A friend of mine asked me to comment on what Oscar Swartz writes in his blog about the data retention legislation in Denmark. I am happy to do so.
I am a member of the investigation in Sweden looking at what a Swedish implementation could look like. I partly because of this has both met the Danish ministry that is responsible for their law, and also a group in the European Commission that is looking at creating (I hope, the goal is a bit unclear) a guide that will lead to better harmonization between the implementation in the different member states.
So, I have met the people in Denmark. And, what Oscar writes in his blog (in Swedish) is correct. ISPs in Denmark (a provider of IP packets that have customers) is to store information about the first and last IP packets in what normally is called a flow (unique combination of {IP-address of sender and receiver, port number on each side and protocol}). A five-tuple. And also correct is as Oscar writes that if they can not do this because of technical issues, it is “enough” to store one packet out of 500 belonging to a customer.
This has to be stored at the point in the network of the ISP where they either exchange traffic with other ISPs, or where the packet go from the network to a service (that the end user subscribe to). This last I guess because the European Directive say that one only have to store information in one place, so this is to minimize the risk that data has to be stored multiple times.
Anyway, the implications are enormous, and they have not at all been thinking of the implications. Just the fact they talk about customers and services. What if two end users exchange traffic? And what about the requirement in the directive to store information about caller id when doing phone calls and email address when email is sent? Well, the response was a lot of handwaving that resulted in (my interpretation) that the legislator in Denmark did not want to disclose they have made the same mistake as in Finland. They think ISPs are the only ones that run services on top of IP.
The conclusion is that things are as Oscar writes, or worse.
There is something rotten in the kingdom of Denmark…
I just hope we can manage to get something better in Sweden.
And all of this just because the European Directive is so completely broken. It has as a goal that we should be able to find criminals, but it does not help with that. It is written by people that have absolutely no clue how networks and Internet works. And, they did not listen. Many of us tried to talk with them (including Department of Justice in Sweden), but noone wanted to listed. We all said this will be a mess. And here we are.
I can just say I will continue to do the best I can to make the Swedish implementation at least doable from a technical point of view. Will it help the police? Maybe. Will the cost be too high? Definitely!
And we will definitely not get the harmonisation between the member states that was the intention. At least someone in the commission seems to have recognized that. But, this is too late. We already have extremely broken legislation in some countries (like Denmark), partly broken like in the UK and possibly only a bit broken (that still does not help compared with the tools that already exists today) in Sweden.
Can we not stop with this stupidity?
How about Sype? Isn’t that available in Denmark? Also, I have a neighbor who’s getting free satellite tv. I have no idea how he’s doing it but he has it.
I like the fact that Political Association of Denmark made it so simple for people to keep their anonymity via the internet.
Why help them? Is it good for you career, is that why you lend your self to this kind of, yes downright evil, people? I guess you defend yourself with some wierd excuse that you are allowed to sit down with them doing damage control. In that case, what more do you lend your self to with the same wanna-be-in-the-game excuse? How many more small steps on the path of good intentions leading to disaster are you going help them with? I can really see you sitting there beeing polite.
Please, let them fuck up big time, so people reconize them for what they really are. This is people attacking the very foundations for freedom and democracy, we really need to quickly get to the point where decent people refuse to work with them no matter what, before it is to late. That is the way of doing real damage control, not helping them.
One have to always choose what wars to fight, and I have chosen to try to make people that create legislation and regulation understand who can be responsible for what on the Internet. This data retention discussion is just one example.
I also disagree when you say that you seem to think the mistakes they have made in the legislation will be bad enough so they will revoke them. They will not. Instead the Internet we know will go away, and Internet / Broadband access will look exactly like cellphone, cable TV, satellite TV etc. You buy the basic subscription from someone, and then you only can choose additional services from that same provider.
This has to be fought, and as I said, I have chosen to explicitly work on who is responsible for what, specifically when being related to efficient competition from the consumers point of view. And, I think only people writing about the issue like myself, and Oscar and others, can make the politicians be really aware on how bad things are.
But, many people think like you, and I accept that.
What you describe seems to be exactly what is illustrated here.
You are very close to describing a schoolbook example of how to make a puppet on a string. It may be easier for you to see by making example of another person, the politician Johan Linander. In opposition he was very much against the so called FRA-law, but as soon he and his party came in power, he turned 180 degrees. Now working hard to pass just that law, and his excuse was; that beeing in favour he got to sit by the table with the others, doing very cosmetic, or only rethoric damage control. No law will ever be halted by that kind of reasoning, maybe just render it a little “broken” in the edges. They bought him very cheap, just offering him a place at the table, to play with the big boys that he sought for. But belive me, a person that cheap and easy to control, will never get any real influence given to him by the big boys, they know him all to well for that since they could do it in the first place. The exact same goes for our current minister of justice, she was very much against this dataretention directive when she was in opposition, but what does she say now..
I even think this directive came into beeing in the first place by exactly this using of weak people that easily could be used as marionettes doing their masters dirtywork. The letter to our former minister of justice Bodström tells at least me that. He probably did it just to go along, be allowed to sit and play at the table with the big boys.. (yea, proposing what they do on a paper stamped with that footer, has nothing to do with a just and tolerant society. It is the same rethoric used in all totalitarian regimes, and that is what this is about. – I am not kidding or exagerating here)
Or we could play the tape a little longer, getting to the really bad tunes. What if the issue was torture, allowing police and military contractors to use torture, and you where some kind of doctor with knowledge about how much pain and wounds a human beeing can stand before death occurs. Would you still help them, giving them the info they need? Extreme example? Yes, but it is really not that many steps further on path from what we are talking about now.
“Can we not stop with this stupidity?” Well, not by helping them making less “broken” laws. The “crime” do not lie in the brokenness, the crime is done by not leaving innocent people alone and tracking their lives, helping them to do that in a less “broken” way makes you one of the perpetrators. I really hope that i have misundertood what you are doing, really.
And ohh, the; if i do not do it, some else will. Is some of the worst coward excuses around.
Why not just to use VPN service and protect the full privacy?
However IT-Political Association of Denmark, a small grassroots organization, made a live cd called Polippix that you can use to surf anonymously on the internet, do anonymous phonecalls and more.
It was sent out with the member-magazine of an IT-professionals labor union, a print of 12.000 CDs. After that the press discovered it and there was much debate since it could circumvent the idea of data retention. The argument of IT-Political Association of Denmark was that these were tools already available on the internet. This just made it easily available to the regular danish citizen. It was downloaded by more than 25.000 Danes!
I agee with you, why just not use it ! I can work well and fix the problem !!
Anyway, the implications are enormous, and they accept not at all been cerebration of the implications. Just the actuality they allocution about barter and services. What if two end users barter traffic? And what about the claim in the charge to abundance advice about addition id if accomplishing buzz calls and email abode if email is sent? Well, the acknowledgment was a lot of handwaving that resulted in (my interpretation) that the administrator in Denmark did not wish to acknowledge they accept fabricated the aforementioned aberration as in Finland. They anticipate ISPs are the alone ones that run casework on top of IP.
Anyway, the implications are enormous, and they accept not at all been cerebration of the implications. Just the actuality they allocution about barter and services. What if two end users barter traffic? And what about the claim in the charge to abundance advice about addition id if accomplishing buzz calls and email abode if email is sent? Well, the acknowledgment was a lot of handwaving that resulted in (my interpretation) that the administrator in Denmark did not wish to acknowledge they accept fabricated the aforementioned aberration as in Finland. They anticipate ISPs are the alone ones that run casework on top of IP.
Why not just to use VPN service and protect the full privacy?
However IT-Political Association of Denmark, a small grassroots organization, made a live cd called Polippix that you can use to surf anonymously on the internet, do anonymous phonecalls and more.
It was sent out with the member-magazine of an IT-professionals labor union, a print of 12.000 CDs. After that the press discovered it and there was much debate since it could circumvent the idea of data retention. The argument of IT-Political Association of Denmark was that these were tools already available on the internet. This just made it easily available to the regular danish citizen. It was downloaded by more than 25.000 Danes!
Greets Biathlon