Being safe on the internet (was Re: Here we go again - ISP DPI, but is it interception?)
Roland Perry
lists at internetpolicyagency.com
Tue Aug 3 18:08:06 BST 2010
In article <4C5835C0.9020803 at ernest.net>, Nicholas Bohm
<nbohm at ernest.net> writes
>If the CMA makes it an offence to do the unauthorised (knowingly), and
>we now know that the only things that give us authority is the use of
>links provided by the webhost, then the CMA is producing a most
>unsatisfactory result. The problem is its inbuilt assumption that
>there is some easily ascertained distinction between what is authorised
>and what is not, whereas in many cases it is hard to be sure
My common sense says that if I am unauthorised to view a web page, then
it will return some kind of error which demonstrates that I have not
presented valid credentials.
Although I am aware that this falls foul of the Law Enforcement model
that if you stumble over an unlocked door, that doesn't mean you are
allowed to open it and go inside. Although I might characterise it more
as looking through a window where someone has failed to draw the
curtains.
I'm sure that risk (passers-by seeing what is on a computer screen) is
one of those which businesses are advised to pay attention to, by the
ICO, in their advice about complying with the seventh Data Protection
principle.
I'm also reminded of those council snoopers who are sent round to peer
inside a house to see if it's really unoccupied (when the owner claims
an exemption). Or are such expeditions authorised as RIPA surveillance
these days?
--
Roland Perry
More information about the ukcrypto
mailing list