Policy under an unchained Theresa May

[Peter Fairbrother]

On 09/05/15 14:58, Peter Mitchell wrote:
> “A Conservative government would be giving the security agencies and law
> enforcement agencies the powers that they need to ensure they're keeping
> up to date as people communicate with communications data. We were
> prevented from bringing in that legislation into the last government
> because of the coalitions with the Lib Dems and we are determined to
> bring that through because we believe that is necessary to maintain the
> capabilities of our law enforcement agencies so they can continue to do
> the excellent job day in day out of keeping us safe and secure”

I don't think "people communicate with communications data"; that aside, 
I don't get Theresa May either, she already seems madder than Mad Maggie 
at her maddest.

Unchained?? Ouch.

Maybe Cameron is keeping his enemies closer ..


But will it work? Afaics the Police and/or spooks are telling her:

1] "we are losing access to content because people are using encryption"

2] "we are losing access to comms data because people are using facebook 
(and perhaps the ECtJ ruling)"

and

3] "we need lots of data to datamine for terrorists" - they may be 
telling the Foreign Secretary as well as Theresa.


Back to ISPs storing straight comms data? I suppose it could be worse.


Comms data for people communicating via Facebook, online games, etc?

Mass "black box" Facebook comms data can't be collected unless the black 
box decrypts everything, and there is probably too much data there 
anyway. I don't think it's realistically possible to collect mass 
Facebook-type data with black boxes, though perhaps targeted data could 
be collected.

However, as targeted Facebook-type comms data could be collected by the 
ISP, with some sort of "comms data only" warrant or authorisation, I 
don't think black boxes are a suitable means for collecting targeted 
FB-type comms data.

Even then, something would have to be done about encryption for FB-type 
comms data collection.


Banning encryption, mandatory backdoors? At least this list will be 
getting busier. But it won't work, and it most certainly isn't going to 
be cost-effective - the cost of banning TLS would be astronomical.

Even if it did work, all it can produce is either targeted data (which 
can be obtained in other ways, in most cases at lower cost) or mass 
data, which is useless for catching people.






Wrote this for something else, but it seems relevant here:

Mass data can help once someone is caught, eg there are tales of 
supporting evidence found in people's comms data after they were 
arrested - but it can't catch people in the first place.

But datamining for terrorists doesn't work, the baseline problem (aka 
base rate fallacy) rules it out.

http://www.badscience.net/2009/02/datamining-would-be-lovely-if-it-worked/

https://www.schneier.com/essays/archives/2005/03/why_data_mining_wont.html


When you look at a population the size of the UK, depending how you look 
there are either too many potential suspects, so it doesn't help, or too 
few. almost all of whom are false positives - so you don't actually 
catch the bad guys.

This is especially true of the real bad guys, who try not to be caught, 
and who don't post their murders on facebook or the like.

In the US there are no known cases where datamining of mass interception 
product or comms data has initially identified someone as a person of 
interest, who was subsequently investigated as a result of that 
identification and convicted.

All the NSA's vaunted mass data collection? - datamining it has never 
initially identified a single terrorist. Not one.

[There aren't any known cases in the UK either, but as evidence of 
interception wouldn't be allowed in Court that doesn't say much, so I 
use the US example instead.]


-- Peter Fairbrother