Government faces fight from within for spy database – Times Online: “From The Sunday Times, October 19, 2008

A Home Office revolt is stalling a plan to store our e-mails and calls but a more sinister one may take its place

David Leppard

Jacqui Smith, the home secretary, faces a revolt from her senior officials over plans to build a central database holding information on every telephone call, e-mail and internet visit made in the UK.

A ‘significant body of Home Office officials dealing with serious and organised crime’ are privately lobbying against the plans, a leaked memo has revealed.

They believe the proposals are ‘impractical, disproportionate, politically unattractive and possibly unlawful from a human rights perspective’, the memo says.

Their stance puts them at loggerheads with the spy-masters at GCHQ, the government’s eavesdropping centre in Cheltenham, who have been driving through the plans. “

The Home Office rebels appear to have forced Smith to stall plans to announce a bill in the Queen’s speech authorising the database. She has instead ordered her officials to review the proposals.

This weekend a top law enforcement body further dented the government’s case for the database. Jack Wraith, of the data communications group of the Association of Chief Police Officers, described the plans as “mission creep”. He said there was an “inherent fear” of the data falling into the wrong hands.

“If someone’s got enough personal data on you and they don’t afford it the right protection and that data falls into the wrong hands, then it becomes a threat to you,” he said.

Smith is already studying less explosive but equally effective alternatives. One option involves a system based on sending automated requests to databases already held by telephone and internet firms.

Privacy campaigners believe the proposals form part of a “pentagon” of five huge databases, all linked together in real time to create the ultimate surveillance society.

This would include compulsory registration of all Britain’s 72m mobile phones, more than 40m of which are prepaid. Terrorists and criminals prefer to hide behind the anonymity of prepaid phones, so a communications database needs to include accurate details of prepaid subscriber details.

The Home Office yesterday declined to comment on the plans. But the office of Richard Thomas, the information commissioner, said it expects this register to be included in the database proposed in the draft communications data bill.

Vodafone is believed to be one of the mobile phone firms now drawing up plans for compulsory customer registration. Such a system, already used in Europe, would require a passport or ID to register a phone.

Phones can be located to within a few yards using cell site analysis – which tracks mobile phone users as they move from one signalling area to the next.

The system would then link with the automatic number plate recognition (ANPR) system of traffic cameras, which provides live coverage of motor-ways and main roads. It, in turn, is linked to the DVLA in Swansea which holds the records of all registered vehicles in the country.

By monitoring a single telephone call it would be possible to identify exactly where its user was and the registration number of the car in which he or she was travelling. This car could then be found within seconds by the ANPR cameras and tracked along its journey.

Simon Davies, of Privacy International, said: “If you can do this in real time, with all the databases being interoperable, you have absolute perfect surveillance.”

The plans for a communications database are equally intrusive. At their heart is a massive extension in an existing network of black boxes plugged into the internet. They intercept data on the web and extract information to be routed into computers held by MI5 and GCHQ, if required.

Little is known about the extent of the system, but sources say that last year GCHQ was given £1 billion to extend it. Total costs for the project are estimated to be as high as £12 billion.

Advocates of the database say terrorists are stateless and highly mobile and their communications are hard to detect among the billions of pieces of data on the internet. Last year about 14% of all calls were made over the internet, prompting police to complain that they are losing the ability to track calls.

Unlike telephone companies, which must keep data for billing, internet call firms such as Skype have no reason to keep the records.

A European Union directive introduced after the London and Madrid terror attacks compels service providers to keep all telephone and e-mail data for two years.This requirement will be extended to cover websites in March. But it does not include calls via the internet. Anyway, call and e-mail data is held separately in hundreds of company databases.

Opponents fear the cost and ethical implications of a central database are too great.

Liberty, the civil rights group, has said that it will mount a legal challenge.

Lord Carlile, the independent reviewer of terrorist legislation, said the idea was “awful”.