With the concept of a ‘capability gap’ in the acquisition of communications data being increasingly discussed, we have created a briefing on the key issues and definitions of the issue which can be viewed here (PDF).
The purpose of the briefing is to demonstrate that using the concept as an argument for the introduction of mass communications data collection is fundamentally flawed and unhelpful to what is a serious debate.
The key areas covered in the briefing are:
- The definition of the capability gap
- Key issues with the capability gap
- The Interception of Communicatiions Commissioner’s Report
- Resolving the capability gap
Our new report, NHS Data Breaches (PDF), highlights the scale of data breaches in the NHS. The research reveals examples of medical data being lost, shared on social media, and inappropriately shared with third parties.
The report shows that between 2011 to 2014, there have been at least 7,255 breaches. This is the equivalent to 6 breaches every day. Examples of the data breaches include:
- At least 50 instances of data being posted on social media
- At least 143 instances of data being accessed for “personal reasons”
- At least 124 instances of cases relating to IT systems
- At least 103 instances of data loss or theft
- At least 236 instances of data being shared inappropriately via Email, letter or Fax
- At least 251 instances of data being inappropriately shared with a third party
- At least 115 instances of staff accessing their own records.
- There have been at least 32 resignations during the course of disciplinary proceedings.
- There is 1 court case pending, for a breach of the Data Protection Act. In this instance the individual may have also resigned prior to proceedings.
Today we are publishing a report
highlighting the true scale of police forces’ use of surveillance powers. The report comes at a time when the powers have faced serious criticism, following revelations that police have used them to access journalists’ phone records.
The research focuses on the use of ‘directed surveillance’ contained in the controversial Regulation of Investigatory Powers Act (RIPA) by police forces; a form of covert surveillance conducted in places other than residential premises or private vehicles which is deemed to be non-intrusive, but is still likely to result in personal information about the individual being obtained.
Although the report details how directed surveillance powers were authorised more than 27,000 times over a three year period, police forces are not compelled to record any other statistics; therefore we cannot know the exact number of individuals that these authorisations relate to.
As part of the investigation into the use of RIPA by police, a request for details of ‘covert human intelligence’ (informers) and ‘intrusive surveillance’ (covert surveillance carried out in residential premises or private vehicles) was also submitted. However the request was rejected by forces as they believe releasing the information would negatively impact on police capability
Despite the law being changed in 2012 to stop local authorities using the same powers without a magistrate’s approval, police forces do not require any such permission. The report proposes three measures that should be introduced, including:
- a requirement for police forces to publish data on how often and why these powers are used,
- judicial approval of all surveillance operations
- the right for subjects of surveillance to be informed.
The police should not be able to keep the details secret of how and why members of the public are spied on. To do so whilst not having to seek a courts approval to use the powers is simply unacceptable. Local authorities now have to justify how they will snoop on members of the public and it is about time that this authorisation procedure became the norm, not the exception.
Any member of the public that has been put under surveillance should be told that that has been the case when there is no risk to an on-going investigation. This is standard practice in a number of other countries with it being recognised as being an important oversight mechanism. It is clear that this added level of accountability will ensure that the public will only face being spied on when it is truly necessary.
With Police forces around the UK conducting trial schemes and roll outs of body worn cameras (BWCs), we have created a briefing on the use of the technology which can be viewed here (pdf).
The largest trial has taken place within the Metropolitan Police Service, beginning on 8 May 2014 and seeing the distribution of 500 BWCs to officers in 10 London boroughs in an aim to repeat the success of a similar scheme in Rialto, Los Angeles. The £815,000 trial scheme will see the distribution of BWCs to police officers in Barnet, Bexley, Bromley, Brent, Camden, Croydon, Ealing, Havering, Hillingdon and Lewisham. The MPS and Ministers believe that the pilot will show whether or not BWCs will boost accountability, improve the accuracy of evidence and speed up convictions.
The Civil Society groups behind the Don’t Spy On Us coalition have produced a briefing on the fast-track Data Retention and Investigatory Powers Bill (PDF).
You can read our initial analysis of the emergency legislation announcement, as well as our amendment recommendations here.
The Data Retention and Investigatory Powers (DRIP) Bill was published on 10th July 2014 following a press conference given by the Prime Minister and Deputy Prime Minister announcing emergency surveillance legislation. They indicated that the leader of the Opposition had already given Labour’s support to the Bill following private cross-party discussions and this was confirmed by the Shadow Home Secretary in the Chamber later in the day. The Bill is now due to receive all its substantive stages in the House of Commons next Tuesday 16th July. The Lords will be invited to pass the Bill on Wednesday and the Commons will consider any Lords amendments on Thursday. Royal Assent is to be granted before summer recess and the legislation will come into effect immediately. Parliamentary scrutiny and debate is therefore effectively neutered and it is unlikely that the Bill will be substantively amended.
Concerns have been raised in recent weeks regarding the European Commission’s plans for all new cars to be installed with event data recorders in order to enable the eCall system.We have produced a briefing (PDF) to explain the background of the policy, the concerns that have been raised and the other potential uses for event data recorders once they have been installed. The key points raised in our briefing are:
- There is an important distinction to be made between eCall and the Event Data Recorders (EDRs). Whilst the eCall system may not record the location of the car constantly, the EDR does have that capability.
- There are concerns that the EDRs ability to gather extensive data can and will be misused as:
- the data could be accessed by hackers to track individuals’ location.
- insurance companies can use this to promote personalised insurance quotes by recording how individuals drive.
- police forces have already been using eCall systems to track suspicious motorists.
- The installation of the EDR will be mandatory, a move that goes against British principles of liberty and freedom of choice.
- The eCall system is not cost efficient nor will it have a significant impact on safety in the UK.
In the debate around state surveillance, we all too often we hear officials say that we have nothing to fear as only the communications data (or metadata) is examined, not the content of a communication.
Big Brother Watch has therefore published a briefing on why communications data matter. In the briefing note you will find answers to questions like: what are communications data?; what can communications data reveal?; and how are communications data analysed?. We also include details of how communications data have evolved and whether the legal framework currently in place provides sufficient safeguards.
We hope you find the information informative and interesting. Do get in touch to let us know if there are any other topics that you would like us to publish information on.
Today we have published our latest report, Traffic Spies, highlighting how hundreds of councils have turned to static CCTV cameras and spy cars to raise £312m in revenue.
Many councils are continuing to use CCTV to hand out fines, despite the government publishing a Surveillance Camera Code of Practice highlighting the need to use CCTV for traffic offences “sparingly”, this research highlights that the number of CCTV cars in operation in the UK has increased by 87% since 2009.
The question must therefore be asked, if CCTV cameras are about public safety, why are local authorities able to use them to raise revenue? Furthermore, why are local authorities publishing no meaningful information about their use of CCTV for parking enforcement? Read more
April 7, 2014
Posted in CCDP, Civil Liberties, Communications Data Bill, GCHQ, Mastering the Internet, Online privacy, Police, Research and reports, Surveillance, Technology
Last November we launched our ‘Time for Transparency’ campaign, revealing new polling that showed 66% of people want more information about how surveillance powers are used, with 70% wanting companies like BT and EE to publish their own reports about the requests they receive, as companies like Google, Facebook and Microsoft now regularly release.
Today we are publishing a paper detailing further proposals to improve transparency, following wide ranging discussions with companies, regulators and political figures, as well as discussions with people in the United States. The paper outlines how the Interception of Communications Commissioner should publish a breakdown of how individual agencies use powers to access communications information – currently just one total figure is published – as well as calling for clarification about whether British companies are handing over data ‘in bulk’ on thousands or millions of customers.
As the new school term gets underway, now is the time for parents to check if their children are among the hundreds of thousands of pupils who are using biometric technology.
Today we have published our latest report looking at the use of biometric technology in secondary schools and academies which, based on data from the 2012-13 academic year, makes clear that fingerprints were taken from more than one million pupils.
You can read the report here.
Our research, gathered from Freedom of Information Requests to more than 3,000 schools, shows that at the start of the academic year 2012-13:
- An estimated 40% of schools in England are using biometric technology
- An estimated 31% of schools did not consult parents before enrolling children into a biometric system prior to the Protection of Freedoms Act 2012 becoming law