Gov't may track all UK Facebook traffic

Gov't may track all UK Facebook traffic

Summary: Home Office minister Vernon Coaker has said the government is considering recording the traffic data of all UK citizens on social-networking sites, including Facebook, MySpace and Bebo

SHARE:
TOPICS: Security
3

The UK government is considering the mass surveillance and retention of all user communications on social-networking sites including Facebook, MySpace, and Bebo.

Home Office security minister Vernon Coaker said on Monday that the EU Data Retention Directive, under which ISPs must store communications data for 12 months, does not go far enough. Communications such as those on social networking sites and instant messaging could also be monitored, he said.

"Social-networking sites, such as MySpace or Bebo, are not covered by the directive," said Coaker, speaking at a meeting of the House of Commons Fourth Delegated Legislation Committee. "That is one reason why the government are looking at what we should do about the Intercept Modernisation Programme, because there are certain aspects of communications which are not covered by the directive."

Under the EU Data Retention Directive, from the 15 March, 2009, all UK internet service providers (ISPs) are required to store customer traffic data for a year. The Intercept Modernisation Programme (IMP) is a government proposal, introduced last year, for legislation to use mass monitoring of traffic data as an anti-terrorism tool. The IMP has two strands: that the government use deep packet inspection to monitor the web communications of all UK citizens; and that all of the traffic data relating to those communications are stored in a centralised government database.

The UK government has previously said that communications interception was "vital", and has hinted that social-networking sites may be put under surveillance. However, responding to a question from Liberal Democrat MP Tom Brake, Coaker said that all traffic data on social-networking sites and through instant messaging may be harvested and stored.

"The honourable member for Carshalton and Wallington will also know the controversy that currently surrounds the Intercept Modernisation Programme," said Coaker. "I look forward to his support when we present Intercept Modernisation Programme proposals, which may include requiring the retention of data on Facebook, Bebo, MySpace and all other similar sites."

Deep packet inspection, the second strand of the IMP, involves intercepting and examining the contents of all data packets that flow over a network. In Monday's meeting, Coaker said the government still intends to have a consultation on whether to inspect and then store all internet traffic data in a centralised government database.

"What is the point of having a consultation if, as the honourable gentleman implies, the government have already made up their mind to have a central database?" said Coaker. "We have not made up our mind. We have said we will consult on a variety of options."

Opposition to the government's IMP proposal has been fierce. Cambridge University computer security expert Richard Clayton told ZDNet UK on Wednesday that the government proposal to monitor social-networking traffic was "extremely intrusive".

"The question is whether it's necessary or proportionate, and the short answer is no, it doesn't look that way," said Clayton. "If the government wants to make us safer, having a few more police on the electronic beat would be a good idea."

Clayton said that the problem for the government is that the Data Retention Directive only applies to data held by internet service providers, but that a large number of people don't use ISPs' systems to communicate, instead using online services including webmail and social-networking sites. Servers may be located in different jurisdictions, said Clayton, and data-retention times may be short.

"The government wants to collect all of this data on everybody, just in case," said Clayton. "Suppose you use hotmail.pk, and you blow up the Houses of Parliament. The government would have to persuade the Pakistani authorities to turn over the logs, which may then turn out only to have been retained for three days."

However, Clayton believes that the cost of harvesting this information, which would involve all UK internet infrastructure providers and ISPs having 'black boxes' to monitor data, would be prohibitively expensive. Clayton said that taxpayers' money would be better spent on the police, who could target investigations to those they suspect of criminal activity, rather than on performing blanket surveillance of everybody.

"To deploy deep packet inspection equipment isn't cheap — the word 'billion' is appropriate," said Clayton. "It took the Home Office the best part of a year to find £3m for the Police e-Crime Unit. That's what is wrong with this picture."

Web inventor Sir Tim Berners-Lee also opposes the use of deep packet inspection to inspect people's data. Berners-Lee told ZDNet UK last week that the internet should not be "snooped" upon.

"If [third parties] are using the data for political ends or commercial interest, there we have to draw the line," Berners-Lee said. "There's a gap between running a successful internet service and looking inside data packets."

Topic: Security

Tom Espiner

About Tom Espiner

Tom is a technology reporter for ZDNet.com. He covers the security beat, writing about everything from hacking and cybercrime to threats and mitigation. He also focuses on open source and emerging technologies, all the while trying to cut through greenwash.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

3 comments
Log in or register to join the discussion
  • Privacy? What Privacy?

    It seems that this Government is determined to stamp out any free speech and privacy. When re-elected or after the next elections are cancelled due to a perceived terrorist threat all written mail will have to be submitted to the official censor before we are allowed to send it furthermore the addressee will have to submit to a full security check before they are allowed to receive it.

    Email and other electronic communication will not be subject to censorship - it will be banned as a security risk.

    Parliament Square will be renamed New Red Square and Parliament will become The New Kremlin.
    m.l.peake@...
  • We need this !!

    No no ! You are quite wrong ! Didn't you read the news the other day about a massive plot to destabilise the government and lay waste to vast areas of our capital using a combined biological and nuclear attack .. all cooked up by the Mooga Hooga Lugy Haroon religious extremists and coordinated on Facebook ?

    Yeah funny that.

    Neither Did I !!!!

    To my knowledge there has never once been even the slightest hint that terrorists are using Facebook et al for planning attacks, or indeed anything else.

    However, I have seen countless anti-Nu-Labour-policy campaigns orchestrated on Facebook. Clause 152 is one that springs to mind. That spread like wildfire, bringing the problem to the attention of far more people than would have happened without it.

    Maybe it's not terrorist planning they want to be putting under surveillance after all. They won't of course dare to say it out loud, but maybe it's those nasty people that disagree with them about everything else, that they are trying to keep a handle on. Maybe the day is coming that the act of putting up a Facebook group complaining about some new boneheaded Nulabour policy or pronouncement will get you a midnight knock on the door from the thought police.

    Lovely.

    Can't %%%%ing wait.
    anonymous
  • Politicians need spying too

    Given the mount of corrupt politicians in the country, I want to see all their private life exposed (fiances,jobs,children,family life,friends,associates,business life,etc) jus to make sure they do not do any wrong dong.
    malcarada