I’ve been reading a lot of posts regarding how ISPs will be logging every web site we visit and all of our e-mail based on an eu directive that came in to force today. I’ve also read the UK legislation and the EU directive and as far as I can make out it’s all bollox! No really it is.
The only source for the belief that ISPs will be logging web pages I can find is an article in the telegraph it isn’t in either bit of legislation. Well not unless it’s been very sneakily snuck in, in something that’s not yet online and that no one has referenced. In fact nothing that isn’t already logged will be logged, what has changed it how long the logs are kept for.
Your ISP already logs when you connect to them and what IP address they give you, if you use their mail servers they log who you send mail to and from. This is routine and is currently thrown away after a month normally never looked at unless there’s a problem. I used to look at it a lot when I worked on the abuse desk of a large well known UK ISP, and the bit they’re logging half of it’s easily forged in an way undetectable from those logs. I am quite prepared to accept this is the thin end of the wedge, but at the moment the blogosphere (gods I hate that phrase) is raging against phantoms of it’s own imagining.
There is a circumstance where ISPs might log the web sites you go to, if they force you through a proxy server, or if you choose to use a proxy server. This is however very easy to detect.
1) Go to http://find-my-ip-address.net/ make a note of what it says your IP address is.
2) Check what your IP address is on your computer if they don’t match you’re going through a proxy server. Or you have an ADSL router which is giving you a private ip address.
(Private IP addresses start 192.168., 172.16 or 10. )
If you’re running windows you can find out your IP address by opening a cmd prompt and typing ipconfig
look for the lines saying
IP Address. . .
.
So your web browsing habits are safe, and you can make your email safe by using an email provider in a more friendly location. Or run your own get together with some mates, bribe a geek with beer and pay 10 quid a month for a virtual server you have complete control over.
There is a lot you can do easily to reduce what they can see, but at present your web access isn’t an issue. I’d be more worried about the retention of cell phone data including call location especially in light of events at the G20 summit (“We know you called X who was outside the bank of England whilst you were at the climate camp at 11:30, now why was that?”).
For the thicker end of the wedge take a look at:
Obama’s Surveillance State Targets PCs, Laptops and Media Devices and Should Obama Control the Internet?
For the record apart from working for a few years at an ISP, I’ve also worked with most of the large UK celco’s and currently run mail for over 60 domains on my own servers, amongst a few other things.
Update Sorry the independent is also reporting that Personal web data to be stored for a year, but again only in headline and paragraph one not in the details.