I always use a mouse with my laptop so that I don't accidentally put my finger on the touchpad and click on something I don't want to click on.  However, using a mouse on a slightly shiny/reflective surface can cause the cursor to fly to another part of the screen resulting in a 'misclick'.

You could try emailing pressroom@plus.net with your enquiry.

I thought it would be fairly obvious that they're going to log everything, they're not going to be bothered if you intended to visit it or not. I'm sure someone can always claim that their cat jumped on the keyboard and that's how they ended up on a particular website.

@iwrconsultancy

I Think you have the right to request all the data a company holds about you for a fee of £10.

If you requested that data and decided the information was incorrect would you not have the right to ask for it to be removed, so if the list showed I visited website x on such a date and time and I claimed I did not, would it not be up to the ISP to prove I did ?

If a number of users requested and queried data held the ISP would end up with a lot of non productive work on their hands.

My concern about this bill is that it could be open to abuse in several ways and we will see examples of this as time goes on.

---

@ejs wrote:

I thought it would be fairly obvious that they're going to log everything

---

Which is what I imagine they'd have to do as there is no way to distinguish original requests from robots.

If so, that opens the way to all kinds of malicious activity. Even without using Javascript, it would just be a matter of hacking a well-known website (If it uses SQL, how hard is that?) and putting a frameset on it with the legit site taking up 99% of the page and a few choice illegal pr3n images in the other 1px-high frames.  To target a specific individual, just put in a bit of php to check the host and only echo the frameset if it's the intended victim.

Wait a while, make a phone call, victim framed. If you'll excuse the pun.

NO. If this to be implemented, it has to be only the sites visited. If it includes robot downloads it's worse than useless. Dangerous, in fact, because it's so easily exploited for criminal frame-up purposes.

If it's so easy, perhaps you should do a bit of white-hat hacking, and arrange for some well-known websites to warn people of the problem you describe? Oh wait, that would probably be illegal.

Also, how exactly are you going to check the host to find the intended victim? How will you know their IP address?

---

@iwrconsultancy wrote:

With the Investigatory Powers Bill no passed, ISPs will have to compile a log of 'Websites visited' by accountholders. 

 

---

Are you sure that's correct?

Looking at https://www.gov.uk/government/publications/investigatory-powers-bill-fact-sheets - Factsheet: communications data

The Bill will also require communications service providers to retain internet connection records. ICRs do not provide a full internet browsing history. The ICRs do not reveal every web page that a person visited or any action carried out on that web page.

Yes, that's correct. The Bill requires domains visited to be logged. It does not require lists of pages read.

The situation is that when you visit most large websites, a 'robot' on the page also fetches data from other domains.  Thus, it will appear that you visited a great many more domains that the one you actually visited. To give an idea how bad the problem is, even loading a fairly reputable site might cause 20 other-domain data fetches. With some sites like tabloid newspapers festooned with ads, that might be anything up to 100.

So, the log will contain anything from 20 to 100 entries for every site you visit  Of those, you visited one. The rest you didn't visit, but AFAICS there is no way for the ISP to determine which is the needle in that haystack.

There is an obvious legal issue here, in that any surveillance or reporting on the public must be accurate. Otherwise it would be in breach of all kinds of regulations, including human rights Law. Over-reporting of sites you didn't visit is obviously worse from a legal standpoint than under-reporting of sites you did, since that might lead to a false prosecution.

I could see situations where NOT logging the pages visited could actually be worse then doing so. Supposing a robot on a page you visit accesses a known child abuse site, but all it does is to get the robots.txt file from that site. With only the domain logged, it would appear that you had been downloading child abuse material. If the file download history  were available, then it would be clear that nothing of the sort was involved.

There is a reason why courts ask for the truth and the WHOLE truth.  Half-truths are dangerous.

Which part of The Bill says domains are going to be logged?