U.K. spy agencies plan to install Web snooping 'black boxes'

U.K. intelligence agencies are planning to install surveillance 'black boxes' on phone networks and ISP servers that utilize deep packet inspection to monitor Web traffic—including Facebook, Twitter, and Skype, among others.
Written by Zack Whittaker, Contributor
The U.K.'s Global Operations Security Control Centre. (Credit: Home Office)

The U.K.'s intelligence agencies are planning to install 'black box'-style surveillance devices in the country's telecommunications infrastructure to monitor the U.K.'s online activity.

According to lawmakers in the country's capital [PDF], these devices will rely on deep packet inspection—a technique that has been criticized repeatedly by online activists and citizens alike—as part of the government's efforts to increasingly monitor British Web.

Such techniques will allow U.K. law enforcement agencies to log the details of almost everything that citizens' visit and access online, including Web site domain names and even details of Skype calls. 

Jonathan Evans, the head of Britain's domestic intelligence service MI5, said in the U.K. parliamentary Intelligence and Security Committee's report [PDF] that, "access to communications data of one sort or another is very important indeed."

As a result, the committee noted that existing laws "do not cover the problems of emerging technology," and that there should be a "new approach."

One of the more viable techniques suggested by the committee was using legislation to "include the ability to instruct [communications data providers] to capture third-party content traversing their networks using technology such as Deep Packet Inspection."

Providers of communications data—such as Internet and broadband providers, and landline and mobile phone companies—said in the report that they "must have a legal foundation to retain data," effectively ruling out any voluntary solutions as suggested by the report.

Communications data does not record the actual contents of the data, such as emails or the recordings of phone conversations, rather it includes all the details about everything that's sent and received online.

For instance, while the email addresses of senders and recipients, the contents of such emails will still require a court order to access. The time and date stamps of that email will be available, but a senior police or intelligence officer will have to authorise such access.

"Whilst legislation is not a perfect solution, we believe it is the best available option," the committee noted. And legislation it likely will be.

The report says:

The solution the Government is proposing is to agree with the UK CSPs that they would place ‘probes’ on their network(s) to collect the required CD as it traverses to the end user. This is known as Deep Packet Inspection (DPI) technology. The Committee took detailed evidence on this, focusing on the feasibility of the technology. We heard that DPI is certainly not a new technology, and is in use for commercial purposes already.

The committee also confirmed that BAE Systems Detica is the supplier of deep packet inspection technology to the U.K. government. Under current European data retention laws, deep packet inspection is not only legal, but also widely used by the private sector.

The 'black box' snooping devices would also be used to collect data from overseas companies, including U.S.-based service providers and social networks, such as Facebook, Google, and Twitter.

However, the committee noted that encryption would "simply render [deep packet inspection] pointless." Likely the most important part of the document was, unfortunately, redacted under U.K. secrecy laws:

60. Another issue *** is that of the increasing encryption of communications. Witnesses at the
Joint Committee have suggested that encryption will simply render DPI pointless. We have
heard that the Government has *** options in dealing with the challenge encryption poses:


61. ***.

•   We believe the Government has adopted a pragmatic approach to the issue of
encrypted material. In the first instance, agreement should be sought with the
Communications Service Provider holding the communications data to provide it in an
unencrypted form.

•    Where this is not possible, we accept that the only prudent alternative is to attempt to
collect residual, unencrypted communications data associated with a communication,
which – although of lesser volume – may nevertheless still be of intelligence value.

The government's plan to monitor and sift through citizen's communications data is part of efforts to combat terrorism and serious crime. But, the plans—which are currently on hold after the government's coalition partner dropped support for the bill—are still far from dead.

Nick Pickles, director of privacy at civil liberties group Big Brother Watch, told ZDNet:

Two expert Parliamentary committees have cast serious doubts on the claim that it is necessary for every person’s email, Web site browsing and social media activity needs to be logged and kept for one year.

The report recognises there are weaknesses in monitoring people suspected of wrongdoing. It is becoming increasingly difficult for Ministers to justify monitoring every member of the population instead of developing their ability to monitor people who are under suspicion.

Pickles also noted that the use of encryption among ordinary citizens will make Web monitoring increasingly futile.

"The report recognises for national security situations, alternatives are available and are being used. The committee also recognises the growing futility of the Home Office’s current approach given the increasing use of encryption."

"The draft Bill was a shambles and if any legislation is to allay the widespread concerns people have about an vast expansion in the power of the state to monitor every aspect of our lives it will need a fundamental and comprehensive re-write," Pickles added.

Editorial standards