ntouk.com - Jerry Fishenden's technology policy blog

The proposals to develop a state system to monitor all digital communications in the UK have attracted a lot of attention. As The Independent has described it:

"The forthcoming Communications Data Bill threatens to create a "super-database" which will store a host of information relating to the British population, ranging from our phone records, to emails sent, to the websites we have accessed."

The proposals are intended to help with counter-terrorism work, an objective that in itself it is difficult to fault. But on technical grounds alone, those of us who have long worked in the security, privacy and identity space are wondering quite how any such system would ever work, even if politicians decide it is a justifiable change to the relationship between the citizen and the state.

To give just a flavour for some of these:

• scale and volume: at Microsoft, last time I looked we were having to deal with some 3 billion spam emails a day through our Hotmail/Windows Live Mail service. Let alone the volume of legitimate emails. The Independent states that about one trillion emails and more than 60 billion text messages will be sent in Britain this year, and that most homes and offices now have a computer, with an estimated 20 million broadband connections. That's a serious volume of data and a serious data centre or data centres we're potentially talking about - let about the analytics then required to make sense of that data.
• insider abuse: we know most hacking and breaches and leaks are a result of insider abuse and social engineering. How would such an attractive and valuable honeypot of data be appropriately secured?
• systemic weaknesses in underlying technologies and protocols: for example, widely used protocols such as SMTP (the Simple Mail Transfer Protocol, which handles much of the email traffic on the Internet). Many years ago, when I put the Financial Services Authority on the Internet, one of the first things I did was send an email to the Chief Executive from the Prime Minister. His delight was short lived when I told him the reality- that it had taken but a few minutes work to spoof the email. My point was made, that no-one should trust such communications, at least not without adding in some other technologies. Such problems have still not been fixed.
• "gotchyas" such as 'pre-fetch': when Web browsing, some browsers and sites use something called 'pre-fetch'. This allows the Web site you are visiting, without your knowledge or consent, to tell the browser that a page from a third party site should be pre-fetched in the background. So, if I were to have used this facility on this blog entry, I could have already made your browser pre-fetch another page from another site in the background. Perhaps one for example about how to make a bomb. This would also have been logged by your ISP as a page you had visited. Legitimately you would know nothing about it, but try telling that to someone knocking on your door at four o'clock in the morning waving a printout from the ISP showing you regularly frequent "known terrorist Web sites".
• botnets and similar infestations, which take over PCs and control them without their owner's consent or knowledge. Again, this would potentially implicate you based on the communications originating from your PC even if, legitimately, you were unaware that your PC was infected. Likewise, those with true criminal intent use technologies such as this to hide their own communications.

Then of course there are many other techniques (many of them used quite properly and legitimately) to obfuscate who is communicating with someone else, including methods such as onion routing. And all of these technical issues are without considering some substantial legal perspectives too such as Article 8 of the European Convention on Human Rights on which others are better placed to comment than I.

The Independent continues:

"We might also ask why we need this new legislation, which is justified as a necessary counter-terrorism measure, when the present system seems to be working perfectly well. Police officers can already request information on suspects' phone calls and emails from network providers. And they generally get it. Why does the Government need to store all this information itself? The suspicion has to be that the answer is so that the police, or the intelligence services, can go on "fishing expeditions", looking for suspicious patterns in our communications records."

My concern is the value of what even such "fishing expeditions" would yield, even if some of the technical issues could in some way be overcome. The quality of such digital evidence is insufficient to be relied upon, unless we find some way of fixing weaknesses in the Internet itself. Of course, some would maintain that these weak technologies and protocols should not be "fixed" precisely because in a sense they allow anonymity to those who need it and enable the laying of false trails to those who legitimately do not want to be tracked (journalists and their sources for example). That is, of course, provided they understand the weaknesses and exploitations that exist in the system.

I remain unconvinced that we should be using technology to progressively build a panopticon here in the UK. Technology has a huge upside that we should be using positively, not allowing its more toxic potential to erode our long cherished liberties.

This is not to critique politicians, who are caught between a rock and a very hard place indeed in these challenging times. But it does suggest we are failing to ensure an adequate dialogue between policymakers and technologists in the formulation of UK public policy.

And that, at least, does seem to me a problem we can fix.

Technorati tags: identity panopticon privacy security Communications Data Bill technology policy botnets spam ECHR