Sponsored Links

ISP Data retention

with the recent plans regarding more in depth data retention seemingly delayed in the Queen's speech, I was curious to ask my ISP Three about their policy regarding what data they keep on their customers and whether they log IPs. I had been under the impression that ISP's keep data like this but seems I was wrong. it's good to see they seem to take customer privacy seriously. Have a look at this quote from an email I got back from Three. Any thoughts or knowledge to share?

'Just so you know, every time a customer connects to the internet via our network, a dynamic IP address is allocated for them hence, we cannot keep any record if particular user was online at a particular point in time on a particular IP. However, our billing system does keep a record of volume of data allowance used in particular session at any given interval.'
 
We also use 3 and I'd wondered how it might be impacted.

Two things: one is the logging of traffic (what you access) and the other one is - given a report by say the Police, can a particular request (for say a file) be traced back to an individual?

So far as I remember the mobile companies were to be exempt from the logging requirements anyway though that seems a surprising admission and obvious back-door exploit, like people who change lanes in sections of motorway protected by 'average speed cameras' so as to fool it by going under the first camera in lane 1 and the second one in lane 2. Anyway..

As far as tracing back goes, yes the IP address is dynamic though it only changes on reconnection so it like us you have a strong signal to a particular cell then the IP remains the same as it never disconnects.

If you have bought a dongle on PAYG I do not know if you have to supply your name and address to "activate it" (like the scenario with PAYG phones) giving Three the nexessary information to pass to the Police. As without it, I would guess they can trace the IP to the cell and then to a specific dongle (do they have MAC codes, like network cards?) and so narrow it down to say a four mile square area but not be able to get any further ID.

Dual channel HSPA connects to two cells, though I guess the two cells could be on the same mast. To triangulate a position of a user with a high degree of accuracy requires the device to be connected to cells on more than one mast (three in fact). I think. I may have read too many Peter James novels though.
 
Seems strange that Three state they are unable to associate an IP address to a user. Can you imagine the ear bending the Home Secretary is likely to get from the police every time a serious crime is committed using the Three network? :shrug:
 
Sponsored Links
seems incredible, I usually pay for stuff like movies and music anyhow, but seems they cant trace anything from an dynamic IP if they dont keep records. Is it Three money saving I guess. Maybe to keep these kind of records isnt compulsory until new law happens.
 
A number of landline ISPs are now sharing IPv4 address's amongst multiple users, so in theory pirates can download with impunity as any resolved IP may be in continual use by hundreds/thousands of different people - all at the same time.

The situation has been the same with MANY of the mobile networks, I remember issues with Orange - you couldnt D/L from various online data stores because every Orange customer had the same IP address (as far as the outside world could see).
 
CGNAT / IPv4 Address sharing isn't really a problem so long as the data supplied by a third party (e.g. rights holder) includes additional information like accurate time stamps and ports, which would allow even shared IP's to be matched to particular customers.
 
Mark, the IPv4 sharing appears to be similar to NAT routing - the outside world only sees the one IP address for multiple customers; that is how I read the technical news release a few months back anyway.
 
Sponsored Links
There are several arguments here, the data retention policy but 1st the IP and tracking what data goes where.

By law and RIPA, IP's and when it is used and by who is logged, CGNAT will make no change as to who is doing what, when, and where makes no difference to the normal person. That data is held anyway. But that data is only basic at best, what IP was connected to what connection, even if it is dynamic IP's, it has to be logged. Content of the communications is not logged.

It is only a good thing now with how a lot of things are online as long as your are not doing anything wrong,but I wont go in to that.

The CGNAT will work off different customers using different ports for the same IP so it wont be hard to trace whos doing what as long as the right logging and equipment is in place. I'm sure several ISP's who do DPI and ellacoya wont have any kind of issues.

One problem is that it is forcing ISP's to track this kind of data who don't want to, I like to see it as who builds the roads why should they responsible for whats done on them?
 
I didn't have a view on connection logging or data retention until about a week ago.
I did think "ok, this data is logged .. so what, if you are not doing anything bad then who cares.. the ISP or government will do it their end, securely, with no reason for the information to leak".

Then last week I found out that since February one of my dedicated servers has about 20 to 40kB/sec of constant data flow coming into its NIC with thousands upon thousands of SYSLOG entries containing every single TCP connection, authentication, DHCP allocation etc.. of wifi users in many large and up-market UK hotels!

It seems that a public wifi deployment company has enabled logging to "ensure their customers are complaint with the upcoming Digital Rights Bill" and somehow - either through their misconfiguration or a mistake at my hosting provider I'm seeing this information in plain text hitting one of my servers.
Quick "ctrl+f" of the information can identify users visiting sites by IP address - it is trivial to find users / mac addresses accessing redtube, bbc, torrent sites etc...

I alerted my hosting provider to it over a week ago and I'm still seeing the traffic.

What can go wrong with a law / requirement for connection logging and data retention..... well, it seems, a lot!
It isn't even law (as far as I know) yet and it has already gone wrong with serious privacy implications for patrons of these hotels.
If stuff like this is going to happen then it makes a very good case against individual providers being in control or responsible for logging and a very good case for it being done at the major carrier level controlled and monitored closely by government. Even then I expect over the years information will leak.

And that doesn't even go into the worry that all this is transmitted over the internet in plain text syslog from each of the hotels!

Tom - www.mouselike.org
 
l hate to be the conspiracy theorist here but considering our governments track record such plans for data retention have to have some ulterior motive behind them.

under current law with court orders and such they can easily acquire such data they are intending to log, however they intend to remove the middle man and have access to such data in damn near realtime!! and tbh considering the track record of this government following the law and changing it to suit themselves l have to ask, do they just want to treat everyone as guilty and be able to pick and choose connections that may or may not have downloaded something the BPI think they own or do they just want to be able to chase down political protesters and do a little social engineering based upon information logged via data retention laws..
 
There are several arguments here, the data retention policy but 1st the IP and tracking what data goes where.

By law and RIPA, IP's and when it is used and by who is logged, CGNAT will make no change as to who is doing what, when, and where makes no difference to the normal person. That data is held anyway. But that data is only basic at best, what IP was connected to what connection, even if it is dynamic IP's, it has to be logged. Content of the communications is not logged.

That's the bit that bemuses me. If the actual content is not logged, and the Authorities have their eye on someone who they think is up to mischief, would the fact that on several days they corresponded electronically with somebody, somewhere in the Middle East at some time really add any clinical weight to the case, or is this more akin to "witch hunting"?

If I say hello to someone in the street who subsequently turns out to be a serial burglar, does the fact that I spoke to them at some point indicate my culpability in their crimes?
 
Sponsored Links
That's the bit that bemuses me. If the actual content is not logged, and the Authorities have their eye on someone who they think is up to mischief, would the fact that on several days they corresponded electronically with somebody, somewhere in the Middle East at some time really add any clinical weight to the case, or is this more akin to "witch hunting"?

If I say hello to someone in the street who subsequently turns out to be a serial burglar, does the fact that I spoke to them at some point indicate my culpability in their crimes?

you make an excellent point, the government keep on saying its to counter terrorism however what terrorist will use the internet knowing that he/she will be monitored? however l dont think the term "witch hunting" is correct, it strikes me that the only ppl to benefit from such retention (especially if expanded further) will only benefit commercial interests, a good example would be the media industry who will eat it up if allowed to see who downloaded what and where.

and before ppl say that wont happen, take the NHS reforms private insurance companies can buy our "private patient" details for a couple of hundred quid already so whats to say ISPs wont be taken to court and forced to release information on the ideal that it is to fight against copyright infringement.. hell whats to say they wont stop there? my theory is that if you give power to spy on someone in their own home whats to say that wont be expanded? hell does anyone remember Phorm?

take this scenario, the current government (if implemented before the next election or they get kicked out) the wealth of information such a project could give would be akin to what Phorm was trying to achieve.. in their case they supposedly wanted to profile us based on what we browsed in order to better direct advertising, in the governments hands those same profiling techniques could be used to see how we as voters tick and tailor their campaigns around it.. suffice to say if such power was available it would be used.
 
Top
Cheap BIG ISPs for 100Mbps+
Community Fibre UK ISP Logo
150Mbps
Gift: None
Virgin Media UK ISP Logo
Virgin Media £22.99
132Mbps
Gift: None
Vodafone UK ISP Logo
Vodafone £24.00 - 26.00
150Mbps
Gift: None
NOW UK ISP Logo
NOW £24.00
100Mbps
Gift: None
Plusnet UK ISP Logo
Plusnet £25.99
145Mbps
Gift: £50 Reward Card
Large Availability | View All
Cheapest ISPs for 100Mbps+
Gigaclear UK ISP Logo
Gigaclear £17.00
200Mbps
Gift: None
Community Fibre UK ISP Logo
150Mbps
Gift: None
Virgin Media UK ISP Logo
Virgin Media £22.99
132Mbps
Gift: None
Hey! Broadband UK ISP Logo
150Mbps
Gift: None
Youfibre UK ISP Logo
Youfibre £23.99
150Mbps
Gift: None
Large Availability | View All
Sponsored Links
The Top 15 Category Tags
  1. FTTP (6026)
  2. BT (3639)
  3. Politics (2721)
  4. Business (2439)
  5. Openreach (2405)
  6. Building Digital UK (2330)
  7. Mobile Broadband (2146)
  8. FTTC (2083)
  9. Statistics (1901)
  10. 4G (1816)
  11. Virgin Media (1764)
  12. Ofcom Regulation (1582)
  13. Fibre Optic (1467)
  14. Wireless Internet (1462)
  15. 5G (1407)
Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms  ,  Privacy and Cookie Policy  ,  Links  ,  Website Rules