  
Home
Products
Internet Access
Hosting & Web Services
Hardware & Security
Mobile Services
Voice Services
Data Services
Domain Services
Channel Partners
Business Resources
Knowledge Centre
Case Studies
Business Solutions
Useful Links
Helpdesk
Product Help
Technical Library
Network Status
Customer service
Toolkit
WebMail
Fax to Email
DVS Control Centre
Web Password
Internet query tools
Downloads
Dial Companion for Broadband
Demon Newsletter
press release
19/08/1999
IOCA Consultation All interceptions of the public telephone system in this country take place under a strict regime of rules laid down by Parliament. These rules mainly provided for in the 1985 Interception of Communications Act (IOCA) 1985. Since its incept nearly 15 years ago, the communications industry has seen some what of a revolution and the growth of the Internet means the industry now exists in a vastly different form. The Home Office believes that the existing capabilities of the IOCA to lawfully intercept communications and search seized computers will be eroded by these developments and that it will no longer be able to act as an effective monitor. This was the view the Home Office put forward in a consultation paper released in June of this year. Within the report, the Home Office have put forward proposals as to how the IOCA can be amended to best suit these changes. Commenting on the report, the Home Secretary Jack Straw has stated that his proposals will "maintain interception as the most powerful weapon in the armoury against crime". His proposals include the creation of a single legal frame work to regulate the inception of all networks both public and private. Demon Internet was asked to comment on the proposals. Its response is below. 1. Introduction This is Demon Internet Limited's response to the Home Office consultation paper "Interception of Communications in the United Kingdom" dated June 1999. Permission is granted for this response to be made public and indeed Demon Internet intends to place this response onto its Internet web site for the benefit of its customers and others who are interested in these matters. Founded in June 1992, Demon Internet is the pioneer of low-cost flat-rate Internet connectivity in the UK and the Netherlands for both business and home users. As well as offering standard dial-up services for individuals, Demon Internet offers a comprehensive range of dial-up business services and leased-line solutions. Demon Internet is presently the fourth largest web hosting business in the world. In May 1998 Demon Internet was acquired by ScottishTelecom, the telecom subsidiary of ScottishPower plc. Our general position is that we accept that it is inevitable that the existing interception regime will be extended to the Internet. However, the Government does not seem to have understood the technical issues that arise. As a result, some of the proposals are either unreasonably expensive or just unrealistic. The de jure and de facto standards that apply to the Internet and the equipment used to construct it are created outside the UK, so there will be limits to how much the Government can realistically affect the capabilities the industry can provide. This document expresses our concerns about what is being proposed and we come to the conclusion that the Government should require us to perform a "best-efforts" approach to interception rather than setting specific targets and regulations. We hope that our comments and recommendations will be taken into consideration prior to the introduction of any new legislation. As an Internet Service Provider (ISP), we are limiting our main response to those issues that are directly relevant to our business. Nevertheless, we are aware that many of our customers have other concerns about the interception of communications, concerns that are shared by the Demon Internet staff preparing this response. Therefore, in Annex B we have included some further comments on the wider issues that affect the whole of society. 2. General We welcome the Government's decision to review the Interception of Communications Act 1985 (IOCA) and that they are consulting widely on their proposals. Events of the last few years have shown that UK legislation, particularly that relating to law enforcement, often needs to be brought up to date with respect to the Internet.
We have been left with the suspicion that the Government is interpreting complex scenarios and complex precedents so as to fit in with a pre-set agenda of extending interception generally and on the Internet in particular. 3. Specification of requirements 3.1 Lack of actual requirements The consultation document has little to say about what the interception requirements on Communication Service Providers (CSPs) actually are. The "traditional" model of interception consists of opening letters and tapping telephones, and perhaps there is little more that can be said about them. However, the Internet is a protocol stack, and interception can be carried out - in principle - at any layer of the stack. In particular, there is a substantial difference between intercepting raw data streams at a physical level on the wire and intercepting email at the application level by making an extra copy of the contents. It is thus difficult or impossible for ISPs such as ourselves to comment fully on the consultation, as we do not know what we are commenting on. Sections 5.3 through 5.6 make it equally clear that the Government is also unaware what is required, making it invidious to ask us if it is reasonable. In Annex A we have attempted to break this impasse by setting out some of the issues that should be considered. Moreover, we feel that when the Government has decided what it does require, then it should have a further consultation with a view to changing these requirements in the light of expert consideration of its suggestions. During the consultation period the Home Office has briefed ISPA and LINX on the level of interception capability that they consider will be necessary. From these briefings we have learnt that whatever the nature of interception might turn out to be, the Government proposes that an ISP of Demon Internet's size will need to be capable of handling one intercept per 500 incoming telephone lines and one intercept per thousand leased lines. Without working out the (commercially confidential) sums in detail, we note that capability at the level the Home Office proposes would mean that about one megabit of data per second would be flowing from Demon Internet to law enforcement agencies, and that this would be for just one large ISP amongst many within the industry. 3.2 Interception regimes in other countries The consultation paper implies that the type of requirement being considered is already in place in a number of countries. We are only aware of one country amongst those generally accepted to be a democracy that currently has such requirements on ISPs and that is the Kingdom of the Netherlands, where the Netherlands Telecommunications Act (1998) makes it necessary to provide wiretapping abilities. Our Amsterdam based operation must comply with this law, which requires the ISP to pay for the tapping equipment on the basis of one tap per ten thousand lines, a considerably lower requirement than proposed for the UK. In practice, requests from Dutch law enforcement agencies have occurred only twice and the maximum data flow was well within the capacity of a 64kbit leased line. We would also like to observe that the Dutch Government recognised the practical impact of their measures and we have a nine-month exemption before it is necessary to conform to them. We would expect that if the UK Government decides to impose what might well be considerably greater requirements upon UK ISPs, that there will be a substantial transitional period to allow us to meet our legal obligations. The "International User Requirements" mentioned in 5.6 are presumably those usually known as "ENFOPOL 95", which are in the process of being updated by a new document that states the relationship between the requirements of the older document and Internet Protocol (IP) networks. We note that the requirements are for a "real-time, fulltime monitoring capability" (Requirement 2) of "the entire telecommunications transmitted [...] to and from [...] the interception subject" (Requirement 1). This implies that the entire IP data stream must be recorded as it passes through ISP equipment and immediately passed on to the law enforcement agency. One does hesitate to say this must happen, even if it were to be entirely possible, because requirement 5.1 says that one must "not disclose information on how interceptions are carried out". Nevertheless, some possible schemes are discussed in Annex A2. We also note Requirement 8 that "Multiple interceptions may be required for a single target service to allow monitoring by more than one law enforcement agency. In this case, network operators/service providers should take precautions to safeguard the identities of the monitoring agencies and ensure the confidentiality of the investigations." Given the likely mechanisms by which traffic will be intercepted we do not consider it reasonable to build in complex provisions for duplicating the destinations of the intercepted traffic. Where multiple warrants for the same subject appear we think it should be for the Home Office to sort out the inter-agency issues, rather than impose extra complications upon ISPs. 3.3 Cost We do of course recognise that ISPs have a duty to co-operate with legally authorised interception and that, if the law requires it, then we will need to make plans so that we know how such interception could be done. However, ISP facilities are, in general, designed primarily to move data around as efficiently as possible, ensuring that the data goes only to the correct place. Adding an interception capability goes almost directly against this concept by delivering the data to multiple destinations. Thus the Government must in turn realise that where special equipment must be attached to the network for interception to take place, then this kit would exist only to provide such capability for law enforcement. We consider it completely unreasonable that we should bear any related cost since, as Annex A2 indicates, this cost could be a substantial proportion, probably 10-15%, of our infrastructure cost. It is also unclear from the consultation how often the requirements for interception are likely to change. It will be difficult to re-engineer a network at frequent intervals and legal advice on both the initial and subsequent requirements is also likely to be expensive. The equipment used is designed and manufactured abroad and special requirements will never be cheap. If there are to be frequent changes of specification then this is another cost that ISPs should not have to bear. To put it into the language of the consultation - we would view the provision of specific pieces of hardware attached to our network to be a marginal cost, just as much as operating costs for applying particular warrants. However, if the law requires an interception capability then we would not seek to be compensated for the hard to quantify one-off actual design work (both technical and legal) that ensures that it is possible to add such boxes into our infrastructure. We would, reluctantly, view these paper design expenses as just part of the cost of being in the ISP business. In fact, what we propose is exactly the situation at present. We already work with law enforcement when a warrant is served. However, when we have been asked to intercept traffic under an IOCA warrant, it has been agreed that the extra equipment needed would not need to be paid for by ourselves. We see no reason for the status quo on payments to change. We believe that if the law enforcement agencies were paying for interception capabilities then this would require them to show that they were getting Value For Money. If the ISPs are coerced into providing this capability without regard to the cost then the agencies are likely to use interception when other methods of investigation would be far cheaper when considered overall. 3.4 Exemptions for small ISPs We are greatly concerned by the suggestion that small ISPs might not be required to provide the same facilities as large ones. We do not believe that it is in the best interest of either industry or law enforcement for the public viewpoint to be "use a smaller ISP to protect your crimes". In fact, if the Government specifies differing intercept capabilities for differing sizes of ISP then they are effectively providing clear guidance to criminal elements as to the size of supplier they should select so as to avoid interception. If the issue is merely one of making the costs reasonable, then we have already argued in Section 3.3 that the law enforcement agency should be bearing these costs. In practice a small ISP will have a simpler network and so the cost of interception equipment will be correspondingly less. Small ISPs have advantages as well when considering "designing for interception". A small ISP is far more likely to be growing at such a rate that their network infrastructure is being replaced and redesigned on a regular basis. When Demon Internet was small, the network would be changing its structure from one month to the next with expenditures in the tens of thousands of pounds being made. ISPs of the size that Demon Internet is today will have network redesign cycles that are measured in years and the costs will run into tens of millions. If the issue with small ISPs is technical expertise, then we would also argue that it is not an ISP's role, whether large or small, to educate law enforcement as to what they should be requesting. We would envisage that the only actual difference between large and small ISPs would be in the nature of the relationship between the technical staff at the ISP and those people who are arranging the technical aspects of the interception for the law enforcement agency. A large and competent ISP would expect to be able to talk to equally competent people and a small ISP with fewer skills in-house should be able to rely upon these same people to do a professional job in assisting them. We set out below our concerns that the Government will effectively insist that we use particular types of equipment to allow for interception. We argue against this, but experience shows that expert opinions are not always heeded. If our views are overridden then we see it as anti-competitive that large ISPs should have to shoulder extra costs for special equipment whereas small ISPs are free to choose any equipment they wish. We believe that the Government has formed a view that if small CSPs cannot provide the interception capability required then they will merely intercept "up-stream". In the case of the Internet this will be highly inefficient or impossible. Even small ISPs will have multiple connections to the wider Internet, which means that it will be necessary to duplicate the interception at multiple large "up-stream" ISPs, increasing the cost to all concerned. Further, such "up-stream" interceptions will not detect traffic that stays within the ambit of the small ISP's network or indeed traffic that moves from one small ISP to another. Finally, interception that is done at an "up-stream" point would necessarily be of all the traffic passing to the small ISP and therefore traffic for all of the small ISP's customers would be intercepted and not just the traffic of the person named on the warrant. Interception of such an all-inclusive nature might be made technically legal but it would certainly not fit in with the principles that the Government has proposed. 3.5 The proposed role for OFTEL We understand the proposal that there should be a separate body to set interception capability standards. We disagree Bly that OFTEL should be this body. The Internet industry has had some experience with OFTEL on matters such as leased line pricing, local loop access and Internet private peering agreements. This has not given us a great deal of confidence that OFTEL currently have sufficient expertise in understanding the technical issues involved, or the experience to understand the particular character of the Internet industry. We believe that law enforcement will have similar reservations, in that OFTEL will have no personnel who understand the issues that matter to them. We believe that OFTEL is currently under-staffed and over-stretched so that new personnel would be needed to tackle the rest of their workload, even if the skills were available "in-house" to set interception standards. If a new team must be assembled then the OFTEL umbrella has little advantage over any other organisation, and as indicated above, past experience would give the disadvantage of starting from a position of limited trust. We would suggest that the existing ACPO/ISP forum should be consulted to see whether these groups could identify the expertise that would be needed to construct the technical standards and the reporting line from the resulting forum should be directly to the Secretary of State. We believe that the track record of the ACPO/ISP forum in getting personnel from the law enforcement agencies and the ISPs to work together on issues of mutual concern makes it very likely to succeed in locating the right people to serve on a standards creating body. In any event, no matter how the standards are constructed, before they are put into place we consider it essential that the Secretary of State should consult widely to ensure that they are appropriate for the whole of the ISP industry. 4. Operation However the requirements for interception turn out, we accept that there will be legally binding requests for ISPs to intercept traffic on their networks. This section of our response sets out the essential "ground rules" that will have to be applied. It is vital that ISPs must continue to have complete control over their own networks. If others can control their operation then there is a significant risk that the delivery of service to the ISPs legitimate customers could be compromised, with a consequent loss of business. We note that it is Government policy to encourage E-Commerce and the use of the Internet. Any proposal that degrades the level of service that we can offer to our customers will affect our position in a highly competitive worldwide market, and will therefore run directly counter to the Government's vision of making Britain the "best place in the world to do business electronically". No matter what interception capabilities are required or provided, the ISP must not be required to deliver any data to law enforcement other than that which it is reasonably sure relates to the addresses specified on validated warrants. The data should be delivered to some interface point within the ISP's facilities, after which the relevant law enforcement agency would transport it to its final destination. ISPs would expect to deal with technically competent staff, who are aware of the relevant Internet protocols and their properties. We are not in business to provide free training for law enforcement. Our experience in the past is that this is an important practical issue and the Government should consider making the use of centralised expert assistance, from NCIS or elsewhere, mandatory when a local police force wishes to implement an interception order. With these general points in mind and looking at the costs that are likely to be incurred, we believe that ISPs must NOT be required to provide:
In particular circumstances, it may be that an ISP will wish to relax these requirements by agreement or on commercial terms. For example, data could be transferred to law enforcement premises by a leased line that is paid for at the normal rate (or perhaps a negotiated cost-plus arrangement). Naturally, such relaxations could not provide immunity from any legal requirements such as only providing data for addresses on the warrants. 5. Effectiveness The Internet has two major characteristics that make it very different from (say) the traditional telephone network. It is much more decentralised, and it works on a basis of "best efforts" delivery rather than guaranteed data paths. The lack of central facilities, central control or even central governance has been a crucial factor in the Internet's remarkable success. Attempting to impose special controls upon some networks that make up the Internet is very likely to affect the competitiveness of these networks and cause them to fall behind in what is now an extremely competitive worldwide industry. 5.1 Localised traffic The networks that form the Internet are systems that have been deliberately designed to have as few "pinch points" as possible. Telephone calls on public networks always go as far as the local exchange, even when they are being made to the person next door. On the contrary, if two Internet users happen to be dialled in to the same Network Access Server (NAS) then traffic between them might never leave that server. This means that interception done other than at the NAS can potentially miss traffic. This is essentially the same issue that was discussed above in section 3.4 as affecting traffic between and within small ISPs, but it is now occurring within a single piece of equipment on a single ISP's network. Whilst it might be suggested that the solution to missing this traffic is to intercept within the NAS, the particular equipment used by ISPs might not have the relevant capabilities, or using the capability may significantly degrade the service available to other users. NASs are not designed for interception purposes, but to handle customer data in a cost efficient manner. We do not consider it acceptable to have our choice of NAS equipment restricted by the need to meet the requirements of law enforcement, particularly when this capability will be rarely used and we will have paid a premium for having special facilities built in to meet the non-standard requirements of the UK market. 5.2 Multiple data paths Because Internet protocols, and routing protocols in particular, only offer a "best efforts" mechanism, this means that the integrity, or rather the completeness, of an interception cannot be guaranteed. For example, it is common for multiple data paths to be provided within networks so as to provide resilience in the face of problems. This means that traffic can be routed in a number of ways between the same end points. Thus to intercept the entirety of a connection it will be necessary to intercept on multiple paths. In situations where faults are being detected by the routing protocols it may be that parts of a message "fall through the cracks", especially if the same infrastructure is being used to move the intercepted message to the law enforcement collection point. Whilst of course ISPs will recognise any legal requirement that makes it necessary to design networks so that there is a capability of interception, this capability would itself be only a "best efforts" provision. Although networks can be designed to alleviate difficulties with interception, it cannot be guaranteed in all possible circumstances. The practical issues are considerable, especially when one considers that parts of the routing system are "soft", meaning that they change on the fly. We are already building networks where it is hard to predict their dynamic behaviour in the face of changing external conditions on the worldwide Internet. The networks we build tomorrow will be even more complex. We would consider it quite unacceptable that our network design engineers might be subject to criminal penalties because they missed a detail that only affected interception. It would be even worse if operations staff were potentially liable because they - for sound reasons - made changes that happened to reduce the effectiveness of an intercept, which they might not even know was in progress. 5.3 Performance issues Equipment used for routing data over the Internet is seldom over-specified in terms of performance. In fact, to ship products "down to a price" it is common to find that boxes run short of power when they are fully loaded. If this equipment is also expected to be handling interception tasks then there must be a concern that the other tasks it should be performing will suffer. If circumstances dictate that several interceptions are being performed simultaneously then it becomes ever more likely that legitimate users will suffer reduced performance. This clearly leads to a competitive disadvantage for the ISP. We are concerned that the Government will specify minimum compliance interception capabilities for Network Access Systems (NASs) or routers, leading to extra complexity, higher prices, reduced manufacturer choice and a considerable disadvantage to any ISP that decides to use this equipment. We note, looking back a few decades that this has happened before in the telecoms field. It took over fifteen years to develop System X and roll it out to the whole country. It is generally accepted that this timescale was extended by the necessity to provide interception capabilities, and indeed equipment (System Y) had to be bought from Ericsson in Sweden to plug the gap. We do recognise, to repeat the realities of the situation, that interception can be necessary and in the interests of society. However, the Government should be very wary of over-specifying interception capability because of the impact (performance or price) that this is likely to have upon all other British users of the Internet. The Government should learn the lesson from its interference in telecoms development and approach interception on the Internet in a much more hands-off manner. Besides the System X example already cited, the Telecommunications Act 1984 was drawn up on the basis that there would be a small number of telephone companies who would talk diligently to OFTEL on matters of mutual interest. Reality turned out rather differently, and fifteen years later there are several pages in the draft Electronic Communications Bill, which finally aim to untangle the mess. The Government should be aware that the Internet industry is far more fast-moving and competitive than telecoms ever was. "Hands-on" rules take a finite time to change, and it will never be possible to adapt a restrictive legislative or regulatory regime fast enough to allow British ISPs to compete on the world stage. 5.4 Encryption The consultation paper assumes throughout that when material is intercepted it will be comprehensible to law enforcement. We note that encryption is beginning to become commonplace and we expect more and more traffic to be made secure as a matter of course. If interception merely yields material that cannot be comprehended then the expense and inconvenience of an interception regime must come into question. That will not be the case for a few years yet, but we recommend that the Government commit to a further review in, perhaps, five years time to consider whether interception has by then become an outmoded requirement on CSPs. 6. Targeting The consultation appears to have been drawn up on the assumption that Internet accounts are opened by, and used by, a single person. Thus an intercept on a person simply requires interception of an account. This is far from being the case. About 50% of our accounts are used by businesses where an indeterminate number of people share the one account, and we have no way of telling who is doing what (several may be using the system at the same time). Even where accounts are used for personal reasons, it is common for a family or household to share the account, and the same issues arise. The consultation fails to address these points. We are particularly concerned about situations where a warrant is such that we are fully aware that more data will be intercepted than just for a single person. We would apparently commit an offence by failing to implement the warrant. Conversely it is unclear what duties, either under the civil or criminal law, we might have to inform either the oversight Tribunal or indeed the intercepted people not named on the warrant that their data was being intercepted. This concern is especially present if the scenario discussed in section 3.4 comes about and an "up stream" provider is tapping into the incoming email traffic of a small ISP who are unable to provide interception capabilities of their own. It is in the nature of the email transfer protocol (SMTP) that it would be necessary to intercept all traffic on the relevant TCP/IP port (25). Even when the email was destined for someone totally uninvolved, it would still be necessary to inspect the email so as to check whether the next email in the stream was of interest to law enforcement. If this interception and inspection operation is not under the control of the ISP but the data stream is being passed to the law enforcement community in a "raw" form then it is clear that many people not named on the face of a warrant are having their email intercepted. We would welcome clarification of the duties of the ISP in this type of scenario. 7. Communications data The issues surrounding access to, and archiving of, communications data are currently rather unclear. There are significant drawbacks and some customer disquiet about the current de facto arrangements. The consultation does not go very far in addressing these issues and concerns. At present, the police regularly make us aware of a serious crime, which they cannot investigate without us providing contact information for one of our customers. They know the Internet identity of the person they wish to investigate but only we, as their ISP, can link this to a real world identity. We are able to supply this personal information but avoid infringing the Data Protection Act 1984 by taking advantage of the defence available under section 28(3) [section 29(3) in the 1998 Act]. We believe that this arrangement (famously described by Peter Sommer as "cosy"), which does of course allow the police investigations to proceed when they would otherwise be stymied, will break down in the face of a specific commitment to our customers that their personal details are confidential. In the relatively near future ISPs are likely to insist that the police always have a warrant before data can be made available to them. We do not believe that the police will have any difficulty in obtaining the necessary warrants. A joint ISP/user initiative called the "Internet Users Privacy Forum" (IUPF) is currently developing Best Practice guidelines in this general area. We note that the consultation believes that the access should be governed by statute and we have no problem with this replacing the sort of voluntary arrangements that the IUPF is expected to propose. However, we consider that this access should be subject to judicial warrant and should not be available just on the decision of a policeman, even a senior officer. If the police cannot justify the need for the data to a judge or magistrate, then the data is almost certainly not actually needed for their investigations to proceed. There are other items of primary and secondary legislation, and indeed a European Directive, which restrict or prohibit the storage of various kinds of communications data or its disclosure to law enforcement. We would like to see the legislative situation rationalised so that there are consistent requirements, both minimum and maximum, on storage of this data, and that all external access requires a judicial warrant. 8. Staffing The Government should be aware that it would be impossible for ISPs to hide the presence of intercept capabilities from their staff, nor do we consider it reasonable to even attempt to do so. In the same way, it would not be practical to select staff to run our networks on the basis of criteria such as those involved in "positive vetting". We understand that the knowledge of individual intercepts should be kept to as few people as practical, however the Government must note that this is unlikely to be an especially small group. No ISP is of such a size that it can create a department solely to handle interceptions. If the current rise in intercept warrants continues, even at a linear rather than exponential rate, we would expect to see a total of around 10,000 warrants a year by 2005 and the majority of these would involve the Internet. A large ISP with, say, 10% of the market would therefore expect to be handling several new warrants a day and there would be several hundred active at any one time. This estimate is broadly in line with the requirements explained to ISPA and LINX, when one considers the likely number of incoming telephone lines a large ISP will have in 2005. The consultation paper envisages regular changes to existing warrants to intercept more addresses and this would lead us to project that a large ISP would be handling about 10 changes per day, each of which would need to be verified by legal staff and then implemented by operations staff. We think it would be considerable work to develop a system to do either of these tasks in an automatic way because of the importance of building in considerable safeguards. Consequently, we expect procedures to continue to be mainly manual, and on the sort of scale we project for the next decade it would be necessary for a fair number of staff to be aware of the procedures involved. It would not be practical to restrict this sort of activity to vetted staff or even just senior staff, particularly if there is a requirement for the changes to be made in a timely manner on a 24 by 7 basis. Besides those who implement the intercepts, it is almost certain that, from time to time, the identity of an intercepted party will become known to other operational staff. For example, while investigating low-level problems they may see the intercepted traffic being passed on to the relevant law enforcement agency. It is not practical to design our systems to prevent this. Having made it clear that many people will be aware of interceptions, we are equally clear that we would not expect "leaks" to happen in practice. Our staff, including very junior members, already have access to personal data referring to our customers and are regularly reminded that they are subject to the requirements of the Data Protection Act. Relevant staff would be similarly reminded that they were subject to IOCA and thus must not reveal the details of intercepts. 9. International issues 9.1 Availability of equipment At present, the majority of the networking infrastructure equipment that we purchase (NASs, ATM kit, routers, bridges etc) is designed, and often manufactured, in the United States. It is far from clear that specifically British requirements for interception capabilities will be heeded by these manufacturers, or where they are catered for, that the pricing for these "special needs" are likely to be small. Increasing our costs makes it harder for us to compete against companies from elsewhere in the world who do not have to meet these expensive interception requirements. 9.2 TransNational networks Demon Internet already operates a network with equipment in three countries (UK, US and the Netherlands) and has plans to operate in further parts of the European Union. Some parts of the user access infrastructure for the Netherlands are in fact physically placed in the UK and at times UK infrastructure has been housed in the Netherlands. The consultation paper does not really address international issues at all. Is a UK CSP expected to act on a warrant when the best place to place the intercept is physically located in the United States where wire-tapping legislation is rather different? If the Government sees this as a design issue ("you should not design your networks that way") then this is a considerable imposition on our freedom to develop our business in an effective manner. This is especially true in mainland Europe where the key to success may well be in rolling out systems that take little heed of national boundaries. Once again the Government runs a very serious risk of damaging our ability to compete. We believe that the Government's approach should be that interception should be on a "best efforts" basis in the light of network infrastructure that we choose to deploy on commercial grounds. We would also suggest that the Government address the international dimensions of interception themselves so that an ISP can safely ignore national boundaries when acting in response to a warrant. 9.3 Peering and Transit arrangements A network peering arrangement is where two network operators agree to swap traffic at their boundaries. A network transit arrangement is where that traffic is actually destined for a third party and merely transits a network before being passed on again at another boundary. The Internet exists and works because there are huge numbers of peering and transit arrangements all over the globe. Peering arrangements are usually done for mutual benefit, whereas transit capacity will typically cost real money. The existence of an interception regime in the United Kingdom will seriously affect our ability to sell transit capacity and thereby profit from spare capacity on our network. One of our major transit partners already requires us to warrant that our network is not "tapped" because they have a need to reassure their customers in the United States. When new legislation appears we will need to renegotiate that contract. It would be of considerable benefit to British ISPs if "transit" traffic, whose source and destination was not within the United Kingdom, was not capable of interception under an IOCA warrant. Chris Hallpr1999-08-19a.shtml Demon Internet Limited Note to editors: Demon Internet - Founded in June 1992, Demon Internet is the pioneer of low-cost flat rate Internet connectivity in the UK and the Netherlands for both business and home users. As well as offering standard dial-up services, Demon Internet offers a comprehensive range of business services including business dial-up and network dial-up for small to medium-sized businesses and a leased-line solution for corporates. Web hosting is offered by Demon Internet who are the fourth largest web hosting business in the world. Technical support is provided, 24 hours a day, 7 days a week, free of charge to every user. In May 1998 Demon Internet was acquired by ScottishTelecom, the telecom subsidiary of ScottishPower PLC. For further information please contact: Colin McSeveny or Ann Hood at ScottishPower Press Office Demon Internet Press Office |
©Copyright 2008 THUS
|
|
|
