UK ISP Boss Highlights Technical Stupidity Of The Snooper's Charter Proposal

from the surveillance-magic dept

There’s just something absolutely nutty when politicians with no technical knowledge whatsoever try to make technology policy, and it often crosses over into out-and-out slapstick when that technology policy involves surveillance. It’s why we see things like talk of “golden keys” for encryption that somehow wouldn’t be “backdoors” (even though they are). Over in the UK, they’re going through something similar with the current “debate” (if you can call it that) over the latest Snooper’s Charter bill, officially known as the “Investigatory Powers Bill” or the “IPBill.”

A key element in the bill is the demand for “internet connection records.” The draft bill has a whole section on these “ICRs” which it defines as:


A kind of communications data, an ICR is a record of the internet services a specific
device has connected to, such as a website or instant messaging application. It is captured
by the company providing access to the internet. Where available, this data may be
acquired from CSPs by law enforcement and the security and intelligence agencies.

An ICR is not a person’s full internet browsing history. It is a record of the services
that they have connected to, which can provide vital investigative leads. It would not reveal
every web page that they visit or anything that they do on that web page.

That definition, by itself, seems somewhat self-contradictory, but we’ll leave that aside for now. Adrian Kennard, the head of a small UK ISP, Andrews & Arnold, has filed some comments highlighting how technically clueless this idea is:


The explanatory notes, and one of the clauses in the bill, make use of the term “Internet
Connection Record”. We are concerned that this creates the impression that an “Internet
Connection Record” is a real thing, like a “Call Data Record” in telephony.

An ICR does not exist – it is not a real thing in the Internet. At best it may be the collection of, or
subset of, communications data that is retained by an operator subject to a retention order which
has determined on a case by case basis what data the operator shall retain. It will not be the same
for all operators and could be very different indeed.

We would like to see the term removed, or at least the vague and nondescript nature of the
term made very clear in the bill and explanatory notes.

From there, it goes even further, pointing out that the justification for needing these non-existent ICRs was a statement from UK Home Secretary Theresa May about how useful such info would be in finding a missing girl:


“Consider the case of a teenage girl going missing. At present we can ask her mobile provider for
call records before she went missing which could be invaluable to finding her. But for Internet
access, all we get is that the Internet was accessed 300 times. What would be useful would be to
know she accessed twitter just before she went missing in the same way as we could see she
make a phone call”

Except, as Kennard points out, that’s not how the internet actually works. You don’t “connect” to Twitter like that, because you’re constantly connected to Twitter:


…in yesterday’s meeting I, and other ISPA members immediately pointed out the huge flaw
in this argument. If the mobile provider was even able to tell that she had used twitter at all (which
is not as easy as it sounds), it would show that the phone had been connected to twitter 24 hours a
day, and probably Facebook as well
. This is because the very nature of messaging and social
media applications is that they stay connected so that they can quickly alert you to messages,
calls, or amusing cat videos, without any delay.

It should be noted that it is quite valid for a “connection” of some sort to last a long time. The main
protocol used (TCP) can happily have connections for hours, days, months or even years. Some
protocols such as SCTP, and MOSH are designed to keep a single connection active indefinitely
even with changes to IP addresses at each end and changing the means of connection (mobile,
wifi, etc). Given the increasing use of permanent connections on mobile devices, it is easy to see
how more and more applications will use such protocols to stay connected – making one “internet
connection record” which could even have passed the 12 month time limit by the time it is logged.

Connections are also typically encrypted and have some data passing all the time, so it would not
be practical for an ISP, even using deep packet inspection, to indicate that the girl “accessed
twitter” right before she vanished, or even at all (just that there is a twitter app on the phone and
logged in).

This seems like a rather important point: the people who put together the Snooper’s Charter for spying on the internet don’t seem to understand the first thing about how the internet actually works. And yet we’re supposed to give them sweeping powers to spy on it? How does that make any sense?



Filed Under: , , , , , , , , ,
Companies: andrews & arnold

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “UK ISP Boss Highlights Technical Stupidity Of The Snooper's Charter Proposal”

Subscribe: RSS Leave a comment
18 Comments
Anonymoussays:

and because it IS SO STUPID is exactly why everyone’s fears and concerns will be ignored and it will be brought into law! the idea is not and never will be to catch terrorists, but to keep the ordinary people under the ‘scope, making sure they are not organising any protests against the government or members because of some other ridiculous thing they have done or intend to do, but want to keep secret!! and i doubt if any other UK government has been as secretive or underhanded as Cameron’s lot!!

Mason Wheelersays:

This seems like a rather important point: the people who put together the Snooper’s Charter for spying on the internet don’t seem to understand the first thing about how the internet actually works. And yet we’re supposed to give them sweeping powers to spy on it? How does that make any sense?

I’m reminded of one of the more thought-provoking passages from Brandon Sanderson’s epic, The Way of Kings:

I walked from Abamabar to Urithiru. In this, the metaphor and experience are one, inseparable to me like my mind and memory. One contains the other, and though I can explain one to you, the other is only for me.

I strode this insightful distance on my own, and forbade attendants. I had no steed beyond my well-worn sandals, no companion beside a stout staff to offer conversation with its beats against the stone. My mouth was to be my purse; I stuffed it not with gems, but with song. When singing for sustenance failed me, my arms worked well for cleaning a floor or hog pen, and often earned me a satisfactory reward.

Those dear to me took fright for my safety and, perhaps, my sanity. Kings, they explained, do not walk like beggars for hundreds of miles. My response was that if a beggar could manage the feat, then why not a king? Did they think me less capable than a beggar?

Sometimes I think that I am. The beggar knows much that the king can only guess. And yet who draws up the codes for begging ordinances? Often I wonder what my experience in life?my easy life following the Desolation, and my current level of comfort?has given me of any true experience to use in making laws. If we had to rely on what we knew, kings would only be of use in creating laws regarding the proper heating of tea and cushioning of thrones.

Anonymoussays:

Stupid Geek

Adrian Kennard obviously doesn’t have a clue about how the internet works. Of course internet “connections” are just like telephone “calls”. How could he not know that? Oh, wait, he’s one of those “geeks”, isn’t he? That explains it. Well, thank goodness there are plenty of government officials to straighten his little geek ass out and “educate” him on how the internet really works.

art guerrillasays:

Re: Re: Stupid Geek

no, he’s just a tool…
my theory for why so many of these tech-ignorant ideas are floated, is because they DON’T want capable, knowledgeable, experienced nerds, et al to provide any significant advise and guidance (never mind leadership)…

that would shoot down ALL their idiotic ideas; and they don’t really care they are idiotic, they just want to out-bluster the other pols…

actually listening to the nerderati and basing decisions on that could lead to well-measured and smart responses (which might include ‘doing nothing’, gasp), and we can’t have that ! ! !

(reminder: action is not achievement)

Davidsays:

Re: Re: Stupid Geek

Internet connections are not like telephone calls. Internet consists of multiple protocols. TCP connections are a bit like a telephone call (with continuity) but without the realtime guarantees. UDP is more like a hitch hiking network where the order of departure and arrival (if a packet does not get terminally lost after all) are not really synchronized. ICMP is like one-time semaphoring.

And so on.

Anonymoussays:

Formal education

[Policymakers] don’t seem to understand the first thing about how the internet actually works.

Years and years ago, when I went back to school, my introductory, undergraduate networking course was 5 quarter-credits (we were on the quarter system), geared towards EEs and CSs (dual-listed course), and used an early edition of Andrew Tanenabum‘s Computer Networking as the course textbook.

Most policymakers would not have the prerequisites to get into that introductory, undergraduate course.

I don’t know quite what to do about the problem. Obviously, that level of formal education isn’t necessary for everyone. Many other people have informally picked up all that they need to become competent in their field, here and there as they went along. In fact, I myself was doing some professional computer networking before I decided to go back to school.

But, otoh, when I start to think about diving into the distinctions between circuit-switching and packet-switching, and then talking about virtual-circuits on top? contrasting that with connected-oriented versus connectionless protocols? distinguishing between protocols and services? You know, I think that people who haven’t had the advantage of a formal education are handicapped more than they might realize.

Iow, they don’t even know what they don’t know.

Whoeversays:

Re: Re: Formal education

Those policymakers don’t understand how the Internet works, but they have an army of advisers, many of whom do understand how the Internet works. They have access to GCHQ, where there are lots of geeks who have an excellent understanding of how the Internet works.

So, if the policymakers have plenty of people who can tell them that the proposed snooping isn’t going to provide useful information, what is it for? IMHO, it is likely that there is an ulterior motive for the snooper’s charter, which hasn’t yet been revealed.

gezzerxsays:

Vote the Bumbs out of Office

Why would any true loyal Americans, be they Democrat or Republican, Male or Female, White,Black,Hispanic or other, vote for a Democrat or a Republican when both .parties have shown their willingness to subvert the Constitution, our Civil Liberties, and our National Sovereignty through the TPP (The Trans Pacific Partnership) and have been doing so for decades & the Governments own records have proven this to be true ! We are being sold out by the Democrats & Republicans ! It now has become a choice between Fascism or Liberty & Fascism is winning !

Both parties have been complicit in this criminal activity. Some will say they don?t want to waste their vote, but you are already wasting your vote on Democrats & Republicans because they are the ones who have already betrayed us ! This should be a joint effort on the part of all Americans, Democrats,Republicans & Independent voters ! Organize now before its to late ! Your liberty is at stake and that of your children & grandchildren !

We get the Government we deserve, and nothing will change until we stop electing Democrats & Republicans after all they are the ones subverting the Constitution, & they must be held to account both politically & legally !

Both parties are owned by corporate America, two sides of the same coin ! Wise up America .

No more lies, excuses, rationalizations,or justifications, the public needs to hold these officials to account to the fullest extent of the law under Title 18 sec. 241 & 242 (Google it), so any future traitors will know there will be consequences to such behavior.

Unaccountable power is absolute power, & is absolutely corrupt !

As Mr. Snowden said the Politicians are afraid of you ! Now is the time exercise you power, you
may not get another chance !

REMEMBER: POLITICIANS, BUREAUCRATS AND DIAPERS SHOULD BE CHANGED OFTEN AND FOR THE SAME REASON.

Some words of true Patriots are as follows, as opposed to the words of false flag patriotism of today.

He that is of the opinion money will do everything may well be suspected of doing everything for money.
Benjamin Franklin

He that is good for making excuses is seldom good for anything else.
Benjamin Franklin

Experience hath shown, that even under the best forms of government those entrusted with power have, in time, and by slow operations, perverted it into tyranny.
Thomas Jefferson

Rightful liberty is unobstructed action according to our will within limits drawn around us by the equal rights of others. I do not add ‘within the limits of the law’ because law is often but the tyrant’s will, and always so when it violates the rights of the individual.
Thomas Jefferson

Tyranny is defined as that which is legal for the government but illegal for the citizenry.”
Thomas Jefferson.

?But when a long train of abuses and usurpations, pursuing invariably the same object evinces a design to reduce them under absolute despotism, it is their right, it is their duty, to throw off such government, and to provide new guards for their future security,?
Thomas Jefferson wrote this in the Declaration of Independence .

In framing a government which is to be administered by men over men you must first enable the government to control the governed; and in the next place oblige it to control itself.
James Madison

Liberty may be endangered by the abuse of liberty, but also by the abuse of power.
James Madison

The liberties of a people never were, nor ever will be, secure, when the transactions of their rulers may be concealed from them.
Patrick Henry

“We the People are the rightful masters of BOTH Congress and the courts, not to overthrow the Constitution but to overthrow the men who pervert the Constitution”
Abraham Lincoln

America will never be destroyed from the outside. If we falter and lose our freedoms, it will be because we destroyed ourselves.
Abraham Lincoln

We should not forget the warning of President Eisenhower .
https://www.youtube.com/watch?v=vLqWfWxqh_0
The NSA is controlled & operated by the DOD & the MIC (Military Industrial Complex) Private Corporations.

“The very word “secrecy” is repugnant in a free and open society; and we are as a people inherently and historically opposed to secret societies, to secret oaths and secret proceedings. We decided long ago that the dangers of excessive and unwarranted concealment of pertinent facts far outweighed the dangers which are cited to justify it.”
President John F. Kennedy
Waldorf-Astoria Hotel
April 27, 1961

As is said in the law, falsus in uno, falsus in omnibus. (“False in one thing, false in all things” is an instruction given to jurors: if they find that a witness lied about an important matter, they are entitled to ignore everything else that witness said.) The Government has been lieing to the American public for decades !

As a reminder Hermann Goering said at the Nuremberg Trials .
“The people can always be brought to the bidding of the leaders. That is easy. All you have to do is tell them they are being attacked and denounce the pacifists for lack of patriotism and exposing the country to danger. It works the same way in any country.”

?Fascism should more appropriately be called Corporatism because it is a merger of state and corporate power.?
Benito Mussolini

Time to start removing the corporate Congress from office & defunding the NSA & the Police Surveillance state, to pre 9-11 levels & force them to comply with the law & impose jail time for non compliance under USC Title 18 Sec. 241 & 242 (Google it) .

Only after the members of our 3 branches of Government, both Republicans & Democrats who conspired in this criminal conspiracy & violated the Constitution are prosecuted, should Mr. Snowden be charged with a crime. Prosecute those who broke the law first, in chronological order, then the Government can get around to Mr Snowden .

The short version of the above is as follows:
Any Government or Party that doesn’t abide by the Constitution does not deserve our respect or support ! ! ! They are traitors !

Disclaimer: Be advised it is possible, that this communication is being monitored by the National Security Agency or GCHQ. I neither condone or support any such policy, by any Government authority or third party that does not comply, as stipulated by the 4th Amendment of the U.S. Constitution.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Report this ad??|??Hide Techdirt ads
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...
Older Stuff
12:25 Australian Privacy Commissioner Says 7-Eleven Broke Privacy Laws By Scanning Customers' Faces At Survey Kiosks (6)
10:50 Missouri Governor Doubles Down On 'View Source' Hacking Claim; PAC Now Fundraising Over This Bizarrely Stupid Claim (45)
10:45 Daily Deal: The All-in-One Microsoft, Cybersecurity, And Python Exam Prep Training Bundle (0)
09:43 Want To Understand Why U.S. Broadband Sucks? Look At Frontier Communications In Wisconsin, West Virginia (8)
05:36 Massachusetts College Decides Criticizing The Chinese Government Is Hate Speech, Suspends Conservative Student Group (71)
19:57 Le Tigre Sues Barry Mann To Stop Copyright Threats Over Song, Lights Barry Mann On Fire As Well (21)
16:07 Court Says City Of Baltimore's 'Heckler's Veto' Of An Anti-Catholic Rally Violates The First Amendment (15)
13:37 Two Years Later, Judge Finally Realizes That A CDN Provider Is Not Liable For Copyright Infringement On Websites (21)
12:19 Chicago Court Gets Its Prior Restraint On, Tells Police Union Head To STFU About City's Vaccine Mandate (158)
10:55 Verizon 'Visible' Wireless Accounts Hacked, Exploited To Buy New iPhones (8)
10:50 Daily Deal: The MacOS 11 Course (0)
07:55 Suing Social Media Sites Over Acts Of Terrorism Continues To Be A Losing Bet, As 11th Circuit Dumps Another Flawed Lawsuit (11)
02:51 Trump Announces His Own Social Network, 'Truth Social,' Which Says It Can Kick Off Users For Any Reason (And Already Is) (100)
19:51 Facebook AI Moderation Continues To Suck Because Moderation At Scale Is Impossible (26)
16:12 Content Moderation Case Studies: Snapchat Disables GIPHY Integration After Racist 'Sticker' Is Discovered (2018) (11)
13:54 Arlo Makes Live Customer Service A Luxury Option (8)
12:05 Delta Proudly Announces Its Participation In The DHS's Expanded Biometric Collection Program (5)
11:03 LinkedIn (Mostly) Exits China, Citing Escalating Demands For Censorship (14)
10:57 Daily Deal: The Python, Git, And YAML Bundle (0)
09:37 British Telecom Wants Netflix To Pay A Tax Simply Because Squid Game Is Popular (32)
06:41 Report: Client-Side Scanning Is An Insecure Nightmare Just Waiting To Be Exploited By Governments (35)
20:38 MLB In Talks To Offer Streaming For All Teams' Home Games In-Market Even Without A Cable Subscription (10)
15:55 Appeals Court Says Couple's Lawsuit Over Bogus Vehicle Forfeiture Can Continue (15)
13:30 Techdirt Podcast Episode 301: Scarcity, Abundance & NFTs (0)
12:03 Hollywood Is Betting On Filtering Mandates, But Working Copyright Algorithms Simply Don't Exist (66)
10:45 Introducing The Techdirt Insider Discord (4)
10:40 Daily Deal: The Dynamic 2021 DevOps Training Bundle (0)
09:29 Criminalizing Teens' Google Searches Is Just How The UK's Anti-Cybercrime Programs Roll (19)
06:29 Canon Sued For Disabling Printer Scanners When Devices Run Out Of Ink (41)
20:51 Copyright Law Discriminating Against The Blind Finally Struck Down By Court In South Africa (7)
More arrow