April 03, 2012 | Jim Killock

Surveillance CCDP plans: the key questions

ORG has been following the CCDP plans for two years, as they have crept up through policy papers, government statements and budget plans. Consistently, but ineffectively, the government has tried to deny that the plans are problematic.

However, we do believe the plans may be changing in significant ways. There is a probable shift to asking Internet service companies like Google for swift access, rather than collecting all of the data through ISPs.

Let’s examine some of the key questions. (See PI's blog and FAQ as well)

1 Lack of warrants for communications data

Communications data in the UK is produced through authorized requests by trained police officers. No judge, court or warrant is required. Traditionally, the claim has been that “communications data” is pretty trivial. But as more and more data amasses, it is actually very intrusive and highly revealing.

Don’t be fooled. The current system of simple police self-authorized requests is very poor, and new access to more data demands higher safeguards: that is, going through a court.

2 “We’re just maintaining capacity”

This is the extraordinary claim that the security services are making. That much more of our lives are online, that this information maps our whole histories and social lives, that this is different from a record of phone call we made seems to be evading the security services.

Requests for communications data now represents a very high level of surveillance, and as such should be governed by courts, not the police, and certainly should not be available through automated systems.

3 Will the government go to Facebook and Google directly, in “real time”?

Increasingly, it seems that the plans are changing, so that the government will go to the companies to get the data from them, maybe in “real time”. Thus, with even lower barriers, huge amounts of data could be given to police from extremely detailed social maps that we have voluntarily created.

In the USA, Google and Facebook are campaigning for much tighter controls than the judicial authorizations that are already required. Do their UK customers really deserve less protection?

4 What about encryption?

Nobody yet has suggested that the government breaks encryption to read the communications data they claim to want access to. Yet that is the logic of the path they are suggesting, especially as sites will be very keen to encrypt if the government is reading the traffic. Encryption is a vital tool for commerce and business

5 Will it work?

Nobody really seems to think it will work. The need to investigate real offences of course could be dealt with through the courts. But gathering masses of data, or making it extremely accessible, seems to introduce risks without real benefits.

6 What about trust? And the economy?

The priority of this government is economic growth. The Internet economy is actually growing. Yet it depends on trust. Declaring a surveillance culture to be integral to the Internet will keep people away from the Internet and undermine our trust. if the government seeks to break encryption, this will be even more dangerous, as banking and other information could be made vulnerable.

But even more than that, the £2bn price tag, which will almost certainly prove to be too little, is money that will not contribute to economic growth. Investing in mass surveillance tools will not deliver growth, and will not tackle crime.

Comments (5)

  1. Rob8urcakes:
    Apr 03, 2012 at 10:24 AM

    It's suggested by "ineluctable2u" at http://www.independent.co.uk/opinion/leading-articles/leading-article-a-dangerous-erosion-of-individual-liberty-7609030.html#comment-484254143 that these proposals to create new domestic law in the UK is required by the evil, undemocratic European Commission's Data Retention Directive 2002/58 EC

    Whether or not that's accurate, the fact remains that IMHO any such law will be in direct breach of Articles 12 and 2 of our hard fought-for United Nations' Universal Declaration of Human Rights (UNUDHR) that was put in place to protect us from a move by Nation-States towards the fascism we defeated in War and paid for by the lives of our recent relatives.

    Please note that the UK is indeed a signatory to the UNUDHR and, as such, all concerned organisation such as our Information Commissioner MUST lodge a formal complaint against the UK to the appropriate UN body for being in breach of our treaty obligations.

    Article 12 states -
    "No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks."

    Article 2 states -
    "Everyone is entitled to all the rights and freedoms set forth in this Declaration, without distinction of any kind, such as race, colour, sex, language, religion, political or other opinion, national or social origin, property, birth or other status. Furthermore, no distinction shall be made on the basis of the political, jurisdictional or international status of the country or territory to which a person belongs, whether it be independent, trust, non-self-governing or under any other limitation of sovereignty."

    And the whole document may be viewed here -

  2. john:
    Apr 03, 2012 at 10:51 AM

    When the ECHR are scrapped by the government then you will have less of a private life.

  3. Simon Hopkins:
    Apr 03, 2012 at 12:09 PM

    Surely public surveillance will simply drive those with something to hide underground?

    It's a simple matter to securely conceal the real sender of an email, if you have email server access (proxy email sender), the recipient could know who it really came from, which could leave the security services chasing shadows with regard to who really sent the offending email, the reply could similarly be secure.

    Online Proxy Browsers similarly hide websites being viewed.

    Isn't this really a waste of resources for no real benefit to security?

  4. Andy:
    Apr 11, 2012 at 11:30 AM

    The argument 'if you have nothing to hide you have nothing to fear' is a false premise designed to put people off their guard. It presupposes that the government are all good never doing any wrong. No government is or ever will be 'good' because of the corrupting nature of power, and there is certainly evidence of this in our government.

    The statement also presupposes that 'having something to hide' equates to criminal activity - it does not. I do not want my views and opinions over time to be collated into some inaccurate whole, and then used as judgement or reasons for unwarranted intrusion by all powerful local authorities.

    This is what we all need to hide, our freedom of speech without the words we communicate being taken out of context by an undemocratic and unaccountable authorities which are then used to justify their intrusion into our personal lives. The question is how long will it be before someone comes knocking at our doors or we lose our internet connections because we have written some objection to some government policy (such as this one) that they, or some invisible bureaucrat, feels is inappropriate?

  5. abi:
    Apr 11, 2012 at 02:25 PM

    @ Andy - how very right you are in your comment. In fact I couldn't have put it better if I tried. The only addition I could make is that once a person finds themselves within the clutches of said all powerful local authority, that person will find it nigh impossible to extricate themselves, finding those at the local authority performing judge, jury and executioner through a myriad of actions justified by paper policies and procedures.