sorry, but ...
zenadsl6186 at zen.co.uk
Wed Jul 25 13:36:59 BST 2012
Hi Caspar, long time no see.
On 25/07/12 09:03, Caspar Bowden (travelling) wrote:
> Hi Peter
> On 07/25/2012 12:35 AM, Peter Fairbrother wrote:
>>> stream, and it's looking for traffic data in traffic that's to let's say
>>> the Facebook or Twitter or googlemail or WoW or Habbo sites.
> (AFAIK Facebook say they fall under Irish jurisdiction for their EU
> users w.r.t DP law at least)
>>> These are afaik all hosted in the US, but they have strong UK
>>> Let's suppose both Alice and Bob are in the UK. Now suppose Alice sends
>>> Bob a message through facebook, or another of the US social media sites.
>>> The black box sees and finds the traffic data concerned with Alice's
>>> message, quite lawfully under the new bill - and the traffic data it
>>> sees tells it it's an external communication, a message to a server
>>> outside the UK.
> AFAIK the last word (but grateful for any later ref) we have on HMG's
> understanding is from 4th July 2000 (this was in response to FIPR
> probing amendments about the new "domestic trawling" warrant in S.16(3),
> misleadingly placed in a section called "Safeguards").
> In theory, what defines internal/external is whether the communication
> (at whatever protocol level) is "received" in the UK (rather than where
> a server is located), but in practice this doesn't matter
Could you say why it doesn't matter? That's not clear to me. Thx.
> (worth reading whole thing and context at
I confirm what I said in the House, that a communication from one point
in the British Islands to another point in the British Islands is
'internal' even if its route takes it outside the British Islands.
> Communications that originate and are received in the UK are always
So says Lord Bassam. But I very much doubt that he had Facebook in mind
when he said that, so even if he was correct (he wasn't), or if what
he said had any legal significance because he said it, it doesn't apply
to the Facebook situation.
And so as ever we are left with the plain wording of the law:
RIPA S.20: “external communication” means a communication sent or
received outside the British Islands;
When Alice sends her message to Bob via Facebook in Eire, is her
communication received by Facebook?
I'd say it was, and I can't see a dozen Judges disagreeing.
She might for instance be sending it to Facebook so Bob and Chas could
see it, or all her friends could see it - does it make any difference if
only one person can see it ?
Note this situation is different to an IP packet passing through a third
country - it is harder to say then that the communication is received by
the router (although the packet obviously is).
If she is sending her communication to Facebook then it's an external
communication, and it can be intercepted, including content, under an
So what can "they" do under an 8(4) warrant? They can look for keywords,
they can look at it all - about the only thing they can't do is sort
through it for communications to or from a particular person.
Except of course they can do that too, if the SoS signs a RIPA S,16(3)
certificate which allows it. That certificate can apply to an
individual, to some individuals who fit a particular description, to
groups, or the whole population - there is no limitation to the number
of people named or described in the certificate.
(neither is there a limit to the duration of a 16(3) certificate. Also,
the certificate which turns an ordinary warrant into a S.8(4) warrant
does not have a limited life either. The warrant does, but the
certificate does not. How many SoS's have we had since 2000? It would
only take two signatures from any one of them... )
> as is well known, some of these will go abroad en route and
> so be carried on primarily external trunks. It is _not possible to
> intercept the external communications on the trunk without intercepting
> the internal communications as well.>>>_
>>> Now suppose a SoS has signed a blanket warrant to allow the
>>> black-box-operating-agency, hereinafter BlackBoxHQ, to intercept all
>>> external communications (which he can do with a single stroke of the pen
>>> under RIPA 8(4)).
>>> BlackBoxHQ can see that Alice's message to Bob next door is in it's
>>> first step actually a message to a server in the US, and thus an
>>> external communication - and then BlackBoxHQ can look at Alice's
>>> message's _content_, not just it's traffic data.
> Yes, but FWIW (from Bassam letter)
> <<<This selection is in practice designed to collect /external/
> communications that fit the descriptions in the certificate. It is
> therefore not likely to catch many internal communications. It would of
> course be unlawful to /seek/ to catch internal communications in the
> absence of an overlapping warrant or a certificate complying with clause
> (original is italicized)
> This was the most arcane controversy of RIPA (apart from Pt.3) and it
> proved impossible to get media interest. But given the IoCC has never
> commented on certificated warrants since the first report after IoCA, we
> have no idea how diligent he may be at ensuring that nobody is "seeking"
> to catch internal communications in this way.
I think you are missing my point. What Bassam is talking about here is
whether internal communications get swept up in a search for external
The issue I was addressing is intercepting external communications, and
Lord Bassam's words are not relevant to that - he simply assumes it's ok.
> There is a nastier legal problem, which I call "how do they know there
> is a pearl inside the oyster, unless they have already looked inside" -
> this is (badly) explained in the briefing notes at
Yes, that's confusing and sometimes wrong.
/It seemed to me the first IoCC
> fudged this point in his invention of "overlapping warrants", and it has
> never been cleared up or referred to publicly since.
I don't think they have them anymore?
The grounds for a certifying a warrant are much broader now - so broad
that any restrictions they might impose are almost meaningless.
They also have S. 16(3) certificates instead if they want to target
individuals, or groups (or everybody, if they want).
So I don't think they need them anymore either.
 an email is sent to two people, one in the UK, one abroad. The
traffic from the sender to the mail server is a single communication. It
is external because it is received by person two abroad, even though it
is received by person one in the UK - however it "originated and will be
received in the UK" and should therefore be internal according to LB.
There are several other circumstances where the statement
"Communications that originate and are received in the UK are always
"internal" would be just plain wrong, and inconsistent with the
definition “external communication” means a communication sent or
received outside the British Islands; - unless of course when he uses
"internal" he means something other than "not external", the apparently
It is almost
> exactly analogous to the issue that later created the tremendous furore
> in US about "warrantless wiretapping", with the difference that US law
> protects its own citizens categorically by nationality (which was
> tougher to wriggle out of - until 2007/8 - than internal/external
> distinction). There is some kind of irony (not sure what kind) that
> Bassam's note was written on (US) Independence Day ;-)
More information about the ukcrypto