back to article Investigatory Powers Act signed into UK law by Queen

Queen Elizabeth II today signs off on Parliament's Investigatory Powers Act, officially making it law in the UK. Her Maj not only had the last word on the new legislation — aka the Snoopers' Charter — she had the first. She publicly announced what the law would be called during the official opening of Parliament after last …

Silver badge

If you are of interest to a law enforcement agency, and if you use anonymizers or VPNs or encrypted messaging, that is likely to increase their interest and bring closer scrutiny. If they have a decently plausible justification, they may be able to obtain a warrant (or UK equivalent, if different) for access that is much more intrusive than metadata collection, and much more likely to succeed in obtaining information about your activities in connection with whatever caught their attention in the first place.

The short version: if the police are interested in you, they generally will find ways to investigate you.

0
1
Anonymous Coward

> Bad guys getting hold of the log is one thing, but it's too easy to plant evidence in your ICR log without your knowledge

Yes but, according to my forensics course years ago anyway, it is difficult to prove to whichever standard is required by the situation at hand, that it was a particular person accessing the questionable material. Besides, in sane societies (which squarely excludes England) the mens rea would need to be unambiguously established.

Then again, that's a small consolation. If someone is trying to bring you down (e.g., because you would come in handy as a prosecutable suspect when they can't find the actual culprit, cf. the Guildford four) you've got a pretty big problem, because they're not just going to go away.

2
0
Anonymous Coward

> The short version: if the police are interested in you, they generally will find ways to investigate you.

Yes, but presumably the other gentleman is advocating circumvention precisely because they should not be sticking their noses into the general populace's lives. However, as pointed out, the net result is that it now makes it *harder* for them to track those who are of actual interest.

0
0
Silver badge

I find it interesting that fairly straightforward and likely enough correct statements are so often downvoted and disputed.

The point was that if the police are interested in you, no matter the reason, using a VPN or TOR is unlikely to deter them or interfere significantly with their ability to pursue that interest. And it is not at all obvious that it will make it harder. Communication data surveillance is only one of their tools, and for in-country residents probably is one of the least important.

0
1

This is the whole point. IF someone is of interest, then the relevant authorities should go and get the proper authorisation and carry out a proper investigation. Scooping up everyone's data in the hopes it might contain something of interest can hardly be called investigatory, as this act's title suggests,...it's simply an invasion of privacy.

0
0
Anonymous Coward

> The point was that if the police are interested in you

Tom, none apart from you are talking about the cases where the police *are* legitimately interested in you.

What we're talking about is when every fucking man and their dog got essentially unrestricted access to your communications *even though* they have no legitimate interest in you.

0
0
Anonymous Coward

It doesn't work that way if they use 'Cain & Able' to plant files set with dates months or years before the date they attacked the PC I'm told. Then try proving to a court of law that you didn't even own the device or hard-drive at that time. And when half a dozen coppers have been spreading lies where you live your a kiddie fiddler someone will have put that on-line and no doubt any jury will be contaminated as no-one can resist looking up, or getting a family member to lookup, a defendants name once their on a jury these days... And the damage done by the long delays of getting devices forensically analysed leading to years on remand or bail is already well known.

0
0
Black Helicopters

Time to open up.....

my wifi connection to all and sundry.

Plausible deniability is my middle name.....

9
0
Big Brother

Could someone recommend a VPN?

or two? Ideally not based in the US...or any of the 5 eyes TBH!

6
0

Re: Could someone recommend a VPN?

openvpn.

Set up your own on a rented VPS somewhere outside the UK/US (and not owned by a UK/US company).

It should cost you between £3.25 and £5.00 pcm

Make sure you don't keep logs.

Better yet, use Tor.

3
0
Silver badge

Re: Could someone recommend a VPN?

If you are only trying to avoid mass surveillance pretty much any vpn will do. There will always be a need for targeted surveillance, and as long as it requires an effort and has some oversight then I'm prepared to put up with it.

It's this 'Collect everything, from everyone' aspect that just about anyone in the public sector will be able to view that I object to - it's just to damned easy to abuse this kind of power.

Just keep moving yourself above that low bar and avoid doing things that will attract *serious* attention and this becomes a war of attrition. It's always been a lot easier to make things harder than it is to make things easier, so we should manage to stay ahead of the game*.

*This assumes they don't make encrypted traffic illegal of course. It would be totally idiotic and financially suicidal to do so, but I still wouldn't put it past them to actually try.

17
0
Anonymous Coward

Re: Could someone recommend a VPN?

except TOR is slow AF since all it's connections seem to get routed through to somewhere in the US... (well they did the last time I looked at the TOR node map)

0
0

Re: Could someone recommend a VPN?

Not just VPN - you want a DNS provider who isn't your ISP. Your browser doesn't actually ask your ISP for a URL, it asks to set up a connection to an IP address (though your ISP might snoop any unencrypted packets to see what else it can find, and for SSL that might leak the domain name), and it gets the IP address by asking a DNS provider for it (which typically defaults to your ISP's caching DNS server.) By doing DNS lookups somewhere else, you can reduce the amount of data your ISP collects. This doesn't always keep the snoopers from seeing it (e.g. anycast-based DNS servers like Google's 8.8.8.8 will typically connect you to their nearest server, which will typically be in your country), but it does increase the work they need to do, and you can further separate the queries in time by caching DNS results in your computer.

0
0
Silver badge

Re: Could someone recommend a VPN?

Yes, but how would you know they are not working for GCHQ?

0
0
Silver badge

Re: Could someone recommend a VPN?

@Mage

Yes, but how would you know they are not working for GCHQ?

I have less of an issue with GCHQ and security services, subject to proper oversight, but it is the inclusion of non-security service busybodies that is the issue. Think of the children? Well, if there is a child protection/safety issue, then whatever organisation can/should get the Police involved.

1
0
Silver badge

Re: Could someone recommend a VPN?

If you live in a Five Eyes country, you probably would be more at risk using externally-based facilities (possibly including TOR). In the US, at least, legal protections are much stricter on (legal) residents than they are on those in other countries who are not US citizens. I have not seen anything detailed about it, but suspect that there are side agreements among Five Eyes governments to not target (or to be gentle about targeting) each other's citizens.

None of that would apply to external communication endpoints. The applicable legal protections might not be honored, but they might, and for the US, at least, there is some evidence that they are. Where they are, they might be effective, and that is better than the case where they do not exist at all.

0
0

Give me six lines written by the hand of the most honest of men, I will find something in them which will hang him - Cardinal Richelieu

19
0
Silver badge
Pirate

"Give me six lines..."

Hey, Prime Minister- can I have your autograph?

9
0
Slx
Silver badge

At least you won't have to worry about all that awful red tape from Brussels protecting your privacy anymore.

Just lie back, think of England and all the freedom and the greater efficiencies you can now enjoy.

12
1
Silver badge

Just lie back bend over, think of England and open wide.

FTFY

1
0
Silver badge
Happy

Never I'd ask this question...

Fellow UK commentards,

suggestions for VPN providers please?

I have no idea how they work, but I can figure most sh!t out fairly quickly, all helpful suggestions welcome...

Cheers,

Jay.

1
0
Anonymous Coward

Re: Never I'd ask this question...

You start with discarding the first page of Google search results (who, by the way, will have logged your search, so maybe use DuckDuckGo instead, or startpage.com).

Next, you evaluate where they actually are - geo-locate the IP address of the service (use http://www.ipligence.com/geolocation, for instance). If it's UK or US, forget it. Germany is still relatively OK. Then you work out who the actual company is and where they are based. Again, if in US or UK forget it as they can be forced to divulge data without too much in the way of due process.

After that it's more a matter of testing throughput - if someone offers you a VPN of speed X, it means they have to handle a dataflow coming in from whatever Internet location you access as well as the data flow outbound towards you.

That should get you going.

4
0

Re: Never I'd ask this question...

Froot VPN, based in Sweden with higher privacy laws than we have, and they don't keep logs anyway.

7
0
Silver badge
Pint

@AC Re: Never I'd ask this question...

AC,

thanks, something to start with.

Re speeds & stuff, even though we're in the middle of Devon, we get 50 down / 100 up on our broadband, could that have any bearing re potential VPN providers on my 'shopping list'?

Your help is much appreciated, please have one on me!

Regards,

Jay

1
0
Silver badge
Happy

@Farcycle: Re: Never I'd ask this question...

Farcycle,

thanks matey.

Jay

0
0
Anonymous Coward

Re: @Farcycle: Never I'd ask this question...

Re speeds & stuff, even though we're in the middle of Devon, we get 50 down / 100 up on our broadband, could that have any bearing re potential VPN providers on my 'shopping list'?

It appears your speed will not be the issue, but their speed might be. It's not as easy as just bandwidth, there's also the question of how much contended it is (how many people share the same pipe) and where their exit points are.

The Swedish provider FrootVPN suggested by @Farcycle looks indeed interesting, just be aware that Sweden has the FRA law - a law that facilitates the intercept of specifically foreign traffic. It's still far better controlled than laws curtailing UK law enforcement, but it exists for a reason..

1
0
Anonymous Coward

Re: Never I'd ask this question...

I use this one:

https://www.slickvpn.com/

1
0
Anonymous Coward

Re: Never I'd ask this question...

If you're technically skilled and can configure OpenVPN or one of its cousins, then get a VPS (Virtual Private Server) with a European provider (excluding Scandinavia, including Russia) and set it up yourself. OVH for example are a reliable option and they have stood up for their users before.

It's not actually going to make you any safer, but it is a good way to make a statement.

1
0
Bronze badge

Re: Never I'd ask this question...

ixquick?

1
0

Against British Law

This is purely and simply against the law.

It makes a mockery of Anti discrimination laws that are currently in statute, protecting LGBT individuals so its impossible to implement. And that's just an example off the top of my head. It is illegal under UK law to reveal someone's status without their express permission. This would out every single LGBT individual in the UK so fast their feet wouldn't touch. Expect privacy for your 3 year old trans child? Yeah right, social services will know before you can sign up to the mailing list.

Oohh look, this person was researching cancer or hiv treatments - let's blackmail them by threatening to tell their employer. Ooh this student is researching and doing a modern day Kinsey report.. Paydirt... And hes black? Double Paydirt and he's Muslim??! *cue a when Harry met Sally scene* or that overlogging episode from South Park...

I think our German royal family should either get the chop in their entirety or sent back where they came from. Danny Dyer might be a rude, arrogant chimpanzee of a man, but at least he's English (sorta). We could always have an independent royal complaints committee - three strikes and you're impaled up the bottom in Hyde Park.

And why, pray tell, do the food standards and anything to do with Wales need to know about my personal information? The only reason I'd go there again (family holidays, it didn't end well) would involve the more modern denizens of Bovingdon tank museum and a broad interpretation of "omelettes & eggs".

Heinrich Himmler must be laughing himself sick!

I'll have to ring Putin and see if he's got any Junin going spare... A nice dose of irony that, wiping out the conservatives with a Argentinian disease..

15
0
Silver badge

Re: Against British Law

If the UK had stayed out of the continental war in '14, all of this could have been avoided.

0
0

Re: Against British Law

just to say i love you. I couldn't agree more with your comments. i personally would question why individuals privacy is stored and shared.. yet the legislators are private from inspection.

i truely cannot believe this sh*t has gone through completely untouched (well.. not significantly). The fact its been happening for years .. nobody bats an eyelid.

but.. if it's been happening for years... why are such events as 7/7 etc.. not stopped.

Surely the gov "spies" need to target the bad sites? not their visitors every personal detail??

its a huge open door of the nanny state psych. and gone unchallenged. In the years of poll tax, we overthrew and changed the law with displays of public dissatisfaction. why are we not doing that now??

i'm sickened.

hugs

3
0

Re: Against British Law

7/7 wasn't stopped because it wasn't in the interest of the government to stop it. They were warned that certain people were looking for ammonium nitrate fertiliser who didn't have any reason to want it. I know because it was a member of my family who bloody warned them. They ignored the warnings. These charming gentlemen managed to buy it off farm anyway (despite being followed by piggies for months) ... And then the police tried to put the boot into my relative, who told them in no uncertain terms to, as the Plymouth Brethren might put it, to "go *bleep* thyselves, up the fundament, lacking the soothing balm of lubricant".

There are people who will tell you 9/11 was a false flag operation, including fbi/nsa senior employees. I can't help wondering whether it was known all along what was being planned and 7/7 was allowed to play out to get us, amongst other events, to where we are now.

There are some seriously sick individuals in government, Theresa May is just the visible tip of the turd burg and we just steamed into it at 22kts.

Incidentally, I think the sociopaths charter even breaks Magna Carta! Isn't that a pleasant thought?

6
0
Anonymous Coward

Re: Against British Law

"i truely cannot believe this sh*t has gone through completely untouched"

I know. Brexit distracted everyone and pushed the door wider open. El Trumpo created even more distraction.

We've held this off successfully for years, but someone dropped the line somewhere...

4
0
Bronze badge

Re: Against British Law

Yes, congratulations your maj on becoming the ultimate sock puppet! ' Who gives a fruk, not me! Wills and Harry, well, they'll just have to take there chances'. 'Not here for much longer so who gives a fruk what I buy from Bourdon House anyway'?

0
2

Who do I sue?

As mentioned in previous comments someone somewhere will hack in and obtain all this stored info. The question is who do I sue for failing to keep my data safe?

a) The ISP because they suffered the data breach

b )The government because they forced the ISP to retain this information

c) Myself because the above will have iron clad protection from being responsible for any loss of data and I should have used Tor and a VPN running through another VPN to a satellite that encrypts the encrypted data and downloads it to another PC through another VPN (can't have too many), 3 decryption programs, back through TOR and then to my PC - so it is all my fault.

4
0

has this been asked of these people....

Do we have a right to know if our data has been accessed? And when? And by whom? And for what reason?

We don't even know about the framework in place to monitor the requests for information.

7
0
Silver badge

Re: has this been asked of these people....

Don't we have a law where we can request the data held on us by public bodies so that we can correct anything that might be wrong?

0
0
Silver badge
Trollface

Sweepstakes

Ok, now this shitshow is law, time for a sweepstake or three. Closest guess to the correct date wins 100 internet points*

1) Time until a civil servant/copper/fireman/ambulance driver etc. gets caught looking up the records for their ex/friend/SO/parent/favourite celeb?

2) Time until a civil servant (etc) gets caught selling details of a lookup to the press. 50 bonus points if you can guess which organisation this will be (The Met has already been picked)?

3) Time until there's a large scale breach exposing the details of more than 100 people?

* Internet points cannot be used, transferred or sold. They are in fact completely useless, but they might earn you 20 hours of community service.

12
0
Silver badge
Facepalm

Re: Sweepstakes

You forgot 2(a)

How long until said civil servant leaves the results of a search on an unencrypted USB stick on the bus.....

4
0
Anonymous Coward

Re: Sweepstakes

What? You don't think one of those civil servants (agencies) will sell the data to the highest bidder?

0
0

Of course, with my tinfoil hat on, it could be that they already keep all this data and the Act is just there so that they can use it in evidence.

6
0
Silver badge

This law will probably allow them to legally off-shore all the databases. Won't that be fun.

0
0

Commercial suicide

I just had a thought, this bill will murder investment in the UK.

Imagine it,

You want to send sensitive company data to any employees, securely, you can't.

You want to leave said data on an intranet with web access securely, oh look, you can't.

You want to research a company with a view to a takeover, in private, hah some chance

Even if I'm being overly paranoid, if companies haven't legged it because of brexit, they'll be leaving in droves if they can't rely on secure internet as a general principle.

It's commercial suicide.. Especially since we're a service economy.. Cue the Jarrow Dataminers strike 2017..

12
1

Re: Commercial suicide

Just a Mrs May wanted the UK to become a world tech empire to make up for brexit losses.

You cannot make this shit up.

13
0
Silver badge

Re: Commercial suicide

You want to send sensitive company data to any employees, securely, you can't.

=> PGP will protect the data. If sending the data is authorized, would the metadata matter?

You want to leave said data on an intranet with web access securely, oh look, you can't.

=> On an intranet with web access: Does the act really cover internal transmission? Surely you did not mean web access from the public Internet and securely in the same sentence.

You want to research a company with a view to a takeover, in private, hah some chance

=> For those of us lacking the knowledge and imagination, it would help to have a plausible scenario in which searching public sources would be a problem.

Even if I'm being overly paranoid, if companies haven't legged it because of brexit, they'll be leaving in droves if they can't rely on secure internet as a general principle.

=> As I understand it, the act has little to do with Internet security, but something, maybe a lot, to do with privacy of some kinds of information in some circumstances.

2
0
Silver badge

Words to the Wise which will not Trouble the Foolish

It is one thing knowing of second and third party browsing histories, it is quite something else completely different, to know what to do with the information in order to extraordinarily render ones position safe and secure for emerging technologies and renegade operations.

One trusts, or is it that one can only hope, that the Royal Household has competent knights on their team au fait with the delicate intricacies of such plays in Great Games. To be found out as a naked emperor, as all hapless fools are ensured and assured to be, guarantees crowns and jewels lost.

1
1

Re: Words to the Wise which will not Trouble the Foolish

I'm just waiting for Buckingham Palace to announce that Sir Talbot Buxomly will be taking up his duties in reference to the above..

Prince Charles : "Is he qualified?"

Journalist "he's a violent, bigoted, mindless old fool"

Prince Charles: "Ah, somewhat overqualified..."

I bet if Ben Elton and the team behind Blackadder had ever pitched a script like modern reality they'd have been told to go sober up.

5
0
Bronze badge

Re: Words to the Wise which will not Trouble the Foolish

My heartfelt contrafibularities for the Blackadder the Third reference.

I've just installed Opera on all of my computers. It may not be the best browser, but it does have a built-in VPN and I'm not making it easy for these bastards on general principle. Given the history of misuse of law in this country there is no chance whatsoever that "those with nothing to hide" will be safe from anything.

I also very much doubt the legality of this under EU law, but at best that's a temporary reprieve, it'll just resurface in a few years.

1
0

Re: Words to the Wise which will not Trouble the Foolish

@amanfromMars 1

Hello amanfromMars, Greetings!

Not being offensive or anything, just reading your (and previous) prose and am truly curious.

Were you, in your youth maybe, of the hippy persuasion, and possibly a little over enthusiastic with the extended dropping of a certain acidic compound?

Long, long ago, some foreign cretin once (without my knowledge) slipped me some inside a soft-centred square of chocolate in a Continental canal-side bar, and - after I got over the odd behaviour of my arms wanting to float up towards my head every time I took my eyes off them - I spent a happy few hours watching regiments and battalions of bricks doing a march, wheel and counter-march routine along the opposite canal wall. Interspersed with the fantastic multicoloured rippling wash of small boats along and amongst the marching bricks it was an extraordinary experience - and yet, there's something about your prose that immediately reminds me of that sunny (and rainbow coloured) afternoon.

Or are you perhaps an admirer of Lewis Carroll's 'Jabberwocky'?

No offence meant I assure you, just honest curiousity about your unique style.

2
0

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2017