We live in interesting times, worrying times in fact. The UK Governments decision to force ISPs to log the web usage of every one of their customers is something that I do not believe is the morally right, even in the face of obvious difficulty faced by MI5 etc.
Theresa May’s description of Meta Data as being similar to an itemised phone bill is incredibly deceptive to the point where I think it’s fair to point at her and use the word ‘liar’. In a typical web transaction between a web browser a server you can quite easily see several elements, the source IP address, web browser, operating system and the like. With an IP address you can track the location, this is immediately different to a phone bill in which does not have such information even on a mobile phone. Even web browser and operating system data can be useful, the security services can quite easily use this to garner information as to any vulnerabilities they can leverage which they’ve also been given permission to do.
In a phone bill you can see who a person called, in an internet log you can see the conversation. It’s obvious if someone is visiting a website for say health that they probably have some sort of health issue, business that is not something for the state to be involved in, unless it’s the NHS staff that are caring for you. It’s a clear breach of our human rights to privacy, but, that’s not even the worst part.
The ISPs will be hosting the information for the state and not the other way around, that should worry you especially if you’re a TalkTalk customer who servers were recently breached. Their CEO Dido Harding was quoted as saying she didn’t even know if the data that was stolen (including credit card details) was encrypted. If that’s the level of care given to your data as a paying customer, just imagine the care in data that they probably don’t want to carry at expense that will obviously be passed down to you the customer.
By now you’re probably wondering how this will help the security services? My answer is that it probably won’t because quite simply these logs can be evaded by using a Virtual Private Network aka: a VPN. This encrypts all traffic passing through the ISP until it reaches its destination meaning that any terrorist or paedophile just needs to have a VPN outside of the security services grasps and the logging becomes completely useless and if you can get a bomb you can most certainly get a VPN, the software is free or available from third parties for modest sums.
All in all, this is a lazy policy that I highly doubt will help the security agencies do anything other than see our shopping habits. If like me, you disagree with this strategy then unfortunately you will have to wait until 2020 to make a change.