Don't believe what you read in the papers
Richard Clayton
ukcrypto at chiark.greenend.org.uk
Sun, 5 Apr 2009 14:29:52 +0100
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
My comments are [ indented ] !
http://www.independent.co.uk/news/uk/home-news/personal-web-data-to-be-
stored-for-a-year-1662237.html
Personal web data to be stored for a year
New law forces service providers to record all your calls and emails
from Monday
By Robert Verkaik, Law editor; Saturday, 4 April 2009
The mobile calls, emails and website visits of every person in Britain
will be stored for a year under sweeping new powers which come into
force on Monday.
[
the obligation to store comms data for mobile calls has been in
force for 18 months; website visits do not need to be retained; and
the law only catches providers in the UK, so Hotmail, Gmail and
Yahoo! webmail users will not be affected.
]
Privacy campaigners warned last night that the information would be used
by the Government to create a giant "Big Brother" super-database
containing a map of everyone's private life.
[
I bet that the campaigners on Friday night were talking about IMP,
as indeed we see later in the piece
]
The new powers will, for the first time, place a legal duty on internet
companies to store private information, including email traffic and
website browsing histories.
[
the powers actually place a legal duty on the Secretary of State to
write to public communications providers; and that then gives rise
to a legal duty to store details of email traffic -- but not website
browsing histories
]
Although the new retention powers will not permit the storage of the
content of emails or phone calls it will show details such as IP
addresses, date, time and user telephone numbers. Under the terms of the
EU directive, the Home Office has written to leading internet service
providers and phone companies offering to compensate them for the costs
incurred in retaining the data for a year.
[
at last, something that's basically correct; albeit my understanding
from other journalists is that no letters have yet been posted!
]
A spokesman for the Internet Service Providers Association confirmed
that the leading ISPs had received written orders from the Home Office
setting out their obligations under the new rules.
[
so perhaps those other journalists asked the wrong people (they seem
to have been talking directly to ISP's not to ISPA, clearly a basic
error in technique!)
]
Phil Booth of the civil rights campaign group, NOID, said: "Inch by
inch, the Government's plans to map and monitor everyone's
communications are creeping into place. Today it's retention of data,
soon it'll be a giant database to suck it all up. And unless we speak
out and stop this, what used to be private -- details of your
relationships and personal interests -- will end up in the ever-widening
control of the stalker state."
[
"stalker state", nice one Phil!
]
Last week the The Independent reported that millions of Britons who use
social networking sites such as Facebook could soon have their every
move monitored by the Government and saved on a "Big Brother" database.
[
the Minister said in Parliament that he thought it would be a good
idea; I don't think that counts as "soon" in the real world
]
Then ministers faced a civil liberties outcry over the plans, with
accusations of excessive snooping on the private lives of law-abiding
citizens. Others fear the risk of security breaches.
[
clearly we don't want Facebook pages being public!
]
"Quite clearly, this new legislation opens up a whole can of worms for
the ISPs when it comes to potential security implications," said Neil
Cook, a security expert with the internet data protection firm
Cloudmark.
[
the data to be retained has been routinely collected and stored for
a few weeks or months since the industry started. There are clearly
worms to be found in moving to new systems that will guarantee that
the data can be retained for a year (rather than best efforts
retained for much shorter periods), but security of the data at the
ISPs certainly isn't very high on my list of concerns.
]
The Government has twice postponed publication of a new data
communications Bill in which ministers will set out their plans for a
centrally controlled database. A Home Office spokesman said: "If we do
not make changes now to maintain existing capabilities, the law
enforcement, security and intelligence agencies will no longer be able
to use this data in the future."
He added: "It is the Government's priority to protect public safety and
national security. That is why we are completing the implementation of
this directive, which will bring the UK in line with our European
counterparts.
[
for a Directive that is supposed to create a level playing field
across Europe, it's actually been implemented in a remarkably
inconsistent way... and of course it looks like being found to be
unconstitutional in Germany
]
Communications data plays a vital part in a wide range of criminal
investigations. Without communications data, resolving crimes such as
the Rhys Jones murder would be very difficult if not impossible."
[
hmm... they've recently locked up Sean Mercer's mum for burning the
SIM card of a mobile phone, which apparently slowed them down; and
according to the Liverpool Daily Post:
<http://www.liverpooldailypost.co.uk/liverpool-news/rhys-
jones/2008/12/17/the-investigation-into-rhys-jones-murder-
92534-22494127/>
Police and the CPS say several key breakthroughs were paramount
in the case, including evidence gathered from listening probe
technology, the recovery of the murder weapon in September 2007
and the discovery of Mercer’s bike, with DNA linking him to it.
so though I'm not doubting that comms data can be very useful
indeed, this is a rather strange poster child for the technique :(
]
- --
richard Richard Clayton
They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. Benjamin Franklin
-----BEGIN PGP SIGNATURE-----
Version: PGPsdk version 1.7.1
iQA/AwUBSdiyUJoAxkTY1oPiEQIffQCfcYOs+qB/QFeJ87HsxMLm1AAFN4UAoPKa
AYJY55xuHrCJ4X5Veuj2sZ2q
=jJNJ
-----END PGP SIGNATURE-----