UK.gov to spend £2bn on ISP tracking
Uberdatabase ditched, but IMP is go
The government plans to spend £2bn for ISPs to intercept details of their customers' emails, VoIP calls, instant messaging and social networking.
Under the proposals, mobile and fixed line operators will be required to process and link the data together to build complete profiles of every UK internet user's online activity. Police and the intelligence services would then access the profiles, which will be stored for 12 months, on a case-by-case basis.
Home Secretary Jacqui Smith said today she had "ruled out" the idea of a central government-run store of communications data on privacy grounds. Instead, the consultation on the Interception Modernisation Programme (IMP) proposes a "middle way" requiring ISPs to retain much more data than they currently do.
Most of the proposed 10-year budget for the system would be spent on deep packet inpection equipment that would allow ISPs to tap into third party communciations data carried by their networks. Authorities are worried that the growth of internet-based communications services such as Skype diminishes their ability to monitor who contacts whom, when, where and how.
"This option would resolve the problem that some communications data which may be important to public authorities will not otherwise be retained in this country," the IMP consultation document says.
"However it would not address the problem of fragmentation: as data is increasingly held by a wider range of communications service providers, it might take longer than it does at present to piece together data from different companies relating to one person or communications device."
In response to such fragmentation, the government plans to order ISPs to "not only to collect and store data but to organise it, matching third party data to their own data where it had features in common".
The plan is likely to be seen as onerous by ISPs. According to one senior industry source, many in the industry hope the next government will abandon it. "I don't know anyone in the communications sector that will be sorry if IMP gets cancelled the day after the election," the source said.
"I agree that what we're asking the industry to do is something that will put a burden on them," Smith said at today's IMP briefing for journalists. She said providers will be refunded the cost of collecting and processing the data by the government.
By tapping ISPs to collect and process communications data from across the whole internet, officials will avoid opposition to the plans from websites and other third party services. Facebook recently voiced opposition to government monitoring of its users, but when the data is intercepted in transit, it will have no choice. Intelligence and security agencies already have close relationships with ISPs.
The IMP consultation will run for 12 weeks. Details of how to respond are here. ®
If you are an MP, then 1984 is an instruction manual.
Criminals will just use ever more complex encryption, or simply not use the Internet to talk, so won't be affected.
Meanwhile millions of innocent but non-technical general public will be profiled more than any police state in the world has ever achieved before.
So much for freedom and democracy.
As for ruling out a central database on “privacy grounds” ... thats an utter lie and direct evidence of government use of manipulative wording. They know it undermines privacy.
At least now the government has finally shown why they haven't stopped Phorm. They want Phorm. But Phorm is more than DPI. Everyone technical keeps getting caught up in discussions about DPI. This isn't about DPI, its about Phorm style technology building automated profiles on everyone. Phorm like technology uses standard data mining techniques to extract profiles of everyone, in effect creating automatic summaries of people. Thats literally Big Brother and its what the government gains by using Phorm like techniques.
The next step is leaving laws wide open to allow for ever more feature creeps, so ever more people can dream up reasons to monitor everything people do and say online. Then they can slowly over time start to add more hidden punishments like restricting government jobs and government contract jobs to only the politically loyal people. Hold back opponents. I'm sorry your company cannot have this government contract as you employ 3 people who have openly protested online against the current government. This shows your company and employees are not behind the current government and so your company will not get this contract or grant. This will force any company wishing to win government contracts, to weed out anyone politically motivated. That will also help them rid themselves of anyone potentially willing to back the formation of unions to force more fairness out of employers. We have seen that so many times throughout history. Now the police state will be able to gain this kind of information like never before. Government employees are profiled now, this technology will simply allow deeper profiling.
I wonder who are the governments real targets? ... Most criminals will not be affected by this police state. Whereas millions of the general public can oppose the MPs and even throw the MPs out of their job. Looking at it from the government point of view, it looks like the general public is a bigger threat to MPs than criminals. Which would explain why the MPs want a police state to monitor everyone who can stand up and oppose them.
We have a right bunch of self serving, truly arrogant, utterly self righteous people at the top.
So the rest of the Government IMP is costed at £10bn?
Because £12bn was the only figure given out and I doubt that splitting th requirment across multiple databases will lower the cost.
I'm in favour
I've read the consultation document and I'm in favour of this scheme. It is obvious to anyone involved projects, private or public, that it will fail at every level - and there are a lot of levels for it to fail at:
Technical. Packet snooping is easily defeated, storage will be insufficient, snooping algorithms and or signatures will need to be updated remotely and securely with random Skype / MSN / Twitter versions, data has to be returned to HQ securely, appliances will be susceptible to hacks, and queries will take days to run and return millions, possibly trillions, of false positives.
Financial: running costs are impossible to predict. Is this included in the £2bn? What's the annual cost and why wouldn't it rise proportionately with app versions, traffic volumes, flash-in-the-pan ISPs, new P2P protocols, and new social networking fads?
Organisational. ISPs run lean and couldn't organise a party in a LAN room. There is no test as to whether they are routing all packets to the snooping appliance. So at 8pm on Sunday when their networks choke, they'll just route around it and cite unavoidable and unprecedented operational issues - if anyone even asks.
So in the unlikely event that this ever gets beyond a pilot, it WILL grind to a halt and be ignored by everyone.
The one advantage, which is why I'm in favour, is that it represents a subsidy for ISPs to fix their underpowered networks. So we're all likely to get slightly less bad availability and performance as a result.