‘The Snooper’s Charter’: How can we manage mass data properly?

On Wednesday, the Draft Investigatory Powers Bill was released. In terms of the media recently, the main point which newspapers such as The Guardian and The Daily Mail seem to be focussing on is how Internet Service Providers (ISPs) will have to store the last 12 months’ browsing history of all its customers. But with all that mass data, how can it be managed properly?

It was a question implied by a few newspapers, with the idea that if ISPs are storing all this data in one file or document, how safe would it be? The example referenced by some newspapers was the recent TalkTalk hack. As The Daily Mail says in an article from their Wednesday issue, a data leak on a mass scale – where customers’ 12-month browsing history is revealed – could cause catastrophic problems, including blackmail (take the Ashley Madison hack, for example).

Of course, surveillance is the main focus of the Bill, but if this goes ahead, questions about funding (staff to manage the data, security to protect the data) needs to be asked as well.

If there’s one criticism I have about this aspect of the Bill, it’s that the state and ISPs seem to own and regulate most of the Internet. As discussed in my post about Digital Rights, there needs to be a more democratic way of creating digital rights – rights which are determined by the people, not the state.

The Bill also addresses the rule that state officials, police officers and so forth will be able to access certain data without the need for a warrant. Some members of the public would be quick to assume that this use of data without official judicial regulations is a breach of our privacy. However, as I touched on in previous debates (here and here), we once again have to consider how much we volunteer this information or agree to it in the social network or ISP’s terms and conditions. It is essentially a compromise between us and these services, it’s just that it is only now that this aspect of Internet user rights – normally buried within lengthy T&Cs – is brought to our attention. So for that reason, to argue that this is a breach of our privacy is not entirely true, and it’s one aspect of the Bill which people shouldn’t worry about. One aspect of the Bill that the public should be concerned about is how mass data can be stored securely.

What do you think? Comment below!

Liam

Advertisements

7 thoughts on “‘The Snooper’s Charter’: How can we manage mass data properly?

  1. In Australia we just started mandating ISP’s keep the data for 2 years. Questions were also raised about how that is to be done. Apparently Aussie ISP’s haven’t even implemented the system yet, so I’ve heard, but I could easily be wrong about this. The easiest way to record usage is to record every user’s DNS lookups. This assumes people are using their own ISP’s DNS server…
    The alternatives include the far more costly and unlikley “deep packet inspection” which is like the police playing Pass the Parcel by unwrapping layer after layer of network protocol headers off each and every data packet you send and receive to see where it’s going (but not what’s in it!)

    Liked by 1 person

    • This is very interesting – I didn’t know Australia was doing this, so thanks for commenting! It’s really intriguing!

      It all sounds very complex! I think with DNS lookups, it needs to be that the user is anonymised until the website they visit is an illegal/dangerous website.

      Whilst the ‘deep packet inspection’ sounds costly, I like the principle that it’s very much where – not who or what – in terms of sending data.

      I think anonymity needs to be given to users unless their data demands it.

      Like

      • Yes. But I think the law enforcers want to be able to tack down criminals and terrorists. They need two years worth of data so that in the future when investigating a crime or terrorism plot they can go back and trace the source IP addresses of any traffic to a particular web site. Once they have this they can look up the person who had that IP and go knocking on their door. Anonymity would defeat the purpose, from the government’s point of view.

        Like

      • Very true. I think that’s the price we have to pay when we volunteer this information.

        Do you think that 2 years is too much? Our government is proposing that ISPs store up to 12 months of data. It’s more recent and less strain in terms of storage and management.

        Like

      • 2 Year s worth of data in Australia make our cops look slack in that they need more time to do their job! Of course they’re giving themselves more breathing space to get the job done.

        Like

Think Outside the Box...

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s