Finally clarifying what was already widely accepted, a publication by the Information Commissioner’s Office (ICO) has confirmed that surveillance legislation is “complex”. “Surveillance Road Map” (PDF) seeks to set out the responsibilities of each body tasked with overseeing the laws that govern surveillance as well as highlighting some of their overlapping functions.
One of the aims of the guidance is to show members of the public “the avenues available to challenge or complain about any alleged breach of surveillance legislation”. Whilst this is a laudable aim it misses the real problem: that in too many cases roles are unnecessarily duplicated.
One prime example is of the Surveillance Camera Commissioner (SCC) and the ICO. The guidance states that the two bodies’ CCTV Codes of Practice “dovetail”; in fact they repeat each other. There is no reason for both bodies to be responsible for CCTV oversight. As the document points out the SCC has no “complaints handling or enforcement function”. Action should be taken to rectify this, as a result the SCC could be made responsible for a single, enforceable Code of Practice and the ICO would be able to focus more attention on its other functions.
You may remember the now infamous “ring of steel” system of ANPR cameras that was placed around Royston, which was ruled to be unlawful by the Information Commissioner’s Office (ICO). A year on from that ruling, figures have been published which show that since Hertfordshire Police was forced to dismantle the system there hasn’t been a sudden and uncontrollable outbreak of lawlessness and crime.
Crime statistics, recently released by Hertfordshire Police, show that between April and June 2013, when the ANPR system was still in place,172 crimes were committed. When comparing this to the same period in 2014 it turns out that 171 crimes were recorded, a drop of 1.
The scheme originally involved the position of ANPR cameras in such a way that it was impossible for motorists to drive in or out of the town without being filmed. In July 2013, the ICO ruled that the Police had failed to carry out “any effective impact assessments” whilst commenting that “it is difficult to see why a small rural town … requires cameras monitoring all traffic in and out of the town, 24 hours a day”.
With the publication of the second report by the US’s Privacy and Civil Liberties Board (PCLOB), the ball is now firmly in the UK Government’s court. The report added to the US’s response to the revelations made by Edward Snowden and places the lack of a response on this side of the Atlantic in stark contrast.
The report focused on Section 702 of the Foreign Intelligence Surveillance Act, which allows authorisation for surveillance to be “conducted within the United States but targeting only non-US persons reasonably believed to be located outside of the United States.”
Whilst it was generally favourable to the US intelligence agencies and their activities, the report did make a series of recommendations. These included revising the NSA’s targeting procedures to include a set of criteria for determining the “foreign intelligence values” of a target and a written explanation for why a target has been selected and what information surveillance is likely to return. Perhaps the most interesting section concerns efforts aimed at improving accountability and transparency within the US intelligence community.
The Government’s top counter-terrorism official has been forced to reveal the Government’s secret policy which allows for the mass surveillance of every Facebook, Twitter, YouTube and Google user in the UK. It is the first time the Government has openly commented on how it thinks it can use the UK’s vague surveillance legal framework to indiscriminately intercept communications through its mass interception programme TEMPORA.
The information has been made public due to a legal challenge brought by Privacy International, Liberty, Amnesty International, the American Civil Liberties Union, the Pakistani organisation Bytes for All, and five other national civil liberties organisations. The legal challenge follows revelations made by Edward Snowden about the UK’s global digital surveillance activities. Charles Farr is the government’s key witness in the case, which will be heard by the Investigatory Powers Tribunal between 14 and 18 July 2014. You can read Privacy International’s arguments here.
Big Brother Watch, Open Rights Group, English PEN also have a case challenging the UK government’s surveillance of our data at the European Court of Human Rights. You can keep track of the progress of the case at the dedicated Privacy not Prism campaign site.
Today we have published our latest report, Traffic Spies, highlighting how hundreds of councils have turned to static CCTV cameras and spy cars to raise £312m in revenue.
Many councils are continuing to use CCTV to hand out fines, despite the government publishing a Surveillance Camera Code of Practice highlighting the need to use CCTV for traffic offences “sparingly”, this research highlights that the number of CCTV cars in operation in the UK has increased by 87% since 2009.
The question must therefore be asked, if CCTV cameras are about public safety, why are local authorities able to use them to raise revenue? Furthermore, why are local authorities publishing no meaningful information about their use of CCTV for parking enforcement? Read more
At the end of 2013, we wrote about the Government’s plans to ban CCTV parking cameras, meaning that only traffic wardens and police would be able to film vehicles breaking the law.
The Department for Transport and the Department for Communities and Local Government launched a consultation asking whether CCTV parking cameras should be banned, in reaction to many councils who, rather than focusing on specific parking infringements, have taken the brazen approach of using CCTV cars to indiscriminately spy on drivers.
This of course has not gone down well with the Local Government Association (LGA), who have announced that they oppose the Governments plans, saying that the ban will do little to reduce the number of tickets given to drivers breaking the law but would put schoolchildren at risk and worsen road safety. What is clear is that the LGA has stood back and said nothing whilst councils have stung motorists for more than £300 million in fines, highlighting that this is about money rather than safety.
April 7, 2014
Posted in CCDP, Civil Liberties, Communications Data Bill, GCHQ, Mastering the Internet, Online privacy, Police, Research and reports, Surveillance, Technology
Last November we launched our ‘Time for Transparency’ campaign, revealing new polling that showed 66% of people want more information about how surveillance powers are used, with 70% wanting companies like BT and EE to publish their own reports about the requests they receive, as companies like Google, Facebook and Microsoft now regularly release.
Today we are publishing a paper detailing further proposals to improve transparency, following wide ranging discussions with companies, regulators and political figures, as well as discussions with people in the United States. The paper outlines how the Interception of Communications Commissioner should publish a breakdown of how individual agencies use powers to access communications information – currently just one total figure is published – as well as calling for clarification about whether British companies are handing over data ‘in bulk’ on thousands or millions of customers.
Last year, the Guardian published an order under Section 215 of the PATRIOT Act made to Verizon, which made clear that the NSA was collecting details of phone calls made by American citizens not on a targeted basis, but in bulk.
We have a simple question – is the same happening here?
Appearing before the Home Affairs Select Committee on Tuesday, our Director raised this issue and revealed that BT had refused to deny that it hands over data in bulk:
“Late last night I received a letter from British Telecom refusing to deny that they are handing over information in bulk on thousands or millions of British citizens and that mirrors a refusal to deny the same situation in a parliamentary answer received by Mr Davis.”
“My concerns is that there is the activity going on under the Telecommunications Act that is unsupervised and that is why BT cannot publicly refuse that they are handing over information in bulk.”
At a time when the UK is already lagging behind the US in terms of an effective debate on surveillance transparency a phone call between Mark Zuckerberg and Barack Obama has served to further reinforce these differences.
In a post on the social media site the Facebook founder revealed that he had called the President to register his “frustration” over the US Government’s surveillance programme. He went on to argue that intelligence agencies “need to be more transparent about what they’re doing, or otherwise people will believe the worst”.
This intervention comes after a letter from eight leading technology companies, including Facebook and Microsoft, was published in December. The letter, which was welcomed by Big Brother Watch, called for governments around the world to introduce surveillance reforms. In January President Obama admitted that the work to introduce such reforms “has just begun”. He went on to acknowledge that the practice of maintaining databases of information relating to the records of communications such as phone calls held the “potential for abuse”.
If GCHQ or any other agency is obtaining mobile phone data through the Dishfire programme without a RIPA notice, that is circumventing British law.
The statements made have sought to only address questions about content being accessed, not metadata. This confusion should be urgently addressed.
Under UK law, if an agency or police force want access to details of who you have texted, where you were when you sent or received a text or the dates and times of your text massages they can obtain it from your phone company. The Regulation of Investigatory Powers Act (RIPA) provides for this. Such powers relate to obtaining communications (or meta) data and not content. Acquiring content requires a warrant from a Secretary of State.