The Tor Project's position on the draft Communications Data Bill

by sjmurdoch | November 29, 2012

The UK government has proposed a new bill which would allow UK law enforcement agencies to require that "telecommunication operators" (e.g. ISPs and website operators) intercept and record their users' traffic data (i.e. details of who is communicating with whom, when, from where, and how much, but not the content of communications). The draft of this bill, the Communications Data Bill (dubbed the "Snoopers' Charter" by some), has been published and has met widespread criticism for the unprecedented intrusion of privacy it would permit.

The impact on Tor is less than some have feared, because it is likely that The Tor Project is not a telecommunication operator for the purposes of the bill (because the nodes which carry data are not run by The Tor Project) and Tor's distributed architecture reduces the harm which may be caused by the compromise of traffic data. However, the proposed bill is still bad for privacy, especially for users of systems which don't offer the same protections as Tor, so I submitted written evidence to the parliamentary committee investigating the bill, on behalf of the Tor Project.

Our submission gave an introduction to Tor, how it works, and how it is used, and in particular how important Tor was for maintaining the safety of human rights activists working in repressive regimes. The submission also discusses the risks of the proposed bill, especially the harm which would come if traffic data collected were compromised (as happened to Google) or interception equipment installed for complying with the bill were enabled without authorization (as happend to Vodafone in Greece).

Our submission has been published with the others, and I was also invited to give evidence to the committee in person. The transcript of this session has been published with some minor redactions requested by other companies presenting evidence, but none of my answers have been redacted. Further information about the activities of this committee, including transcripts of other sessions, can be found on committee's page.

Based on the discussions which have taken place, it appears that the committee has serious reservations about the bill but we will not know for sure until the committee publishes their report, expected within a few weeks. Efforts to campaign against the bill continue, particularly by the Open Rights Group.

Comments

Please note that the comment area below has been archived.

December 02, 2012

Permalink

I love your generous assistance. Will donate regularly to your org.
Love Torproject.

December 03, 2012

Permalink

hi.i use tor for write my comment on a government news website in iran! but when they publish the comment i found my location is detected and is iran! how it is possible?!

Two possible explanations:

1. You didn't use tor properly. Use tor browser bundle for browsing internet and keep it updated.
2. Someone from Iran shared exit node - nothing to worry about.

You should check if you're using tor here: https://check.torproject.org/

December 04, 2012

Permalink

I am wondering how this bill would affect me as someone who is running several high capacity Tor exit nodes in the UK.