Slashdot Mirror

← Back to Stories (view on slashdot.org)

UK Email Retention Plan Technically Flawed

Posted by Soulskill on from the never-stopped-'em-before dept.

deltaromeo points out a BBC report calling the UK's law requiring ISPs to retain users' emails for at least a year an "attack on rights." The article also points out financial and technical flaws with the plan (which we first discussed in October). TechCrunch goes a step further, detailing how it conflicts with other governmental goals. Quoting: "...with one hand the government seeks to lock down the British Internet with an iron fist, while at the same time telling us it is boosting innovation and business online. It is quite clearly blind to the fact that one affects the other. Are we also expected to think that the consumers using online services are not going to be put off from engaging in the boom of 'sharing' that Web 2.0 created? How would you feel if every Twitter you sent, every video uploaded, was to be stored and held against you in perpetuity? That may not happen, but the mere suggestion that your email is no longer private would serve to kill the UK population's relish for new media stone dead, and with it large swathes of the developing online economy."

31 of 115 comments (clear)

  1. Saving emails by TheRecklessWanderer · · Score: 3, Interesting

    Well if the government wants to save your email, then use a gmail account, or hotmail or something for all your clandestine operations.

    Other than that it's business as usual.

    Psstt. Buddy, contact me on the gmail account.

    --
    Mean what you say...say what you mean.
    1. Re:Saving emails by TGoddard · · Score: 5, Insightful

      There's something deeply wrong with a country's attitude to privacy when its people have to turn to the US for better protection.

    2. Re:Saving emails by commodore64_love · · Score: 3, Interesting

      Not really. The U.S. has a Constitution which protects the People's rights from stupid Legislators passing anti-liberty laws. The government is forbidden from seizing or archiving personal mail or email. The UK does not have such constitutional protection.

      It's too bad the EU Constitution did not pass. Its listing of Rights would have provided a basis to overturn this anti-privacy law in the EU Supreme Court.

      --
      "I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
    3. Re:Saving emails by drsmithy · · Score: 2, Insightful

      Countries like Sweden are generally regarded as some of the freest in the world, so the EU can't be all bad.

      It depends on your definition of 'freedom'. If you use the American "free to be the biggest arsehole I want and fuck everybody else" definition, then the EU rates pretty poorly.

    4. Re:Saving emails by nickos · · Score: 3, Insightful

      Sweden regarded free? You must be joking.

      All emails and phone calls are monitored in the name of national security
      Sweden is second from bottom in the EU when it comes to protecting its citizens' private integrity

      This is what happens when a government realises it's large imported religious fundamentalist population has ideas that run counter to their modern progressive ones. See also: the UK

    5. Re:Saving emails by Garrett+Fox · · Score: 3, Informative

      Had, not "has." Neither US party upholds the Constitution except in a very loose sense.

      --
      Revive the Constitution.
  2. 9/11 wasn't due to lack of information by rolfwind · · Score: 3, Informative

    but rather the overflow, with miscommunication thrown in.

    Years ago, when they were talking about information overload - I suppose the people were thinking of individuals. But I'm sure it applies to governments as well.

    And with the governments seeming to get more petty all the time, I suppose that the actual important things are getting implemented poorly or wholly ignored.

    1. Re:9/11 wasn't due to lack of information by calmofthestorm · · Score: 4, Funny

      Oh data mining can sift through threats to the status quo---erm I mean freedom! quite easily, believe me. Machine learning is capable of quite a bit of strange magic.

      --
      93rd rule of Slashdot: No matter how obvious my sarcasm is, my comment will be taken seriously by someone.
  3. Why use ISP email? by CustomDesigned · · Score: 3, Informative

    Anyone except home Windows users has an MTA (or two or three in the case of Linux) included in their OS, and can run their own email. I always use TLS for SMTP. So while the recipient may archive/distribute your email, the ISP won't be able to.

    1. Re:Why use ISP email? by sigipickl · · Score: 4, Informative

      that is unless your residential ISP blocks port 25 outbound at their gateways (and it seems most do nowadays), then you are somewhat bound to at least relay your outbound messages off their servers... TLS doesn't protect much at that point.

      --
      Never trust anyone who takes pride in being called a 'geek'....
    2. Re:Why use ISP email? by EdIII · · Score: 3, Informative

      that is unless your residential ISP blocks port 25

      It's not just your residential ISP that may be doing it. I administrate several large mail servers and I use PBL's. They stand for "policy block lists". These lists are submitted by those same ISPs and my mail servers reject any SMTP connections from those IP addresses.

      SPAM has caused us to resort to blocking whole ranges of IP addresses from being able to send mail.

      If people in the UK have a problem with this then they can use email addresses hosted on servers OUTSIDE the UK. That's the double edged sword of the Internet. You either have to allow it all, or block it all, and there is no in between. The Great Firewall (China), and the The Great Barrier (under construction down unda) will be more leaky than a pasta strainer.

    3. Re:Why use ISP email? by palegray.net · · Score: 2, Insightful

      Ummm... change the SMTP-TLS port on your remote mail server to something other than the standard?

      BTW, I use residential cable for at the house for Internet access, and have no issues sending encrypted mail to my server across the country. Generally, only the standard port (25) is blocked.

      The parent post does skip over one important issue, however: in GB, you can be compelled to hand over your encryption keys or face jail time simply for failing to do so. P-O-L-I-C-E S-T-A-T-E.

      --
      512 MB RAM, 20 GB disk, 200 GB transfer, five datacenters. $19.95/month.
  4. A Classic example of the west's hypocrisy by bogaboga · · Score: 3, Insightful

    "...points out a BBC report calling the UK's law requiring ISPs to retain users' emails for at least a year an "attack on rights."

    China, that the UK has been so adept at criticizing, must be saying..."I told you so...!"

  5. Such optimism by Anonymous Coward · · Score: 2, Insightful

    That may not happen, but the mere suggestion that your email is no longer private would serve to kill the UK population's relish for new media stone dead, and with it large swathes of the developing online economy.

    I wish I had such faith in the awareness and caution of the average British consumer.

  6. surprised by retech · · Score: 4, Informative

    "How would you feel if every Twitter you sent, every video uploaded, was to be stored and held against you in perpetuity?"

    You mean it's not? Seriously, I'd be shocked if it were not stored waiting to rise up and bite me on the ass at the most inopportune moment.

    1. Re:surprised by subreality · · Score: 4, Insightful

      That was my first thought. When I was young and naive, I posted to Usenet under my real name. I knew that was for worldwide distribution, but at the time I didn't expect it to be for worldwide *perpetual* distribution. Then DejaNews comes along and brings back a lot of things that I'd expected to fade away like BBS posts used to do.

      I'm lucky. There's nothing horribly embarrassing or wildly contradicting my current opinions out there. I'd hate to be, say, a reformed racist who'd posted some crazy stuff out there, and who now gets to have people he meets form their opinions about him based on who he was ten years ago.

      These days my real name is a conformist sheep, and I keep my crazy politics to pseudonyms. And even still, I have to think twice about what I say because I know the government is archiving it all for when they want to cherry-pick it to declare me unpatriotic if I embarrass them in some major way. I've accepted that level of exposure, but it's disheartening that the world's superpowers are devolving into this level of totalitarianism.

      Free speech, indeed.

    2. Re:surprised by Teun · · Score: 3, Insightful

      I'm lucky. There's nothing horribly embarrassing or wildly contradicting my current opinions out there.

      Same here, I used my real name on usenet, the difference is that I still use my real name.

      Because I'm not afraid to defend my opinion.
      That opinion might on some subjects have changed over the last 15-odd years but that's only natural, after all I believe in Evolution.

      --
      "The likes of Facebook and WhatsApp are free to those whose privacy is of zero value."
    3. Re:surprised by subreality · · Score: 3, Insightful

      Because I'm not afraid to defend my opinion.

      Well, neither am I. I can admit when I was wrong, and I can take the heat for the things I think are right despite being unpopular ideas.

      But that's beside the point. The problem is when I'm not given the opportunity to defend my opinions. Like in the hypothetical "reformed racist" scenario: Someone searching the net to read about him will come across that, and find what he's said... And then shun him, but he'll never find out why. Or maybe he'll get fired, or people come and key his car. What should he do? Post a sign in his front yard that says "I'm no longer a racist, I was wrong, and I'm sorry for the stupid shit I said in the past"?

      And when it's the government that's archiving everything I've said, it's way worse. Instead of keying my car, they're going to take provocative things I've said in the past and trump them up to make me look like a terrorist, if they ever think I'm rocking their boat too hard.

  7. Re:Governments by Repossessed · · Score: 3, Insightful

    Revolutions just set up worse governments. Riots make the current government clean up its act.

    --
    Liberte, Egalite, Fraternite (TM)
  8. If I were subject to having all my email stored by Zerth · · Score: 3, Interesting

    I'd add a new cron job to email a random 32 bit integer to a freshly created gmail account and have it run as frequently as possible.

    I wonder how long it would take them to arrest me, assuming I wasn't just shot in the back during my morning commute.

    1. Re:If I were subject to having all my email stored by tftp · · Score: 4, Insightful

      Worse still, in UK after you are arrested you will be requested to provide a key to decrypt hundreds of KB of those random numbers that you sent, and you will be in prison until the key is working. Do you think they will believe that your emails were just random numbers? "That's what every crypto-terrorist is claiming!" they will tell you.

      As it stands, you'd be better off if every 32-bit word that you sent is a sequential group of 4 bytes from your favorite book (or its ciphertext, if you wish, made with a known key.) At least when they put your feet over hot coals you will be able to save yourself. If that doesn't happen the numbers remain pretty random and your experiment will be unaffected.

    2. Re:If I were subject to having all my email stored by bootup · · Score: 4, Interesting

      Too late. I already do that sort of. I have a server that I maintain and do daily backups to a gmail account automatically. I use GPG to encrypt the data in 15MB segments. I have it sent to a gmail account daily. Gmail stores up to 8GB (I think/about) and that gives me about 30 days worth of backups at any given moment. When Gmail gets the email they are sent to trash. This way after about 30 days the old stuff gets deleted automatically. It's already working pretty well. I'm in the process of using it right now to restore my server.

    3. Re:If I were subject to having all my email stored by commodore64_love · · Score: 3, Funny

      This is why my basement is wired with explosives.*

      While the cops are entering through the front door, I am exiting out the back, so I can remotely detonate the bombs and blow them to Kingdom Come. (Unless of course they have a valid warrant signed by a judge, in which case they may enter peaceably.)

      *
      * I'm just kidding.
      Or am I?

      --
      "I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
  9. Re:Governments by zippthorne · · Score: 3, Insightful

    And besides, revolutions are *expensive.* You've got to get a whole lot of people to pledge their blood and treasure to your cause.

    And anyone who's that kinda popular can just run for office and win in a landslide with no need to risk bloodshed.

    --
    Can you be Even More Awesome?!
  10. When will the UK citizens finally rise up? by garry_g · · Score: 2, Insightful

    It's been long overdue - the level of surveillance the UK government has set up over the years is really overwhelming ... how many more drops can that barrel take before the UK people finally kick them politicians in their well deserving @sses?

    Here in Germany, with data retention and other laws like the BKA law that have been made over the last couple years, people are slowly waking up and seeing what is happening. 34000 people jointly went to the "Bundesverfassungsgericht" opposing the EU-originated data rentention law ... court has already reduced the state and state institution access to data kept through that law, with final decision expected (or hoped for) some time first or second quarter ...

    It is time for every citizen in the so-called and formerly free and democratic countries to make sure they do everything they can and get the word out to get rid of the surveillance-measures their countries are putting into effect.

    I guess the old saying "Orwell was an optimist" is true after all ...

  11. Email is private? by dov_0 · · Score: 2, Informative

    These people think that email is private?

    --
    sudo mount --milk --sugar /cup/tea /mouth /etc/init.d/relax start
  12. Its not the content by Metatron · · Score: 5, Informative

    The only requirement is to keep the logs for a year, from/to/time/date. Their thoughts (rightly or wrongly) is they want to be able to bring email inline with telephone records, where they can find out who called who and when - but not what you spoke about (we'll leave that to Echelon).

  13. Sadly, I don't think anyone cares by thegoldenear · · Score: 3, Insightful

    the mere suggestion that your email is no longer private would serve to kill the UK population's relish for new media stone dead

    I only wish that were true, but sadly I feel your statement is something you dragged out of your ass. Most people's behaviour so far in using the likes of Facebook have shown that they're not likely to worry.

    Pete Boyd

  14. Get Involved by DrChrisJ · · Score: 5, Informative

    Here are some links for you guys to check out. Please get out there and get involved: The Open Rights Group look to promote your rights in a digital age: http://www.openrightsgroup.org/ Tom Watson (a labour cabinet minister who has a blog) recently encouraged debate about a proposal by the culture secretary Andy Burnham concerning internet censorship. Here is a link to that post, and be sure to bring up this is issue and the proposed issue of a wider internet database: http://www.tom-watson.co.uk/2008/12/andy-burnham-and-internet-site-classification/ Try getting in contact with the Home Office directly and make your views heard: Address: Home Office, Direct Communications Unit, 2 Marsham Street, London SW1P 4DF. Tel: 020 7035 4848 Email: public.enquiries@homeoffice.gsi.gov.uk The Labour Party can be contacted at: Address: The Labour Party, Eldon House, Regent Centre, Newcastle Upon Tyne, NE3 3PW. Tel: 08705 900 200 And above all else, keep up the pressure. Governments are concerned with one thing and one thing only. Power. If they realise this is an issue that could cost them an election, they will have very little option but to rethink. Thank You.

  15. Most people won't care by fantomas · · Score: 5, Insightful

    Really, I don't think most people will care. If a nice leaflet/broadcast/website from the government explains "it's to catch terrorists" and "it's to catch really super big evil criminals" - most people will say "well I am not one of those so I don't care". A few people will mutter over their pints of beer and a couple of articles will appear in the papers, uber-geeks will use some encryption or other work around, the real criminals will read the geek websites and learn how to cover their tracks, and 99% of the population will just go on as before. They don't mind giving their credit card details out to online stores they've never heard of before, they'll not worry the government keeps a copy of their emails.

    Little public outrage was voiced here in the UK when Echelon became known about. A few left wing and liberal newspapers wrote big articles on it blowing the whole thing open to the middle class public and it didn't get much more feedback than a few people switching their vote to a different mainstream party, a couple of letters from Angry of Tunbridge Wells to the Times, and a few dozen hackers waving banners outside a government building or two. The man on the Clapham omnibus just won't care.

  16. Re:They'll get their way by adamofgreyskull · · Score: 2, Insightful

    I have no idea why the parent post was modded "Troll"?? This is what concerns me more than anything. The Daily Fail will sensationalise anything, and unfortunately it's read by a lot of old people and a lot of people who are marginally too intelligent to read The Sun but not intelligent enough to realise the Daily Mail is no better. People who will turn out in record numbers to vote for any legislation that will hang hoodies and expel immigrants.

    Light bulbs...not a particularly sensational story right? Wrong. Apparently. My grandad now believes it's every citizen's right to be able to buy "traditional" light bulbs, especially as those new-fangled light bulbs can give you The Skin Cancer!

    The 70 and 80 year olds around today may have fought in the war, but they didn't know why. They were at war with The Hun and that's about as far as there understanding of world-politics ever went. "The 60s" as you say, was an era of love and peace, but think about all the 25-40 year olds who couldn't shirk responsibilities like work and family to discover theirselves. While Mary Quant was stirring up the Kings Road, and The Beatles were visiting the Maharaja, they were working to put food on the table. So the dissonance between those two things is actually quite easy to understand. And don't forget, anyone over 18 between 1939 and 1952 will have had to carry an ID Card, as they see it, if you have nothing to hide, then why should you have anything to fear?