Slashdot Mirror

← Back to Stories (view on slashdot.org)

UK Email Retention Plan Technically Flawed

Posted by Soulskill on from the never-stopped-'em-before dept.

deltaromeo points out a BBC report calling the UK's law requiring ISPs to retain users' emails for at least a year an "attack on rights." The article also points out financial and technical flaws with the plan (which we first discussed in October). TechCrunch goes a step further, detailing how it conflicts with other governmental goals. Quoting: "...with one hand the government seeks to lock down the British Internet with an iron fist, while at the same time telling us it is boosting innovation and business online. It is quite clearly blind to the fact that one affects the other. Are we also expected to think that the consumers using online services are not going to be put off from engaging in the boom of 'sharing' that Web 2.0 created? How would you feel if every Twitter you sent, every video uploaded, was to be stored and held against you in perpetuity? That may not happen, but the mere suggestion that your email is no longer private would serve to kill the UK population's relish for new media stone dead, and with it large swathes of the developing online economy."

25 of 115 comments (clear)

  1. Saving emails by TheRecklessWanderer · · Score: 3, Interesting

    Well if the government wants to save your email, then use a gmail account, or hotmail or something for all your clandestine operations.

    Other than that it's business as usual.

    Psstt. Buddy, contact me on the gmail account.

    --
    Mean what you say...say what you mean.
    1. Re:Saving emails by TGoddard · · Score: 5, Insightful

      There's something deeply wrong with a country's attitude to privacy when its people have to turn to the US for better protection.

    2. Re:Saving emails by commodore64_love · · Score: 3, Interesting

      Not really. The U.S. has a Constitution which protects the People's rights from stupid Legislators passing anti-liberty laws. The government is forbidden from seizing or archiving personal mail or email. The UK does not have such constitutional protection.

      It's too bad the EU Constitution did not pass. Its listing of Rights would have provided a basis to overturn this anti-privacy law in the EU Supreme Court.

      --
      "I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
    3. Re:Saving emails by nickos · · Score: 3, Insightful

      Sweden regarded free? You must be joking.

      All emails and phone calls are monitored in the name of national security
      Sweden is second from bottom in the EU when it comes to protecting its citizens' private integrity

      This is what happens when a government realises it's large imported religious fundamentalist population has ideas that run counter to their modern progressive ones. See also: the UK

    4. Re:Saving emails by Garrett+Fox · · Score: 3, Informative

      Had, not "has." Neither US party upholds the Constitution except in a very loose sense.

      --
      Revive the Constitution.
  2. 9/11 wasn't due to lack of information by rolfwind · · Score: 3, Informative

    but rather the overflow, with miscommunication thrown in.

    Years ago, when they were talking about information overload - I suppose the people were thinking of individuals. But I'm sure it applies to governments as well.

    And with the governments seeming to get more petty all the time, I suppose that the actual important things are getting implemented poorly or wholly ignored.

    1. Re:9/11 wasn't due to lack of information by calmofthestorm · · Score: 4, Funny

      Oh data mining can sift through threats to the status quo---erm I mean freedom! quite easily, believe me. Machine learning is capable of quite a bit of strange magic.

      --
      93rd rule of Slashdot: No matter how obvious my sarcasm is, my comment will be taken seriously by someone.
  3. Why use ISP email? by CustomDesigned · · Score: 3, Informative

    Anyone except home Windows users has an MTA (or two or three in the case of Linux) included in their OS, and can run their own email. I always use TLS for SMTP. So while the recipient may archive/distribute your email, the ISP won't be able to.

    1. Re:Why use ISP email? by sigipickl · · Score: 4, Informative

      that is unless your residential ISP blocks port 25 outbound at their gateways (and it seems most do nowadays), then you are somewhat bound to at least relay your outbound messages off their servers... TLS doesn't protect much at that point.

      --
      Never trust anyone who takes pride in being called a 'geek'....
    2. Re:Why use ISP email? by EdIII · · Score: 3, Informative

      that is unless your residential ISP blocks port 25

      It's not just your residential ISP that may be doing it. I administrate several large mail servers and I use PBL's. They stand for "policy block lists". These lists are submitted by those same ISPs and my mail servers reject any SMTP connections from those IP addresses.

      SPAM has caused us to resort to blocking whole ranges of IP addresses from being able to send mail.

      If people in the UK have a problem with this then they can use email addresses hosted on servers OUTSIDE the UK. That's the double edged sword of the Internet. You either have to allow it all, or block it all, and there is no in between. The Great Firewall (China), and the The Great Barrier (under construction down unda) will be more leaky than a pasta strainer.

  4. A Classic example of the west's hypocrisy by bogaboga · · Score: 3, Insightful

    "...points out a BBC report calling the UK's law requiring ISPs to retain users' emails for at least a year an "attack on rights."

    China, that the UK has been so adept at criticizing, must be saying..."I told you so...!"

  5. surprised by retech · · Score: 4, Informative

    "How would you feel if every Twitter you sent, every video uploaded, was to be stored and held against you in perpetuity?"

    You mean it's not? Seriously, I'd be shocked if it were not stored waiting to rise up and bite me on the ass at the most inopportune moment.

    1. Re:surprised by subreality · · Score: 4, Insightful

      That was my first thought. When I was young and naive, I posted to Usenet under my real name. I knew that was for worldwide distribution, but at the time I didn't expect it to be for worldwide *perpetual* distribution. Then DejaNews comes along and brings back a lot of things that I'd expected to fade away like BBS posts used to do.

      I'm lucky. There's nothing horribly embarrassing or wildly contradicting my current opinions out there. I'd hate to be, say, a reformed racist who'd posted some crazy stuff out there, and who now gets to have people he meets form their opinions about him based on who he was ten years ago.

      These days my real name is a conformist sheep, and I keep my crazy politics to pseudonyms. And even still, I have to think twice about what I say because I know the government is archiving it all for when they want to cherry-pick it to declare me unpatriotic if I embarrass them in some major way. I've accepted that level of exposure, but it's disheartening that the world's superpowers are devolving into this level of totalitarianism.

      Free speech, indeed.

    2. Re:surprised by Teun · · Score: 3, Insightful

      I'm lucky. There's nothing horribly embarrassing or wildly contradicting my current opinions out there.

      Same here, I used my real name on usenet, the difference is that I still use my real name.

      Because I'm not afraid to defend my opinion.
      That opinion might on some subjects have changed over the last 15-odd years but that's only natural, after all I believe in Evolution.

      --
      "The likes of Facebook and WhatsApp are free to those whose privacy is of zero value."
    3. Re:surprised by subreality · · Score: 3, Insightful

      Because I'm not afraid to defend my opinion.

      Well, neither am I. I can admit when I was wrong, and I can take the heat for the things I think are right despite being unpopular ideas.

      But that's beside the point. The problem is when I'm not given the opportunity to defend my opinions. Like in the hypothetical "reformed racist" scenario: Someone searching the net to read about him will come across that, and find what he's said... And then shun him, but he'll never find out why. Or maybe he'll get fired, or people come and key his car. What should he do? Post a sign in his front yard that says "I'm no longer a racist, I was wrong, and I'm sorry for the stupid shit I said in the past"?

      And when it's the government that's archiving everything I've said, it's way worse. Instead of keying my car, they're going to take provocative things I've said in the past and trump them up to make me look like a terrorist, if they ever think I'm rocking their boat too hard.

  6. Re:Governments by Repossessed · · Score: 3, Insightful

    Revolutions just set up worse governments. Riots make the current government clean up its act.

    --
    Liberte, Egalite, Fraternite (TM)
  7. If I were subject to having all my email stored by Zerth · · Score: 3, Interesting

    I'd add a new cron job to email a random 32 bit integer to a freshly created gmail account and have it run as frequently as possible.

    I wonder how long it would take them to arrest me, assuming I wasn't just shot in the back during my morning commute.

    1. Re:If I were subject to having all my email stored by tftp · · Score: 4, Insightful

      Worse still, in UK after you are arrested you will be requested to provide a key to decrypt hundreds of KB of those random numbers that you sent, and you will be in prison until the key is working. Do you think they will believe that your emails were just random numbers? "That's what every crypto-terrorist is claiming!" they will tell you.

      As it stands, you'd be better off if every 32-bit word that you sent is a sequential group of 4 bytes from your favorite book (or its ciphertext, if you wish, made with a known key.) At least when they put your feet over hot coals you will be able to save yourself. If that doesn't happen the numbers remain pretty random and your experiment will be unaffected.

    2. Re:If I were subject to having all my email stored by bootup · · Score: 4, Interesting

      Too late. I already do that sort of. I have a server that I maintain and do daily backups to a gmail account automatically. I use GPG to encrypt the data in 15MB segments. I have it sent to a gmail account daily. Gmail stores up to 8GB (I think/about) and that gives me about 30 days worth of backups at any given moment. When Gmail gets the email they are sent to trash. This way after about 30 days the old stuff gets deleted automatically. It's already working pretty well. I'm in the process of using it right now to restore my server.

    3. Re:If I were subject to having all my email stored by commodore64_love · · Score: 3, Funny

      This is why my basement is wired with explosives.*

      While the cops are entering through the front door, I am exiting out the back, so I can remotely detonate the bombs and blow them to Kingdom Come. (Unless of course they have a valid warrant signed by a judge, in which case they may enter peaceably.)

      *
      * I'm just kidding.
      Or am I?

      --
      "I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
  8. Re:Governments by zippthorne · · Score: 3, Insightful

    And besides, revolutions are *expensive.* You've got to get a whole lot of people to pledge their blood and treasure to your cause.

    And anyone who's that kinda popular can just run for office and win in a landslide with no need to risk bloodshed.

    --
    Can you be Even More Awesome?!
  9. Its not the content by Metatron · · Score: 5, Informative

    The only requirement is to keep the logs for a year, from/to/time/date. Their thoughts (rightly or wrongly) is they want to be able to bring email inline with telephone records, where they can find out who called who and when - but not what you spoke about (we'll leave that to Echelon).

  10. Sadly, I don't think anyone cares by thegoldenear · · Score: 3, Insightful

    the mere suggestion that your email is no longer private would serve to kill the UK population's relish for new media stone dead

    I only wish that were true, but sadly I feel your statement is something you dragged out of your ass. Most people's behaviour so far in using the likes of Facebook have shown that they're not likely to worry.

    Pete Boyd

  11. Get Involved by DrChrisJ · · Score: 5, Informative

    Here are some links for you guys to check out. Please get out there and get involved: The Open Rights Group look to promote your rights in a digital age: http://www.openrightsgroup.org/ Tom Watson (a labour cabinet minister who has a blog) recently encouraged debate about a proposal by the culture secretary Andy Burnham concerning internet censorship. Here is a link to that post, and be sure to bring up this is issue and the proposed issue of a wider internet database: http://www.tom-watson.co.uk/2008/12/andy-burnham-and-internet-site-classification/ Try getting in contact with the Home Office directly and make your views heard: Address: Home Office, Direct Communications Unit, 2 Marsham Street, London SW1P 4DF. Tel: 020 7035 4848 Email: public.enquiries@homeoffice.gsi.gov.uk The Labour Party can be contacted at: Address: The Labour Party, Eldon House, Regent Centre, Newcastle Upon Tyne, NE3 3PW. Tel: 08705 900 200 And above all else, keep up the pressure. Governments are concerned with one thing and one thing only. Power. If they realise this is an issue that could cost them an election, they will have very little option but to rethink. Thank You.

  12. Most people won't care by fantomas · · Score: 5, Insightful

    Really, I don't think most people will care. If a nice leaflet/broadcast/website from the government explains "it's to catch terrorists" and "it's to catch really super big evil criminals" - most people will say "well I am not one of those so I don't care". A few people will mutter over their pints of beer and a couple of articles will appear in the papers, uber-geeks will use some encryption or other work around, the real criminals will read the geek websites and learn how to cover their tracks, and 99% of the population will just go on as before. They don't mind giving their credit card details out to online stores they've never heard of before, they'll not worry the government keeps a copy of their emails.

    Little public outrage was voiced here in the UK when Echelon became known about. A few left wing and liberal newspapers wrote big articles on it blowing the whole thing open to the middle class public and it didn't get much more feedback than a few people switching their vote to a different mainstream party, a couple of letters from Angry of Tunbridge Wells to the Times, and a few dozen hackers waving banners outside a government building or two. The man on the Clapham omnibus just won't care.