RE: RE: Interception of Communication
by Michael D'Alosa - written 14/09/2010 08:21:31
Many thanks for the reply - your time is much appreciated.
Ibrahim wrote (13/09/2010 14:36:53):
I think this is more DP issue rather than RIPA. You are not actually intercepting communications in the course of transmission. I do not think that you cannot collect the information but you are restricted as to what you can do with it (first data protection principle)
I have canvassed opinion on the Jiscmail bulletin board:
I have receive the following replies so far:
I agree that it is difficult to see how RIPA applies here but I can see
potential DP and ECHR issues depending on what is done with the data.
Worst case scenario? The MAC of my router is captured and stored on a
database with my GSP location. I get moved under a witness protection
program and take my router with me. Three weeks later my new location
is scanned ...
As you are probably aware this is not too dissimilar to an issue reported at http://www.pcworld.com/businesscenter/article/198667/google_wifi_data_capture_unethical_but_not_illegal.html and
http://www.bbc.co.uk/news/technology-10850875 amongst many others.
The suggestion is that this is an information security issue. If you do not protect wireless transmission, you carry the risk.
I have no opinion either way but my wireless router is secured to only accept pre-defined mac addresses and is further secured using other methods.
Michael D'Alosa wrote (05/09/2010 19:55:33):
Firstly, just to thank you for such an informative site. It's a fantastic site and more impressively is the fact that you are willing to impart your knowledge onto people through this Q&A facility and so thank you in advance.
I have a query regarding RIPA if that's ok? You may be aware of the recent "GoogleGate" scandal in which Google recently used their StreetView cars to capture data from internet routers around Europe. The issue was that Google not only captured unique data about the devices and routers but also data being transmitted such as emails and chatlogs etc...
I am wondering, what are the legalities do you think with regards to solely capturing the MAC address of a router or wireless device? A MAC address is simply a unique number that relates to the device and this unique number is publicly broadcasted. If you are not au fait with MAC addresses, it may help to think of it similar to switching your Bluetooth on on your mobile telephone and viewing the details of other Bluetooth devices in the area and capturing the details about that Bluetooth device as well as the GPS coordinates where that device was found.
What are your thoughts on an individual driving around and capturing the MAC addresses of devices and routers that are wifi-enabled as well as the respective GPS coordinates in England & Wales? Likewise, what are your thoughts on a public authority (governed by RIPA) doing this? Similarly, would ECHR (Right to Privacy) have any burden on this activity? I have read through Part I of RIPA and I'm undecided if this is applicable or not.
RETURN TO INFORMATIONLAW.ORG.UK