sorry, but ...

Wed Jul 25 17:45:38 BST 2012

Hi Peter

'fraid don't have time to answer all these points, but one of the main 
points of the probing amendments on 16(3) was to establish if they were 
intended to make Overlapping warrants obsolete. The answer in Bassam's 
letter was an unequivocal "no".

I don't think Facebook raises any new points of principle regarding 
interpretation of external/internal, than posting messages to a offshore 
bulletin-board system with a open or closed membership. How the 
interpretation works we don't know (one of the main drawbacks of having 
all of this adjudicated inside the head of a single Commissioner - who 
have not seen fit to discuss publicly in 26 years)

when I said "it doesn't matter", I just meant that Bassam letter makes 
it clear that internal communications "inadvertently" intercepted under 
an external warrant do not break the law.

Caspar

On 07/25/2012 02:36 PM, Peter Fairbrother wrote:
> Hi Caspar, long time no see.
>
> On 25/07/12 09:03, Caspar Bowden (travelling) wrote:
>>
>> Hi Peter
>>
>> On 07/25/2012 12:35 AM, Peter Fairbrother wrote:
>>>> stream, and it's looking for traffic data in traffic that's to 
>>>> let's say
>>>> the Facebook or Twitter or googlemail or WoW or Habbo sites.
>>
>> (AFAIK Facebook say they fall under Irish jurisdiction for their EU
>> users w.r.t DP law at least)
>>
>>>> These are afaik all hosted in the US, but they have strong UK
>>>> connections.
>>>>
>>>> Let's suppose both Alice and Bob are in the UK. Now suppose Alice 
>>>> sends
>>>> Bob a message through facebook, or another of the US social media 
>>>> sites.
>>>>
>>>> The black box sees and finds the traffic data concerned with Alice's
>>>> message, quite lawfully under the new bill - and the traffic data it
>>>> sees tells it it's an external communication, a message to a server
>>>> outside the UK.
>>
>> AFAIK the last word (but grateful for any later ref) we have on HMG's
>> understanding is from 4th July 2000 (this was in response to FIPR
>> probing amendments about the new "domestic trawling" warrant in S.16(3),
>> misleadingly placed in a section called "Safeguards").
>
>> In theory, what defines internal/external is whether the communication
>> (at whatever protocol level) is "received" in the UK (rather than where
>> a server is located), but in practice this doesn't matter
>
>
> Could you say why it doesn't matter? That's not clear to me. Thx.
>>
>> http://www.fipr.org/rip/Bassam%20reply%20to%20Phillips%20on%20S.15.3.htm/ 
>>
>> (worth reading whole thing and context at
>> http://www.fipr.org/rip/#Overlapping)
>
> Lord Bassam:
> I confirm what I said in the House, that a communication from one 
> point in the British Islands to another point in the British Islands 
> is 'internal' even if its route takes it outside the British Islands.
>
> [...]
>
> and
> Lord Bassam:
>> Communications that originate and are received in the UK are always
>> "internal";
>
> So says Lord Bassam. But I very much doubt that he had Facebook in 
> mind when he said that, so even if he was correct (he wasn't[1]), or 
> if what he said had any legal significance because he said it, it 
> doesn't apply to the Facebook situation.
>
> And so as ever we are left with the plain wording of the law:
>
> RIPA S.20: “external communication” means a communication sent or 
> received outside the British Islands;
>
> When Alice sends her message to Bob via Facebook in Eire, is her 
> communication received by Facebook?
>
> I'd say it was, and I can't see a dozen Judges disagreeing.
>
> She might for instance be sending it to Facebook so Bob and Chas could 
> see it, or all her friends could see it - does it make any difference 
> if only one person can see it ?
>
>
> Note this situation is different to an IP packet passing through a 
> third country - it is harder to say then that the communication is 
> received by the router (although the packet obviously is).
>
> If she is sending her communication to Facebook then it's an external 
> communication, and it can be intercepted, including content, under an 
> 8(4) warrant.
>
>
> So what can "they" do under an 8(4) warrant? They can look for 
> keywords, they can look at it all - about the only thing they can't do 
> is sort through it for communications to or from a particular person.
>
> Except of course they can do that too, if the SoS signs a RIPA S,16(3) 
> certificate which allows it. That certificate can apply to an 
> individual, to some individuals who fit a particular description, to 
> groups, or the whole population - there is no limitation to the number 
> of people named or described in the certificate.
>
> (neither is there a limit to the duration of a 16(3) certificate. 
> Also, the certificate which turns an ordinary warrant into a S.8(4) 
> warrant does not have a limited life either. The warrant does, but the 
> certificate does not. How many SoS's have we had since 2000? It would 
> only take two signatures from any one of them... )
>
>
>> as is well known, some of these will go abroad en route and
>> so be carried on primarily external trunks. It is _not possible to
>> intercept the external communications on the trunk without intercepting
>> the internal communications as well.>>>_
>>
>>
>>>> Now suppose a SoS has signed a blanket warrant to allow the
>>>> black-box-operating-agency, hereinafter BlackBoxHQ, to intercept all
>>>> external communications (which he can do with a single stroke of 
>>>> the pen
>>>> under RIPA 8(4)).
>>>>
>>>> BlackBoxHQ can see that Alice's message to Bob next door is in it's
>>>> first step actually a message to a server in the US, and thus an
>>>> external communication - and then BlackBoxHQ can look at Alice's
>>>> message's _content_, not just it's traffic data.
>>
>> Yes, but FWIW (from Bassam letter)
>>
>> <<<This selection is in practice designed to collect /external/
>> communications that fit the descriptions in the certificate. It is
>> therefore not likely to catch many internal communications. It would of
>> course be unlawful to /seek/ to catch internal communications in the
>> absence of an overlapping warrant or a certificate complying with clause
>> 15(3).>>>
>> (original is italicized)
>>
>> This was the most arcane controversy of RIPA (apart from Pt.3) and it
>> proved impossible to get media interest. But given the IoCC has never
>> commented on certificated warrants since the first report after IoCA, we
>> have no idea how diligent he may be at ensuring that nobody is "seeking"
>> to catch internal communications in this way.
>
>
> I think you are missing my point. What Bassam is talking about here is 
> whether internal communications get swept up in a search for external 
> communications.
>
> The issue I was addressing is intercepting external communications, 
> and Lord Bassam's words are not relevant to that - he simply assumes 
> it's ok.
>
>>
>> There is a nastier legal problem, which I call "how do they know there
>> is a pearl inside the oyster, unless they have already looked inside" -
>> this is (badly) explained in the briefing notes at
>> /http://www.fipr.org/rip/#Overlapping.
>
> Yes, that's confusing and sometimes wrong.
>
> /It seemed to me the first IoCC
>> fudged this point in his invention of "overlapping warrants", and it has
>> never been cleared up or referred to publicly since.
>
> I don't think they have them anymore?
>
> The grounds for a certifying a warrant are much broader now - so broad 
> that any restrictions they might impose are almost meaningless.
>
> They also have S. 16(3) certificates instead if they want to target 
> individuals, or groups (or everybody, if they want).
>
> So I don't think they need them anymore either.
>
>
> -- Peter
>
> [1] an email is sent to two people, one in the UK, one abroad. The 
> traffic from the sender to the mail server is a single communication. 
> It is external because it is received by person two abroad, even 
> though it is received by person one in the UK - however it "originated 
> and will be received in the UK" and should therefore be internal 
> according to LB.
>
> There are several other circumstances where the statement 
> "Communications that originate and are received in the UK are always 
> "internal" would be just plain wrong, and inconsistent with the 
> definition “external communication” means a communication sent or 
> received outside the British Islands; - unless of course when he uses 
> "internal" he means something other than "not external", the 
> apparently relevent definition.
>
>  It is almost
>> exactly analogous to the issue that later created the tremendous furore
>> in US about "warrantless wiretapping", with the difference that US law
>> protects its own citizens categorically by nationality (which was
>> tougher to wriggle out of - until 2007/8 - than internal/external
>> distinction). There is some kind of irony (not sure what kind) that
>> Bassam's note was written on (US) Independence Day ;-)
>>
>> Caspar
>>
>> /
>>
>> /
>
>
>
>