UK To Track All Browsing, Email, and Phone Calls

Sara Chan writes "The UK government plans to introduce legislation that will allow the police to track every phone call, email, text message and website visit made by the public. The information will include who is contacting whom, when and where and which websites are visited, but not the content of the conversations or messages. Every communications provider will be required to store the information for at least a year."

They already track you with cameras

[Trip6]

...at every intersection in London. I guess the ACLU was unsuccessful in setting up a branch office.

Re:They already track you with cameras

[characterZer0]

I guess the ACLU was unsuccessful in setting up a branch office.

The same thing is going to happen in the US, ACLU or not. The bills are already written. They are just waiting for another 9/11 to they can ram them through.

Re:They already track you with cameras

[djdavetrouble]

[citation needed]

[Citation Redacted]

Senationalist headline

[elrous0]

How about: *Proposal* in UK To Track All Browsing, Email, and Phone Calls?

Re:Senationalist headline

[fuyu-no-neko]

How about: *Proposal* in UK To Track All Browsing, Email, and Phone Calls?

I guess it depends how cynical you are about the law-making process. Whilst I'm yet to make my mind up on the current government, I can definitely see why some people make the jump to thinking that this is as good as done. It's not as if the previous government particularly cared about our rights after all.

Re:Senationalist headline

How about: *Proposal* in UK To Track All Browsing, Email, and Phone Calls?

Let me put it another way: When's the last time you saw a *Proposal* to stop tracking browsing, email, and phone calls, because free countries ought not to place their citizens, insofar as there is no reasonable suspicion that they're committing any crimes whatsoever, under surveillance? (Or even a simple nationalistic argument: "...on the grounds that nations governed under the opposing principles turned into the states against whom we had to fight during WW2 and the Cold War.")

Re:Senationalist headline

How about: *Proposal* in UK To Track All Browsing, Email, and Phone Calls?

Not even a proposal. It's speculation that there might be a proposal. If you read the actual quote from the defence review from the article, it more or less says: 'we need to upgrade lawful intercept capabilities to help fight terrorism'.

Now OK, there may be some civil liberties issues with what the government eventually comes up with. But there is a difference between being worried and making shit up, and this article has crossed that line.

Re:Senationalist headline

[exomondo]

How about: *Proposal* in UK To Track All Browsing, Email, and Phone Calls?

Just like a little while ago 'Australia to ban pedestrians from using ipods', which was in actuality an organisation - which comprised of a single person - that voiced an extremist opinion.

Re:Senationalist headline

[cappp]

Isn't this already the law? At least, so far as preserving records is concerned. The EU Directive 2006/24/EC pretty much made it a requirement that states retain records of everything being done.

Member States shall adopt measures to ensure that the data specified in Article 5 of this Directive are retained in accordance with the provisions thereof, to the extent that those data are generated or processed by providers of publicly available electronic communications services or of a public communications network within their jurisdiction in the process of supplying the communications services concerned.

Article 5
Categories of data to be retained
(2) concerning Internet access, Internet e-mail and Internet telephony

Further, the Anti-Terrorism, Crime and Security Act 2001 in the UK facilitated the state's power to do just that.

So I'm just wondering what the difference being proposed is? If the proposal headling is sensational then surely the responce to it is to given the existance of legislation already? Is it the real-time tracking thats at issue? The Telegraph article only included

We will introduce a programme to preserve the ability of the security, intelligence and law enforcement agencies to obtain communication data and to intercept communications within the appropriate legal framework.

Re:Senationalist headline

[marcello_dl]

> without a hint of malice...

I beg to differ.
Malice -> from latin Malitia -> from Malus = evil; therefore "evil thing" in latin is Malum
Malum -> latin for... apple.

That's what i call a hint :D

Re:Senationalist headline

[MoonBuggy]

The last time I saw a proposal like that (specific wording was a pledge to "end the storage of internet and email records without good reason") was a few months back. It came from the very same coalition government who are proposing this surveillance.

To be honest I'm actually disappointed. I didn't have especially high hopes, but I was expecting a little better than this.

Re:Senationalist headline

[GofG]

malo malo malo malo

sans macrons, but has been used in latin poetry to mean "i'd rather be an apple tree than an evil man in adversity"

-5 offtopic

Re:Senationalist headline

[L4t3r4lu5]

You forget that "... to stop terrorism" is the equivalent of "sudo".

You also forget that before the election, every party lies through their teeth to get into power. It's expected.

Who has access?

[yog]

The issue isn't so much whether law enforcement can scrutinize your web access, but rather that the information could leak out. A distressing amount of private information seems to be kept on laptops that keep getting stolen out of cars.

Requiring ISP's to keep this data is also iffy. ISP's don't want to be in the business of spying on their subscribers. There's no profit in it, it only angers the customers, and potentially the ISP could be drawn into a legal tangle if it potentially knows that someone is doing illegal stuff like, say, downloading and emailing nuclear bomb schematics to someone in North Korea or Iran.

Anyway it sounds like the government is leaving enough wiggle room to discard the policy if it generates too much controversy.

Attach a simple addition

[Archangel+Michael]

All politicians will have to register all their communication devices, email addresses, phone numbers, and then make the list of all communication (not the content) available to the public.

Who watches the watchers?

We have met the enemy, and it is us.

Re:Attach a simple addition

[JackDW]

I used to blame the politicians, but these days I think they're almost as powerless as the rest of us.

The No2ID campaigner Guy Herbert is quoted in the article as saying:

We should not be surprised that the interests of bureaucratic empires outrank liberty.

And that's it. These plans represent job security for civil servants. They mean bigger budgets, bigger offices, higher salaries, more staff. More bureaucrats will be needed to operate the system, to answer requests for information from it, and implement whatever mechanism of "accountability" is considered sufficient to safeguard privacy.

The people who are pushing this will never face an election. They will never be sacked. This is why the plans persist from government to government. Ministers come and go, but the civil service is permanent, and always attempting to expand. The bureaucrats lost their battle for ID cards, but they're still winning their war.

So, I think if we want to impose surveillance on anyone, we should start with the public servants. And the more responsibility they have, the more closely they should be watched. The only problem is, in order to do this, we're going to need to hire a few more bureaucrats...

Re:Attach a simple addition

[corbettw]

The people who are pushing this will never face an election. They will never be sacked. This is why the plans persist from government to government. Ministers come and go, but the civil service is permanent, and always attempting to expand.

Didn't the BBC used to have a documentary series on that aspect of the British government?

Didn't we decide we don't want this

[91degrees]

Hey, guys - we voted against the other lot for this reason. Ah well. Hopefully the libs will decide to stick to one of their election promises and vote against this. If they don't then there's quite frankly no point in having the coalition in the first place.

Re:Encrypte Everything

[dotKuro]

Encryption of your files is worthless when you can be arrested for failing to give up passwords as per the Regulation of Investigatory Powers Act 2000. (Which would be more accurately named the Irregulation of Investigatory Powers Act, as it pretty much declares open season on those under suspicion.)

Oblig.

[Weaselmancer]

Words offer the means to meaning, and for those who will listen, the enunciation of truth. And the truth is, there is something terribly wrong with this country, isn't there? Cruelty and injustice, intolerance and oppression. And where once you had the freedom to object, to think and speak as you saw fit, you now have censors and systems of surveillance coercing your conformity and soliciting your submission. How did this happen? Who's to blame? Well certainly there are those more responsible than others, and they will be held accountable, but again truth be told, if you're looking for the guilty, you need only look into a mirror.

Seems like Fiction

[VoiceInTheDesert]

This really reads like something out of fiction. I did not think I'd see the day of such a government, but here I am at 22 years old and already, a modern, 1st world country is to the point where it feels the need and justification to monitor every action of it's populace. The precedent here is staggering, terrifying and morally bankrupt. The possibility for abuse here is strong to the point of certainty. I pray this never makes it to a country I call home.

V is for Vendetta!

[arcite]

Soon, I shall dawn my cape and mast to fight this tyranny! ... I just have to brush up on my knife throwing skills, police in the UK use guns now right? ...Bummer.

Nothing new

[bart416]

Most mobile phone operators already keep statistics on who you call when (they need it for billing information in case somebody doesn't agree with their bill) and emergency services are capable of pinning down the location of mobile phones in less than a minute. And ISPs are already required to keep quite some information as well by EU regulations. So I'm not really sure this will change anything. Except provide a legal framework to (ab)use this information.

Re:Encrypte Everything

[HungryHobo]

Also I'm not sure of the specifics but if they really wanted to they could probably insist you give them the encryption key for a particular session... one which was generated and discarded by your browser long since.

then throw you in jail when you don't comply.

Big brother loves you

[the_humeister]

And we've always been at war with eastasia.

Lessons learned from 2006 AOL data scandal: Bupkus

[shoutingloudly]

The implicit assumption here is that, as long as Big Brother doesn't see the content of the messages, there's nothing to worry about. Of course that's total bullocks. The AOL search data scandal of 2006 shows that one's search history alone can reveal far, far more about a person than an unwarranted government search should be able to see. Amp that up to a list of every site visit, plus everyone I email, call, or text, and this represents the government demanding the right to dig very deep into Brits' communication.

I hope Britons go ballistic in opposition to this proposal.

How Quaint

[Bob9113]

The UK government plans to introduce legislation that will allow the police to track every phone call, email, text message and website visit made by the public.

How quaint -- they use laws to grant government authority for such things. Over on this side of the pond the President just declares it to be so and tells the judicial they're not allowed to hear any petitions for redress of grievances. Much simpler that way.

Re:but

[Captain+Splendid]

Shit, son, you deserve a double whoosh for that one.

WHOOOOOOSH!

WHOOOOOOOOOOOOOSH!

How old is this idea?

[StoneyMahoney]

Been hearing about ideas for complete internet data retention for a good few years now. Here's how it usually goes:

1) An idiot cabinet politician comes up with a "simple good idea"
2) Lots of people speculate about how good an idea it is and how useful it's results would be
3) The media cotton on to the idea resulting in larges amounts of WTF??!!!111!!!1/?1
4) Someone finally tells the cabinet politician how expensive and dangerous the idea is
5) Cabinet politician blusters about how it's still a good idea for years without making any progress towards implementation
6) Cabinet gets reorg'd and the idea is quietly shelved as a higher priority "simple good idea" comes along

Yup, this kind of thing comes along fairly regularly and this old chestnut always gets shot down fairly quickly. Move along folks, this isn't just old news, it's not even news-worthy.

so true

[dlt074]

how right you are. in spite of the troll mod i'm going to get and the karma hit... the more they do stuff like this, the more guns and ammo i buy. bottom line, eventually it comes down to boots on the ground and who's willing to kill or more importantly die for what they believe in. a lot of people will kill for this kind of totalitarian crap. however, most won't want to die for it. i have faith that eventually America will see the light and embrace individual liberty and personal responsibility again and limit this 1984 nonsense to the europeans where it belongs.

Re:so true

[c6gunner]

It's so nice to see the lunatics on the far-right agreeing with the lunatics on the far-left. Really makes one hopeful about the future.

Re:Encrypte Everything

[91degrees]

Wouldn't stick. They can't reasonably claim that you might have known that key.

Re:Encrypte Everything

[Dare+nMc]

Sorry, I change keys every two weeks and don't record the expired ones, and since it's 256 bit encryption, there's no bloody way I'm going to remember that sucker a year later.

If your in the UK, have fun in the slammer, Part III of the Act, which requires persons to supply decrypted information
Deni ability, and lack of intent may get you off in other countries, but not likely in this case. You had best start encrypting files with something like truecrypt where you can have 2 passwords on the same file giving up different data. Perhaps if you give them some unencrypted data they won't know to expect another password.

Re:Encrypte Everything

[EdIII]

And moving to encrypted VOIP obviously, though I don't know if they can still track who you are calling in that case.

Would not help. VOIP usually uses SIP to establish a call (source and destination), and then RTP to stream the media for the voice (content). Encryption is not going to conceal the source and destination in a SIP call and will only protect the content. Even if you were to wrap the whole thing in IPSec, you would still not be concealing the source and destination since either SIP or IPSec would largely be irrelevant since the IP packets themselves contain the source and destination.

What the government wants is the source and destination according to the article. The ISPs are responsible for this so it would not be terribly difficult, although expensive, to monitor all traffic for those SIP handshakes and then create a database. Even VPN tunnels would be recorded as well and probably stand out because that traffic is inherently encrypted.

Unless you have a direct point-to-point SIP call, encryption is useless. You need to wait for ZRTP encryption which is endpoint-to-endpoint. Devices and software that support that will still use SIP to establish the call, but regardless of how many different media servers are involved (Asterisk as an example), the call would be encrypted and recordings would be useless. This is also why it is not that attractive to most people setting up private VOIP networks for business since call recordings would be more difficult with ZRTP and are usually required in a call center.

Most VOIP calls are not point-to-point SIP, but SIP being ultimately routed to PSTN. In the US at least that would make it nearly impossible to hide the source and destination since they would be using ANI and not Caller ID for billing. I am not sure what the analog in the UK is for ANI. Even if you encrypt the SIP portion of the traffic the other end on a regular telephone number is not, so once again largely useless.

Making a truly secure phone call is pretty difficult already, and making it anonymous is next to impossible with 3rd parties involved, or without compromising someone else's networks to hide your traffic inside them.

Freenet, TOR, and other forms of darknets are not well suited to VOIP traffic which requires low latencies to operate. So anonymity, provided through reasonable doubt, will not work unless these networks become far more prolific and a little more advanced. Imagine some guys laptop running a TOR node while he is on wireless Internet. Might as well route your VOIP traffic around the Moon and back. If Darknets are going to support low latency traffic then they have to develop a QoS model that nodes could process and eliminate high-latency nodes from being considered when choosing a route.

The UK is fucked period. I would imagine even if you guys had 100% residential participation in a darknet that the UK government would throw you in jail if you did not hand over the encryption keys to traffic they acknowledge you are not even responsible for creating, but are providing for as an ersatz ISP. One way or the other, the UK will make darknets illegal too, and then you guys have nothing.

My best suggestion for people in the UK is to get out now before they erect the wall to keep you in.

Re:Encrypte Everything

[Xest]

No they can't.

As I pointed out last time RIPA came up, it's much more like a search warrant.

See my post here explaining it in more detail and my followup responses which explains, and provides links to the relevant legislation straight from the horses mouth:

http://slashdot.org/comments.pl?sid=1809504&cid=33806568

RIPA is an awful piece of legislation and has no place in a modern democracy, however there are many myths about it like that which you have stated which are simply just fantasy. RIPA is bad, but it's not quite that bad. It needs to be withdrawn from the books either way, but let's not over-dramatise the issue, else legitimate calls for it's removal based on legitimate concerns will just get lost amongst the madness.

Re:but

[GameboyRMH]

A double whoosh! Oh my god, WHAT DOES IT MEAN!? T_T

We are called 'libertarians'

[rlglende]

Socially liberal, very strong on individual rights, very strong on limited government.

Some embrace anarchy.

'Lunatics' we are not : this was the position of people like Jefferson, for the most part.

Re:We are called 'libertarians'

[c6gunner]

Yes, you're right, there were many a time when Jefferson would go on a long-winded THC-fueled rant about having "boots on the ground" and being "willing to die" to defeat a democratically elected government.

Of course, thankfully the lunatics usually aren't as industrious as Jefferson was, otherwise we might really be in trouble.

Re:but

[ScrewMaster]

A double whoosh! Oh my god, WHAT DOES IT MEAN!? T_T

It means that someone completely missed the point, had it explained to them and then ... missed it again. It was actually funnier than the original joke.

Re:but

[lightversusdark]

Triple whoosh! All the way!
Whoa! That's so intense!
Whooooooaaa-oh my god!
Wow! Woooooooooooo!