Have you heard the English expression “dog’s breakfast”? R
On 5 Nov 2015, at 05:45, Joseph Lorenzo Hall <[email protected]> wrote: > I should also point out, on a different part of the Bill, section 189, > "Maintenance of technical capability" requires non-UK > providers/companies to provide access to cleartext. e.g., this part > reaches non-UK folks: > > "An obligation specified in regulations under this section may be > imposed on, and a technical capability notice given to, persons > outside the United Kingdom (and may require things to be done, or not > to be done, outside the United Kingdom)" > > :/ > > On Thu, Nov 5, 2015 at 2:08 PM, Robin Wilton <[email protected]> wrote: >> It’s very hard to work out exactly what UK policymakers think they are >> aiming for here… quite possibly because their own understanding is less than >> perfect. >> >> In the parliamentary debate yesterday, the Home Secretary repeatedly >> referred to retention of “the first page or device accessed by a user”. >> >> I don’t think I know what that means. >> >> I also wonder, for instance, how that would work in a “portal”-style >> environment, where a single “landing page” could contain dynamic content >> elements. >> >> Nor is it clear to me whether, once I visit a site, my CSP would have to log >> the “first connection” my browser gets to each embedded third-party-served >> element on that page (e.g. ads, ssh sessions etc… etc…). >> If it does, there’s potential for this measure to result in volumes of data >> that are so large as to be increasingly unusable. (Obviously, as a >> privacy-concerned citizen, if the interceptors drown in data, I can see an >> upside in that ;^) ) >> >> I will be looking at the detail of the Bill over the coming days, and no >> doubt ISOC will be publishing some analysis, comments and conclusions. >> >> Yrs., >> Robin >> >> Robin Wilton >> Technical Outreach Director - Identity and Privacy >> Internet Society >> >> email: [email protected] >> Phone: +44 705 005 2931 >> Twitter: @futureidentity >> >> On 5 Nov 2015, at 04:34, Joseph Lorenzo Hall <[email protected]> wrote: >> >>> (moving a thread from Stephane on dns-privacy here to perpass) >>> >>> I wanted to highlight for perpass the draft UK Bill [1] that dropped >>> yesterday. >>> >>> It includes the following language in Section 71(9) that ISPs, on >>> notice, will need to retain the following for one year (and, yes, some >>> of this is completely crazypants and totally unclear how to map these >>> concepts onto technical concepts): >>> >>> ---- >>> >>> (9) In this Part “relevant communications data” means communications >>> data which may be used to identify, or assist in identifying, any of >>> the following— >>> >>> (a) the sender or recipient of a communication (whether or not a person), >>> (b) the time or duration of a communication, >>> (c) the type, method or pattern, or fact, of communication, >>> (d) the telecommunication system (or any part of it) from, to or >>> through which, or by means of which, a communication is or may be >>> transmitted, >>> (e) the location of any such system, or >>> (f) the internet protocol address, or other identifier, of any >>> apparatus to which a communication is transmitted for the purpose of >>> obtaining access to, or running, a computer file or computer program. >>> >>> In this subsection “identifier” means an identifier used to facilitate >>> the transmission of a communication. >>> >>> ---- >>> >>> While the press before had highlighted this bill would require >>> retaining "web browsing history" it seems both somewhat worse, and >>> potentially Netflow data for what seems like all an ISPs subscribers. >>> >>> Wondering if others have thoughts. >>> >>> best, Joe >>> >>> [1]: >>> https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/473770/Draft_Investigatory_Powers_Bill.pdf >>> >>> ---------- Forwarded message ---------- >>> From: Stephane Bortzmeyer <[email protected]> >>> Date: Wed, Nov 4, 2015 at 10:28 PM >>> Subject: [dns-privacy] We'll have stakeholders in Great Britain... >>> To: [email protected] >>> >>> >>> http://www.bbc.com/news/uk-politics-34715872 >>> >>> The bill will force companies to hold "internet connection records" >>> for 12 months so they can be requested by authorities. >>> >>> Such data would consist of a basic domain address, >>> >>> _______________________________________________ >>> dns-privacy mailing list >>> [email protected] >>> https://www.ietf.org/mailman/listinfo/dns-privacy >>> >>> >>> -- >>> Joseph Lorenzo Hall >>> Chief Technologist >>> Center for Democracy & Technology >>> 1634 I ST NW STE 1100 >>> Washington DC 20006-4011 >>> (p) 202-407-8825 >>> (f) 202-637-0968 >>> [email protected] >>> PGP: https://josephhall.org/gpg-key >>> fingerprint: 3CA2 8D7B 9F6D DBD3 4B10 1607 5F86 6987 40A9 A871 >>> >>> _______________________________________________ >>> perpass mailing list >>> [email protected] >>> https://www.ietf.org/mailman/listinfo/perpass >> > > > > -- > Joseph Lorenzo Hall > Chief Technologist > Center for Democracy & Technology > 1634 I ST NW STE 1100 > Washington DC 20006-4011 > (p) 202-407-8825 > (f) 202-637-0968 > [email protected] > PGP: https://josephhall.org/gpg-key > fingerprint: 3CA2 8D7B 9F6D DBD3 4B10 1607 5F86 6987 40A9 A871
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
