back to article UK citizens will have to pay government to spy on them

If having the UK government trawl through your internet history and phone calls wasn't enough, it turns out that people will have to pay for the pleasure. Speaking at a Commons Select Committee hearing this week, internet service providers (ISPs) warned that the costs of implementing the system outlined in the government's …

  1. Neil Alexander

    Insult to injury.

    Trying to understand exactly why the Government would think that people actually want this sheer violation of privacy in the first place, let alone why the Government would think that we want to pay for the privilege.

    1. Anonymous Coward
      Anonymous Coward

      Re: Insult to injury.

      why the Government would think that we want to pay for the privilege.

      the Government gives a flying monkey fuck about whether you, me, or anybody "wants" to pay for being spied upon. The plebs will be spied upon and the plebs will pay for it, because they can do shit about it.

      1. Flywheel Silver badge

        Re: Insult to injury.

        .. and following on logically, if I have to pay to be spied on, surely I can get a copy of what's being stored without paying another bleedin' tenner to the FOIA drone?

    2. Mark 85 Silver badge

      Re: Insult to injury.

      They're following the Chinese model where the family pays for the bullet. Only the users in this case, will also have to pay for the gun and the firing squad. I'm sure there's more cash to be extracted but that would require a government grant to do an in-depth study.

      1. Anonymous Coward
        Anonymous Coward

        Re: Insult to injury.

        you beat me to it. Have an Up Vote.

    3. Otto is a bear.

      Re: Insult to injury.

      Um, sorry, but we pay for everything our government does to us, or for us, why would you think it was any other way. It just comes down to how they get the money. Where would you expect them to get the money?

  2. Frederic Bloggs

    15TB?

    Is that all? On a 1Gb link? In a year?

    1. Old Handle

      Re: 15TB?

      That does sound surprisingly low. If I'm figuring right that's only 33 and a third hours of use at capacity. Obviously most people don't use their connection at capacity anywhere near all the time, I still find this somewhat hard to believe.

      1. Paul Crawford Silver badge

        Re: 15TB?

        The gov is not asking for *ALL* data to be stored, only some woolly-defined meta-data like the URL of each site accessed. I'm guessing his figure is based on the proportion of data seen in such a link.

        Of course, if most folk run browser plug-ins to randomly poke sites every few seconds that could go up massively...

        1. Dr. Mouse Silver badge

          Re: 15TB?

          I'm guessing his figure is based on the proportion of data seen in such a link.

          Nope:

          "on a one-gig connection... there would normally be 15TB of data a year going through it. Even if a small proportion of that is deemed "communications data," it will still amount to enormous quantities of data that need to be stored."

          He is saying that a normal 1Gb link would see 15TB/year pass through it. Less than that will need to be stored.

          I don't find it that surprising that the quantity of data is so low. People (individuals and companies) want the internet to be fast when they need it. They will spec the pipe so that it is fast enough for what they need when they want it to be fast, but it will be virtually idle much of the time. ISPs count on this, and view those who consistently max out their pipe to be "abusing" the service.

        2. Alan Brown Silver badge

          Re: 15TB?

          "The gov is not asking for *ALL* data to be stored, only some woolly-defined meta-data like the URL of each site accessed. "

          A wget randomiser could fill those disks without impacting bandwidth much.

          Civil disobedience. Would the ISPs then start charging for accessing too many web pages?

          1. NumptyScrub

            Re: 15TB?

            A wget randomiser could fill those disks without impacting bandwidth much.

            Civil disobedience. Would the ISPs then start charging for accessing too many web pages?

            No, the government would just make "using technical measures to tamper with metadata retention techniques" a crime. After all, nothing to hide, nothing to fear.

            Remember kids, any time you hear a politician state "nothing to hide, nothing to fear" the correct response is "can I have a copy of your expenses claims for the last 12 months then?" ;)

    2. phuzz Silver badge

      Re: 15TB?

      I guess it depends on who's using the connection, but in our house we have five people sharing a 150Mbs connection, and we average between 500 and 800GB per month transferred (thats a combination of up- and download), which is around 8TB per year.

      I'm not sure if we'd use more than double that even with a much faster connection, there simply isn't anything else we'd use our connection for.

    3. Anonymous Coward
      Anonymous Coward

      Re: 15TB?

      I have a 1Gbit home fibre connection, up and down. I only use marginally more data than I did on my "up to" 24Mbit connection, around 300-500GB a month. Looking at the quoted stats, I guess I'm not a heavy user any more :)

      The main difference is that the connection is now idle most of the time, because things complete in a fraction of the time. Its not really about speed, its about percentage idle. If I was billed at 95th percentile speed, like a commercial fibre connection, I'd probably not hit 512 kbit.

  3. Anomalous Cowturd
    Black Helicopters

    at an internet governance meeting in Brazil...

    Oh, the irony.

  4. John H Woods Silver badge

    Save your country money ...

    ... do your duty as a UK citizen.

    I intend to. If this bill gets passed, all internet connections from this household will be summarised by a single Internet Connection Record per year.

    2016-01-01 00:00:00 connection to xyz.vpn.ch:443

    ... approx 200TB data transferred

    2017-01-01 00:00:00 connection to xyz.vpn.ch:443

    1. gerdesj Silver badge
      Childcatcher

      Re: Save your country money ...

      I'm in the process of enabling Perfect Forward Secrecy on several 100 IPSEC phase 2s. Also, all P1s and 2s are getting a pretty hefty move up the algo and hash list. PSKs are random MD5SUMs and will be changed every few months. For added fun, source and destination IPs change every now and then within their block. Some of them shift a darn sight more data than 15TB per year.

      My web servers get an A+ at Qualys, even MS Exchange (behind HA Proxy)

      There's still a lot more to do yet.

    2. eJ2095

      Re: Save your country money ...

      ALready doing the same

      using ipvansih

  5. Pen-y-gors Silver badge

    Pay for the privilege?

    It's already here...

    UK court charges: nick some grub because you're broke and get fined and also hit for hundreds of pounds in "court charges"

    Recent news report about USA: people getting charged up to $70 per night to stay in prison. Get released owing thousands of dollars. Probably have to rob a bank to pay it off...

    1. Rich 11 Silver badge

      Re: Pay for the privilege?

      Probably have to rob a bank to pay it off...

      At least that would make a change from people having to pay a bank only to be robbed.

    2. Dr. Mouse Silver badge

      Re: Pay for the privilege?

      people getting charged up to $70 per night to stay in prison.

      I agree with the principal of charging people to stay in prison, up to a point. Why should the state pay for their accommodation, meals etc. when they would have to pay for that on the outside? However, the charges need to be reasonable, there needs to be the opportunity for them to earn enough to cover it, and the repayment terms on any debt once they left would need to be fair (as in not so onerous that it pushed them into more crime). Those with savings, investments, property or outside business interests should have to use them to pay towards the costs, too (as long as that doesn't end up leaving kids short).

      1. Anonymous Coward
        Anonymous Coward

        Re: Pay for the privilege?

        Well when i get older i (if i can remember by then) intend to commit a crime get a life sentence and get locked away in Jail. four walls a roof, heating Water, 3 meals a day, Washing facilities, a bed and medical care.

        Far better than a care home. and I speak from experience of seeing old people in some and of being in "sheltered Accommodation with care" myself for a while.

      2. Dr. Mouse Silver badge

        Re: Pay for the privilege?

        Could someone please explain why I get downvoted for my comment above?

        I'm not being arsey, I would just like to know the arguments against.

        1. NumptyScrub

          Re: Pay for the privilege?

          First rule of downvote club, don't talk about downvote club ;)

          It is however potentially that some people saw the first inklings of a revisit to the "poorhouse" concept there; people in prison being used as indentured servitude ostensibly to "pay for their incarceration", inevitably ending up being a source of revenue for their incarcerators, and eventually being treated as such.

          From a human perspective, IMO it is far better to keep prisons as a cost centre rather than a revenue stream, it avoids all the potential exploitative behaviour in the first place.

          1. Dr. Mouse Silver badge

            Re: Pay for the privilege?

            inevitably ending up being a source of revenue for their incarcerators, and eventually being treated as such.

            Ah, OK, I'd never considered it like that. I see your point. Thanks.

            It doesn't necessarily change my mind completely, but I'll certainly consider that angle and adjust my views accordingly.

  6. nematoad Silver badge
    WTF?

    Eh?

    "...far larger than the $175m"

    Would that be at the Bureau de Change rate or the official one?

    There might be a large difference.

    Surely the British government will be using the £ not some sort of foreign money.

    1. Anonymous Coward
      Anonymous Coward

      Re: Eh?

      British government will be using the £ not some sort of foreign money.

      Looks like the Reg have offshored their copywriting.

    2. kierenmccarthy

      Re: Eh?

      Sorry about that - now fixed.

      Kieren

  7. Anonymous Coward
    Anonymous Coward

    They already have the data from the boxes in ISP's and cuts in the mainline internet connections.

    Does anyone else think this is a bit dodgy and just a way to avoid admitting the obvious and keep access to all the data?

    Has anyone thought of the implications of ISP's having all this information? What protection do people have that the staff at the ISP themselves will not abuse the information or sell it off to the highest bidder? Who is going to determine the hardware, the database structures, the method of collection, the filtering of data?

    Another reason I believe they already have access to all this data is recent trials and investigations by the police where they state websites visited or text messages sent. You could say they lifted them off the computer but I wager anyone that even the most stupid potential criminal would know to turn privacy mode on when searching for things they shouldn't be searching for.

    I also fully expect the ISP's to all up the prices by quite a bit and claim it's due to the IPB.

    Finally given all the arguments against and reasons it just won't work I really don't understand why the general media aren't against it at all, do they not realise it will jeopardise their profession or are they going to get the same protection as M.P.'s or access to the data?

    Too many questions, I'll just say the government can fuck off if they think I'm paying for it,

    1. Anonymous Coward
      Anonymous Coward

      I'll just say the government can fuck off if they think I'm paying for it,

      Whilst I sympathise, what exactly will stop the useless, self interested, ignorant fuckers? The vile rabble of public school plutocrats on the government benches will support it because they either can't think for themselves or don't care, and the vile rabble of big government tossers on the opposition benches will back it because they love the idea of more government power and more government control.

      Wankers, the entire shower of piss in both houses of parliament. I know that I was celebrating Fawkes' valiant attempt on the 5th, not his failure.

      1. Neil Alexander

        "Whilst I sympathise, what exactly will stop the useless, self interested, ignorant fuckers?"

        Mutiny?

        1. Old Handle

          I think you mean revolution. It's not a boat.

          It worked for us though (at least for a good 200 years or so, we may be overdue for another).

          1. Neil Alexander

            "I think you mean revolution. It's not a boat."

            The UK is a lot like a boat, in a "sinking ship" kinda way.

          2. TimeMaster T
            Mushroom

            Revolutions

            Revolutions are like Earthquakes. The more time between them the worse they are when the hit.

        2. Anonymous Coward
          Anonymous Coward

          re mutiny

          I'm afraid you can't do that, Dave. This is not allowed in a democratic blah blah blah, moreover, it's a highly extremist view - you're encouraging violence, naughty boy! Such publicly voiced opinions can and shall be swiftly deal with with a full force of legal measures available to the democratically chosen blah blah blah.

      2. Anonymous Coward
        Anonymous Coward

        I thought everyone celebrated his valiant attempt every year?

        If they piss on the peasants then they had better be ready when those peasants piss back. I know my back won't be against the wall.

        Viva La Revolution.

      3. P. Lee Silver badge
        Facepalm

        >I know that I was celebrating Fawkes' valiant attempt on the 5th, not his failure.

        er... you think a catholic monarchy would be an improvement on the situation?

        We'll have to agree to disagree on that one.

        /confused

        Public school plutocrats or not, you'll find that all varieties of government tend to grab power, whether they be Communists, Nazis, or Tories or Labour. They all operate under the illusion and lie that if you have enough control over people and force them to do what you want, then you can make things better.

        It simply isn't true. It is demonstrably not true. In the twentieth-century we tried all sorts of ways of forcing people to comply with various philosophies. They all failed. The philosophies were shown to be deficient, people worked around them until their failings were so obvious that they fell.

        Tech brought a new frontier. The internet was thought to be so decentralised that it was impossible to control. That turned out be untrue when people saw the scale of computing Google could do and found out (though it should have been obvious) that the government was operating at a similar scale, or just snaffling Google's data. Having failed to control people through physical controls, even liberal governments have seen IT as a way of having informers without the need to recruit informers. While we all suspected it, when a "handler" went rogue it was all too obvious to ignore what was going on. People went back to being sneaky. Encryption systems proliferate and the "informers" find themselves shunned. Still not sneaky enough (in my opinion) but with databases being made official and shunted off to the private sector, it is just a matter of time.

        I don't know if anyone has noticed the encryption tech ending up in chips. Forget TLS, just wack up a full IPSEC tunnel. Get the OS to try for a tunnel to new servers and to old ones every now and then and keep a database of what can be encrypted to where. Until this becomes the default and easy to manage/see changes, we are going to have problems. Allow policies such as "don't bother with IPSEC for RFC1918 addresses on wired LANs.

        I think we are getting there. Certificate Patrol, no-script et al are bringing security to the fore on the desktop. There's still a bit more integration work to do.

    2. Anonymous Coward
      Anonymous Coward

      [...] l would know to turn privacy mode on when searching for things they shouldn't be searching for."

      How does privacy mode actually work?

      Unless it actually erases the space the files occupied then their content will remain retrievable until that disk free space is re-used. Even if they only store the files in ram - then the system swap file also needs to be cleaned afterwards.

      What happens to the local storage used by web pages for what might be termed super-cookies? Some sites won't work if they are refused access to that store. IIRC in the past even if you asked for cookies to be deleted - that other local storage was persistent,

      1. moiety

        Has anyone thought of the implications of ISP's having all this information?

        ...and one of those ISPs is TalkTalk. Sleep well.

      2. Anonymous Coward
        Anonymous Coward

        Re: How does privacy mode actually work?

        Thank you for answering my question with a concise response, I just thought I would play devil's advocate for a while. The number of hdd's I've had to recover and what gets recovered is amazing. To be fair that's nothing once this bill gets onto the statute books...

    3. werdsmith Silver badge

      Has anyone thought of the implications of ISP's having all this information? What protection do people have that the staff at the ISP themselves will not abuse the information or sell it off to the highest bidder

      LOL, you are funny. You think this is new? From 2001 to 2008 I worked in a company that processed and mined all web activity for a number of ISPs, it was used for marketing but would have been just as useful to snoopy government. The ISP customers had agreed to this in the terms and conditions that they didn't read, but the information was monetised to the max. Beyond that the business was super-hot on the DPA and the ISPs went to great lengths to protect the data from getting into the hands of anyone that didn't pay for it........

      There was already an impressive knowledge of individuals activity way back then, if people are concerned about their privacy now then what were you worried about for the last two decades?

      1. Anonymous Coward
        Anonymous Coward

        I worked in a company that processed and mined all web activity for a number of ISPs,..

        So werdsmith, you are basically one of the fuckers we should all be out to put up against the wall come the revolution. Wanker.

  8. Anonymous Coward
    Anonymous Coward

    Today, we remember the millions of people who made the ultimate sacrifice

    so that we could be spied on by a UK totalitarian government rather than a German totalitarian government.

    What an utter waste of their lives.

    Yet a significant proportion of the UK population can't wait until Cameron abolishes European human rights legislation. What hope is there?

    1. Destroy All Monsters Silver badge
      Holmes

      Re: Today, we remember the millions of people who made the ultimate sacrifice

      Actually Wilhemine Germany was quite far from a totalitarian government even after Hindenburg had put the "Total War" economic suicide train into motion. They also didn't want to invade the UK. Like, at all.

      It's true that Bismarck is the founder of the modern social-democratic "bind the the citizen to the state from birth to death" doctrine, which leads to all kind of excesses, but still....

      1. werdsmith Silver badge

        Re: Today, we remember the millions of people who made the ultimate sacrifice

        They also didn't want to invade the UK. Like, at all.

        Of course not. Wouldn't want to upset their cousins would they?

  9. TomS_

    I dont know why anyone is at all surprised by this news story.

    If you followed what just happened in Australia you'd have seen it coming from miles away.

    There also seems to be a distinct lack of organisation and action from the ISP/telco industries surrounding this topic. At least in Australia I saw discussion months before the bill was passed about how we didnt want it and how bad of an idea it was. But still there was no unified protest from the industry to Government. Sure some individuals, companies, and other organisations wrote about it, but the vast majority just seemed to sit there and wallow in the inevitability of having to implement it.

    I see very much the same thing happening here in the UK, except with far less discussion.

    1. phuzz Silver badge

      Er, if you read the fourth paragraph of TFA you'll notice a quote from one James Blessing, who is the "Chairman of the Internet Service Providers Association".

      That's the industry making a united protest right there.

      (and given that "we're going to have to increase your broadband bill so the government can spy on you" has been the main narrative on the news today, I'd say it worked ok)

  10. David Pollard

    Are advertisers, trackers etc. to be stored too?

    Will there be some means to screen out all the calls to additional addresses besides the page that the user has requested? ABP, Ghostery and NoScript suggest that there may be as many as ten or twenty additional requests for each page viewed.

    1. Mark 85 Silver badge
      Devil

      Re: Are advertisers, trackers etc. to be stored too?

      I am surprised that no one yet has given thought to "selling"...errr... "sharing".. yeah, that's the ticket. To sharing all this connection information to 3rd parties (advertisers!!!!) to assist in keeping the cost down for the punters.

      1. werdsmith Silver badge

        Re: Are advertisers, trackers etc. to be stored too?

        To sharing all this connection information to 3rd parties (advertisers!!!!) to assist in keeping the cost down for the punters.

        That stable door has been swinging in the wind for two decades.

    2. NeilPost

      Re: Are advertisers, trackers etc. to be stored too?

      ... and people wonder hy their Internet connection is slow and blame BT, and all the rest of the \isp's.

  11. Anonymous Coward
    Anonymous Coward

    One way or the other, the citizens of this country will end up paying to be spied on

    this must be the quote of the week, month, and year. But hey, so what?

    And let's remember, it's a one-way road, the noose goes only one way, ALWAYS tighter.

  12. gerdesj Silver badge
    Childcatcher

    Perspective

    Just to give you some idea of the storage required for this malarky: 4 x 80/20 FTTC connections for a small office of 20 odd staff of which 10ish are on site regularly. The netflow data for that lot with DNS and GeoIP lookups etc, stuffed into an Elasticsearch DB needs between 200-600MB per day. That's non duplicated. If that sounds steep, remember that one DNS look up is a flow, as is an entire 1GB download.

    Now, are the ISPs going to be forced to keep the data indexed and searchable? If so then they will need massive investment. If they only have to keep filling 100GB (say) MySQL flat tables and then move onto the next with raw flow data and no lookups, then less hardware will be needed.

    Now wouldn't it be hilarious if the Act forgot to mandate DHCP data to be kept as well ...

  13. Camilla Smythe

    Oh.. What?

    I thought the Doughnut Heads, and mates, were doing this stuff already. All the powerpoint presentations say they are. Are they now saying they were and are lying incapable useless blubber lips and if so where did they spunk the tax payers money?

    1. werdsmith Silver badge

      Re: Oh.. What?

      Of course they are doing it.

      But they need to legalise it and fund themselves.

  14. scrubber

    Don't we already pay for everything the government does?

    Either financially or in blowback.

  15. scrubber

    Dear government,

    VPN.

    Fuck you and all the minions I will put up against the wall when my revolution comes to pass.

    Damn, this isn't anonymous? Reg, what have you done to me? Cuba here I come.

  16. Anonymous Coward
    FAIL

    "Just as importantly, Hare pointed out that it is very difficult to distinguish between the data from different applications over an internet connection."

    Did that fucker just demand to be allowed to install Phorm boxes again?

    That's what this whole scenario seems to be turning into.

    I wonder if some government twat is looking out for his retirement plan...

  17. sysconfig

    Price hike is alright, if they communicate it correctly...

    Yes really. Imagine all ISPs being blunt about it:

    "Dear valued customer. As you have certainly heard in the news, our government now requires us to store all your Internet Connection Records. This sounds very opaque, and indeed it is. We will essentially be recording each and every move you make online so that law enforcement and selected third parties can retrospectively trace each of your steps. Naturally, the storage facilities which enable this enormous volume of data to be collected need to be paid for; the government has chosen to put the burden on us, and by extension on you.

    Consequently, the price of your broadband connection will increase by 25%, effective next year."

    This would hopefully create some awareness. At the moment it seems that Joe and Jane Public don't care at all. That'll change when it starts to cost money and they know why.

  18. JimboSmith Silver badge

    Also likely to put up mobile phone costs as they'll have to do this too.

  19. veti Silver badge
    Trollface

    Who the heck else did we imagine was going to pay for it?

    Either it'll be UK citizens as taxpayers, or UK citizens as borrowers...

    ... or UK citizens as internet subscribers.

    At least this way it affects the people who are actually incurring the cost (i.e. internet users), rather than all those innocents who don't even have a connection.

    Again, I hate to side with Theresa May of all people - but on this story? She's absolutely right. If this nonsensical, counterproductive and generally completely lunatic thing is going to be done, then internet subscribers are exactly who should be paying for it.

    1. sysconfig
      Coat

      Re: Who the heck else did we imagine was going to pay for it?

      "rather than all those innocents who don't even have a connection"

      Hey, are you suggesting that they don't deserve the added national security that this bill is supposed to provide? Of course they should be paying up, too.

      (Mine is the one with trainers in its pockets.)

    2. Martin-73 Silver badge

      Re: Who the heck else did we imagine was going to pay for it?

      UK citizens as potential criminals. Because nobody will tolerate this

    3. Seajay#

      Re: Who the heck else did we imagine was going to pay for it?

      Well ideally you'd like the terrorists and paedophiles to pay for it, Brazil style. Of course, post Snowden, they are probably all using Tails on a McDonalds WiFi connection so they'll be among the few people who won't be getting charged.

      But the big problem is that it gives spies the wrong incentives. If you gave GCHQ a big chunk of cash and told them that they could spend it how they like, they would probably decide that most of it was best spent on targetted intelligence. If you don't give them extra cash but force ISPs to provide them with a vast pool of data for (as far as GCHQ are concerned) free, they will obviously fish in that large pool, even if the value of doing so doesn't justify the real cost.

      1. veti Silver badge

        Re: Who the heck else did we imagine was going to pay for it?

        But at least McDonalds will be paying extra for their wifi connection.

        I think we can all agree that's a win, can't we?

  20. Winkypop Silver badge
    Big Brother

    User pays

    User obeys

    Double-plus good

    (We're there [1984], aren't we?)

  21. Anonymous Coward
    Anonymous Coward

    Yea just wait til they tell you you have to be chipped to buy or sell, make no mistake they want it and will propose it, these people are sick.

  22. NeilPost

    ... as with most government IT, it will end up as a disastrous folly.

    I don;t think anyone really needs to worry. Ambition far exceeds capability. There would need to be 1,000 Data Warehouses/centre's to run this, not the 2 for Microsoft and 1 for Amazon just to run their Azure and AWS services that they plan.

    If you doubt this, look at assorted IT fiasco;'s over the last 20 years - HMRC, Passport, Courts, CSA, NHS NPfIT etc....

    1. werdsmith Silver badge

      I doubt it.

      Because I know they already do it, because I worked on it 10 years ago.

    2. Naselus

      "... as with most government IT, it will end up as a disastrous folly."

      Agreed. If we're saying 15TB per year per 1GB connection, with a conservative estimate of 8 million superfast connections in the UK they'd already need 120 exobytes a year, just to store the information generated by the small proportion of UK connections on 1 gig lines. That's like 228TB of additional storage a minute.

      Even if we say that only 1% of the data is taken to be 'communications data', the government would need to add a new 3TB hard drive per minute just to keep up with the net connections of 1/10th of the population. It's a bit of a King Lear move, with Teressa May stamping her foot and demanding that the waves turn back.

      1. nematoad Silver badge

        "It's a bit of a King Lear move, with Teressa May stamping her foot and demanding that the waves turn back."

        I think you mean King Canute, don't you?

        1. Grumpy Developer
          Unhappy

          Canute is *almost* the word that springs to mind when I think about Theresa May.

  23. Charles Smith

    Add it to the Bill

    When we pay the ISP for the Internet connection we are used to seeing VAT added to the bill. The ISPs should be open and honest about this and add a line to each invoice showing the cost of the Spy Tax for each subscriber.

    Note: you will of course be paying additional VAT on the Spy Tax.

  24. Cwrw

    The people voted this Tory government into power

    You get what you voted for. There were options but they were ignored.

    1. Jason Bloomberg Silver badge

      Re: The people voted this Tory government into power

      37% voted for a Tory government. 63% voted for something else.

      It's our so-called democracy which is broken.

    2. Sir Alien

      Re: The people voted this Tory government into power

      Who you voted for is irrelevant today. Any other party in power would be doing the very same thing, even if you voted in Tories, Labour, UKIP, <insert party of choice>. It's almost as if the parties by name is simply a cover to simulate democracy.

      - S.A

      1. Intractable Potsherd Silver badge

        Re: The people voted this Tory government into power @Sir Alien

        Quite correct. The problem here is the snivel serpents in the Home Office. Every single person who becomes Home Secretary starts singing the same tune, and I *really* doubt that there is such hard evidence that "They" are out to get us that it immediately makes them think of this solution every time. The Sir Humphreys have their own agenda which always comes down to "we need everything on everybody". These people need identifying - the traditional reasons for their protected identity no longer apply, and it is more dangerous to freedom to allow them to keep their (effective) anonymity.

        1. veti Silver badge

          Re: The people voted this Tory government into power @Sir Alien

          Yeah, to blame this on the Tories is to forget Jack Straw, David Blunkett, Jacqui Smith, and all the other thugs who've got us to this position in the first place. They've all wanted to do this kind of thing.

          The Home Office has been completely taken over by the spooks and, worse, the police.

          I think this may be an inevitable consequence of the way we structure our government. A minister's job, like a manager's, is to balance the pressure they get from "above" - in their case, from the cabinet, parliament, and "the public" - against the pressure from "below" - the agencies they're supposed to be controlling. But the "above" pressure is coming from people whose attention is split every which way, whereas the "below" people are singlemindedly focused on their task. So unless the minister is personally inclined to be hostile to those agencies (in which case they wouldn't get the job in the first place, and if they did the cops would probably go on strike) - they'll win that contest every time.

          If anyone can come up with a viable alternative structure, in which the police et al aren't "controlled" by a single full-time agency, we might have a prayer of getting them back on our side. But until then, we're screwed.

  25. msknight Silver badge

    Personally....

    If this comes via the broadband bill, I can see households dropping down a package level... and that will likley hit next gen delivery companies like Netflix, Google, Facebook, etc. right in the video-stream.

    I'm still not budging from my ADSL line and not bothering with catch up servies either, despite optical having been recently rolled out to my village.

  26. Anonymous Coward
    Anonymous Coward

    options are...

    Recall of MPs Act 2015 - instigate a petition to recall your MP on the grounds you don't think they have your interests at heart any more

    Start a petition for you ISP, stating if they don't lobby to prevent it, you and all signers will leave them.

    Or just moan about it on here.

    Anon...well, it's allowed isn't it?

    1. Naselus

      Re: options are...

      "Recall of MPs Act 2015 - instigate a petition to recall your MP on the grounds you don't think they have your interests at heart any more"

      That's not a valid reason for a petition to recall under that act. The MP needs to have either been found guilty of a crime, or have been suspended from parliament. Nothing else is grounds for recall.

  27. Anonymous Coward
    Anonymous Coward

    IPv6 + IoT

    When they start to realize the sheer magnitude of it, they will just give up.

    1. Vic

      Re: IPv6 + IoT

      When they start to realize the sheer magnitude of it, they will just give up.

      Perhaps that's the answer- we all fill up our networks with IoT crap that sends a perpetual stream of useless drivel to its masters...

      Vic.

      1. Anonymous Coward
        Anonymous Coward

        Re: IPv6 + IoT

        I have an idea for a kickstarter project.

        an IoT device that just requests lots of pages, makes random sip connections. every second.

        either i can design this finance it get it crowd funded and try selling it. probably only selling a few.and then get the details of purchasers "appropriated" by the Government under some threat to life, limb, lively hood or freedom.

        or someone can hack some of the existing plethora of sh*t security IoT devices out there to do the same thing and have thousands of IOT zombies creating "millions" of data requests on "millions" of lines without the owners ever knowing. and with the defence i was hacked that should be interesting for all those court cases where people are accused of visiting dodgy sites or communicating with dodgy individuals.

  28. Spender

    So what...

    ...if we pay the ISP to record this data, or it's handed out from some government budget? The net spend will be the same. Saying that "the government" should pay for this is exactly equivalent to saying that the public should pay for this. Whether or not this comes from the public purse or through increased ISP fees, I imagine the net effect on my pocket will be approximately identical.

  29. Sirius Lee

    Why are the ISPs making such a fuss?

    The IPB is calling for ISPs to retain data about the sites we visit and hold it for a year. This is a small subset of the data they already routinely collect and store for much, much longer (and who knows what use the ISPs make of that data).

    ISPs operate what amount to proxy servers. The are well known bits of software used in most companies to make sure the company knows what staff are looking at and are not giving away the crown jewels. Just like web servers these routinely log the IP address and page request of user requests for a benign reason: to be able to trace technical issues if they arise. These logs can be text files or database but whatever form is used, the logs will be scooped up and added to the long backup as part of the standard disaster recovery process.

    The IPB doesn't ask for all the detail already, and routinely, stored. Instead it asks for the IP address. Put this into context. When you visit a site and your browser renders a page it may in fact be the result of tens or hundreds of requests as the browser separately retrieves images and other components needed to be able to render the page. All this detail is stored by the ISP *for every component*. You may remember that exploiting this information was at the heart of BT's 'Phorm' project a few years ago. By comparison, the IPB requires just a tiny fraction of this information is retained.

    The information required to be stored is my IP address and the IP address of the web site. An IP (version 4) address stored as text is 15 bytes so that's 30 bytes per visit. Say I visit 100 sites a day. That's 3K per day or 1MB per year or substantially less than size of a smart phone picture to hold my site visit information for a whole year. Lets suppose there are 40 million UK subscribers. That's a storage requirement of 40TB per year. The cost of a 4TB disk is now less than £100 so that's £1000 to cover the storage requirements for the entire country. Now I know the ISPs will use much more robust storage so lets say the cost is, really, 100x this amount £100K. That's across *all* ISPs. Its a trivial amount.

    Now the ISPs will know this. So the question is: why are they making such a fuss? Maybe there's concern that if they capitulated too easily it may provoke someone to ask why are they not making a fuss because it may expose the extent of the information about us the ISPs already hold and use in ways about which we have no idea.

    The US government is pursuing a case against Microsoft requiring they disclose email information held on a server in Ireland. A US Judge has agreed and Microsoft's appeal has been heard and is being considered now. The basis of the US government demand is that data held by any US company anywhere in the world can be requested by the US government - remember this has been approved by a US Judge. Virgin Media is owned by the US company Liberty Global. If Microsoft loses the appeal, it seems that the US government will be able to access all the browsing habits - not just the IP address - of all all Virgin Media customers because VM is, in fact, controlled by a US company.

    1. John H Woods Silver badge

      Re: Why are the ISPs making such a fuss?

      If all that was needed was Timestamp (you forgot that) and another 8 bytes to store two IP4 addresses, you might indeed get to no more than a dozen bytes per record. But there's a hell of a lot more going on than one connection per site, just have a look at your own connection log. (And remember all that DNS activity, as well as DHCP, as well as all the other various network activity your computer is doing even when you are not browsing.)

      But the thing is, 2 IP4s and a Timestamp would be worthless for the purposes of the IPB. It's a lose-lose --- either the data collection is indeed this small or it includes quite a lot more information. In the former case, the legislation is of much less utility than claimed, and in the latter it is of much greater intrusiveness than claimed.

      1. Lyndon Hills 1

        Re: Why are the ISPs making such a fuss?

        But the thing is, 2 IP4s and a Timestamp would be worthless for the purposes of the IPB.

        They want more than this - metadata. Many web sites (just as an example) can be hosted on the same ip address, so just having an ip tells you very little, you really need at least some of the url to identify roughly what was being requested.

        This of course only deals with http traffic. Email traffic would look different, as would IRC, FTP, Usenet, IM etc etc.

    2. Drefsab_UK

      Re: Why are the ISPs making such a fuss?

      If all they will have to record is a url and an IP address as you mentioned, that would not be quite so hard but that would still be harder than you imagine. You need to do packet filtering for each customer, because they don't want just your browsing history. You will need to identify from each TCP packet does it contain information that is wanted then either record it or ignore it.

      If you visit 1 website, there will be DNS calls (if not cached and not always to the ISP's DNS server), there will be often many separate calls for images, html, php, js, css and so on for each component of the web site. Often these sites are not hosting everything on one domain so there’s all the cross domain call's and their subsequent DNS lookup’s. You then have multiple protocol’s in the mix between HTTP and HTTPS. All of this is probably going to be going on for a simple site, when you hit bigger sites it gets more complicated with all the ad networks, embedded media, services on none standard ports etc.

      So to filter from all of that to get just the simple data you mentioned is a task in itself, and we have only looked at a simple web visit.

      One of the main problems is the bill does not outline technical specifics but does give the intent that they want the data to be useful to them and they want the lovely vague term of metadata.

      When you look at what is needed to be recorded to retain useful data for ALL communication, not just web browsing, but dns, email, irc, instant messaging, online gaming, IPv4 and IPv6, VPN’s etc you are looking an incredibly complicated task that will generate a LOT of data.

    3. veti Silver badge

      Re: Why are the ISPs making such a fuss?

      Incorrect. What the IPB asks for is - extremely vague, but by any reading it's a great deal more data than just IP addresses. It's "whatever data can logically be separated from the 'content' of the message".

      That could include, for instance, the complete TCP/IP headers of every packet sent. That's a metric crapload of data. If you download a movie, for instance - call it 6 Gb of data, it wouldn't be surprising for 1 Gb of that to be packet headers, which may have to be stored - or may not, but nobody will know for sure until a court rules on the subject, and it'd be a rash-to-the-point-of-reckless ISP that assumes it won't be required.

      1. Anonymous Coward
        Anonymous Coward

        Re: Why are the ISPs making such a fuss?

        The ISP will also need to keep logs of who was on what IP at any given time due to consumer grade NAT so many individual users may be on the same "real" IPV4 address at any time. the amount of data the ISP will have to keep to comply with the possible requests will creep up and up just for them to protect themselves from liability of not being able to supply the Govt with what they "request"

  30. M7S

    If they're really upset

    then they could just add it as a separate entry on each invoice. If significant, this would soon attract the attention of consumer advocacy groups.

  31. Anonymous Coward
    Anonymous Coward

    Did anyone seriously think we wouldn't have to pay for them to spy on us? Where did people think the money to pay for the spying was going to come from? This whole thing is disgusting but I find it staggering that the ISPs have basically rolled over and played dead when they, and eventually their customers, will be the ones footing the bill.

    1. Vic

      I find it staggering that the ISPs have basically rolled over and played dead

      I don't think they have.

      They are painfully aware that the majority of subscribers choose an ISP almost exclusively on price.

      So there's been precious little comment in the mainstream media about privacy, because Joe Average won't get worked up about that, even though we've known about all sorts of heinous activity since Snowden started telling us bou ti.

      But raise the prices - that'll get loads of people worked up. I think this guy is playing a blinder. This whole cost thing is simply a way to get people to think about the policy...

      Vic.

  32. Crisp Silver badge

    Everyone is going to need to start running a TOR relay.

    If the government wants information, then I'll give them more information than they can handle.

    1. Panopticon

      Re: Everyone is going to need to start running a TOR relay.

      It will make no difference if you use a TOR exit or not, Onion routing is not the be all and end all of privacy on-line did you actually watch the Matrix and realise what you where being told when the child said "Do not try to bend the spoon with your Mind, that is impossible!" "But instead, you need to realise the truth?" - "What truth?" "There is no Spoon!" - It's a reference to Plan9 from Outer Space and "Uri Geller", the "truth" is that there is no spoon 'IT's CGI'

      The Government is in a dilemma, you see people are slowly waking up to the "Truth!" you say you'll give them more information than they can handle!? Lol, the opposite is true, no information at all if you use a system that is more Unix than Unix with transparent file sharing - Terrorist's? Lol, idiots! When Tim Cook said "If you create back-doors that can have a dire consequence! He was totally correct..."

      The NSA are not programmers, they're 9 Candy running Rabbit LSD!

      1. Crisp Silver badge

        Re: Everyone is going to need to start running a TOR relay.

        The idea isn't to do all my surfing using TOR.

        The idea is to soak up my excess bandwidth with a lot of extra data by running a TOR relay node. This then provides The Powers That Be with an awful lot of encrypted chaff to separate from my encrypted wheat.

  33. PapaD

    VPN opt out

    So

    Do you think they will let me opt out of the additional payments, due to the fact that I pay for a VPN service, which means the amount of data stored on their servers about my browsing history is very small?

  34. Stevie Silver badge

    Bah!

    They already do and have been from the get-go, using a nefarious organization called The Inland Revenue to collect "taxes", which are used to fund the spooks.

    1. Panopticon

      Re: Bah!

      You can feel it when you pay your taxes, when you go to church, it is the world that has been pulled over your eye's to blind you from the truth, the truth that you are a slave, born into an invisible prison that you can not see, can not taste, can not touch... Until now.. Thanks to the interstellar Cat-V force! www.9front.org ("hackers need to do better" - was probably the final insult!)

      "Governments need to do better!", if they can't understand or use there computers in a nice way, then they should return it, to there supplier and ask for there money back!

  35. MR J

    I say we all band together to create a web crawling bot that runs from our connections and sends out request far and wide to everything!....

    20 million people have broadband, if we could get 1% of them to do this daily... hubba hubba at the data storage cost!....

    My family does about 10 gig of data every day (games, streaming, browsing, facecrap, twatter, spyspace) and I am sure that a lot will be triggered just by that....

    If you make it so expensive and difficult to do and use that it becomes worthless, then perhaps they would abandon it!...

    On a side note... DNSCrypt up and running now....

    If I could ask a question, it would be if there is a MP is that has a buddy that owns a data retention company selling hardware approved for ISP level data retention... Not that such things happen that way, but still..

    The biggest worry about all of this to me isn't the gov having it... It will be that the gov has it next year and then realise that its worth a lot of money if its "anonymized" and we can "opt-out" if we want, but due to cutbacks those opt-out request will be ignored (like our "care-data").

  36. dephormation.org.uk
    Thumb Down

    Why?

    If this is about legitimizing the illegal things that the UK security services have already been doing, why is there a need to impose more cost on internet users?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019