If I am doing something dodgy and it's flagged somehow, I assume it's the police who will get a Court Order?

From what court?

And under what powers would such an order be granted?

For clarity, I haven'd done anything dodgy, I have been trying to explain to a UK-based forum owner that he isn't as bomb-proof as he thinks he is regarding postings on his forum (his attitude is "yeah right, what can they do to me?).

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Saturday, 11 November 2023 at 16:42:47 UTC, Tony The Welsh Twat wrote:

If I am doing something dodgy and it's flagged somehow, I assume it's the police who will get a Court Order?

From what court?

And under what powers would such an order be granted?

For clarity, I haven'd done anything dodgy, I have been trying to explain to a UK-based forum owner that he isn't as bomb-proof as he thinks he is regarding postings on his forum (his attitude is "yeah right, what can they do to me?).

Depends what you mean by "dodgy", if criminal then yes the police, but civil actions could also involve such a court order (e.g. the bunch a few years back who sent threatening letters to ISP customers who were torrenting copyrighted material).

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2023-11-11, Tony The Welsh Twat <tonythewelshtwat@gmail.com> wrote:

If I am doing something dodgy and it's flagged somehow, I assume it's
the police who will get a Court Order?

From what court?

And under what powers would such an order be granted?

For clarity, I haven'd done anything dodgy, I have been trying to
explain to a UK-based forum owner that he isn't as bomb-proof as he
thinks he is regarding postings on his forum (his attitude is "yeah
right, what can they do to me?).

If it's a civil matter then anyone can apply to a court for a thing
called a Norwich Pharmacal Order which requires the ISP to disclose
the customer identification associated with an IP address of theirs.

If it's a criminal matter then the Police have a standard form they
use which requests access to data under the exemptions in the GDPR,
such as "prevention or detection of crime".

So yeah, if anyone takes sufficient interest then the Internet is
not particularly anonymous.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

In message <slrnukvsuj.2cil.jon+usenet@raven.unequivocal.eu>, at
21:36:19 on Sat, 11 Nov 2023, Jon Ribbens <jon+usenet@unequivocal.eu>
remarked:

On 2023-11-11, Tony The Welsh Twat <tonythewelshtwat@gmail.com> wrote:

If I am doing something dodgy and it's flagged somehow, I assume it's
the police who will get a Court Order?

From what court?

And under what powers would such an order be granted?

For clarity, I haven'd done anything dodgy, I have been trying to
explain to a UK-based forum owner that he isn't as bomb-proof as he
thinks he is regarding postings on his forum (his attitude is "yeah
right, what can they do to me?).

If it's a civil matter then anyone can apply to a court for a thing
called a Norwich Pharmacal Order which requires the ISP to disclose
the customer identification associated with an IP address of theirs.

If it's a criminal matter then the Police have a standard form they
use which requests access to data under the exemptions in the GDPR,
such as "prevention or detection of crime".

That's 22years out of date I'm afraid (for telecomms).

And as it happens I was the guardian of that form for a couple of years
(my predecessor having negotiated it with whatever the ICO was called
that week) and encouraged both police and industry to keep themselves
refreshed on the circumstances it was appropriate to comply with, as
well as being able to distinguish real ones from fakes.

It was replaced by RIPA - which had a statutory rather than voluntary
basis, and much stronger rule-set.

So yeah, if anyone takes sufficient interest then the Internet is
not particularly anonymous.

--
Roland Perry

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Roland Perry <roland@perry.uk> wrote:

In message <slrnukvsuj.2cil.jon+usenet@raven.unequivocal.eu>, at
21:36:19 on Sat, 11 Nov 2023, Jon Ribbens <jon+usenet@unequivocal.eu> remarked:

On 2023-11-11, Tony The Welsh Twat <tonythewelshtwat@gmail.com> wrote:

If I am doing something dodgy and it's flagged somehow, I assume it's
the police who will get a Court Order?

From what court?

And under what powers would such an order be granted?

For clarity, I haven'd done anything dodgy, I have been trying to
explain to a UK-based forum owner that he isn't as bomb-proof as he
thinks he is regarding postings on his forum (his attitude is "yeah
right, what can they do to me?).

If it's a civil matter then anyone can apply to a court for a thing
called a Norwich Pharmacal Order which requires the ISP to disclose
the customer identification associated with an IP address of theirs.

If it's a criminal matter then the Police have a standard form they
use which requests access to data under the exemptions in the GDPR,
such as "prevention or detection of crime".

That's 22years out of date I'm afraid (for telecomms).

And as it happens I was the guardian of that form for a couple of years
(my predecessor having negotiated it with whatever the ICO was called
that week) and encouraged both police and industry to keep themselves refreshed on the circumstances it was appropriate to comply with, as
well as being able to distinguish real ones from fakes.

It was never *in* date. It had no statutory force at all, despite the widespread belief among petty officials that it had the immediate, unchanging and absolute authority of the laws of the Medes and Persians.

Its use continued until at least 2011, though. I remember a clerk at a local authority council tax department threatening me with a DPA form when I declined to give her the name and address of the buyer of a property I had just sold in that borough. "
Then you'll *have* to tell me", she crowed triumphantly. Ha ha.

It was replaced by RIPA - which had a statutory rather than voluntary
basis, and much stronger rule-set.

So yeah, if anyone takes sufficient interest then the Internet is
not particularly anonymous.

RIPA doesn't give the authorities blanket access to any data they want, of course (as I know you know, I'm just saying).

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

In message <uk4ahd$77j9$1@dont-email.me>, at 09:05:51 on Tue, 28 Nov
2023, Handsome Jack <Jack@handsome.com> remarked:

Roland Perry <roland@perry.uk> wrote:

In message <slrnukvsuj.2cil.jon+usenet@raven.unequivocal.eu>, at
21:36:19 on Sat, 11 Nov 2023, Jon Ribbens <jon+usenet@unequivocal.eu>
remarked:

On 2023-11-11, Tony The Welsh Twat <tonythewelshtwat@gmail.com> wrote:

If I am doing something dodgy and it's flagged somehow, I assume it's
the police who will get a Court Order?

From what court?

And under what powers would such an order be granted?

For clarity, I haven'd done anything dodgy, I have been trying to
explain to a UK-based forum owner that he isn't as bomb-proof as he
thinks he is regarding postings on his forum (his attitude is "yeah
right, what can they do to me?).

If it's a civil matter then anyone can apply to a court for a thing >>>called a Norwich Pharmacal Order which requires the ISP to disclose
the customer identification associated with an IP address of theirs.

If it's a criminal matter then the Police have a standard form they
use which requests access to data under the exemptions in the GDPR,
such as "prevention or detection of crime".

That's 22years out of date I'm afraid (for telecomms).

And as it happens I was the guardian of that form for a couple of years
(my predecessor having negotiated it with whatever the ICO was called
that week) and encouraged both police and industry to keep themselves
refreshed on the circumstances it was appropriate to comply with, as
well as being able to distinguish real ones from fakes.

It was never *in* date. It had no statutory force at all, despite the >widespread belief among petty officials that it had the immediate,
unchanging and absolute authority of the laws of the Medes and Persians.

It had the agreement of ICO, Home Office, DTI and ACPO, and
representatives of the telecoms Industry as sufficient to trigger the
relevant exemption in the DPA - *if* filled in correctly.

Its use continued until at least 2011, though. I remember a clerk at a
local authority council tax department threatening me with a DPA form
when I declined to give her the name and address of the buyer of a
property I had just sold in that borough. "Then you'll *have* to tell
me", she crowed triumphantly. Ha ha.

That's not anything at all to do with Telecoms, or RIPA, or indeed the
approved form I mentioned.

It was replaced by RIPA - which had a statutory rather than voluntary
basis, and much stronger rule-set.

So yeah, if anyone takes sufficient interest then the Internet is
not particularly anonymous.

RIPA doesn't give the authorities blanket access to any data they want,
of course (as I know you know, I'm just saying).

Of course, that's why it's called the **REGULATION** of Investigatory
Powers Act.

And of course it only applies to telecoms, not house sales.
--
Roland Perry

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Roland Perry <roland@perry.uk> wrote:

In message <uk4ahd$77j9$1@dont-email.me>, at 09:05:51 on Tue, 28 Nov
2023, Handsome Jack <Jack@handsome.com> remarked:

Roland Perry <roland@perry.uk> wrote:

In message <slrnukvsuj.2cil.jon+usenet@raven.unequivocal.eu>, at
21:36:19 on Sat, 11 Nov 2023, Jon Ribbens <jon+usenet@unequivocal.eu>
remarked:

On 2023-11-11, Tony The Welsh Twat <tonythewelshtwat@gmail.com> wrote: >>>>> If I am doing something dodgy and it's flagged somehow, I assume it's >>>>> the police who will get a Court Order?

From what court?

And under what powers would such an order be granted?

For clarity, I haven'd done anything dodgy, I have been trying to
explain to a UK-based forum owner that he isn't as bomb-proof as he
thinks he is regarding postings on his forum (his attitude is "yeah
right, what can they do to me?).

If it's a civil matter then anyone can apply to a court for a thing >>>>called a Norwich Pharmacal Order which requires the ISP to disclose
the customer identification associated with an IP address of theirs.

If it's a criminal matter then the Police have a standard form they
use which requests access to data under the exemptions in the GDPR, >>>>such as "prevention or detection of crime".

That's 22years out of date I'm afraid (for telecomms).

And as it happens I was the guardian of that form for a couple of years
(my predecessor having negotiated it with whatever the ICO was called
that week) and encouraged both police and industry to keep themselves
refreshed on the circumstances it was appropriate to comply with, as
well as being able to distinguish real ones from fakes.

It was never *in* date. It had no statutory force at all, despite the >>widespread belief among petty officials that it had the immediate, >>unchanging and absolute authority of the laws of the Medes and Persians.

It had the agreement of ICO, Home Office, DTI and ACPO, and
representatives of the telecoms Industry as sufficient to trigger the relevant exemption in the DPA - *if* filled in correctly.

Yes, but triggering an exemption in DPA is not the same as a statutory power to force someone to disclose confidential information.

Its use continued until at least 2011, though. I remember a clerk at a >>local authority council tax department threatening me with a DPA form
when I declined to give her the name and address of the buyer of a
property I had just sold in that borough. "Then you'll *have* to tell
me", she crowed triumphantly. Ha ha.

That's not anything at all to do with Telecoms, or RIPA, or indeed the approved form I mentioned.

I mentioned it to show that the same procedure was used by several different public sector bodies for many years. I never discovered whether the legendary Milk Marketing Board ever actually used it.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2023-11-29, Handsome Jack <Jack@handsome.com> wrote:

Roland Perry <roland@perry.uk> wrote:

In message <uk4ahd$77j9$1@dont-email.me>, at 09:05:51 on Tue, 28 Nov
2023, Handsome Jack <Jack@handsome.com> remarked:

Roland Perry <roland@perry.uk> wrote:

In message <slrnukvsuj.2cil.jon+usenet@raven.unequivocal.eu>, at
21:36:19 on Sat, 11 Nov 2023, Jon Ribbens <jon+usenet@unequivocal.eu>
remarked:

On 2023-11-11, Tony The Welsh Twat <tonythewelshtwat@gmail.com> wrote: >>>>>> If I am doing something dodgy and it's flagged somehow, I assume it's >>>>>> the police who will get a Court Order?

From what court?

And under what powers would such an order be granted?

For clarity, I haven'd done anything dodgy, I have been trying to
explain to a UK-based forum owner that he isn't as bomb-proof as he >>>>>> thinks he is regarding postings on his forum (his attitude is "yeah >>>>>> right, what can they do to me?).

If it's a civil matter then anyone can apply to a court for a thing >>>>>called a Norwich Pharmacal Order which requires the ISP to disclose >>>>>the customer identification associated with an IP address of theirs.

If it's a criminal matter then the Police have a standard form they >>>>>use which requests access to data under the exemptions in the GDPR, >>>>>such as "prevention or detection of crime".

That's 22years out of date I'm afraid (for telecomms).

And as it happens I was the guardian of that form for a couple of years >>>> (my predecessor having negotiated it with whatever the ICO was called
that week) and encouraged both police and industry to keep themselves
refreshed on the circumstances it was appropriate to comply with, as
well as being able to distinguish real ones from fakes.

It was never *in* date. It had no statutory force at all, despite the >>>widespread belief among petty officials that it had the immediate, >>>unchanging and absolute authority of the laws of the Medes and Persians.

It had the agreement of ICO, Home Office, DTI and ACPO, and
representatives of the telecoms Industry as sufficient to trigger the
relevant exemption in the DPA - *if* filled in correctly.

Yes, but triggering an exemption in DPA is not the same as a statutory
power to force someone to disclose confidential information.

True, but nobody said it was. And such forms are not "out of date",
even less "never in date" - they are still used today (for requests
for non-telecommunications data).

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Wed, 29 Nov 2023 09:00:59 -0000 (UTC), Jack@handsome.com (Handsome Jack) wrote:

Roland Perry <roland@perry.uk> wrote:

It had the agreement of ICO, Home Office, DTI and ACPO, and
representatives of the telecoms Industry as sufficient to trigger the
relevant exemption in the DPA - *if* filled in correctly.

Yes, but triggering an exemption in DPA is not the same as a statutory
power to force someone to disclose confidential information.

No, but that's not the point. The point is to remove "Data protection" as a reason for non-disclosure. It's primarily for the benefit of the recipient
of the notice, not the issuer - it ensures that they are not liable for any putative breach of the DPA if they comply with the request. And the reasons
for compliance can be many and varied, including a contractual obligation, adherence to an industry code of conduct or even just a willingness to
assist the authorities in investigating a wrongdoer.

Mark

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Mark Goodge <usenet@listmail.good-stuff.co.uk> wrote:

On Wed, 29 Nov 2023 09:00:59 -0000 (UTC), Jack@handsome.com (Handsome Jack) wrote:

Roland Perry <roland@perry.uk> wrote:

It had the agreement of ICO, Home Office, DTI and ACPO, and
representatives of the telecoms Industry as sufficient to trigger the
relevant exemption in the DPA - *if* filled in correctly.

Yes, but triggering an exemption in DPA is not the same as a statutory >>power to force someone to disclose confidential information.

No, but that's not the point. The point is to remove "Data protection" as a reason for non-disclosure.

You and I know that, but many recipients of these notices didn't.

It's primarily for the benefit of the recipient
of the notice, not the issuer

Is this a joke?

- it ensures that they are not liable for any

putative breach of the DPA if they comply with the request. And the reasons for compliance can be many and varied, including a contractual obligation, adherence to an industry code of conduct or even just a willingness to
assist the authorities in investigating a wrongdoer.

I'm sure we should all be very grateful to the authorities for giving us legal advice about our rights and responsibilities. We can all be quite certain they are doing it out of pure altruism.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Jon Ribbens <jon+usenet@unequivocal.eu> wrote:

On 2023-11-29, Handsome Jack <Jack@handsome.com> wrote:

Roland Perry <roland@perry.uk> wrote:

In message <uk4ahd$77j9$1@dont-email.me>, at 09:05:51 on Tue, 28 Nov
2023, Handsome Jack <Jack@handsome.com> remarked:

Roland Perry <roland@perry.uk> wrote:

In message <slrnukvsuj.2cil.jon+usenet@raven.unequivocal.eu>, at
21:36:19 on Sat, 11 Nov 2023, Jon Ribbens <jon+usenet@unequivocal.eu> >>>>> remarked:

On 2023-11-11, Tony The Welsh Twat <tonythewelshtwat@gmail.com> wrote: >>>>>>> If I am doing something dodgy and it's flagged somehow, I assume it's >>>>>>> the police who will get a Court Order?

From what court?

And under what powers would such an order be granted?

For clarity, I haven'd done anything dodgy, I have been trying to >>>>>>> explain to a UK-based forum owner that he isn't as bomb-proof as he >>>>>>> thinks he is regarding postings on his forum (his attitude is "yeah >>>>>>> right, what can they do to me?).

If it's a civil matter then anyone can apply to a court for a thing >>>>>>called a Norwich Pharmacal Order which requires the ISP to disclose >>>>>>the customer identification associated with an IP address of theirs. >>>>>>
If it's a criminal matter then the Police have a standard form they >>>>>>use which requests access to data under the exemptions in the GDPR, >>>>>>such as "prevention or detection of crime".

That's 22years out of date I'm afraid (for telecomms).

And as it happens I was the guardian of that form for a couple of years >>>>> (my predecessor having negotiated it with whatever the ICO was called >>>>> that week) and encouraged both police and industry to keep themselves >>>>> refreshed on the circumstances it was appropriate to comply with, as >>>>> well as being able to distinguish real ones from fakes.

It was never *in* date. It had no statutory force at all, despite the >>>>widespread belief among petty officials that it had the immediate, >>>>unchanging and absolute authority of the laws of the Medes and Persians. >>>

It had the agreement of ICO, Home Office, DTI and ACPO, and
representatives of the telecoms Industry as sufficient to trigger the
relevant exemption in the DPA - *if* filled in correctly.

Yes, but triggering an exemption in DPA is not the same as a statutory
power to force someone to disclose confidential information.

True, but nobody said it was.

Both yourself and Roland came close to suggesting that it did (for example, "If it's a criminal matter then the Police have a standard form they use which requests access to data under the exemptions in the GDPR, such as prevention or detection of crime."

And people like my council tax clerk quite definitely thought these forms expressed a statutory power to force disclosure. I just wanted to make sure no-one was misled.

And such forms are not "out of date",
even less "never in date" - they are still used today (for requests
for non-telecommunications data).

Like my example of the council tax clerk. Once again, it may be of use to some readers to know that these forms do not do what the officials think they do.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 29 Nov 2023 at 17:02:24 GMT, "Handsome Jack" <Handsome Jack> wrote:

Mark Goodge <usenet@listmail.good-stuff.co.uk> wrote:

On Wed, 29 Nov 2023 09:00:59 -0000 (UTC), Jack@handsome.com (Handsome Jack) >> wrote:

Roland Perry <roland@perry.uk> wrote:

It had the agreement of ICO, Home Office, DTI and ACPO, and
representatives of the telecoms Industry as sufficient to trigger the
relevant exemption in the DPA - *if* filled in correctly.

Yes, but triggering an exemption in DPA is not the same as a statutory
power to force someone to disclose confidential information.

No, but that's not the point. The point is to remove "Data protection" as a >> reason for non-disclosure.

You and I know that, but many recipients of these notices didn't.

It's primarily for the benefit of the recipient
of the notice, not the issuer

Is this a joke?

- it ensures that they are not liable for any

putative breach of the DPA if they comply with the request. And the reasons >> for compliance can be many and varied, including a contractual obligation, >> adherence to an industry code of conduct or even just a willingness to
assist the authorities in investigating a wrongdoer.

I'm sure we should all be very grateful to the authorities for giving us legal
advice about our rights and responsibilities. We can all be quite certain they
are doing it out of pure altruism.

The recipient Roland refers to is the data-holding company, not the data subject, it reassures the data-holder that the data subject has no case
against them under the DPA.


--
Roger Hayter

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Wed, 29 Nov 2023 17:02:24 -0000 (UTC), Jack@handsome.com (Handsome Jack) wrote:

Mark Goodge <usenet@listmail.good-stuff.co.uk> wrote:

On Wed, 29 Nov 2023 09:00:59 -0000 (UTC), Jack@handsome.com (Handsome Jack) >> wrote:

Roland Perry <roland@perry.uk> wrote:

It had the agreement of ICO, Home Office, DTI and ACPO, and
representatives of the telecoms Industry as sufficient to trigger the
relevant exemption in the DPA - *if* filled in correctly.

Yes, but triggering an exemption in DPA is not the same as a statutory >>>power to force someone to disclose confidential information.

No, but that's not the point. The point is to remove "Data protection" as a >> reason for non-disclosure.

You and I know that, but many recipients of these notices didn't.

Then maybe they need to address their own ignorance.

- it ensures that they are not liable for any

putative breach of the DPA if they comply with the request. And the reasons >> for compliance can be many and varied, including a contractual obligation, >> adherence to an industry code of conduct or even just a willingness to
assist the authorities in investigating a wrongdoer.

I'm sure we should all be very grateful to the authorities for giving us legal >advice about our rights and responsibilities. We can all be quite certain they >are doing it out of pure altruism.

Of course they're not doing it out of pure altruism. They're doing it so
that jobsworths can't stick their fingers in their ears and yell "GDPR" whenever a request for information comes through.

Mark

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2023-11-29, Mark Goodge <usenet@listmail.good-stuff.co.uk> wrote:

On Wed, 29 Nov 2023 17:02:24 -0000 (UTC), Jack@handsome.com (Handsome Jack) wrote:

Mark Goodge <usenet@listmail.good-stuff.co.uk> wrote:

On Wed, 29 Nov 2023 09:00:59 -0000 (UTC), Jack@handsome.com (Handsome Jack) >>> wrote:

Roland Perry <roland@perry.uk> wrote:

It had the agreement of ICO, Home Office, DTI and ACPO, and
representatives of the telecoms Industry as sufficient to trigger the >>>>> relevant exemption in the DPA - *if* filled in correctly.

Yes, but triggering an exemption in DPA is not the same as a statutory >>>>power to force someone to disclose confidential information.

No, but that's not the point. The point is to remove "Data
protection" as a reason for non-disclosure.

You and I know that, but many recipients of these notices didn't.

Then maybe they need to address their own ignorance.

That may be rather unfair, if the recipient is not someone whose job
means that they should expect to receive such notices as a matter of
course. Also it is both true and fair to say that these notices are
designed to intimidate the recipient into supplying the requested
intimidation, to make them feel that they are obliged to comply.
That is standard police operating procedure in general, of course.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2023-11-30, Jon Ribbens <jon+usenet@unequivocal.eu> wrote:

On 2023-11-29, Mark Goodge <usenet@listmail.good-stuff.co.uk> wrote:

On Wed, 29 Nov 2023 17:02:24 -0000 (UTC), Jack@handsome.com (Handsome Jack) >> wrote:

Mark Goodge <usenet@listmail.good-stuff.co.uk> wrote:

On Wed, 29 Nov 2023 09:00:59 -0000 (UTC), Jack@handsome.com (Handsome Jack)
wrote:

Roland Perry <roland@perry.uk> wrote:

It had the agreement of ICO, Home Office, DTI and ACPO, and
representatives of the telecoms Industry as sufficient to trigger the >>>>>> relevant exemption in the DPA - *if* filled in correctly.

Yes, but triggering an exemption in DPA is not the same as a statutory >>>>>power to force someone to disclose confidential information.

No, but that's not the point. The point is to remove "Data
protection" as a reason for non-disclosure.

You and I know that, but many recipients of these notices didn't.

Then maybe they need to address their own ignorance.

That may be rather unfair, if the recipient is not someone whose job
means that they should expect to receive such notices as a matter of
course. Also it is both true and fair to say that these notices are
designed to intimidate the recipient into supplying the requested intimidation, to make them feel that they are obliged to comply.

^ information

That is standard police operating procedure in general, of course.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

In message <slrnume83a.660.jon+usenet@raven.unequivocal.eu>, at 11:28:42
on Wed, 29 Nov 2023, Jon Ribbens <jon+usenet@unequivocal.eu> remarked:

On 2023-11-29, Handsome Jack <Jack@handsome.com> wrote:

Roland Perry <roland@perry.uk> wrote:

In message <uk4ahd$77j9$1@dont-email.me>, at 09:05:51 on Tue, 28 Nov
2023, Handsome Jack <Jack@handsome.com> remarked:

Roland Perry <roland@perry.uk> wrote:

In message <slrnukvsuj.2cil.jon+usenet@raven.unequivocal.eu>, at
21:36:19 on Sat, 11 Nov 2023, Jon Ribbens <jon+usenet@unequivocal.eu> >>>>> remarked:

On 2023-11-11, Tony The Welsh Twat <tonythewelshtwat@gmail.com> wrote: >>>>>>> If I am doing something dodgy and it's flagged somehow, I assume it's >>>>>>> the police who will get a Court Order?

From what court?

And under what powers would such an order be granted?

For clarity, I haven'd done anything dodgy, I have been trying to >>>>>>> explain to a UK-based forum owner that he isn't as bomb-proof as he >>>>>>> thinks he is regarding postings on his forum (his attitude is "yeah >>>>>>> right, what can they do to me?).

If it's a civil matter then anyone can apply to a court for a thing >>>>>>called a Norwich Pharmacal Order which requires the ISP to disclose >>>>>>the customer identification associated with an IP address of theirs. >>>>>>
If it's a criminal matter then the Police have a standard form they >>>>>>use which requests access to data under the exemptions in the GDPR, >>>>>>such as "prevention or detection of crime".

That's 22years out of date I'm afraid (for telecomms).

And as it happens I was the guardian of that form for a couple of years >>>>> (my predecessor having negotiated it with whatever the ICO was called >>>>> that week) and encouraged both police and industry to keep themselves >>>>> refreshed on the circumstances it was appropriate to comply with, as >>>>> well as being able to distinguish real ones from fakes.

It was never *in* date. It had no statutory force at all, despite the >>>>widespread belief among petty officials that it had the immediate, >>>>unchanging and absolute authority of the laws of the Medes and Persians. >>>

It had the agreement of ICO, Home Office, DTI and ACPO, and
representatives of the telecoms Industry as sufficient to trigger the
relevant exemption in the DPA - *if* filled in correctly.

Yes, but triggering an exemption in DPA is not the same as a statutory
power to force someone to disclose confidential information.

True, but nobody said it was. And such forms are not "out of date",
even less "never in date" - they are still used today (for requests
for non-telecommunications data).

Have you even read the title of the thread?
--
Roland Perry

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

In message <uk6uk9$oasp$1@dont-email.me>, at 09:00:59 on Wed, 29 Nov
2023, Handsome Jack <Jack@handsome.com> remarked:

Roland Perry <roland@perry.uk> wrote:

In message <uk4ahd$77j9$1@dont-email.me>, at 09:05:51 on Tue, 28 Nov
2023, Handsome Jack <Jack@handsome.com> remarked:

Roland Perry <roland@perry.uk> wrote:

In message <slrnukvsuj.2cil.jon+usenet@raven.unequivocal.eu>, at
21:36:19 on Sat, 11 Nov 2023, Jon Ribbens <jon+usenet@unequivocal.eu>
remarked:

On 2023-11-11, Tony The Welsh Twat <tonythewelshtwat@gmail.com> wrote: >>>>>> If I am doing something dodgy and it's flagged somehow, I assume it's >>>>>> the police who will get a Court Order?

From what court?

And under what powers would such an order be granted?

For clarity, I haven'd done anything dodgy, I have been trying to
explain to a UK-based forum owner that he isn't as bomb-proof as he >>>>>> thinks he is regarding postings on his forum (his attitude is "yeah >>>>>> right, what can they do to me?).

If it's a civil matter then anyone can apply to a court for a thing >>>>>called a Norwich Pharmacal Order which requires the ISP to disclose >>>>>the customer identification associated with an IP address of theirs.

If it's a criminal matter then the Police have a standard form they >>>>>use which requests access to data under the exemptions in the GDPR, >>>>>such as "prevention or detection of crime".

That's 22years out of date I'm afraid (for telecomms).

And as it happens I was the guardian of that form for a couple of years >>>> (my predecessor having negotiated it with whatever the ICO was called
that week) and encouraged both police and industry to keep themselves
refreshed on the circumstances it was appropriate to comply with, as
well as being able to distinguish real ones from fakes.

It was never *in* date. It had no statutory force at all, despite the >>>widespread belief among petty officials that it had the immediate, >>>unchanging and absolute authority of the laws of the Medes and Persians.

It had the agreement of ICO, Home Office, DTI and ACPO, and
representatives of the telecoms Industry as sufficient to trigger the
relevant exemption in the DPA - *if* filled in correctly.

Yes, but triggering an exemption in DPA is not the same as a statutory
power to force someone to disclose confidential information.

Agreed, but everyone involved in the process had come to the conclusion
that forcing the police to get a court order instead (which would have
hardly ever been declined) was a waste of not just the court's time, but
the police, telco etc.

Its use continued until at least 2011, though. I remember a clerk at a >>>local authority council tax department threatening me with a DPA form >>>when I declined to give her the name and address of the buyer of a >>>property I had just sold in that borough. "Then you'll *have* to tell >>>me", she crowed triumphantly. Ha ha.

That's not anything at all to do with Telecoms, or RIPA, or indeed the
approved form I mentioned.

I mentioned it to show that the same procedure was used by several
different public sector bodies for many years. I never discovered
whether the legendary Milk Marketing Board ever actually used it.

There was some controversy in the early days about which public
authorities could gain RIPA authentication, and the Milk Marketing
Board, like several others, probably argued that raiding the premises
of an alleged offender, when all they had was their phone number, was sufficient justification to be included. But in the end, almost all
such organisations were turned down.
--
Roland Perry

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

In message <nubfmit5r1rf8np0qcme0vo91ks0pefuqb@4ax.com>, at 21:43:24 on
Wed, 29 Nov 2023, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:

On Wed, 29 Nov 2023 17:02:24 -0000 (UTC), Jack@handsome.com (Handsome Jack) >wrote:

Mark Goodge <usenet@listmail.good-stuff.co.uk> wrote:

On Wed, 29 Nov 2023 09:00:59 -0000 (UTC), Jack@handsome.com (Handsome Jack) >>> wrote:

Roland Perry <roland@perry.uk> wrote:

It had the agreement of ICO, Home Office, DTI and ACPO, and
representatives of the telecoms Industry as sufficient to trigger the >>>>> relevant exemption in the DPA - *if* filled in correctly.

Yes, but triggering an exemption in DPA is not the same as a statutory >>>>power to force someone to disclose confidential information.

No, but that's not the point. The point is to remove "Data protection" as a >>> reason for non-disclosure.

You and I know that, but many recipients of these notices didn't.

Then maybe they need to address their own ignorance.

- it ensures that they are not liable for any

putative breach of the DPA if they comply with the request. And the reasons >>> for compliance can be many and varied, including a contractual obligation, >>> adherence to an industry code of conduct or even just a willingness to
assist the authorities in investigating a wrongdoer.

I'm sure we should all be very grateful to the authorities for giving
us legal advice about our rights and responsibilities. We can all be
quite certain they are doing it out of pure altruism.

Of course they're not doing it out of pure altruism. They're doing it so
that jobsworths can't stick their fingers in their ears and yell "GDPR" >whenever a request for information comes through.

Fast forward a decade or two, and local authorities (let alone their
citizens) are much more anxious about fly-tipping. And some even put up
CCTV at hotspots.

if the only identification of the miscreant is a mobile phone number
pained on the side of their van, it's a bit of a hurdle that they
nowadays have to go to a court to get an order to have the phone company
reveal any information they have about the subscriber's name/address.

Absolutely nobody involved in that process is interested in knowing
which porn sites that same subscriber was visiting.
--
Roland Perry

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

In message <slrnumhksq.660.jon+usenet@raven.unequivocal.eu>, at 18:25:30
on Thu, 30 Nov 2023, Jon Ribbens <jon+usenet@unequivocal.eu> remarked:

On 2023-11-29, Mark Goodge <usenet@listmail.good-stuff.co.uk> wrote:

On Wed, 29 Nov 2023 17:02:24 -0000 (UTC), Jack@handsome.com (Handsome Jack) >> wrote:

Mark Goodge <usenet@listmail.good-stuff.co.uk> wrote:

On Wed, 29 Nov 2023 09:00:59 -0000 (UTC), Jack@handsome.com (Handsome Jack)
wrote:

Roland Perry <roland@perry.uk> wrote:

It had the agreement of ICO, Home Office, DTI and ACPO, and
representatives of the telecoms Industry as sufficient to trigger the >>>>>> relevant exemption in the DPA - *if* filled in correctly.

Yes, but triggering an exemption in DPA is not the same as a statutory >>>>>power to force someone to disclose confidential information.

No, but that's not the point. The point is to remove "Data
protection" as a reason for non-disclosure.

You and I know that, but many recipients of these notices didn't.

Then maybe they need to address their own ignorance.

That may be rather unfair, if the recipient is not someone whose job
means that they should expect to receive such notices as a matter of
course.

"If", but in fact every organisation receiving them should have someone
whose job it is to expect to receive them (a "DPO" in jargon), and be
properly trained.

Also it is both true and fair to say that these notices are
designed to intimidate the recipient into supplying the requested >intimidation, to make them feel that they are obliged to comply.
That is standard police operating procedure in general, of course.

Complete nonsense. Not least because the police are by far not the only
law enforcement organisation issuing them.
--
Roland Perry

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 01/12/2023 08:50, Roland Perry wrote:

Fast forward a decade or two, and local authorities (let alone their citizens) are much more anxious about fly-tipping. And some even put up
CCTV at hotspots.

if the only identification of the miscreant is a mobile phone number
pained on the side of their van, it's a bit of a hurdle that they
nowadays have to go to a court to get an order to have the phone company reveal any information they have about the subscriber's name/address.

Absolutely nobody involved in that process is interested in knowing
which porn sites that same subscriber was visiting.

The van doesn't have a number plate? I understand there is a standard
mechanism for getting address data from that.

Andy

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

In message <ukislj$30u5h$7@dont-email.me>, at 21:41:07 on Sun, 3 Dec
2023, Vir Campestris <vir.campestris@invalid.invalid> remarked:

On 01/12/2023 08:50, Roland Perry wrote:

Fast forward a decade or two, and local authorities (let alone their >>citizens) are much more anxious about fly-tipping. And some even put
up CCTV at hotspots.

if the only identification of the miscreant is a mobile phone number >>pained on the side of their van, it's a bit of a hurdle that they
nowadays have to go to a court to get an order to have the phone
company reveal any information they have about the subscriber's >>name/address.

Absolutely nobody involved in that process is interested in knowing
which porn sites that same subscriber was visiting.

The van doesn't have a number plate? I understand there is a standard >mechanism for getting address data from that.

The temporary CCTV they install to spot fly-tippers apparently only gets
a signwritten phone number sufficiently often, it's their only traceable
lead.
--
Roland Perry

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Roland Perry <roland@perry.uk> wrote:

In message <ukislj$30u5h$7@dont-email.me>, at 21:41:07 on Sun, 3 Dec
2023, Vir Campestris <vir.campestris@invalid.invalid> remarked:

On 01/12/2023 08:50, Roland Perry wrote:

Fast forward a decade or two, and local authorities (let alone their >>>citizens) are much more anxious about fly-tipping. And some even put
up CCTV at hotspots.

if the only identification of the miscreant is a mobile phone number >>>pained on the side of their van, it's a bit of a hurdle that they >>>nowadays have to go to a court to get an order to have the phone
company reveal any information they have about the subscriber's >>>name/address.

Absolutely nobody involved in that process is interested in knowing >>>which porn sites that same subscriber was visiting.

The van doesn't have a number plate? I understand there is a standard >>mechanism for getting address data from that.

The temporary CCTV they install to spot fly-tippers apparently only gets
a signwritten phone number sufficiently often, it's their only traceable lead.

The council is incompetent at installing CCTV cameras, so we have to have a regime forcing phone companies to disclose their customers' personal details without a court order? Seem to me that Mark's dictum, about people educating themselves out of their
own ignorance, could apply instead.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Mon, 4 Dec 2023 14:05:36 +0000, Roland Perry <roland@perry.uk> wrote:

In message <ukislj$30u5h$7@dont-email.me>, at 21:41:07 on Sun, 3 Dec
2023, Vir Campestris <vir.campestris@invalid.invalid> remarked:

On 01/12/2023 08:50, Roland Perry wrote:

Fast forward a decade or two, and local authorities (let alone their >>>citizens) are much more anxious about fly-tipping. And some even put
up CCTV at hotspots.

if the only identification of the miscreant is a mobile phone number >>>pained on the side of their van, it's a bit of a hurdle that they >>>nowadays have to go to a court to get an order to have the phone
company reveal any information they have about the subscriber's >>>name/address.

Absolutely nobody involved in that process is interested in knowing >>>which porn sites that same subscriber was visiting.

The van doesn't have a number plate? I understand there is a standard >>mechanism for getting address data from that.

The temporary CCTV they install to spot fly-tippers apparently only gets
a signwritten phone number sufficiently often, it's their only traceable >lead.

If it's on the side of a van then the chances are it's advertised elsewhere
as well. Googling it, or searching local Facebook groups, has a strong
prospect of getting a result.

Failing that, they could always just ring it and pretend to be a prospective customer.

Mark

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

In message <69urmip8o4kifnbkodov76ghskt3ltvo5j@4ax.com>, at 16:08:43 on
Mon, 4 Dec 2023, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:

On Mon, 4 Dec 2023 14:05:36 +0000, Roland Perry <roland@perry.uk> wrote:

In message <ukislj$30u5h$7@dont-email.me>, at 21:41:07 on Sun, 3 Dec
2023, Vir Campestris <vir.campestris@invalid.invalid> remarked:

On 01/12/2023 08:50, Roland Perry wrote:

Fast forward a decade or two, and local authorities (let alone their >>>>citizens) are much more anxious about fly-tipping. And some even put
up CCTV at hotspots.

if the only identification of the miscreant is a mobile phone number >>>>pained on the side of their van, it's a bit of a hurdle that they >>>>nowadays have to go to a court to get an order to have the phone >>>>company reveal any information they have about the subscriber's >>>>name/address.

Absolutely nobody involved in that process is interested in knowing >>>>which porn sites that same subscriber was visiting.

The van doesn't have a number plate? I understand there is a standard >>>mechanism for getting address data from that.

The temporary CCTV they install to spot fly-tippers apparently only gets
a signwritten phone number sufficiently often, it's their only traceable >>lead.

If it's on the side of a van then the chances are it's advertised elsewhere >as well. Googling it, or searching local Facebook groups, has a strong >prospect of getting a result.

Failing that, they could always just ring it and pretend to be a prospective >customer.

Neither of those is likely to guarantee to reveal the home address of
the perp.
--
Roland Perry

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

In message <ukku8i$3fs1v$1@dont-email.me>, at 16:20:36 on Mon, 4 Dec
2023, Handsome Jack <Jack@handsome.com> remarked:

Roland Perry <roland@perry.uk> wrote:

In message <ukislj$30u5h$7@dont-email.me>, at 21:41:07 on Sun, 3 Dec
2023, Vir Campestris <vir.campestris@invalid.invalid> remarked:

On 01/12/2023 08:50, Roland Perry wrote:

Fast forward a decade or two, and local authorities (let alone their >>>>citizens) are much more anxious about fly-tipping. And some even put
up CCTV at hotspots.

if the only identification of the miscreant is a mobile phone number >>>>pained on the side of their van, it's a bit of a hurdle that they >>>>nowadays have to go to a court to get an order to have the phone >>>>company reveal any information they have about the subscriber's >>>>name/address.

Absolutely nobody involved in that process is interested in knowing >>>>which porn sites that same subscriber was visiting.

The van doesn't have a number plate? I understand there is a standard >>>mechanism for getting address data from that.

The temporary CCTV they install to spot fly-tippers apparently only gets
a signwritten phone number sufficiently often, it's their only traceable
lead.

The council is incompetent at installing CCTV cameras, so we have to
have a regime forcing phone companies to disclose their customers'
personal details without a court order?

If the CCTV was in your words "competently installed" it would give a registration number which DVLA will release at the drop of a hat.

So why shouldn't telcos do the same with a phone number? Because it's
part of a wider *REGULATION* of investigatory powers.
--
Roland Perry

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Fri, 8 Dec 2023 12:00:10 +0000, Roland Perry <roland@perry.uk> wrote:

In message <ukku8i$3fs1v$1@dont-email.me>, at 16:20:36 on Mon, 4 Dec
2023, Handsome Jack <Jack@handsome.com> remarked:

The council is incompetent at installing CCTV cameras, so we have to
have a regime forcing phone companies to disclose their customers'
personal details without a court order?

Catching fly-tippers often requires installing hidden CCTV cameras that are contrained in their positioning by the enviroment, and they can't always be
put somewhere that will get the registration plate.

If the CCTV was in your words "competently installed" it would give a >registration number which DVLA will release at the drop of a hat.

So why shouldn't telcos do the same with a phone number? Because it's
part of a wider *REGULATION* of investigatory powers.

And also because driving a vehicle on the public highway is a privilege, not
a right, and a quid pro quo of being allowed to do it is accepting that
vehicle registration data is fully accessible to anyone with a demonstrable reason to know it. But being able to communicate is a right, not a
privilege, and therefore access to communications data has a much higher threshold for acceptability.

Mark

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Fri, 08 Dec 2023 19:43:12 +0000, Mark Goodge wrote:

And also because driving a vehicle on the public highway is a privilege,
not a right, and a quid pro quo of being allowed to do it is accepting
that vehicle registration data is fully accessible to anyone with a demonstrable reason to know it.

Whilst I agree, be aware there are some in this group that *strongly*
disagree.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 9 Dec 2023 at 13:48:11 GMT, "Jethro_uk" <jethro_uk@hotmailbin.com> wrote:

On Fri, 08 Dec 2023 19:43:12 +0000, Mark Goodge wrote:

And also because driving a vehicle on the public highway is a privilege,
not a right, and a quid pro quo of being allowed to do it is accepting
that vehicle registration data is fully accessible to anyone with a
demonstrable reason to know it.

Whilst I agree, be aware there are some in this group that *strongly* disagree.

My disagreement is nuanced (I agree that within our grandchildren's lifetime only a few highly-trained people will be allowed the privilege to override automatic vehicle controls) but I think the DVLA database is too available, in that anyone by telling consequence-free minor lie can get the address of
anyone else driving a their own car.


--
Roger Hayter

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2023-12-08, Mark Goodge wrote:

On Fri, 8 Dec 2023 12:00:10 +0000, Roland Perry <roland@perry.uk> wrote:

In message <ukku8i$3fs1v$1@dont-email.me>, at 16:20:36 on Mon, 4 Dec
2023, Handsome Jack <Jack@handsome.com> remarked:

The council is incompetent at installing CCTV cameras, so we have to
have a regime forcing phone companies to disclose their customers' >>>personal details without a court order?

Catching fly-tippers often requires installing hidden CCTV cameras that are contrained in their positioning by the enviroment, and they can't always be put somewhere that will get the registration plate.

If the CCTV was in your words "competently installed" it would give a >>registration number which DVLA will release at the drop of a hat.

So why shouldn't telcos do the same with a phone number? Because it's
part of a wider *REGULATION* of investigatory powers.

And also because driving a vehicle on the public highway is a privilege, not a right, and a quid pro quo of being allowed to do it is accepting that vehicle registration data is fully accessible to anyone with a demonstrable reason to know it. But being able to communicate is a right, not a
privilege, and therefore access to communications data has a much higher threshold for acceptability.

As the cryptographer and mathematician Whitfield Diffie put it (in an
American context):

No right of private conversation was enumerated in the
Constitution. I don't suppose it occurred to anyone at the time
that it could be prevented.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sun, 10 Dec 2023 00:05:21 +0000, Adam Funk wrote:

On 2023-12-08, Mark Goodge wrote:

On Fri, 8 Dec 2023 12:00:10 +0000, Roland Perry <roland@perry.uk>
wrote:

In message <ukku8i$3fs1v$1@dont-email.me>, at 16:20:36 on Mon, 4 Dec >>>2023, Handsome Jack <Jack@handsome.com> remarked:

The council is incompetent at installing CCTV cameras, so we have to >>>>have a regime forcing phone companies to disclose their customers' >>>>personal details without a court order?

Catching fly-tippers often requires installing hidden CCTV cameras that
are contrained in their positioning by the enviroment, and they can't
always be put somewhere that will get the registration plate.

If the CCTV was in your words "competently installed" it would give a >>>registration number which DVLA will release at the drop of a hat.

So why shouldn't telcos do the same with a phone number? Because it's >>>part of a wider *REGULATION* of investigatory powers.

And also because driving a vehicle on the public highway is a
privilege, not a right, and a quid pro quo of being allowed to do it is
accepting that vehicle registration data is fully accessible to anyone
with a demonstrable reason to know it. But being able to communicate is
a right, not a privilege, and therefore access to communications data
has a much higher threshold for acceptability.

As the cryptographer and mathematician Whitfield Diffie put it (in an American context):

No right of private conversation was enumerated in the Constitution.
I don't suppose it occurred to anyone at the time that it could be
prevented.

That is however balanced by the fact that you cannot be compelled to be a witness against yourself. Which has a bearing if you are "required" to
decrypt a private correspondence. Although were are drifting off charter
here, as UK law certainly doesn't recognise that.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2023-12-10, Jethro_uk wrote:

On Sun, 10 Dec 2023 00:05:21 +0000, Adam Funk wrote:

On 2023-12-08, Mark Goodge wrote:

On Fri, 8 Dec 2023 12:00:10 +0000, Roland Perry <roland@perry.uk>
wrote:

In message <ukku8i$3fs1v$1@dont-email.me>, at 16:20:36 on Mon, 4 Dec >>>>2023, Handsome Jack <Jack@handsome.com> remarked:

The council is incompetent at installing CCTV cameras, so we have to >>>>>have a regime forcing phone companies to disclose their customers' >>>>>personal details without a court order?

Catching fly-tippers often requires installing hidden CCTV cameras that
are contrained in their positioning by the enviroment, and they can't
always be put somewhere that will get the registration plate.

If the CCTV was in your words "competently installed" it would give a >>>>registration number which DVLA will release at the drop of a hat.

So why shouldn't telcos do the same with a phone number? Because it's >>>>part of a wider *REGULATION* of investigatory powers.

And also because driving a vehicle on the public highway is a
privilege, not a right, and a quid pro quo of being allowed to do it is
accepting that vehicle registration data is fully accessible to anyone
with a demonstrable reason to know it. But being able to communicate is
a right, not a privilege, and therefore access to communications data
has a much higher threshold for acceptability.

As the cryptographer and mathematician Whitfield Diffie put it (in an
American context):

No right of private conversation was enumerated in the Constitution.
I don't suppose it occurred to anyone at the time that it could be
prevented.

That is however balanced by the fact that you cannot be compelled to be a witness against yourself. Which has a bearing if you are "required" to decrypt a private correspondence. Although were are drifting off charter here, as UK law certainly doesn't recognise that.

Gee, it's almost as if politicians can't be trusted to respect human
rights and we ought to be grateful for judicial bodies to take care of
the matter.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

In message <c5s6nihnn7a6aultiobptjiug4ekeimpa4@4ax.com>, at 19:43:12 on
Fri, 8 Dec 2023, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:

The council is incompetent at installing CCTV cameras, so we have to
have a regime forcing phone companies to disclose their customers' >>>personal details without a court order?

Catching fly-tippers often requires installing hidden CCTV cameras that are >contrained in their positioning by the enviroment, and they can't always be >put somewhere that will get the registration plate.

If it catches the phone number painted voluntarily on the van, that's sufficient.

If the CCTV was in your words "competently installed" it would give a >>registration number which DVLA will release at the drop of a hat.

So why shouldn't telcos do the same with a phone number? Because it's
part of a wider *REGULATION* of investigatory powers.

And also because driving a vehicle on the public highway is a privilege, not >a right, and a quid pro quo of being allowed to do it is accepting that >vehicle registration data is fully accessible to anyone with a demonstrable >reason to know it. But being able to communicate is a right, not a
privilege, and therefore access to communications data has a much higher >threshold for acceptability.

There's a very long standing and over-arching legal principle that
there's no confidentiality in iniquity.
--
Roland Perry

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Thu, 21 Dec 2023 12:52:13 +0000, Roland Perry <roland@perry.uk> wrote:

In message <c5s6nihnn7a6aultiobptjiug4ekeimpa4@4ax.com>, at 19:43:12 on
Fri, 8 Dec 2023, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:

And also because driving a vehicle on the public highway is a privilege, not >>a right, and a quid pro quo of being allowed to do it is accepting that >>vehicle registration data is fully accessible to anyone with a demonstrable >>reason to know it. But being able to communicate is a right, not a >>privilege, and therefore access to communications data has a much higher >>threshold for acceptability.

There's a very long standing and over-arching legal principle that
there's no confidentiality in iniquity.

Yes, and that's precisely why the courts have the power to order
confidential data to be handed over. But the fact that it is, by default (in the absence of iniquity) confidential is precisely the reason why it needs a court order, rather than mere request.

Mark

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

In message <e8i8oid3k9o73bdiuisa07atthhblhrteg@4ax.com>, at 14:19:41 on
Thu, 21 Dec 2023, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:

On Thu, 21 Dec 2023 12:52:13 +0000, Roland Perry <roland@perry.uk> wrote:

In message <c5s6nihnn7a6aultiobptjiug4ekeimpa4@4ax.com>, at 19:43:12 on >>Fri, 8 Dec 2023, Mark Goodge <usenet@listmail.good-stuff.co.uk>
remarked:

And also because driving a vehicle on the public highway is a privilege, not >>>a right, and a quid pro quo of being allowed to do it is accepting that >>>vehicle registration data is fully accessible to anyone with a demonstrable >>>reason to know it. But being able to communicate is a right, not a >>>privilege, and therefore access to communications data has a much higher >>>threshold for acceptability.

There's a very long standing and over-arching legal principle that
there's no confidentiality in iniquity.

Yes, and that's precisely why the courts have the power to order
confidential data to be handed over. But the fact that it is, by
default (in the absence of iniquity) confidential is precisely the
reason why it needs a court order, rather than mere request.

Except since RIPA 2000, comms data hasn't needed a court order, as long
as the parties involved follow the relevant codes of practice. Which
have centralised oversight.

--
Roland Perry

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)