I have known the Bytemark guys personally and professionally for not far off 20 years, and can highly vouch for their professionalism, ethical stance, and skill at what they do. If you need a UK hosting provider, you should strongly consider them.
If you're in the UK, it's bytemark on the server and Andrews and Arnold for your connection. They're the only two respectable companies I've found.
Glad to hear some sense being spoken in the blog post. Everyone has their head in the sand here in the UK.
One more point to add: dump your smart phone. All smartphone vendors are external to the UK as well so loading malicious firmware OTA is permitted under these statements.
Probably sound like a tinfoil hat nutter here but there are a lot of people popping up on the amateur bands suddenly (I listen with my scanner).
Even if the server and both endpoints are entirely within the UK, lots of packets are going to traverse UK's borders, due to the nature of the internet and routing.
In your described situation, GCHQ would term it internal and wouldn't legally be able to intercept it. As I understand it one of the server or end points have to be outside UK under their current legal interpretation to be declared external. Of course instead they'll just ask the US for the data, as it's external to them.
And this is why all this "cooperation" is a real problem. It is basically an end run around the legal authority they've been given in regards to domestic v. foreign surveillance capabilities.
Realistically, the only way to secure things is to run your own privately encrypted VPN in which all data remains or use PGP. At least until the NSA and GCHQ can crack them.
I don't think that's going to be the case very often, unless a network's normal paths are seriously broken or misconfigured. I guess if you got transit from a big international who was just over here, you might find your traffic going in and out, but that'd be a very weird case these days.
