https - hopefully not too stupid a question

Peter Fairbrother zenadsl6186 at
Mon Jun 18 19:44:43 BST 2012

Andrew Cormack wrote:

> IIUC my example is exactly the sort of thing the "black boxes" are
> going to be asked to do - Internet Access Providers being asked to
> dig out the comms data that will be used by those webmail etc.
> providers that won't voluntarily participate in data
> retention/disclosure. So it's commsdata for the purpose of the
> webmail provider but just bytes for the access provider.

Just to be clear, that's not interception as defined in RIPA. It's not 
banned by clause 1(4) of the draft bill.

If it's traffic data (or even if it might be traffic data) for the 
webmail provider, then anyone, anyone at all - including the access 
provider, or some shadowy filtering organisation - looking through the 
entire UK's web traffic for that traffic data would still not be 

Frances may be right (and me wrong) about the clause 9 stuff, but I'm 
pretty sure I'm right about the above.

I'm not so sure about the clause 9 stuff either though - I haven't 
analysed Part 2 in detail yet - but afaics I _think_ an authorised 
person can say "I want you to filter all your traffic looking for 
secondary traffic data", and an appointed filtering organisation can say 
"give me access to all your traffic so I can look for "secondary" 
traffic data".

I can't see anything that would prevent either of those, and I can see 
plenty which would allow them. More to follow.. but I can't find any 
practical limitations on the input to, or size of, the filtering operation.

--Peter Fairbrother

> Andrew
> -- Andrew Cormack Chief Regulatory Adviser, Janet t: +44 1235 822302 
> b:
>  Janet, the UK's research and education network

More information about the ukcrypto mailing list