tag:blogger.com,1999:blog-3993498847203183398.post5054575484067259436..comments2024-03-28T09:19:27.451+00:00Comments on RevK<sup>®</sup>'s ramblings: #IPBill Police ask you to break in to A&A offices and steal a hard drive?RevKhttp://www.blogger.com/profile/12369263214193333422noreply@blogger.comBlogger8125tag:blogger.com,1999:blog-3993498847203183398.post-84089995601365647622015-11-11T19:50:47.776+00:002015-11-11T19:50:47.776+00:00I like the sound of that idea. The beauty is that ...I like the sound of that idea. The beauty is that neither of those network illiterates, May or Cameron, would be able to resort to their usual trick of standing up in the Commons to accuse A&A of "assisting criminals & terrorists". To do so would divulge the fact that a retention order had been served. Anonymoushttps://www.blogger.com/profile/10823387395371201608noreply@blogger.comtag:blogger.com,1999:blog-3993498847203183398.post-26345392854103375492015-11-11T18:51:37.094+00:002015-11-11T18:51:37.094+00:00What constitutes a "reasonable excuse" f...What constitutes a "reasonable excuse" for disclosing the existence of a request? For example, what if your employment contract requires you to get advice from the company's lawyers about the request's validity? Or to inform a manager whenever you access a customer's data? Stretching a bit further... what if A&A's contract with a customer specifies that the customer will be informed whenever staff access certain data?<br /><br />How about automated notification? Suppose A&A have automated logging and reporting of queries against customer data - is the person handling the data request required to attempt to defeat this, if they know about it?<br /><br />If you are required to log my web history, there's an obvious risk of data theft. I hope that a competent ISP would try to set up monitoring that is hard for a hacker or rogue employee to bypass.achttps://www.blogger.com/profile/01774367269788227345noreply@blogger.comtag:blogger.com,1999:blog-3993498847203183398.post-16361441515696743652015-11-11T14:06:50.250+00:002015-11-11T14:06:50.250+00:00Indeed, and a question that needs to be asked - IS...Indeed, and a question that needs to be asked - ISPs are not the police, and not even being accused of any wrong doing here - so clearly the costs should, in my opinion, be fully paid by the government including any extra costs such as complying with subject access requests for data we would not previously have retained. My initial thoughts are, if any issue with no paying full costs, is set up a network operating company that rents kit and links and provides the service, but operates at zero assets and zero profit - the second an order is not 100% fully then it has to be wound up as no longer viable (and a new company set up in its place which has not had an order).RevKhttps://www.blogger.com/profile/12369263214193333422noreply@blogger.comtag:blogger.com,1999:blog-3993498847203183398.post-33492456239921547802015-11-11T14:01:21.472+00:002015-11-11T14:01:21.472+00:00What is your understanding of the DIPB in respect ...What is your understanding of the DIPB in respect of compensation for the additional costs, should a Retention Notice be served? Section 185 talks about "an appropriate contribution in respect of such of their relevant costs as the Secretary of State considers appropriate". Other sections refer to a "fair contribution" So is the government willing to compensate you in full, or only partially, for the costs of implementing systems you currently neither have nor want? <br /><br />On the other hand Section 190 states that the likely cost of complying with the notice must be considered before issuing a Retention Notice. Is it being over optimistic to hope that they'll leave AAISP alone because the costs would be prohibitive, whereas the larger ISPs probably already have systems in place to comply with a Retention Notice? Anonymoushttps://www.blogger.com/profile/10823387395371201608noreply@blogger.comtag:blogger.com,1999:blog-3993498847203183398.post-87769443027609643782015-11-11T11:02:58.617+00:002015-11-11T11:02:58.617+00:00Indeed, they can also come round and ask you to wa...Indeed, they can also come round and ask you to wash their patrol car for them or to go round investigating a series of recent burglaries...<br /><br />Charitably, we could try to tell ourselves that "in a way that minimises the amount of data that needs to be processed" is a requirement for you to disclose the smallest amount of data required for the police's needs - or more cynically, as a precaution against the obvious response to any request: "Certainly, officer, this pile of LTO7 tapes holds all the communications data for the period in question ... good luck sifting through half a petabyte of packet dumps to find what you're after". (Common in civil cases, apparently: sue a big company for patent infringement, they'll hand over a mountain of internal mail, hoping you won't spot the incriminating bit about needing to license your patent for their new product.)jas88https://www.blogger.com/profile/05563592458314214904noreply@blogger.comtag:blogger.com,1999:blog-3993498847203183398.post-9426377587956335122015-11-11T09:51:29.753+00:002015-11-11T09:51:29.753+00:00Good point, but the fact they can require a teleco...Good point, but the fact they can require a telecommunications operator to do things means the whole asking stuff is pointless anyway.RevKhttps://www.blogger.com/profile/12369263214193333422noreply@blogger.comtag:blogger.com,1999:blog-3993498847203183398.post-21767665200082519112015-11-10T22:34:54.128+00:002015-11-10T22:34:54.128+00:00No - it applies to "a telecommunications oper...No - it applies to "a telecommunications operator who is obtaining or disclosing communications data, in response to a request". If you reject the request out of hand, you aren't "obtaining or disclosing communications data", so it doesn't apply.<br /><br />"What a lovely country we all live in. I may have to move."<br /><br />Agreed. The excessive snooping is taking on disturbing proportions already - and why?! "Because they can"? They've been taking far too much interest in our private communications for years now, even with Ms Perry having been transported somewhere she can do less harm, but where is the opposition which will take an opposing stance?!jas88https://www.blogger.com/profile/05563592458314214904noreply@blogger.comtag:blogger.com,1999:blog-3993498847203183398.post-11512183637145269532015-11-10T20:25:16.214+00:002015-11-10T20:25:16.214+00:00Christ on a bike. Someone was on a roll when they ...Christ on a bike. Someone was on a roll when they composed this dog's breakfast.Cecil Wardhttps://www.blogger.com/profile/16477035597238561739noreply@blogger.com