cancel
Showing results for 
Search instead for 
Did you mean: 

Snooper's Charter - Please keep us in the loop

HughPH
Grafter
Posts: 26
Thanks: 4
Registered: 26-01-2016

Snooper's Charter - Please keep us in the loop

Thread Rule: No debating the cause for any individuals concern regarding the Snooper's Charter. I don't want to see any naïve comments about "if you've done nothing wrong you've got nothing to hide" etc. Gay people have done nothing wrong, but that doesn't mean they don't get arrested, bullied, jailed and killed for it in less forward-thinking countries, and there's always an opportunity to go backwards. Like to look at pictures of bacon? They might decide that's illegal, and nab you for visiting www.bacon-hotties.com sometime last year. Worse still, you might get pulled in because a page you visited contained an image hosted on Build-a-Bomb Workshop. Old farts in courtrooms don't understand The Internet, they just know your computer connected to that site, and so you must have been visiting it.

ONWARDS TO THE POINT...

It is three years since the Tories said they wanted the Snooper's Charter "at the earliest opportunity." It's such a bad idea, it's been resisted for that long. Forum Post: UK government still wants Snooper's Charter "at earliest possible opportunity"

Now the [redacted] [redacted] [redacted] at the top has re-raised it, and I'm sure it won't be the first of her "good ideas." (Now, if we could just get her to trim her toenails with a scythe...) The concern this raises is that it could become a necessity for organisations like Plusnet to keep a record of sites browsed by their customers. (It's not unimaginable - look at the 'block' on TPB.)

The ask that I have is that Plusnet keep its customers informed of any indication they have that it's going to be required of them to store this information, and if this becomes the case, that Plusnet inform its customers of the dates after which activity will be logged. Should this precipitate, I think it would also be fair for Plusnet to describe what they store, and the means by which they acquire the information.

40 REPLIES
Community Veteran
Posts: 4,920
Thanks: 341
Fixes: 16
Registered: 10-06-2010

Re: Snooper's Charter - Please keep us in the loop

You think Plusnet don't already? Have you read https://www.plus.net/help/legal/privacy-policy/ ?

HughPH
Grafter
Posts: 26
Thanks: 4
Registered: 26-01-2016

Re: Snooper's Charter - Please keep us in the loop

I'm afraid all I see there is information regarding the storage of browsing activity when using Plusnet services or Price Comparison sites. The Snooper's Charter would be far more invasive and would mean Plusnet would have to store all of your browsing activity whether or not the sites you visit are associated with Plusnet in any way.

If you've found something I've missed, I'd appreciate you posting the section that causes you concern.

Community Veteran
Posts: 4,920
Thanks: 341
Fixes: 16
Registered: 10-06-2010

Re: Snooper's Charter - Please keep us in the loop

Plusnet's services include their broadband services! Here is the relevant section:

When you use any of our services:

  • What we collect: our network records information on how much you use our service (for example, how long you connect to the Internet, how long you speak on the phone, and what numbers you call). We also collect information on the websites you visit.

  • Why we collect it: we are not Big Brother and only want to collect this information so we can manage demand across our network, manage faults and bill you for the service. We’re legally required to keep this information. Sometimes court orders and agreements also mean we have to collect this information. The information might also be necessary if we need to contact you if you are using our service to access third party content in an unlawful way, or if we need to notify you about changes to our services (for example, to tell you that we have upgraded the service on your line, or to tell you when new technologies, such as fibre broadband, are available).

jab1
Seasoned Pro
Posts: 1,499
Thanks: 267
Fixes: 5
Registered: 24-02-2012

Re: Snooper's Charter - Please keep us in the loop

@HughPH - although I share your concern over data collected and/or stored by PlusNet (or any ISP or website), I think you are causing yourself unecesary worry. The legislation is not even defined yet, and even when it is, I think that it will be well watered down from what media is claiming it will achieve. 

Think about it - to store all the data that it is being claimed will be will require VERY much more storage than is currently available, and even if it is collected and successfully retrieved, what is any one going to do with it?

Storm in a teacup/government spin comes to mind.

John
Community Veteran
Posts: 5,345
Thanks: 609
Registered: 23-09-2010

Re: Snooper's Charter - Please keep us in the loop


jab1 wrote:

what is any one going to do with it?


 

I would imagine it would mostly involve one crooked civil servant getting their palms greased to provide information to another crooked civil servant about what another crooked civil servant has been up to with the intention of getting something over them or passing on to the press to embarrass them.

Because of that I would have to agree that it will probably get well watered down and maybe completely washed away.

Moderator
Moderator
Posts: 16,562
Thanks: 1,801
Fixes: 125
Registered: 06-04-2007

Re: Snooper's Charter - Please keep us in the loop

jab1 wrote:

Think about it - to store all the data that it is being claimed will be will require VERY much more storage than is currently available, 

...and who will foot the billAngry

Forum Moderator and Customer
Courage is resistance to fear, mastery of fear, not absence of fear - Mark Twain
He who feared he would not succeed sat still

Community Veteran
Posts: 7,923
Thanks: 600
Fixes: 8
Registered: 02-08-2007

Re: Snooper's Charter - Please keep us in the loop

Can someone clarify the following point, if I visit some other web server such as safepage or something similar plusnet may well keep a record of that but do they also keep a record  of what I might be searching for via those sites ?

Note the word 'if' in the above statement and not 'when'

 

Community Veteran
Posts: 7,923
Thanks: 600
Fixes: 8
Registered: 02-08-2007

Re: Snooper's Charter - Please keep us in the loop

I guess the snoopers charter is like many other things it can be abused and no doubt it will be abused, balanced against that is the fact we live in a more dangerous age, the more information the authorities can collect on drug dealers, those who kill in support of isis or or any other twisted cause, those who abuse children (ref: The recent number of identified cases in Scotland) and perhaps even worse in other parts of the country thn I can see the need for a snoopers charter but equally I can see the need for such a charter to be monitored closely and action taken against those who seek to abuse it.

HughPH
Grafter
Posts: 26
Thanks: 4
Registered: 26-01-2016

Re: Snooper's Charter - Please keep us in the loop

Some really great points, thanks all for your input. Thanks ejs for pointing out the bit I missed!!

 

I should really have been a little more careful and a little more specific about the bottom line concern, which is the Police Investigatory Powers Bill. At the moment even if the data is stored (and I'd still like some detail - is it just DPI on traffic connecting to a remote host on Port 80? Is it more involved?) then there's a strict process to go through to get the information. The PIPB would see access to any data without the opportunity for due diligence on the part of the information holder - and while there would be auditing in place, already it's known that some Police staff have accessed the information of individuals without having gone through due process. There was a more recent report that suggested about 5% of Police staff had access peoples details illegally, but I can't find it. This was the state of affairs in late 2009: "a member of staff at Essex Police accessed intelligence systems “on some 800 occasions” between Jan... How much of that leads to personal gain for the officers involved is another matter.

 

 

It's like equipping every police station with a pair of X-Ray specs that can be checked out with a signature, but no actual checking of paperwork.

 

So - if Plusnet could let us know, if it comes to pass, that they're going to build a portal or API or whatever it is that would be required for the Police to get at our details without going through due process, that would be lovely.

Minivanman
Hero
Posts: 4,794
Thanks: 1,046
Fixes: 1
Registered: 04-11-2014

Re: Snooper's Charter - Please keep us in the loop

Really? Crikey, are you behind the times friend.

Assume everything and I mean everything is stored when you go on the internet..... which is how they and everybody else including both of us "acquire the information". Take into account those surveillance cameras and every time you use your bank card then short of going off grid and going to live a life of self sufficiency on an island somewhere....... oh hang on, I forgot about those 'eye in the sky' satellites! Wink

1984? Been there, done that.  

All views expressed are my own but you can express them too if you want to be right about everything like I am.
Community Veteran
Posts: 5,345
Thanks: 609
Registered: 23-09-2010

Re: Snooper's Charter - Please keep us in the loop

Imagine how much worse things would get if someone actually invented "slow glass".

I've no doubt that it would end up getting used exactly the same as in Bob Shaw's "Light of Other Days".

 

Minivanman
Hero
Posts: 4,794
Thanks: 1,046
Fixes: 1
Registered: 04-11-2014

Re: Snooper's Charter - Please keep us in the loop

I'm reminded of a book called 'The Stainless Steel Rat' which I read years ago where basically the protagonist managed to throw of most of what a futuristic society managed to throw at him.   

All views expressed are my own but you can express them too if you want to be right about everything like I am.
HughPH
Grafter
Posts: 26
Thanks: 4
Registered: 26-01-2016

Re: Snooper's Charter - Please keep us in the loop

There are cameras (by Lytro) that record the direction (polarisation, perhaps) of the light, meaning you can refocus a scene and to some extent see some 3D detail. If they could make the sensor immensely huge, and attach sufficiently fast and large storage, you might get close to that behaviour. You then just need a sufficiently-high resolution passive 3D display and recorded scenes could be replayable such that you can see the whole of the scene as captured by the sensor... Added bonus - pause & rewind.

Just to be clear, I'm not a conspiracy theorist *adjusts tinfoil hat and checks the sky for overhead chemtrails* but I do feel that there is potential for a great deal of harm to our right to privacy. I acknowledge that for over a decade now our shopping habits have been tracked by loyalty cards, that motorway ANPR cameras back on to recording media that holds the information for two years, and I know for a fact that companies can use information about customers aggregated movements based on the way payment cards have been used - enabling incredible opportunities for marketing. I also know that the credit reference agencies have services that enable a customer to be identified by a unique identifier (it's an integer, not a GUID - and varies from one CRA to another) that would enable a company to compare its customer base with that held by another company without exchanging any personal information. We are all just numbers. However, collating and collecting that information presently requires an adequate level of information to be provided to information holders detailing the reason for access, and those information holders must keep those (Section 29) requests. Here's Staffordshire's S29 form, for example.

HughPH
Grafter
Posts: 26
Thanks: 4
Registered: 26-01-2016

Re: Snooper's Charter - Please keep us in the loop

@gleneagles regarding whether they store what you were searching for...

  • I doubt they store POST data, because that could be an image or some other large data
  • They could store GET requests (broadly speaking, anything that appears in your address bar - although javascript can also GET and POST behind the scenes)
  • This all depends on HOW they determine which website you visited
    • If it's JUST by performing Deep Packet Inspection on any connections that start with HTTP GET, then they'll be checking the hostname in the URL, or potentially the hostname you're trying to GET from. Under these circumstances they won't be able to track which website you connected to if you're using HTTPS.
    • If they correlate queries sent to Plusnet DNS servers with subsequent connections to the IP address returned by the DNS server, they could infer that you visited a website. Interesting side note: The government want all your BROWSING history recorded and accessible. That doesn't include OTHER SERVICES that don't qualify as "browsing." However, the vast majority of services are accessed using web browsers.
  • Whether or not either of the above are true, you can avoid Plusnet knowing what you're browsing by using a VPN and non-Plusnet DNS servers. Since the DNS server providers also don't control your internet connection (which would also be over a VPN connection) they don't really have a way to tie anything together. The VPN provider could plausibly do the same thing, but their business model hinges on having a reputation for not tracking anything.
  • The search engine operator (e.g. Google, Yahoo) will record your IP address and what you searched for. DuckDuckGo is a search engine that doesn't record anything about your search.

 

I couldn't find much about safepage except some malware warnings and some blurb about compressing and decompressing HTML using Javascript - I'd point out that compressed media is not necessarily encrypted, and if it became a common means of accessing data, it would simply be built in to analytical tools. Similarly a gzipped page will be unzipped by the MITM (man in the middle) prior to inspection.