August 04, 2006 | Glyn Wintle

ID card - Inconsistent approach to scientific evidence

The Select Committee on Science and Technology recently published a report entitled Identity Card Technologies: Scientific Advice, Risk and Evidence. Many quotable phrases from this report reflect what NO2ID have been saying about the ID card scheme. We are disappointed that two years after the Home Affairs Committee inquiry into identity cards the problems regarding clarity have not been resolved. We urge the Home Office to address these issues immediately. (Para 47), confusion ... inconsistent use of it as evidence (Para 88), We are surprised and concerned that the Home Office has already chosen the biometrics that it intends to use before finishing the process of gathering evidence. (Para 93), We are sceptical about the validity of costs produced at this early stage. (Para 105), It is important that the impact of a politically-imposed deadline will not override the impact of scientific advice or evidence on the readiness of the scheme and we seek reassurance from the Government on this point. (Para 120), an inconsistent approach to scientific advice and evidence. (Para 144),

We have also identified weaknesses in the use of scientific advice and evidence. We are disappointed with the lack of transparency surrounding the incorporation of scientific advice, the procurement process and the ICT system. Potential suppliers are confused about the extent to which the scheme will be prescriptive and when technical specifications will be released. Whilst the Home Office has attempted to consult the wider community, stakeholders have complained that consultations have been unduly limited in scope and their objectives have been unclear. As a result, the wider community does not have the level of confidence in the scheme that could reasonably be expected at this stage. Whilst the Home Office has determined some aspects of the scheme such as the biometrics, it has left other aspects such as the structure of the database undetermined. Its decisions demonstrate an inconsistent approach to scientific evidence and we are concerned that choices regarding biometric technology have preceded trials. Given that extensive trialling is still to take place, we are sceptical about the validity of costs produced at this stage. We note the danger of cost ceilings driving the choice of technology and call for the Home Office to publish a breakdown of the technology costs following the procurement process.

Select Committee on Science and Technology - Sixth Report - Summary

As always the place to go for the full story on the ID Cards and the database state is NO2ID

[Read more]

August 04, 2006 | Michael Holloway

Next ORG networking event - 14th August

Scrambling for Safety 8 is taking place on the 14th August at University College, London, where the focus will be on the Home Office's access to keys and communications data code of practice consultations.

Those unable to make the main event are invited to the Jeremy Bentham pub on University St., WC1, to join attendees and speakers from the conference. We'll have a room in the pub from 1730 til close.

Hope to see you there.

[Read more] (1 comments)

August 01, 2006 | Glyn Wintle

Content Online Consultation

The European Commission have launched a consultation titled "Content Online". Topics that are asked about include DRM, network neutrality, privacy online, lack of interoperability, protection of public interests, competitiveness, P2P and piracy. Input to this consultation will help shape a Commission Communication on Content Online, due to be adopted at the end of the year. The deadline for replies is 13 October 2006.

As always ORG has a wiki page that we are encouraging people to edit Public Consultation on Content Online in the Single Market.

[Read more]

July 29, 2006 | Glyn Wintle

Personal Internet Security

The House of Lords Science and Technology Committee has established a Sub-Committee, under the Chairmanship of the Lord Broers, to examine Personal Internet Security in the UK. A call for evidence and a press release were issued today.

Areas the Committee will consider include:

  • What is the nature of the security threat to private individuals and what is the scale of the problem?

  • How well do the public understand the nature of the threat they face?

  • What can be done to provide greater personal internet security?

  • How much does this depend on software and hardware manufacturers?

  • Is the regulatory framework for internet services adequate?

  • How well equipped is Government to combat cyber crime?

  • Is the legislative framework in UK criminal law adequate to meet this growing challenge?

If you would like participate but don't feel like witting a full response by your self, ORG has a wiki page that we are encouraging people to edit Personal Internet Security Consultation.

[Read more] (1 comments)

July 27, 2006 | Glyn Wintle

Tapping VoIP

We have seen attempts to add more legislation to voice over IP in America so I guess it was only a matter of time.

"The Guardian has learned that police and security agencies have been lobbying ministers and senior officials, expressing fears about the potential for voice-over-internet-protocol technologies to hide a caller's identity. Their aim? To get VoIP providers to monitor calls and find ways to identify who is calling whom - and even record them."

Lifting the veil on internet voices - The Guardian

The proposed requirement for all VoIP services to have to provide 999 services would kill any free VoIP service, unless the government is offering to cover the costs. If they want to log and trace VoIP why not Instant Messages? If they want to log and trace IM then what about email… (You get the idea)

[Read more] (4 comments)

July 27, 2006 | Glyn Wintle

Consultation on penalties for breaching the DPA

Baroness Ashton has published a consultation paper on proposed custodial penalties for breaches of Section 55 of the Data Protection Act 1998, which deals with unlawful obtaining of personal data. The main questions asked are should the maximum fine be raised? and is a jail sentence of up to 2 years the right length?.

“I have today published a consultation paper on proposed custodial penalties for breaches of Section 55 of the Data Protection Act 1998. In an environment where concerns about identity fraud are growing and where the widespread use and exchange of data are increasingly important to the economy and to society as a whole, it is essential for people to be confident that their personal data will not be wilfully or recklessly abused. We are determined that the regulatory regime properly reflects the risks that come with greater data use. The aim of this proposal is to provide an appropriate and effective level of deterrent for those who seek to profit from the illegal trade in personal information. We welcome the recent report by the Information Commissioner, What price privacy? The unlawful trade in confidential personal information, which has been an extremely valuable contribution on this issue and we are responding positively to the report's recommendations. We are seeking views on whether the proposed sanctions would act as an effective deterrent to those who deliberately or recklessly misuse personal information. Copies have been placed in the Printed Paper Office, Vote Office and Libraries of both Houses."

Baroness Ashton of Upholland (Parliamentary Under-Secretary, Department for Constitutional Affairs)Office

The questions are non-technical and easy for anyone to understand. If you would like participate, ORG has a wiki page that we are encouraging people to edit Data Protection Act Consultation.

[Read more]

July 21, 2006 | Glyn Wintle

Public meeting on RIPA consultations

The Regulation of Investigatory Powers Act Part III gives law enforcement the power to serve notices requiring that encrypted material be "put into an intelligible form" (or as everyone else would say, decrypted). Under some circumstances the notices can require that encryption keys are handed over. At present Part III is not in force, but the Home Office are consulting on a Code of Practice for its operation and it must be expected to come into force in early 2007.

The eighth Scrambling for Safety meeting on the Home Office's access to keys and communications data code of practice consultations is being held from 2-5pm on Monday 14 August 2006, at the Gustave Tuck Lecture Theatre, South Wing, UCL, Gower St, London WC1 [campus map].

Admission is free but space is limited, so if you wish to attend please subscribe to the meeting mailing list. Please e-mail with requests for any other information.

The agenda as follows:

1400WelcomeDr Ian Brown, UCL Computer Science
1405The Home Office consultationsSimon Watkin, Home Office
1420Government access to communications dataDr Richard Clayton, Cambridge University Computer Laboratory
1435Government access to decryption keysCaspar Bowden, ex-director, FIPR
1505Risks to safety and securityDr Brian Gladman, MoD and NATO (retired)
1520Errors of judgment and integrity in presenting computer-based evidenceDuncan Campbell, expert witness and investigative journalist
1545Parliamentary scrutiny of RIPA and its OrdersThe Earl of Erroll, House of Lords (crossbencher)
1615Compatibility with human rights lawProf. Douwe Korff, London Metropolitan University
1630Do the police need longer detention periods to investigate encrypted evidence?Prof. Ross Anderson, Cambridge University Computer Laboratory
1645The changing public mood on privacyLord Phillips of Sudbury, House of Lords (Liberal Democrat)
1655Questions and conclusionsSimon Davies, Privacy International and LSE

Useful background information is at Privacy International's wiretap page and FIPR's "Surveillance and security" pages.

[Read more]

July 18, 2006 | Glyn Wintle

Danny O'Brien at the Drunken Brunch

Last Sunday saw the latest edition of the London Copyfighter's Drunken Brunch & Talking Shop. Led by our founding pledger, the EFF's Danny O' Brien, we had a great turnout, including many new faces tempted by the irresistible combination of sunshine, mixed drinks and heated IPR debate.

Danny O'Brien opens proceedings (photo by Yoz) Danny O'Brien opens proceedings (photo by Yoz)

For readers not yet acquainted with Copyfighters, the big idea is to sink a few swift halves before heading to Speaker's Corner for a good old-fashioned bellow on any topic relating to digital rights. It's a chance to hone your public-speaking skills as well as chat with other activists, and also see some of speakers corners more interesting characters. Our rants this time around ranged from the music industry's proposal for a new tax on ISPs, to ID cards, to useless MP3 players.

Photos of the glorious day are up on Flickr, from Yoz and Dave, plus there's a new London Copyfighters Flickr group you can join and add your pics to.

Details of next month's Copyfighters will be announced soon.

[Read more]