Wednesday, 8 April 2009

Big EU is Watching You

As of last Monday all Internet Service Providers (ISPs) in the European Union (EU) are required to store the details of every email and every internet phone call placed by anyone, for at least one year. Principally this European law is in the name of protecting us all from terrorism. Let me make it crystal clear, this law is not about collecting and storing Email and internet phone call content, just tracking the “when”, “the sender” and “the recipient”, think of the information listed on your telephone bill, which is already legally required to be stored by telecoms companies.

Most ISPs in Europe already store this type of information, with the Email information used to help fight Spam for instance. Despite this most ISPs were dead against the law due to the hassle factor, but in the UK, ISPs have been “talked round” thanks to the UK government offering to reimburse ISPs the cost of storing and maintaining the data.

So why the law? Well I think one of the key reasons is to allow EU governments “easier” and direct access to the information on mass, so bypassing the legal system (no court orders), wait a minute, isn’t the legal system in place to protect individuals from governments? I think we can assume this information will be used for data mining, as well as the specific investigations of individual suspects. By data mining, I mean the scanning of these vast amounts of electronic communications data for patterns which match terrorism activity, whereby the system analyzes the data and then spits out the names of who it deems are terrorist suspects.

It’s not about the “Chatter”
In the Second World War before the German Enigma machine encryption was cracked, the UK intelligence would look for “chatter”, which is the tracking of the number of encryption communications being sent, with spikes in encrypted communications usually meant a german attack was being organised and therefore about to occur. The germans counteracted this by having all enigma operators send random messages periodically, so the spikes were not so obvious, in fact this counter activism actually helped with the breaking of the enigma code.
Anyway my point is looking for “chatter” in high volume Email and Internet telephone calls to predict a terrorist attack is about to occur is not likely to work, as unlike the mobilising of large military forces to carry out an attack, terrorist groups are very small and very insular in nature, generally very careful with their communications, which is why they aren’t discovered in the first place. Given the vast amount of daily communications taking place over EU part of the Internet, I just can’t see how it is possible to see terrorism communication chatter spikes, so this law cannot be about using chatter to help prevent or prepare against a terrorist act, not that anyone has said this publically, but it’s worth pointing out.

If anyone knows how the data mining of millions of the daily EU electronic communications is going to protect us from terrorism attacks, I’d love to know. In my view, surely it is much better to target our anti-terrorism resources with good old fashion "police work" approaches, and so investigate individual suspects, infiltrate suspect groups, rather than assume everyone is a suspect. Good luck if this big brother system decides you are a terrorist suspect, as ironically you will be the last person to find out if it does.

No comments:

Post a Comment

Any comments with weblinks, or promoting/advertising company products and services will be rejected