cancel
Showing results for 
Search instead for 
Did you mean: 

Computer Data Laws...

N/A

Computer Data Laws...

Now, I was under the asumption that an ISP can view only the headers of data being send and received from a user on their systen, and ONLY for those users. So can plusnet explain how they are doing "deep level packet inspection" on the packets to determin if they are P2P and if they should be shaped or not, also which protocols they are searching for (detailed please not just names) and if they have any plans to make said list any larger over time.

this has been asked in at least two threads, both, have either been ignored or given a fluffy non comital ans, which I personaly think is awful. If you are going to chang user accounts you may want to fill them in with what // how you are changing them.

Please respond to this.
13 REPLIES
N/A

Computer Data Laws...

I'm not actually sure if it would be against the law providing the data captured isn't stored or used for other purposes than traffic control (including activities such as IDS, traffic profiling/shaping etc)...
N/A

Packet Sampling for trafffic management Ivan

Hello buzzons,

My guess (and it is only a guess!) is that what PN are doing is capturing packet data (even at the deep level packet inspection as you say) which is used as a representative example or sample of packets (data) as a way to measure network traffic and how different services influence the network. My guess is that individual user data isnt used for this, so you or the individual cannot be identified.

**The data protection act is quite clear about how & when personal (individual) can be used. The data protection act is in place to protect the individuals rights to privacy, hence information held by plusnet or any other company shouldnt not be sold on or given out to a third party (such as selling you details to another person or company for a fee). ISP's do have to comply with the data protection act like anyone else. The data protection act was reviewed & updated no so long ago to include newer forms of data such as video,images, and phone records,etc. The only exception/s to the data protection act is with respect to misuse of computers or the internet for criminal acts such as electronic fraude & child abuse (ie. child porn), money laundering etc.

**The police can under certain conditions apply to a court or judge inorder to interface with an ISP's equipement for detection of criminal acts as mentioned before. I dont know if the proposed interfaces that were talked about previously in the industry & in the legal world some years back have actually now been implemented whereby every ISP had to have a special interface fitted for police requirements?

Ivan
--------------------------------------------------
F9 FOL Forum Moderator
F9 Broadband Premier 2MB User
Your Forum, Make Your Voice Count!
N/A

Computer Data Laws...

Ivan, the data protection act probably isn't relevant, however the computer misuse act, electronic intercept rules etc are relevant, but as you and I have said as this inspection is used to maintain the operational capability of the network it is likely to not fall foul of any laws.

(Otherwise potentially most IDS systems will be in breach etc)
N/A

Computer Data Laws...

There is the possibility that it could fall foul of the law though.

There are many things that happen in the UK that are illegal, yet the law agencies don't just turn a blind eye, but simply ignore full stop.

This is where the law conflicts with other public rights or interests. Be this through known conflicts of law or through very dated yet forgotten laws.

One such reverse example (where something written as legal, is infact illegal), is a law listed for Conwy in N Wales.

It is apparently very much legal to kill a welshman with a spear, after sunset, should he step within the town walls.

Well, very twisted old law indeed, but never the less, would be ignored and called murder these days.

With regards to data, there are some very interesting laws that protect the consumer, yet there are conflicting laws that allow companies around this (well not law, but protected rights).

Where a consumer is pretected from infringments of privacy, PlusNet are leghaly allowed to monitor traffic and act in the interest of the network based on said traffic.

It all comes down to a simple scenario. Can you proove that sending your <INSERT PRIVATE DATA HERE. EG AGE> accross the internet caused PlusNet to change your data, more than not sending it?

IE, if a network will enact upon data types, without regard for the actual contents, then it is not considered intrusion.

Another more real world example.

P2P networks can carry both legal and illegal data, as well all know. Taking the BitTirrent protocol, we will download two things.

1: A copy of one of the Star Wars films.
2: A copy of Debian linux.

If the illegal download was to suffer more than the legal download, then you would maybe have a case (the fact no personal data was transfered is the stickler). Because it would show that shaping was not just taking place on generic classes of service (EG, mail, web, p2p, usenet), but also taking place based on the content.

It does however cause one larger issue. You need to proove it was the PlusNet network causing such slowdowns, and not that of your own system, the seeds and leechers from whcih you download, that you have sufficient rights to download at full speed and that you are not banned from such networks.

TO put it mildly, it would be near impossible to proove half of this, let alone most of it.
N/A

Computer Data Laws...

Quote


One such reverse example (where something written as legal, is infact illegal), is a law listed for Conwy in N Wales.

It is apparently very much legal to kill a welshman with a spear, after sunset, should he step within the town walls.


This law also applies to Chester. I wonder why a spear had to be used though?
N/A

Computer Data Laws...

The data protection Act could come into play if you send personel data over the internet as if you are registered as a data controller you must secure all data. Sending it via email could break that law and as such you could be prosicuted.

Its like someone hacking your website the hacker may be breaking the law but the owner of the site can be done for failing to secure the personel data.
N/A

Computer Data Laws...

Quote

If the illegal download was to suffer more than the legal download.

I will now make the bold claim that there is no such thing as a illegal download, having copywrited files on your PC that you make available for sharing is certainly dodgy.
I'm not aware that any one has been done over for downloading MP3's etc, only for sharing them.
N/A

Computer Data Laws...

Indeed, your download portion may not be illegal.

But that download has to come from some form of Upload source.

Regardless of the legality of the download portion, part of the transfer process is illegal.

That is all moot point, because you have actualy simplified the point I was trying to make.

If all downloads are legal, then surely PlusNet don't have any need to determine the legality? AKA, there is no bias towards potentialy dodgy (as you put it) transfers, thus no process of shaping based on content, rather than just protocol.
N/A

Computer Data Laws...

i thought it was an arrow for Chester ?

DAMN , gonna have to go and trade in that bow i bought last week
craigbrass
Grafter
Posts: 1,009
Registered: 30-07-2007

Computer Data Laws...

From what I was reading, several companies are contacting ISPs to monitor P2P stuff and report stuff to them thats illigal (movies, music ect). Tiscali said yes to this I also read. Really hope PlusNet either tells them to get lost of a good hard punch in the face lol!
N/A

Computer Data Laws...

If Tiscalli said yes, they are breaking the law.

Monitoring data down to such a level where-by legal from illegal content can be distingushed, is classed as a wire-tap.

ISPs have provisions to allow them to monitor traffic in such a way for short times. This could not be used for purcposes such as market research, but only for operational reasons (would X be better suited over Y rather than Z and such).

They are not allowed to pass such data on and must be deleted once the purpose is served.

To pass the data on would see them in breach of the DPA, as such data can be classed as profiling and thus personaly identifiable back to you.

Have you got any further information on this Tiscali descision, preferably off-site URLs.
craigbrass
Grafter
Posts: 1,009
Registered: 30-07-2007

Computer Data Laws...

I read about a guy on neowin saying about it. I'll see if I can dig out the post url for you. May take me a while tho, u seen the popularity and how many posts are on the site!!! lol
N/A

Computer Data Laws...

Sort of related but maybe off topic.But it is about Internet privacy or lack thereof

Does anyone happen to know what developments have been made in what is being written about here?

http://www.melonfarmers.co.uk/arisps.htm

As there are quite a few frightning aspects mentioned.