back to article UK.gov to spend £2bn on ISP tracking

The government plans to spend £2bn for ISPs to intercept details of their customers' emails, VoIP calls, instant messaging and social networking. Under the proposals, mobile and fixed line operators will be required to process and link the data together to build complete profiles of every UK internet user's online activity. …

COMMENTS

This topic is closed for new posts.
  1. Dan
    Stop

    FOAD

    That's all.

  2. Anonymous Coward
    Black Helicopters

    Lets not get all hysterical

    Lets not get all hysterical; instead lets take our example from Mark Steele and embrace the tracking and make it cost them more.

    So we could just give them lots and lots of data to track instead; and if you are being awkward freedom of information act it back again with weird parameters just to make it fun for the ISP's. We need a small utility that google searches for top terrorist topics, middle eastern holiday tips and interesting virus research news each day and then visits all the websites during the night could be just the thing we all need.

  3. Paul Barnfather
    Stop

    What's the point?

    According to ol' Jackboots, all they want to know is "who is talking to who, not what they're saying". And the solution to this is mandatory DPI in every ISP.

    Apart from creating an operational and privacy nightmare for ISPs that we, The Governed, end up paying for, this appears to acheive sweet F.A.

    Please correct me if I'm wrong, but:

    - the ISP still don't know who I'm emailing (I use Gmail over HTTPS);

    - they still don't know who I talk to (Skype is P2P and encrypted).

    Oh well. At least they can drive the economy out of recession through the Magic Power Of Targeted Advertising {sigh...}

  4. The Fuzzy Wotnot
    Unhappy

    I thought they had this already?

    I was under the suspicion that MI6 already had a £45M ISP tracking system in place that could capture and store all ISP related contact between the UK slave...sorry citizens?

    Well done Jacqui, you will make us the envy of every tinpot little dictator the world over.

    Briton's #1 for child asthma!

    Briton's #1 for obesity!

    Briton's #1 for surveillance society!

    A day we can truly be proud to be British!

  5. Anonymous Coward
    Unhappy

    We CBA to do it

    So the goverment want to pay ISP's to do it. Doesnt anyone find that strange?

  6. Anonymous Coward
    Black Helicopters

    What a waste...

    What a waste of money, anyone with any technical knowledge know this is never going to work (for a start it's an IT related govt project!).

    A message can be encrypted to the point of being unbreakable, or hidden encoded in an image.

    The recepient can be hidden by simply uploading the image onto flickr, or some other image sharing service and letting them pick it up.

    Browsing habits get hidden by TOR.

    Want to go a step further? Well go and jump onto any open wifi point, there are still plenty about, especially in pubs and coffee houses where there are no cameras or other links back to your identity (you did buy that expresso with cash didn't you)...

    Or are we going to need their wonderful ID cards before we are allowed to buy a coffee?

  7. Ian

    Well...

    ...at least we know why the budget had to drop the £15bn in public sector expenditure savings down to £9bn now.

    Jacqui Smith wanted a few more billion to spend on spying on citizens, whilst real criminals just encrypt their communications or use different communication measures altogether.

    How can this government even justify spending £2bn on something like this when we don't have £2bn to spend, in fact, not only do we not have £2bn to spend, this government is putting us 100s of billions of pounds in debt?

    The citizens don't want this, opposition parties don't want this, there is no money for this, so why is it going ahead? I'm beginning to wonder if Labour is not only incompetent, but outright malicious too in that they want to fuck people over as much as possible. They know they have zero chance of being elected now for at least the next decade so figure they'll do everything they can to support their friends in the police, MI5, the music/movie industry, the financial sector and so on no matter what the harm and cost to the country or population in it.

  8. Mithvetr
    Stop

    Semantics

    ""I agree that what we're asking the industry to do is something that will put a burden on them," Smith said at today's IMP briefing for journalists. She said providers will be refunded the cost of collecting and processing the data by the government."

    So that'll be us, then - paying someone to spy on us. In what way, I wonder, this being the case, will this NOT be a government-run system?

    Isn't democracy great?

  9. MJI Silver badge
    Flame

    Is this why they are borrowing so much?

    Why don't they borrow less money instead?

    Why are they bothering when they will not be in power much longer anyway?

    What is wrong with the idiots?

    Burn them!

  10. Dave Bell

    I don't think they know what they're doing.

    What's this going to cost?

    An ISP is not only going to have to invest in hardware to do the DPI, they're going to have to monitor just about every packet sent.

    And who pays?

    This is going to drive the cost of internet connectivity through the roof. And, if I use https, how will they know anything more than I have a Hotmail account?

    Back to RFC1149-compatible data protocols?

  11. Ian
    Stop

    They're all mad.

    Given that New Labours has a little in joke of appointing increasinly insane Home Secrectaries, and that has led us to Jaqui, one wonders where they can go from here. You get the impression that in Jaqui's head she can always hear a constant whispering of terrorists making their plans right behind her, but when ever she turns around they are not there. Maybe only through the IMP can she finally stop the whispering voices.

  12. Anonymous Coward
    Anonymous Coward

    Paying companies to spy on their customers

    It's not "case by case" if the Government PAYS ISPs to spy on ALL of their customers and build a surveillance packet of information on EVERYONE, even if the ISP is never asked to hand over that data.

    It's mass surveillance.

    By accepting the contract, the ISP becomes a mere agent of the government, and as such the data become in the possession of the government and subject to the contract at the moment the ISP does the spying on the citizens. NOT when they hand it over to Jacqui's people.

    In BT's case, if they install DPI on third party networks, they are then liable for a whole heap of pain because that contract with the government makes them an agent and fully liable.

    So she may think she can dodge Parliament with this trick, but she cannot.

    I come back to the original point, there are clear indication that deep packet inspection is already running illegally. What is the extent of this and how many people are involved in this crime?

  13. Anonymous Coward
    Anonymous Coward

    Re: What a waste ..

    >> "A message can be encrypted to the point of being unbreakable, or hidden encoded in an image."

    That's where the RIP Act comes in. Hand over the decryption keys to the authorities when requested, or go straight to prison.

  14. Anonymous Coward
    Joke

    Smith household suspicious data tracking result:

    27/04/09 - Download - "Idiots guide to a totalitarian society.pdf"

    28/04/09 - Download - "How to win friends and influence people.doc"

    30/06/09 - Purchased - "Stalin: A biography"

    01/04/10 - Uploaded - "Gordon Browns Labour party, my part in it's downfall.pdf"

    02/04/10 - Download - "Ocean's 11.avi"

  15. Anonymous Coward
    Anonymous Coward

    [Jacqui Smith] proposes a "middle way"

    In other news today, Ms Smith has announced that she is the reincarnation of the 6th Dalai Llama, and that she looks forward to assuming her role as Panchen Llama just as soon as she has finished servicing the British people. She also took the time to compliment the glorious Chinese government and its compassionate and watchful care of all its peoples, including those in the region of Tibet.

  16. Tom Chiverton
    Stop

    @Barnfather

    The thing is, once they know you use GMail and Skype, a targeted attack against (just) you is a lot more likely to be successful. Witness Hushmail sending special non-encrypting Java applets when asked, Skype delivering an 'update' is just a similar thing...

    Don't stand for this - help No2ID get it stopped and attend a local meeting now.

    In the mean time, where can I find an application that connects randomly to a list of web sites and asks for a random page, that I can restrict to (say) 10% of my bandwidth and then leave idling on my laptop all the time ?

  17. Anonymous Coward
    Thumb Down

    freedom of information act

    "Lets not get all hysterical

    By Anonymous Coward Posted Monday 27th April 2009 12:07 GMT

    Lets not get all hysterical; instead lets take our example from Mark Steele and embrace the tracking and make it cost them more.

    So we could just give them lots and lots of data to track instead; and if you are being awkward freedom of information act it back again with weird parameters just to make it fun for the ISP's.

    "

    ONly one problem there AC, you forgot, these UK ISPs are private listed companies, the "Freedom Of Information Act" Does NOT currently cover them.

    Only the DPA (Data Protection Act)covers that personal data aka all the Phorm DPI points already covered and restated time and agin...

    dont see jackle and UK PLC looking to extend the "Freedom Of Information Act" to fully cover all aspects the the likes of Virgin Media and BT etc .

    after all VM etc just want your money, so they can stash it outside the country without useing any % of your monthly charges to actually upgrade the networks you pay for as included inside the basic viable business plan.... But that OT for this subject.

  18. Anonymous Coward
    Anonymous Coward

    Conspiracy

    Conspiracy is:

    "An agreement between two or more persons to engage jointly in an unlawful or criminal act, or an act that is innocent in itself but becomes unlawful when done by the combination of actors."

    If it would be illegal for the UK Government to perform mass surveillance on everyone, even if they only look at a few of the results, then it is illegal for ISPs to do it, acting as a paid agent of the government.

    It makes no difference that the surveillance profile is constructed by the ISP, it is constructed on *everyone* and that is not permitted under the privacy law, and specifically disallowed under the EU data retention directive.

  19. Aldous
    Black Helicopters

    skype

    dont be so certain skype can protect you, its encryption is a closed system and that usually means weak/bugged. also didn't skype open a backdoor for the chinese?

  20. Anonymous Coward
    Thumb Down

    encyption etc

    "A message can be encrypted to the point of being unbreakable, or hidden encoded in an image.

    The recepient can be hidden by simply uploading the image onto flickr, or some other image sharing service and letting them pick it up.

    Browsing habits get hidden by TOR.

    "

    sure thats true, BUT you forget , your everage end users in the UK still NEED a FREE end point outside the UK to then make and use these encrypted tunnels, thats Just NOT happening, even PB are charging a nominal fee for their new tunnels so thats out for most people.....

    as for Tor, again ,sure thats an option BUT only if you can stand super slow anon end points, as again, theres NO mass of Co-Location 10Ggabit TOR end points around, they dont allow or encurage binary data through the TOR network as you never know if your going to hit a helpful consumers pitance of an Upload bandwidth......

    its a problem for sure, but potential dialup speeds are not the way to encurrage Uk end users to take up the TOR banner and help out the whole network, ANY Co-Location high bandwidth server end points will help.

    do you see any non UK 3rd party vendors setup up shop for Mas free TOR and tunneled Endpoints, i dont.... perhaps theres a business plan that can work, but noones spoken of it yet...

  21. Richard Kay
    Alert

    @Paul Barnfather

    "They still don't know who I talk to (Skype is P2P and encrypted)."

    I would guess that the encapsulating packet addresses contain enough information in Sype to

    identify the endpoints, even if the encrypted tunnel scrambles the conversation. So I suspect that unless you use a VPN through an offshore gateway, the UK Gov can obtain information about who is talking to whom and when and for how long, if not being able to tap into the relevant conversation. Also I don't know what kind of encryption is used in Skype or anything about the security of Skype key management.

    In general I would agree that being subject to this monitoring is voluntary in exchange for cheapness. But to opt out of deep packet inspection and traffic analysis of encrypted content you will need to proxy all applications to an offshore gateway VPN server and insert some plausible chaff on the connection, as well as using a secure VPN technology and being careful with key and host management.

  22. brimful

    @Matt

    You forgot to add

    29 March 2009 - Download - "Jaq-off special"

  23. Anonymous Coward
    Anonymous Coward

    @Tom Chiverton

    > where can I find an application that connects randomly to a list of web sites

    #!/usr/bin/perl -w

    my $totalitarian_state=1;

    while ($totalitarian_state) {

    $_="...";

    s,,int rand 256,eg;

    `wget -O /dev/null http://$_/ `;

    sleep (5 + int rand 5);

    }

  24. Anonymous Coward
    Black Helicopters

    Index this

    A while since I've used so some of the options may not be correct

    wget -r -l 5 -O /dev/null -q -H http://www.google.co.uk/search?hl=en&q=the&btnG=Search&meta=

    Only about 263,000,000 pages.... at the top level

  25. Anonymous Coward
    Anonymous Coward

    A quick chat

    With a security consultant friend of mine, once he'd stopped laughing, told me that this was just as impracticable as the first idea. Just run a trace of the internet activity your PC does without you at the key board, and that's several MB of audit data for just turning the bloody thing on, let alone surfing your favourite site. Now just multiply that by several million people per ISP per day.

    Just to be helpful he suggests that you send any eMails to as many people as you possibly can, made up addresses will do, they all have to be checked.

    Remember your internet traffic when audited, has to be properly indexed, otherwise how do you find it when you want to look at it, so think that ISPs would probably have to store data in a format rather like WireShark.

    So now the ISP has store your data, how do our gallant boys in blue find you data, and then understand it, well, actually, they don't, because they hand it off to a private forensic service to do it for them, who then have the task of going through all that boring s**t you do on the internet to find that actually quite a lot is encrypted, and so on.

    A sobering thought is how many people and systems you would need to actually need to actively analyse all of this stuff to the evidential quality you would need for it to be admitted as evidence in court. There are not many QCs who would actually take an ISP at their word, that the data they have archived was of evidential quality, they would ask the ISP to prove it, and to prove that your internet logs could not have been tampered with, and that it really was you.

    So El Reg how about getting one of your tame security consultants to explain how you might actually be able to do this, and how much it might cost.

  26. Jack the Ripper
    Thumb Down

    @AC Monday 27th April 2009 12:38

    The beauty of encrypting a message and hiding it in a picture is that firstly you have to know that there is an embedded message in the picture. Secondly, if you use the recipient's public key to do the encrypting, you can't decrypt the message anyhow thus nullifying RIPA. They will, however, probably get you for something else (wasn't it amazing how, a couple of years ago, every terrorist suspect that couldn't be charged was found to have kiddie porn on the hard disks of their computers) but that's a different matter.

  27. Zargof

    Awesome!

    This is a nice stimulus package for the UK tech industry. Sounds like there will be a fair few jobs for networking and coding monkeys. Of course when it's done I'm sure you'll get a few stories about how it help to prevent some terrorists incidents similar to the one in Manchester the other week. Trouble is anyone that is serious will be able to get around this, so it's really not going to make any real difference.

  28. Anonymous Coward
    Anonymous Coward

    I2P

    Been using it for about two weeks now, and found it very fast for web browsing. Other protocols are supported, and exitproxies seem numerable (more so than Tor, and faster for HTTP at least).

    I lose out on being able to watch iPlayer, but if that's the only traffic (along with games) which go through an unencrypted connection I'm not all that bothered.

    Even comments to El Reg will be over I2P very soon; Might even shell out for a VPN connection out of the country.

    The best part about I2P? You can set it to saturate your connection during offtime; 8Mb of encrypted data all night long would be a great bloat to the ISP tracking DB. Unless you purposefully set up an exitproxy,. all you end up doing is routing to another node. All data is encrypted through your connection, and therefore untraceable.

  29. Mad Mike

    Mr Smith.

    I think this is simply a ruse so that Jacqui knows what her husbands whacking off to...............

  30. Scott
    Thumb Down

    Paper

    Old face ache jacki just brought a large slice of a paper company as i still think its against the law to open good old fashion mail. Amazing the most private way to send data soon will be to write it on a piece of paper (until its legal (like this would stop this goevrment) to open your letters looking for 1 of the millions of terorist we see every day, oh wait its just Proper gander that theres a terrorist in every community, just ask the 12 blokes arrest the other week, well done Jacki on that one as well),

  31. Anonymous Coward
    Flame

    This is Sounding Worse and Worse

    This is sounding worse and worse.

    "Home Secretary Jacqui Smith said today she had "ruled out" the idea of a central government-run store of communications data on privacy grounds."

    "Privacy grounds"?!?!? And yet the alternative is something that's no less a violation of privacy anyway.

    What's more, as AC @ 12:57 GMT pointed out, ISPs are nicely beyond the reach of Freedom of Information. Isn't that like ACPO? And the IWF? This is moving State "surveillance" of the general population beyond democratic accountability (not that we have much of a democracy, but even so...).

    Jacqui Smith's contempt for us seems endless.

    Here's some "e-petitions":-

    http://petitions.number10.gov.uk/privacy-matters/

    http://petitions.number10.gov.uk/erosionofrights/

    http://petitions.number10.gov.uk/GCHQinvasion/

    http://petitions.number10.gov.uk/stopdatabase/

  32. Anonymous Coward
    IT Angle

    Sleepwalking.

    The retrenchment from the uber database is to be welcomed, but it should be noted that Smith's claim that it is because of 'privacy concerns' is just another bare-faced lie from the lying liars who have governed us for the past twelve years.

    The real reason for the abandonment of this POS is that the country has been bankrupted by a group of economic terrorists while those we elect to have oversight of the executive sit in the Westminster parliament and are happy to be bribed with unaudited expenses, bullied and blackmailed by government whips who herd them through the voting lobby like the pathetic sheep they are. All parties.

    There is probably a clause buried deep in the RIPA legislation that refers to 'economic sabotage' but don't hold your breath waiting for the prime suspects, Blair, Brown, and Mandelson (and by default, Cameron and Osborne) to be hauled up before the beaks.

    Obviously there is no IT angle, just go back to sleep.

  33. blackworx
    Flame

    I smell a rat

    So they overcooked the original IMP uberdatabase proposal, instantly making whatever crock they dreamed up as its replacement easier to swallow. I f*cking hate politicians.

    Oh yeah and while I'm on it, I saw some nonsense reality TV program about the "UK Border Agency", in which its agents were battering on some poor pleb's door shouting "open up it's the Home Office". The producers must've cut the "if you've got nothing to hide" rider off the back of it (HHOS). And anyway, since when did the Home Office become an executive agency?

  34. Anonymous Coward
    Coat

    Response

    My response to the consultation is short and simple:

    "JACQUI YOU'RE OUT OF YOUR FUCKING MIND"

    (And you're not the first Jacqui I've known who is a complete lunatic)

  35. Paul Barnfather

    @replies

    Thanks for the replies, all.

    I totally agree that there are ways around this - either for the security services or those that are being watched.

    I think the main points are:

    1) It'll cost a fortune - and we know who'll be footing the bill

    2) It won't achieve what the government think it will achieve: an easily accessible repository that lists who talks to whom

    3) The very existence of such a repository is probably illegal anyway...

  36. Igor Mozolevsky
    Boffin

    If only there was a way...

    of faking the Internet traffic... Hmmm!..

    Clearly these guys are utterly clueless. Just remember boys and girls, garbage in - garbage out...

  37. Anonymous Coward
    Anonymous Coward

    @AC 13:36 GMT

    Cool! store it in wireshark format, i ran that against my connection for a couple of minutes at the weekend and generated a couple of megs of trace.

    Last month I downloaded 60GB

    Methinks they will have to convert the Isle of Man into a giant storage farm.

  38. Dennis
    Alert

    I for one think Jaquai is lovely and very stable

    'Under the proposals, mobile and fixed line operators will be required to process and link the data together to build complete profiles of every UK internet user's online activity.'

    So when all this takes off what do you think it will mean......

    User ID 164328623414709.

    Regularly publishes to a website critical of Government Policy. (El Reg)

    Regularly reads information critical to current UK Government Policy/Law Making. (Out-law.com)

    Regularly purchases items from outside UK/Europe (eBay)

    Likes to visit adult content sites hosted in Non EEC Countries (www.BBWrUS.us)

    Spoke to unidentified associate on Mobile Telephone number 0123145-012365651 Location London

    Went out in car - Withdrew £30 cash from HSBC - Spent 3 hours in pub, Purchased 1 pint. Spent £10. Conversation held covertly.

    Drove home. Vehicle Tracked by Police.

    I for one bow down to over Information Overlords. Because if you don't you will be arrested on your way to University, school , work, Gordon Brown will go on the news and tell everyone you are murdering terrorist and as guilty as sin before they deport you for being too clean.

    Nobody is that clean Governor we can't hold them long enough to find the dirt' Pity we didn't get the 42 Days in.

    Next time my young apprentice, they can run but they can never hide.

    Can we have a new 'Being Watched Icon?'

    Something like the Eye of Sauron in the Lord of the Rings.

    or

    the Red Eye, the Evil Eye, the Lidless Eye

  39. Anonymous Coward
    Coat

    @ re:what a waste

    *** >> "A message can be encrypted to the point of being unbreakable, or hidden encoded in an image." That's where the RIP Act comes in. Hand over the decryption keys to the authorities when requested, or go straight to prison. ***

    Never mind that they do not actually plan to keep any message in the databases ("just" the sender / receiver addresses etc). Never mind the nonsense about encryption being unbreakable etc. Then the RIP act nonsense - all terrorists are just rolling their thumbs and waiting in the UK are they? Furthermore what about temporary ad hoc decryption keys which are session specific and cannot be recreated?

    The only people really spied on effectively with this nonsensical proposal are those who really have nothing to hide. Any educated criminal and terrorist will easily get around this stupidity. The sad thing is that this obvious aspect should by now be rather obvious to our government.

    So what is the real issue here?

    1. Are they really that stupid that they believe what they are proposing will work as envisaged?

    2. Are they so corrupt that they do not care for the consequences.

    3. Is this idea promoted as a sick way of getting / keeping some selected businesses on the gravy train?

    4. Are they so arrogant that they are not aware of the threat that their proposal creates to the population at large?

    5. Are they so self important that they think the population is too stupid to understand the risks involved?

    etc...

  40. Barry Lane
    Paris Hilton

    Government and IT. Oh, good grief!

    This benighted government has an abysmal record with IT. WTF do they think they're going to get from this that they could possibly use? After all, if they're running surveillance on any individual or group, they can do it without waking up the UK's fab band of ISPs to do anything other than put an ever tighter lid on our usage levels.

    Perhaps we should introduce a law that says any numbnut potential candidate for Parliament must have at least a working knowledge of computing or - oh, I don't know - be put to death, say.

    Just a thought. After all, if these dicks want to investigate every aspect our feckn lives they should at least know what they're talking about. Perhaps we should show them absolutely everything we do; send Jacqui our stool samples, for example.

    How stupid are these damned people?

    Paris, cos I'd rather be in Paris in the Spring.

  41. Igor Mozolevsky
    Pirate

    Potential for misuse?

    I wonder how access to these records is going to be controlled, and whether there will be leaks to the press about various officials "surfing" to "immoral" sites...

    There was some talk about bots on some Gov't computers somewhere, right?..

  42. Anonymous Coward
    Anonymous Coward

    RE:I2P

    I'm going to try that out when I get home. It looks like the future of the internet to me, if things keep heading the way they are.

  43. Anonymous Coward
    Thumb Down

    Fud

    More terrible FUD propaganda from a gov who lost touch with reality through the smokescreen of their lies...

    badguy@ukhost:~/$ ssh my-no-log-proxy.cn

    badguy@my-no-log-proxy:~/$ wget guyfawkeshandbook.txt

  44. Anonymous Coward
    Flame

    Wihtout sounding like an idiot............I work in IT

    Yes, yes all this noise about DPI and how it's now the ISP who will have to pay, yadda, yadda, yadda. For what it's worth here's my opinion......

    1) The recession will save us; How many private companies are going to be falling over themselves to implement a system which may or may not be deemed illegal by the EU at some point? They will form a cartel and plead poverty - so either HMG pays up and funds this insane project or it will die a slow and unlamented commerical death.

    2) It's an IT project that has come from HMG. Come this time next year you can bet your arse that this will have been pushed into what those who play the game call the "long grass".

    3) That mad old harpie and all of her cronies don't have the time left to implement such a scheme, less so to construct her uber-database, before the general Election next year - though in a worrying development IBM - a company well known for it's database-building-and-cataloging-of people-skills has won a number of contracts with the HO to do just that.

    So there you have it. Companies won't pay for this, Government can't afford to and either way they haven't got the time to even if they had the money to do so.

    That said they are still a bunch of c@@@s and will be undoubtedly shitting themselves when they can no longer rely on Parliamentary priviledge to protect their amoral asses.

  45. MinionZero
    Stop

    If you are an MP, then 1984 is an instruction manual.

    Criminals will just use ever more complex encryption, or simply not use the Internet to talk, so won't be affected.

    Meanwhile millions of innocent but non-technical general public will be profiled more than any police state in the world has ever achieved before.

    So much for freedom and democracy.

    As for ruling out a central database on “privacy grounds” ... thats an utter lie and direct evidence of government use of manipulative wording. They know it undermines privacy.

    At least now the government has finally shown why they haven't stopped Phorm. They want Phorm. But Phorm is more than DPI. Everyone technical keeps getting caught up in discussions about DPI. This isn't about DPI, its about Phorm style technology building automated profiles on everyone. Phorm like technology uses standard data mining techniques to extract profiles of everyone, in effect creating automatic summaries of people. Thats literally Big Brother and its what the government gains by using Phorm like techniques.

    The next step is leaving laws wide open to allow for ever more feature creeps, so ever more people can dream up reasons to monitor everything people do and say online. Then they can slowly over time start to add more hidden punishments like restricting government jobs and government contract jobs to only the politically loyal people. Hold back opponents. I'm sorry your company cannot have this government contract as you employ 3 people who have openly protested online against the current government. This shows your company and employees are not behind the current government and so your company will not get this contract or grant. This will force any company wishing to win government contracts, to weed out anyone politically motivated. That will also help them rid themselves of anyone potentially willing to back the formation of unions to force more fairness out of employers. We have seen that so many times throughout history. Now the police state will be able to gain this kind of information like never before. Government employees are profiled now, this technology will simply allow deeper profiling.

    I wonder who are the governments real targets? ... Most criminals will not be affected by this police state. Whereas millions of the general public can oppose the MPs and even throw the MPs out of their job. Looking at it from the government point of view, it looks like the general public is a bigger threat to MPs than criminals. Which would explain why the MPs want a police state to monitor everyone who can stand up and oppose them.

    We have a right bunch of self serving, truly arrogant, utterly self righteous people at the top.

  46. Will

    https - safe?

    First thing I thought when I heard this was "bugger - gonna have to use https all the time now". However it got me thinking about that. If ISPs are in control of our communication layer, are https certs still going to work? Doesn't their complete control over that allow them to just manufacture their own certificates and set themselves up as the certification authority?

    This isn't a point, it's a genuine question - is https really safe now?

  47. Tom
    Thumb Down

    DPI Free for all???

    If the Gov are allowing ISP's to use DPI, and if Phorm gets the official approval, then surely it will only lead to a DPI free for all where unsavoury attackers will seek to grab the very same packets with the same tech know how or tech know how that is better than that of ISP's.

    The exact opposite should be taking place, meaning that it should be made illegal for anyone to intercept the packets sent from a persons internet connection, unless of course the proper lawful authorities are granted a court order to intercept a suspect in an ongoing investigation.

    At this rate, I have no Privacy, especially as the Gov, want access to who I communicate with, and where and when. So what is the point in all those other Government Acts and laws that are supposed to protect my privacy?

    New Labour = New Stasi

  48. Anonymous Coward
    Stop

    Do the Maths

    Posted as AC cos I don't want to make it too easy for them!

    The following excludes business traffic.

    There are 22m households in the UK as at 2001 according to the Environment Agency

    In 2008 16 million households have access to the internet

    http://www.statistics.gov.uk/CCI/nugget.asp?ID=8

    say 20% have more than 1 machine

    = 19 200 000 machines connected (say 20 million to make the maths easy)

    Say each user makes 100 website visits a day = 2000 million sites a day = 2000*365 = 730 Billion pages a year (US billion)

    Add social networking site visits (U.K. Social Networking Site Usage Highest in Europe) Heavy users of social networking sites in the U.K. … consumed an extremely high volume of content from the social networking category, viewing over 3,000 pages per month.

    http://www.comscore.com/press/release.asp?press=1801

    Plus chatrooms

    Plus skype

    Plus wireless hotspots

    How many unsecured wireless networks are there down your street ?

    Stuff being added to youtube and flickr etc faster that they can monitor it

    All this will be across a number of sites and networks.

    Because they have to store both ends then double the number you first thought of.

    Now include all the spam received by all uk households

    Now index alll this data to tie it all up uniquely to you and me.

    It’s only £2Bn over 10 years, but if they want DPI and storage all the investment has come in year zero

    Content not included, so index trillions of data sets assign it to one of 16million households and store it

    Great software requirements spec from the ISPs:

    Get data from we don’t know who

    Get data about where they’re visiting

    We don’t know how big it’ll be

    Collection of all this has to be done at Warp speed

    It’s all completely random

    Store it

    Index it

    Assign it to we don’t know who

    It has to be done for fixed price cos we’ve only got a portion of £2Bn

    [don’t know how big a share yet] plus can we pay you over 10 years

    Oh and no mistakes either.

    This is internet only, not telephony or mobile similar calculations apply!

    Are they serious or are they having a laugh ?

    You mean they _are_ serious !!!

    IDIOTS

  49. blue
    Unhappy

    Totalitarian State

    Any criminal, spy or terrorist worth their salt knows that when communicating with co-conspiritors avoidance of the 'normal' means of mass communication - internet or telephone - is more secure and less likely to result in being found out.

    What this bill, these measures, do instead is cover the entire populace of the UK in surveillance. This will allow the state, from ministers to councillors to know your:

    - political affiliations: which newspapers you read; which party websites you visit; which protest sites you visit; which political causes you sponsor or are interested in.

    - religious affiliations: spiritual beliefs; interest in converting to Islam?; support or opposition of contentious (or sometimes contentious) issues such as abortion; stem-cell research; homosexuality; same-sex marriage; membership of a non-mainstream religion

    - sexuality; your sexual interests or pecadillos; how much porn you use; secret sexual inclinations that even your partner knows nothing about.

    And so much more!

    The government has no business knowing any of these things, and yet this information will become available to all sorts of agents of the state on the flimsiest of pretexts. Suspected (or wrongly accused) of fly-tipping? Say goodbye to ALL of your privacy and have the state trawling through your business.

    This law should be repugnant to anyone who believes in a liberal democracy and is indeed the final nail in the coffin of an open, free and democratic state.

  50. Anonymous Coward
    Stop

    Due cause

    I'm ok with selective surveillance of evil folks given a range of indicators and judicial review of due cause or alleged intent to harm others.

    I'm totally opposed to any effort to setup a mass state sponsored data warehousing infrastructure for personal communications or surveillance.

    The state and their agents have sufficient power (to misuse and abuse) already. Ya basta!

  51. Anonymous Coward
    Anonymous Coward

    I spy with my little eye

    Something beginning with D!

    Lets say 1000 items per person per day. i.e. 21 trillion pieces of data indexed. So she's proposing to index 21 trillions items of data to make 500,000 searches more efficient.

    And how is the query run? You connect the database to GCHQ and let them run the query? So it's effectively a distributed central database?

    Even though those 500k searches are done today, seemingly without problem, so little problem in fact that she refuses to put any judicial process or controls in place. Nothing more than a senior officer signing a letter (e.g. Bob Quick of the MET signing a letter to say that he wants to grab Damien Greens MP communications....) and she counts that as safeguards?

  52. BlueGreen

    fake browsing applet

    For people with short memories here, TrackMeNot is an FF plugin. Simple and probably quite effective. Don't crank up the fake browsing rate too high (I use 10 batches per hour) or google will pick it up and lock you out for a while.

    Looks like I'll be installing Tor or I2P or something. Like I've not got enough already to do... stupid government.

    And (other story) witless David Cameron, what a clue-free prat. How can I try defending politicians when they just blurt it out without waking their brains first? Seriously, some of them are utter idiots.

  53. Anonymous Coward
    Thumb Down

    no such plot

    I can't believe how many people are falling for this blatant churnalism, I had a load of stuff about the multiple holes in the continued rehashing of this for dramatic effect by the gutter press etc, but I cant be arsed anymore

  54. Jimmy

    IMP consultation.

    Here's a sample from the HO consultation document.

    The Government would welcome responses on the following questions:

    Q1 On the basis of this evidence and subject to current safeguards and oversight arrangements, do you agree that communications data is vital for law enforcement, security and intelligence agencies and emergency services in tackling serious crime, preventing terrorism and protecting the public?

    Found on page 22

    Q2 Is it right for Government to maintain this capability by responding to the new communications environment?

    Found on page 22

    Q3 Do you support the Government’s approach to maintaining our capabilities? Which of the solutions should it adopt?

    Found on page 30

    Q4 Do you believe that the safeguards outlined are sufficient for communications data in the future?

    Found on page 30

    If there are any other additional comments that you would like to make, and are unable to make that comment in response to these questions, please forward these to:

    Nigel Burrowes

    Communications Data Consultation

    Room P.5.37

    Home Office

    2 Marsham Street

    London SW1P 4DF

    Or by e-mail to: communicationsdataconsultation@homeoffice.gsi.gov.uk

    The BBC has the full pdf document available for download at:

    http://news.bbc.co.uk/1/shared/bsp/hi/pdfs/27_04_09communicationsconsultation.pdf

  55. Anonymous Coward
    Paris Hilton

    And where are they going to store all this stuff?

    Given that there is a shortage of data centre capacity and connectivity in the UK combined with a lack of power to run/cool the data centres where exactly are they going to keep all these even limited records?

    And what about the volumes of Spam? about 90% of my inbound email appears to be chinese viagra adverts, there must be terabytes of that shit floating around to fill the non existent data centres that will be used to store this data for sorting at the governments behest. Technically speaking where all guilty of conspiracy to deal in prescription only drugs!

    And thats before we follow Mark Thomas lead and start sending and resending all the viagra adds to all and sundry. I suspect that a couple of days of intensive spam forwarding would cripple the storage systems.

    And the simplest way to thwart Jackies daft plan, simply open a webmail account and give your friends/co conspirators the password, then simply write the messages as drafts, that way no mail is sent between parties and no links are made.

    Paris, shes better at deep packet inspection than Wacky

  56. Ben

    TV???

    from the consultaion:

    12. changes, companies will offer more communications services, for voice, data and media, and including TV, social networking, music, video messaging, games, text, email and internet browsing. Some new services will be offered by the companies that operate the existing communications networks. Others will be offered by companies, some based overseas, providing services without any physical networks of their own.

    Does this imply that .govt want to know what we're watching, for anti-terrorism?????

  57. Anonymous Coward
    Anonymous Coward

    The sooner mesh networking

    and people start installing their own community networks the better. But all this is going to do is increase the use of proxy systems, and encryption which means the Net will slow down.

  58. Someone
    Black Helicopters

    Re: TV??? (or a CCTV camera every ten metres)

    Paragraph 12 of the Summary gets to the heart of the matter. That one paragraph is very chilling. It refers to things the State has no ability to monitor when they don’t take place on the Internet. Why mention TV and music, even in passing? The whole Summary could be re-written as follows.

    “In the future, more and more of us will use the Internet to communicate by text, voice and video, to read newspapers, magazines and books, to watch TV, listen to music, play games and to socialise. We want all of these activities to be recorded. You can think of it as an extension of the CCTV camera networks. Imagine we were to extend them from city centres and crime ‘hotspots’ to the pub, your home and even halfway up a mountain in Scotland. Wherever you are, whatever you do, if you do it virtually, there’ll be a camera on you.”

    No, I don’t feel any better for my rant. When techno-evangelist Bill Thompson writes the following for Index on Censorship, you know something’s very wrong.

    “In the end those of us who do not want to be profiled may be forced to abandon the public Internet entirely, using anonymous technologies and encrypted communications protocols to move to a private, anonymous network created between co-operating computers and leaving the Internet to the Tesco Clubcard-yielding masses who think automatic number-plate recognition is a great idea.”

    And, that wasn’t about the Government, just Phorm.

  59. amanfromMars Silver badge

    Profit and Loss .... Gains and Liabilities.

    "Any criminal, spy or terrorist worth their salt knows that when communicating with co-conspiritors avoidance of the 'normal' means of mass communication - internet or telephone - is more secure and less likely to result in being found out." .... By blue Posted Monday 27th April 2009 16:32 GMT

    Actually, you will find out that the opposite is true, blue, whenever sytems are being abused by criminals,spies and terrorists posing as legitimate forces and even as governments, which as you must surely now realise are only a right dodgy pack of old Party hacks/members of an effete cabal masquerading as a democratic Cabinet hiding in a cosseted closet ..... and completely at the mercy of other worldly views that would challenge their Selfish Petty Short Vision and Lack of Future Intelligence.

    You just have to ask yourself a simple Question ..... Why do Governments and Businesses not use Instant Global Communications like the Internet and telephone, which are so cheap nowadays as to be virtually for free and available everywhere, if they have nothing to hide?

    The enemy is within and trying to hide itself increasingly badly, as Information is Globally Shared in an Instant, to question anything shared that is untrue or contrived or maliciously invented to server a hidden agenda.

    The Paradigm has Changed Fundamentally and the Establishment/Status Quo still hasn't come to terms with their Demise and Fall from Grace and Favour ...... and hence the Unseemly and Increasingly Desperate Rear Guard Actions/Panic Measures/Red Herrings. .... but One cannot stop Progress and Change for that is the Natural Status Quo Norm State for Evolution. Deny IT Nowadays and that will Always Result in a Highly Charged and Accurately Targetted Purging Revolution ...... so that is One Hell of an Excellent Reason to Let IT Be ... Suck IT and See :-) ...... http://www.phrack.com/issues.html?issue=65&id=13#comments

    What have you got to Lose, other than Innocence and Ignorance?

  60. Drew Whitworth

    Let's help the Royal Mail

    Anyone fancy starting a campaign to revitalise the lost art of letter writing? After all, the Royal Mail need a boost. As yet there are no plans to open our snail mail. However, I stress the "as yet": I wonder how long it would take this lot of fascists to come up with some legal route by which they gave themselves the right to do so. But perhaps that is the only thing that would wake up the comfortable middle-classes to the breadth of the surveillance society.

    So, let's get writing those letters again. Hell, it only takes a day with first-class post - at least in theory...

    Drew

  61. Alfazed
    Happy

    Hmmm

    So when they finally have their hands on this mass of personal data, they will ignore whatever information is mined from it, unless it's dirty data, in which case they will use it to get their way.

    Democracy, don't ya just love it ?

    ALF

  62. Bod
    Thumb Down

    Insanity

    As if the centralised database wasn't bad enough, to now insist that the data must be kept in the hands of private companies, somehow linked together means that control will be sloppy and data will almost certainly be leaked or abused.

    How is this to be policed? Surely ISPs will be required to have appointed and security vetted (by the gov) individuals who are responsible for keeping the data safe and can be trusted.

    What happens when ISPs go tits up or get taken over?

    Who is to say that MyISP doesn't employ an extremist terrorist who will have access to this data?

    But then as far as Jackie is concerned, we're all extremist terrorists anyway until proven otherwise.

  63. Anonymous Coward
    Go

    thats it...

    i am off to China where they have more freedom.

  64. Ant Evans
    Thumb Up

    I'm in favour

    I've read the consultation document and I'm in favour of this scheme. It is obvious to anyone involved projects, private or public, that it will fail at every level - and there are a lot of levels for it to fail at:

    Technical. Packet snooping is easily defeated, storage will be insufficient, snooping algorithms and or signatures will need to be updated remotely and securely with random Skype / MSN / Twitter versions, data has to be returned to HQ securely, appliances will be susceptible to hacks, and queries will take days to run and return millions, possibly trillions, of false positives.

    Financial: running costs are impossible to predict. Is this included in the £2bn? What's the annual cost and why wouldn't it rise proportionately with app versions, traffic volumes, flash-in-the-pan ISPs, new P2P protocols, and new social networking fads?

    Organisational. ISPs run lean and couldn't organise a party in a LAN room. There is no test as to whether they are routing all packets to the snooping appliance. So at 8pm on Sunday when their networks choke, they'll just route around it and cite unavoidable and unprecedented operational issues - if anyone even asks.

    So in the unlikely event that this ever gets beyond a pilot, it WILL grind to a halt and be ignored by everyone.

    The one advantage, which is why I'm in favour, is that it represents a subsidy for ISPs to fix their underpowered networks. So we're all likely to get slightly less bad availability and performance as a result.

  65. David

    Payment

    So the government are paying ISP's to do this? I would have thought the money would have been best spent on improving their infrastructure, like fibre to the home, for instance. Just HOW is this deluge of information going to be analysed and WHO is physically going to decide what's important and what's not? I can imagine this damn-fool scheme keeping an army of civil servants and clerks busy for a few hundred years!

  66. John Smith Gold badge
    Flame

    So the rest of the Government IMP is costed at £10bn?

    Because £12bn was the only figure given out and I doubt that splitting th requirment across multiple databases will lower the cost.

This topic is closed for new posts.

Other stories you might like