AAISP Boss Fears Costly Technical Nightmare of UK Internet Snooping Law

The boss of broadband ISP Andrews & Arnold (AAISP), Adrian Kennard, has warned that the UK governments new Communications Data Bill, which will expand existing internet snooping laws and force ISPs into monitoring a much bigger slice of everybody’s online activity, is “technically a nightmare” and will require providers to introduce “stupidly expensive black boxes“.

At present ISPs are already required, if requested, to maintain a very basic log of their customers’ internet website and email accesses (times, dates and IP addresses) for a year, which is made available to various government and security services via a warrant. This does NOT include the actual content of your communication.

The revised law (detailed summary) threatens to go further by providing real-time access to the data and logging activity for more online services, such as Skype or Facebook. But ISPs, many of which have not even been consulted, are growing increasingly concerned about the extremely high costs and technical difficulty of delivering such a system.

Adrian Kennard, Director of Andrews & Arnold, explained (blog):

“For an ISP, monitoring communications can, in principle, be done by setting up a monitoring port on one or more switches. These are a port to which the switch tries to send a copy of every packet. Technically, this is simple, though picking where to put this in the network is harder. Also, it is low risk. If the black box breaks, the network does not. If there is too much data, the black box does not see 100% of it, but it sees some, and again, nothing actually breaks.

But, if you want to intercept traffic, that is a lot harder. It means that you send everything in to and back out of a black box. It means ensuring all of the communications goes via this one point, and does not have packets spread over several redundant links. It means your whole network relies on the black box working and having enough capacity to cope with the load. It also means some stupidly expensive black boxes.

Looking on-line there are some expensive boxes that handle 100Mb/s of traffic and some really expensive ones that handle 1Gb/s of traffic. Even A&A’s tiny network is going over 1Gb/s now. They need many orders of magnitude more in order to work with any of the larger UK ISPs. It is basically impossible but trying will break lots of stuff.”

Expensive is right and as a result the government claims that it would be ready to “increase public expenditure up to £1.8 billion over 10 years” (i.e. £180m per year) in order to help implement the system, although many ISPs remain sceptical about whether or not this will cover all of their costs.

Meanwhile it’s sometimes easy for governments to forget that there are plenty of tools available that would allow criminals, as well as innocent individuals, to continue surfing the internet anonymously (VPN’s and advanced proxy tunnel/servers like TOR come to mind).

Adrian Kennard added:

“It won’t actually help. There will be ways to communicate securely and without monitoring the communications traffic. There are well established systems in place for this designed to allow people working under oppressive regimes to communicate with the outside would – where being found out could get them shot. Such systems will always exist, and there is no reason to think that they will not be used.”

The new bill, which has some strong opposition (just as it did under the previous Labour government), is now expected to be debated by ministers and peers prior to a report in November 2012.