The Big Brother Euro-State and your Email

Thunderclap · 08-09-2008

Always eager to implement EU Directives (the product of non-elected non-accountable no-bodies), the UK Government (controlled by a non-elected non-accountable no-body), will force all ISP's to record every email address sent to and from the UK. Which, is everything flowing in and out of PlusNet.
Article http://news.bbc.co.uk/1/hi/uk/7819230.stm
So can any of you tech heads see the gapeing holes in this EU Directive?
BTW, your liberties are being erroded to fight terrorism.

EDIT +++++++++++++
Some points to consider about the Government recording your email traffic...
Can I no longer send an email to my MP in confidence?
Can I no longer send an email to my Doctor in confidence?
Can journalists no longer protect their sources?
Will we have to register our webmail accounts?
Will the real bad guys just stop using email?
Does the Home Secretary (Jacqui Smith) own the Internet?

EDITORIAL EDIT 2.0 +++
Reading the replies here and, on the BBC's Your Say stream, it would seem that 99% of people are against what is a clear invasion of privacy - not only by the UK Government, but the European Union. Whether the UK is becoming an East German style Stasi state is another debate, but what is sure is that 99% of people are convinced this is NOT an effective move against crime and terror. Instead, this a move against civil liberties; liberties that the UK Government and the EU have a responsibility to protect (it's in their job description).
What further deflates the crime and terror argument is that all of our email records in the UK will be accessible by up to 600 Government Agencies. These agencies not only include people like the Serious Organised Crime Office, who might be involved in counter crime and terror, but also the DVLA, your local council and even, the Post Office. Yes, the very same people that you buy stamps from. It would seem that any public sector official will have a license to go phishing in the email sea. So you can figure for yourself the potential for corrupt abuses of the system. Furthermore, those who have their email records phished by these public bodies, will have no knowledge that the phishing took place.
Under Stalin, the assumption was the Soviet people were perpetually involved in subversive activity, and therefore, needed to be perpetually suppressed. Knowing that up to 600 Government Agencies will be involved in monitoring our on-line activities, 24-7, I suggest that we are ALL regarded as perpetual subversives!
The bureaucrats do not own the Internet. We do.

BBC Your Say
http://newsforums.bbc.co.uk/nol/thread.jspa?sortBy=1&forumID=5888&start=0&tstart=0&edition=1&ttl=200...

shutter · 06-11-2007

Quote
(from the website news report)
The Home Office insists the data, which does not include e-mails' content, is vital for crime and terror inquiries.

So if i send an email to my friend.....
from gerry@email address
to Friend@email address
bt
TEXT READS COME ROUND FOR DINNER ON SATURDAY AT 12:00
BT

AND I send another email a month later
from gerry@email address
to Friend@email address
bt
TEXT READS COME ROUND WITH THE BOMB ON SATURDAY AT 12:00
BT
How will just keeping the heading be helpful to "anti-terrorist" investigations?
Who are they trying to kid?

dvorak · 11-01-2008

I don't send any mail via my ISP...

Customer / Moderator / If it helped click the thumb / If it fixed it click 'This fixed my problem'

techguy · 12-09-2008

The full mail headers can be useful because they contain the mail server details and of course a unique reference and of course the mail server does log the IPs that connect to it and the ISP can determine which IP was leased to a customer at a given time so in theory plod can turn up and question you about mail you sent on a certain day at a certain time but the trouble is that the truly bad people will know how to bounce their mail through open relays to avoid detection thus making this policy futile.
Lets just hope there are boneheads like the guy in Switzerland who was involved with Bin Liner's lot who thought he could evade detection by switching his mobile handset but keeping the SIM as obviously he wanted to keep his number!

shutter · 06-11-2007

There is no point in keeping "the full headers" as I have demonstrated in my example above.....
both headers will be the same (except for the transmission time and date)
without the text, there is no evidence that I have asked my friend to bring the bomb round....

techguy · 12-09-2008

Hi Shutter
Am talking about the full headers which contain a lot more detail than that which is what Government want access to (can't lay my hands on an example just now)

itsme · 07-04-2007

I run my own mail server so for PN to comply to the new law will require them to scan my upload internet connection for SMTP traffic. Can PN confirm this will/not happen.

shutter · 06-11-2007

Quote from: techguy
Hi Shutter
Am talking about the full headers which contain a lot more detail than that which is what Government want access to (can't lay my hands on an example just now)

d
So if I send all the empty envelopes I get, with my address on, to the terrorist enquiry, they will know what the contents of those envelopes were then?

techguy · 12-09-2008

Ok let me explain
jbloggs@shadyisp.net sends mail to his mate avillain@dodgyconnection.com about credit card fraud for example (both ISPs here are assumed to be law abiding businesses but of course I wont use real names)
A Villain is under investigation and SOCA want to know more about jbloggs but villain isn't talking so they determine from his phone company that his ADSL provider is dodgyconnection and ask them to turn over the headers of all mail received by villain from which they can determine the SMTP servers used to send the mail (at least in theory) and thus the providers.
From the unique identifier the SMTP provider should be able to determine the IP of the customer sending the mail (dynamic IP allocation does not affect this as ISPs can determine to whom a specific IP was leased at a point in time)

Thunderclap · 08-09-2008

Quote from: itsme
I run my own mail server so for PN to comply to the new law will require them to scan my upload internet connection for SMTP traffic. Can PN confirm this will/not happen.

Possibly EVERY Eurozone ISP will have to scan EVERY piece of traffic, looking for email activity (Port 25 etc), log this, and then pass onto the Ministry of Stupid I.T. Solutions. However, this might means that the ISP would effectively be INTERCEPTING TRAFFIC, without the consent of those involved and, without a search warrant?
I suggest that we make a Freedom of Information Request to PlusNet to find out EXACTLY how this EU-spyware will function?
Oh, and let us not forget those who use WEB MAIL on servers outside of the EU - Like Google Mail

itsme · 07-04-2007

Unfortunately the Freedom of Information act i believe only apply to Government bodies. Whether we could get the required information under the Data Protection act is questionable.

Thunderclap · 08-09-2008

Quote from: itsme
Unfortunately the Freedom of Information act i believe only apply to Government bodies. Whether we could get the required information under the Data Protection act is questionable.

You're correct. The Data Protection Act certainly gives us the right to question an ISP about what they know about us, but is possibly murky on how they collect the information?
Thinks: I wonder if Phorm is component of our unelected Prime Minister's vision for a virtual Stassi nation?

techguy · 12-09-2008

I would assume that if you run your own mail servers and thus take an SMTP feed from your ISP they will need to log all SMTP traffic.

James · 04-04-2007

I'm not so sure.
From my limited knowledge and what I've seen discussed so far, I'd only taken this to be Plusnet email headers and not every single email sent by our customers.

techguy · 12-09-2008

Thought it was all mail sent and received by your customers via your SMTP.POP3 mail clusters.