DRIP - UK Data Retention and Investigatory Powers Bill
Peter Fairbrother
zenadsl6186 at zen.co.uk
Sat Jul 12 16:54:56 BST 2014
On 12/07/14 15:06, Peter Sommer wrote:
>
> Very useful analysis in a blog by Graham Smith as "Cyberleagle":
>
> http://cyberleagle.blogspot.co.uk/2014/07/dissecting-emergency-data-retention-and.html
>
>
>
> Peter Sommer
>
Three points: first, I don't think he makes enough of the redefinition
of "communications service" in clause 5 - which as far as I can see
includes eg an advertising agency whose service includes creation and
management of communications (advertisements) to be transmitted by a
telecomms system:
Or Google ads, for that matter.
Or a web page designer. Or a million more people.
I don't know whether that is deliberate power grab or just sloppy
drafting - but it really cannot be allowed to stand.
Second, ss.1(6)(b) gives the Secretary of State a new power to regulate
disclosure of retained data in a manner entirely apart from RIPA.
Now he already has some powers to regulate disclosure under RIPA and
other legislation, so why does he need more? This is a new power,
without the limitations in RIPA, and does not replace any power in the
2009 regulations.
Third, under ss.1(7) and ss.1(4)(d) the Secretary of State can regulate
data retained under the ACTSA regime, and how it can be disclosed, in
any way he likes - without time limit, or limits as to who or when it
may be disclosed.
As far as I can tell, this would include weblogs - there does not seem
to be any limitations as to types of data to be retained here, as it
does not only cover "relevant" data.
Again, a new power, not replacing an existing one which is to be removed.
But apart from those points, I think Graham Smith's analysis is pretty
good stuff.
-- Peter Fairbrother
More information about the ukcrypto
mailing list