Governments should be legislating in this area. They should be making it illegal for ISPs to inspect/store this information. Not compulsory. Preaching to the choir I guess.
> a server I set up in France
Did you look into the surveillance situation in France? I understand it's also fairly bad.
I'm not suggesting a nihilistic approach where there is no jurisdiction that's any better than any other, just wondering about the choice of France. (I also like to question people's intuitions about what makes for a good privacy-respecting jurisdiction: Switzerland because of banking secrecy of decades past but not taking account of https://www.theguardian.com/world/2016/sep/25/switzerland-vo...? Iceland because of the Althing's consideration of the IMMI law package several years ago, which has not yet passed?)
Does any part of the new U.K. law permit or require metadata monitoring that might reveal more about what people are doing with their VPNs because of the quantity or timing of their traffic?
My main goal was to get my traffic out of the country which has direct control over me. The French government has no control over me. The British government very much does.
I am reminded of a quote from the BBC Wold debate. An audience member described typical ISP security in Australia as "Two men and a dog".
Apparently this bill respects human rights, but I disagree. Slurping up all the plaintext you can is outright opportunism and sly.
> The Investigatory Powers Act dramatically increases transparency around the use of investigatory powers. It protects both privacy and security and underwent unprecedented scrutiny before becoming law.
- Spoofing my geo-location
- Securing my phone's traffic when surfing on a 'free' or tariff-ed wireless hotspot
Sure, the provider might not keep logs, but it's certainly not for casual surfing, or heavy surfing. Stick to old reliables like TLS, TOR, and ADBlockers for vanilla /ISP connections
You might want to read these concerning VPNs and privacy:
- http://blog.hidemyass.com/2011/09/23/lulzsec-fiasco/
- https://torrentfreak.com/police-seize-two-perfect-privacy-vp...
It's a breeze to set up [0] and I can know for sure that logging is disabled. Of course, I have to trust the VPS provider not to snoop, but I'm not doing anything that would warrant attention from authorities, I just don't trust this government to have the infosec chops to protect my data.
Honestly, the most annoying part is that I see more CAPTCHAs. This is because it mixes everyone's traffic together, and some of those users are bound to be bad actors.
I'll be particularly interested in what happens to websites that publish circumvention techniques - will they be blocked? Will specific services (e.g. tor) be targeted, and to what extent? Will foreign VPN providers be blocked?
> “The Investigatory Powers Act 2016 will ensure that law enforcement and the security and intelligence agencies have the powers they need in a digital age to disrupt terrorist attacks, subject to strict safeguards and world-leading oversight,” a statement from the Home Office reads.
And as expected some wheeling and dealing once they have the data:
> Many law enforcement agencies will be able to access this data, but so will lots of other, less obvious public bodies, including the Food Standards Agency, ...
First they steal private data of more than 60 million of innocent people. Then they share it with "less obvious public bodies", where we have to trust it is in save hands.. It is just a matter of time before this data is out in the open. How could we ever feel more safe when they do this? They better call it "The Criminal Act 2016". Is this what people vote for in a Democracy?
Doesn't that make it sound like they were monitoring people's web history already?
With 48 odd bodies able to access people's web history, it surely won't be long before this access is abused.
