Analysis: Will the government's web 'snoop' plans work?
- 2 April 2012
- From the section Technology
The government will soon outline its plans to give security officials the power to monitor emails and internet use.
The proposals, which are predicted to feature in the upcoming Queen's speech, have been described by supporters as a much-needed "modernisation" of current measures which allow the monitoring of telephone calls.
Critics, however, call the plans an unnecessary extension of the law, and an infringment of civil liberties.
Although the specifics of exactly what data will be collected is still unclear, we know the measures are likely to include never before seen powers to monitor our online activity in real-time, which the government says will help combat terrorism.
"It is vital that police and security services are able to obtain communications data in certain circumstances to investigate serious crime and terrorism and to protect the public," the Home Office said.
"We need to take action to maintain the continued availability of communications data as technology changes."
But the plans are concerning Britain's internet service providers (ISPs).
An earlier plan to monitor the internet - put forward, but then abandoned by the last Labour government - called for a single body responsible for aggregating all the data.
Now the ISP's will have to store the data generated by their users.
But one major UK ISP told the BBC there was a risk that data could be fragmented as different companies use various methods and third-parties to handle the vast amounts of information.
And Trefor Davies, a board member at the UK's Internet Service Providers' Association (ISPA), told the BBC that the technological challenge of collating and storing such vast levels of communication would be vast.
Although a large amount of data about us is already collected for billing and other purposes - such as who we call and when - ISPs do not currently store detailed data on what websites we visit, or details about the emails we send.
Mr Davies said: "The email stuff isn't straight forward, and neither is the web. Those aren't bits of information that traditionally we keep. We don't keep backups of deleted emails.
"All of this is do-able, but it could potentially involve network redesigns. And then there's the storage... you're into multiple petabits of data."
A single petabit is the equivalent of around 130,000 gigabytes.
"Think of all the spam people get," Mr Davies added. "We delete it, but under the new rules would we be allowed to?"
For real-time monitoring of internet traffic and use, UK ISPs were "almost certainly not" ready to implement such a system, Mr Davies said.
And costs are huge: When similar plans to monitor internet and email use were outlined under the Labour government, estimates for a 10-year period of running the system hovered around the £2 billion mark
Technical logistics aside, privacy advocates argue that should criminals wish to mask their behaviour, it is relatively easy to circumvent any data collection using simple tools and techniques.
For example, by using a web-based service like Google's Gmail or Microsoft's Hotmail, information that can be collected is limited owing to the security measures put in place by those sites.
Likewise, for sites such as Facebook, private messages sent within the service cannot be obtained without a court order. Under the new proposals, the authorities would simply know that Facebook had been visited, and at what time. Actions within the service are not monitored.
Mr Davies predicted that the use of proxy servers will increase if these proposals are implemented - boosting an "underground web" beyond police and government control.
A proxy, which anonymises the users actions on the web by routing any data requests through an extra server, is the tool of choice for hackers wanted to cover their tracks - but also by people wanting to access location-blocked content like streaming television programmes.
Mr Davies said these proposals could lead to more people to experiment with proxies - meaning the government's desire to gather data could in fact have the unintended side-effect of encouraging more and more people to mask their online activity completely.
"You're encouraging a sub-culture, an underground culture, where people are using encrypted emails and so on so they cannot be detected," he said.
"There's problems associated with that - you're encouraging people to be anonymous."
Additionally, he said, many free proxies are rife with malware and other harmful elements, exposing users to serious risk of privacy invasions.
Critics of the plans, such as the Open Rights Group, have said the measures will make the UK's internet freedoms comparable to that of Iran or China.
Heather Blake, from Reporters Without Borders, doesn't go that far, but warns the plans could lower the UK's standing when it comes to maintaining human rights in the online space.
"The UK internationally sets the precedent of press freedom, and freedom of information to use these new media platforms without being under widespread surveillance," she told the BBC.
"It's very important that this legislation is not made law. Countries like Syria, like Iran, are going to look to what this country does and make excuses for the surveillance they use."
The Home Office has said its measures do not intrude in user privacy as the content of emails and phone calls remains private.
"It is not the intention of Government to make changes to the existing legal basis for the interception of communications," a spokesperson said.
But Ms Blake has called for the release any research or data they have to show that increased web monitoring will help in the fight against terrorism.
"They have to be more specific," she said.
"Those who really do commit these crimes, they will always find other ways. They always do."