These two articles, [Thanks Roddy !!] continue to show the thrust of the governments’ wish to ‘snoop’ on the citizen.
Although it’s already done widely, with various other ‘legal devices’ to justify action, RIP will now allow, for ‘Data Mining’ and ‘Crime Patern Analysis’.
This basicall, will provide alsorts of opertunities for mis-carrages of justice to occur. So much stress on the way. Am I entitled to discent? or must i always go around proving i’m not a criminal / terrorist / child and sheep molester.
Oh god! why are governments alway so worried about about the citizen under them? Is it something to do with ‘Vested Interest’ me thinks. Cant they go around trying to ‘represent us’ rather than trying to ‘keep us down’
Any advice on these matters, gratefully recieved.
ISPs face data interception deadline
17:03 Wednesday 10th July 2002
Matt Loney
From 1 August, ISPs in the UK will be required to be able to intercept your data. Yet the Home Office has failed to explain how they will be reimbursed. And the rules mean that criminals will easily be able to avoid interception
ISPs across the UK will have to start intercepting and storing electronic communications including emails, faxes and Web surfing data from 1 August, but there still appear to be glaring loopholes in the legislation.
Not only has the Home Office still failed to tell ISPs how they will be compensated for maintaining their interception capabilities, but the measures, which the government said were introduced to combat terrorism and organised crime, only apply to large ISPs. Any criminal organisation wishing to avoid interception simply has to find an ISP that has fewer than 10,000 customers.
The interception capability is mandated by the Regulation of Investigatory Powers Act (RIPA), which was introduced to give police and other law enforcement authorities the same powers to intercept digital communications as they already possess to intercept telephone calls and letters. On 1 August, the RIP (Maintenance of Interception Capability) Order 2002 is due to come into force.
Several classes of communications service providers are exempt from the regulations: those which do not intend to supply services to more than 10,000 people in the UK, and financial institutions such as banking, insurance and investment houses.
Not every big ISP will have to provide an interception capability from day one, but if they are told by police or other law enforcement officers that an interception has been authorised, they have one working day to provide a mechanism to do so. Furthermore, they must ensure that the intercepted data is transmitted in real time to the person who applied for the warrant
Each service provider must be able to simultaneously intercept the communications of up to 1 in every 10,000 people who use its service.
But with only weeks to go, ISPs say they have still not been told how they will be reimbursed for the cost of intercepting communications data. A spokesperson for the ISP Association said, “We have not been provided too much detail (on costs). There are still a lot of issues that have to be resolved.”
Part of the problem, said the spokesman, is that the new regulations are also intertwined with the Anti-Terrorism, Crime and Security Act 2001, which says that ISPs and telcos have to store communications data.
“They are producing a code of practice that lays out types of data that should be retained and how long it should be retained for,” said the spokesman.
The trouble, is, he said, that for ISPs to install all the capabilities will cost a lot of money: “Dealing with the two laws will have a big impact on cost and the Government has to provide guidance.” Costs will come from storage, staff time, new management processes, setup and running costs, said the spokesman, and will vary because each ISP is likely to have a different method of intercepting and storing the data and managing access.
A Home Office spokesperson said, “arrangements will be put in place to ensure they (ISPs) will receive fair refunds for costs incurred,” but could not provide details.
Claire Walker, a solicitor with city law firm Olswang, who specialises in e-commerce, said part of the problem is that the Home Office does not have a technical perspective. “They tend to say to ISPs, ‘tell us what is involved,’ and then the ISPs say, ‘no, you tell us exactly what you want first and then we’ll tell you what is involved,'” said Walker. “It is likely that individual ISPs will reach individual agreements with the Home Office on reimbursement.”
Tim Snape, who chairs the law enforcement group ISPA, told ZDNet UK earlier this year that the costs of intercepting could, in combination with the costs of logging data, be crippling. “The actual data acquisition costs could be low,” he said, “but the costs for data retention, processing, hand-over, billing, management and regulatory compliance will all be very high.”
Although RIPA has a provision for ISPs to recover their costs, said Snape at the time, this does not mean profit. “We don’t want to be seen profiting from crime, so we have asked for just cost recovery,” he said. “But because this means there will be a requirement to demonstrate costs, there will be a requirement to audit so the process of cost recovery will incur its own costs.”
Sources close to the negotiations say it has been suggested to the Home Office that the compensation to industry should merely cover the storage costs.
http://news.zdnet.co.uk/story/0,,t269-s2118894,00.html
RIPA demands push up ISP costs
16:41 Tuesday 9th July 2002
Paul Stevens, Olswang
Overshadowed by last month’s furore over public authorities’ access to e-mail and telephone data, another set of new RIPA rules is due to hit the communications industry next month
From 1st August, ISPs and telcos will be obliged to maintain certain minimum levels of interception capacity in order to assist law enforcement agencies. The cost to the industry of implementing these controversial measures, however, remains unclear.
Background
These new obligations are contained in the Regulation of Investigatory Powers (Maintenance of Interception Capability) Order 2002 (the “Order”). This ‘fleshes out’ provisions under the Regulation of Investigatory Powers Act 2000 (‘RIPA’) which give the Home Secretary power to order a provider of public telecoms services to maintain a “reasonable” level of intercept capacity to enable interception warrants to be complied with. Consultation with industry on this issue took place between December 2000 and August 2001.
ISPs are expressing their confusion over the new obligations and how they will be recompensed. The actual obligations are as follows.
The new obligations in more detail
The Order imposes new legal obligations on providers of public telecommunications services, although service providers who do not (or do not intend to) provide their service to over 10,000 users in the UK are exempt, as are providers who limit their services to the banking, insurance, investment or other financial services sectors.
The ‘intercept capacity’ which service providers are required to provide is as follows:
A mechanism for implementing interceptions within one working day of the service provider being informed that the interception has been authorised;
Where the service provider serves more than 10,000 people, to enable the simultaneous interception of communications of up to 1 in 10, 000 of those users;
To ensure the interception of all communications and related traffic data authorised by the warrant and their simultaneous transmission to the law enforcement agency in question;
To ensure the intercepted communication and data can be correlated;
To ensure the handover interface complies with any requirements stipulated by the Home Secretary (these should generally be in line with agreed industry standards);
To ensure filtering to provide isolated traffic data, associated with the relevant account where reasonable;
To ensure any protection applied to the intercepted communication can be removed;
To minimise the risk of “tipping-off” the interception subject or other unauthorised persons about the interception. Where a service provider is unhappy with the extent or compliance cost of an interception notice, a referral can be made to the National Technical Advisory Board (‘TAB’), a body comprised of industry as well as Government representatives. Non-compliance with these interception obligations carries civil penalties, including issue of an injunction.
Cost implications
The cost burden on the telecoms industry of implementing the new measures is potentially substantial. RIPA imposes a duty on the Secretary of State to ensure that a service provider receives a “fair contribution” towards the cost of complying with an interception warrant or maintaining intercept capability. A sum of £20 million has been earmarked for communications provider support for the three years from 2001 to 2004 in connection with broader RIPA obligations, of which £14 million was spent last year. Further consultations are due to take place between the Government, industry and the TAB on the precise costs to the industry of complying with these new rules but no timetable has yet been set.
The bigger picture
RIPA, which has been on the statute book since July 2000, has been the source of enormous controversy since the proposals for reform of the interception regime were first published three years ago. Recently, in a much-publicised climb-down, the Home Secretary David Blunkett withdrew a proposal to extend the range of public authorities with power to access details of people’s communications under the Act.
Although the Act received Royal Assent nearly two years ago, its wide-ranging provisions have been brought into force by a series of statutory instruments since then. The most recent include an Interception of Communications Code of Practice which came into force on 1 July 2002 and which outlines the duties of law enforcement agencies with regard to interception of telephone and internet communications for national security and crime prevention purposes. Codes of Practice regulating the use of other covert surveillance techniques are also due to come into force on 1st August.
The information contained in this bulletin is intended as a general overview of the subjects featured and detailed specialist advice should always be taken before taking or refraining from taking any action
http://techupdate.zdnet.co.uk/story/0,,t481-s2118813,00.html
