The thing about the government requiring ISPs to record your stuff, metadata or perhaps more. I seem to remember that Andrews and Arnold said they don’t record my traffic, and so they don’t have the data to hand over to the government. Is that right? I’m thinking that that nonsense doesn’t apply to small ISPs.
it's not "rubbish" its all acquirable data if you seek it, and it is ALL ISPs (small or big), after Snowden's 2015 leaks
(in which he also reported the UK where the worst of them all - referring to the world's inter-connected SIGINT agencies - FVEY) our government basically said "yes we do it, and we're gunna do it even more now and make it into law" and enforced that
2016 Investigatory Powers Act the following year, that does what I just said, since the 2016 IPA it means your ISP must record your TLD Metadata and store it for 12 months
(but is Top-Level-Domain only - so only the what, when, where etc - not which page on a website you're actually on, just that you we're on that website at some point, so IP's, dates, time, locations etc) - read articles about it, it's nick-named "The Snoopers Charter" read all the papers and you will see.
it is also applicable to your mobile provider for data, calls and texts, they aren't supposed to record the content of the text or calls but wouldn't surprise me if they do at least the texts
did you know that if a police officer has sufficient evidence or even 'just cause' they can access your data!
I've been studying Cyber-Security for quite some time (years)
EDIT:
part of the 2016 IPA history is the
Draft Communications Data Bill of 2013 which states : The Draft Communications Data Bill (nicknamed the Snoopers' Charter or Snooper's Charter) was draft legislation proposed by then Home Secretary Theresa May in the United Kingdom which would require Internet service providers and mobile phone companies to maintain records of each user's internet browsing activity (including social media), email correspondence, voice calls, internet gaming, and mobile phone messaging services and store the records for 12 months. Retention of email and telephone contact data for this time is already required by the Data Retention Regulations 2014.
In November 2015, May announced a new Investigatory Powers Bill similar to the Draft Communications Data Bill, although with more limited powers and additional oversight.I've seen documentaries from 10 years back showing TEXTS between 'suspects" on a 10-year-old TV programme about the police, and they showed the texts sent...given to them by the supplier.
Also, recently the NSA announced in a documentary they are now using Quantum Super Computers (QSC's) to decrypt VPN traffic, and can do it so fast that not only can it retain your data for reading later, but also inject malware into your encrypted stream as it is being sent back to you!!??
just use encrypted DNS like D.o.H on Firefox/Chrome to Cloudflare (1.1.1.1) in the settings, or using the app on yer fone or windows (WARP - PC or Mobile) which is a free VPN just for DNS data (as that is always plain text and what yer ISP records) - I use D.o.H in Firefox and NordVPN's "Obfuscated Servers" so my VPN traffic looks like HTTP traffic, along with a string of other assorted security addons/settings - i know someone is gunna say "what's the point if they can decrypt traffic"
1) it may have been a lie to put people off getting VPN's thinking they are hopeless now
2) let them try, it is better than using plain-text DNS and HTTP/HTTPS are on different ports, and DNS is 'plain-text' - that's one way how Man In The Middle attacks can occur