:12 BST 2012

On 10/08/12 11:39, Tom Thomson wrote:
>> -----Original Message----- From:
>> ukcrypto-bounces at chiark.greenend.org.uk [mailto:ukcrypto-
>> bounces at chiark.greenend.org.uk] On Behalf Of Charles Lindsey Sent:
>> 09 August 2012 22:20 To: UK Cryptography Policy Discussion Group
>> Subject: Re: What is a "communication" (was Re: sorry, but ...
>> On Thu, 09 Aug 2012 13:33:04 +0100, Peter Fairbrother
>> <zenadsl6186 at zen.co.uk>  wrote:
>>> For the sake of any doubt, I are talking here about a situation
>>> where eg a Policeman is searching for traffic data and
>>> incidentally sees message content as part of that search; and
>>> any further uses that data may then be put to, for example as
>>> intelligence or as evidence.
>> But the "conduct" of Plod in this case is not covered by either
>> (a) or (b) in:
>> (5) References in this Act to the interception of a communication
>> in the course of its transmission by means of a postal service or
>> telecommunication system do not include references to--- (a) any
>> conduct that takes place in relation only to so much of the
>> communication as consists in any traffic data comprised in or
>> attached to a communication (whether by the sender or otherwise)
>> for the purposes of any postal service or telecommunication system
>> by means of which it is being or may be transmitted; or (b) any
>> such conduct, in connection with conduct falling within paragraph
>> (a), as gives a person who is neither the sender nor the intended
>> recipient only so much access to a communication as is necessary
>> for the purpose
>> because it takes place in relation to a portion of the
>> communication which does not consist of traffic data and it was
>> not necessary to see that message content because he could/should
>> have averted his eyes (aka used a properly designed filter) when he
>> came to it.
>> Only if it could be demonstrated that designing such a filter was
>> truly impossible could it be claimed that his conduct was
>> "necessary". Otherwise, it WAS interception, and he had no warrant
>> to legitimise it.
>>> [1] no interception at all took place, even though they saw
>>> content; see 5(a) above, and below.
>> No, he is not covered at all by 5(a).

Sorry, my mistake. Meant 5(b), of course.

>> There is a slight possibility that he might be covered by 5(b), but
>> he would have to justify that.

When, and who to?

>>> BTW, that "necessarily" is also the "necessary" in the final
>>> line of 2(5). They cannot find secondary traffic data in a mass
>>> of content without looking at that content, it's simply not
>>> possible.
>> Isn't it? Negatives are notoriously difficult to prove.

Maybe we are on different pages - I am, initially at least, just saying 
that in order to filter traffic data from the stream he has to look at 
the stream, in order to filter it.

Whether a computer filter or a human does the filtering, the raw 
unfiltered feed has to be looked at. Plod cannot filter it without 
looking at it, it is impossible.

Now some prefiltering which does not see content is perhaps possible on 
an internet feed, eg if you are looking for Facebook traffic data then 
you should not look at traffic to Lloyds bank or mywebsite, which can be 
identified by traffic data in the packet headers.

Now I guess Plod might want to look at traffic to/from mywebsite in 
order to find traffic data. That does contain some traffic which is not 
generally available - I use private URLs for this, and eg sometimes 
place family ancestry data there for my family, but not the world, to see.

I might use other means to communicate with others though, including 
maybe steganographic messaging (I don't, but I might) - however if I did 
there would be no traffic data in my communications with 
mywebsiteserver, whether I used private URLs or steganographic means. 
Any traffic data would flow on other channels.

But I might be forgetful someday, and leave some traffic data in my 
communications with mywebsiteserver. So maybe Plod would feel justified 
in passing my traffic beyond the first traffic-data based prefilter.

Another question here, is traffic between me and mywebsiteserver a 
communication? Between the webcam I set up in the PM's toilet and my 

There is in general no sender and intended recipient which both have 
personhood status.

I digress.

Getting back to the point, or nearer anyway, I can't imagine Plod/GCHQ 
saying, "hmm should we include mywebsite in our detailed searches? There 
may be no traffic data there", but rather they would most likely say 
"include mywebsite, it may have traffic data, and excluding it would be 
far too fine-grained a prefilter to write - Hmmm, in general just pass 
through everything unless we are sure it doesn't contain secondary 
traffic data, because we are looking for secondary traffic data which 
may be deliberately obscured or hidden."

And so, where do they draw the line? At Lloyds bank? That might be okay, 
except Standard Chartered was just found to have been hiding 
transactions and communictions with Iranians, so we want to look at 
Standard Chartered, and who's tosqy that Lloysds is rosy cheeked and 
shiny clean too?

So I can't really see where a prefilter operating only on packet traffic 
data would have any function - Plod/GCHQ would want to look further, and 
could show reason why almost any site or connection or link might be 
passing messages to the bad guys, and they want at least the associated 
traffic data.

Go on few levels, rinse and repeat, and you'll find that unless it's 
actually spelled out that they can't look at content while looking for 
traffic data in this or that situation, then they can look at content 
for their filters.

So in order to see what the new bill actually means we have to see where 
it's spelled out where they can't look at content.

And ooops, that's nowhere.

> In addition to Charles' points above, there seems to me to be yet
> another problem if this content is used in investigations and/or in
> prosecutions since this will inevitably entail informing other
> police officers, and also crown prosecutors, solicitors, and
> barristers (or procurators fiscal, solicitors, and advocates
> elsewhere in the Kingdom) .  Even if Charles were wrong (I don't for
> a moment imagine he is, but that's by the bye) and the content had
> not yet been intercepted, it would now be being made available to
> another party,


and that making available is not an inevitable
> consequence of of obtaining the traffic data (since the policeman
> originally concerned is clearly capable of separating the traffic
> data and passing only that on to his superiors (or his juniors or
> colleagues or the prosecuting officials))


so it is quite certainly an
> interception,

ah, exactly why please? The making available? Yes, that might make it an 

and hence illegal since there is no warrant.

You may be right - but the "policeman originally concerned" (in reality 
a GCHQ officer, I can't imagine anyone else is going to be appointed as 
the filter-operating agency, with access to all the internet) can see 

If he sees a murder or a terrorist attack being planned, would he be 
expected to keep silent?

I doubt it. And Lord Bassam's comments as reported by Caspar would seem 
to strongly suggest he would not.

Maybe they have some sort of intersecting warrants, issued post-facto, 
to cover this situation? Hmm, that might limit it to "serious crime".

What if he sees someone was planning to do a fraud, or a burglary, or 
shoplift, or break a window - or just be nasty to their grandma?

The real question is, What is really planned?

To answer that I think we have to look at capabilities rather than 
intentions, as we do not know their intentions but we can get some idea 
of their capabilities as expressed in Law. And it loks to mevery like 
the capabilities asked for are pratty much " see everything, all the time.

Why is it okay for them to see traffic data but not content? 
Historically it's just because telephone bills had lists of calls, and 
Plod wanted to see them to help with their enquiries. There is no 
natural right for Plod to see traffic data.

There is a natural right to _prevent_ Plod seeing message content, the 
right to privacy. and it also applies to unnecessary looking at traffic 
data, or anything else which is private which Plod do not need to do in 
order to protect us from crime - we agree to a small invasion in our 
privacy in order to benefit from the increased freedom from the 
disadvantageous effects of crime policing brings.

The problem is in the accounting.

The invasion of privacy must be more than offset (yes, more than offset, 
not just balanced - the natural right and condition is to privacy) by 
the benefit that the better policing made possible by the invasion of 
the right to privacy confers.

And I do not see that that is the case even now, and it will be much 
less so when/after/if the new bill is passed.

-- Peter Fairbrother

More information about the ukcrypto mailing list