LA Times 4/6/2000: "British Government Wants to Play Online Big Brother"
Caspar Bowden
cb at fipr.org
Mon, 5 Jun 2000 13:24:24 +0100
http://www.latimes.com/news/nation/20000604/t000052944.html
British Government Wants to Play Online Big Brother
By MARJORIE MILLER, Times Staff Writer
LONDON--Big Brother is not only watching Britons, soon he may be
demanding their computer passwords and perusing their e-mail from a new,
$40-million cyber-surveillance center in the headquarters of the MI5
domestic spy agency.
Under a bill making its way through Parliament, the government would
have the right to monitor all online activities--some of them without a
warrant.
And Internet users who failed to comply with government orders to
provide a password or encryption key would face two years in prison, unless
they could prove that they no longer had the information.
The Labor government says these new powers are needed to combat
high-tech criminals using global computer networks to engage in terrorism,
drug-trafficking and pedophilia. But civil libertarians, business leaders
and even some members of the Conservative opposition say the proposed
legislation is too sweeping.
"This goes way beyond what any other country in the world has proposed
with the exception of Russia," said Caspar Bowden, director of the
Foundation for Information Policy Research.
"With this, any public authority would have the ability to sit on the
shoulder of anyone who goes Web surfing to see what they are viewing or who
they are e-mailing," Bowden said.
Britain is already one of the most closely monitored societies in the
Western world, with an estimated 1 million to 1.5 million closed-circuit
television cameras in operation--a per capita density about 12 times higher
than in the United States. Authorities say this has helped them track down
the likes of Irish Republican Army bombers and a lone assailant who set off
fatal explosions in the capital last year, but civil rights activists say it
also means that a visitor touring Central London for a day is apt to be
recorded on about 600 cameras.
In 1998, Home Secretary Jack Straw authorized more
wiretaps--1,646--than any of his predecessors had in a single year. But
Straw believes that photography and traditional wiretaps are not sufficient
for modern-day crime fighting. The Regulation of Investigatory Powers Bill,
put forward by his office and expected to become law this year, would allow
the government to keep pace with technology.
Under the bill, Internet service providers would have to establish
secure channels to transmit information about Internet traffic to the
government cyber facility, which will have the Orwellian title of Government
Technical Assistance Center. The GTAC is under construction in the fortified
MI5 headquarters on the Thames River.
The bill would give a wide range of police and government officials the
right to monitor "data communications" with Home Office authorization--and
not a warrant--which means that they could look at lists of the e-mail
addresses and Web sites that a user was visiting. A warrant would be
required to read the contents of electronic communications.
The government points out that this is similar to the rules for
wiretapping, where a warrant is not required to secure lists of telephone
numbers called but is needed to listen in on conversations. Officials say
the bill protects individual rights by setting out strict conditions under
which the authorities could demand encryption keys.
Bowden argues that even a list of Web sites gives officials access to
content, which could lead to government abuses. With online shopping and
banking and interactive television, "a trail of Web browsing could provide a
very complete picture of your life," he said. "You talk to a few dodgy
people, visit insalubrious Web sites, and it trips a flag and becomes the
basis for obtaining a warrant. That's a Big Brother situation."
Civil libertarians say the legislation violates the basic principle of
presumed innocence by requiring individuals and companies to prove that they
cannot produce encryption keys when that is the case.
Home Office Minister Charles Clarke, who is responsible for the new
legislation, denied charges that it reverses the burden of proof. Speaking
to a House of Commons committee earlier this year, he said "a person who has
been shown beyond reasonable doubt to have had the key in his possession is
presumed still to have that key unless it can be shown on the balance of
probabilities that he no longer has it."
What about a forgotten password?
"Precisely because forgetting a password is such a reasonable thing to
do, it is rare that there are no contingency
arrangements for such an eventuality," Clarke said.
Internet service providers say they are worried that the proposed law
would put an undue financial burden on the industry. They say it would also
give too many officials--from police to local government--access to private
information, while preventing the providers from informing their clients
that private information had been sought.
The Confederation of British Industry and other business groups are
asking that the government agree to compensate providers in the event that
the GTAC got information from them and it wound up being leaked. It seems
certain that they would face lawsuits in such cases.
Conservative members of Parliament, meanwhile, say they fear the strict
rules would scare financial institutions and other businesses away from
Britain.
"If companies feel their data is no longer as secure within the U.K.,
they will go where the law allows the greatest security of their
information," said Tory member of Parliament Ian Bruce.
The law has passed through the House of Commons, but it faces the
scrutiny of a House of Lords standing committee next week, when, Bruce said,
the Tories hope to address some of the concerns of business and civil
liberties groups. If no compromise is reached, the Lords could delay passage
through the legislative year, which ends in July.