What do ISPs charge the law to spy on you?

Discuss

23 Responses to “What do ISPs charge the law to spy on you?”

  1. Cowicide says:

    hrrmm… After-hours emergencies: Yahoo! Security at 408-349-5400

    [ring... ring...]

    “Help! Help! This is an emergency! Our civil rights are going to shit!”

  2. Cory Doctorow says:

    @3: “Why wouldn’t they hang on to records?” Because the more the keep, and the longer they keep it, the greater the likelihood of harmful disclosure, either as the result of a court order or an accident or a crime.

    • Anonymous says:

      Harmful to whom? I don’t see how Yahoo can be harmed by this. And given that Yahoo still doesn’t give a hoot about you, especially if you did something that might be judged “harmful” I don’t see why it’s in their best interest not to keep this data. Especially considering that they get paid for finding it.

  3. Frank W says:

    Sheesh, they’re cheap. If you’re going to sell out like that in the first place, you should at least have the good grace to suck up ten times as much taxpayer money.

  4. Graham Anderson says:

    In the UK, under the Regulation of Investigatory Powers Act, ISPs can charge the same kind of fees to cover costs for law enforcement requests. As reported by the BBC and others, those charges can be “as much as £65 a time” (http://news.bbc.co.uk/1/hi/uk/7840924.stm). Some ISPs do not charge UK police at all for these requests – AOL has a policy of not charging in the UK as they do not in the US (AFAIK, this may have changed).

    The Child Exploitation & Online Protection Centre is lobbying hard for them to be exempt from this provision of RIPA as they think it should be part of the cost of doing business for the ISPs, but it can be argued that attaching a price tag to each request helps moderate law enforcement’s insatiable desire for data on each and every one of us.

    Is HMG’s desire to have a central database of all internet communications managed by them just a desire to get the cost of unlimited access down to a more manageable level?

  5. bjacques says:

    I would think the government bodies concerned would just laugh in the ISP’s figurative faces and tell ‘em to add it to their customers’ bills. I thought they had anyway.

  6. BritSwedeGuy says:

    I’ve worked for a couple of large Telecoms companies, both didn’t keep detailed records for more than was necessary for billing purposes because of the sheer volumes involved.
    Sweden, France and the UK are going to choke on their data if their idiot governments persue their various 3 strikes policies. And their customers will choke on their freshly-inflated bills.

  7. Darkflame says:

    Charging seems perfectly fine for me.

    The important thing is not what they charge but when and how they grant access.
    eg.
    a) Anyone from “the law” at any time.
    or
    b) With a court order, under some circumstances.

    I can understand Yahoo wanting to be reemberised for their time and these fee’s arnt much.
    Your paying for an engineer to spend half hour to an hour getting the relivent information from a database, formating it nicely, and sending it off.
    If the database is well secure, and the ISP’s are doing their job. This shouldnt be too easy (ie, not everyone on the staff should have access), and they should double check everything.

    Id be more worried if they didnt charge.

  8. Anonymous says:

    More evidence that you need a good encryption program, even on your free email accounts. PGP anyone?

  9. Red Leatherman says:

    They will sell the contents of your user account for $40.00 bucks to a leo but no amount of begging pleading or cash can get your own account contents back if you get locked out of your own email by someone.

  10. Anonymous says:

    Good luck removing this, Yahoo. It’s fair use for the purpose of discussion and commentary. It is newsworthy and there is a compelling public interest in the dissemination of this item.

  11. Anonymous says:

    The trick is to post contradictory stuff in multiple places. This way, all they manage to accumulate is a meaningless pile of confusion, Making them waste time and money is the only protest you can make on the individual level – um . . . or, so I’ve heard. . . .

  12. Anonymous says:

    I’ll bet one could argue for a class action suite for royalities to the person whose data was provided if it could be shown their copyrighted information sold to the police generated a profit for the ISP.

    It’s one thing to provide info under a court order for no profit, but if a company is profiting on your writing’s being sold to a client no matter what the reason you can demand a cut of the profit’s as copyright holder in your own writings.

    I’d love to see that lawsuit.
    Then either ISP’s would need to verify they don’t make a profit from selling your writings or you would have a right to royalty statements every time your stuff was sold to law enforcement for a profit.

  13. Cowicide says:

    apologists… start your engines.

  14. mdh says:

    well said. Thanks.

  15. Cowicide says:

    is that a statistical fact or conjecture? Do odds and averages really work that way? If Yahoo (for example) keeps account records for one year, five years or forty years it would be interesting (statistically) to see if year one is any different than year forty. Court orders, accidents and crimes can’t really be put on a statistical graph, can they?

    Right, what could possibly go wrong?

    http://attrition.org/dataloss/

    http://www.theregister.co.uk/2004/06/07/hdd_wipe_shortcomings/

    http://news.cnet.com/AT38T-leaks-sensitive-info-in-NSA-suit/2100-1028_3-6077353.html

    http://egocentral.invisionzone.com/index.php?showtopic=2778

    http://www.techcrunch.com/2006/08/06/aol-proudly-releases-massive-amounts-of-user-search-data/

  16. Tynam says:

    @stevennatural: Actually, court orders, accidents and crimes are good all examples of things which can be and are graphed statistically. For an individual they obey an (undetermined) random distribution with large variability (math geek for “it’s pretty unpredictable”).

    But for a large population – say, all Yahoo users – it’s easily possible to study the odds for the population as a whole with great accuracy. (I doubt this study has been done for Yahoo, because Yahoo probably haven’t and nobody else has the data, but it’s possible. It’s been done before for other institutions.)

    Odds of disclosure are strictly nondecreasing with time, so yes, in this case, odds and averages really do work that way.

  17. AnthonyC says:

    “s that a statistical fact or conjecture? Do odds and averages really work that way? If Yahoo (for example) keeps account records for one year, five years or forty years it would be interesting (statistically) to see if year one is any different than year forty.”

    This is irrelevant. There is some chance of “harmful disclosure” in year one, some chance in year two, and so on. Call these event one, even two, event three, etc. The probability of disclosure in either year one or year two (P(e1 or e2)) is necessarily as large as or larger than disclosure in year one alone. The key insight is that you can’t get to year two without passing through year one first.

    So, odds of harmful disclosure are zero at time zero, and increase monotonically and asymptotically to one.

  18. mdh says:

    All three are unpredictable (except possibly a court order)

    false.

    Information NOT kept cannot be released. A null option’s chance is always zero. A zero sided die cannot roll a 1. There is a constant zero percent chance.

    If there is a constant low chance of kept information being released, then the passage of time, in fact, increases the odds of said release. Roll a 10,000 sided die repeatedly and eventually you wil roll a 1.

  19. Anonymous says:

    Actually I believe the act of rolling a dice generates a unique random result each time. Rolling the dice repeatedly does not increase the odds of a certain number coming up. Each roll is a new unique random event. I do agree with you though that holding the data for increasing periods of time would increase the chance of it being somehow released.

  20. echolocate chocolate says:

    Rolling the dice repeatedly does not increase the odds of a certain number coming up.

    You are no more likely to roll a 1 on any individual roll but we’re talking about the cumulative probability of lots of rolls.

    You can think about it like this: For a 6-sided dice, the probability of rolling a 1 is 1/6. So, the probability of NOT rolling a 1 is 5/6 (0.83..).

    For two dice rolls, the probability of not rolling a 1 is (5/6 * 5/6) = 25/36 (0.694..), so the probability of rolling a 1 is 1 – (5/6 * 5/6) = (0.305..), already higher than a single roll.

    For 100 dice rolls, the probability of rolling a 1 is 1 – (5/6)^100 = 0.999999. In other words, extremely likely.

Leave a Reply