Increasing legal demands for ISPs to monitor what their customers are up to on the internet seem to be a waste of time, as some UK ISPs are planning to keep within the letter of the rules but in such a way as there'll be nothing much to record. Adrian Kennard of AAISP explained to ISPReview why use of Virtual Private Networks and Network Address Translation makes the demands of the law meaningless:
"There are, of course, a whole string of loop holes.Trefor Davies of Timico isn't convinced that VPN will work:
I doubt you need to go to VPN as such. In fact, something ISPs will be doing anyway, carrier grade NAT, will create a similar anonymity as there is no requirement to log NAT sessions.
The data retention stuff is badly drafted and only means keeping what you already process for a year, not logging and new stuff. Even then it is a very narrow set of things to log, and some are badly worded at best. It is much more relevant for telephone call logging.
The DEA is the bigger issue. So far OFCOM say it will relate to the few big ISPs, but that threshold could so easily change, hence interest from ISPs of all sizes."
"It would be a pretty costly project for all ISPs to implement such a system. It would also bring with it risks – suddenly it becomes a lot easier for governments to start monitoring all your traffic because it all goes through a single point (or at least a few points) on the network. In the UK the Data Protection Act if applied to an ISP would also prevent them from offering such an anonymizing service because legally they would be obliged to provide the logs."There's an obvious irony in the law designed to protect our data privacy could end up undermining our privacy, but the good news is that some ISPs, at least, are working with their customers instead of against them. As Egypt is demonstrating again this weekend, an internet which exists only to do what the government lets it is an internet that works against democracy.