Home
 » ISP News » 
Sponsored Links

UPDATE3 Government Forces IP Address Matching Upon ISPs – But What is it?

Monday, Nov 24th, 2014 (12:19 pm) - Score 11,156

The Government’s forthcoming Counter-Terrorism and Security Bill (CTSB) will this week introduce a number of new measures including a provision to help the security services identify suspects via a computer or mobile device’s individual Internet Protocol (IP) address. But what does this actually mean for broadband ISPs and their customers?

At first glance most of the reports from newspapers and around the Internet don’t appear to fully understand the difference between what’s being proposed under the CTSB and what already exists as part of the temporary Data Retention and Investigation Powers Act 2014 (DRIP).

Under the DRIP Act ISPs are already required to maintain a voluntary and somewhat basic log of their customers Internet access including email activity (times, dates and IP addresses) for up to 12 months (note: this doesn’t include the content of your communication), which usually becomes active following a specific request to the ISP (e.g. a demand / warrant from the police).

But at best this only identifies the bill payer of the Internet connection, while the related IP address (one of these is assigned to your connection every time a device/router links to the Internet) for that service might itself also be shared between many users and lots of different devices (laptops, routers, smartphones, tablet computers etc.), such as in a family home, business, public wifi or on a mobile network etc.

According to today’s many newspaper reports, the new IP address matching measures aim to go one further by requiring ISPs to keep records “that can show which individuals have used a particular IP address at a given time” (The Telegraph). Similar quotes can be found in nearly every other report, except in traditional networks it’s impossible to do this accurately and without some sort of aggressively invasive monitoring.

For example, generally ISPs cannot track how a remote Local Area Network (LAN), which will usually be using Network Address Translation (NAT), is setup in your home (i.e. which devices are using what LAN assigned IP addresses at any one time) because that is managed by the router and generally doesn’t get communicated back to your provider. Admittedly the big ISPs might be able to add snooping code into the router that could send the logs back to your provider, but then end-users could simply buy a third-party router or hack the code to remove or fool it (we suspect that would become quite popular).

But even if you could make the above system work then it would still have no accurate way of knowing which individual is using what devices (e.g. my sister might swap her tablet to my brother and then on to our mother, none of which would ever show via basic IP logs); short of making a live webcam feed of your face available on every single device and we doubt anybody would agree to that idea (also you could fool that too). Not to mention the added fun from using non-UK based VPN, Proxy Servers and so forth.

Adrian Kennard, Director of ISP Andrews & Arnold (AAISP), said:

You cannot tell who is using a computer or mobile from an IP address. At best you can tell subscriber details, if they exist, and maybe a location where the IP is initially routed (but it may then go on to anywhere in the world). So what is being asked is impossible.”

Unfortunately we won’t find out whether or not the Government have proposed the impossible until later this week, but it’s probably much more likely that the mass media have simply got the wrong end of the stick and that what has been proposed is actually a lot more straightforward than the reports appear to claim.

A far more likely probability, and one that some of our industry sources appear to support, is that the Government will simply update the law to cater for issues like Carrier Grade NAT (CGNAT) that allows ISPs and mobile operator to share a single IP address between more than one connection / customer (an ISP level assignment, not home router level).

Mobile operators already make use of shared IP addressing and the failure to swap over to the latest IPv6 standard means that some home broadband ISPs may slowly need to do the same (i.e. old IPv4 addresses have run out but many services and hardware devices still need it and thus the old addresses may need to be shared). A few ISPs already make limited use of CGNAT, but it can cause problems and thus providers aren’t rushing to make it mandatory.

In that sense the law will most likely be updated to enhance existing ISP-side logging functions that could help them cater for CGNAT or similar networking arrangements, which is still likely to be a costly and technical tricky adjustment for ISPs. Crucially the existing DRIP Act doesn’t appear to cover CGNAT.

In other words, unless the Government has completely lost the plot and are requiring ISPs to know which end user behind a residential gateway accessed which site (we’ll find out this week), then ISPs won’t be trying to track activity on your home network after all (at least not in the way that many reports have this morning suggested).

UPDATE 1:04pm

The UK Internet Service Providers Association (ISPA) has now waded in and appears to say that the Government hasn’t even bothered to consult them, which is perhaps a worrying turn of events.

Nicholas Lansman, ISPA Secretary General, told ISPreview.co.uk:

ISPA is disappointed that the Home Office has not consulted with industry on proposals for IP matching, but we will work with our members to scrutinise and inform the legislation when it is published. IP addresses can generally only be used to identify a subscriber and not an individual. As we argued in our submission to the Anderson Review on future communications data laws, the Home Office needs to do more to consult with industry on its proposals, once again there has been a distinct lack of engagement with industry.

Government committed to a review of communications data capabilities by David Anderson QC which we supported, yet the Home Secretary appears to have pre-judged the inquiry by reemphasising the need for a new Communications Data Bill, a Bill that both relevant parliamentary committees rejected“.

UPDATE 26th Nov 2014

The Bill has now been published (here and here) and Part 3 covers the enhanced ‘Data Retention’ aspects, which broadly appears to reflect the adjustments we touched on above and crucially adds the following to existing rules:

“relevant internet data” means communications data which—

(a) relates to an internet access service or an internet communications service,

(b) may be used to identify, or assist in identifying, which internet protocol address, or other identifier, belongs to the sender or recipient of a communication (whether or not a person), and

(c) is not data which—

(i) may be used to identify an internet communications service to which a communication is transmitted through an internet access service for the purpose of obtaining access to, or running, a computer file or computer program, and

(ii) is generated or processed by a public telecommunications operator in the process of supplying the internet access service to the sender of the communication (whether or not a person);”.

UPDATE 26th Nov 2014

The following is a brief summary of what the Government’s chosen option (2) will apparently do – taken from the Impact Assessment.

Option 2: Require communication service providers to retain data necessary to attribute an IP address to a user of an internet access service and a wider range of internet services.

To protect the public, new legislation being introduced that maintains the ability of law enforcement and intelligence agencies to protect the public and support the investigation of crime in cyberspace. This will be achieved by:

* Introducing new requirements on CSPs to retain CD [Comms. Data], including beyond their own business need;
* Amending the Data Retention and Investigatory Powers Act 2014 (DRIPA) to enable communications service providers (CSPs) who provide an internet service to retain data necessary to attribute an IP address to an individual;
* Expanding DRIPA to cover a wider range of internet services.
* Providing payments to be made to CSPs in respect of costs incurred in complying with new legislation

As we’ve said before, an IP address held by an ISP can at best only be attributed to the bill payer and since most networks are share / used by more than one person then there’s no real way for broadband providers to reliably make the required link.

But the Government also, for reasons unknown, likes to call Internet content providers (e.g. Facebook) ISPs and this can sometimes confuse matters. Meanwhile Facebook may track the IP address of a user but it’s very easy to create a fake account and or hide behind a VPN etc.

Option 2 also mentions “expanding DRIPA to cover a wider range of internet services“, although so far the current changes haven’t quite clarified that aspect. The next issue is one of cost.

Costs – Option 2:

The costs are based on studies conducted by industry. The present value of costs over a 10 year period is estimated to be £99 million; this figure may change with continued development in technology and services.

In current prices, the costs of implementing IP resolution at service providers will be in the region of £27m; the costs of running and maintaining these solutions is estimated to be £96M over the 10 years.

The totals above are based on:

1. Getting the IP data from service provider systems
2. Building a solution to store the IP data at service providers
3. Running and maintaining the above

The cost estimates for the individual components above are based on:

* Studies into IP resolution conducted by industry
* Prior work with service providers and industry on similar projects

Alternative methods of investigation, such as directed surveillance and undercover officers, cost significantly more than CD, do not provide the same level of benefit and are very often more intrusive.

The report also says that “where Law enforcement agencies have accurate source information (eg IP address and accurate time) from an internet service provider they can identify which user sent that communication.” Once again no, when referencing an IP assigned to the customer by an ISP the provider can only accurately identify the bill payer who owns the connection, which on most shared networks may not be the offending user.

Meanwhile it looks like anybody running a CGNAT network of shared IPv4 addresses, especially mobile operators, are in for an unpleasant time as the job of logging and storing every session in order to make customer tracking viable will be both technically tedious and quite expensive.

Mark-Jackson
By Mark Jackson
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on X (Twitter), Mastodon, Facebook and .
Search ISP News
Search ISP Listings
Search ISP Reviews

Comments are closed

Cheap BIG ISPs for 100Mbps+
Community Fibre UK ISP Logo
150Mbps
Gift: None
Virgin Media UK ISP Logo
Virgin Media £24.00
132Mbps
Gift: None
Plusnet UK ISP Logo
Plusnet £27.99
145Mbps
Gift: None
Zen Internet UK ISP Logo
Zen Internet £28.00 - 35.00
100Mbps
Gift: None
Sky Broadband UK ISP Logo
100Mbps
Gift: None
Large Availability | View All
Cheapest ISPs for 100Mbps+
Gigaclear UK ISP Logo
Gigaclear £15.00
150Mbps
Gift: None
YouFibre UK ISP Logo
YouFibre £19.99
150Mbps
Gift: None
Community Fibre UK ISP Logo
150Mbps
Gift: None
BeFibre UK ISP Logo
BeFibre £21.00
150Mbps
Gift: £25 Love2Shop Card
Hey! Broadband UK ISP Logo
150Mbps
Gift: None
Large Availability | View All
The Top 15 Category Tags
  1. FTTP (5443)
  2. BT (3497)
  3. Politics (2513)
  4. Openreach (2285)
  5. Business (2242)
  6. Building Digital UK (2226)
  7. FTTC (2040)
  8. Mobile Broadband (1954)
  9. Statistics (1770)
  10. 4G (1648)
  11. Virgin Media (1603)
  12. Ofcom Regulation (1446)
  13. Wireless Internet (1384)
  14. Fibre Optic (1384)
  15. FTTH (1380)
Promotion
Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms , Privacy and Cookie Policy , Links , Website Rules , Contact
Mastodon