This is a transcript of a talk I gave at FOSDEM 2019 in the Monitoring and Observability devroom about the work of Tor Metrics. Direct links: Slides Video recording (WebM/VP9) Video recording (mp4) Producing this transcript was more work than I had anticipated it would be, and I’ve done this in my free time, so if you find it useful then please do let me know otherwise I probably won’t be doing this again.
On Thursday 17th January, we held the first Cryptonoise event of 2019. We had a good turn out and kicked off the discussion with a quick browse through Wikipedia’s list of data breaches. Our first topic of discussion was relating to how we all used passwords and how password reuse can very quickly become problematic if it happens that your password is leaked. Over time, the probability that any entity holding a large store of sensitive private data will remain both competent enough to protect it adequately and honest enough to want to goes to zero.
The Communication Data Bill was draft legislation introduced first in May 2012. It sought to compel ISPs to store details of communications usage so that it can later be used for law enforcement purposes. In 2013 the passage of this bill into law had been blocked and the bill was dead. In 2014 we saw the Data Retention and Investigatory Powers Act 2014 appear. This seemed to be in response to the Data Retention Directive being successfully challenged at the European Court of Justice by Digital Rights Ireland on human rights grounds, with a judgment given in 2014.