tag:blogger.com,1999:blog-229721367671779922.comments2022-12-13T09:58:51.817+00:00CyberleagleCyberleaglehttp://www.blogger.com/profile/17507190182464072147noreply@blogger.comBlogger37125tag:blogger.com,1999:blog-229721367671779922.post-41150579735786344582022-11-02T19:50:57.811+00:002022-11-02T19:50:57.811+00:00It's worth noting that many of the legal obser...It's worth noting that many of the legal observations in the interim report are more than a little contentious. For some trenchant criticism see https://journals.sas.ac.uk/deeslr/article/view/5423/5210.<br /><br />Nicholas BohmUnknownhttps://www.blogger.com/profile/03992214130065031309noreply@blogger.comtag:blogger.com,1999:blog-229721367671779922.post-58206626068323471302018-05-04T20:01:21.762+01:002018-05-04T20:01:21.762+01:00If the policy debate were being conducted at that ...If the policy debate were being conducted at that level of nuance that would itself be a step forward. Trying proactively to suppress illegal content is a role that I think on the whole intermediaries have been pressured into more than anything.Cyberleaglehttps://www.blogger.com/profile/17507190182464072147noreply@blogger.comtag:blogger.com,1999:blog-229721367671779922.post-85273610504417200832018-05-04T19:47:20.092+01:002018-05-04T19:47:20.092+01:00Important points which I'm sure are not unders...Important points which I'm sure are not understood by the politicians driving the current debate. But isn't the question of policy about intermediaries who may not be 'active' in the sense of having control, but are active in ranking and recommending content - and increasingly trying to suppress illegal content - through automated means? Anonymoushttps://www.blogger.com/profile/13581585219831288625noreply@blogger.comtag:blogger.com,1999:blog-229721367671779922.post-16049638170253637042018-02-26T23:18:58.946+00:002018-02-26T23:18:58.946+00:00A realist view - but let's not give up on the ...A realist view - but let's not give up on the common goal agreed by reps of humanity in the Universal Declaration of Human Rights, and the UN agreement on the Ruggie Principles for private sector respect for rights. In other words, compromise should not extend to tolerating generally accepted violations. This is the gist of my chapter in https://www.cambridge.org/core/books/net-and-the-nation-state/D9955146E026166BC6375A202C1FFE19 Guy Bergerhttps://www.blogger.com/profile/04909676977346968765noreply@blogger.comtag:blogger.com,1999:blog-229721367671779922.post-45236336495255972422017-11-19T18:40:20.889+00:002017-11-19T18:40:20.889+00:00Regarding the Good Thing, fair to point out that J...Regarding the Good Thing, fair to point out that Jack Goldsmith replied to me on Twitter when I made a similar observation. https://twitter.com/jacklgoldsmith/status/891275438273810432Cyberleaglehttps://www.blogger.com/profile/17507190182464072147noreply@blogger.comtag:blogger.com,1999:blog-229721367671779922.post-22595162719959449692017-10-25T14:01:22.763+01:002017-10-25T14:01:22.763+01:00You are owed a debt of gratitude for this devastat...You are owed a debt of gratitude for this devastating analysis.<br /><br />Nicholas BohmUnknownhttps://www.blogger.com/profile/03992214130065031309noreply@blogger.comtag:blogger.com,1999:blog-229721367671779922.post-84660588492904227732017-06-09T15:24:03.408+01:002017-06-09T15:24:03.408+01:00Good spot, thanks. TCN = Technical Capability Not...Good spot, thanks. TCN = Technical Capability Notice. I'll expand the acronym.Cyberleaglehttps://www.blogger.com/profile/17507190182464072147noreply@blogger.comtag:blogger.com,1999:blog-229721367671779922.post-53002618870671178212017-06-09T15:05:25.086+01:002017-06-09T15:05:25.086+01:00It would be helpful and improve readability if the...It would be helpful and improve readability if the article explained the acronym TCN - the supplied link does not use the acronym so is no helpAnonymoushttps://www.blogger.com/profile/17930000541820589696noreply@blogger.comtag:blogger.com,1999:blog-229721367671779922.post-33492575285770154482016-12-31T09:52:07.111+00:002016-12-31T09:52:07.111+00:00Despite your reservations, I still think the IP Bi...Despite your reservations, I still think the IP Bill is a welcome step in the right direction.Data Protectorhttps://www.blogger.com/profile/15057767713049545333noreply@blogger.comtag:blogger.com,1999:blog-229721367671779922.post-7599548979822305772016-09-08T10:11:45.847+01:002016-09-08T10:11:45.847+01:00That example of a specific or limited purpose was ...That example of a specific or limited purpose was what I had in mind when I said: "An informed debate about trimming bulk powers could entail discussion of whether unseeded pattern analysis and anomaly detection should be permitted, and if so whether only for very specific and limited purposes". However I agree that wasn't reflected in the trimming examples.Cyberleaglehttps://www.blogger.com/profile/17507190182464072147noreply@blogger.comtag:blogger.com,1999:blog-229721367671779922.post-16523654188321992742016-09-08T09:47:52.051+01:002016-09-08T09:47:52.051+01:00Great analysis. I have one qualification to the su...Great analysis. I have one qualification to the suggestions, which I'm sure you're already aware of but I'm not sure how it fits. <br /><br />With respect to trimmings in A and B, specifically on filtering out any external-internal communications and any nonhuman communications, one objection is that unseeded machine learning processing is already apparently quite effective at detecting patterns indicative of cyberattacks from foreign actors against UK networks. It seems from leaked material and the hints provided in the bulk powers review that What we could call unseeded analysis of data streams, based on pure analytics of data rather than an initial reference point, is much more suitable for detecting hostile computer generated signals than detecting suspicious human behaviour. Trimming out such data on the basis of it being machine generated or being addressed to UK based IP addresses, enhancing human privacy, would seem to eliminate that form of cyber defence. Bernard Keenanhttps://www.blogger.com/profile/17160666436770206445noreply@blogger.comtag:blogger.com,1999:blog-229721367671779922.post-6657905001801217882016-01-14T09:45:14.461+00:002016-01-14T09:45:14.461+00:00“data” includes any information which is not data....“data” includes any information which is not data.<br /><br />This is clearly a very well-written bill!Fonanthttps://www.blogger.com/profile/02138087859465124942noreply@blogger.comtag:blogger.com,1999:blog-229721367671779922.post-82045561038487655292015-11-05T11:50:19.082+00:002015-11-05T11:50:19.082+00:00Useful summary. Is EI (warriorpride) new, then?
...Useful summary. Is EI (warriorpride) new, then?<br /><br />As a computer scientist, I cannot work out what 'internet connection records' are. The government background paper, it's a record of all IP to IP address communication (which will not necessarily be recorded by most systems). In principle, this could include tunnelled information, although such information could be considered content.<br /><br />If the intention is to work out who's snapchatting with whom, then it would need to include the content.<br /><br />It does seem odd to me that just because the design of phone systems enables the identification of communications between end points, that capability should be carried into other technologies. It's not like it's available for the letter post, or talking over the garden gate. And certainly not possible to go back in time as retention of logs implies.Unknownhttps://www.blogger.com/profile/10030327071645826380noreply@blogger.comtag:blogger.com,1999:blog-229721367671779922.post-89460767480528159672015-02-03T07:54:24.601+00:002015-02-03T07:54:24.601+00:00No, Graham, you are not the only one. There are...No, Graham, you are not the only one. There are at least two of us! "Other identifier" could be almost anything, provided it isn't "content". And we all know how easy it is to separate "content" from "communications data", don't we?Peter Sommerhttps://www.blogger.com/profile/04144764161877680675noreply@blogger.comtag:blogger.com,1999:blog-229721367671779922.post-15793447334726591142015-01-22T14:40:51.756+00:002015-01-22T14:40:51.756+00:00and I think Annette Kur has also something on this...and I think Annette Kur has also something on this in her commentary on CLIP;Huťkohttps://www.blogger.com/profile/17385257405994833051noreply@blogger.comtag:blogger.com,1999:blog-229721367671779922.post-9008480584079284942014-12-22T09:33:58.237+00:002014-12-22T09:33:58.237+00:00Very nice, Graham!Very nice, Graham!Peter Sommerhttps://www.blogger.com/profile/04144764161877680675noreply@blogger.comtag:blogger.com,1999:blog-229721367671779922.post-45391143538173766552014-12-05T09:02:03.710+00:002014-12-05T09:02:03.710+00:00In case it is of use to anyone reading your fascin...In case it is of use to anyone reading your fascinating analysis, Graham, I have prepared a consolidated version of DRIPA earlier in the week, incorporating the amendments which the current text of the Counter-Terrorism and Security Bill would, if passed in its current form, make.<br /><br />It is available ot anyone who might want it, here: http://neilzone.co.uk/consolidated_DRIPA_as_modified_by_CTS_bill_as_at_20141203.pdf<br /><br />Best wishes<br /><br />Neil<br />Anonymoushttps://www.blogger.com/profile/18427000118752159232noreply@blogger.comtag:blogger.com,1999:blog-229721367671779922.post-51438492529123874742014-12-04T00:50:19.217+00:002014-12-04T00:50:19.217+00:00Worth considering if this is trying to start a &qu...Worth considering if this is trying to start a "death by a thousand slices" attack on first the carriers, then ISPs, then providers (hotels etc) then individual accounts, with the argument "everybody else above you does this so why don't you".<br /><br />Stupid of course (hard to ban TOR type services under TCP/IP model, but then it was designed that way) but that doesn't stop a world of FUD & pain etc on the way...<br />Tim Mhttps://www.blogger.com/profile/08008478745742200093noreply@blogger.comtag:blogger.com,1999:blog-229721367671779922.post-41158688187705281942014-12-03T13:27:34.165+00:002014-12-03T13:27:34.165+00:00Have to drill down into RIPA definitions of 'p...Have to drill down into RIPA definitions of 'public telecommunication system' and 'public telecommunications service' to work out who is a public telecommunications operator. It's complicated. I was referring to a router used for the business' internal purposes.Cyberleaglehttps://www.blogger.com/profile/17507190182464072147noreply@blogger.comtag:blogger.com,1999:blog-229721367671779922.post-82657966841782533572014-12-03T13:17:10.242+00:002014-12-03T13:17:10.242+00:00So how about a situation where eg a hotel or comme...So how about a situation where eg a hotel or commercial student accommodation offers network connections? That's presumably out of scope?Tony Hirsthttps://www.blogger.com/profile/07192476380420213082noreply@blogger.comtag:blogger.com,1999:blog-229721367671779922.post-28213499638382906562014-12-03T12:49:18.782+00:002014-12-03T12:49:18.782+00:00Yes indeed, this (i.e. CG-NAT) would be an example...Yes indeed, this (i.e. CG-NAT) would be an example within my first bullet point. But it looks as if the clause is intended to cover more than that. <br /><br />Home and business routers wouldn't be in scope as that is not a service provided by a public telecommunications operator.Cyberleaglehttps://www.blogger.com/profile/17507190182464072147noreply@blogger.comtag:blogger.com,1999:blog-229721367671779922.post-40633163016711278692014-12-03T12:39:04.187+00:002014-12-03T12:39:04.187+00:00Where a home or a business has all their devices b...Where a home or a business has all their devices behind an NAT router (ie just about always) then recording the MAC address will only be the MAC address of the the router, not the source device, and similarly the source port will only be the source port number on the router, not on the "true source" device.<br /><br />I think what the clause may be aimed at is the situation where the ISP themselves is putting customer connections behind NAT... I believe BT were looking at doing this. In such a case, while your router thinks it's has an Internet (as opposed to private) address, in fact it's external address is just an address on a larger private network, and the true "internet address" is that of the ISP's NAT device, and is shared with multiple other connections. In this case, the clause is saying "not only must you maintain the 'public network address' of a connection, but where you yourselves are doign NAT on customers, you must, for each connection, also retain the information about the NAT state tables at that time so that you can tell us which of you subscriber connections was involved". <br /><br />Doesn't sound so easy to retain (as NAT state tables are very much more transient than DHCP address leases etc), but it would avoid the query of "we're after this one IP address" being answered with "oh, that's any one of these 1000 customers behind that particular NAT device".Tim Mhttps://www.blogger.com/profile/08008478745742200093noreply@blogger.comtag:blogger.com,1999:blog-229721367671779922.post-48687375986353257642014-11-23T17:39:09.738+00:002014-11-23T17:39:09.738+00:00In a sense IP addresses are addresses on the Inter...In a sense IP addresses are addresses on the Internet (capital "I") whereas most devices live on networks that use the internet protocol but are private networks rather than the Internet. NAT is the magic that connects the two.Francis Daveyhttps://www.blogger.com/profile/10228026893626221724noreply@blogger.comtag:blogger.com,1999:blog-229721367671779922.post-7420943308143826372014-11-17T11:32:04.143+00:002014-11-17T11:32:04.143+00:00As ever, the government simply states the time we ...As ever, the government simply states the time we are living in is exceptional. That's all they ever need do to pass what they want. Nigelhttps://www.blogger.com/profile/16570349252948836345noreply@blogger.comtag:blogger.com,1999:blog-229721367671779922.post-50785578653484190092014-07-15T22:38:24.917+01:002014-07-15T22:38:24.917+01:00This point was brought up in the House of Commons ...This point was brought up in the House of Commons Committee discussion of Clause 4 earlier today (Dominic Raab and Julian Lewis). <br /><br />http://www.parliament.uk/business/publications/hansard/commons/todays-commons-debates/read/unknown/862/Cyberleaglehttps://www.blogger.com/profile/17507190182464072147noreply@blogger.com