call +44 20 7096 1079
July 18, 2012 | Jim Killock

Snooper's Charter: a Bill without a proposal

Yesterday’s hearings on the proposed Communications Data Bill provided for some hilarity, as Professor Glees laid into the “civil liberties lobby” and made quite outrageous claims for the need for increased surveillance to reduce criminality.

He made a very weak case. Which seems comforting: but Professor Glees is not the government, nor Charles Farr.

The signs are that the Home Office is gearing up to bolster their arguments, starting with calls to gather evidence for the “business case” for new data gathering, mentioned by the police in their evidence session.

While constructing the business case after you propose legislation ought to worry the committee, for us, the lack of detail surrounding the proposals is highly worrying. Julian Huppert today said that he was declined access to draft orders, which would contain more information. Big Brother Watch were declined information about the costs and analysis breakdowns, which we have also requested.

How is committee meant to scrutinize a proposal that has not been properly published?

The committee’s debate has been encouraging. We have managed to advance the idea of notification of people after they have been investigated; the need for independent supervision has also been properly discussed. Most commentators have assumed that the scheme will aim at creating data mining capabilities.

The questions over capability, data mining and the consequences of collection are harder to articulate. We reminded the Committee about China hacking Google via police back doors; and Vodaphone Greece being hacked via law enforcement back doors by an unknown government.

Data, once created, poses a risk. It is interesting to criminal gangs and foreign governments, as well as law enforcement. Law enforcement is not entitled to put the whole population at risk because of its own needs, especially when these can be met in other ways.

Hopefully the risks will be discussed in more detail in the technical sessions, now planned for 4 September.

However, all of us worried by this Bill do need to know more about what this supposed reduction of data really is about. Is it law enforcement having investigatory problems, and lacking expertis in finding the relevant data? Is it that some companies have good data minimization policies? We need to know, in order to help the Committee understand the real options available.

 

google plusdeliciousdiggfacebookgooglelinkedinstumbleupontwitteremail


Comments (2)

  1. Pete:
    Jul 18, 2012 at 01:46 PM

    You could have highlighted the BT/Phorm affair, and the illegal interception of telecommunications by Russian/Turkish/American/Greek malware pushers.

    Or Vodafone and 3UK's efforts to relay private/confidential UK telecommunications to Bluecoat in Calfornia, and the resulting replay attacks?

    Or TalkTalk's covert trials (and ongoing use) of Huawei technology to divert private/confidential UK telecoms to China for 'analysis'?

    Why would you need to rely on examples of illegal & unauthorised surveillance from Greece or America, when there are so many closer to home?

  2. Jim Killock:
    Jul 18, 2012 at 02:00 PM

    Hi Pete, we chose these examples because they are to do with law enforcement "back doors" being abused by foreign governments. Since the Home Office are proposing something like back doors, it's important to highlight where such systems have gone wrong. The assumption is that security services and ISPs will be able to secure the data, but this clearly doesn't always work.



This thread has been closed from taking new comments.