Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Privacy The Internet United Kingdom Your Rights Online

Sir Tim Berners-Lee Accuses UK Government of "Draconian Internet Snooping" 192

An anonymous reader writes "According to British daily The Telegraph, Sir Tim Berners-Lee has warned that plans to monitor individuals' use of the internet would result in Britain losing its reputation as an upholder of web freedom. The plans, by Home Secretary Theresa May, would force British ISPs and other service providers to keep records of every phone call, email and website visit in Britain. Sir Tim has told the Times: 'In Britain, like in the US, there has been a series of Bills that would give government very strong powers to, for example, collect data. I am worried about that.' Sir Tim has also warned that the UK may wind up slipping down the list of countries with the most Internet freedom, if the proposed data-snooping laws pass parliament. The draft bill extends the type of data that internet service providers must store for at least 12 months. Providers would also be required to keep details of a much wider set of data, including use of social network sites, webmail and voice calls over the internet." Jimmy Wales doesn't seem to be a very big fan of the UK snooping either.
This discussion has been archived. No new comments can be posted.

Sir Tim Berners-Lee Accuses UK Government of "Draconian Internet Snooping"

Comments Filter:
  • Google already collects all this data and much more. They have analytics and various scripts like jquery embedded on around 99.9% sites. Facebook handles the rest. With Google closely working with NSA and other agencies, who cares? They already have the data right there. Google is officially the internets big brother, already!
    • Re: (Score:2, Funny)

      by Anonymous Coward

      They have analytics and various scripts like jquery embedded on around 99.9% sites.

      Not for me they don't son. None of this noscript pussying around either, broken sites are broken -- turn javascript off!

    • by Anonymous Coward on Friday September 07, 2012 @03:32AM (#41257799)

      Uhm....
      First of all - Google collects data about my VOIP calls? I don't think so.
      Google is mostly only present on the web, not the rest of the internet.
      Even then, you have to be logged into a Google account.
      Even then, they don't collect data they don't care about.
      Even then, Google is one of the few countries that won't just hand whatever data over to the government that they ask for with no questions.

      Even Google wouldn't want to retain every detail of everything a user does - ISPs certainly don't. I can only think of one place that would really love this idea - hard drive makers. Think about it - when everything you do is logged in detail, and that data has to be retained long-term, then the ISPs and government will have to store it somewhere. It's going to be Hard Disk, at least until it gets cut to tape.

      • by fa2k ( 881632 )

        Uhm....
        First of all - Google collects data about my VOIP calls? I don't think so.

        on Google Volce (not technically VoIP) and Google chat sure. They also sync your contacts for android, not sure about the call history

        Google is mostly only present on the web, not the rest of the internet.

        I'll give you that one. They have DNS and email, but it's all optional. For email, they aren't saving anything more than any other webmail provider. For DNS, you have no idea what they save.

        Even then, you have to be logged into a Google account.

        For them to save data? No. Just no.

        Even then, they don't collect data they don't care about.

        When they care about *logging wireless packets* from their Streetview cars, we can conclude that they care about almost all data

        Even then, Google is one of the few countries that won't just hand whatever data over to the government that they ask for with no questions.

        You can have this one too

        • by FireFury03 ( 653718 ) <<slashdot> <at> <nexusuk.org>> on Friday September 07, 2012 @06:59AM (#41258621) Homepage

          First of all - Google collects data about my VOIP calls? I don't think so.

          on Google Volce (not technically VoIP) and Google chat sure.

          Well, duhh, yes - the service provider you're buying a service from knows you're buying that service. If you don't want google to know about it, use a different service provider (but then that service provider knows...). This is no different from how its always been, whether on the internet or not - the telco knows when you made a phone call through their network, the baker knows when you bought a loaf of bread from him.

          They also sync your contacts for android

          Only if you tell them to... You can happilly use an Android device without asking Google to sync your contacts if you want to.

          not sure about the call history

          Google only gets your call history if you ask them to back up all your data. Again, you don't have to use this functionality (personally, I back up my phone nightly using rsync over my wifi network, so I don't bother using Google's backup stuff).

          I'll give you that one. They have DNS and email, but it's all optional.

          So, just like all the stuff you said above - they provide some services, its up to you whether you use those services and if you do they are going to know something about you in the same way as anyone else providing those services would.

          For email, they aren't saving anything more than any other webmail provider.

          Google _do_ analyse your email content to target advertising at you, which is more than many other webmail providers (although I imagine the likes of yahoo and hotmail do the same these days).

          Even then, they don't collect data they don't care about.

          When they care about *logging wireless packets* from their Streetview cars, we can conclude that they care about almost all data

          I would say that Google's attitude seems to be "lets collect as much data as we can, we might find a neat way of analysing it in the future". There are, of course, good and bad things about that. Afterall, people use Google's services precisely because they work really well, and a lot of that is down to Google figuring out how to analyse your data in new and useful ways (useful to *you* as well as them).

          That said, I don't really see the big deal with the whole wireless logging thing. They caught some packets that were broadcast in the clear into a public space for anyone with a receiver to see. If people didn't want their network traffic to be seen by others they had ample opportunity to encrypt it *using the standard functionality of their router*. And even so, the streetview car is moving at speed, it won't capture more than a few packets so they're going to be hard pushed to get anything particularly scary from the data. The whole thing strikes me like someone standing in their front window naked and then complaining that someone who drove past caught a glimpse of them - if you don't like it you should've drawn the curtains.

          • by fa2k ( 881632 )

            If you don't want google to know about it, use a different service provider (but then that service provider knows...). This is no different from how its always been, whether on the internet or not - the telco knows when you made a phone call through their network, the baker knows when you bought a loaf of bread from him.

            The difference between Google and other companies is that

            1. Most companies don't claim to be interested in collecting data. You effectively have to trust them to delete the information when they no longer need it for billing and accounting. Google does save the data, and you have to trust them not to do anything evil with the data. The difference is that you have to trust the telephone company (ugh) for a short time, while you have to trust Google until its demise.

            2. Google provides lots of different servic

      • Google is one of the few countries

        I knew Google was big, but I didn't think they were that big :)

        • Considering revenue as like GDP, Google is larger than many countries. They'd be about the 160th (out of 210) largest country by GDP.

    • hold on, I thought jQuery was run by a not-for-profit foundation, not Google?

      • Re: (Score:2, Informative)

        by Anonymous Coward

        Google runs a CDN (Content distribution network) that hosts JQuery and it has become one of the main ways to include JQuery in your website. There are many advantages to this (since many websites all load Jquery from the same url, one cached version makes all those sites load quicker, etc), but the disadvantage is that since the file gets pulled directly from Google's webservers, they get to roughly monitor website traffic. The catch-22 is that most JQuery powered sites would be using Google Analytics (or s

        • Which is why I host jquery locally (and a trimmed down version at that, I don't use all the features) and use the inbuilt logging that almost every server comes with.

          Don't rely on third parties to host code.
  • by Anonymous Coward

    Right to privacy? Nope. Freedom of Speech? Nope.

    Although I think all the conspiracy theorists are crazy, the new world order is the eventual coalescence of the violation of inalienable rights and it's frequency of occurence across all nations.

    • by jamstar7 ( 694492 ) on Friday September 07, 2012 @02:53AM (#41257655)

      Right to privacy? Nope. Freedom of Speech? Nope.

      Although I think all the conspiracy theorists are crazy, the new world order is the eventual coalescence of the violation of inalienable rights and it's frequency of occurence across all nations.

      Anymore the difference between the tinfoil hat brigade and the rest of society is, mainstream society believes that 1984 is coming. The tinfoil hat brigade believes it's already here.

    • by Chrisq ( 894406 )

      Nope. Freedom of Speech? Nope.

      This has been noted in your file ...

    • by Joce640k ( 829181 ) on Friday September 07, 2012 @03:23AM (#41257759) Homepage

      I have to admit I snorked my coke when I saw that the UK government was supposed to be an "upholder of web freedom".

      The UK government is one of the most openly snoopy governments in the developed world. If that's what they do in public, what do they do in private?

      • If that's what they do in public, what do they do in private?

        They have sex once a month, with their legitimate wives, in the missionary position. They don't have anything to hide, why should they care about privacy?

      • If that's what they do in public, what do they do in private?

        Well you could join MI5 or get a position at GCHQ to find out. But then you wouldn't be able to tell us.

        And obviously you would run the risk of killing yourself but somehow zipping your corpse into a holdall [bbc.co.uk] in the bath.

        • by Kupfernigk ( 1190345 ) on Friday September 07, 2012 @08:49AM (#41259449)
          It's hardly worth being a technical specialist in the British secret world. The real reason that Thatcher wanted Spycatcher banned was because it revealed just how badly technical experts were treated in comparison with the Old Etonians, and might have dampened recruitment. Here's a hint: If you are any good, you can easily earn more teaching maths in a UK secondary school than you can being a codebreaker for the Secret Services. No, I can't prove it, but I have good reason to believe it.
  • Data collection/mining/snooping/browser profiling is so commonplace that pointing the finger in one direction seems almost wrong.
    Your data is already being sold to advertisers by your phone company, by any form you filled in your details, by any "free!" email account etc. So many different companies and bodies are collecting data and personally identifiable information that we're becoming apathetic to it.

    We need strong legislation and standards to make sure data collection is kept to a necessary minimum
    • by rich_hudds ( 1360617 ) on Friday September 07, 2012 @03:17AM (#41257741)
      Actually, as anyone working in IT in the UK can attest, we have very strict rules on what you can do with people's data.

      I've spent a whole day at 3 different jobs attending a Data Protection Awareness course.

      Companies are also realising that the data they collect isn't quite as valuable as they once thought. That's why the big supermarkets that lead the way on this data mining with their loyalty cards are actually reducing the rewards they offer.

      New technology brings new challenges, but to pretend we are slipping towards a 1984 state just betrays your ignorance of history which actually shows that the majority of movement is going towards increased rights.

      Magna Carta only applied to the aristocracy at the time remember, and as recently as 1918 women couldn't vote here.
      • by Dr Max ( 1696200 ) on Friday September 07, 2012 @03:31AM (#41257797)
        I have only had rights taken off me over the last 10 years. If you can name a new one i've been given them i'm all ears.
        • Well off the top of my head, Insurance Companies can no longer discriminate against you based on your sex.
          • by Dr Max ( 1696200 )
            Is that really a right, or just a small discount?
          • Well off the top of my head, Insurance Companies can no longer discriminate against you based on your sex.

            Which is stupid, if you really think about it. Insurance should be based on one thing and one thing alone - the likelihood of you making a claim. Before that EU directive, that's essentially what was in place.

            • It's not stupid at all. Would you be happy for insurers to take into account race and sexuality? What if they found that men with big dicks were more dangerous? You want your dick measured so you can get a discount?

              It's just the same argument about shops having 'No Blacks' signs in the window, only at a slightly less obviously 'wrong' end of the spectrum.

              An insurance company can only go on personal driving history or generalities. This is just a new rule to stop them lumping all members of one group t
              • You clearly didn't read what I said, which was that insurance premiums should be calculated only on the likelihood of you making a claim. If you happen to be in a demographic that's less likely to make a claim, then you should pay less for insurance. What demographic that is is irrelevant.

                • I read and understood your point. You clearly missed mine. Men are more likely to make a claim, I don't dispute that.

                  Doesn't follow that you should charge a particular man more.

                  Re read my post, what if blacks make more claims, presumably someone knows if they do or don't but nobody suggest charging people more or less depending on their ethnicity.
                  • What part of 'only on the likelihood of you making a claim' is so difficult to understand here? Maybe it's the 'only' part, since you keep banging on about ethnicity and sexuality. Did you notice I never identified a particular trait in anything I said? Or did you just read my words and interpret a layer of meaning that just doesn't exist?

                    • You were arguing that not being able to discriminate on the grounds of sex was 'stupid':

                      Which is stupid, if you really think about it. Insurance should be based on one thing and one thing alone - the likelihood of you making a claim. Before that EU directive, that's essentially what was in place.

                      I am arguing that the EU directive is not stupid. Not sure any longer what you are now arguing about.

                    • I see I have to boil my argument down to the bare minimum, since you seem intent on purposefully misreading it:

                      More likely to make claim => higher premiums.

                      That is my entire argument, in all it's manifest complexity. Note how it cleverly weaves absolutely no discrimination whatsoever into its logic.

                    • Before that EU directive, that's essentially what was in place.

                      That is what you said.

                      The directive you are implying has changed something for the worse relates to the gender of the applicant for the insurance. Any normal person would infer that you were criticising the directive and therefore approving of the discrmination the directive removed.

                    • Did you ever stop to think that the directive actually causes discrimination, by essentially penalising a demographic that normally attracts lower premiums? Or did you fall into the trap of 'this treats both genders equally, therefore it must be good'? I'm willing to bet it was the latter.
                    • Of course I thought about it. I even referred to it in my original post.

                      Society has long rehearsed this argument and if you really think you've some up with a new argument you are an idiot.

                      You are either in the 'No blacks allowed' camp or you are not. I'm not.
                    • Personally, I'm in the 'don't turn every debate into a pointless racism argument' camp.
        • Rights are never given; You have them by default. Rights can only ever be restricted, or taken away entirely.
          • How is it that someone can take them away but not give them back again? Can't they recognize a new right? Why are either of these things impossible?

      • by Anonymous Coward on Friday September 07, 2012 @03:36AM (#41257829)

        to pretend we are slipping towards a 1984 state just betrays your ignorance of literature. We're in Brave New World.

        Fix'd.

        • Where are mod points when you need them?

        • Benign world controllers dealing with dissent by setting up island colonies where highly intelligent people can go and build their own societies, while running a strict hierarchical society which manages to keep almost all its citizens healthy and happy? I wish! My feeling at the end of reading BNW for the first time was "Helmholtz Watson, lucky bugger. How do we make this happen?".
      • by FireFury03 ( 653718 ) <<slashdot> <at> <nexusuk.org>> on Friday September 07, 2012 @07:15AM (#41258695) Homepage

        Actually, as anyone working in IT in the UK can attest, we have very strict rules on what you can do with people's data.

        There are indeed very strict rules. But what good are rules if they are not enforced?

        As an example, an organisation I dealt with illegally sold my personal data to numerous "partners" (they asked me if I agreed to have my data passed to "partner companies", I declined, they did it anyway). A complaint has been filed with the ICO, and the ICO's response has been to write to the company in question telling them they shouldn't do that. That's it - the ICO are not interested in doing anything to enforce the data protection law except write sternly worded letters to people.

        Meanwhile, whilst the original company has now stopped selling off my data, the companies they sold it to have sold it. And the ones they sold it to have sold it. There is no way for me to prevent that (now widespread) data being distributed further. Futhermore, these third party companies aren't even guilty of doing anything wrong since as far as they knew, I had agreed to have this data distributed (since thats what the first company told them).

        What is needed is 2 things:
        1. Rules forbidding the sale of any personal data between companies.
        2. Actual enforcement of those rules and punishment for breaking them.

        I am much happier with the likes of Google having my data than other companies - although Google may have a lot of my data, they don't sell it, so I pretty much know where it is, and if I don't like it I can cease using Google's services and make a formal request for them to destroy my personal data (which they are required to comply with under EU law). Most other companies that I have to deal with (e.g. my insurance company, etc.) are happy to sell the data on to other people, who will further sell it on and there's no longer any way for me to know who actually has this data any more. I *always* tick the "don't sell my data" box whenever I fill in a form, and yet my personal data is out there being bought and sold because a few companies have broken the law and ignored my preference. There is largely no way to know which companies have done this.

        • You can always pursue it yourself ...

          How to claim compensation [ico.gov.uk]
        • What is needed is 2 things:
          1. Rules forbidding the sale of any personal data between companies.
          2. Actual enforcement of those rules and punishment for breaking them.

          what's needed is jailtime for the execs...it's the only way to get them to take things seriously... a fine on the company is merely seen as the cost of doing business and comes out of the customers pockets in the long run...

          Another way to make them sit up and notice would be to legally require them to pay the fines from the shareholder's divid

  • Which reputation? (Score:5, Insightful)

    by leromarinvit ( 1462031 ) on Friday September 07, 2012 @03:00AM (#41257677)

    Which "reputation as an upholder of web freedom" would that be? The one based on them censoring Wikipedia for showing an album cover? Or the one where you have to hand over encryption keys or be thrown in jail?

    • by azalin ( 67640 ) on Friday September 07, 2012 @03:05AM (#41257695)
      I think they refer to their defense of privacy by having the highest number of surveillance cameras per citizen of any western nation.
      • by jhoegl ( 638955 )
        Fundamental difference:
        Surveillance cameras are put on public streets
        Networks were built and are managed by private corporations.
        So you have two options:
        Trust your government has your best interest at heart
        Trust a business you are giving money to has your best interest at heart as it sells your info to your government
        ...I think we are screwed!
      • Oh, that old chestnut. I think you'll find that US cities have just as many CCTV cameras - possibly more - as UK cities.

        The number that's often trotted out only works if there's a CCTV camera for every 50m (yes, fifty metres, about ten car lengths) of road right down to dirt farm tracks - which is clearly not the case.

        • I dunno, when I was in London there were a LOT more than one every 50m. I noticed large clusters on nearly every street corner, plus the ones on the underground...never saw anything like it in NYC -- sure, there's a fair bit of private ones scattered about, but that's not the same thing. As far as city/police owned cameras, you'll maybe find one or two on high traffic street corners. Never seen even a single cluster like the ones that were so common in London...

    • The one based on them censoring Wikipedia for showing an album cover?

      IIRC, that filter is maintained by a private company.

      The UK government loves to outsource - when it inevitably goes wrong, they can just say 'wasn't us!'

      • The UK government loves to outsource - when it inevitably goes wrong, they can just say 'wasn't us!'

        But they are still the ones who made the laws requiring a filter to be present, or at least coerced the ISPs to install one. If I outsource an assassination to a hitman, does that mean I can somehow disclaim responsibility?

        • Only for ISPs that provide services to government agencies and public bodies. There's no requirement that it's applied to private consumer connections, although the majority of ISPs have voluntarily implemented the filter service (provided by the Internet Watch Foundation [wikipedia.org]).
      • The one based on them censoring Wikipedia for showing an album cover?

        IIRC, that filter is maintained by a private company.

        The UK government loves to outsource - when it inevitably goes wrong, they can just say 'wasn't us!'

        The IWF list is a privately maintained list of censored sites which is voluntarilly(*) used by ISPs and content filtering companies. They are funded by donations(+) from these companies.

        (*) "Voluntarilly" means "often forcibly required by the government". For example, until BECTA was dissolved, companies wanting to sell content filtering systems to schools were required to use the IWF list.
        (+) By "donations", I mean companies are required to "donate" somewhere from £1000 - £40000 per year if t

  • Run a Tor relay. (Score:5, Interesting)

    by L4t3r4lu5 ( 1216702 ) on Friday September 07, 2012 @03:14AM (#41257723)
    Even if you're not happy running an exit node, you can help speed up the Tor network by running a relay. All traffic through a relay is encrypted and kept within the Tor network, so you remain unidentifiable. It also helps obscure when you yourself are using Tor.
    • Re:Run a Tor relay. (Score:4, Interesting)

      by coofercat ( 719737 ) on Friday September 07, 2012 @06:33AM (#41258509) Homepage Journal

      So here's a serious question...

      Assuming this tracking law gets in (which it seems it will eventually, as this isn't the first try for such a thing), then would it actually be a good time for everyone (inside the UK and International) to rent a virtual server some place (in the UK) and run an honest-to-goodness Tor exit node?

      For us Brits, there's a risk of prosecution (although it's unclear to what extent). I'm sure "it's a Tor node, it's entirely public, and I personally didn't actually download all that stuff" might be enough defence to avoid life-changing legal action. IANAL, and I really have no clue what I'm talking about here.

      However, for International folks, the worst than can really happen is that they shut down your VPS. You can then just go rent another one and be up and running in minutes.

      Assuming this vaguely makes sense (particularly for non-UK residents), then we could conceivably have a "flood" of Tor-originated traffic to all manner of questionable web content flowing through our Royal pipework and into the ISP data logs, and into the Great Decentralised Central Government Database of Everything. I'm probably barking up the wrong dog here, but it seems interesting none the less.

  • by Alioth ( 221270 ) <no@spam> on Friday September 07, 2012 @03:45AM (#41257867) Journal

    Good luck with logging social network use. Facebook and Twitter at least seem to use https by default for me. Unless ISPs can force people to download trusted certificates for a proxy that decrypts, logs, then re-encrypts their facebook usage, they won't be seeing much.

    Incidentally, I run my own mail server. I relay my mail through it using TLS, and it too uses opportunistic encryption when contacting other SMTP servers. My ISP sees nothing but encrypted data going past. Many public SMTP servers now are supporting opportunistic encryption and supports 256 bit encryption (in fact, if you want to pass a PCI-DSS ASV scan, then if your mail server supports encryption it must disable all weak ciphers).

    (Disclaimer: I don't live in the UK, but I do live in a British crown territory - whether a similar law is passed here is not guaranteed, for example we don't have anything like the RIP Act)

  • "According to British daily The Telegraph, Sir Tim Berners-Lee has warned that plans to monitor individuals' use of the internet would result in Britain losing its reputation as an upholder of web freedom."

    I assumed there was someone monitoring my use of the Internet, which is why I've always been cautious, at least with my home usage ...
  • by CuteSteveJobs ( 1343851 ) on Friday September 07, 2012 @04:00AM (#41257941)
    The Australian Government is doing the same thing:

    http://yro.slashdot.org/story/12/09/04/1825205/australian-attorney-general-pushes-ahead-with-govt-web-snooping [slashdot.org]

    For the first time in history people can communicate freely en masse and it scares them.
  • by Onymous Hero ( 910664 ) on Friday September 07, 2012 @04:12AM (#41257983)

    The source of this junk law is the European Union. It just so happens that the UK has implemented this directive. Others will follow suit if they haven't already!

    "On 15 March 2006 the European Union adopted the Data Retention Directive, on "the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks and amending Directive 2002/58/EC".[1][2] The Directive requires Member States to ensure that communications providers retain, for a period of between 6 months and 2 years, necessary data as specified in the Directive"

    https://en.wikipedia.org/wiki/Telecommunications_data_retention#European_Union [wikipedia.org]

    • Re: (Score:2, Informative)

      by Anonymous Coward

      It couldn't be that national governments get their European counterparts to push through unpopular directives?
      Or that Britain doesn't have a Veto.

      You know you would think people would remember voting in Conservative MEP's and they are not aliens but members of the same political party that also has members in the national government.
      It wasn't Microsoft attacking Linux it was SCO much easier to attack the sock puppet.
      It's not the record labels making disproportionate attacks it's the RIAA.

      It's not s

  • Maybe a HTTP over BitTorrent maybe.

    Something that is not tcp, and encrypted (not just byte for byte ,but with -bogus bytes- mixed in to round up the size of traffic, so all files under 128 bytes will be all the same size, 128 bytes so LEOs cannot even use file sizes to narrow down your access).

    Something that talks to many servers to get the content.

    This would require a whole new server design, or proxy wrapper to existing http servers, but yeah bittorrent http would work.

    A) bittorrent server can server all

    • Sounds kinda like Freenet. Or I2P. Or FCON. Or even Tor at this point. Except those are far more secure than BitTorrent.

  • The current government do not care about Internet Freedom.

    What they do care about is Competitiveness .

  • There are only few Upholders of Web Freedom in the UK. Sir Tim Berners-Lee OM, KBE, FRS, FREng, FRSA isn't one of them, since he's in Mass., USA. The Pirate Party UK [pirateparty.org.uk] is definitely one of them. With enough support it can also actually do something about it, instead of just being a forum of discontent, while tonight we'll just watch footy on the telly with a pint of ale in our hand.

Some people manage by the book, even though they don't know who wrote the book or even what book.

Working...