Slashdot Mirror
UK Web Snooping Plan Invades Privacy, Despite Claims To the Contrary
sweetpea86 writes with a snippet from this story at TechWorld:"The UK government's proposal to separate communications data from content, as part of new plans to allow intelligence services to monitor all internet activity, is infeasible according to a panel of technology experts. Speaking at the 'Scrambling for Safety' conference in London, Ross Anderson, professor of security engineering at the University of Cambridge Computer Laboratory, said that the distinction between traffic data as being harmless and content as being sensitive is becoming less and less relevant. 'Now that people are living more and more of their lives online, the pattern of who you communicate with and in what order gives away pretty well everything,' he said. 'This means that, in data protection terms, traffic data is now very often going to be specially sensitive data.'"
It's the tecchies' fault. In the '90s they formed a plethora of ISPs, small and independent. Then they became greedy businessmen, saw the pound/dollar signs in their eyes and allowed themselves to be bought up and consolidated, leaving only a few independent providers (e.g. the strongly anti-censorship AAISP). These corporations, most with government contracts, are happy to kowtow and wouldn't dare raise too much of a fuss.
Had they remained the independent, revolutionary force that initially brought the Internet to the masses - oh, original Demon, where have you gone? - the ISP Association wouldn't be the neutered, useless fuck that it is, and would repeatedly lobby against and refuse to implement stupid legislation.
There is always this trade-off: do we want more privacy, accepting increased risks of criminal/terrorist acticity, or are we willing to trade off some privacy to get more security. This choice is political and should be democratically decided. Whether this applies to the internet or in other contexts actually makes little difference, so the trade-off isn't new either. The difference is that just in the present more dangerous climate, more voters are willing to accept some loss of privacy.
Can anyone think of anything equivalent to this in history? Where people were under extensive surveillance? What happened?
There has to be a crunching point for things like this, society is meant to limp forward gradually. Hopefully it will get better after it gets worse...
Slashdot needs Geekcode | Can anyone recommend any good SCIFI? My tastes: Foundation, Startide Rising, CITY, Ringworld,
The government seeing the data should not be that big a deal unless you have something to hide
Why not allow the government to install cameras in every room of your house? What are you hiding? You could be committing crimes in your house, after all.
The question is not whether they look at traffic data or contents, but whether they have proper safeguards to avoid the data from leaking. The government seeing the data should not be that big a deal unless you have something to hide, in which case it is probably actually a good thing that they can see the data. So as long as all this does not leak to third parties, why does this even matter?
That doesn't really make sense - exactly the same applies to "third parties" as to the Government (in any conventional sense the Government is a third party here). Why would you be less bothered about one seeing it than the others? If you have "nothing to hide" then why don't you want "third parties" to see the data?
http://webarchive.nationalarchives.gov.uk/20100919110641/http://programmeforgovernment.hmg.gov.uk/civil-liberties/index.html
the current government said particularly "We will end the storage of internet and email records without good reason." and many fine words that evidently they now plan to shred:
The Government believes that the British state has become too authoritarian, and that over the past decade it has abused and eroded fundamental human freedoms and historic civil liberties. We need to restore the rights of individuals in the face of encroaching state power, in keeping with Britain’s tradition of freedom and fairness.
AC probably lives in North Korea. He finds this privacy thing a little odd.
It's not whether the government will protect the data from 'leakage' as you put it, letting the government have it IS THE LEAKAGE. And yes I have something to hide: my opposition to the security forces intrusive snooping for one thing.
I'm also critical of the security forces ignoring Rendition and Torture laws, and suspicious of the recent MET inquiry into same. See the Parliament begins an inquiry into what is a criminal act, illegal complicity in torture and rendition. Then the MET police unit starts a criminal inquiry, thus shutting down the parliamentary one. As long as the MET says its inquiry is open then the parliamentary one cannot proceed, and can be blocked for years.
Now when you realize that the MET was given the anti-terror powers and forms the police branch of the security forces, you realize how bogus that inquiry really is. The police arm of the spooks will inquire into whether the spooks broke the law. Whitewash anyone?
I am writing from a country, I won't name it, but it has a military/civil government, and the civil elected government fears the military and won't bring them to account for past deeds. And I am so afraid of said military that I won't even name the country.
UK is not that far from the same, you'd have to be complacent not to see how powerful the police and security forces have become vs the civilian elected government.
Using facebook, twitter and other websites. This isn't traffic data. How often do 'normal people' really connect to their friends' computer? Perhaps for a file transfer in skype.
1. if the UK government legislates the cost will be immense to develop the systems to scrape and deep packet inspect thousands upon thousands of protocols, and web2.0 websites.
2. much of the data is already end to end securely encrypted and can not be decrypted. it will be quite obscured who is talking to who with web2.0 applications just based on the IP address of people using eg slashdot via https.
3. there are lots of p2p protocols that are end to end securely encrypted. For example skype calls commonly go through multiple relays. seeing the IP address and an encrypted skype channel between your computer and a high bandwidth relay wont tell you who is talking to who.
4. there exist many VPN services connecting to many jurisdictions which trivially bypass the proposed intrusions.
5. its following Chinas example, which is a bad precedent, already we see Iran, Syria, pre-revolution Egypt defending their intrusion and interference with the internet drawing parallels with initiatives such as this. US, UK et al had fine words to say against such abuses in undemocratic countries and dictatorships, and yet here we have the UK proposing to do similar things to their own citizens.
6. most web mail and web 2.0 sites and applications and protocols are developed and hosted outside the UK, so the UK lacks the technical authority to capture the traffic - users who care will just VPN or use end to end encryption to freer countries. This legislation if passed will likely see less development and hosting done in the UK harming the UK economic competitiveness in the information economy.
7. what is the end game? If one credibly wants to actual capture data one has to follow China, Iran et al and outlaw encryption, outlaw VPNs, outlaw development of software without government backdoors, license software development, restrict access to compilers without a government license, impose a draconian country level firewall. This is all highly implausible and incompatible with a democracy.
8. I think government has not thought this through at all. Probably they are thinking that they can just record IPs like you can record phone numbers on a voice call. The internet is not like that. It is an open, global platform for applications. The communications traffic is hopelessly co-mingled with data in many applications.
9. Unfortunately the government has limited technical expertise and has blinkered and fooled by the "if we could just save one..." argument.
10. There is no cost benefit analysis. You are more likely to die by crashing your car than due to violent extremists actions. More likely to die by random lightening strike. There is a limit to the costs, erosion of freedom a democracy should be willing to inflict on itself in the name defense. If we take it too far the extremists have won.
11. We would be better off spending the money on human intelligence. One of the defense conclusions was a western intelligence failure in the middle east area
12. there appears to be no planned judicial or credible independent oversight. That is inappropriate in a democracy. In what way would it harm defense to require a court order from a judge to interfere with and deep packet inspect the internet traffic of a target of investigation.
"The government seeing the data should not be that big a deal unless you have something to hide"
How about 'it's none of your fscking business, nor anyone else's, who I talk to' ?
How about that?
Government should exist as a way for society to collectively enforce a code of law, and to provide common services we all need. As far as I'm concerned this is way, way, way beyond its remit.
Well we do allow government to request intercepts with a court order from a judge, and that much is status quo and I support.
But I strongly object to the prior restraint and chilling of free speech implicit in hoovering up all communications data, performing deep packet inspection and storage and access all without a court order.
That is nuts in a democracy. You'd expect that from the likes of the thankfully deposed Gadafi and his ilk, not from a democracy.
Here's what the Conservative/LibDem Coalition apparently promised before they were elected: (copy-pasted from http://webarchive.nationalarchives.gov.uk/20100919110641/http://programmeforgovernment.hmg.gov.uk/civil-liberties/index.html) We will implement a full programme of measures to reverse the substantial erosion of civil liberties and roll back state intrusion. We will introduce a Freedom Bill. We will scrap the ID card scheme, the National Identity register and the ContactPoint database, and halt the next generation of biometric passports. We will outlaw the finger-printing of children at school without parental permission. We will extend the scope of the Freedom of Information Act to provide greater transparency. We will adopt the protections of the Scottish model for the DNA database. We will protect historic freedoms through the defence of trial by jury. We will restore rights to non-violent protest. We will review libel laws to protect freedom of speech. We will introduce safeguards against the misuse of anti-terrorism legislation. We will further regulate CCTV. We will end the storage of internet and email records without good reason. We will introduce a new mechanism to prevent the proliferation of unnecessary new criminal offences. We will establish a Commission to investigate the creation of a British Bill of Rights that incorporates and builds on all our obligations under the European Convention on Human Rights, ensures that these rights continue to be enshrined in British law, and protects and extends British liberties. We will seek to promote a better understanding of the true scope of these obligations and liberties.
Why did the chicken cross the road? Because Elon Musk put an AI chip in its head.
government should be able to solve all these problems
must also uphold the privacy of
Wasn't it Benjamin Franklin who once said that "Those who trade liberty for security will lose both”
Who voted for this shitstorm of a government anyway?
There's an e-petition in opposition here: http://epetitions.direct.gov.uk/petitions/32400
Being slashdot, i would say that only trolls would spew the crap about nothing to hide.
Everyone has something to hide. It needs not to be someting criminal but just something they like to keep for themselves.
Terrorists don't win you know, and despite occasionally killing some people they don't pose a long term threat to any free society. Al Qaeda didn't take over Egypt, the Egyptian military did.
On the other hand military and security forces take over their own countries all the time. Right now South Ossetia had an election, it voted for a candidate, the interim government struck down the elections, barred the winner from standing, and now they voted 54% for the Russian backed former KGB chief, the other opponent was also a Russian backed candidate. Nice huh, they wanted freedom and now they have a KGB stooge.
You can say "it could never happen here", but it happens literally EVERYWHERE.
The biggest threat to democratic freedom was, is and always will be, their own internal security forces, not some nutty Pakistanis with a bag of fertilizer. It's always the man with the medals and ego who think he knows best.
It needs not to be someting criminal
Yet. Until the government makes it criminal.
Seven puppies were harmed during the making of this post.
We will end the storage of internet and email records without good reason.
We only need a good reason, how hard can it be to invent one once we have the power?
What do you have to hide AC?
Don't fight for your country, if your country does not fight for you.
The glorious leader and the Party provides us with everything we need: protection, self-reliance and harmony. Why would we want to undermine his authority for the sake of a minor detail like privacy?
it slows their networks down to have to log everything
It would lag everything, gamers should complain LOUDLY
That is highly unlikely. They would probably be taking a copy of the data at some critical part of the network and then everything else would happen on some secondary out-of-band network. The kind of hardware they'd be using to do that is also used by, for example, high frequency traders, who literally win or lose millions by being milliseconds faster than the other guy.
It would, however, almost certainly cost a staggering amount of money to buy the hardware to implement all of this, and the people warning about inability to fully separate content technically even if the politicians/lawyers say that will happen do have a valid point.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
The problem is, they know they're not getting voted in again, so what reason do they have to follow their mandate?
Wish I had mod points for you - a very good analysis of some of the major problems with this ludicrous proposal. Well said that (other) AC.
good post. Mod this up...
Here's what the Conservative/LibDem Coalition apparently promised before they were elected:
Actually this was /after/ the election. The coalition didn't exist as such until after the election. However, ISTR the Conservative Party promised quite a lot of this before the election.
Protest like they did in Canada. Send the Ministers and your government representatives including the PM everything. For days they CCed them on every email, posted what they are doing to their members twitter accounts. After several days of having the Parliamentary mail and web servers taken to their knees the bill they were trying to introduce was 'sent to committee' (killed). People can make a difference
Undetectable Steganography? Yep, there's an app fo
Rule number One:
Never believe anything a politician/political party says when they are trying to get elected.
"UK Web Snooping Plan Invades Privacy" No shit, sherlock.
I go further. Let's hack these cameras. Obviously all toilet and bathrooms, including in schools, should have cameras that are open to the web anyway, so those who want to can jack off to the most secretive of human biological activities can do so. After all, what are you hiding? You think your 5yo daughter pissing is so special that she shouldn't be broadcast on the web for the delectation of sundry pedos? [This is a joke Joyce].
Link to e-petition: Scrap Plans to Monitor all Emails and Web Usage
Nothing sucks like a Vax, nothing blows like a PowerMac G4
Yet, pilot schemes running in Nottingham schools (primary and secondary) mandate the fingerprinting of children as young as 5 not only for access to class but to eat lunch! No parental permission required... hell, you don't get to find out unless your kids tell you, because the LEA isn't volunteering the information. This is all being done under the radar.
As for a Bill of Rights, we already have one of those. It was signed by William of Orange in 1688 and passed into Law in 1689. Too bad it's ignored by those in whom we are expected to place our trust, and further bastardised by those who we expect to know and enforce by decree, the Law of the Land.
I don't know about you but I feel personally fucking betrayed.
Operation Guillotine is in effect.
The UK govenment wants to record websites visited... i.e. urls.
Since a web search encodes the search terms into the URL, they are gathering both traffic and content, to any (reasonable?) person who'd consider a list of their search terms to be 'content'.
That sounds pretty 'leaky' already.