• Media Enquiries

    07505 448925(24hr)

Time for surveillance transparency


Today the three heads of Britain's intelligence agencies appear infront of Parliament's Intelligence and Security Committee in a televised hearing, the first time for such a hearing to be broadcast. Progress, yes, but let's not get ahead of ourselves - the head of the CIA first appeared on TV speaking to congress in 1975, so it's hardly a revolution in oversight. Today we have published new polling by

GCHQ faces legal action over mass surveillance


Today Big Brother Watch, working with the Open Rights Group, English PEN and German internet activist Constanze Kurz, has announced legal papers have been filed alleging that GCHQ has illegally intruded on the privacy of millions of British and European citizens. We allege that by collecting vast amounts of data leaving or entering the UK, including the content of emails and social media messages, the UK’s spy

Patients win choice of sharing medical records


Earlier this year, we led the concern that a new NHS data sharing plan would see every patient's medical records uploaded to a new information system without the right to opt-out. We warned at the time that patient records would be out of patient control. On Friday, the Secretary of State confirmed that this will not be the case. We have worked closely with MedConfidential and Privacy International to ensure

Boom in private investigators risks avoiding surveillance regulation


Our latest report highlights the growing use of private investigators by local and public authorities, particularly the number of times they are used without RIPA authorisation. The law in the UK, particularly the Police and Criminal Evidence Act 1984, is broadly drawn to allow evidence to be introduced in court that in other jurisdictions would not be deemed admissible. Contrasted with the fruit of the poisonous

Mastering the Internet

The Countdown to CCDP?

Posted on by Big Brother Watch Posted in CCDP, Civil Liberties, Information Commissioner, Internet freedom, Mastering the Internet, Online privacy, Privacy, Surveillance, Technology | Leave a comment

According to the House of Lords calendar, on Monday, at 2.30pm Lord Strathclyde will propose a Joint Committee to review the draft Communications Data Bill:

†Draft Communications Data Bill Lord Strathclyde to move that it is expedient that a joint committee of Lords and Commons be appointed to consider and report on any draft Communications Data Bill presented to both Houses in the course of this Session and that the committee should report on any draft Bill by 30 November.

Are we about to finally see the details of what the Home Office wants to do with our data? Who knows. What is clear is that the debate up to now has been catastrophically hamstrung by the lack of information offered on what is being planned, while the arguments offered by Ministers have veered between woefully vague and very dubious.

A Joint Committee would be one important part of the scrutiny process, but it must not held in secret or receive evidence that cannot be made public. Equally, it must be able to scrutinise the technical claims being made about how data will be captured, in particular the ‘black boxes’ discussed as a means of capturing some of this data. Given the reaction from the technical community, including Oxford and Cambridge Universities, it is far from clear this is even possible, and if it is, whether it will produce anything of any value.

We also hope the Conservatives have fulfilled their pre-election commitment to submit the plans to the Information Commissioner for full pre-legislative scrutiny.

We look forward to hearing what is being proposed and the frank, public debate that proposals that will monitor every citizen using a communications device deserves.

More Marsham Street misdirection on snooping

Posted on by Big Brother Watch Posted in CCDP, Civil Liberties, Internet freedom, Mastering the Internet, Surveillance, Technology | Leave a comment

Speaking in the House of Commons today, the Home Secretary said:

“Ceop … received intelligence of unique internet addresses from the UK who had accessed child abuse material,”

“Because some of that communications data was not available, nine out of 41 members of an international paedophile ring could not be traced.”

So. They had unique addresss of the UK members. The police could have secured a warrant, siezed the computers of the people identified and recover the data on their PCs and analyse it.

Alternatively, the Home Secretary could sign a warrant and they could put every one of the known people under surveillance, monitoring their internet use and watching who they communicate with.

If this was not possible, because of technical measures put in place by the paedophiles, then I struggle to see how the Communications data plans would solve the issue. Equally, as soon as ISPs are told to log extra data those seeking to use the internet for wrongdoing will take the relatively trivial steps to conceal their activity.

It is wholly wrong to say the only way of bringing these people to justice is to rely on monitoring what every internet user does.

This is exactly the same kind of scaremongering that we saw around 90 day detention, ID Cards and countless other ‘national security’ policies that were rightly rejected as being an unneccesary intrusion on privacy and ones which would make little difference to public safety. The Communications Capabilities Development Programme is such a policy.

Update: The Daily Telegraph also reports on this example, which turns out to be five years old and may have been solved today without any additional data,

Queen points to Communications Data Bill

Posted on by Big Brother Watch Posted in CCDP, Civil Liberties, Information Commissioner, Internet freedom, Mastering the Internet, Online privacy, Privacy, RIPA, Surveillance, Technology, Terrorism Legislation | 5 Comments

“My Government intends to bring forward measures to maintain the ability of the law enforcement and intelligence agencies to access vital communications data under strict safeguards to protect the public, subject to scrutiny of draft clauses.”

So there we have it – the Communication Capabilities Development Programme will have it’s day in Parliament. We don’t know what the draft clauses will be or when we will see them, but the Government remains intent on pursuing legislation in the coming session of Parliament.

If someone is suspected of plotting an attack the powers already exist to tap their phone, read their email and follow them on the street. Instead of scaremongering the Home Office should come forward and engage with the debate about how we improve public safety, rather than pursue a policy that will indiscriminately spy on everyone online while the real threats are driven underground and escape surveillance.

The Home Office have been very good at saying what the problem is, but seem intent on keeping the technical details of what they are proposing secret. Is it any wonder that the public are scared by a proposal for online surveillance not seen in any other Western democracy.

They also seem keen to avoid talking about the Black Boxes for real time monitoring capability that we still believe to be part of the plans.

Whether it is a draft Bill or not, if the Home Office needs to tread very, very carefully when it comes to proposing a level of online surveillance not seen in any other Western democracy. The proposals will rightly be closely scrutinised in Parliament and I hope the Conservatives fulfil their commitment to immediately give the plans to the Information Commissioner for pre-legislative scrutiny.

It’s far from clear this is technically possible, with encrypted messages, virtual private networks and onion browsers increasingly part of ordinary people’s online habits. Equally, the ‘black box’ measures risk introducing new security vulnerabilities into the UK’s critical national infrastructure. There’s also the pressing question of what the Bill will propose that isn’t already possible under the Regulation of Investigatory Powers Act.

And given that Lord Leveson is only beginning to explore how personal data was illegally obtained from private companies, I’m sure there are many MPs who will want to know how proposal isn’t going to create a huge new risk of people snooping on what politicians, celebrities or members of the public do online.

Before the election the Conservative policy on this was “immediately submitting the Home Office’s plans for the retention of – and access to – communications data to the Information Commissioner for pre-legislative scrutiny.” We don’t know if this has happened.

A draft bill will not offer the same wide-ranging consultation as an ordinary white paper, but there is still a long way to go before this becomes law, if indeed it does. Big Brother Watch will be working closely with privacy and civil society groups to ensure that proposals are scrutinised and if it is the illiberal, intrusive and indiscriminate measure we fear we will work tirelessly to ensure it does not pass into law.

You can also download our key issues briefing and our full briefing.

Website blocking and privacy : it’s all or nothing

Posted on by Big Brother Watch Posted in CCDP, Civil Liberties, Internet freedom, Mastering the Internet, Surveillance, Technology, Web blocking | 12 Comments

Over the past week we’ve had the continued fall out from the Pirate Bay court ruling and Claire Perry MP’s continued calls for an opt-in content filter in the UK. The cries of ‘something must be done’ have been heard loud and clear – but is anyone thinking through what it being proposed?

Both the causes are laudable ones – tackling piracy and protecting children from explicit imagery. However, Big Brother Watch cannot support the principle of blocking content as described in either model. In both cases, there is a perception that ISPs have the ability to regulate every packet of data that pass their networks, and therefore stop people accessing certain websites.

This is a dangerously flawed interpretation of how the internet works and for it to work and have any meaningful way it requires everything we do online to be monitored. Of course, it is entirely coincidental that the Communications Capbailities Development Programme would be a step towards that.

There are those in Government who recognise this. Foreign Secretary William Hague last year stated that “It is important to distinguish between government encouraging people to make more use of existing protections as a matter of choice, and the government deciding what people can and cannot do online” and his sentiment was echoed in today’s Telegraph by Francis Maude, who warned against  “state intervention that would stifle growth and the free exchange of ideas at its heart.”

They are right. Network level blocking is not the silver bullet may have portrayed it to be. Easily avoided, it is a crude tool that carries serious risks, from blocking legitimate business content to introducing new security risks into the internet. Indeed, in a 2011 report into site blocking, Ofcom concluded:

“Circumvention of a block is a technically a relatively trivial matter irrespective of which of the techniques used. Knowledge of how site operators and end users can work around blocks is widely distributed and easily accessible on the internet. It is not technically challenging and does not require a particularly high level of skill or expertise.”

Read more

Key CCDP issues for the Home Secretary

Posted on by Big Brother Watch Posted in CCDP, Civil Liberties, Internet freedom, Mastering the Internet, Surveillance, Technology, Terrorism Legislation | 3 Comments

Tomorrow the Home Secretary appears before the Home Affairs Select Committee to discuss, among other things, the Communications Capability Development Programme.

This is a crucial opportunity for the Home Secretary to offer detail that has been badly lacking in the debate around CCDP and to offer the public an explanation of what has been planned. As we have repeatedly highlighted, much of the public concern about the policy could have been addressed with a more transparent and thorough policy making process.

We’ve summarised the key issues below and we look forward to the Home Secretary being able to address the concerns shared by businesses, civil liberties groups and MPs on all sides of the house.

You can also download our key issues briefing and our full briefing.

What we know:

Media statements by the Home Office have confirmed two key aspects of the CCDP proposals:

  • Increased retention of ‘header’ data (who emailed who & when) extended from phone companies to Internet Service Providers and other services (potentially social media companies)
  • Real time monitoring through physical ‘black boxes’ being installed on the UK’s internet architecture

What we do not know:

  • How much it will cost, either the taxpayer or businesses
  • Detail of what is ‘communications data’ to be retained
  • Whether it is technically feasible (particularly in respect of encrypted communications)
  • Who will have access to the data once it is collected, and by what authorisation
  • Whether it will require deep-packet inspection of web traffic Read more

Minister’s letter fails to answer key questions

Posted on by Big Brother Watch Posted in CCDP, Civil Liberties, Information Commissioner, Internet freedom, Mastering the Internet, Online privacy, Social Networking, Surveillance, Technology | 1 Comment

In a four page letter, the Home Secretary and Justice Secretary have written to MPs to address concerns around the Communications Capabilities Development Programme (CCDP) and the Justice and Security Green Paper.

While we welcome their efforts, a significant number of questions remained unanswered and in some areas the letter appears to contradict official statements made in recent days.

This is our reponse.

 

Four days after the Sunday Times broke news of Government plans to increase the surveillance directed at every person in the country, and following a scathing report from a Parliamentary Committee on their plans for extending closed-door court processes, the Home Secretary and justice Secretary have written to MPs to address their concerns.

Let me be clear – I absolutely support the Prime Minister in his belief that the primary role of Government is to protect its citizens. I also share his belief in ensuring proper legal safeguards on powers given to the state.

The reason I have opposed both the Communications Capability Programme and the Justice and Security Green paper is that I believe they will not make the public safer, yet will trample over legal rights enshrined in law since the days of Magna Carta. It is not for innocent people to justify why the state should not spy on them.

Read more

CCDP : What we know

Posted on by Big Brother Watch Posted in CCDP, Civil Liberties, Data Protection, Information Commissioner, Internet freedom, Mastering the Internet, Surveillance, Technology, Terrorism Legislation | 17 Comments

After another day of confusion around the Government’s plans for increased surveillance powers, it now appears there is some back-tracking and the bill will only be a ‘draft’.

Here’s an update of some key points, while Privacy International have highlighted some serious issues with a briefing given to Liberal Democrat MPs.

Key issues:

  • The Coalition Agreement pledged: “We will end the storage of internet and email records without good reason.”
  • The plans are expected to be announced in the Queen’s speech, meaning it is almost impossible they become law before the Olympics
  • Plans to install GCHQ’s own physical equipment to give them real-time access to data appear incompatable with proper judicial oversight of surveillance
  • The new proposals may remove the ability of service providers to challenge requests for data – Google last year only complied with 63% of requests
  • It is far from clear if this is technically possible, particularly where secure communications are used and it is impossible to expose ‘header’ information without also exposing content.
  • This will cost taxpayers billions, but also mean businesses incur new costs at a time when the Government is asking them to invest in high-speed internet infrastructure
  • The fact that this is not a ‘central’ database is being used as a smokescreen to detract from Lib Dem and Conservative promises in opposition
  • The 7/7 Inquest Coroner’s report discusses the issues involved with large amounts of data and surveillance: One point states “It is unlikely these could have been detected by surveillance given the large number of untraceable “operational” phones used by the bombers and only attributed to them once their identities and details were known.”

Read more

Ian Huntley, Surveillance and CCDP

Posted on by Big Brother Watch Posted in CCDP, Internet freedom, Mastering the Internet, Online privacy, Surveillance, Technology, Terrorism Legislation | 7 Comments

This morning the Home Secretary has come out and justified the Government’s plans to massively increase their surveillance. It seems that the justification is shifting from preventing incidents to helping convict people afterwards, as in the case of Ian Huntley.

How does this sit with the official enquiry?

“It emerged that Huntley had been known to the authorities over a period of years, coming into contact with the police and/or social services in relation to 11 separate incidents involving allegations of criminal offences, between1995 and 1999. Nine of these were sexual offences. This was not discovered in the vetting check carried out by Cambridgeshire Constabulary when he was appointed caretaker of Soham Village College late in 2001.”

So, the amount of data available to the authorities was not the issue – it was how they used it. This is not an isolated example.

Turning to the 7/7 Inquiry, the Coroner’s report discusses the issues involved with large amounts of data and surveillance:

“However, one must never lose sight of the fact that the material confronting the Security Service at the time would have comprised literally thousands of strands of intelligence of varying degrees of quality, in relation to thousands of possible contacts and hundreds of possible targets. The desk officers must usually work at speed and in very difficult conditions. We do not know the precise details, but we know enough properly to infer that the sheer scale and number of the threats facing the UK was immense. If one plot is discovered to involve an imminent threat to life resources must be diverted to meet it at the expense of other investigations.”

“Post 7/7 enquiries revealed that between 22nd February and 15th June 2005 there were forty one telephone contacts between mobile phones attributed to Tanweer, Khan, and Lindsay and hydroponics outlets. It is unlikely these could have been detected by surveillance given the large number of untraceable “operational” phones used by the bombers and only attributed to them once their identities and details were known.”

“There was some evidence on the question of the quality of the software supplied to the Security Service. G gave evidence that “it can be very difficult” to “dig into” the files and computer systems at the Security Service to try to find out if a particular person has previously come to their attention. Witness G was pressed on the ease with which the Security Service could, today, retrieve all references to someone with the surname Khan. He explained the difficulties given the large number of people bearing the name Khan. Inputting even the name Siddique Khan, for example, may not produce helpful results.”

Scaremongering about terrorists and paedophiles is not only a cheap and petty way of forcing policy through, but if we fail to learn the lessons of history public safety will be worse off.

—-

Update: Compare and contrast the Labour Home Secretary’s arguments with those of the current Home Secretary.

Jacqui Smith:“Communications data is used as important evidence in 95% of serious crime cases and in almost all security service operations since 2004.”

Theresa May: “Such data has been used in every security service terrorism investigation and 95 per cent of serious organised crime investigations over the last ten years.”

Some things never change at the Home Office

Posted on by Big Brother Watch Posted in Civil Liberties, Databases, Internet freedom, Mastering the Internet, Privacy, Surveillance, Technology, Terrorism Legislation, Web blocking | 8 Comments

The Coalition Agreement promised to “end the storage of internet and email records without good reason”. A simple and straightforward commitment that we wholeheartedly welcomed as a major step to protecting privacy online and reversing Labour’s planned ‘Intercept Modernisation Programme.’

However, buried in the Strategic Defence and Security Review, the Government said it plans to introduce “a programme to preserve the ability of the security, intelligence and law enforcement agencies to obtain communication data and to intercept communications.”

Step forward the Communications Capabilities Development Programme (CCDP), which will be proposed in new legislation in the coming months, as highlighted in today’s Telegraph.

In theory, the two objectives are not contradictory – we have no problem with the security services having the capability to monitor someone they believe to pose a risk to the public. The question is that the capability is used after a suspect is identified.

Britain is already one of the most spied on countries off-line and this is a shameful attempt to watch everything we do online in the same way. The vast quantities of data that would be collected would arguably make it harder for the security services to find threats before a crime is committed, and involve a wholesale invasion of all our privacy online that is hugely disproportionate and wholly unnecessary.

The data would be a honey pot for hackers and foreign governments, not to mention at huge risk of abuse by those responsible for maintaining the databases.It would be the end of privacy online.

The Home Secretary may have changed but it seems the Home Office’s desire to spy on every citizen’s web use and phone calls remains the same as it was under Labour. At a time when the internet is empowering people across the world to embrace democracy, it is shameful for one of the world’s oldest democracies to be pursuing the kind same kind of monitoring that has a stranglehold on civil society in China and Iran.

Perhaps when Chinese state media praised Britain’s ‘new attitude’ towards the internet, this is what they meant.

Google’s New Good to Know Privacy Portal

Posted on by Big Brother Watch Posted in Data Protection, Mastering the Internet, Online privacy, Privacy, Social Networking, Technology | 5 Comments

This week, Google very quietly launched a privacy portal called Good to Know.  In the UK, you may even have already seen their adverts on the London Underground or elsewhere last week, a campaign teamed with the Citizens Advice Bureau.  The portal provides internet security advice, tips and privacy policy information on Google applications and pages to users worldwide.  A huge first for the big players in the business.

The Good to Know portal is made up of four main sections and offers information in simple breakdowns and short clips.  It even offers a ‘jargon buster’ in order to make privacy advice and information accessible to the least tech-savvy users of Google.  Bloggers, tech junkies and critics alike seem to be impressed at Google’s innovative approach to providing, ensuring and explaining internet security and privacy.

Google’s approach to the portal is also incredibly welcome after repeated concerns with internet security have plagued some of its competitors, in particular Facebook.  Facebook has taken hit after hit with regards to its privacy policy and transparency.  Recent issues with its ‘Like’ button and tracking users, wire tap accusations in the US, and ever changing privacy settings have triggered major criticisms and complaints.  Google has, it appears, learned much from the issues where its competitors have not.

Read more