UK gov admits gamble on massive net snoop plan

Two Plus Two Equals Four

Whitehall must simply not 'get it'. They're ultimately up against cold, hard mathematics, and they won't win.

They either look at everything (not merely "communications data", but all the contents as well), or they leave criminals (terrorists, etc,) with opportunities to keep their communications beyond surveillance.

Imagine Alice, Bob, Carol and Dave are part of a secret communications network. Alice writes a secret letter to Dave, puts it in an envelope addressed to Dave, and then puts that envelope in another envelope addressed to Bob. Alice posts that letter to Bob. GCHQ log the fact that Alice has sent this letter to Bob.

Bob gets Alice's letter, opens it, and sees it's just a sealed envelope addressed to Dave. He puts a cross on the back of the envelope, and puts it in another envelope addressed to Carol. He then posts it. GCHQ log the fact that Bob has sent a letter to Carol.

Carol gets Bob's letter, and opens it to find an envelope addressed to Dave. There's a cross on the back, which she knows means it's already been forwarded once. She puts the envelope in a new envelope, and addresses it to Dave. She posts it, and GCHQ log this fact.

Dave gets a letter from Carol. He opens it, and finds it's an envelope, addressed to him. He opens it, to find it's a secret letter from Alice.

The secret letter contains a fragment of another piece of correspondence, encrypted by some method. The letter also contains instructions on how to forward that encrypted fragment on towards its final destination, and how to re-encrypt it for that purpose.

How deeply do GCHQ have to inspect these network packets in order to truly keep track of everything? How many layers of envelopes must they open? How much material must they actually record? How much of the contents must be kept on file in order to truly keep up with secret communications?

For IMP and the like to actually work, it can't be just "communications data" that's logged. The actual contents have to be inspected as well, just in case there are hidden layers of protocols within the actual packet payloads. We either completely lose privacy, or the whole exercise is a gigantic waste of money. Anything short of a total loss of communications privacy, and the criminals can still keep their communications beyond inspection - which is where we already are if we don't do this IMP stuff in the first place anyway.

Why spend billions ending up back where we already are? Are we really going to sacrifice all our communications privacy? I haven't even mentioned steganography, yet!

The State needs to take a fundamentally different approach. IMP sounds like an attempt to make this newfangled internet stuff be more like old fashioned telephony and the like. It's like the recording industry wanting to hobble the internet so as to preserve their out-of-date business model. It is, instead, the State that must radically change its approach.

Instead of trying to "maintain" capabilities (and they may well genuinely believe that's all they're trying to do, even though they're clearly doing stuff never done before with snail mail), they need to undergo a revolution themselves. They need to accept that criminal organisations, including terrorists, will continue to have secret communications arrangements. Instead of trying to make that fact go away, the State and its agencies need to find ways to fit into this reality. That means finding ways of using modern technology, the internet, etc, in ways that aren't ultimately futile.

They need to think outside their increasingly out-of-date box.