The UK wants ISPs to store all of their traffic data

As part of what one Member of Parliament calls “the most intrusive surveillance regime in the west,” the British government's Home Office is hoping to require ISPs to route all of the data that gets transferred over their servers through a 'black box.' In addition to spying on you, the box will also slow down everyone's connection speed. Sounds like fun.

Alright, so they say it won't spy on you, and we either know better than that, or we're just a bunch of paranoid nutjobs. Or both. Regardless, even if it doesn't spy on you, it's still open to exploitation from hackers that could put your data at greater risk than ever before. But just what is this mysterious 'black box?'

Basically, it's a scary term being used by the media to describe a device that would decrypt data as it's transmitted over the ISP's network, then separate the decrypted data from basic information like the sender and recipient, and when the information was transferred. The idea is that basic information like that will be enough to catch criminals and the like, and that the actual decrypted data can be disposed of.

Pushing aside our inner-conspiracy theorist, the process has the potential to leave a lot of very sensitive data wide open to hackers, and that includes sensitive communications like your email. Any sort of communications that take place over the internet are normally encrypted, meaning that they can't be deciphered by any third parties trying to but in, but the 'black box' would presumably leave that information perfectly readable. And as much as we hope that there will be some solid security on the device, it'll probably just be stored as a text file.

Aside from the obvious privacy and security issues, there's one other hole in the Home Office's brilliant plan: speed. A representative of the ISPs Association says that while their main concern is the fact that the plan is a totally ludicrous one invented by a group of old men who don't understand technology, the issue of speed is a pressing concern, too. Or, as the representative more eloquently put it, “We'd rather they told us what they want to achieve, then sit down with us to work it out.”

“If you're having to route all traffic through one box, it's going to cut down on connection speeds. The hardware can only look at a certain amount of traffic per second.” So, you've got a massive invasion of privacy, huge potential for exploitation, and snail-like speeds. Again, sounds like fun.

Since we like to end stories like this on a more positive note whenever we can, we're going to conclude with a statement from a Home Office spokesman. Aside from noting that no hardware or software has actually been issued, and that the law is meant to keep us safe from bad people, he also says that “The legislation is currently being scrutinized by parliament.” Hopefully that means that there's still time to turn it into something a bit more feasible, and take the whole Big Brother thing down a notch or two.

Source: Channel 4

Report a problem with article
Previous Story

eBook publishers are spying on us

Next Story

Rumor: DirecTV may integrate Kinect-like features into their boxes?

47 Comments

Commenting is disabled on this article.

Seriously, how would they even manage to process this data when everyone turns on their encrypted VPN connections? Fair enough they could break a few, but many millions?

the issue isnbt about how they store data?? what you mean you arent being tracked when you go hoppping and get ads in your face everytime you surf anywhere that, somehow, just by magic, relatee to stuff you may have searched for???

You think the goverment has the It savvy employees who are going to roll out datacentres to do this???

i think they call it out sourcing, hmmmm, some private company (unamed of course unless someone goes to court) and with absolutely no guarantee that your data will stay in Britain should you need to sue or anything, will be assigned the role.

Been reading about cloud services?? anything...???
Britain is scr*wed and no amount of stern e-mails with "old old chap, old son, jolly good and fair game" are going to sort this out im afraid...

thin edge of the already too deep wedge and all that ..

Should Canada ever start doing this, Im going to write some very annoying scripts that seek out jibberish so they have no idea what I am truthfully looking for or what the script is automatically browsing.
If nothing they will have gigabytes of browsing history to store weekly.

How is this bad? I couldn't care less what they see. I buy sex toya online , I don't care ... I buy music online, I don't care ... I listen to Spotify online ... I don't care ...

I do NOT pirate ANYTHING. Therefore I don't care. The ONLY people who will care are people stealing stuff online.

End of subject.

Spirit Dave said,
How is this bad? I couldn't care less what they see. I buy sex toya online , I don't care ... I buy music online, I don't care ... I listen to Spotify online ... I don't care ...

I do NOT pirate ANYTHING. Therefore I don't care. The ONLY people who will care are people stealing stuff online.

End of subject.

no its not "End of suject." just becasue You! dont care about what data people have on you. i dont piratet anything either and i am not happy about this plan.

enjoy your sex toy and enjoy your spotify. but one thing you won enjoy is privacy if this plan goes ahead.

xSuRgEx said,

no its not "End of suject." just becasue You! dont care about what data people have on you. i dont piratet anything either and i am not happy about this plan.

enjoy your sex toy and enjoy your spotify. but one thing you won enjoy is privacy if this plan goes ahead.

This guy got no idea the ramifications that would come from this...

I'm sure if you were made have a strip search before entering walgreens or sams' club (or whatever big box store is around you) it'd be no problem consenting to that either because you aren't a shoplifter, right? Or have breathalysers installed in your car to start it, because you don't drink and drive right?
Its OK for the post office to open ALL the mail you are getting delivered, for no specific reason, unless they see something they don't like regardless if it came from Amazon or Pakistan.... This worm hole goes INCREDIBLY deep.

Its OK that they log your spotify info and your sex toy account login, your shipping address, private facebook messages, paypal balance, bank account numbers, internet subscriptions, login information for netflix.. thats fine right? Because you don't pirate ANYTHING? Most companies around Canada charge you to mail out a physical bill, forcing you to use the internet or pay $3 more per physical bill.

Did you read up in the past year on all the services that had personal information breached?? you think the government who don't know their elbow from their a**ho** is going to get it right if multi-billion dollar companies like Sony who specialize in electronics can't?

They are painting everyone with the same brush here, for a non-existent problem they already seem to be handling.

srbeen said,

This guy got no idea the ramifications that would come from this...

I'm sure if you were made have a strip search before entering walgreens or sams' club (or whatever big box store is around you) it'd be no problem consenting to that either because you aren't a shoplifter, right? Or have breathalysers installed in your car to start it, because you don't drink and drive right?
Its OK for the post office to open ALL the mail you are getting delivered, for no specific reason, unless they see something they don't like regardless if it came from Amazon or Pakistan.... This worm hole goes INCREDIBLY deep.

Its OK that they log your spotify info and your sex toy account login, your shipping address, private facebook messages, paypal balance, bank account numbers, internet subscriptions, login information for netflix.. thats fine right? Because you don't pirate ANYTHING? Most companies around Canada charge you to mail out a physical bill, forcing you to use the internet or pay $3 more per physical bill.

Did you read up in the past year on all the services that had personal information breached?? you think the government who don't know their elbow from their a**ho** is going to get it right if multi-billion dollar companies like Sony who specialize in electronics can't?

They are painting everyone with the same brush here, for a non-existent problem they already seem to be handling.

quote the correct person next time.

Spirit Dave said,
How is this bad? I couldn't care less what they see. I buy sex toya online , I don't care ... I buy music online, I don't care ... I listen to Spotify online ... I don't care ...

I do NOT pirate ANYTHING. Therefore I don't care. The ONLY people who will care are people stealing stuff online.

End of subject.

Why do you need a sex toy?

It's evident that you're already letting the government nail you from behind...

Ever considered becoming an MP?

Mystiia said,

Why do you need a sex toy?

It's evident that you're already letting the government nail you from behind...

Ever considered becoming an MP?

My girlfriend likes them And my point was that I don't care what people see me doing online. It's ludicrous that people care about this stuff. The fact is, the only people worried are the people who are downloading stuff they shouldn't be. Come on, admit that much at least.

The government already know everything there is to know about you in your normal life (think they don't? My friend works on military aircraft and when interviewed they asked tons of personal questions ... and corrected him on how many girlfriend's he'd had!). I don't see any of this as any more than they already have. They just want to monitor people to make sure no illegal activity is going on. And to be fair, as a law abiding citizen, I'm happy about this. I hate the fact that people are ripping me off (as a consumer AND as part of a software developer this is happening). Most of the videogames I've worked on have been pirated hundreds of thousands of times if not millions. And I think it'd be brilliant if people were slapped around a bit for it.

Spirit Dave said,

My girlfriend likes them And my point was that I don't care what people see me doing online. It's ludicrous that people care about this stuff. The fact is, the only people worried are the people who are downloading stuff they shouldn't be. Come on, admit that much at least..

the point is completely broken and invalid...your basically saying if you aint got nothing to hide then what you worried about?

its that attitude that gets you bent over sometime in the future and when they turn you a** into a playground youll be wondering how did i get here and cant we all just get along etc etc...

ill break it down for you like this; when i take a sh*t i close the door, not because im doing anything illegal but because somethings id rather do in private. Noone is breaking any laws but i dont want my sh*t out in the open...

I hope thats simple enough for you to understand why its not a good idea to allow this stuff to get through cause as ive said before, you need to take a look at where your country was in terms of privacy just 10 years back and where it has finally reached...still not convinced???

maybe we can try other analogies...hows this one..

"Prevention is better than cure"...or maybe this one cause im not satisfied by the way you reason that you actually get it yet.

"Give somebody an inch and they'll take a mile."

of course i could go on but im sure by now youve made up your mind that your gonna "vote that policy in now just for the hell of it, cause whose this guy telling me this or that"...

before you respond, which im sure you will of course, you need to have a think about it.....

now run along and play nice with the other kids...

Spirit Dave said,

My girlfriend likes them And my point was that I don't care what people see me doing online. It's ludicrous that people care about this stuff. The fact is, the only people worried are the people who are downloading stuff they shouldn't be. Come on, admit that much at least.

The government already know everything there is to know about you in your normal life (think they don't? My friend works on military aircraft and when interviewed they asked tons of personal questions ... and corrected him on how many girlfriend's he'd had!). I don't see any of this as any more than they already have. They just want to monitor people to make sure no illegal activity is going on. And to be fair, as a law abiding citizen, I'm happy about this. I hate the fact that people are ripping me off (as a consumer AND as part of a software developer this is happening). Most of the videogames I've worked on have been pirated hundreds of thousands of times if not millions. And I think it'd be brilliant if people were slapped around a bit for it.


So next year after the conservatives use the information from their new internet toy to easily rig the elections and stay in power, and then in a new wave of pushing "good Christian values" onto the rest of the heathen masses, they make sex toys illegal, retroactively,

now you HAVE done something illegal, how do you feel now?

Retroactive enforcement is never going to happen you say? One imediate example of it happening already is it's exactly what they're doing with bittorent sites that only scrape information and don't actually hold anything illegal...

Spirit Dave said,
How is this bad? I couldn't care less what they see. I buy sex toya online , I don't care ... I buy music online, I don't care ... I listen to Spotify online ... I don't care ...

I do NOT pirate ANYTHING. Therefore I don't care. The ONLY people who will care are people stealing stuff online.

End of subject.

Freedom has nothing to do with breaking laws. It has to do with the principle of privacy, and your ability to do whatever you want without being spied on and looked at at all times. The people who sit around and say that 'it doesn't affect me' will regret it one day, when it does start to affect them. But by then, of course, it'll be too late.

Basically, in a society where we are innocent until proven guilty, laws should not take the approach of spying on everyone with the assumption that they *are* guilty.

Not hard to get around, have 5 4096-bit private and public keys, encrypt your emails, site data, etc. with all of the 5 keys before sending it out.
They have the machinery to crack private/public key pairs but if you do it enough times with enough bits, they won't be able to crack it for quite some time.

|Rapture| said,
It's a series of tubes, right?

No that's those trains that go underground. The internet is a load of telephone wires - tap in and listen - job done.

The amount of ignorance shown by the people who came up with this is astounding, your 'black box' would probably be the size of a house if not an office block, even with today's tech...

I hope this doesnt happen in the UK. Something like this would never happen in the US. Whenever some hollywood bought politician tries to push something like this thru we actually stand up and say No.

Miuku. said,
Technically impossible.

Funny idea though.


How is it impossible?
Financially impossible probably but they will use terms like "terrorist" & "child" to push the bill through.

Riva said,

How is it impossible?
Financially impossible probably but they will use terms like "terrorist" & "child" to push the bill through.

hehe. Impossible for what they think they can/want to do. Decrypt my SSL connections? I think they'll be doing more hacking then anything, man in the middle attacks and not a black box.

But with regards to terrorist and child abuse. I think it'll be used more to remove disabled and job seekers allowances. More cut backs... think about it, why should people with out jobs be able to play online games, or use facebook to chat with friends, or watch youtube for a few hours.
Its only a matter of time before the goverment gathers all statistics and looks at ways they can use the data to 'help'.
Fact is, we've had more rights away from us by the government trying to protect us from terrorists then the terrorists have actually removed.

Now I understand why SPDY only allowed encrypted connections. It's definitely not just for protecting you from hackers stealing bank account details.

The Home Office could just make it easier for people to understand what their goals are by renaming this from "Black Box" to the "UK To China Converter Box"... Am sure it would be cheaper to issue the UK unemployed with notepads and pencils and deploy them 24 hours a day to the living rooms and bedrooms of all other UK citizens, where they could just sit and take notes and then send weekly highlight reports on who's been up to what back to the home office? Chances are this would actually work - as opposed to yet another UK Tax-payer funded failed IT project. Seriously, the obvious next stage of this is to take £1b of UK tax payer money to pay a whole bunch of Deloitte and PWC waste-of-space consultants to come up with some half-arsed doomed-to-fail project implementation and future governance plan. Could we just please, for the love of whatever sanity remains in the UK these days, just stop this nonsense in its tracks now!

I'm sure with ideas like this the internet will soon become too dangerous to have in the UK, and will have to be abolished for national security.

One step closer to becoming the next North Korea.

hmm, I really can't remember precisely, but there was some instance already that monitors european internet since the 90s. I think it was located in sweden or something.
the US also has similar internet monitoring.

Shadowzz said,
hmm, I really can't remember precisely, but there was some instance already that monitors european internet since the 90s. I think it was located in sweden or something.
the US also has similar internet monitoring.

Any proof of that?

Forget speed, I'm more worried about high latency. It will kill off online gaming. Great, now gamers have literally no reason to actually buy games.

Latency itself is already being increased by other things (like buffer bloat), this idea (Route everything through a single point of failure, and break all security in the process) is going to have much larger effects (Slower speeds for everybody, high overhead, no security for banking/online shopping, etc.)

Our government wanted to try it, but it died due to lack of support. It's always possible they'll try it again in the future (I think any policy that starts with "Well look what China and Iran are doing..." is a flawed policy from the start.)

Yet another poorly designed policy which won't achieve what they're trying to accomplish but will create performance and security issues with basic infrastructure.

Slayer said,
So to all the UK people: never mind enjoying the book, what's it like actually living in 1984?

Books? we don't get books anymore, they closed all the librarys already.

sagum said,

Books? we don't get books anymore, they closed all the librarys already.

That's sadly not even a joke

sagum said,

Books? we don't get books anymore, they closed all the librarys already.

They didn't close the libraries... the people not using them did. Why keep open an empty building? Library use is in decline and it would be mad to keep them all open.

lt8480 said,

They didn't close the libraries... the people not using them did. Why keep open an empty building? Library use is in decline and it would be mad to keep them all open.

If only that was the truth. In 2010, there were 110million visits to our then open libraries, with an additional 64million visits for web access, and this is AFTER the government cut opening times and changed the times they were allowed open.. twice.

New books for the libraries was cut back over the years too, but it was no were near the cut backs the councils issued after the government told them to make 8.9% savings, instead councils cut the budgets of local library funds by as much as 50%.

When 70% of 11 to 15 year olds were regular users of libraries, a statistic that hasn't changed over the years, it makes a huge difference to the education of our children.
Lets not forget that most schools are not like harry potter kids can sit in there all afternoon. Most schools you go in via lunch time or maybe an hour after school if you're lucky. There is no way for most kids to go and study in a library with immediate access to the books on shelfs.

Most adults don't sit in the library anyway, they go in, pick a book. sign it out and go home to read...

On top of all that, the registration process for my local library is plain stupid.
My mother took her granson in to register so he could get a few books. He needed some proof it was him and parental consent form. Fair enough.
So my mother tries to get a book, they ask her for some ID. She gives them her passport and they tell her its not proof (?!)

They wanted bank statements and a utility bill.

So no, I don't believe that its the users who don't use who have closed them. Its more our government and high council exc members who cut back too harsh to save their own necks.

Ok just reading the headline I thought it meant store all the data served to the customers.. got me thinking how many TBs per day would that be.. but the article revealed it is not their intention

Wow, this really sucks... Hope it gets thrown out for the sake of those in the UK, as well as other countries who might think emulating this would ever be a good idea.

dead.cell said,
Wow, this really sucks... Hope it gets thrown out for the sake of those in the UK, as well as other countries who might think emulating this would ever be a good idea.

LOL, at least its not as bad as China..... oh ...

dead.cell said,
Wow, this really sucks... Hope it gets thrown out for the sake of those in the UK, as well as other countries who might think emulating this would ever be a good idea.

Other countries like America? I'm pretty sure I've read on Neowin that America was planning a similar monitoring system.

wolftail said,

Other countries like America? I'm pretty sure I've read on Neowin that America was planning a similar monitoring system.

We hear a lot of nonsense going on in Washington. Seriously. It's just a matter of sorting through their BS.

But to answer your question: yes. I don't want that here, I don't want that ANYwhere...