VPN in the UK
You need one, here is the latest reason
I have talked for a long time about the many benefits of using a
VPN. And I don’t mean simply using it to unlock geo restricted content (however awesome that is!). No, I have mentioned many times that the best reason to get a VPN is the security it affords you. ( whereas DNS is just location masking)
In the UK this week, the Home Secretary, Theresa May, decided in her infinite wisdom to roll out an unworkable solution to various criminal and ‘terror’ related matters by deciding that it is in everybody’s interest that every web site or web activity you undertake is logged in full for a 12 month period.
FACT: Criminals do not know how to hide their internet activity
I am shocked that the above paragraph sounds as ridiculous when read out as it did in my head when I thought of it. So, now the home secretary has decided to tip off the criminals of the world and their terrorist counterparts, none of whom she assumes know how to hide their online shenanigans, what we are left with is a simple case of mass data collection.
FACT: Haystack Collection Achievement Unlocked
In essence, to try and prevent a situation where the authorities would have to try and find a needle in a haystack, or indeed find the haystack at all, they have decided the best way is to simply collect every and all existing haystack, and worry about the needle ‘if it ever crops up’.
The repercussions of this are tremendous. The practicalities alone are immensely difficult, I mean, how can you guarantee that an IP address belongs to an individual, how can you determine how many individuals share an IP address on an ISPs network, how can you tell which individual in a house uses the IP address for the offence in question?
Then there is the storage. OK, it will be largely text, but still this is every web activity. WhatsApp, BBM, iMessage all use the web. Facebook, Twitter et all. All use the web.
What if I use a website to self diagnose a medical condition? buy medication? download a porno or worse… watch a youtube video that is clearly subject to copyright which has been flouted by the uploader (yeah I said it!! its not all on p2p / popcorn time and torrent sites you know!). That would be illegal right? I’m watching without paying whether its on a dodgy website or on a website belonging to the kings of the internet (Google. You knew that though right?)
A VPN in the UK is a must because Sensitive Data is such a high risk in storage
My point is. Thats a hell of a lot of information to store. In the UK, we are very reserved in some areas. For example, its generally frowned upon to talk about money, religion or politics unless with close family and friends. We daren’t speak of medical conditions or embarrassing things, hell half the time we don’t even complain properly. But your web searches will show all these things. Im pretty sure if you gave me unfettered access to your 12 months worth of web searches and activity I could tell you your sexual orientation, your political allegiances, your societal tolerances (or intolerances), make a good guess at your financial stability, identify your close friends and family, not so close friends and family, people you do not like, things you do not like, that you had a rash 6 months ago, that you bought cream for it. That you are still buying cream so it hasn’t cleared up etc etc etc
Clearly, you wouldn’t be comfortable giving this all information away. After all, this information is considered sensitive. You wouldn’t declare it on a job application as it would be illegal to ask you to, you wouldn’t tell most people any or all of it unless you HAD to. Im willing to bet you are not too happy about the government collecting it all. Oh and here is the kicker.
The government is using private companies to collect it. But thats OK we trust governments and private profit making companies with our data, oh no hang on, I must have been thinking about a different article there. Scratch that. Maybe I was confused with what happened with TalkTalk
Essentially you have no choice but to have the government collect your data via your ISP, who then has to keep it in a pandoras box until such time that someone sees fit to access it because of [INSERT REASON FOR ACCES HERE]. Call me cynical. I can think of one group of people of who love access to that information in particular. Hackers. Constantly trying to access the servers of big companies and why? to get the data, why? to sell, extort or use in some other way that no good can come from it.
Whats in an IP address?
There is another thing though. What is the stop the data being mined first by the ISP? That data would be invaluable in assessing consumer behaviour. A simple bit of data mining would point them in the direction of the latest torrent sites they need to shut down, the number of customers looking at their competitors’ websites, the possibilities are endless. How can an ISP ensure that an employee, disgruntled or otherwise won’t try to access the data? there are simply too many potential points where this can go horribly wrong.
One that springs to mind for me, and is likely to be the more common situation. Lets give the government the benefit of doubt and say they have a legitimate reason to access the ISP address 220.127.116.11 (i made that up!). But 250 subscribers in total used that IP address in the last year.
Does the ISP give them the browsing and net activity of 250 people / households?
Does the ISP have authority to search the records or only to store them? Is the data stored encrypted well enough? who knows the decryption method?
Does the ISP mine the data to pull out the 1 person that caused the request for data in the first place? If so how? Are the ISP linking names and addresses to IP address and storing those, because the act said that just browsing activity and IP addresses. Who is mining and what?
Consider that they simply hand over the IP address activity wholesale to the detectives, for romantic purposes, lets say its handing to MI5. Lets say that whilst searching the data, 10 people (not in question under the data request) were found to have accessed either inappropriate web material or outright illegal material online. What happens to the 10? are we comfortable that our security and law enforcement services take no action or are we happy that the data was accessed fairly under the law and should be acted upon, ergo leading to 10 additional arrests in addition to the person for who the data was originally requested for.
Which is the lesser of the two evils? Where is the line that is not crossed? When is the data pertinent or non pertinent?
Orwellian State is now here
Now that your nightmares, and that of George Orwell’s have been well and truly realised I am only left with a personal request to make. Please Please Please, make this action taken by the government so difficult to enact and police and convict upon that they may simply give up. Get yourself a VPN service, get your friends a VPN service, Christmas is coming and I spoke to your aunty and she said she wants a VPN subscription for Christmas!!
Take back the net
Take back your personal freedom
Take back your privacy
Subscribe to one of these great VPN providers. Both have outstanding products ( I have personally subscribed to both at various points in time recently). Crucially, none of them are based in the UK, and NONE o them keep logs. Not only are you hiding your IP from the ISP, but even if you were tracked down your data would be presented as a blank piece of paper!! Its times like this we could really use a friend like Edward Snowden!
(*includes an internet kill switch)
Get more cool stuff like this
in your inbox
Subscribe to our mailing list and get more stuff and updates to your inbox.