8. Doubts also remain over the tracking methods used to log illegal downloads, which involves monitoring Internet Protocol ( IP ) addresses on P2P file sharing networks and linking them with specific ISPs and users. This method does not appear to be a reliable way of identifying individuals.

IP addresses are assigned to every computer when you go online, yet they can easily be spoofed, redirected, shared (internet cafe, businesses etc.) or even hijacked (open Wi-Fi networks). The download itself could also be encrypted, making it impossible for the ISP to verify.

What are your thoughts on the current methods employed to track abuses and do you think there is a better way of identifying and confirming illegal downloading activity?

AAISP: IP addresses do not identify individuals. This is one of the key flaws. I have fixed IP in my house, but if I had NAT, as most people do, and someone accused me of illegal downloads I would have to assume it was one of my teenage kids. But I could not tell you which one and they would not own up to it. Yet the law (civil and criminal) has to be applied to the individual that is causing offence. The disconnection would have to be for the specific person that has infringed copyright not the whole house and they cannot even identify that person in the first place.

What makes this a lot worse is the impending exhaustion of IPv4 address space. It means that more and more NAT will be deployed in the network making it impossible to track sessions to a household let alone an individual.

I am sure that a wide range technical measures to obfuscate the traffic will be increasingly deployed making all of these measures totally useless. The average users will not even know as the apps they use will just do their regular update and bingo - they are encrypted.

What is needed is for the industry to embrace new business models that make it easy and sensibly priced for people to do the right thing. Make it easier to buy the material than it is to get it illegally and people will do that.

9. What do you think of government legislation that forces UK ISPs to log all email and website access by UK Internet users for one year (Data Retention)?

AAISP: The Data Retention directive is a joke. It is so badly worded that you can follow it to the letter and log almost nothing useful. If you really want to avoid it, it is easy. The directive does not, for example, even ask for the "email address" to be logged. It also does not require logging of emails not using our mail servers.

Again, technical measures will bypass this. Anyone that wants privacy will bypass logging. The tools and protocols will start using encryption much more routinely (which may also help with spam). It is a waste of time.

What is far more scary than the Data Retention Directive is that the government apparently want ISPs to snoop on traffic to log email addresses and web pages and so on. The shear technical scale of this is impractical for even a small ISP and the amount of data is unmanageable. That is before you even consider the simple ways to poison the data. e.g. I could create fake SMTP sessions which apparently send emails to millions and millions of email addresses. Put that in a virus that infects a few million computers generating low level (harmless) fake SMTP sessions and you make the database totally an utterly useless as well as impossibly big. It need not be a virus - it could be something people willingly download and run as a rebellion. Then, as the logging is "open", you can Data Protection subject access request the ISP and ask for that logging which is your personal data!

Of course we already encourage people to run their own mail servers and use transport level encryption for email as well as content encryption which bypasses all such logging anyway. The idea that a criminal or terrorist could not access such technology is laughable.

10. This year has seen a lot of debate about the use and abuse of Behavioural Targeting and Deep Packet Inspection (DPI) based advertising technologies, such as Phorm. However interest in Phorm by some of the major UK ISPs now appears to have ebbed away. What are your thoughts on this type of ISP advertising technology, which many felt was invasive of personal privacy?

AAISP: I am quite happy for people to offer services that consumers choose to use. I am sure some people are happy for their usage of the internet to be profiled so that adverts they have to endure are actually relevant. I know some people welcome this.

However, the idea of intercepting traffic without permission, or by default, is unacceptable and clearly an invasion of privacy. We don't give permission for traffic to/from our web site to be intercepted by any third party for any purpose, for example.

11. Your ISP is currently testing BT’s next generation fibre optic (FTTC/FTTP) broadband technology.  Can you tell us any sneaky information about the progress of this pilot and how fast your average speeds have been (upload / download) :) ?

AAISP: We have an NDA covering some aspects of the trial, but as published we have a number of customers using FTTC and they seem to work well. Obviously services using 40Mb/s ATM rate will have some protocol overhead meaning that IP rates are nearer 35Mb/s and all such speeds depend on the line length.

At present we have some major concerns over 21CN generally (which affects all 21CN lines including FTTC and WBC/ADSL2+) as there are many cases of exchange back-haul congestion and MSAN faults causing congestion which mean many ADSL2+ customers have poor performance.

We know BT are working on this but it is just one of a long stream of issues with 21CN even though the network has been going over a year now. Unfortunately BT have clearly stated that they consider a broadband line getting only 600Kb/s throughput is acceptable! Lets hope that the network people in BT sort the issues soon.

Thanks once again to AAISP for agreeing to take part.

End.