Data retention directive "invalid"

Roland Perry lists at internetpolicyagency.com
Sat Apr 12 12:12:23 BST 2014 

In article <48CD028A501A45BEB16D41DCEAF60BF2 at MaryPC>, Mary Hawking 
<maryhawking at tigers.demon.co.uk> writes
>I'm getting a bit confused.
>I have a Home Office contract with Demon:

Oh, very good.

>as far as I know there is no volume restriction.
>Why does Demon need to keep any traffic data on my use of this service -

Traffic data is where to/from, generally, rather than the quantity.

Although the ISP I migrated away from this week was definitely 
monitoring my usage of email in case I was a spammer. The volume of data 
was unlimited, but I could only send something like 500 emails a day.

>apart from requirements from the Home Office?

It's possible Demon might also be monitoring email traffic data (not the 
contents) as part of a wider anti-abuse policy, and also to be able to 
answer questions like "why wasn't that email I sent yesterday 
delivered". But I have no recent information about that sort of thing.

Then there's the difference between "Unlimited", "truly Unlimited" and 
"completely Unlimited - apart from a fair use policy". Sorry, I made 
that last one up.

>Mary Hawking
>Retired from NHS on 31.3.13 because of the Health and Social Care Act 2012
>"thinking - independent thinking - is to humans as swimming is to cats: we
>can do it if we really have to."  Mark Earles on Radio 4
>blog http://maryhawking.wordpress.com/ And Fred!
>http://primaryhealthinfo.wordpress.com/2013/11/02/freds-saying-you-just-dont
>-get-it/
>
>-----Original Message-----
>From: Roland Perry [mailto:lists at internetpolicyagency.com]
>Sent: 11 April 2014 13:12
>To: ukcrypto at chiark.greenend.org.uk
>Subject: Re: Data retention directive "invalid"
>
>In article <5347AC78.8080206 at zen.co.uk>, Peter Fairbrother
><zenadsl6186 at zen.co.uk> writes
>>On 11/04/14 07:52, Roland Perry wrote:
>>> In article <534705C6.6040306 at zen.co.uk>, Peter Fairbrother
>>> <zenadsl6186 at zen.co.uk> writes
>>>> If an ISP has agreements with the Home Office regarding distributing
>>>> data to Police forces etc, I don't think these can be enforced.
>>>
>>> Data disclosure is disjoint from retention, and is covered by RIPA. It's
>>> not an agreement, but an obligation (on receipt of the necessary
>>> paperwork).
>>
>>Ah, I wasn't clear - what I meant was if an ISP deletes its data then
>>any contracts made under the CoP regarding data distribution (eg re
>>SPOCs, payments etc) would be unenforcable, as the ends of the contract
>>necessarily involve unlawfulness (ie retaining the data).
>
>Describing as either "distribution" or a "contract" is wrong.
>
>>>> Certainly they cannot be enforced if the CoP is invalid, and probably
>>>> not otherwise if it is only partly disproportionate, which it almost
>>>> certainly is.
>>>
>>> I don't think disclosure is conditional on how you happened to have the
>>> data. If the data exists, it can be required to be disclosed.
>>
>>There is no penalty under RIPA for failing to distribute the data if
>>they don't have it.
>
>It's not distribution, it's access-on-demand.
>
>>And, I don't think they have to distribute the data under RIPA anyway -
>>it would be disproportionate.
>
>You've made up this "distribution" thing.
>

-- 
Roland Perry

More information about the ukcrypto mailing list