Re: [swinog] Lawful interception - what's new?
Andreas Fink af...@list.fink.org wrote: The technical document does not specify which information to be stored. That's the point. The law says Verbindungs und Abrechungsdaten. However what is connection data? In my opinion, based on carefully reading the relevant definitions in the law on telecommunication (Fernmeldegesetz, FMG), connection data in the context of ADSL should be understood as referring to the connection between the ADSL modem and the DSLAM, and *not* as referring to anything done by means of TCP connections or anything else at such high layers in the OSI reference model. From their letter, I expect that ISC-EJPD PFÜ probably disagrees with me regarding this point, and in fact I believe that they're currently engaged in reinterpreting the law with the goal of pretending that it says what they want it to say, even if it actually doesn't. SIUG has initiated correspondence with ISC-EJPD PFÜ aimed at getting them to formulate a clear position about what in their opinion is the precise meaning of the term Fernmeldedienst to which these Verbindungs und Abrechungsdaten are supposed to refer. I'll post here as soon as we have results from this (either a clear answer or enough failed attempts to get them to answer that it's clear that they're dodging the issue). At that stage it will be time to discuss how to best get the parliament involved. Greetings, Norbert P.S. Is someone here interested in joining SIUG's core group and actively contributing in SIUG's work on this issue? -- siug.ch -- Swiss Internet User Group, an initiative of /ch/open adaptux.com -- Empowering adaptation of IT to your business processes ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
[swinog] Lawful interception - what's new?
Hi everyone, as the discussion about the new lawful interception proposal is going on, an issue always comes up with people saying that saving real time data of all customers takes up a lot of hard disk space. Now, as far as I understand this proposal, only information about logins and mailbox accesses has to be stored pro-actively. Real-time data intercepted from the DSL connection is only to be sent to the ÜPF in case of an interception order, in real-time, from that moment on (and no historical information). This means that nothing changes from the present situation for what the storage of historic data is concerned. This new proposal only brings the following changes: - new real-time interception of data transmitted through a broadband connection (no historical storage) - new interfaces to communicate with ÜPF Is this correct? Now, do you think it would be possible to talk to ÜPF in order to find ad-hoc solutions in the rare cases these real-time interceptions should become necessary? Otherwise it's definitely overkill. What would be the best way to approach this? I think some lawyers wrote this proposal without having the slightest idea of what they were doing, and I'm sure the techies working at ÜPF are smart people who would be willing to negotiate a more efficient implementation. What do you think? -Manuel Ticinocom SA - Via Stazione 5 - 6600 Muralto Tel. 091 220 00 00 - http://www.ticinocom.com ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Lawful interception - what's new?
On 27.07.2009, at 14:29, Manuel Wenger wrote: Hi everyone, as the discussion about the new lawful interception proposal is going on, an issue always comes up with people saying that saving real time data of all customers takes up a lot of hard disk space. Now, as far as I understand this proposal, only information about logins and mailbox accesses has to be stored pro-actively. Real-time data intercepted from the DSL connection is only to be sent to the ÜPF in case of an interception order, in real-time, from that moment on (and no historical information). The technical document does not specify which information to be stored. That's the point. The law says Verbindungs und Abrechungsdaten. However what is connection data? connection to the mailserver? connection to website XYZ. This is all communication. So they could say every tcp connection from A to B is connection data. Of course storing all data is ridiculous and is for sure not happening but today they want email, tomorrow they want instant messaging, then they want skype etc. etc. It will go on and on. So far we have never stored historical data because there was absolutely no need to. Thats where ISP's differ from Telco's because you dont need to know whom has sent whom an e-mail to collect the bill. Furthermore if you compare it to non electronic world, does the Post Office take a photocopy of every envelope they deliver ? no! eve though there every single envelope is being paid for. So why are we under stricter rules than the non electronic world? Because its technically possible. Thats the key. And just because its technically possible is not the right reason to ask for it. This means that nothing changes from the present situation for what the storage of historic data is concerned. This new proposal only brings the following changes: - new real-time interception of data transmitted through a broadband connection (no historical storage) - new interfaces to communicate with ÜPF Is this correct? The new interface basically brings the problem of authenticity. We can not control if this order is legal or not. It brings SEVERE costs. Now, do you think it would be possible to talk to ÜPF in order to find ad-hoc solutions in the rare cases these real-time interceptions should become necessary? Otherwise it's definitely overkill. What would be the best way to approach this? This was the solution of the past as far as I have heard. I would have absolutely no problem if the police would show up with a judge's order to wiretap my customer XYZ with a laptop in their hand and active connecting to an ethernet. This would work very well for most ISP's I would imagine. But this administrative jumbo interface will basically kill 50% of the ISP's who have less than 10'000 customers as they can not afford it. I think some lawyers wrote this proposal without having the slightest idea of what they were doing, and I'm sure the techies working at ÜPF are smart people who would be willing to negotiate a more efficient implementation. What do you think? ÜPF is the author. They are greedy for information. They want everything they can get. I don't think they will move. Their opinion will be its the law so do what we ask. The only thing is to move this a few levels up to the Bundesrat (namely Evelyne Widmer Schlumpf) and make it clear what kind of nonsense they produce. The german Twittosphere (the guys who have invented Zensursula) already has a word for it... Ueberwachungsschlumpf (Surveillance smurf). Andreas Fink Fink Consulting GmbH Global Networks Schweiz AG BebbiCell AG IceCell ehf --- Tel: +41-61-330 Fax: +41-61-331 Mobile: +41-79-2457333 Address: Clarastrasse 3, 4058 Basel, Switzerland E-Mail: andr...@fink.org www.finkconsulting.com www.global-networks.ch www.bebbicell.ch --- ICQ: 8239353 MSN: m...@gni.ch AIM: smsrelay Skype: andreasfink Yahoo: finkconsulting SMS: +41792457333 http://a-fink.blogspot.com/ ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Lawful interception - what's new?
PS: what also changed is that they now ask for certification of this whole nonsense. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Lawful interception - what's new?
Hi Guys I tried to clarify some questions with EJPD regarding when does SP need to Archive connection information and when is a REAL time Data interception required. Answer was only when you receive and interception order you should be able to provide real time data (I think nobody though how this technically should work for all differant services, etc.) I thought a plan would be to cover this in AGB and stop the connection as soon as the order for real time intercept is received. Any ideas if this could work. Cheers, Reza On 7/27/09 2:42 PM, Andreas Fink af...@list.fink.org wrote: On 27.07.2009, at 14:29, Manuel Wenger wrote: Hi everyone, as the discussion about the new lawful interception proposal is going on, an issue always comes up with people saying that saving real time data of all customers takes up a lot of hard disk space. Now, as far as I understand this proposal, only information about logins and mailbox accesses has to be stored pro-actively. Real-time data intercepted from the DSL connection is only to be sent to the ÜPF in case of an interception order, in real-time, from that moment on (and no historical information). The technical document does not specify which information to be stored. That's the point. The law says Verbindungs und Abrechungsdaten. However what is connection data? connection to the mailserver? connection to website XYZ. This is all communication. So they could say every tcp connection from A to B is connection data. Of course storing all data is ridiculous and is for sure not happening but today they want email, tomorrow they want instant messaging, then they want skype etc. etc. It will go on and on. So far we have never stored historical data because there was absolutely no need to. Thats where ISP's differ from Telco's because you dont need to know whom has sent whom an e-mail to collect the bill. Furthermore if you compare it to non electronic world, does the Post Office take a photocopy of every envelope they deliver ? no! eve though there every single envelope is being paid for. So why are we under stricter rules than the non electronic world? Because its technically possible. Thats the key. And just because its technically possible is not the right reason to ask for it. This means that nothing changes from the present situation for what the storage of historic data is concerned. This new proposal only brings the following changes: - new real-time interception of data transmitted through a broadband connection (no historical storage) - new interfaces to communicate with ÜPF Is this correct? The new interface basically brings the problem of authenticity. We can not control if this order is legal or not. It brings SEVERE costs. Now, do you think it would be possible to talk to ÜPF in order to find ad-hoc solutions in the rare cases these real-time interceptions should become necessary? Otherwise it's definitely overkill. What would be the best way to approach this? This was the solution of the past as far as I have heard. I would have absolutely no problem if the police would show up with a judge's order to wiretap my customer XYZ with a laptop in their hand and active connecting to an ethernet. This would work very well for most ISP's I would imagine. But this administrative jumbo interface will basically kill 50% of the ISP's who have less than 10'000 customers as they can not afford it. I think some lawyers wrote this proposal without having the slightest idea of what they were doing, and I'm sure the techies working at ÜPF are smart people who would be willing to negotiate a more efficient implementation. What do you think? ÜPF is the author. They are greedy for information. They want everything they can get. I don't think they will move. Their opinion will be its the law so do what we ask. The only thing is to move this a few levels up to the Bundesrat (namely Evelyne Widmer Schlumpf) and make it clear what kind of nonsense they produce. The german Twittosphere (the guys who have invented Zensursula) already has a word for it... Ueberwachungsschlumpf (Surveillance smurf). Andreas Fink Fink Consulting GmbH Global Networks Schweiz AG BebbiCell AG IceCell ehf --- Tel: +41-61-330 Fax: +41-61-331 Mobile: +41-79-2457333 Address: Clarastrasse 3, 4058 Basel, Switzerland E-Mail: andr...@fink.org www.finkconsulting.com http://www.finkconsulting.com www.global-networks.ch www.bebbicell.ch --- ICQ: 8239353 MSN: m...@gni.ch AIM: smsrelay Skype: andreasfink Yahoo: finkconsulting SMS: +41792457333 http://a-fink.blogspot.com/ ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
