Tuesday 29 March 2016

Woe unto you, cryptographers!

A hitherto unknown translation of the Bible has been found in a Cheltenham safe deposit. So far it has been possible to decipher only a few verses:

Matthew 7:16: "Ye shall know them by their metadata".

Job 31:4: "Does not GCHQ see my ways, and count all my hops?" 

Revelation 20:13: "And they were judged all according to the pattern of their communications."

Revelation 3:8: "Behold, I have set before thee an open door, and no man can shut it: for thou hast a little strength, and hast kept my word, and hast not installed end-to-end encryption".

Psalm 1391-2 (To Wearable Tech): "Thou knowest my sitting down and my rising up, thou understandest my thought afar off."

Luke 11:52: "Woe unto you, cryptographers! for ye have taken away the key of knowledge: ye entered not in yourselves, and them that were entering in ye hindered."

Thursday 24 March 2016

All about the metadata

If it is true that granularity of language reflects the importance of the subject matter then metadata, not content, is at the heart of the Investigatory Powers Bill.

For content the Bill provides a few definitions: Content, Relevant Content, Intercepted Content and Protected Material. 

For metadata we have a richer set: Communications Data, Relevant Communications Data, Internet Connection Records, Entity Data, Events Data, Systems Data, Related Systems Data, Equipment Data, Secondary Data and Identifying Data.

The emphasis on metadata is perhaps unsurprising, since the Intelligence and Security Committee told us in its March 2015 report that metadata is indeed more valuable than content to the intelligence agencies in their mission to join up the dots and spot potential malefactors:

The plethora of definitions (not to mention the proliferation of cross-linked sub-definitions) does not make for easy understanding. 

In an attempt to untangle the spaghetti heap I have been experimenting with flowchart visualisations of the more significant and complex data definitions. More of that anon. 

The table below shows where the major varieties of telecommunications data fit in the scheme of the Bill. For simplicity it focuses mainly on bulk powers and also omits definitions of overseas-related communications, overseas-related equipment data and overseas-related information in the bulk equipment interference part of the Bill.  

In general terms the types of metadata obtainable under the bulk interception and interference warrants are broader than those under the powers and bulk warrant for acquisition of communications data.

Subject matter
Communications data retention notice (78(1))
Relevant Communications Data (78)(9)
  • Communications Data (223(5))
Communications data acquisition - authorisation and notice (53)
Communications Data (223(5))

  • Entity Data (223(3))
  • Events Data (223(4))
Restrictions on use of S.53  power to access or process internet connection records (54(4))
Internet Connection Records (54(6))

  • Communications Data (223(5))
Bulk communications data acquisition warrant (138)
Communications Data (223(5))

  • Entity Data (223(3))
  • Events Data (223(4))
Bulk interception warrant (119)
Communications (223(2))

Content (223(6))
Intercepted Content (137(1))
Relevant Content (134(5))

Secondary Data (120(3))

  • Systems Data (225(4))
  • Identifying Data (225(2) and (3))

Related Systems Data (119(6))

  • Systems Data (225(4))
Bulk equipment interference warrant (154)
Communications (223(2))

Protected Material (170(9))

  • [not] Equipment Data (155(5))
  • Private Information (173(1))

Equipment Data (155(5))

  • Systems Data (225(4))
  • Identifying Data (225(2) and (3))
Warrant for retention or examination of bulk personal datasets (175)
Bulk Personal Dataset (174)

It can be seen that around half a dozen different kinds of power or authority provide routes for the compulsory retention and acquisition of various kinds of metadata. They all have in common that the Bill’s restrictions on selecting and accessing bulk content (an individual located within the British Islands at the time of selection cannot normally be targeted without a further warrant) do not apply.

This is a diagram of the overall metadata ingestion scheme of the Bill.

Turning to the definitions, the Clause 78 power to direct retention of communications data rests on the definition of Relevant Communications Data. Internet Connection Records are a subset of Relevant Communications Data to which Clause 54 applies some access restrictions (although fewer in the Bill than the draft Bill). 

Relevant Communications Data in turn depends on the dividing line between Content and Communications Data. The definition of content interfaces separately with Systems Data. The draft Codes of Practice released with the Bill suggest that it is possible for communications to consist entirely of Systems Data and so contain no content.

What the definition of content lacks in companions it makes up for in conceptual difficulty.  The Parliamentary Joint Committee scrutinising the draft Bill remarked:

Communications Data consists of either Entity Data or Events Data, to which different levels of authorisation apply under the targeted communications data access regime in Part 3 of the Bill. This is the equivalent of the current RIPA communications data access regime under which over 500,000 access demands are made on communications service providers annually.

Turning to bulk powers, the bulk communications data acquisition warrant authorises the obtaining of Communications Data. A bulk interception warrant authorises the interception of Secondary Data in addition to content. Secondary Data is the Bill’s version of what under RIPA is known as Related Communications Data. Secondary Data consists of either Systems Data (as before) or Identifying Data. Unlike with RIPA, the Bill will allow metadata contained within the content of a communication to be scraped and be no longer treated as content. 

Similarly a bulk equipment interference warrant authorises the obtaining of Equipment Data, a close cousin of Secondary Data.

Last, a bulk interception warrant also authorises the obtaining of Related Systems Data from telecommunications operators. 

That's all about the metadata.

The chief remaining omission from the visualisations is Protected Material in S.170(9). This is the bulk equipment warrant equivalent of Content. As such it defines the material for which a targeted examination warrant is necessary if it is to be selected for examination by reference to an individual known to be located in the British Islands. 

The definition contains a triple negative that presents a considerable challenge to parse and represent graphically. Instead, here is the unadorned raw text to ponder:
“protected material” means any material obtained under the warrant other than material which is -

(a) equipment data;
(b) information (other than a communication or equipment data) which is not private information.”
Relevant Content crops up in relation to targeted examination warrants in Part 1. It means 'any content of communications intercepted by an interception authorised or required by a bulk interception warrant'. 

Intercepted Content, in relation to a bulk interception warrant in Part 6, is defined almost identically: 'any content of communications intercepted by an interception authorised or required by the warrant'.

Tuesday 15 March 2016

Relevant Communications Data revisited

One of the more critical definitions in the Investigatory Powers Bill is 'relevant communications data'. This determines the scope of the Secretary of State's power under Section 78 to direct telecommunications operators (both public and private networks) to generate, obtain and retain communications data including (but by no means limited to) so-called internet connection records (site browsing histories).

It is also one of the most complex definitions in the Bill. The draft Bill version consisted of 14 interlinked definitions and sub-definitions.  If anything it has become even more complex in the Bill itself, now expanded to 16 definitions and sub-definitions.  On the upside at least we now have only one definition of internet connection records.

For the draft Bill I attempted a visualisation of the web of definitions that make up 'Relevant communications data'.  

Here is my updated version for the Bill, accompanied by a colour-coded reference list of the definitions: all 985 words of them.

Reference list of definitions

78(9): In this Part “relevant communications data” means communications data
which may be used to identify, or assist in identifying, any of the following—

(a) the sender or recipient of a communication (whether or not a person),
(b) the time or duration of a communication,
(c) the type, method or pattern, or fact, of communication,
(d) the telecommunication system (or any part of it) from, to or through which, or by means of which, a communication is or may be transmitted, or
(e) the location of any such system,
and this expression therefore includes, in particular, internet connection records.

54(6): In this Act “internet connection record” means communications data which -

(a) may be used to identify, or assist in identifying, a telecommunications service to which a communication is transmitted by means of a telecommunication system for the purpose of obtaining access to, or running, a computer file or computer program, and
(b) comprises data generated or processed by a telecommunications operator in the process of supplying the telecommunications service to the sender of the communication (whether or not a person).

223(2): “Communication”, in relation to a telecommunications operator, telecommunications service or telecommunication system, includes—
(a) anything comprising speech, music, sounds, visual images or data of any description, and
(b) signals serving either for the impartation of anything between persons, between a person and a thing or between things or for the actuation or control of any apparatus.

223(13): “Telecommunication system” means a system (including the apparatus comprised in it) that exists (whether wholly or partly in the United Kingdom or elsewhere) for the purpose of facilitating the transmission of communications by any means involving the use of electrical or electromagnetic energy.

223(11) and (12): “Telecommunications service” means any service that consists in the provision of access to, and of facilities for making use of, any telecommunication system (whether or not one provided by the person providing the service).

For the purposes of subsection (11), the cases in which a service is to be taken to consist in the provision of access to, and of facilities for making use of, a telecommunication system include any case where a service consists in or includes facilitating the creation, management or storage of communications transmitted, or that may be transmitted, by means of such a system.

223(10): “Telecommunications operator” means a person who—

(a) offers or provides a telecommunications service to persons in the United Kingdom, or
(b) controls or provides a telecommunication system which is (wholly or partly)—
(i) in the United Kingdom, or
(ii) controlled from the United Kingdom.

223(5): “Communications data”, in relation to a telecommunications operator, telecommunications service or telecommunication system, means entity data or events data

(a) which is (or is to be or is capable of being) held or obtained by, or on behalf of, a telecommunications operator and—
(i) is about an entity to which a telecommunications service is provided and relates to the provision of the service,
(ii) is comprised in, included as part of, attached to or logically associated with a communication (whether by the sender or otherwise) for the purposes of a telecommunication system by means of which the communication is being or may be transmitted, or
(iii) does not fall within sub-paragraph (i) or (ii) but does relate to the use of a telecommunications service or a telecommunication system,
(b) which is available directly from a telecommunication system and falls within sub paragraph (ii) of paragraph (a), or
(c) which—
(i) is (or is to be or is capable of being) held or obtained by, or on behalf of, a telecommunications operator,
(ii) is about the architecture of a telecommunication system, and
(iii) is not about a specific person,
but does not include any content of a communication or anything which, in the absence of subsection (6)(b), would be content of a communication.

225(1): “data” includes data which is not electronic data and any information (whether or not electronic),

223(3): “Entity data” means any data which—

(a) is about—
(i) an entity,
(ii) an association between a telecommunications service and an entity, or
(iii) an association between any part of a telecommunication system and an entity,
(b) consists of, or includes, data which identifies or describes the entity (whether or not by reference to the entity’s location), and
(c) is not events data.

223(4): “Events data” means any data which identifies or describes an event (whether or not by reference to its location) on, in or by means of a telecommunication system where the event consists of one or more entities engaging in a specific activity at a specific time.

223(7): “Entity” means a person or thing.

225(1): “person” (other than in Parts 2 and 5) includes an organisation and any association or combination of persons

223(6): “Content”, in relation to a communication and a telecommunications operator, telecommunications service or telecommunication system, means any element of the communication, or any data attached to or logically associated with the communication, which reveals anything of what might reasonably be considered to be the meaning (if any) of the communication, but—
(a) any meaning arising from the fact of the communication or from any data relating to the transmission of the communication is to be disregarded, and
(b) anything which is systems data is not content.

225(4): In this Act “systems data” means any data that enables or facilitates, or identifies or describes anything connected with enabling or facilitating, the functioning of any of the following—
(a) a postal service;
(b) a telecommunication system (including any apparatus forming part of the system);
(c) any telecommunications service provided by means of a telecommunication system;
(d) a relevant system (including any apparatus forming part of the system);
(e) any service provided by means of a relevant system.

225(5): For the purposes of subsection (4), a system is a “relevant system” if any communications or other information are held on or by means of the system.

225(1): “apparatus” includes any equipment, machinery or device (whether physical or logical) and any wire or cable