CyberLaw Blog

Archive for the ‘Data Retention’ Category

Wacky Jacqui’s £12bn gIMP could be unleashed by 2012: “

But ‘nothing decided’ on comms überdatabase, says Home Office

The government Interception Modernisation Programme (gIMP), a plan by spy chiefs to centrally collect details of every phone call, text, email and web browsing session of every UK resident, could be in place by 2012, according to a Home Office minister.…

“

(Via The Register - Public Sector.)

Data retention laws: what they mean for ISPs: “Under an anti-terrorism law passed after September 11 2001, details of every website visited, email sent and phone call made in the UK can be made available to authorities. For ISPs faced with storage and retrieval, it is cause for financial concern.”

(Via OUT-LAW News.)

Bigger databases increase risks, says watchdog

The proliferation of ever larger centralised databases is increasing the risk of people’s personal data being lost or abused, the government’s official privacy watchdog claims today.

The warning from the information commissioner, Richard Thomas, comes as he discloses that reported data losses have soared in the past year.

The number of data breaches - including lost laptops and memory sticks containing sensitive personal records - reported to him has risen to 277 since the loss of 25 million child benefit records was disclosed nearly a year ago.

The new figures show that the information commissioner has recently launched investigations into 30 of the most serious cases. The 277 breaches include 80 reported by the private sector, 75 within the NHS and other health bodies, 28 reported by central government, 26 by local authorities and 47 by the rest of the public sector.

‘It is alarming that despite high-profile data losses, the threat of enforcement action, a plethora of reports on data handling and clear information commission guidance, the flow of data breaches and sloppy information handling continues,’ Thomas says in a speech today.

His warning follows an admission yesterday by the home secretary, Jacqui Smith, that the technical work on creating a giant centralised database of all email, text, phone and web traffic will go ahead despite the fact that ministers have decided to delay the legislation needed to set it up and instead put the proposal out to consultation.

The information commissioner says that data losses have already led to fake credit card transactions, witnesses at risk of physical harm or intimidation, offenders at risk from vigilantes, falsified land registry records and mortgage fraud: ‘Addresses of service personnel, police and prison officers and battered women have also been exposed. Sometimes lives may be at risk.’

Thomas acknowledges that the rise in the number of breaches reported to him may be because of improved checks and audits as a welcome result of organisations taking data security more seriously.

He says: ‘More laptops have been encrypted and thousands of staff have been trained. But the number of breaches notified to us must still be well short of the total. How many PCs and laptops are junked with live data? How many staff do not tell their managers when they have lost a memory stick, laptop or disk?’

The information commissioner warns that as new technology is harnessed to collect vast amounts of personal information, the risks of it being abused increase: ‘It is time for the penny to drop. The more databases that are set up and the more information exchanged from one place to another, the greater the risk of something going wrong.

‘The more you centralise data collection, the greater the risk of multiple records going missing or wrong decisions about real people being made.’

His warning follows an admission yesterday by Jacqui Smith that the technical work on creating a giant centralised database of all email, text, phone and web traffic will go ahead, despite the fact that ministers have decided to delay the legislation needed to set it up and instead put the proposal out to consultation.

The home secretary yesterday defended the idea of a huge new database when she appeared before parliament’s human rights committee, telling MPs and peers that 95% of security and organised crime investigations since 2004 had made considerable use of communications data. ‘It is fundamentally important to ensure that convictions are secured. We face a fundamental change in the way that technology is going in relationship to communications data,’ she said, arguing that without such a database, one of the most important tools for law enforcement agencies was likely to be eroded.

Her insistence that the technical work in Whitehall - known as the interception modernisation programme - will continue while consultation takes place on the project next year follows criticism from the director of public prosecutions, Sir Ken Macdonald, who warned that the government was in danger of ‘breaking the back of freedom’ by the relentless pressure of a security state.

The home secretary refused to respond to the DPP’s criticism yesterday, apart from observing that he had not made such comments in cross-government talks on the project

(Via Latest news, sport, business, comment and reviews from the Guardian | guardian.co.uk.)

Top prosecutor warns against growing state power: “

Urges caution on new surveillance powers

The country’s most senior prosecutor has intervened in the gathering storm over the forthcoming Communications Data Bill by urging ‘legislative restraint’ in coming months.…

“

(Via The Register - Public Sector.)

Privacy watchdog calls Home Office plans threat to British way of life: “The Information Commissioner’s Office (ICO) has said that a single database of phone and internet usage records would undermine the ‘British way of life’. The privacy watchdog has said that it will scrutinise Government plans for storing that information.”

(Via OUT-LAW News.)

Advocate General rejects Ireland’s data retention objections: “The European Union’s Data Retention Directive was not procedurally flawed and should not be repealed, an Advocate General to the European Court of Justice (ECJ) has said. Ireland’s argument that the law was wrongly adopted has been rejected.”

The decision can be accessed here.

(Via OUT-LAW News.)

UK.gov looks for ‘consensus’ on PAYG phone registry: “

Voda leads opposition to mobe registry plan

The Home Office insisted today it had taken no decision on whether to force Britons to present photo ID when they buy a pay-as-you-go (PAYG) mobile phone.…

“

(Via The Register - Public Sector.)

Internet phone calls are crippling fight against terrorism - Times Online: “From The Times, October 16, 2008

Sean O’Neill and Richard Ford

The huge growth in internet telephone traffic is jeopardising the capability of police to investigate almost every type of crime, senior sources have told The Times.

As more and more phone calls are routed over the web – using software such as Skype – police are losing the ability to track who has called whom, from where and for how long.

The key difficulty facing police is that, unlike mobile phone companies, which retain call data for billing purposes, internet call companies have no reason to keep the material.

Jacqui Smith, the Home Secretary, outlined plans yesterday for a huge expansion of the Government’s capability to access data held by internet services, including social networking sites such as Facebook and Bebo, and gaming networks. “

(more…)

Government faces fight from within for spy database - Times Online: “From The Sunday Times, October 19, 2008

A Home Office revolt is stalling a plan to store our e-mails and calls but a more sinister one may take its place

David Leppard

Jacqui Smith, the home secretary, faces a revolt from her senior officials over plans to build a central database holding information on every telephone call, e-mail and internet visit made in the UK.

A ‘significant body of Home Office officials dealing with serious and organised crime’ are privately lobbying against the plans, a leaked memo has revealed.

They believe the proposals are ‘impractical, disproportionate, politically unattractive and possibly unlawful from a human rights perspective’, the memo says.

Their stance puts them at loggerheads with the spy-masters at GCHQ, the government’s eavesdropping centre in Cheltenham, who have been driving through the plans. “

(more…)

Passports will be needed to buy mobile phones - Times Online: “From The Sunday Times, October 19, 2008

David Leppard

Everyone who buys a mobile telephone will be forced to register their identity on a national database under government plans to extend massively the powers of state surveillance.

Phone buyers would have to present a passport or other official form of identification at the point of purchase. Privacy campaigners fear it marks the latest government move to create a surveillance society.

A compulsory national register for the owners of all 72m mobile phones in Britain would be part of a much bigger database to combat terrorism and crime. Whitehall officials have raised the idea of a register containing the names and addresses of everyone who buys a phone in recent talks with Vodafone and other telephone companies, insiders say.

The move is targeted at monitoring the owners of Britain’s estimated 40m prepaid mobile phones. They can be purchased with cash by customers who do not wish to give their names, addresses or credit card details.
(more…)