Virgin Media To Trial Filesharing Monitoring In UK 280
Shokaster writes "The Register reports that Virgin Media are to begin monitoring file sharing using a deep packet inspection system, CView, provided by Deltica, a BAE subsidiary. The trial will cover about 40% of customers, although those involved will not be informed. CView's deep packet inspection is the same technology that powered Phorm's advertising system. Initially Virgin Media's implementation will focus on music sharing and will inspect packets to determine whether the content is licensed or unlicensed, based on data provided by the record industry. Virgin Media emphasised that records will not be kept on individual customers and that data on the level of copyright infringement will be aggregated and anonymised."
Virgin media? (Score:4, Funny)
Time to encrypt everything. (Score:5, Insightful)
Re: (Score:2)
Re: (Score:2, Insightful)
And by "aggregated and anonymised", they mean they will send all the records to the record labels grouped by address. They won't even send the DSL subscribers name to the record label. Promise.
Re: (Score:2)
Vuze / Azerus already does this. Uses RC4 as the algorithm. But it should be enough to stop the virgin in it's tracks.
Indeed, from the linked artcle:
Most p2p software is able to encryption now days....use it.
Re: (Score:3, Insightful)
But unless client and server agree on a private key in advance, by offline means, a Man in the Middle can still proxy the key negotiation and access the plaintext.
Re: (Score:2)
But unless client and server agree on a private key in advance, by offline means, a Man in the Middle can still proxy the key negotiation and access the plaintext.
I can't help but think that that might be just a little illegal unless it was done by law enforcement with a warrant, as would any form of decrypting an encrypted transmission.
MitM = DRM circumvention (Score:2)
a Man in the Middle can still proxy the key negotiation and access the plaintext.
But wouldn't this be illegal?
Let's leave aside P2P, in which you may or may not have the right to transfer particular copyright material (depending on the material, of course). If you protect your personal communications - in which copyright belongs to you - with a DRM scheme such as a non-trivial encryption, then decrypting it would be an unauthorized circumvention of that DRM. The mechanism used, whether brute-force or Man in the Middle, is merely a technical detail.
It would be an outrage if ISP condi
Re:Time to encrypt everything. (Score:4, Interesting)
Well yeah but reading up [wikipedia.org] it seems that A person in the middle may establish two distinct Diffie–Hellman key exchanges, one with Alice and the other with Bob, effectively masquerading as Alice to Bob, and vice versa, allowing the attacker to decrypt (and read or store) then re-encrypt the messages passed between them. A pre-arranged certificate could be used to exclude the man in the middle but then the client may proceed with the negotiation anyway (to get their stuff) and the cert can be comprimised if it is sent in the clear over the same link, ie, by apt-get or similar.
Re: (Score:2)
Of course, then the fingerprints will be wrong. Granted, very few people check them but there are cases like you having a laptop locally and ssh stores the fingerprint. Then you take your laptop on a trip and suddenly ssh throws nasty "this fingerprint doesn't match" because you're being MITM'd, or paranoid people verifying it via email or phone or obfuscated in the message - the last could be replaced, but then they've have to have a perfect obfuscation search and replace, unlikely. So yeah, MITM works but
Two Other Words Then (Score:2)
Re: (Score:2)
It can tell you that an eavesdropper is in the middle of the link, but this doesn't help you if you know your link is compromised by the company which operates it. In that case you can only look for alternatives or fall back to keys arranged over other channels.
Re: (Score:2)
How about some sort of signing system. The host can provide a signed file with payload info and a certificate, then the client can verify that it is from the actual host that you are connecting to. Any sort of public key system would work for this.
From this point, you should already have secure communication channel though the certificate to the server, and can join the "net of trust". Secure connections can then be negotiated by someone already in this net of trust, be it the server, or another client.
Goin
Re: (Score:2)
Unfortunately, it's not practical to keep the public keys of every single organisation on the planet you may wish to trust.
So instead, certificate authorities (a trusted third party) vouch that the public key you are being presented really is from who it claims to be.
Which is well and good but unless you have a certificate authority which only ever grants certificates to people who are not part of the ISP or the music industry, it's more or less useless for this purpose.
Re: (Score:2)
Well, you could use something like GPG. If the ISP really wants to devote the resources to tracking down and faking certificates for every single torrent file, then matching them to specific connections, then they probably have a lot more processing power than I would expect from an ISP
Re:Time to encrypt everything. (Score:5, Insightful)
Re:Time to encrypt everything. (Score:5, Insightful)
if they suspect people of committing a crime, they should get a warrant.
But that would involve due process and presumption innocence, and well, we can't have that now. What's next? Right to a fair trial?
Re:Time to encrypt everything. (Score:4, Insightful)
They aren't allowed to listen to your phone calls, wy the hhell should they be allowed to look at your data
Yeah, and look at how well governments followed that law http://en.wikipedia.org/wiki/NSA_warrantless_surveillance_controversy [wikipedia.org]
Any human rights documents from any western country (UK, US, Canada, etc) are quickly becoming no more than toilet paper.
The only way we have to stop them is to make it physically impossible for them to trample our rights. Encryption is one way we can stop this abuse of power. Laws only get us so far when "national security" is on the line.
Re: (Score:2, Interesting)
Isn't that an interesting coincidence that they all became this way at (relatively) the same time? You'd think that the ones who don't become this way would enjoy a degree of economic and social prosperity that would give them quite a competitive edge against the other nations.
When are you guys going to wake up and realize that sovereign nations hardly exist anymore? If you want to
Re:Time to encrypt everything. (Score:5, Interesting)
I fully agree. The rise of surveillance of telecommunications (of whatever method) in the West is getting a bit alarming. Ubiquitous encryption will become the standard I feel. We are moving towards a word where all new software, systems and protocols that get developed, will include encryption to a greater or lesser extent.
It started with the widespread logging and monitoring of all phone calls entering and leaving the US after 9/11 (this really irritates me as a non-American - that my calls TO America are getting logged and possibly intercepted). Since then though I feel that it is the UK that is becoming the worst offender. AU and NZ are still pretty much surveillance-free ... although that's mostly a product of them being isolated and not having suffered a direct attack, rather than them having stricter protections against this kind of thing. I'm sure if there were an attack or threat there, there would be impetus to implement similar systems to the US/UK.
So yeah, I would urge everyone to use encryption in their daily lives as much as they can. Of course, most of us have nothing to hide in this respect, but it's really the ~principle~ of the thing that is at stake here, rather than an actual need to encrypt. If we make it technically or financially unfeasible to monitor communications en masse, then Governments will be more reluctant to do it, and will return to concentrating on tapping into only particular, suspected communications, by way of a proper warrant. Like they ~should~ be doing.
Re: (Score:2, Insightful)
If we make it technically or financially unfeasible to monitor communications en masse, then Governments will be more reluctant to do it
or... governments will switch to more radical forms of tapping, like pointing a directional microphone at your house...
Re:Time to encrypt everything. (Score:5, Insightful)
Of course, most of us have nothing to hide
I hear that all the time and it's time to stop this lie by the surveillance fanatics once and for all.
Of course we all have something to hide! It's called our private life. You have no business snooping around in it. Not if you're a cop, not it you're an ISP, not if you're god.
Re: (Score:2)
Wouldn't using encryption be "circumventing a copyright protection mechanism" .. oh, UK, sorry.
Re: (Score:2)
Wouldn't using encryption be "circumventing a copyright protection mechanism" .. oh, UK, sorry.
Wouldn't trying to crack my encryption be "circumventing a copyright protection mechanism"? After all you can't know what's in the packet until you "open" the packet.
Re: (Score:2)
> Wouldn't using encryption be "circumventing a copyright protection mechanism"
Not in the USA, but of course this is in Europe.
Re: (Score:3, Informative)
If they thought DPI was expensive, wait until they try real-time decryption
Encryption can get you into trouble [theregister.co.uk] in the UK/
Re: (Score:2)
How do they know? (Score:5, Insightful)
I have a friend who's an amateur musician and devices (his mobile phone) have started to deny him the ability to play his own music due to it being "unlicensed".
How the hell do these clowns expect to be able to figure out what's unauthorised copying?
Re:How do they know? (Score:5, Interesting)
Re: (Score:2)
people on here think they have somehow been winning this fight to control media, when they have been kidding themselfs. the fight hasn't even STARTED yet...
Re: (Score:3, Insightful)
It's nice to see the military industrial complex involved in the music industry's problem.
Re: (Score:2, Informative)
Only the RIAA is allowed to distribute music there will be no other source or at least that is looking like their plan.
I suggest a boycott during the 3rd Quarter: April 1, 2010- June 30, 2010, and 4th Quarter: July 1, 2010 - September 30, 2010
Someone could set up a nice website, people could vote on a list of demands/consumer rights, and people could start an email/facebook campaign. A dent in the industries profits might get these people's attention.
I for one think the Public Domain needs to be given back
Re: (Score:3, Informative)
Re: (Score:2)
Re: (Score:2)
Don't worry. It'll all be throttled soon. I predict that anyone who wants to produce content will need a special business line.
To use VoIP, that'll be throttled, as will non-branded chat apps. Anything that will allow a telco-style grab for features. The most expensive will be the one which permits encryption for working from home... unless you're a big company who can afford a mutual kickback relationship with the telco.
The days of the free Internet are coming to an end. It'll be as dead as devoid
Re: (Score:2)
The days of the free Internet are coming to an end.
Perhaps it's time we invented something else. We're still here, aren't we?
How about some peer-to-peer mechanism that bypasses the ISP's altogether?
Ok, that's at least half said in jest. But this whole matter, relative to the sheer astounding amount of information that passes between people, puts me in mind of trying to dig the sea out of a sand castle. The rough note is that we have to stay ahead of the bastards who try to limit the means of communication, or put a tap on it for control and money. The c
Re: (Score:2)
How about some peer-to-peer mechanism that bypasses the ISP's altogether?
Easy enough if you're using dialup. Kind of hard, however, when the ISP owns the line going into your house.
Re:How do they know? (Score:4, Interesting)
Packet Inspection (Score:2)
Not only that, those packets they're "inspecting" could be for anything. If you back up your Mac (including your music collection) to MobileMe, does it flag your file transfers as unauthorized filesharing? What about if you access your files over a VPN? What if you email your favourite music to your Gmail account so you can listen to it from work or on vacation? What if you upload them to your phone to use as a ringtone?
Re: (Score:2)
>>What about if you access your files over a VPN?
If they can tell what files I'm sending over an encrypted VPN link, then they have some impressive technology indeed.
But your point is valid - how do they know if the music I'm sending is an authorized transfer or not? What if I'm the person who owns the content?
Re: (Score:3, Interesting)
If they can tell what files I'm sending over an encrypted VPN link, then they have some impressive technology indeed.
At the risk of being branded a tinfoil-hat wearing nutcase, my employer used to use CIPE for a VPN between two offices. At the time I started, CIPE had already been discredited as being fundamentally insecure but nobody really thought it was going to be intercepted unless you had pissed off a government somewhere.
Then we had a problem. SIP traffic of any description going over that VPN link didn't make it across. (Kind of important when your employer produces SIP software).
Everything else made it fine.
Re: (Score:2)
I have a friend who's an amateur musician and devices (his mobile phone) have started to deny him the ability to play his own music due to it being "unlicensed".
Its not his music. All music belongs to the properly recognised music industry. You see the music industry is God, therefore nothing can be created except by them or with their help.
He is clearly some sort of hippy communist terrorist music thief.
I say lets try to confuse them. (Score:2, Funny)
Re:I say lets try to confuse them. (Score:5, Funny)
Re: (Score:2)
Or flood it out - everyone share public domain versions of classical music etc! (Stuff that will be recognised as "a known song that doesn't need a license").
Either that or everyone should just torrent large amounts Linux ISOs so that the DPI system generally has to monitor loads of stuff anyway before it determines that it isn't relevant.
Six months from now (Score:4, Insightful)
27th May 2010
Just 6 months after the announcement to monitor their network for illegal filesharers, Virgin Media has seen a dramatic decline in subscribers.
90% of their top tier customers (renting 20Mb/sec) have canceled their subscriptions
This figure is similar (82%) for their 10Mb/sec tier
Furthermore, the cost of the controversial detection methods (Deep Packet Inspection) has meant that the company has had to increase monthly subscription costs across all tiers by 10-20%
This has seen decline (albeit much smaller, at 47%) in their lowest tier of service
Re:Six months from now (Score:4, Insightful)
Only in your fantasies. Nothing will change. They'll keep the same subscriber level, and if there's any changes in level it will be due to deteriorating economic conditions.
Face it: the average schlub doesn't give a rat's ass about the security of their internet connection from the ISP itself. In their thoughts: "Why should I? I've got nothing to hide!"
Re: (Score:2)
Only in your fantasies. Nothing will change. They'll keep the same subscriber level, and if there's any changes in level it will be due to deteriorating economic conditions.
Face it: the average schlub doesn't give a rat's ass about the security of their internet connection from the ISP itself. In their thoughts: "Why should I? I've got nothing to hide!"
When are people going to learn that it's not about whether you have something to hide? It's about what they want to find and it always was.
Re: (Score:2, Insightful)
Re: (Score:2)
I think you overestimate the anger that would be experienced.
While most people may do it, they usually know full well it's illegal. It's just that the risk of suffering any serious consequences is miniscule.
My guess is that most people will shrug their shoulders and say "Ah well. It was nice while it lasted".
Be interesting to see how many people continue to subscribe to the most expensive, fastest deal though...
Re: (Score:3, Insightful)
You’re the master of self-fulfilling prophecies aren’t you??
Half the reason that sometimes nothing changes, is the people constantly repeating that, taking all belief of the possiblility out of people.
That again is half the strategy to keep people from rising up.
Because in the end, it’s all in the mind. If ten million people want to rise up, but believe they are the only ones, then it will be much more unlikely that they really do it.
But if ten people believe that they really can change th
Re: (Score:2)
> I'm a Virgin Media customer and I won't be leaving because they're
> still the cheapest deal for me.
Good service has a value all of its own.
There are several ISPs in the UK that have stated that they will never implement DPI; their services generally cost from 17 to 32 UKP per month with no throttling, no port-blocking and no IWF censorship. Is that *really* too much to pay?
Instead we see Virgin, BT and TalkTalk prospering with over 4 million customers each because they spend vast fortunes on adver
Re: (Score:2)
And where is the usenet server hosted?
At the moment the *AA are interested in torrents and don't care much about usenet because relatively few people use it, but sooner or later they will go to the companies hosting these servers and sue them for the server logs which implicate you.
there BIG LACK of HD is killing off subscribers as (Score:2)
there BIG LACK of HD is killing off subscribers as well and this maybe to topper as people will give faster internet for FULL INTERNET.
Re: (Score:2)
Re: (Score:3, Informative)
Try Be
www.bethere.co.uk
Excellent service
Re: (Score:2)
Virgin are in a strong position in the UK and they know it.
Firstly, ADSL 2 has yet to see widespread rollout. If you're in a cabled area, they hold a nationwide monopoly over that cable and it's far and away the fastest option for Internet access.
Secondly, every time something like this is announced virtually every other ISP is not far behind. It's unlikely - nay, unthinkable - that the company flogging this to Virgin isn't trying to flog it to every other ISP and with the government seriously advocating
Re: (Score:2)
What about people who have some problem such as laggy connections and, not being too technically minded, make the jump in their minds to deep packet inspection being the hidden cause? Maybe deep packet inspection isn't even really slowing things down or glitching connections or whatever, but doesn't it sound like it would to the average person? What happens when these people think the real issue can be summed up as "This company is lying through their teeth to me", and not some technical explanation? So Vir
More details here: (Score:4, Informative)
Re:More details here: (Score:4, Interesting)
So now I know what their engineers have been doing instead of upgrading the upstream infrastructure so that my 10Mbit connection can provide better than 500kbit with 33% packet loss. Trebles all round.
Re:More details here: (Score:5, Insightful)
Such as, e.g., a facility to allow *every* broadband customer to be informed of and if they so choose to view *all* the information being gathered about themselves, and allow *any* of this data to be edited for accuracy by the customer, and allow *all* of this data to be deleted from *all* their servers if the customer decides to end the contract with Virgin at any time, etc.
Moreover, I presume that Virgin Media have ensured that the nature of the data they do collect is technically necessary for the provision of their ISP service to each customer, and not simply a gratuitous and illegal collection of data that is requested for a completely independent purpose set out in a completely different contract with another entity, and to which the customer himself is not actually a party.
These are bad economic times, and it would be a pity if some idle British lawyer were to look a little too closely at this announcement...
Re: (Score:3, Insightful)
This is what the banks have been doing for decades. They are happily giving details of your credit card transactions to a privately owned third party company that keeps this record about you and sells digested report about you, popularly known as credit rating, to interested other parties.
If you wish to see the information they collect about you, you have to pay money to them, and correcting wrong information about you (since it otherwise can ruin your life) is not easy or even possible either.
Re: (Score:3, Interesting)
The Data Protection Act does allow you access to this data for a nominal £10 fee. In a month or two I'll be sending them a cheque with a request for all data held about me.
What is not clear is how this works with anonymous data. It's still my data, even if it can no longer be associated with me.
Re: (Score:2)
So are they an entertainment delivery company or an ISP? Do you want to buy content or connectivity?
Encrypted Anonymous File Sharing (Score:3, Interesting)
Which is worse: All data being free, including data you don't personally like? Or regimes of data control?
Will they track their own usenet server? (Score:5, Interesting)
Here's a bit of a dilemma, they crack down on filesharing, yet run a free usenet server for their customers with alt.binaries included with 5 days retention.
Will they issue a takedown to themselves?
Re: (Score:2)
Frankly, I find it amazing that Usenet is still on anyone's radar. Even the alt.binaries groups. It's been a long time since I've found an ISP that includes a free usenet server. The reliable ones are the ones that you have to pay for, and honestly, if you're going to pay to pirate things, you're probably doing it wrong.
Re: (Score:2)
Actually usenet is probably the best way to go, and the rates for premium servers are incredibly cheap.
Re: (Score:2)
Paying to pirate solves a lot of problems, like things not being available in your country, or only in an DRM'd format. It could be well worth it.
Re:Will they track their own usenet server? (Score:4, Informative)
Re:Will they track their own usenet server? (Score:4, Funny)
Usenet is filesharing Usenet is free movies Usenet is porn Usenet is new p2p to go Usenet is torrent replacement Usenet is rapidshare in steroids. Usenet rocks for music, mp3 Usenet manga anime naruto. Usenet mininova Usenet thepiratebay.
I hope you do not mind mentioning Usenet along with few unimportant keywords and phrases. Its not like this will show on google. You are quite safe :)
Re: (Score:2)
Here's a bit of a dilemma, they crack down on filesharing, yet run a free usenet server for their customers with alt.binaries included with 5 days retention.
Will they issue a takedown to themselves?
Due to the repeated issuance of takedown notices (by our own company but we're not telling you that) we regret that we have been forced to remove free access to alt.binaries. If you wish to use that service please subscribe to our new service - PayPerViewBinaries - for just 12.99 per month (well until we increase
No one believes the promise of anonymity (Score:4, Insightful)
I guess I'll fill in some space down here because slashdot will not likely let me post a subject-only comment, but seriously, what more needs to be said? I can't believe they are even saying that with a straight face. Governments barely have anyone or anything to answer two when they lie to people. Businesses like Virgin media most certainly do not. The only thing that their bullshit proves is that they are aware of what the public response will be and that they are afraid of it at some level.
Could this cause legal problems for them? (Score:5, Insightful)
Re: (Score:2)
> How is this legal?
In the USA they would be protected by the "safe harbor" provisions of the DMCA. In the UK, however...
Re: (Score:3, Insightful)
Re: (Score:2)
Unlikely considering they have £4bn+ of debt.
Re: (Score:2)
Re:Could this cause legal problems for them? (Score:4, Interesting)
Yes, I think it's actually illegal, but for different reasons. From what I can tell this is exactly why the UK is facing legal procedings from the EU over Phorm.
It's effectively a breach of the European Declaration of Human Rights which we are signatories to, specifically it is a clear breach of the right to privacy.
I think realistically this will end up in European courts. It wont end up in British courts or be looked into by the police here because they are merely puppets of the Labour government here which supports this as demonstrated by the new supreme court refusing to hear McKinnon, the refusal of investigations into Phorm even though it was blatantly illegal and so on.
Nowadays in Britain we have to rely on the European courts for any semblance of justice on these sorts of things, but on the upside they do generally rule in favour of the citizen on things like this where it is a clear breach of law. God knows where we as citizens of Britain would be if it weren't for Europe, I'd imagine it would resemble something like Germany circa 1937. In fact, there's a certain irony in that whole sentence, how times change eh?
Encrypt (Score:5, Insightful)
Everything.
Re:Encrypt (Score:4, Funny)
Ok
cewqqwavkbqfycpligfbnoppilrsbmfDshcaswlpgjxyeuwhkz2gejdtx6wzhutcofalcwTl
Re: (Score:3, Funny)
Re: (Score:2)
It won't help much. Thanks to Bit Torrent, it's rather easy to identify file sharers; they connect to thousands of peers. You draft a AUP that states file sharing will not be tollerated. Then you use NTOP to identify potential file sharers. Finally, you redirect them to a web page explaining what they need to do if they want to get back online.
For repeatr offenders, you kick them completely.
Re: (Score:2)
- The biggest hurdle for the content companies is that encrypted BT makes it almost impossible
- to see what people share between them. Its impossible to distinguish a bittorrent of a Linux ISO
- from your latest blockbuster. Disallowing filesharing alltogether wont make an ISP that popular.
Except for the web page with the link to spiderman4-xvid-ROTFL.avi.torrent. Your ISP's DPI will be able to report if you clicked that link or not. Until both traffic AND searching are anonymised via onion routing, and
Re: (Score:3, Insightful)
It is an evolutionary process. Browsers and http servers didn't all support HTTPS from the very beginning, but serious ones gradually accepted it as a critical part of the web infrastructure, and now you wouldn't dream to do ecommerce on HTTP.
The same is slowly happening for other applications where secrecy and data integrity increasingly get to be seen as essential. Pretty much all serious torrent clients already support encryption, but they haven't switched off "legacy" support in their default configurat
This won't work (Score:2, Insightful)
Re: (Score:2)
I don't fully understand how BT works, but it seems that most people accept all peers, so does that mean they can use a modified BT client to connect to your system and get information irrespective of encryption?
Re: (Score:3, Informative)
Most clients use encryption by default, but will accept plaintext incoming connections yes. It's fairly easy to configure your torrent client to only allow encrypted connections if you are feeling paranoid.
Deep packet inspection does not extend to joining swarms with a modified client. At least I'd hope not...
Re: (Score:2)
That will be a thrill to their business customers. I'm in Canada, and if Telus or Shaw started throttling encrypted traffic, we'd be well and truly screwed. DSL and cable uplink speeds suck enough already, but holy fuck, that would be bad.
Re: (Score:2)
It wouldn't be that difficult to only throttle encrypted traffic for residential customers, having a side effect of giving further incentive for businesses to get a business account.
misnomer (Score:5, Funny)
Judging by their behaviour they should probably rebrand themselves Whore Media.
Re: (Score:2)
"rebrand themselves Whore Media"
http://home.clara.net/lesmcdm/images/virgin.jpg [clara.net]
What sort of overhead would be need to encrypt BT? (Score:2)
For torrents, encrypting them to block this sort of thing would appear to be straightforward. Just include the encryption key in the *.torrent file itself. Make it a nice long randomly generated key using lots of bits with whatever freely available encryption algorithm is thought to be the most secure.
What sort of CPU overhead is needed for this kind of encryption processing, though? Would it add up to anything significant on modern 1 GHZ+ multicore CPUs at the current data rates?
Re: (Score:2, Insightful)
openssl speed aes-128-cbc aes-256-cbc
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
aes-128 cbc 93137.34k 124663.87k 140590.61k 144921.90k 145808.33k
aes-256 cbc 60556.97k 91740.58k 103621.96k 107994.02k 108521.49k
Those benchmarks are on a 3 year old CPU (single core only). Hence encryption is not a limiting factor for end users - instead, network bandwidth is the limiting factor. I'd argue that encryption isn't a limiting factor for mass data surveill
Implied (Score:3, Insightful)
For Now. Later? Who knows.
In Other News... (Score:5, Insightful)
All public and private communications of all executives of companies in the UK valued at 500 million or more will be monitored for illegal, unethical, and undesired behaviour.
"If we had only known what certain Wall Street bankers had been up to the world could have avoided financial losses in the trillions. In a world of high speed communication and free flowing capital, the expectations of privacy have to be balanced against the interests of all stakeholders." said noted expert florescent_beige.
Re: (Score:2)
Ring them up and complain. Tell them you'll switch ISP.
Re: (Score:3, Insightful)
Re: (Score:2)
Re: (Score:2)
Do they have this concept of "common carrier" in the UK?