<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<br>
<div class="moz-cite-prefix">On 23/05/2013 15:31, Roland Perry
wrote:<br>
</div>
<blockquote cite="mid:zLQFA1CyginRFAQv@perry.co.uk" type="cite"><br>
Briefly, the issue is that when it's really important (for example
an estranged father rings his ex-wife to say he's committing
suicide and taking the children with him, now) then court orders
are too slow.
<br>
<br>
And if every request required the police and the telco to
physically attend court (which is likely to be some distance from
the telco's HQ) and then be required to respond to a non-urgent
request in a week rather than a month, then the costs would spiral
out of control (for all parties involved).
<br>
<br>
</blockquote>
<br>
Well, that's a good summary of the argument, but not actually a good
reason, and it's not actually what happens. <br>
<br>
It's not what happens because the vast majority of such requests are
for things which could perfectly well have waited to the next
working day and been dealt with in bulk.<br>
<br>
It's not a good reason firstly because there is no technical reason
why a court order has to be slow. IANAL, but AFAIK a court order or
warrant can be given by telephone, fax or email if need be - I don't
believe there is any legal requirement for the judge to be in the
same room as the petitioner - and if there is, why not just change
that rule for emergencies?<br>
<br>
Even if it was the case that court orders are too slow, there is no
reason not to have a post-request review requirement like the US
Federal FISA courts.<br>
<br>
It is impossible to avoid the conclusion that the reason for
removing review altogether (as opposed to having an emergency
procedure plus a post-request review) is because the authorities
intend to vastly expand the volume of such requests they make.<br>
<br>
<br>
<blockquote cite="mid:zLQFA1CyginRFAQv@perry.co.uk" type="cite">
<blockquote type="cite">(Hmm - a while ago I called 999 about a
fire, and the operator asked if I was calling from <my
address>, which I had not told her - do they pay for that RDQ
service? Is it different from investigative RDQs? I can't
imagine there is a SPOC involved for a 999 call.)
<br>
</blockquote>
<br>
The emergency services are allowed to know where people are
calling from (including mobiles, which is why so many these days
have GPS because that's a USA requirement). Perhaps you'd rather
wait for them to get a court order??
<br>
</blockquote>
Well the EU have recently mandated that from (2014 I think or maybe
2016?) all new cars sold in the EU must have both GPS and mobile
network connectivity so that in the event of an accident they can
automatically summon the emergency services, just in case the
occupants are unable to.<br>
<br>
Of course to make a difference all of the following would have to be
true:<br>
a) the occupants are so badly injured that they are unable to summon
help.<br>
b) they are in too remote an area to encounter passers-by who can
summon help<br>
c) yet paradoxically they close enough to urban centres that the
emergency services can arrive before they die of their injuries.<br>
<br>
It is obvious that while this could happen, it will occur a most few
times in any given year in the entire EU, and shave a fraction of a
percentage point off the road accident death rate. And for this
benefit we are about to give the authorities the ability to access
to a complete history of every journey we make, as soon as they
decide that we need a firmware upgrade to, e.g. "better plan the
transport system" or "implement a personal carbon ration", or
whatever excuse they think they can slide past us. (c.f. access to
NHS data sicut nunc).<br>
<br>
If it saves a single life it <i>isn't </i>worth it. <br>
<br>
If the police are able to persuade the telco that it is an
emergency, then there is an exception in the DPA for that, and the
telco will no doubt want to follow up as to the end result as part
of their ISO27001 controls. If they cannot persuade the telco, then
*Yes* they should get a court order. If it is so urgent, then it is
urgent enough to wake up a judge.<br>
<br>
Cheers!<br>
Ben<br>
</body>
</html>