Advertisement
Promo

Online business Toolkit

Privacy comes under attack

Wendy McAuliffe ZDNet.co.uk

Published: 30 Mar 2002 07:31 GMT

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

The events of 11 September provoked a new urgency in the need for powers that would allow law enforcement officers to retain traffic data for anti-terrorist investigations. Within a matter of weeks, the privacy rights of British citizens had been hugely compromised by emergency legislation, which allowed the automated surveillance of all electronic communications.

Now at the start of 2002, British surveillance laws are at risk of infringing what are seen by some as basic human rights. Huge demands have been placed on Internet Service Providers (ISPs) to stockpile traffic data on customers under the new Anti-Terrorism, Crime and Security Bill (ATCS), and the Information Commissioner has characterised the requirements as "disproportionate general surveillance".

Traffic data collected under the voluntary Code of Practice within the ATCS would provide a "complete map of a person's private life" according to the Foundation for Information Policy Research (FIRP). Records will include an individual's geographical location determined through their mobile phone, the sender and recipient information from emails, a complete log of a person's Internet sessions including their IP address, and the address of all Web sites visited.

The Data Protection Act 1998 states that a communications provider must only retain traffic data for the length of time necessary for legitimate billing purposes. But contained within the Act is a provision for cases of national security, where personal data may be stored for longer periods of time in order to assist in the prevention or detection of crime.

In her scrutiny of the ATCS, Elizabeth France, information commissioner, warned that the Act might pose difficulties for data protection and human rights compliance. "Although recent events have prompted these measures to be brought forward," she said, "law enforcement agencies will make use of them on a day-to-day basis for a variety of matters. Careful consideration must be given to ensure that the provisions are appropriate to addressing these more routine needs."

Before the publication of ATCS, the home secretary, David Blunkett, stated that traffic data obtained under the new arrangements would be used "strictly in the case of a criminal investigation against suspected terrorists." This promise was broken within the Act's report stage, when part 11 endorsed the stockpiling of traffic data for minor criminal investigations. But Blunkett u-turned his decision a matter of hours before the Act received royal assent, and accepted a proposal tabled by the Liberal Democrats to separate out data that is relevant to terrorists, as opposed to organised criminals. The Code of Practice now makes the ambiguous requirement that in order for surveillance powers to apply, the investigation must relate "directly or indirectly to national security."

Data retention powers included in ATCS will be regulated under the terms of the Regulation of Investigatory Powers Act (RIPA). This Act allows access to traffic data for broader reasons than national security, including public order, minor crime, health and safety and tax. Any ISP can be required to install a "black box" capable of relaying intercepts back to a central monitoring facility at MI5. Content and traffic data can be directly collected by the black boxes, without the need for a content warrant or traffic notice on the ISP. A superintendent is able to request access to all traffic data stored by an ISP, and a single interception officer has sole responsibility for overseeing all interceptions conducted under RIPA.

Chapter II of Part I of RIPA, which makes it possible for law enforcement to access traffic data without a court order is still to come into force. The Home Office has set no date for its passage, but hopes that it will become law "shortly".

Who's watching you? Get the latest on spy networks such as Echelon and Carnivore, as well as privacy issues for companies and individuals alike, at ZDNet UK's Privacy News Section.

Have your say instantly, and see what others have said. Go to the ZDNet news forum.

Let the editors know what you think in the Mailroom.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
56 out of 97 people found this useful


In association with Network Liberation Movement

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Online business


Company/Topic Alerts

Create a new alert from the list below:










Sentry Posts Blog

Climate research centre compromised

One of the UK's leading climate change research centres has had a security breach. The Climate Research Unit at the University of East Anglia (UEA) suffered a compromise of information,... More

1 comment

Government web-monitoring plans on hol...

Government plans to compel ISPs to process and store details of all web communications have been put on hold until after the next election. The Home Office told ZDNet UK on Wednesday... More

1 comment

Watchdog reveals illegal sale of phone...

The Information Commissioner's Office is preparing a prosecution file against a mobile operator's employees who allegedly sold on thousands of customers' details to a competitor. The... More

1 comment

Video icon

Video

Google Chrome

Roundup: Full coverage of Google Chrome

The search giant has launched a beta of its own open-source browser, sending a clear challenge to Microsoft in the way it lets users work with applications More

Blog: Google Chrome has Microsoft's code inside, says MS manager

And furthermore, he says, that's a good thing... More

Blog: Google Chrome — nine things we've found since launch

Google must be very happy with the coverage Chrome has gathered. But it's not all good news... More


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters