Draft Investigatory Powers Bill

Peter Fairbrother zenadsl6186 at zen.co.uk
Wed Nov 4 20:06:20 GMT 2015 

On 04/11/15 17:55, Paul Barnfather wrote:
>
>> On 4 Nov 2015, at 17:38, Peter Fairbrother <zenadsl6186 at zen.co.uk>
>> wrote:
>>
>> https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/473770/Draft_Investigatory_Powers_Bill.pdf
>>
>>
>>
I have had a quick look, nothing direct about banning encryption.

> <snip>
>
> Is (end-to-end) encryption nevertheless banned implicitly by this
> Bill, via the requirement for the "relevant operator” to provide the
> required “technical capability”?
>
> Presumably Skype/Apple/Facebook/etc will need to add this logging and
> storage capability if they wish to provide services to the UK. If
> that is technically impossible (e.g. for true P2P communications or
> end-to-end encryption with no middleman), then doesn’t the service
> effectively become illegal?
>
> The various commentators are talking about “Internet service
> providers”, but it seems they are not just talking about ISPs like
> Talk Talk and BT. As far as I can tell, they mean “anyone that
> provides a communications service on the Internet”.


yep.  Ss.198(2) - "any person who provides, or is proposing to provide 
[...] telecommunications services".

Including persons outside the UK, ss.198(8).


193(11) “Telecommunications service” means any service that consists in 
the provision of access to, and of facilities for making use of, any 
telecommunication system (whether or not one provided by the person 
providing the service).

193(13) “Telecommunication system” means a system (including the 
apparatus comprised in it) that exists (whether wholly or partly in the 
United Kingdom or elsewhere) for the purpose of facilitating the 
transmission ofcommunications by any means involving the use of 
electrical or electro-magnetic energy.



So, presumably my
> bank’s secure messaging service is covered by this Bill as well?
>
> I’m really struggling to understand the implications of this, so
> please correct me if I’m wrong...
>


AFAICT, you ain't wrong.

However, note that this is only an enabling bill - there would have to 
be a separate regulation, which would have to go through Parliament 
separately, to actually enforce anything.



The same is _not_ true of a requirement to retain comms data (of any
type) under the Bill - the SoS just decides to issue a retention notice, 
and what types of data it refers to.




-- Peter Fairbrother

More information about the ukcrypto mailing list