Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Communications Government Privacy Security United Kingdom

Ask Slashdot: Jamming UK Metadata Collection? 192

AmiMoJo writes: It looks likely that the UK will try to require ISPs to collect metadata on behalf of its security services, and various other agencies will have access to this vast, privacy- and security-destroying database.

How can individuals resist? Some metadata is trivial to hide, e.g. much email is encrypted between the user and server, but a record of an access will still exist. Would there be much benefit to creating fake traffic, say by sending dummy emails to yourself? What about fake browsing, or keeping TOR running 24/7 (not as an exit node, just a client)?

The goal is to make the data less useful and harder to tie to an individual or separate from fake data, and to increase the cost of collecting and storing such data. Don't worry, I'm already on the list of known dissidents anyway.
This discussion has been archived. No new comments can be posted.

Ask Slashdot: Jamming UK Metadata Collection?

Comments Filter:
  • by __aaclcg7560 ( 824291 ) on Monday January 04, 2016 @12:56PM (#51235391)
    Use pen and paper. Personal papers have more legal protection than digital data that cross over the ether.
    • by Impy the Impiuos Imp ( 442658 ) on Monday January 04, 2016 @01:20PM (#51235629) Journal

      In the US we should push for the Supreme Court to overturn outdated metadata laws based on the idea you "have no reasonable expectation of privacy in phone records at the phone company".

      As people shift more of their lives into online services, they do indeed carry a 4th Amendment expectation of privacy in their "papers" with it.

      • by MrKaos ( 858439 ) on Monday January 04, 2016 @07:47PM (#51238517) Journal

        In the US we should push for the Supreme Court to overturn...

        The cornerstone of which all of these programs were built, which is the illegal authorization of wartime powers to .W.Bush that allowed the passage of all of the bills that made all this legal. This is not a political issue as it has continued via Obama, it is a structural issue of whether you have a democracy or a plutocracy. Whether you will accept responsibility to defend your several hundred year old democracy from attack from within.

        Why the U.S population continues to tolerate this harrasment by government through the weakening of the fundamental citizen rights that makes a nation what it is, is confusing. You have the power to fix the issues however you don't use it. You founding father Franklin warned you about trading Security for essential Liberty and how the corruption of the people would lead to despotism. Are your domestic enemies so powerful that it is easier for you to let them turn you into slaves begging for a job and hoping you don't get sick?

        You *should* do a lot of things however as we have seen net activism doesn't amount to much. Whilst your comment *is* insightful I doubt a single person reading it will write a letter to your politicians and do something whilst you are distracted by what is on TV.

        I hope you can - the fate of the free world rests on what you do.

      • by Agripa ( 139780 )

        As a practical matter I do not believe that the courts including the Supreme Court are going to be any help with this. Their previous rulings allow law enforcement to make up probable cause after an arrest, arrest for laws which do not exist, rob people of their possessions without trial, etc.

        The government says metadata is not protected so fine, let's go with that. If you use IPSEC or a number of other IP encryption methods, only the metadata is left available. Opportunistically encrypt every IP connect

    • Use pen and paper. Personal papers have more legal protection than digital data that cross over the ether.

      Only if you're hand-delivering. If you're using U.S. Snail Mail, they've been photographing envelopes for metadata collection for years. [nytimes.com]

      It's precisely analogous to internet metadata collection: who you're communicating with, at what time. But not what you're saying (by not being allowed to open the envelope and read the mail, or not being able to crack message content encryption).

      In the context of OP

      • Of course, but you're sending data over a public - or government-owned, in the case of the USPS - network. This has always been the case, whether it's snail mail, landline telephones, cellphones or the internet. I can't see how anybody can claim to be surprised by this, especially when the answer these days is so simple: use encryption, don't send unencrypted communications over a network you don't control.

        Yes it may be slightly less convenient having to encrypt/decrypt your mail but that is the price of pr

        • by Altrag ( 195300 )

          That doesn't help anything. If we're only discussing metadata ("Person X is communicating with person Y") then it really doesn't matter whether you're sending government secrets using the most secure encryption ever or sending "y0 babe wuts up" to a girl that has no interest in you -- the content of the message is being ignored in both cases anyway.

          (Of course if you're good enough to have government secrets laying around I would imagine you'd know what metadata is and how it can be used and take some steps

          • That doesn't help anything. If we're only discussing metadata ("Person X is communicating with person Y") then it really doesn't matter whether you're sending government secrets using the most secure encryption ever or sending "y0 babe wuts up" to a girl that has no interest in you -- the content of the message is being ignored in both cases anyway.

            We have the tools to deal with that too, with TOR and anonymous email accounts.

    • by AHuxley ( 892839 )
      The UK has been collecting details on, opening mail since the Defence of the Realm Act 1914 (DORA) https://en.wikipedia.org/wiki/... [wikipedia.org]
      After 1918 the GC&CS (Government Code and Cypher School) still got all the UK cable companies messages in bulk. Collect it all is not new :)
      Just as the US scans all details on postage via its Mail Isolation Control and Tracking systems https://en.wikipedia.org/wiki/... [wikipedia.org]
      Telegrams, phone use, telexes, fax all got the same US and UK collect it all interest.
      The only sol
    • by Altrag ( 195300 )

      As soon as you make a pen and paper that can be transmitted around the globe in fractions of a second, I'm sure you'll have a business case.

      Email isn't popular because people love typing. Its popular because its extremely fast and we live in a world where we want everything done yesterday in order to increase productivity. We get pissed off if a mail server holds our email for 10 minutes. But nobody would be surprised of a snail mail letter took 10 days to get across the country (or hell, sometimes the c

    • Not relevant. This is not the US.

      It remains a serious offence for someone who is not duly authorised to interfere with or intercept the mail. but for people who are authorised (e.g., police, some council officials, some government officials), that's not a problem.

  • People forget how this data is really collected. They aren't looking at packets and breaking encryption between the client and server. They are tapping into the endpoint. They are accessing the Gmail/hotmail server endpoint databases. I am in the network monitoring field and I can tell you there isn't enough horsepower to do packet based monitoring of large numbers of people. They are getting the data because Google. Microsoft, Apple, etc are giving them access to their datastores.
  • Exit node (Score:4, Interesting)

    by ickleberry ( 864871 ) <web@pineapple.vg> on Monday January 04, 2016 @12:59PM (#51235421) Homepage
    If you run an exit node you will generate lots of useless data for them to collect. Just dont forget to blacklist all the popular torrent sites that are blocked in UK in the tor config file, otherwise unsuspecting TOR users will get the 'this site is blocked' message. There are no laws against running an exit node, I did run one before in Ireland and had no trouble, although they are more fussy in UK mainly due to a difference in mentality - the powers that be think they are actually stopping real terrorists with the work they do.
    • Re:Exit node (Score:5, Informative)

      by SuricouRaven ( 1897204 ) on Monday January 04, 2016 @01:20PM (#51235621)

      It's risky though. Exit nodes can be used for all sorts of illegal activity - hacking, fraud, child abuse imagery, the usual suspects. There's a small but worrying chance of being busted by the police for a crime commited via your node. You can probably use the node to demonstrate that you are not guilty of the accused crime, but that doesn't until after they've siezed every computer, phone and storage device you own, destroyed your reputation, cost you your job and crippled you financially with legal costs. Criminal investigations are damaging even if no charges are eventually pursued.

      I'm wondering what will happen if some well-intentioned but morally-dubious virus writer puts together malware that installs exit nodes. That would be amusing.

      • by Anonymous Coward

        Going in this direction, I wonder how many exit nodes are run by non government actors.

        • I'm hoping that the the governments of a number of countries are all competing to maintain exit node dominance. The good sort of arms race.

      • Re: (Score:2, Interesting)

        by Anonymous Coward

        I'm wondering what will happen if some well-intentioned but morally-dubious virus writer puts together malware that installs exit nodes. That would be amusing. I thought of this. It would be brilliant. Compromised Box's all over the world would be come TOR exit nodes.The TOR Network would be more powerful than they ever imagined.

      • Has that EVER happened???

      • by AmiMoJo ( 196126 )

        Yeah, after Operation Ore and many similar debacles where people's lives were destroyed due to the police being too incompetent to understand simple technology like credit cards, I don't think running an exit node is a good idea.

  • Don't use a phone (Score:3, Interesting)

    by taustin ( 171655 ) on Monday January 04, 2016 @01:00PM (#51235427) Homepage Journal

    Simple. If you use a phone, you use someone else's network, and do things that are impossible for them to let you do without them knowing what you're doing. You can't call someone without the phone company knowing who you're calling.

    And the internet is a public place, period. Don't do anything on the internet that you wouldn't do in your front yard, with the neighbors watching.

    If you don't like it, tough. The rules of reality don't need your approval.

  • Something sort of symbolic you could do is to sign every document as Agent Smith [wikipedia.org] and photoshop him into every picture you upload some place.
  • Use the classifieds. Write an obituary. In these modern times Craigslist probably works. If you're planning something exciting, using your personal email is just plain dumb.

    • Yep, avoiding surveillance is about being inconspicuous and blending in. Why not PGP-key-pair encrypt your messages with your friends and associates and embed them into kitten/funny/holiday photos uploaded onto Facebook? Only the intended recipients can decrypt the messages (so all of your circle have to download and decrypt all photos to see which ones are for them) but they're publicly distributed/shared... on social media. You can't get more normal and blended in than that. GCHQ might notice that you've

      • by AHuxley ( 892839 )
        Yes it turns years of social media into your own numbers station https://en.wikipedia.org/wiki/... [wikipedia.org]
        Your broadcasting about funny/holiday photos every day but only a few know what a color within a type of image would communicate.
        The problem is the unique set of ip ranges and their origins that look at the images everyday.
  • by Somebody Is Using My ( 985418 ) on Monday January 04, 2016 @01:19PM (#51235611) Homepage

    TrackMeNot [nyu.edu] is a browser-extension for Firefox and Chrome that sends semi-random search requests to several search engines with the goal of disrupting this sort of tracking. Well, it's more aimed at preventing commercial entities from creating an accurate picture of your web-browsing habits, but it probably adds some noise to the intelligence gathering too. By default it pulls random keywords from newspaper headlines, but you can configure it to use (or avoid) certain keywords, as well as tweak the frequency of the requests. It runs automatically in the background whenever your browser is open.

    TrackMeNot isn't really useful in hiding your behavior; it just throws in spurious data that makes legitimate data look less accurate. It's really aimed more at devaluing marketing databases with the (admittedly vain) hope that they'll give up on the whole thing ;-)

    Note: it does use extra CPU cycles and bandwidth, so if you are constrained in either this tool may not be for you. Also, tweak the timing of those search requests carefully or the search engines might blacklist you as a bot. Having said that, I've been using this plug-in for several years now and it's rarely caused me any problems.

    • by AmiMoJo ( 196126 )

      Thanks. I'm willing to donate some resources to this, do I'll give it a try. I'm thinking of combining it with a user agent randomiser and periodic cookie cleaning.

  • One of these days a nefarious group will hack into ISP meta-data and publish it to the world, and this gov't requirement will then be questioned.

    • by AHuxley ( 892839 )
      It really depends who is getting the keys to the many months of ISP log retention databases without court oversight as part of their everyday tasks.
      NGO's, trusted and cleared US brands in the UK helping with all image tracking, comparing image content, file names, government workers with a task to find financial, gambling issues over all UK data sets. Even local government can request cleared staff track images, messages back to people and then log their internet use with few or no court supervision.
  • by vivaoporto ( 1064484 ) on Monday January 04, 2016 @01:21PM (#51235633)

    The goal is to make the data less useful and harder to tie to an individual or separate from fake data, and to increase the cost of collecting and storing such data.

    Here is a new form, the same as the fighting spam one with minor changes. Feel free to use it as most of the measures proposed to fight surveillance fail for the same reasons.

    Your post advocates a

    ( ) technical ( ) legislative ( ) market-based (X) vigilante

    approach to fighting surveillance. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws not included here)

    (X) Governments can easily use it to identify dissidents
    ( ) Mailing lists and other legitimate email uses would be affected
    ( ) No one will be able to find the guy or collect the money
    ( ) It is defenseless against brute force attacks
    ( ) It will stop surveillance for two weeks and then we'll be stuck with it
    (X) Users will not put up with it
    (X) Microsoft will not put up with it
    ( ) The police will not put up with it
    (X) Requires too much cooperation from everyone
    (X) Requires immediate total cooperation from everybody at once
    ( ) Many users cannot afford to lose business or alienate potential employers
    ( ) Governments don't care about invalid addresses in their lists
    ( ) Anyone could anonymously destroy anyone else's career or business

    Specifically, your plan fails to account for

    ( ) Laws expressly prohibiting it
    ( ) Lack of centrally controlling authority for communication
    ( ) Open relays in foreign countries
    (X) Ease of searching all text based communication
    (X) Asshats
    ( ) Jurisdictional problems
    ( ) Unpopularity of weird new taxes
    ( ) Public reluctance to accept weird new forms of money
    ( ) Huge existing software investment in current solutions
    ( ) Susceptibility of other forms of encryption
    ( ) Willingness of users to install OS patches
    ( ) Armies of worm riddled broadband-connected Windows boxes
    (X) Eternal arms race involved in all surveillance approaches
    (X) Extreme profitability of surveillance
    ( ) Joe jobs and/or identity theft
    (X) Technically illiterate politicians
    (X) Extreme stupidity on the part of people
    ( ) Dishonesty on the part of everyone themselves
    ( ) Bandwidth costs that are unaffected by client filtering
    ( ) Outlook

    and the following philosophical objections may also apply:

    (X) Ideas similar to yours are easy to come up with, yet none have ever
    been shown practical
    ( ) Any scheme based on opt-out is unacceptable
    ( ) Encryption should not be the subject of legislation
    ( ) Blacklists suck
    ( ) Whitelists suck
    ( ) We should be able to talk about Viagra without being censored
    ( ) Countermeasures should not involve wire fraud or credit card fraud
    ( ) Countermeasures should not involve sabotage of public networks
    ( ) Countermeasures must work if phased in gradually
    ( ) Speech should be free
    ( ) Why should we have to trust you and your servers?
    ( ) Incompatiblity with open source or open source licenses
    (X) Feel-good measures do nothing to solve the problem
    ( ) Temporary/one-time email addresses are cumbersome
    ( ) I don't want the government decrypting my stuff
    ( ) Killing them that way is not slow and painful enough

    Furthermore, this is what I think about you:

    (X) Sorry dude, but I don't think it would work.
    ( ) This is a stupid idea, and you're a stupid person for suggesting it.
    ( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!

    • by AmiMoJo ( 196126 )

      I think you overestimate what I an trying to do here. It's not vigilante action, it's just creating masses of junk data as a form of protest and to make the life of anyone spying on me a little harder. Remember that many of the people with access to this data are low level and mostly clueless government employees, so won't be running complex regexs on the database.

      As it happens I block metadata collection via VPN anyway, so apart from some YouTube videos watched on my TV all they will get is noise and other

      • by dave420 ( 699308 )

        1. They don't care about you to dig through your data
        2. If they did care enough about you, they wouldn't be hindered by this at all, but would now have evidence that you are trying to hide something.

        It's entirely counter-productive. You are just not that interesting to them, yet should you become, you've given them a reason to dig even deeper.

  • by Anonymous Coward on Monday January 04, 2016 @01:26PM (#51235675)

    Back in the nineties, I discovered the internet and its freedom as a wonderful tool that proved the freedom-based values of the Western society. Moreso, as I was (and am) living in a former communist country in Eastern Europe. Imagine my delight, coming from a closely monitored society to such a wonderful and open global community!

    However, I have noticed a worrying trend, mostly in opinions posted in forums or other places by Westerners (American and European alike), that too easily dismissed any threats to the personal freedom in various topics. From trivial but excessive forum moderation (which to me resembled too much to the communist censorship) to political issues where leaders pressed and were allowed to limit liberties such as the freedom of speech, for dubious reasons (political correctness, security in matters presented by exagerating imaginary threats, etc.). I understood one thing then: your society was utterly vulnerable to becoming a closed one, even to transform into an oppresive one, for one very simple reason: you didn't see first hand how a dictatorship works, how the officials' behavior in an oppresive state behave, and how they talk. We've seen those and painfully endured their effects, over a long time. I was able to detect the signs of the emerging surveillance society in the West since those times. I tried to express my concerns in open forums, and been bashed by the all-knowing arrogance of those who thought nothing bad can happen with the civil rights.

    They were wrong. And now it's too late. You are asking what you can do as an individual. You can't do anything at this point, all you'll achieve will make you look suspicious, and they will monitor you even closer. Individuals can no longer make any difference, we would need a miacle to prevent the Western world repeat all the mistakes of the dictatorships in the Eastern Europe. It would involve a huge community coherence in working to change the laws, and only voting for those who don't want to control us all (although they are becoming an extinct species). And fighting with all available *legal* means against surveillance and control, without being tempted by using non-democratic shortcuts (such as voting for populists that only tell you what you want to hear). Very, very hard.

    So, yeah, you won't like my response to your topic, but hopefully you do at least understand.

    • > excess forum moderation

      Did Slashdot ever analyze the use of -1 as a censorship tool by those who want to hide opinions they disagree with, as opposed to spam and truly offtopic stuff?

      Do they still have metamod? It is supposed to strip mod rights from people who abuse moderation, but it is useless if karma can be repared quickly, and more specifically, faster than the person performs unjust moderations.

  • Once the law goes live the following is happening in my house pretty much there

    OpenWRT router with VPN to EU paid for in bitcoin with a generic Email. The only issue with this is that I am pretty sure 3 letter fags have purposefully placed back doors in to OpenWRT and other open soruce routers (based on stuff read from Snowden stuff), however I am not hiding anything I just do not believe the government should log my data.

    All in all fairly cheap, the only thing the ISP will see is the connection to th
  • by Macdude ( 23507 ) on Monday January 04, 2016 @01:37PM (#51235787)

    When you're not browsing run a script that will surf random web sites for you, go to bbc.co.uk and you'll find hundreds of links, follow them, find more links, follow them, etc. Occasionally pull a word from a web page and do a google search, then follow a bunch of the search results, and follow links on them, etc. Build in a random timer function so it looks like a human surfing. The idea is to make the haystack bigger so the needle is harder to find.

    Then do all of the surfing you don't wan them to know about from a WiFi hotspot with a spoofed (random) IP address using a virtualized OS incidence that is scrubbed afterwards.

    • by Anonymous Coward

      I once wrote a program (Windows) that would be run on a laptop before travelling which would download a preset number of PDF files on totally random subjects. White Papers, Manuals, Technical documents etc etc ALL publicly available from google .... RANDOM SUBJECT SEARCH filetype:PDF.... Completely at Random. It would then store them in a random folder structure named things like Leaked Documents, Blue Prints etc etc. You know the kinds of buzzwords that would set off alarms somewhere. Imagine looking in a

    • The idea is to make the haystack bigger so the needle is harder to find.

      Why not turn the haystack into a needlestack? Make the script go to actual pages you've visited (or follow actual searches you've performed before with a few words changed) and pull words/phrases from there.

  • Bitmessage (Score:4, Interesting)

    by Anonymous Coward on Monday January 04, 2016 @02:21PM (#51236201)

    One example that makes metadata collection much more difficult is Bitmessage. Its main feature is uncensorability rather than anonymity, but it scores very high on the anonymity scale as well. Its metadata is encrypted, so additional actions and costs are necessary to deanonymise the users. It also has uncensorable shared communication feature called chans. There are gateways that provide connectivity to email. Disclaimer: I am one of the developers of Bitmessage and I also operate one such gateway, https://mailchuck.com.

    • If Bitmessage sends everything everywhere (At least Wikipedia says so) so that only the recipient can decode the message addressed to him, how long you expect it to operate before it overloads the network?

    • by Anonymous Coward

      Was interested until I saw this at the bottom,

      "In order to send anonymous emails and for enhanced features, you need to upgrade to a subscription based account. Consult our pricing page."

      So having a free account doesn't really do shit does it?

    • by AmiMoJo ( 196126 )

      Thanks, I'll have a look at that. You say it encrypts metadata, but I'd just like to point out that it doesn't stop traffic analysis, which if what they want ISPs to do. TOR does, it generates constant dummy data and forwards packets from other machines (randomly combining and splitting them). Something to consider perhaps.

    • by Burz ( 138833 )

      I2P is more effective at this. Every user relays packets for the network, so your own packets are mixed in with network traffic.

  • On the fake traffic thing, there is a screen saver for Linux which will do web searches for images and create a collage. It always produced a fascinating results over time. Lots of random things, a fair amount of porn, just.... the internet...in all its naked boobs and pictures of text glory.

    Well one day, I was feeling a little parnoid, and more than a little mischevious, so I tracked down how it invoked wget and made sure it used a local tor proxy. Didn't really seem to change the end result on my end, but

  • In the us the NSA considers what numbers you called and what numbers called you and how long the calls were connected metadata.

    So I will assume when applied to ISPs that they are going to be logging endpoint information as in a log of every ip:port connection in and out w/duration for your connection.

    This is often enough to determine what websites were visited as most websites have a dedicated ip for their domain but some have several websites hosted under the same ip address.

    My first thought would be to se

  • There is no way to jam the metadata collection (to overload the collection engine) simply because you overload the mail system with a spam in the process. The only way to get rid of metadata collection is some darknet where metadata cannot be collected by design.

  • Could you use a browser plugin that acts a little bit like a distributed version of TOR by having your requests reach the internet via other browsers running the plugin? The idea wouldn't be to make your browsing untraceable, but rather to make the sort of metadata that ISPs are forced to collect unuseful for monitoring the browsers running the plugin. The big problem would be adoption. Each individual running the plugin would have legal vulnerability similar to that of someone running a TOR exit node. If y
  • I plan to pay a few quid a year for a VPN. My ISP can then collect my metadata, it won't be terribly useful having only a single IP address and port.
    • by AHuxley ( 892839 )
      Make sure your VPN is still safe when its fails, drops. Ensure an hardware solution or software option to allow only the VPN ip to be seen and not fall back to your normal ISP network ip. Given the lack of wanting to talk about the VPN issue seems to show the UK gov has the VPN issue well understood and tracked.
      Onion routing and VPN use do not seem to worry the 5 eye nations.
    • by Artemis3 ( 85734 )

      I think you should read this: https://www.torproject.org/doc... [torproject.org]

  • Only use Tor over an additional VPN so there is no Metadata to collect.

    If you want to fuck with them, run your own email server and create arabic sounding email addresses with TOR on Gmail and make them exchange highly encrypted files (your laundry and grocery list for example) so that they'll set up a special group to try to decrypt them. ... and say goodbye to traveling per airplane for the rest of your life.

  • Like you said, you are already on the list. The only people who are going to bother to generate fake traffic are the same people who want to hide / obfuscate their behavior with said fake traffic.

    The only way to do it would be create applications that people can run, and convince enough people to run them. Sort of like SETI @Home or similar. You would want to get people to run the apps on their phones as well.

    The only realistic way that I see to do this in the current environment is via some sort of malw

    • by AHuxley ( 892839 )
      Yes the UK government sees the "internet" the way it saw the Irish phone system from the start. Every call, every number, every day was collected.
      VPN use, onion routing just makes a user more interesting and adds no real technical issue to UK collection.
      Re ""Yes, I did X. So what? Prosecute me. Put me in front of a jury of my peers and convict me for it.""
      Thats how East Germany started with its protesters. A few seen in front of a church. Get images, follow them, plant charismatic informants, get i
  • In the old days of limited bandwidth, we used to choose things to download before we read/watched them so that when we were ready to they were already downloaded. We may have to return to that sort of model for two reasons, 1) because using TOR or whatever is slow, and 2) because even if we generate fake traffic, our lumpy usage patterns will be easy to discern and yield a lot to traffic analysis. So start spreading those transmissions out over time and choose sizable things to download ahead of time. Uploa
  • It would be double plus ungood if all the metadata pointed to the government GHCQ as being the primary source of terrorism, for example.

    Metadata is meaningless out of context, but those who live in Fear will spend years on mole hunts.

  • 1. Separate private contacts and public contacts

    Use gmail with two-factor authentification for amazon, itunes, netflix, etc. As the government has access to everything you do there having the security compromised, do not try to hide it. At least google does a good job protecting the product (you) from being infiltrated by private crooks, use it to protect against daisy chain attacks against password recovery identity theft. They offer you a big mailbox and unusual usage invokes their automatic protection sy

  • Get a router supporting DD-WRT and add custom route configurations to put all non VoD / Gaming traffic or anything requiring all of your bandwidth through a VPN like Vyper or something. That sufficiently covers most browsing / text communications. TBH I wouldn't bet that the security services don't have the power to snoop into encrypted / VPN connections on our national infrastructure anyway, but why would you care as long as you're not a terrorist or kiddie fiddler? You just want to prevent Theresa May and
  • What we're talking about here is an additional cost in a very low-margin industry. And it can only be applied to UK data processed in the UK. Hence it creates a further pressure for these services to move off-shore, making it much, MUCH harder for the UK government to get access to the information. Really they're doing you and all dissidents a favour :)

Order and simplification are the first steps toward mastery of a subject -- the actual enemy is the unknown. -- Thomas Mann