From: Barrett, Peter G (kslj.elphlbzhdr@rele.tunk.net)
Date: Tue Jun 06 2000 - 01:38:32 EEST
I have nothing to hide. YOU ARE A DIRTY FILTHY SPAMMER. I HOPE YOU ARE
DESTROYED. HURRAY FOR BRITAIN.
> -----Original Message-----
> From: fqglh@swm.de [SMTP:lqik.tpqlsm@me.us]
> Sent: Monday, 5 June 2000 6:11 pm
> To: lkqpi.bmxlwpm@jouffroylex.com
> Subject:
>
> When you wake on Thursday 5 October next, you will find yourself living
> in a
> different country. An ancient bulwark of English law - the principle that
> someone is presumed innocent until proven guilty - will have been
> overturned.
> And that is just for starters. From that date also the police and security
> services will enjoy sweeping powers to snoop on your email traffic and web
>
> use
> without let or hindrance from the Commissioner for Data Protection.
> Every UK internet service provider (ISP) will have to install a black box
> which monitors all the data-traffic passing through its computers, hard-
> wired
> to a special centre currently being installed in MI5's London
> headquarters.
> This new mass surveillance facility is called the Government Technical
> Assistance Centre (GTAC). Who said Jack Straw had no sense of humour?
> The Regulation of Investigatory Powers (RIP) Bill which is now before the
> Lords gives the Home Secretary powers of interception and surveillance
> which
> would be the envy of the most draconian regime. In addition to encroaching
>
> on
> civil liberties, the same Bill will also drive hordes of e-commerce
> companies
> from Britain to countries like Ireland where their encryption keys -
> extended
> pin numbers allowing users to decipher jumbled data - will be protected
> from
> government prying. An administration which complains continually about
> making
> Britain 'the most e-friendly country in the world' by 2002 is busily
> making
> sure that exactly the opposite happens.
> How has this extraordinary state of affairs come about? Is it another
> manifestation of the cock-up theory of history, or are there more sinister
> forces at work? The answer is a bit of both. For some time, it has been
> obvious to Ministers and civil servants that British law needed updating
> to
> cope with the internet. In an era when online trading becomes ubiquitous,
> for
> example, some way has to be found of making 'digital signatures' legally
> valid. Accordingly, a special Cabinet Office unit headed by Professor Jim
> Norton set to work to devise a new legislative framework for the emerging
> world of e-commerce and online communications. The main result of his
> labour
> was the Electronic Commerce Bill.
> As that Bill went through its Parliamentary hoops, it became clear that
> some
> parts of it - mainly the sections dealing with data encryption,
> interception
> and surveillance - were so deeply flawed that they threatened to sink the
> Bill. Given the Government's desire to make headway on the e-commerce
> front,
> the problematic sections were eventually jettisoned and the Electronic
> Commerce Bill became law in 1999.
> It was a smart decision, but it left unresolved the problem of what to do
> about the encryption stuff. The DTI, smarting from its bruising at the
> hands
> of the computer scientists who had comprehensively shredded the original
> encryption proposals, wanted nothing more to do with it. Accordingly the
> poisoned chalice passed to the Home Office, which knows little of business
>
> and
> even less about the internet, but is endlessly attentive to the needs of
> the
> police, the security services and the Byzantine imperatives of official
> secrecy. The RIP Bill is the fruit of that secretive bureaucratic milieu.
> The official rationale for the legislation is that it is required to bring
>
> UK
> law into conformance with the European Convention on Human Rights. In the
> end,
> this will have to be tested in the courts, but Straw's confidence is not
> shared by the Commons Trade & Industry Select Committee which last October
> recommended that the Government publish a detailed analysis to
> substantiate
> its confidence that the Bill does not contravene the Convention. This the
> Government has so far declined to do.
> The Bill has four main parts. The first deals with the interception of
> communications. the second covers 'surveillance and covert human
> intelligence
> sources'. The third tackles encryption and the fourth covers the 'scrutiny
>
> of
> investigatory powers and of the functions of the intelligence services'.
> Parts
> I to III propose massive extensions of the state's powers to spy on its
> citizens while the fourth suggests a regulatory regime which seems
> laughably
> inadequate to anyone familiar with internet technology. All sections of
> the
> Bill have been heavily criticised by external experts and a small number
> of
> committed MPs, but the legislation has passed through its Commons scrutiny
> with its central provisions intact.
> Part I gives the Home Secretary the power to issue a warrant requiring
> ISPs
> to
> intercept the communications of one or more of their subscribers. The
> problem
> is that the internet is not like the telephone system - where it is
> technically feasible to tap into a particular individual's communications
> link. In order to monitor a person's internet traffic, you have to tap
> into
> all the traffic running through his or her ISP. As a result, the
> expectation
> is that Part I of the Bill will be implemented using so-called 'passive
> monitoring': ISPs will be required to install a 'black box' which will
> monitor
> all their data traffic and pass it to the GTAC centre.
> The news that henceforth all UK internet traffic will find its way to MI5
> does
> not seem to have yet reached MPs, most of whom don't understand the
> technology
> and assume that the Home Office must know what it is doing. Defenders of
> the
> Bill point out that MI5 can only legally read the content of
> communications
> for which specific warrants exist, which is true. But they fail to notice
> that
> the Bill affords no such protection to the pattern of one's internet
> connections.
> In other words, while MI5 may need a warrant actually to read your email,
> many
> other people will have essentially unregulated access to logs of the
> websites
> you access, the pages you download, the addresses of those with whom you
> exchange email, the discussion groups to which you belong and the chat
> rooms
> you frequent - in short, a comprehensive record of what you do online and
> with
> whom. It will be interesting to see how this squares with the European
> Convention's requirements about privacy.
> It is Part III of the Bill, however, which is most likely to contravene
> the
> Convention. Section 46 gives the Home Secretary the power to compel the
> surrender of keys used to encrypt communications data. Failure to comply
> carries a prison sentence of two years. If someone cannot comply because
> they
> have lost or forgotten the key then they have to prove that to the
> satisfaction of a court. In other words, the burden of proof is shifted
> from
> the prosecution to the defence - one is presumed guilty until proved
> innocent.
> And how do you prove that you have forgotten something?
> Even more oppressive is the Bill's creation of a secondary offence -
> revealing
> that you have been required to supply, or supplied, a decryption key -
> which
> carries an even stiffer penalty. Under the terms of the Bill, for example,
> the
> police could arrive at 4am and demand that you produce such a key. If you
> were
> unable to comply and were taken in for questioning, it would be a criminal
> offence punishable by five years' imprisonment to explain to your family
> why
> you were being dragged off.
> Civil liberties campaigners are predictably opposed to the RIP Bill. But
> it is
> also widely opposed by the business community. Even Professor Norton, the
> architect of the Government's e-commerce legislation, describes the
> proposals
> as 'a classic own goal' that will undermine the aim of making Britain a
> centre
> for e-commerce. Encryption is central to e-business, and many companies
> have
> contractual agreements with clients for whom they hold cryptographic keys.
> Under the RIP Bill they would be banned from revealing that they had
> surrendered a key and thereby compromised the client's security.
> 'This is a clear case,' says Norton, 'of the futility of government
> treating
> internet policy as a national issue when what is needed is international
> agreement. A UK firm which handed over the key of a multinational client
> would
> be vulnerable to a compensation claim in an overseas court for
> compromising
> that client's global security. US businesses are not happy about that
> liability and will opt to work in countries like Ireland.'
> The most astonishing thing about . Straw's pre-emptive strike on civil
> liberties and e-commerce is that, to date, there has been almost no public
> discussion of it. The Ministers driving his Bill through Parliament
> concede
> that the powers they seek are sweeping, but argue that they can be trusted
>
> to
> apply them reasonably and that in any case the powers are commensurate
> with
> the threat from online criminals, terrorists, paedophiles and
> pornographers.
> In the absence of proper safeguards, the first argument is absurd.
> As far as the second is concerned, nobody has yet produced any convincing
> empirical evidence that the supposed threats are more than the fantasies
> of
> security services and hysterical projections of some newspapers. The
> internet
> undoubtedly provides a conduit for criminal conversations and porno
> graphic
> transactions. But then so does the telephone system and the Royal Mail,
> and
> yet nobody proposes tapping every phone in the land or scanning every
> letter.
> A terrifying erosion in our liberties is being planned, yet the threat is
> largely ignored.
> Could it be that this collective passivity is because, for most citizens,
> the
> liberties that are being eroded lie in the future rather than the present?
> Most people do not currently encrypt their email, even though an
> unencrypted
> email is as vulnerable to snooping as an ordinary postcard. But in five
> years' encryption will have become a necessity.
> Human nature being what it is, people will lose or forget their decryption
> keys - and some will find themselves attempting to convince a judge that
> they
> are not paedophiles feigning amnesia to qualify for a shorter sentence.
> Will
> they then remember Burke's warning that for evil to triumph it is
> necessary
> only for good men to do nothing? And will they wonder why they had not
> been
> more alarmed on the morning of 5 October 2000?
> Rest of the world
> Most countries impose no restrictions on the use of encryption by their
> citizens. The exceptions tend to be authoritarian regimes such as those
> in
> Russia and China.
> IRELAND: New e-commerce Bill makes it illegal for government to access
> commercial cryptographic keys.
> FRANCE: The government has recently announced a new policy of totally
> relaxing
> controls on domestic use of encryption.
> US: No domestic controls on use of cryptography, though Washington looks
> enviously at the UK RIP bill.
> GERMANY: Has long been the European leader in opposing restrictions on
> citizens' use of encryption.
> Over the coming weeks The Observer will print a series of articles and
> opinion
> pieces on the proposed RIP Bill. If you wish to voice your opinion online
> you
> can do so {HYPERLINK
> "http://talk.guardianunlimited.co.uk/WebX?13@@.ee75b58"}
> here. To find out more about the Bill see {HYPERLINK
> "http://www.fipr.org/rip/"}www.fipr.org/rip/¤
>
>
>
>
> IMPORTANT NOTICE: If you are not using HushMail, this message could have
> been read easily by the many people who have access to your open personal
> email messages.
> Get your FREE, totally secure email address at http://www.hushmail.com.
>
>
This archive was generated by hypermail 2b29 : Tue Jun 06 2000 - 04:54:31 EEST