Home
 » ISP News » 
Sponsored Links

Leaked: UK Gov’s Technical Requirements for Internet Snooping by ISPs

Friday, May 5th, 2017 (9:49 am) - Score 4,856

A leaked blueprint for the ‘Technical Capability‘ of the Government’s controversial new Investigatory Powers Act 2016, which will force broadband ISPs to log a much bigger slice of your Internet activity, has revealed that the smallest ISPs might escape but encryption is still at risk.

The act aims to introduce a system that would, among many other things, require ISPs to store (for up to 12 months) comparatively detailed Internet Connection Records (e.g. the websites / servers you’ve visited but NOT the content) for all their customers, which would be accessible without a warrant (here). On top of that ISPs will also have to provide access to the content of a communication upon request, although unlike an IRC this would require a warrant.

A preliminary Code of Practice, which was published last year, suggested that an ICR’s “core information” will most likely include the customer’s “account reference, a source [Internet Protocol] and port address, a destination IP and port address and a time/date” (details), but some providers may be expected to collect even more than this.

Advertisement

Simplified Interpretation of an ICR Log

Account ID
Date (Time) Source IP (You)
Destination IP:Port Data Volume URL
1 19/01/2017 (12:01) 84.56.232.71 123.45.62.86:80-HTTP 800KB omgfakeballz.com
1 19/01/2017 (13:12) 84.56.232.71 65.123.45.90:21-FTP 0.2KB ftp.faketest.co.uk
65 19/01/2017 (13:14) 84.79.130.47 190.45.62.86:80-HTTP 1700KB icanhasyourdata.net

So far the Government has already posted most of their Draft Codes of Practice for the IPAct, although absent from this was any mention of the rules for how ISPs should handle / collect ICRs and that’s because of a recent court ruling, which warned that EU law does not allow “general and indiscriminate retention of traffic data and location data,” except for “targeted” use against “serious crime” (here).

As a result of that ruling the Government’s code of practice for collecting related communications data has been put on hold until they can figure out how to amend the rules.

Meanwhile the Open Rights Group notes that the Home Office has just begun a new consultation on the IPAct’s Technical Capabilities and a blueprint for this has been leaked (here). Prior to this the notice had only been provided to a select few companies (e.g. ISPs).

Advertisement

We should stress that this paper appears related to communications data that would require a ‘warrant‘ (i.e. the content of communications), which is separate to basic ICR collection that doesn’t require a warrant. However the two sides to data snooping are still part of the same broad approach.

The leaked paper doesn’t reveal much, although there are a few interesting highlights. For example, when defining the “relevant operators” the paper states that its obligations “may not be imposed on a relevant telecommunications operator who does not provide, and does not intend to provide, a telecommunications service to more than 10,000 persons.” We don’t yet know for sure if this rule will also apply to ICR collection.

In theory this might allow the smallest of ISPs to avoid some of the rules, although “does not intend to provide” is a tricky one for any growing businesses to interpret (i.e. even a new business may aim to have tens of thousands of people connected, although achieving that is another matter).

Key Points from the Technical Capabilities Notice

* [Telcos must] provide and maintain the capability to carry out the interception of communications or the obtaining of secondary data and disclose anything obtained under the warrant to the person to whom the warrant was addressed, or any person acting on that person’s behalf, within one working day, or such longer period as may be specified in the technical capability notice.

* [Telcos must] provide and maintain the capability to disclose, where practicable, the content of communications or secondary data in an intelligible form and to remove electronic protection applied by or on behalf of the telecommunications operator to the communications or data, or to permit the person to whom the warrant is addressed to remove such electronic protection.

* [Telcos must] provide and maintain the capability to simultaneously intercept, or obtain secondary data from, communications relating to up to 1 in 10,000 of the persons to whom the telecommunications operator provides the telecommunications service to which the communications relate.

* In order that the capability to intercept communications and obtain secondary data may be maintained, to put in place and to maintain arrangements, agreed with the Secretary of State, to notify the Secretary of State, within a reasonable time, of—

(a) proposed changes to telecommunications services or telecommunication systems to which obligations imposed by a technical capability notice relate;
(b) proposed changes, to existing telecommunications services, of a description specified in the notice, and
(c) the development of new telecommunications services.

NOTE: Secondary Data tends to mean additional information, such as the date and time of a meeting etc.

The second point appears to suggest that communications services which use end-to-end encryption (messaging, financial transactions etc.) could still be in trouble and may need to add a backdoor in order to remove encryption when requested (very dangerous to do this from a security perspective). The Government has spent a lot of time flip-flopping over this issue and the notice does at least include the vague “where practicable” get-out clause.

Advertisement

Elsewhere the requirement that ISPs must inform the Government’s Secretary of State about any new systems or service changes, which has always been present in the IPAct, remains an ugly and cumbersome problem for telecoms firms as such systems are constantly being updated, changed and fixed.

In addition, the third point (up to 1 in 10,000 of the persons) appears to set some sort of processing limit for the information gathering, which makes sense because at a certain point the burden for larger providers of needing to provide simultaneous interception of a large number of subscribers could become unworkable.

Apparently the consultation is due to run until 19th May 2017, at least it is for those select few that have received a copy.

Mark-Jackson
By Mark Jackson
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on X (Twitter), Mastodon, Facebook, BlueSky, Threads.net and .
Search ISP News
Search ISP Listings
Search ISP Reviews

Comments are closed

Cheap BIG ISPs for 100Mbps+
Community Fibre UK ISP Logo
150Mbps
Gift: None
Virgin Media UK ISP Logo
Virgin Media £22.99
132Mbps
Gift: None
Vodafone UK ISP Logo
Vodafone £24.00 - 26.00
150Mbps
Gift: None
NOW UK ISP Logo
NOW £24.00
100Mbps
Gift: None
Plusnet UK ISP Logo
Plusnet £25.99
145Mbps
Gift: £50 Reward Card
Large Availability | View All
Cheapest ISPs for 100Mbps+
Gigaclear UK ISP Logo
Gigaclear £17.00
200Mbps
Gift: None
Community Fibre UK ISP Logo
150Mbps
Gift: None
Virgin Media UK ISP Logo
Virgin Media £22.99
132Mbps
Gift: None
Hey! Broadband UK ISP Logo
150Mbps
Gift: None
Youfibre UK ISP Logo
Youfibre £23.99
150Mbps
Gift: None
Large Availability | View All
The Top 15 Category Tags
  1. FTTP (6032)
  2. BT (3642)
  3. Politics (2722)
  4. Business (2442)
  5. Openreach (2406)
  6. Building Digital UK (2330)
  7. Mobile Broadband (2150)
  8. FTTC (2083)
  9. Statistics (1904)
  10. 4G (1820)
  11. Virgin Media (1766)
  12. Ofcom Regulation (1584)
  13. Fibre Optic (1469)
  14. Wireless Internet (1463)
  15. 5G (1409)
Promotion
Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms , Privacy and Cookie Policy , Links , Website Rules , Contact
Mastodon