Just to be clear on our policy here - when DRIPA comes in to force, and if A&A become subject to a retention notice for all customers, we aim to work on all practical legal means to minimise the amount of data retained under that legislation - making full use of the bad wording in the Schedule in the 2009 regulations where possible. We also aim to clearly publish what is retained under such a notice and what steps we have taken to minimise such data. Such steps may mean separate companies running email or other services, or even hosting some servers outside the UK, if those are practical steps we can take.

Why? Because blanket mass surveillance is illegal under EU law as it is against our basic human right to privacy as decided by a court, that's why!



  1. Hehe, is that incident number pure coincidence? I'm impressed!

  2. If you had two companies, AAnetworks and AAinternet for example and AAnetworks provides a transparent L2 service (PPP or whatever) to another company, AAinternet which is registered in tonga with L2TP (or whatever) termination servers in the UK (or elsewhere) then a retention notice to AAnetworks would be ineffectual as you do not hold any useful data and a retention notice to AAinternet impossible as the company is outside of UK jurisdiction.

    I think you mentioned something like this before.

    But I would like to get your stance on the balance here. If a customer of yours was say running a botnet that stuck illegal images on peoples PCs and then extorted them for money for example, would you not want to help LEAs by giving them that persons details?

    1. A targeted investigation of a legitimate suspect, with appropriate oversight of warrants, is not the issue. It is the blanket surveillance of the public that is the problem.

  3. OK Understood. However, what a retention order does is to require you to keep logs so that evidence can be retrieved after an act has been committed. You'd only be keeping communications data (metadata) and not any content of the communications.

    So it is not quite stasi surveillance where everything you say is kept, it would be contact details, phone number of DSL lines, IP addresses and such like.

    Since crime can only be investigated after the fact the historical data is what is important.

    1. The point is that general surveillance of the public is not legal as it interferes with human rights to privacy. The police will have to work within that framework. There may be data that is still logged for a short time if they act quickly, but it would require a police state and general surveillance and logging of everything in order to be able to randomly go back and get data, and that is not the sort of society we want.

    2. I certain amount of information may be kept by an ISP/telco/whatever for normal day to day business purposes. For example, a telco may keep call metadata records for a certain amount of time for billing purposes. If the police have a suspect then I see no issue with them getting a warrant to access that data.

      If someone is a suspect, then I also see no problem with the police getting a warrant to record extra information that wouldn't normally be recorded/retained. e.g. they may get a warrant to have the ISP log web requests made by a suspect, or have the telco record call audio.

      There is a distinction between the above (which I don't see a problem with) and what the government wants to do, which is to capture data about *everyone's* activities, specifically for law enforcement purposes, just in case they later become a suspect. That is something that's fundamentally wrong IMHO - as someone who has committed no crime, I have a right to privacy, and that right is being violated by having data recorded and retained for law enforcement purposes.

      The whole "but it won't be used unless you become a suspect" argument is flawed - once the data is there, I have no confidence that access to it will be tightly controlled. Data may be leaked by accident, on purpose (illegally), the laws regarding under what circumstances it can be accessed may not be robust enough to prevent legal access, and the whole thing is subject to feature creep - the access controls may be ok now, but I can't demand the historical data be deleted if their scope expands in the future.

  4. http://grahamcluley.com/wp-content/uploads/2014/01/metadata.jpeg

    That is all.

  5. Given that we live in a global economy, I wonder if laws like this will create a business opportunity for companies in countries with strong privacy protections to set up secure VPN endpoints and sell connectivity to users in surveillance states like the UK.

    Privacy-friendly ISPs like A&A could then enter into commercial arrangements with these companies, reselling the VPN access to their own users, providing support and perhaps even pre-configuring the VPN settings on the router (although only if it is possible to do this while ensuring that the UK ISP does not have any access to the encryption keys).

    It really would be hilariously ironic if a major result of the government's attempts to snoop was a widespread increase in the use of encryption technology and a large revenue opportunity for foreign companies.

  6. The big problem - one of the big problems - one of the *many* big problems is not so much feature-creep (ie adding more and more stored data) but usage-creep.

    When the police were allowed to be issued with CS/Pepper Spray, and then Tazers, the justification was that it allowed them to defend themselves against armed criminals who would otherwise be able to shoot them. But just watch the police video TV programmes and you'll see they now use them as a way to subdue unruly (and unarmed) suspects, where there's no question of it being self-defence in a dangerous situation, but an easy way to arrest someone who isn't coming quietly, to the detriment of the suspect (who is still innocent in the eyes of the law, of course). And Tazers can kill, so it's not just a bit inconvenient to the suspect - it can be fatal.
    In New York a few days ago a man died of a heart attack after being arrested by 6 policemen - they didn't spray or taze him, but one put an arm round his neck and pulled him backwards while the rest piled onto him, and sat on him on the ground. No conclusion has been reached yet, but my money is on "No excessive force was used" being the decision. But he's dead and he wouldn't be if they hadn't arrested him.
    I see DRIP data being initially saved in case it's needed later, but then starting to be used to trawl for "suspicious" activity, so instead of investigating suspects of crimes, they will be looking for people doing things that "they" think they shouldn't. 1984's "Thought Crime". And then there's "Minority Report"...

    Anyone want to set up an island where we freedom-lovers can live?


Comments are moderated purely to filter out obvious spam, but it means they may not show immediately.

TOTSCO moving goal posts, again!

One of the big issues I had in initial coding was the use of correlationID on messages. The test cases showed it being used the same on a se...