Edited/Distributed by HURINet - The Human Rights Information Network --------------------------------------------------------------------- ## author : patrice@xs4all.nl ## date : 06.03.00 --------------------------------------------------------------------- See http://www.stand.org.uk/ripnotes/ for the full text. Here's the executive summary: ISPs as wiretappers ISPs are now classified as "public telecommunication systems". As are mobile telephone providers, Net gateways, newservers, and, potentially, operators of Web applications like Hotmail. This provides a new set of burdens on even the smallest ISP, and may introduce a new level of bureaucracy and liability for anyone seeking to offer any form of Internet service. Additionally, employees of these companies are compelled to keep any surveillance they conduct on their customers secret in perpetuity. We believe this to be a dangerous extension of obligations on British Net citizens, with no corresponding checks or balances on law enforcement. Interception Methods Additionally, the Home Secretary has reserved the right to demand the placing of specific devices to monitor ISP traffic with little deliberation, and no guarantee that the nature of this monitoring will ever be publicised. We'd like to see such impositions made public. Mass Surveillance The bill clarifies the requirements for an interception warrant, but also provides for Certificates, which are general permissions granted by the Home Secretary in a set of situations that don't make sense on the global Internet. In particular, the security services can now attempt to gather information on all communications that travel across an international boundary, without limit. We believe this affects everyone who uses the Net, to an extent unwarranted by the requirements of law enforcement. Permanent Secrecy Surveillance of communications, as before, is explicitly excluded from being used in a court of law. While this ostensibly provides continuing privacy for your e-mails (they won't be quoted in a court case), it also means that if your communications are tapped, you will never know. Traffic Data A wide group of government authorities are now allowed to collect communications data - that's to say, everything about your Net sessions *apart* from the contents of your messages. So, for instance, the Web sites you visit or the full list of who you have contacted may be collected by anyone from the local police to the security services, with very little supervision. We think that collecting mass traffic data is effectively watching your every movement online, and should have the same safeguards as watching your home. Government Access to Keys The government can still demand you hand over keys or plaintext, and can still potentially gaol computer users for being unable to unlock their own files. This tipping-off offence provides serious criminals with a get-out-of-jail-quick escape, while still effectively criminalising the widespread use of encryption by making the act of losing keys or forgetting passwords a criminal offence. ---------------------------------- Send mail for the 'huridocs-tech' list to 'huridocs-tech@hrea.org'. Mail administrative requests to 'majordomo@hrea.org'. For additional assistance, send mail to: 'owner-huridocs-tech@hrea.org'. Archives of previous messages posted to the list can be found at: http://www.hrea.org/lists/huridocs-tech/markup/maillist.html
[Reply to this message] [Start a new topic] [Date Index] [Thread Index] [Author Index] [Subject Index] [List Home Page] [HREA Home Page]