In The Telegraph today it is reported that the government are going to try to legislate to collect internet Metadata again.
This cropped up I think two years ago and there were a number of meetings in the Commons about it. I pointed out the technical problems. The basic technical problem is that encryption is designed to prevent what is called a "man in the middle" attack. Encryption operates from client to server and no-one in the middle is supposed to find out anything about the communication. Hence if people are using proxy servers outside the UK Jurisdiction it becomes impossible to garner any useful information from this beyond which proxy server is being used.
It was reported that some in the security services did not want a generalised recording of metadata as this would result in more people using encryption, not just those who knew they were breaking the law. I thought these simple facts had kicked this proposal into touch, but clearly not.
This cropped up I think two years ago and there were a number of meetings in the Commons about it. I pointed out the technical problems. The basic technical problem is that encryption is designed to prevent what is called a "man in the middle" attack. Encryption operates from client to server and no-one in the middle is supposed to find out anything about the communication. Hence if people are using proxy servers outside the UK Jurisdiction it becomes impossible to garner any useful information from this beyond which proxy server is being used.
It was reported that some in the security services did not want a generalised recording of metadata as this would result in more people using encryption, not just those who knew they were breaking the law. I thought these simple facts had kicked this proposal into touch, but clearly not.
Comments