Slashdot Mirror
Online Activities To Be Recorded By UK ISPs
SmartAboutThings writes "The United Kingdom online monitoring law just got published, showcasing some disturbing facts. The paper is 123 pages long and is actually a draft of the Communications Data Bill. You might not be so happy to find out that from now, every single thing you do online will be recorded and stored by the good old Internet Service providers (ISP). What do we mean by online activity? Well, everything."
Nothing to hide, nothing to fear.
95% will continue oblivious to the dangers of mass surveillance. Those concerned about freedom and privacy have solutions...for now.
New tech has made it easier than ever before to spy on people in much larger numbers than ever before, and to a much greater degree than ever before.
Bet your bottom dollar that every government in the world wants to do as much of this as they can manage.
www.torproject.org/projects/torbrowser.html.en
This is apparently a Bill that has not actually been passed yet.
With the requirement to store every single thing users do, it might be a good time to invest in EMC because it is going to require an enterprise (VNX level) SAN to record all what is going on, as well as the licenses for features like deduplication (since a bunch of troll posts are usually alike, the SAN can store one copy, and pointers to the others.)
As a user in the UK, I'd be looking to find the best always-on VPN service, one in the country (since some services are country-locked), and one situated somewhere less repressive but close by, network-wise, perhaps Sweden or Norway.
I'm sure that is going to be coming to the US really soon (if it isn't already present), so guess it is time to find a Canadian VPN provider.
A right to privacy is enshrined in the European Convention of Human Rights. Exceptions are permitted only as "neccessary". Shall be interesting to see what happens if osmebody challenges this proposal, forcing the ECHR to consider what is "neccessary" in this context.
Protecting yourself against malicious use of your computers will become mandatory...or else you can get framed.
You might not be so happy to find out that from now, every single thing you do online will be recorded and stored by the good old Internet Service providers (ISP). What do we mean by online activity? Well, everything. From exchanging emails, browsing history, instant messaging to the most important use of social networks.
For stuff like emails, wont encryption be an issue?
And for other stuff, storing the MASSIVE amounts of data
I have no stats to back this up, but on a national level, wont the storage requirement touch Petabytes per day? (or atleast 100's of Terabytes per day?)
Why aren't their riots in the streets over this? For years I have heard about Europe being very pro-privacy. I have even worked with their privacy standards from a professional standpoint.
What went wrong? Seriously, how on earth did this ever happen? Your cars and your online activities are all being monitored by your government with your blessing! The communists never had it that good, all they got were phone calls and letters. You gave your own government a blessing to invade your privacy at a level the East German's could have only dreamed of. Something is very, very wrong in UK today. What the hell happened?
They could be analyzing in real time, which would vastly shrink the storage needed.
That said this legislation should greatly push the general public toward encryption of all usage, hand in hand with periodic disclosure of government abuse over time. Since not just the bad guys are being surveilled. Of course it is the same as what happens in other European / North American countries one could presume, they are just putting it into law that the public can see..
"If you have nothing to hide, then why complain?" - That's what they said when I told them I refused to open my car for the police. They'll probably say the same when I say the police should not be recording our websurfing.
My AC stalker: " I personally agree with your posts most of the time, but that won't keep me from modding you troll"
*The* authoritative guide to oppress and subdue your population into submission and complacency.
Warning: Void for the wealthy and/or connected.
Obama's legacy: (N)othing (S)ecure (A)nywhere and (T)error (S)imulation (A)dministration
I'm sure many people are thinking about Tor as a way to solve this issue, but I think there is a much simple way to solve it.
Think about this anecdote: kids are on a school trip (at least, that's how I remember it). Their professors don't want them to leave their rooms during the night, so they put small pieces of tape on the door of the kids' rooms. This way, they think it'll be easy to spot the rooms whose door has been opened, the next morning. One night, some clever kids get out of their room and, to cover up their tracks, instead of attempting to repair the tape on their own door, open everybody else's door.
Foor for thought...
cat /dev/urandom >> file1.txt >> curl http://some.british.web.site/
sudo make me a sandwich
I definitely don't like the idea of my online activities being monitored since I value my privacy very highly.
On the other hand, governments are in a bit of a bind. They are responsible for enforcing the law and creating an effective justice system. This is incredibly difficult for them to do given the scope of activities that can (and do) take place online. After all, you can't exactly place a police officer on a beat to keep the peace without having some sort of electronic monitoring. Likewise, you cannot collect evidence to prove innocence or guilt without maintaining some sort of record of electronic transactions.
I don't know where the solutions to these problems lay. That being said, I would suggest that those of us who oppose electronic surveilence start thinking about solutions to this problem. After all, governments need a way to do their job, and simply opposing legislation like this doesn't exactly help them do their job.
Send emails that contain as much information that you can cram in there from wikipedia.
No, use high-entropy random numbers ... much harder to compress/deduplicate :-)
Make sure you invest in all the storage companies first.
Stick Men
Goes to show what a bunch of idiot reactionaries the people running the show in Westminster are.
Are they going to show us any evidence that such a drastic and draconian law is required? Where is the evidence that this is needed?
It's all down to the idiotic, blind ideology that we've come to expect from the halfwits in power.
Somehow, I'm hoping that these people ARE actually smarter than they appear, and are simply putting this forward to distract the media from something more reactionary and ideologically-driven they're doing elsewhere.
And if you think this is bad, you should see the hysterical "OMG somebody think of the children" crap coming from the Tory back bench, e.g. Nadine Dorries.
How do they record your secure web activities? Seems the only thing they can know from it is where your HTTPS requests are going to. And what about the VPN set up to friends in free countries like Norway and Sweden?
now we need to go OSS in diesel cars
Comment removed based on user account deletion
I think Governments need to be very very careful about going down this route. Should this go ahead I expect any ciminals to encrypt all their network traffic via a VPN or proxy as well as measrues such as sending emails encryped via PGP. This is next to impossible to break so the government will lost the ability to see what users are doing on line anyway - all they can see is nothing other than an encyrpted connection to a VPN whose data they cannot snoop. If the VPN is located outside the UK then there will be no obligation to store sites that user has visited.
If I want to communicate with others privately I can set up a basic web server (perhaps via something like Raspberry Pi) running web forum software over an https connection with a self-generated certificate over a broadband connection and grant accounts only to those who I want to communicate via the site. All the government sees is encrypted data going to this address.
In addition IP address do NOT identify an individual. Many people can and do share a single internet IP address. Wi-FI can be cracked so an innocent users connection may be being abused without their knowledge. Then there are things like public WiFi. Or just by a mobile broadband USB stick with cash and then the connection cannot be traced back to an individual anyway. Sure the mobile operator would know the rough location it's being used via the base station it's on but not the individual property (especially with blocks of flats).
hints for you:
hardware based triggers. and support for 'user written apps' in core routers.
add it up, mate. its there today. no need to store it all; just pick out the 'interesting' bits. the value is in writing clever triggers that can run at hardware speeds.
(just saying; or rather, guessing. no, I have no specific info. don't shoot the messenger.)
--
"It is now safe to switch off your computer."
Communications are private. This is one of the bases of democracy. If you lose that, and you spy on the citizens, then you are already inside the dictatorship style of society. You CAN'T do that, not even to stop a nuclear explosion to destroy a city or something massive like that. Is one of the pilars of our society, and the other options are worse. Plus, we choose to live in democracy, is our choose, nobody should overrule that and force a dictatorship on everyone.
-Woof woof woof!
Random bits are best. Be sure to choose a good balance so they have to record LOTS of different URLs and e-mail addresses.
now we need to go OSS in diesel cars
From the first few pages of the document, they are talking about communication data but not content - i.e. source, destination, perhaps size. Stuff ISPs probably log but might not store. It is explicitly excluding content
It's still not great, but to take a telephone analogy it's like the itemised billing stats, not recording all the calls. Or a physical example - getting the post office to record the address written on the envelope, but not open it and read the contents.
From the actual document itself: "Nothing in these proposals will authorise the interception of the content of a communication. Nor will it require the collection of all internet data, which would be neither feasible, necessary nor proportionate."
It will still give ISPs an excuse to increase their prices, but I don't think it's quite time to break out the tin foil hats...
Sigs are so 1990s. No way would I be seen dead with one.
Comment removed based on user account deletion
More UK-bashing from timothy again, I see.
It's not "from now on". The proposal has been published. It is not a law, and is unlikely to ever become one.
Do you hate us because we're free, timothy? Is that what it is?
hard drive prices expected to rise as demand grows
A paper on privacy and why "monitoring is no problem because only criminals have something to hide" is a poor justification. If you compare the benefits of monitoring for the good of society against the usually slight or non-existant damage to an individual from being monitored, society always wins out. However, privacy is not just monitoring. What affect does it have on society when everyone is aware that there are large databases of information about your life and people will use to make decisions about you, but you can't know what is in it, you have no means of making sure it is correct, and you don't know who is using it and for what purposes? There is much more to it than this, and the paper is worth reading for a deeper view on privacy issues.
I'd like to see their working on the financial figures. According to the document the Bill "is estimated to lead to an increase in public expenditure of up to £1.8 billion over 10 years from 2011/12. Benefits from this investment are estimated to be £5 – 6.2 billion over the same period."
Exactly what financial benefits? Where's the saving?
Otherwise, the question we should all, in the UK, be asking our MPs is which hospitals are going to be closed to pay for this?
Sigs are so 1990s. No way would I be seen dead with one.
How much data do they really think they will need to store pr individual?
What if we multiply that by 1000000?
For every search you do on a search engine, a script could create a few thousand extra.
For every website you visit, the crawler will visit a hundred.
Encapsulating traffic in the wrong protocol may also be fun.
the draft bill excludes storage of content, so much of the paranoia is null and void. They won't be reading you emails etc. They will be storing the stuff that they could beat out of you anyway. Sorry, delete that, just the stuff that they could access via you call-records/phone-bill or the internet equivalent.
There was an unknown error in the submission.
and watch the internet fall into a hole with 1,000,000% more un-nessasary traffic.
There was an unknown error in the submission.
Don't like law, did sign it, also know that it won't make a jot of difference. As a cynic, I'm fairly sure that e-petitions are merely designed as a kind of theater in which a disaffected citizen is made to feel as if their government actually listens to them.
Nothing sucks like a Vax, nothing blows like a PowerMac G4
Two words: feature creep.
Nothing sucks like a Vax, nothing blows like a PowerMac G4
browsing on my Android phone, the maindevice.com site gave a javascript-style alert claiming I'm the 1st Android visitor and prize-winner or some such nonsense, giving me only an OK button - which redirected me to some awful probably malware-infested Android-specific website. Which also means I couldn't read TFA. Way to go guys.
The anti-gov't Tparty etc. are strangely mostly quiet about such issues in the US. It's kind of like the mass spending during Bush's time: other less important issues distract them to waste their froth, until the time that some event makes it The Most Important Thing Ever.
Table-ized A.I.
Ultimately this sort of thing will drive development of all sorts of encryption and identity concealment technologies.
Probably it'll change internet culture where everything used to be open now everything will be concealed.
The internet is growing up.
All this will do is help drive the advancement of technologies like TOR, Freenet, &c., which is a good thing.
Liberty in your lifetime
Their ISPs record activity. The NSA records ours.
I'm not sure either one is really better than the other.
You mean https://addons.mozilla.org/en-US/firefox/addon/trackmenot/
"Protects privacy in web-search. By issuing randomized queries to popular search-engines, including Google, Bing, and Baidu, TrackMeNot obfuscates users' search data profiles"
If everyone used this we all would have a lot less to worry about it.
Even better, have two instances of web browser installed on your PC: FF installed locally with your usual configuration and trackmenot .. and FF Portable run from a mounted encrypted drive share .. so if the computer is taken or powered off they can't get anything and the 'local' install looks like your 'normal' web activities
Also install https://addons.mozilla.org/en-US/firefox/addon/betterprivacy/ to delete flash cookies
You have a sick, twisted mind. Please subscribe me to your newsletter.
If I was part of the security services/police I would NOT be asking for mass surveillance. The hard part is anaylysis of the data, which will inevitably become backlogged, so when a terrorist event happens it will turn out that the security serivces had all the information which - when published after the event - will make them look stupid because it will demonstrate that they had all the information needed to prevent the event.
1. create a screen saver for all OS's that does the following;
a) endless loop to send /dev/random data from your PC to the ISPs router at full UP rate when idle.
b) making sure that the destination isnt billed as its internal to ISP only
c) watch their harddrives FILL UP exponentially forever at stagaring rates at 1 HD per minute.
d) after a few days , they will get DISK FULL dialog.
e) watch their costs go so high, no govt can afford to pay for 1 HD per second per ISP
f) seagate/wd stock soars as orders go into the millions of HDs.
Liberty freedom are no1, not dicks in suits.
How do Tor, VPNs, etc help? I always thought they protected you at the other end i.e. a website couldn't tell who had accessed it. Surely the details of the web page as it goes from the ISP down the phone line to your router is goint to be pretty much wide open and that's the point where it's being monitored. I can see encryption making a difference at some level but surely there's still some detail about what's coming in? Unencrypted headers or something? happy to be pointed to a 'Internet Security 101' guide but I've looked and not really found much.
I want a list of atrocities done in your name - Recoil
"You might not be so happy to find out that from now, every single thing you do online will be recorded and stored by the good old Internet Service providers (ISP)".
I thought they were already recording everything, of course this won't affect the online crooks, what it will do is suppress online discent, a watched population is a compliant one, a bad day for democracy.
AccountKiller
All the world's a stage,
And all the men and women merely players:
They have their exits and their entrances;
And one man in his time plays many parts,...
---Bill S., 1600
Not a sparrow shall fall...
---Matthew 10:29
Now if only one could get a copy of the script in advance....
jbd
"Whoa, kind of feel like God!"
---"Cereal Killer" in Hackers I
Please explain, as almost all did ten years ago, why such rantings about "they" tracking us were paranoid delusions, and how no-one cares what you are doing. I'd like that trip down memory lane. Yes, I am vindicated and bitter. Deservedly so.
GPS for cell phones IS for tracking everyone in real time (whether you switch it "OFF" or not, it's software, they switch it back on), they WILL mandate tracking for cars, voting computer systems ARE intended for Republicans to steal elections at will and will soon serve the same function for conservatives in Canada, they have mandated every damned motherboard in the last ten years a spying/tracking device, and the sun will rise in the east tomorrow. Looking forward to further vindication, and possibly a large bottle of scotch whiskey. Daily.
The important thing is that this is the DRAFT Communications Data Bill. It would have been a normal bill where amendments are possible but usually opposed by the Government (who have the majority). But Nick Clegg and other Lib Dems insisted it be published as a draft, so people can comment on it and so changes can be made. Julian Huppert MP is already working to change it, and has got himself on the committee of MPs who will be considering it - see http://www.libdemvoice.org/julian-huppert-mp-writes-communications-data-we-have-to-get-this-right-28964.html
We MUST have a new bill, if only to replace RIPA (Regulation of Investigatory Powers Act) passed by the previous Government, which introduced state snooping on a grand scale, (did you know that in the past year alone, there were 540,000 data requests under RIPA?). But the proposed bill has many flaws too; jsut to start with, Part 1 gives far too much arbitrary power to the Secretary of State.
So it is up to those who oppose the bill to make their views known and put reasoned arguments and views forward to the Committee considering it. This government has shown it /will/ change its mind if enough people object to things it is doing, and in this case it's easy for them to do so as it's a draft, with changes expected. See also http://carons-musings.blogspot.co.uk/2012/06/169-days-to-help-julian-huppert-protect.html
Just use a VPN and no need to fear :) :)
VPN service can be rather inexpensive
Pulsed Media Seedboxes