Surveillance? Only *SOME* Liberal Democrats aren’t supporting it… #CCDP #libdems

[note: this was written for my CWUK blog but they are dealing with some tech issues at the moment, so I’m posting it here instead.]

Erratum: Surveillance? *SOME* Liberal Democrats aren’t supporting it…

LibDem Conference says one thing, LibDem Leadership says another

So – by dint of reporting on a Sunday Times article which “broke” the story – the BBC finally picked up on the Communications Capabilities Development Programme (CCDP) mentioned in this blog’s previous post.

Just in case you missed it, the CCDP is:

  1. A large Government IT project
  2. to surveil (basically) all domestic internet access – recording all the URLs you access, and what social-media interactions you have
  3. by securely logging all of that data on-site at your respective service provider, with equipment part-paid-for by taxpayer money
  4. where it won’t need a warrant to be accessed by Government employees, since the actual content of your communication is not logged
  5. just in case you ever turn out to be a terrorist or criminal.

There are a few problems with these points, viz: all of them, and perhaps the least is point 1 – Britain’s reputation is still not great regarding large Government IT projects.

Point 2 is trivially reduced in usefulness through use of secure sockets (ie: HTTPS) to servers beyond UK jurisdictions, the audit trail becoming something like Client X connected to Server Y which hosts the following websites …; use of Tor would negate even that.

Point 3 – there are enough data leakage stories in the press without their being multiplied by legislating for enhanced logging while promising the public that logged data will never be leaked, hacked or end up on Ebay after server decommissioning.

As an aside: who pays for the log servers? We all do. That which is not paid from Government coffers will be paid for by service providers – who in turn will recoup the cost through raised costs to their customers, which in turn will generate higher VAT.

Point 4 – we are assured by Nick Clegg himself that there will be “no central database” to CCDP – correct, it’s a distributed database which in some respects is far riskier – and that he’s also “totally opposed” to the Government “reading e-mails at will”.

This is also fine, because CCDP is not proposing to do that either. Instead the proposal is to log the date and time and size and sender and recipients of every e-mail sent or received; and also the URLs of every website surfed, and (ideally) the names of people whom you mention, tweet, friend, like, etc.

Targeted advertising aside it’s not necessary to see message content in order to profile someone from their web traffic – if someone receives e-mails from abortion clinics, betting websites, or is surfing URLs with SEO-friendly terms like leather-fetish.jpg – you can draw fairly accurate conclusions about what’s on their mind; come to that if you’ve logged the URLs you can probably download the same thing your target was looking at and thereby confirm your suspicions.

Browsing the logs activity won’t need a warrant because it does not count as interception – so the Deputy Prime Minister can rest assured that he has not directly lied about CCDP.

However he may yet have the opportunity to do so – mid-monday blogger Charlotte Gore posted on Twitter a copy of the Liberal Democrat party briefing on CCDP, with some choice spin to help confirm the above:

There will be no weakening of the current safeguards and checks in place to protect communications data

…they’re not strong enough currently…

There will be no centralised database of all communications data, as proposed by Labour in 2006

…because CCDP will be distributed

This “communications data” can show who an individual has contacted, when they did so, and where they were at the time; but not what the content of that communication was.

…unless they surf websites with meaningful hostnames and URLs…

The current proposals have one aim and one aim only: to maintain the capability of our law enforcement agencies to investigate and prosecute dangerous people.

…”maintain” meaning “introduce new means of surveillance more typically associated with China and Iran”…

Where there is no business case for Communication Service Providers to gather this data, the government will provide financial and technical assistance to allow it to be collected on companies’ local systems.

…the taxpayer will contribute until Government money runs out, at which point Britain’s domestic surveillance apparatus is an overhead cost to private industry that will discourage entrepreneurialism.

Finally – regarding the “safeguards” to protect browsing data that were introduced at the recent Liberal Democrat conference:

We believe these safeguards to be in place already with the current proposal and will not support any legislative changes without these measures.

…which makes a bit of a mockery of the process of introducing those safeguards, since you’re saying that those safeguards – brought in specifically because of CCDP – were never actually necessary. The activists behind the introduction of those safeguards are understandably a bit miffed at this implication. There are opinions. There have been words. The twittering LibDem grass roots are so angry that there may soon be a raffle and the first prize might be the Liberal Democrat leadership’s head.

But I am a security geek. The party politics don’t interest me. In a perverse sense I almost welcome CCDP because it is so arrogantly infeasible and misconceived – and delightfully retro in a Stasi kind of way – that I cannot conceive a better way of waking people up to the importance of privacy and digital rights.

The Tor Project should do well out of it.

UPDATE: for a more comic spin on the story, try the daily mash.

UPDATE2: Radio4’s The World At One did a fine piece you can listen to – start playback at the 7m10s mark.

4 Replies to “Surveillance? Only *SOME* Liberal Democrats aren’t supporting it… #CCDP #libdems”

  1. A further angle I’d like to see a considered view on: as well as ISPs, will UK-based IaaS providers also be compelled to install and maintain lawful metadata intercept infrastructures in case a customer stands a mail or other messaging server up on one of their nodes? If so, how will such infrastructures handle the tying-together of customer details, VM details and vSwitch port details, at all times and in the face of infrastructure flexing, to ensure that all data requiring intercept, gets intercept?

  2. “Point 2 is trivially reduced in usefulness through use of secure sockets (ie: HTTPS) to servers beyond UK jurisdictions”

    You say that, but I’m anticipating bogus certificates from a widely trusted CA, combined with proxies doing MITM. That’ll be good enough for 80% of SSL traffic, I’m sure.

Leave a Reply

Your email address will not be published. Required fields are marked *