Law Enforcement and Retrogressive Pressures upon Technology

Yesterday ORG / Privacy International / Big Brother Watch / Julian Huppert held a meeting at the Houses of Parliament to, um, “celebrate” the release of the new draft communications bill.

I raised a question, perhaps clumsily, which Julian fielded as “advice”, and which was something along the lines of the following, which I’ll expand for print:

Enterprise-class Networking Technology – the sort of stuff rolled-out at, and interconnecting, ISPs – churns at quite a high rate; that which was new and exciting one moment is obsolete 18 months later. There is no single standard architecture for deployment and competitive advantage almost demands diversity, especially when nobody is on the same schedule for upgrading their systems. This is the whole “Moore’s Law” thing in action, and it’s a great driving force in delivering ever better service to the end user; and this is to say nothing of the software, the e-mail servers, the web caches and all the other performance-critical ISP equipment kicking around at what we call “Layer 7”, the above network equipment occupying Layers 2 through 4*

These technologies are the fuel lines which drive the business engine which is the modern web.

And now? CCDP proposes a spy-in-the-cab at every Internet Point-of-Presence, or something akin to that; all the above innovation will be legally required to “integrate” with Government-specified national-security-providing hardware, not vice-versa.

What I fear most is mandated technological foot-dragging – the forward progress of Network Service Providers and Internet Service Providers will be hampered by continually having to re-integrate the “legacy” requirements of CCDP’s interception and monitoring solutions. Network architects are going to have to bend their otherwise “best” designs to ensure that the “SpookBox v5000” in the locked cage in the corner of the data centre will get a copy of every piece of data – because of pedophiles and terrorists, you know.

In case I’ve been unclear: it’s a bit like people not being allowed to upgrade to the latest Electric – or perhaps Neutrino-powered – cars and vans, because the Government’s mandated GPS/tachometer can only cope with Petrol and Diesel. It’s going to be a drag on progress – a subtle one, but a drag nonetheless; the alternative is quite substantial cost and hardware churn as CCDP hardware is continually flexed and upgraded to cope – for which £180m per year is a slender budget.

This is all about the Government having to jump onto the bandwagon of Moore’s Law – to date they haven’t been so good at that. It’s going to be doubly hard to explain to the lawmakers when the above are all dismissed as “mere technical issues” – yes, not every minister needs to know a GBIC from a XENPAK from a SFP, but at some point the realpolitik will have to bend to meet hardware and the economics thereof.

The results will either be expensive (investment) or impose cost (degradation of service).

And finally, as evidence in support of the proposition that law enforcement will resist improvements to internet technology, I submit the following CNET article which is somewhat horrifiedly being discussed on the NANOG (North America Network Operators Group) list:

FBI, DEA warn IPv6 could shield criminals from police

The FBI, DEA, and Royal Canadian Mounted Police say IPv6 may erode their ability to trace Internet addresses — and warn new laws may be necessary if industry doesn’t do more.

U.S. and Canadian law enforcement agencies are warning that a historic switch to the next-generation Internet protocol called IPv6 may imperil investigations by making it more difficult to trace who’s using which electronic address.
FBI, Drug Enforcement Administration, and Royal Canadian Mounted Police officials have told industry representatives that IPv6 traceability is necessary to identify people suspected of crimes. The FBI has even suggested that a new law may be necessary if the private sector doesn’t do enough voluntarily.

[…]

It’s worth a read but in a nutshell the article can be summarised as: law enforcement wants IPv6 not to be rolled-out until such time as the use of every IPv6 address and port number can be adequately book-kept to assure that traffic can be tracked; but we in the industry are having enough problems rolling out this industry-saving technology already, thank you very much.

Also IPv6 will be challenging to log in any case, by virtue of its scale and designed-in elements of “pick your own IP address” if nothing else.

The brake disks will start warming up real soon** after CCDP passes.


* http://en.wikipedia.org/wiki/OSI_model
** http://www.urbandictionary.com/define.php?term=real%20soon%20now

4 Replies to “Law Enforcement and Retrogressive Pressures upon Technology”

  1. Sadly these devices, DPI related are already in place within some ISPs in the UK, and have been for a couple of years. They certainly aren’t cheap bits of lit costing on the order of 250K GBP per unit. So the cost to govt, assuming they bear the cost, could prove quite phenomenal. Then there’s the political ramifications…

    1. Dale, two points:
      1) That’s the big end; but what about the small?
      2) That which sucks upon the firehose of data which is the internet will always have to keep up with the firehose volume, not the other way around. Cost will inflate.
      …but I think we’re probably in agreement on that one.

  2. There’s a similar argument to government-mandated network-based adult content filtering. Even if you’re not using it, it still has to carry your traffic. (If we expect bandwidth use to be 4x current levels in 2016, the capacity of current filtering equipment needs to be 4x to match it. So far only one UK ISP has opted to deploy this.)

    Home Office quotes a 10-year span for CCDP costs, which I suspect to be an unrealistically long timespan for any ISP core architecture component.

Leave a Reply

Your email address will not be published. Required fields are marked *