However, these days, there are (at least) two clear levels - one level provides the actual wires, fibres, coax, radio links that carry the Ethernet, PPP, or even IP level traffic around. There are ISPs that connect those links to "the Internet" (peers and transit providers).
Then there is a layer on top where people actually have "services" and things like "email", and "VoIP" and "messaging".
The problem is that the government think that all of these "services" have "service providers" of some sort, so we get headlines like "Internet firms to be banned from offering unbreakable encryption under new laws". I.e. the government want to make it law that these "service providers" have to have ways to access message that are passed over their "service".
There are a couple of huge holes in this...
- These "service providers" are often not based in the UK, either organisationally or technically. As such these UK laws will have no effect.
- There may not always be a "service provider".
Some simple examples:
- Email can be provided using your own mail server that you control yourself - so that when people send you email, they do not go via your "email service provider". If they too send email directly with no "email service provider" then there is no third party which the government can expect to log the email (content or meta data). Existing data retention laws totally fail to understand this concept. Making the people running the mail servers in some way liable will not work as they are the very people doing the communications and hence the suspects.
- Even where email is using an email provider, there can be layers - you can use PGP to encrypt email end to end, and there is no "encryption service provider" involved. The email providers see meta data but cannot decode the content of messages.
- Even with VoIP it is perfectly possible (I do this) to have calls that do not use a "telephony service provider" in any way - DNS sends the calls directly to my own call server which I control. Again, no third party that can be expected to log the calls or intercept the content. Again, the phones at each end can also do end to end encryption with no "encryption service provider".
- I can run an https site and allow other people to connect to that site, providing messaging and other services directly myself. Again, no third party service provider involved.
Of course they could outlaw such systems from being used, meaning you have to hand in your iPhones, but that won't stop criminals using them.
terrorist1: Let's use strong end to end encryption
terrorist2: That's illegal now
terrorist1: Right, OK, we better not do that then - would not want to break the law
So please, give up this lunacy - just accept that privacy exists - people (including terrorists) can communicate secretly, it is a fact of life, and any steps to try and stop it will be unsuccessful and damaging to everyone else. We can concentrate efforts on the end devices, on social engineering, covert operations (getting undercover people in to the cells) and all of the good old fashioned ways of policing that already work well to make terrorism a lesser threat than bee stings in this country.
Petition - please sign.
Update: Best response I have had to a tweet yet:
Someone put this man in front a committee of MPs, before it's too late https://t.co/mjLxpZV8r6— Barry Collins (@bazzacollins) November 3, 2015