Data-interception technology sparks privacy vs safety arguments
Experts have raised concerns over whether using Sniffer software to resolve suspicious internet activity violates the Computer-related Crime Act B.E. 2550.
Sniffer is a combination of hardware and software to intercept data or detect data traffic in networks. Different Sniffers may have various configurations depending on their designation and final usage.
It is suggested that the technology should only be used for data interception where there is a strong legal case for suspicion, rather than detecting all traffic, which would violate data privacy.
The ICT Ministry considers Sniffer to be one method in the cabinet's resolution to reduce the piracy of intellectual property in Thailand. Currently, the working group is comprised of the ICT Ministry, National Telecommunication Commission of Thailand, Department of Intellectual Property, Department of Special Investigation, Royal Thai Police and Thai e-Commerce Association.
However, there are objections to Sniffer in the cyber community to due to concerns it will violate their privacy, including an official "Thailand No Sniffer" Facebook group.
Ajin Jirachiefpattana, Executive Director, ICT Industry Promotion Bureau, said there is a plan to ask internet service providers to implement Sniffer to intercept all data traffic for analysing the transfer of potentially suspicious data.
Using Sniffer to intercept data in the public internet is similar to CCTV in public areas in that it aids the police in their attempts to create and maintain safer environments. Sniffer offers a proactive way to identify and monitor suspicious websites showing unusual traffic patterns.
Under the current system, the authority has to ask for court approval to take down suspicious sites, which it more of a reactive approach.
However, using this technology requires co-operation from ISPs to set up Sniffer at their gateway, and the ICT Ministry has to ask the NTC for help in issue policy mandates to compel ISPs under their license to act on this.
"The ICT Ministry has a 120-million-baht budget for technology investment to correctly and analyse internet data which may harm national security, but this money cannot be put to use if we cannot use Sniffer," said Ajin.
Morakot Kulathamyotin, chair of the Thai Internet Association, said the association still has not been formally acknowledged by the ICT Minister, although as a commercial company they do everything to comply with the law.
In terms of technical perspective, there is a big barrier to establishing sufficient machine capacity to monitor and store all data traffic without slowing down network speed.
"You could think of using Sniffer as similar to setting up police checkpoints on the roads, which makes traffic slow down," said Morakot.
She continued that normal procedure is for police to apply for search warrants once they suspect a website of publishing illegal content, although logistically it is impossible to search every suspect's address. They must also obtain court orders before they can block websites. ISPs do already co-operate in these efforts under the Computer-related Crime Act and Securities and Exchange Act.
Sujate Jantarang, President, Mahanakorn University of Technology, who is a law and technology expert who previously worked in revising the Computer-related Crime Act law, said if the ICT Ministry used Sniffer or other data-interception technology, the government would be in violation of the Computer Related Crime Act B.E. 2550, section 8.
This is because if data which is not for public use is intercepted and sent into the computer system, the government action will be deemed to have acted illegally.
"There needs to be a balance of freedom and duty. If we are comparing Sniffer with CCTV, then consider that CCTV should only be used in front of the house and is now allowed to zoom inside the house, as that would violate privacy," said Sujate.
"Any misuse of private data, especially banking information, could damage Thailand reputation and economy.
"Today's process is already quick to enforce, because the court can issue warrants in 24 hours," he emphasised.
A security expert source said other countries the United States also uses the lawful interception model in its Communications Assistance for Law Enforcement Act (CALEA) , and makes clear that telecommunications carriers have a duty to co-operate in the interception of communications for law enforcement purposes.
CALEA's purpose is to enhance the ability of law enforcement and intelligence agencies to conduct electronic surveillance by requiring that telecommunications carriers and manufacturers of telecommunications equipment modify and design their equipment, facilities, and services to ensure that they have built-in surveillance capabilities.
However, use of technology which can see details of all data inside the network should only be done on a case-by-case basis because misuse of this technology will violate data privacy. This is especially a concern for personal financial transactions.
For example, in the physical world, if police suspect a criminal is residing in a condominium, the police need a search warrant to target that specific resident because cannot search everybody in the building. Similarly, in the cyber world, police can ask to intercept only the data required to collect evidence against a particular suspect.
"In the wrong hands, this technology could be dangerous, as businesses and political parties could use it to monitor their rivals," the source said.
Meanwhile Prasit Prapinmongkolkarn, Commissioner, National Telecommunications Commission, said the proposal to compel ISPs to implement Sniffer is outside of the NTC's authority.
"This does not involve the NTC because if we do something that is later overruled, there is the possibility that the NTC could be sued for using improper power," he concluded.