Sunday, 27 December 2015
We knocked up an on-line poker game some years ago whilst on holiday, it can indeed be fun.
One of the first, and essential, features of the game was a simple in-game chat. This is a feature of most games.
There are a couple of other features which are likely to be part of this game or any game in future - one is running the game on a cheap VM (Virtual Machine) from some VM provider which are typically not in the UK. The other is the availability of free https certificates from someone like https://letsencrypt.org. Indeed some VM providers are working with Let's Encrypt to make it simple.
But hang on! The second you make a game like this, with an on-line chat like this, you have just created a secure communications platform with encryption that ends outside the UK.
James is not making permanent logs of the in-game chat. He has no intercept capability or any resources to make one. He has not published any contact details (he does not have to - not taking money, not a company, not trading) so nowhere to send a RIPA request.
The on-line secure chat is simply a side effect of a simple free on-line game a kid has knocked up (OK not so much a kid any more, but this could be done by a kid).
Where does the Draft Investigatory Powers Bill fit in with this?
Who tracks the creation of such things - he is not advertising it - it is for him and some mates to play a game, but it could be used by terrorists. It could be created by terrorists in the first place.
Who ensures that such platforms have intercept capabilities, and data retention of communications data? Who pays for it all?
It is just one more example of how the IP Bill is just broken, and not fit for purpose, even though it seeks to reach way beyond normal privacy and human rights.