Striking the Right Balance between Privacy and Public Protection

Watkin Simon Simon.Watkin@homeoffice.gsi.gov.uk
Wed, 16 Oct 2002 13:59:00 +0100 

In June, the list followed closely the fate of the draft Regulation of
Investigatory Powers (Communications Data: Additional Public Authorities)
Order 2002.  When the Home Secretary announced the withdrawal of the Order
on 18 June [1] he undertook to consult widely about how to implement the
RIPA provisions for regulated access to communications data by public
authorities.  He also called for a wider public debate about how to strike
the balance between, on one hand, respect for the privacy of individuals,
and, on the other, the public interest in public protection and preventing
and detecting crime.

The existence of the balance is, I think, widely acknowledged - and often
spoken and written about - but the forces that act on it and cause it to
move either way in favour of intrusion into privacy in the public interest,
for the purposes of crime detection or public safety, or in favour of
asserting and protecting privacy rights, are less clear.  Achieving a broad
consensus about how the balance should be struck and when it should move one
way or the other is something I would like to explore - whether in relation
to the issue of access to communications data in particular, or in respect
of interaction with technologies in general which may create potential for
intrusions into privacy by those tasked with investigating crime and
protecting the public.

There seems to be a contradiction between the public's expectation of their
own individual privacy (albeit that some "16 million people have voluntarily
returned ... lifestyle and consumer shopping surveys that drop through
letterboxes")[2] and their expectation of lawful regulated intrusion into
the privacy of those acting contrary to the public interest.  But which
actors? Murderers?  Drug traffickers?  Paedophiles?  Insider Dealers?
Operators of unseaworthy vessels?  Polluters?  Fly tippers? And contrary to
what interests? Reducing serious crime? Less serious crime?  Public health?
Environmental protection?  Trading Standards?  Public safety?
 
What about rogue gas fitters, whose customers are left with potentially
lethal gas installations but who can be traced only from the fitter's phone
records?  What about suppliers of food unfit for human consumption whose
customers can only be traced from communications data?  What about habitual
hoaxers who call emergency services using mobile phones used for no other
purpose?         

Where the balance should rightly lie, at any time in any set of
circumstances, is far from clear cut.  Our aim is to secure the widest
consensus about:
- how the balance should operate and when, in any given situation, the need
for intrusion is clear and would be proportionate (and equally where it
might be considered unnecessary and excessive);
- how the processes for authorisation and oversight, and for redress and
sanctions if (when) abuse of power occurs, should operate;
- how personal information will be used, stored and destroyed and
- how the public can know how and in what circumstances their privacy can be
at risk in the interest of public protection and public safety.

I hope this is not too off topic: the discussion on the list in June
suggests it isn't.  I haven't begun to go into how the application and
development of privacy enhancing technologies impacts upon the balance of
privacy and public safety.  

I would welcome views on how to answer and unravel some of these issues, and
if I can respond to any points of detail about what we were trying to do in
June I shall do.  I know that at least one member of the list looked forward
to the Home Office putting in an appearance again, adding "Hopefully they
will be less arrogant than they were last time.   If they have nothing to
hide then they have nothing to fear from a full discussion".

I hope we can have that discussion. 

Simon Watkin
Home Office

[1]
http://www.nds.coi.gov.uk/coi/coipress.nsf/7709c1f0104c752080256bf400338394/
c0bde2541eaa9d4280256bf3005afdb0?OpenDocument
[2]  Guardian (7 September)


**********************************************************************
This email and any files transmitted with it are private and intended 
solely for the use of the individual or entity to whom they are addressed. 
If you have received this email in error please return it to the address 
it came from telling them it is not for you and then delete it from your system.

This email message has been swept for computer viruses.

**********************************************************************