This morning, The Sun carries an article making several claims about the draft Communications Data Bill that bear a striking resemblance to
“Mrs May says the new law would be a massive help in preventing another 7/7-style atrocity on Britain’s streets.”
However, the 7/7 inquest stated: “Post 7/7 enquiries revealed that between 22nd February and 15th June 2005 there were forty one telephone contacts between mobile phones attributed to Tanweer, Khan, and Lindsay and hydroponics outlets. It is unlikely these could have been detected by surveillance given the large number of untraceable “operational” phones used by the bombers and only attributed to them once their identities and details were known.”
“and could stop savage events like the gunning down of brave women police officers Nicola Hughes and Fiona Bone in September”
How would data prevent such a cold-blooded act by someone wanted for another crime that had taken place a month earlier? The officers were responding to a routine report of a house burglary – are we now saying before responding to routine calls, police officers will be expected to check the website browsing, social media messages and emails of every individual in the vicinity?
“Anybody who is against this bill is putting politics before people’s lives.”
When Parliament rejected 90 day detention, Tony Blair said “People will believe parliament was deeply irresponsible” while Hazel Blears (then a Home Office minister) said “It is right that people question and probe these issues but the three-month period is what the police and security service say is necessary.”
The Coalition was rightly applauded for not accepting this rhetoric and highlighting there was no evidence to support the claims being made. The rhetoric of today’s article is groundhog day for anyone familiar with the New Labour playbook of how to get terrorism legislation passed.
Mrs May said: “Criminals, terrorists and paedophiles will want MPs to vote against this bill. Victims of crime, police and the public will want them to vote for it. It’s a question of whose side you’re on.”
This is very similar to Tony Blair’s words on 90 day detention: ”the police and those charged with fighting terrorism said the 90-day power was needed to make the country safe….. We believe this is right for our country. We believe it is necessary to protect our country from terrorism and I’m only sorry you don’t agree.”
The approach of presenting the bill as aimed at only terrorists, paedophiles and serious criminals is something the Joint Committee raised with the Home Secretary, noting the purposes of the Bill go much, much wider than these offences.Sir Paul Kennedy, the Interception of Communications Commissioner, told MPs that the powers could be justified when investigating incidents such as fly tipping.
We have highlighted
numerous ways that public safety could be improved without requiring blanket data retention on every one of our emails, social media messages and website visits.
It’s also worth noting that the two examples cited in the article could be addressed by alternative routes.
Example 1: “A MAJOR criminal investigation was launched into a website used as a secret portal for viewing more than 2,000 indecent images of children. Both were jailed. But others escaped because internet access companies had no record of who had used the IP addresses.”
Being involved in the production or distribution of child pornography is illegal. It is a serious crime. In this case, it would be proportionate to go to internet service providers and ask for the IP address of any computer accessing the website, and for data to be retained about that use. Those people could be identified and prosecuted without needing to record every website visit of every person.
Example 2: An online counsellor called police to tip them off that an emotional man was feared to be on the verge of suicide. Cops found out where he lived by tracing the IP address and raced round to his home. It was only by chance that the internet service provider had a record of the man’s address and police were able to help him.
What happened to terrorism, paedophiles and serious criminals? There is a wholly separate argument about whether the state should try and intervene in preventing suicides in such a way, but in this case it is about the ability to track in real-time the identity of a single individual when some identifying information – in this case an IP address – is already known. The powers to track an individual already exist – and in this case none of the data used was details of emails, website visits or social media messages, which the bill proposes to log for everyone for one year.
Posted on October 31, 2012 by Big Brother Watch
Posted in CCDP, Civil Liberties, Communications Data Bill, Databases, Information Commissioner, Internet freedom, Mastering the Internet, Online privacy, Surveillance, Technology
|
Today Big Brother Watch has published new research showing just how little support the Home Office’s draft Communications Data bill has.
You can read our briefing on the bill here and why we don’t think it’s right the Government passes a law requiring data to be stored about everyone’s communications.
Witnesses have lined up to tell the specially established Joint Committee investigating the draft bill how the legislation is a risk to economic growth, innovation, cyber security, foreign policy, not to mention the privacy and civil liberties of every British citizen. From our research, conducted with YouGov, it is clear the public are not content with having their every email, social media message, website visit and online conversation’s logged and stored.
Despite rhetoric reminiscent of ID Cards and 90 day detention, just 6% of people think the Government has made a clear and compelling argument for the draft Communications Data Bill.
Read more
Posted on July 16, 2012 by Big Brother Watch
Posted in CCDP, Civil Liberties, Communications Data Bill, Data Protection, Databases, Mastering the Internet, Mobile Phones, Police, Privacy, Surveillance
|
In his latest report Sir Paul Kennedy, the Interception of Communications Commissioner details how two members of the public were arrested by police and wrongly accused of crimes because officials wrote down the wrong numbers.
Two police forces were given the wrong information by a communications service provider (CSP) which led to two people being wrongly detained and accused of crimes last year. The case is currently under investigation, but highlights acutely the risks of error in accessing communications data. Equally, it is surprising that communications data was used to detain two people without any other corroborating evidence.
The report also found one official at a council was self-authorising requests for information by acting as applicant, authorising the application and then collecting the data while 52 requests in two local authorities were not approved by someone of sufficient seniority.
There are clearly serious problems with the authorisation process that allows hundreds of errors to go undetected in almost 900 cases. Furthermore,at a time when the Government is planning to massively increase the amount of data communications service providers must keep on their customers it highlights the stark gaps in safeguards and the weakness of authorisation processes that almost never require court approval.
The report fails to offer any evidence on the effectiveness of the 494,078 requests although it is fair to say that the 11% fall in data requests has not lead to a significant increase in the crime rate, or a fall in the clean-up rate.
As the Communications Data Bill is scrutinised, the very least the public deserve is a credible justification of why we should all be treated as suspects. This report does nothing to reassure anyone about the effectiveness of safeguards or the need for further surveillance, but does highlight the real threat to privacy increased data retention poses.
In a legal process filed earlier this week, American campaign group the Electronic Frontier Foundation (EFF) has highlighted the dangers of allowing the Government to install it’s own ‘black box’ hardware into the communications network – as currently proposed by the draft Communications Data Bill.
The EFF is currently pursuing a lawsuit against what it alleges is the US government’s illegal mass surveillance program and has now produced three whistleblowers. All former employees of the National Security Agency (NSA) – they confirm that the NSA has, or is in the process of obtaining, the capability to seize and store most electronic communications passing through its U.S. intercept centers, such as the “secret room” at the AT&T facility in San Francisco first disclosed by retired AT&T technician Mark Klein in early 2006.
These ‘intercept centers’ are exactly the same kind of equipment that will be required to enact the Communications Capabilities Programme, and are specifically provided for in the draft legislation. Once they are installed, there is nothing stopping either domestic agencies or malicious attackers using them to store communications data (indeed, where data is encrypted this may be necessary) or re-purposing them to actively monitor who is visiting certain websites or communicating with certain email addresses, in real time.
After all, it is not difficult to see the argument being made that once communications data is stored, storing content is a small step requiring a few teaks to the language of legislation – for exactly the same paedo-terrorism arguments we have heard in the past few weeks.
We warned earlier this week about how dangerously naive the Home Office’s plans were, carrying a risk of either doing huge damage to internet security, or becoming a multi-billion pound white elephant. (Given past Whitehall IT projects, our money is on the latter.)
The wider risk is now becoming clear – once these pieces of hardware are installed, it is a matter of time before they are either abused (particularly worrying given the draft Bill makes no provision for the boxes to be auditable by an external body)
Indeed, this was exactly what happened in Greece when the interception capability of software on the Vodafone network was activated by unknown external operatives. The phone calls of members of the Greek cabinet, senior police and defense officials and the Prime Minister. The bugging software was thought to be active in the weeks leading up to the 2005 Athens Olympics and wasn’t discovered for seven months.
The only way to protect privacy and our freedoms is for these boxes to never be installed and service providers to store less data about us – which is why Big Brother Watch will be campaigning to have the entire draft Bill dropped.
Last week Channel 4 news reported a fear Big Brother Watch has been articulating for some time, namely that the Communications Data Bill will require black boxes to be installed so that if a message is sent encrypted, it can still be read.
An excellent technical summary is here but the essential point is that the Home Office is planning to make itself the ‘man in the middle’ between your PC and the Internet. The term ‘man in the middle attack’ is a well known problem for internet security, but the wider concern is that the plan is at risk of being useless by developments already underway.
As reported by the Economist last year, ensuring that communications can be sent and received securely is an essential part of a global, digital economy and fraudsters have used dodgy certificates in the past to enable both state-sponsored attacks and corporate fraud. Accordingly, it’s a loophole that is being rapidly closed.
In addition, it makes the black boxes hugely lucrative to both criminal and foreign interests who would not be afraid of ‘collateral damage’ in obtaining them. Once obtained, they would be in an unprecedented position to attack the UK and its interests.
There’s also a serious question about how businesses with sensitive intellectual property would feel about trusting their security to the same officials who put 23m people’s tax details in the post on an unencrypted CD.
Technologically at risk of being out of date before it’s installed, hugely costly and a threat to Britain’s already ailing economy. The civil liberties argument is not the only reason to be very afraid of the draft Communications Data Bill – and the list is growing.
Every year, around 130 million postcards are sent to people in Britain. And according to the Draft Communications Data Bill, the Home Office wants to know what we’re saying on them.
The draft Bill is clear:
“postal item” means—
(a) any letter, postcard or other such thing in writing as may be used by the sender for imparting information to the recipient, or
(b) any packet or parcel,
and for the purposes of this definition “data”, in relation to a postal item, includes anything written on the outside of the item.”
So, communications data includes anything written on the outside of the item – which in the case of postcards is, well, the content of the message.
This goes against both assurances that there were no plans to read messages, and also the claim this is about the ability to track internet communications.
Already the detail of the bill is unraveling. We were told this was about new technology and yet buried in the detail are powers to track the postcards and letters we send.
Postal services are explicitly included in these unprecedented surveillance plans, with the draft Bill making clear anything written on the outside of a letter or postcard can be recorded. If there are no plans to use these powers then why on earth are they in the draft Bill at all? Yet again the Home Office is trying it’s luck to see just how much surveillance of innocent people it can push through and doing its best to avoid scrutiny.
Posted on June 14, 2012 by Big Brother Watch
Posted in CCDP, Civil Liberties, Information Commissioner, Internet freedom, Mastering the Internet, Online privacy, Privacy, Surveillance, Technology, Terrorism Legislation
|
Let’s bust some myths.
Right now – without any new powers – the police and security services can read your emails, tap your phone, plant hidden cameras and microphones in your house and intercept your internet use. All of which can be done without any approval of a judge.
Since 2005, there have been more than 2.7 million requests by police and other public bodies for the communications data belonging to private individuals. Of these, fewer than 10,000 requests have come from local authorities. Oh, and none of those requests were authorised by a judge. For the Home Office to rush out an announcement that local councils will lose their snooping powers is nothing short of deliberate misdirection.
Aside from the blatant spin of announcing unprecedented spying powers during the PM’s testimony to the Leveson enquiry, the Home Office is trying to hide an unprecedented level of surveillance of the entire population behind a miniscule concession of removing the ability to access Communications Data from local councils.
This policy goes against the Coalition Agreement, against Conservative pre-election policy and is fundamentally an illiberal, intrusive boondoggle that will do little to improve national security and do everything to turn us into a nation of suspects.
Before the election, the Prime Minister said that “If we want to stop the state controlling us, we must confront this surveillance state.”
He was absolutely right.
Download our full briefing here.
The Home Office still appears to be pressing ahead with it’s plans to monitor the internet and many of our supporters have asked for an update of what is happening. Simply, we do not know. The process remains as it began – closed, without public consultation and driven by desire to implement the same pre-determined solution we have seen for nearly a decade. So, as we are unable to say what is happening, we can summarise the wide range of arguments – many of which were not considered by the Joint Committee on the draft Bill – why the Bill is the wrong approach at the wrong time.
