Members of LINX, the London Internet Exchange – the UK's largest net peering point – have rejected proposals that would reshape the company’s constitution and could block members from being consulted about government tapping instructions.
The vote, on Tuesday, followed a Reg report revealing that members had been given less than two weeks notice of a proposed change which would allow LINX’s chairman to “override” directors’ wishes and prevent members learning about controversial actions, including, according to LINX, “secret orders from the government”
Directors of the company had urged the 740 members of LINX, mostly Internet providers from overseas, to vote for the plans without any debate or considering alternatives, during a 10-minute “Extraordinary General Meeting” (EGM) held on Tuesday.
The majority of LINX members did not cast votes, The Reg has learned. Of those that did vote, 37 per cent rejected the plan and 63 per cent supported it. To comply with British Companies Acts law, 75 per cent of voting members must agree with any “special resolution” making major changes. The votes in favour therefore fell significantly short of the level legally required.
In comments on our original report, published at the weekend, LINX public affair director Malcolm Hutty said, “LINX is a committed membership organisation, and our members will be the ones that decide whether to change our Articles."
At the time of publication, LINX’s PR team had not responded to further questions from us about their future plans, or whether they would commit to consulting members about secrecy orders.
Adrian Kennard, who runs the small ISP Andrews & Arnold, said in a blog post our initial report “highlighted …that we need some frank and open debate within LINX on the whole issue of the IP [Investigatory Powers] Act and the possibility of secret orders to snoop on LINX traffic.”
“I am concerned that the changes [which had been proposed] could inadvertently allow such orders”, he added. “We need to be sure of some transparency, at least, before approving them … We need to debate and agree in advance the way this needs to be handled with members.”
“Do any of us (LINX members) want to be part of an organisation that would secretly snoop on its members? I would not,” Kennard added.
Asked if any secret tapping notices had been served on LINX, the Home Office told us that: “The provisions of the Investigatory Powers Act are yet to come into force, but for security reasons we would not be commenting on the issuing of any future notices.”
“There are regular discussions between government and telecommunications operators regarding their obligations and we will continue to work with them on these notices as we go forward”.
In fact, the existing relations between the GCHQ spy agency and British communications companies such as British Telecom and Vodafone are highly integrated, extremely secret and decades old. Parts of these companies were originally owned by the government, and were directly employed to maintain and run GCHQ surveillance centres.
According to documents released by former United States NSA official Edward Snowden, staff are even cross deployed between the companies and the spy agency, and are “embedded” so as to increase and improve bulk surveillance methods.
Existing, typical relationships to carry out bulk surveillance and tapping arrangements inside British companies have been revealed to involve creating security cleared and vetted “sensitive relationship teams” (SRTs) both inside GCHQ and the companies concerned.
Top British telecommunications companies already joined to GCHQ at the hip, according to Snowden documents include BT (covername "REMEDY"), Vodafone (covername "GERONTIC") and O2 (covername "ZAMENSIS"). All three companies, as well as other smaller players, have been required under previous laws to feed interception links directly to the national phone and internet tapping system, PRESTON, The Reg has revealed previously.
The Snowden documents do not suggest that LINX – unlike a dozen similar Internet Exchanges in the US – had been recruited to join this network by 2013.
One LINX member told us: “The good news is LINX have been taking legal advice to understand how they would handle such orders, and if they can provide warrant canaries [warning methods].”
William Waites of the Edinburgh-based HUBS Internet Exchange and a LINX member, published guidance last week asking other members to pause and think before nodding through the “gag order” plan. The vote this week, he told The Reg, would help give LINX’s wide membership “time to think.” ®
Sponsored: Webcast: Simplify data protection on AWS