Sunteți pe pagina 1din 449

House of Lords House of Commons Joint Committee on Draft Communications Data Bill

Draft Communications Data Bill


Session 201213 Written Evidence

The Joint Committee on the Draft Communications Data Bill


The Joint Committee on the Draft Communications Data Bill was appointed by the House of Commons on 21 June 2012 and by the House of Lords on 28 June 2012 to examine the Draft Communications Data Bill and report to both Houses by 30 November 2012. Membership HOUSE OF LORDS Lord Armstrong of Ilminster GCB CVO (Crossbench) Rt Hon Lord Blencathra (Chair) (Conservative) Baroness Cohen of Pimlico (Labour) Lord Faulks (Conservative) Rt Hon Lord Jones (Labour) Lord Strasburger (Liberal Democrat) HOUSE OF COMMONS Mr Nicholas Brown MP (Labour, Newcastle upon Tyne East) Michael Ellis MP (Conservative, Northampton North) Dr Julian Huppert MP (Liberal Democrat, Cambridge) Stephen Mosley MP (Conservative, City of Chester) Craig Whittaker MP (Conservative, Calder Valley) David Wright MP (Labour, Telford)

Draft Communications Data Bill

Contents
Written evidence
ADM Shine Technologies Nathan Allonby AVAAZ Steve Ball The Bar Council of England and Wales BCS, The Chartered Institute for IT Mark Benson Dr Paul Bernal Big Brother Watch Caspar Bowden Greg Callus Graeme Carter Sean Cheshire The Coalition for a Digital Economy Wendy Cockcroft Paul Connolly Joe Corrall Simon Cramp Patrick Cunningham Chris Davey The Direct Marketing Association Mark Drury Keith Edkins Bruce Elliot Equality & Human Rights Commission The foundation for Information Policy Research The Financial Services Authority Mike Gerbrais The Global Network Initiative William Heath HMRC ISPA Dr Dominic Jackson Andrew James JANET Peter John Just West Yorkshire JUSTICE Sir Paul Kennedy Mr J R S Kistruck The Law Society George Lawrence

4
4 8 21 22 28 34 41 45 52 59 79 83 84 86 89 94 96 99 100 102 103 104 105 111 112 119 124 128 133 150 152 156 163 166 170 174 181 183 206 212 213 217

Draft Communications Data Bill

218 221 225 247 269 270 274 277 279 282 286 291 297 298 305 310 324 327 332 338 346 347 352 353 357 358 361 365 367 371 378 379 395 400 402 406 407 410 415 418 423 425 428 436 437 440

Stacey Leigh Ross LGA Liberty LINX Alastair Macmillan Professor Robin Mansell Lorna Mitchell Glynn Moody Barbara Moore Alec Muffett Giles Murchiston NAFN the Newspaper Society No2ID Zoe OConnell Open Rights Group Anne Palmer Public Concern at Work Privacy International Supplementary Privacy International Brian Rae Marisha Ray J Richardson Duncan Roy Dr Peter Saul Dr Ashley Savage Robbie Simpson Richard Smith Robert Smith SOCA Society of Editors Professor Peter Sommer Dr Eric Stoddart Steven Taylor Telefnica UK Ltd Ernest F. Thornton Timico Ltd The Tor Project Twitter Inc UK Border Agency Virgin Media Vodafone David Walker Andrew Watson Dr John Welford Wikimedia UK

Draft Communications Data Bill

Nic Wisttreich Ben Woodling Andy Wrigley

443 444 446

Draft Communications Data Bill

Written evidence
ADM Shine Technologies
ThesearethecollegiatecommentsfromallatADMShineTechnologiesLtd.Aggregatedandmoderated by Andrew DawsonMaddocks Managing Director and Chief Technical Officer and Barbara Breeze CommercialandFinanceDirector . ADMShineTechnologiesLtdisanSME in theMidlands andis hometoSpecialist DefenceResearchin Electronic Warfare EW Electronic Surveillance Measures and Electronic Counter Measures in the tacticalmarket andCounterTerrorist CIEDandrelatedCyber,advancedroboticsandspecialprojects primarilyfortheneedsoftheUK. Andrewhasextensivedefenceexperienceandthatofnationalsecurityspanningseveraldecades. OpeningOverallComment:TheCommunicationsDataBilliswellwrittenandexploresthecomplexand contentiousissueswell.Whilstwehavelegalexperienceandqualificationsinhouse,wehavelimitedall ofouranswerstoourexpertiseareaandbackgroundknowledgeintothehighlysensitiveareasofSpecial Surveillance, Electronic Surveillance, Lawful Interception telephone both fixed and mobile , data networks inclusiveofTheInternet,andofSatellite Services includingtelephone .Thesecomments willbemadeatalevelthatdoesnotwarrantgovernmentprivacymarkingsandhencemaybeincludedif appropriatetotheoverallenquiryonthesaidbill. We made a number of key comments on the consultancy for the Justice and Security Bill Green Paper CM8194:ISBN9780101819428 ,whichwewillreferenceandrelatetoinourresponseassomeofthe samepointsapply. We recognise and have the detailed expertise in telecommunications to say that the communications environment bothtechnicallyandcommercially isnowvastlyadvancedfromtheearlystepstakenby the Home Office and ACPO late 1990s for the underpinning relationships for the implementation of RIPA2000andliaisonsupportunits.Thesocialbehavioursanduseofthesecommunicationsmediums has advanced not just with the natural advancement of technology but in use and the types of communicationandintheterminalequipmentusedtoaccesssuch e.g.socialmedia . Itisnotedthatourlawenforcementandintelligenceagenciesareadmiredbyoverseaslawenforcement agenciesastheinvestigativecapabilitiesofGreatBritainarebothgoodandstringentlycontrolled.That said some politically odd usage of RIPA has occurred, especially local council usage which has the potentialtoconsiderablyunderminepublicconfidenceirrespectiveofstrictoversightandcontrol. Wecontinuetomaintaintheviewandagreewiththecurrentapproachthatsuchreleaseoftheabove materialandtechniquesinUKorothercourts,notonlycouldleadtodamagetonationalsecurity,butalso damage to investigative methods and the risks of the full gamut of human life through to technical techniques damage. Control, basis of authorisation, whom authorises, use and oversight are the key issues The voluntary code of practice on Retention of Communications Data Order 2003 SI 2003 No 3175 recommendstooperatorstokeepsubscriberandtelephonyrecordsforayear,whilstSMS,emailand dataaccountingrecordsofISPsfor6monthsandthedetailofbrowsingforlessthanaweek 4days . ThevolumeofdataacrossadayfortheUKisconsiderableevenintodaysadvancedcomputingabilities. ThenowcompulsoryrulesarethatfromDataRetention ECDirective Regulations2009,SI2009No859 whichstipulatestheTelephony,Internet,emailandsubscriberrecordsmustberetainedforaminimum ofayear.Complicationsarisefromnonresidentoperators. Overall the Bill provides for the advancement socially and technically for the prevention of crime and terrorism.ItalsoalignstotheSecurityandJusticeBilltoimplementeffectiveoversightandcontrol.Ifthe UKistocontinuetobeeffectiveatlawandorderandkeepthesecurityofcountry,alliesandvisitors,then itistechnologicallyaprudentwayforward,legallywiseandsolongasusageofsuchdataisrestricted onceauthorisedtoonlythelawenforcementgovernmentdepartmentsthenoversightshallbeeffective andstrong.

Draft Communications Data Bill

Our nomenclature is to abbreviate Answer to A. then we quote the question number from the parliamentaryquestionontheHaveyoursayonthedraftCommunicationsDataBillwebpagethatit relates to. If more than one question is posed for a given section then in parenthesise will be roman numeralstodepicttheorderofthequestiontheanswerrelatesto.
OurAnswers: GENERALQUESTIONS: A.1Yes.ThetechnologyandsocialuseofsuchishighlydynamicandwhenRIPAwasposedbothwere farlesscomplexthantoday.4G,internodalandintermodalcommunicationsaregoingtocomplicatethis further. A.2Yes. A.3Theyshouldnt,howeverweareconcernedfortheUseofsuchintrusionbyteamsandareasacross governmentnottightlyalignedtotherigoursandcontrolasthejudiciaryforexample.LocalGovernment forexample tobesotrainedandauthorisedasaSinglePointofContact SPoC touseofthisBilland RIPA will only further exacerbate public disquiet. These extraneous SPoCs should be transferred and amalgamatedwiththerelevantlawenforcementunitssuchastherelevantConstabulariesEconomic CrimeUnitforsayDWPsSPoCs.PerhapssuchextraneousSPoCsshouldhavetoseekauthorityforuse from either local law enforcement bodies or centrally administered with revisions of procedures and oversightandnecessaryshiftinbudgetsandresources.Whilstonthefringeandminorityperhaps,the public do not respond well to media claims of RIPA being used by local government for minor issues withinalocalcouncilscatchmentareawithissuessuchasminorplacementproblemsi.e.anoccupants rubbishbin. A.4Dontspreaditwidelyincourt,treatassensitivedata/evidenceotherwiseyouriskdamagingthe effectivenessandabilityforitsuse.Orworsestillthelegalparadoxofcausingcrimethroughitsrelease.It is crucial that very strict access to this data is undertaken to prevent corrupt sale or use of this by criminalelements. A.5Nocomment. A.6 i Thetwoworkwellasouranswertoquestion1postulatesitiswisetokeepthesetwoseparate as the Data Retention Regulations may well need to be refined and differing data types specifically regulatedwithoutneedtochangetheoverarchinglegislationofthisBill. A.6 ii NoastechnologicalisrapidlyevolvingtheneedforrevisionstotheBillwouldatleastevery government term in office 5 years ! Therefore it would be unwise to have it as an overarching combinedpieceoflegislation. A.7Nocomment. A.8 i Technologically they shouldnt as much of the data the Bill relates to the approved operator needstoconductandcontroltheirbusinesssaveforsomeelementsofdataThereforeNo. A.8 ii Commerciallysomeofthedatavolumesespeciallyontheinternetsidearesignificant.Ifthese becameburdensomethenthegovernmentcouldelecttohavethecostofstowageandretentionthen the operator will have limited cost of implementation. This is a mute argument as globally most jurisdictionsrequireIOCA/RIPAcapabilitiesandthisBillisbringingthoseneedstothe21stcentury. COSTS: A.9Nocomment. A.10Nocomment. SCOPE: A.11 i and ii Yes

Draft Communications Data Bill

A.12 i Law Enforcement and Intelligence Agencies only would be our strong view. All the other governmentdepartmentsshouldseekassistanceandraisethenecessarycases whichtheusetowhich thebillisthenput couldbehighlyscrutinizedandkeptsafetothewiderpublicprivacy. A.12 ii YesbutthatordermustbeagreedtobytheICCandthattheyaresoobligedtogivethedraft order a fair hearing by the Investigatory Powers Tribunal IPT as expanded by the proposal for parliamentaryoversightofthesepowerfultoolsintheJusticeandSecurityBill.TheIPThasakeyremit andlegalframeworktoensureECHRissuesofensuringtheprinciplesoffairnessofourjusticesystem alongwiththeimplicationsofrightfuluseofsuchtools. A.13 i and ii No comment save for the roaming agreements should obligate third party and overseasoperatorstobelegallyconformantwithRIPAandthisBill,otherwisesuchtelecommunication services orlicenses ,shouldbewithheld. USEOFCOMMUNICATIONDATA: A.14 i and ii seeouranswertoquestion3and12.Wemakenofurthercomment. A.15Yesalthoughiftherequirementwaspursuedtoitslimitofalsorequiringmoreandmorecontent datathenthechallengeandcommercialcostsforserviceproviderswouldbecomeveryprohibitiveand ouranswertoquestion8 ii isreferredto. SAFEGUARDS: A.16CurrentsafeguardsinRIPAandthoseauthorisationprocesseswillbeenhancedbythisBilland definitionsalreadyexistinthissystemwhichonthewholehasprovedtohavebeencontrolledwell,with tightstrictcontrolsonaccessanduse saveforouropinionsmentionedabove .Wedonotbelievewithin thescopeofourunderstandingoftheprocedures,controlsandECHR,alongwithHRA,thatECHRArticle 8wouldraisecompliancyissues/concerns? A.17 i Whilst on face value a warrant based system has considerable merits its current use for contentisastronginstrumentthatshouldremainsoexpandedtoincludecontentinthedataworld e.g.theactualSMStextorURLssovisited A.17 ii NowefavourtheexitingsystemasdefinedbyIOCA,refinedbyRIPAandsoimplemented.This system procedurally should recognise the elements of the Digital Age and the Social Trends of Telecommunicationswarrantforcontentwouldbeawisedoctrinetokeep.RecordData asoutlined withinthisBill ,shallrequireanauthorisationfromanauthorisedandapprovedpointofcontactandwe recommend if that sits outside of the traditional law enforcement and intelligent agencies then that requestsorequiresauthorisationfromsuch. A.17 iii Yesasdefinedabove. A.17 iv minimalifthe629SPoCsweretoberefinedasoutlinedhere. A.18ICCroleisYes savethatgreatcarethatisneededtokeeppaceofnotjustthetechnologybutthe terminalequipmentandsocialusage ,andtheICroleperhapsneedsgreaterauthoritytoactformisuse andbreachesoftheDPAandrelatedacts. PARLIAMENTARYOVERSIGHT: A.19YeswhencombinedwiththoseconsultedonfortheSecurityandJusticeBill. ENFORCEMENT: A.20Nocomment. A.21 i and ii Nocomment. TECHNICAL:

Draft Communications Data Bill

A.22Yes.Verysafely.Itcanbeencipheredinawaythatisevidentiallysoundtoaverystronglevelof protectiontooascananyelectronicfeedsofsuchdata. A.24Yes,Yesandtechnicallyfeasible. A.25Ifimplementedeffectivelyandbyusingstrongdataandnetworkprotectionstandards,thiswillbe extremelydifficult. A.26iftheenciphermentofthedataandenciphermentoftheaccesstosuchdataisdoneinawaythatis evidentiallysoundandhighlyprotectedthenNo. August2012

Draft Communications Data Bill

Nathan Allonby
Thissubmissionmainlyrelatestotheprovisionsforretentionofdataforpostalcommunications. Clause25oftheBillhasprovisionsapplyrequirementsfordataretentiontopublicpostaloperatorsand publicpostalservicesasitappliestotelecommunicationsoperatorsandtelecommunicationsservices, i.e.tocreateasystemforloggingallmailinadatabase,similartothatrecordedfortelecommunications, e.g. details such as addressee, sender's address, date, and any other visible information on the cover. Clause 26 would allow postal operators to recover the cost of this from government. It appears this informationwouldbeheldinadatabaseandretrievedatthepointanindividualbecomesasuspectinan inquiry. TheDraftCommunicationsDataBillcontainsapproximately94sentencesreferringtodataretentionfor postalservices.ProvisionsrelatingtopostalservicesarethusaveryimportantfeatureofthisBill. Itisbelievedthatthismaybeanewandunprecedentedformofsurveillance:nostatehaseverlogged allpost,eveninthosenationswheretherewascomprehensivecensorshipofthepost. Crimeandthethreat Nowherehasthegovernmentmadeanycaseforretentionofpostaldatathereappearstobenotasingle wordrelatingtoacaseforpostaldataretentioninanyofthegovernmentsupportingdocuments,i.e.: DraftCommunicationsDataBillimpactassessment 1 DraftCommunicationsDataBillprivacyimpactassessment 2 CommunicationsDataBillkeybackgroundinformation 3 StrategicDefenceandSecurityReview 2010 4 On this basis, the government has presented no case whatsoever for what may be an unprecedented surveillancemeasure. For telecommunications and the internet, the government arguments for increased data retention powerspivotaroundanewmediumofcommunicationcreatingnewtypesofcrimeandnewmodesof criminality.Forterrorismalso,thegovernmentargumentsarebasedaroundnewpatternsofcriminality arising from new forms of communication. The government case for increased data retention is not merelybaseduponhighlevelsofterroristthreat,butuponathreatmovingtotakeadvantageofanew medium. Pleasenote:thegovernmentargumentsfortelecomsdataretentionare notaccepted bythe writer . Noneofthegovernmentargumentsappearrelevanttopostalcommunicationsdataretention. A Freedom of Information request was also made to the Home Office about cost, feasibility and the threatstowhichtheBillwasresponding 5.Iwoulddrawyourattentiontothefollowingsectionoftheir reply. http://www.whatdotheyknow.com/request/119629/response/297764/attach/html/3/attachment.pdf. html

1DraftCommunicationsDataBillimpactassessment

PDF

2DraftCommunicationsDataBillprivacyimpactassessment PDF 3CommunicationsDataBillkeybackgroundinformation PDF 4StrategicDefenceandSecurityReview

2010

5FreedomofInformationrequesttotheHomeOfficeabouttheCommunicationsDataBill.

http://www.whatdotheyknow.com/request/119629/response/297764/attach/html/3/attachment. pdf.html

Draft Communications Data Bill

"ThedraftBillalsocontainsapowerfortheSecretaryofStatetoplaceobligationsonserviceprovidersto retain,collect,generateorprocesscommunicationsdatawhenappropriate.Beforeimposingobligations theSecretaryofStatemustconsultOFCOMandtheprovidersonwhichtheobligationswouldbeplaced. However,therearecurrentlynorequirementsforRoyalMailtoretainpostaldataandtherearenoplans forthattochange. "Inanswertoyourspecificquestions,wehavenotconsultedRoyalMailaswedonotcurrentlyenvisage obligationsbeingplacedonthem.Forthatreasonwedonotexpectanycoststobeincurred.Youwillbe awarethatthedraftBillisundergoingprelegislativescrutinybyaJointCommitteeofParliament,andis alsothesubjectofaseparateinquirybytheIntelligenceandSecurityCommittee.Asyoumaybeaware, thecurrentthreatfrominternationalterrorismisjudgedtobesubstantialinotherwordsaterrorist attackisastrongpossibility." TheFoIresponsefromtheHomeOffice above appearstocontainthefollowingadmissions: Thegovernmenthasnoplanstointroducedataretentionforpostalservicesatthistime.Theabsenceof plansappearstoimplythatthereisnoneedforthepostaldataretentionprovisionswithinthisBill,at thistimeorforeseeably. Thereisnospecificproblematpresentwithcriminalityrelatingtopostalserviceswhichwouldrequire dataretention. Thereisnospecificproblemwithregardtoterrorismrelatingtopostalservices,otherthanthegeneral terroristthreat. The government has made no consultations about requiring postal operators to gather and retain communicationsdataandmayhavenoinformationabouttheimplicationsofthis. Insummary,thereisnoevidenceofneedandnojustificationforthepostaldataretentionprovisionsin theBill. A Freedom of Information request to Royal Mail Group 6 also confirmed that the government has not contactedordiscussedcostorfeasibilitywithRoyalMail,theUK'slargestpostaloperator. http://www.whatdotheyknow.com/request/119538/response/295611/attach/html/3/Allonby%2012 0712.pdf.html That the proposals for postal dataretention have not been subject to costing and enquiries to postal operator is significant because this suggests that the proposals have not been subject to the normal processesofformalreviewandjustification.Theissueisnotcostorfeasibilitybutrathertheabsenceof normalchallengeandcriticalevaluation. Having"noplans"toimplementthepostaldataretentionprovisionsoftheBillmaynotbethesameas having no intention to implement them. It would be interesting to be able to explore the difference betweenhaving"noplans"andhaving"nointention",inrelationtothegovernment'sreplies. Legislation is never introduced lightly. With 94 references to postal services, the Bill appears to be carefully crafted for an intended purpose. The government appears to be thinking fairly deeply about retaining postal data, and about the detailed implementation of this. Couldanintentionbetransformedrapidlyinto"plans",merelybeannouncingabudgetandadefinitive dateforintroduction? If the current Bill is been passed, when government decides it is time to introduce dataretention for postalservices,therewillbenorequirementtoconsultMPs,onlytoconsultOfcom.ConsultingOfcomis notthesameasseekingapprovalfromOfcom.Ofcommaynotsubjectgovernmentproposalstothesame

6FreedomofInformationrequesttoRoyalMailabouttheCommunicationsDataBill. http://www.whatdotheyknow.com/request/119538/response/295611/attach/html/3/Allonby%20 120712.pdf.html

10

Draft Communications Data Bill

level of scrutiny as MPs Ofcom has narrowly defined terms of reference; Ofcom may not be able to challengegovernmentonthesecuritycaseormanyotherimportantissues. TechnologicalFeasibility Theproposalsforpostaldataretentionareprobablyquitefeasible. Royal Mail has been aiming towards total mechanisation. Machinesorting and machinereading of addresses makes it potentially possible for sorting machines to log mail items to a database. Sorting machineshavetoreadtheaddressesonmailitemsdataretentionmerelyrequiresoutputtingthisdata from sorting machines to storage. A situation where all mail is machinereadable and machinesorted wouldmakeitpossibletologallmail. ItneedstobeclarifiedhowcloseRoyalMailaretoachievingtotalmechanisation,butitisbelievedtobe closeto100%. Whereaddressesonmailitemsarenotdirectlyreadablebysortingmachines,themailitemsaremarked withmachinereadablebarcodescontainingtheaddressinformation. TheUSPostalServicehasalreadycreatedadatabaseofFirstClassMail,verymuchalongtheselines,with similar technology. This was created to provide a tracking service for business mail customers, to confirmdeliveryofitemsandreliabilityofdelivery.Inrelationtodataretention,thiscreatesadatabase ofallbusinessmail 7. SincetheUSPSandRoyalMailappeartousesimilartechnology,abriefdescriptionmaybeappropriate. USPS requires discount bulk mail customers to mark their mail with a bar code which contains the addressandzipcodeandthesender'sdetails inmachinereadableformat . Thebarcodeinformationisreadatsortingmachinesandstoredinadatabase,accessibletocustomers,so they may confirm the progress and delivery of individual mailitems. InBritain,similaraddressbarcodesareusedbyRoyalMail.Bulkmailcustomersmarkmailitemswith addressbarcodes,formachinereading,inadditiontothenormalscriptaddress.Sortingmachinescan alsoreadsomescripttypefaces,byOpticalCharacterRecognition. Royal Mail has aimed to reduce the number of items that require marking, and to maximise the proportionof itemsthataredirectlymachinereadable. Royal Mailcustomeragreementsfor bulkmail servicesrequirebothaddressandsender'sdetailstobeenteredinmachinereadableformat.RoyalMail usesasystemofCustomerBarCodes CBC,recentlyrenamedsimply"Barcodes" ,similartoUSpostal service, for bulk mail customers, as part of Royal Mail services named Mailsort and Walksort. These barcodescontaindetailsofbothaddresseeandsender,inmachinereadableformat,whicharereadby sortingmachines.Forotherreducedratemailservices,whichdonotrequirecustomerstouseaddress barcodes,RoyalMailcustomeragreementsspecifypreferredmachinereadabletypefaceswhichhaveto beused. Ashasbeenmentionedabove,forotheritems,whereaddressesarenotmachinereadable e.g.private post , a barcode is marked on the item. It is understood that machinereading has been adapted to recognisethemajorityofhandwrittenscript,andthisisusedatthestageofapplyingbarcodestoitems onreception. Inrelationtodataretention,itisnotknownwhetherRoyalMailsortingmachinescurrentlyrecordthe informationtheyreadfromthesebarcodes,orwhethertheyarecapableofdoingso.Itisnotclearwhat dataiscurrentlyrecordedandwhetherthereisanymaildatabasecomparabletothatinUSA.Itwouldbe extremely helpful, in relation to postal datacollection, if your Committee could clarify the current situationintheUK. Europe

7StephenBarrPostalServiceSeesSimplicityin31Digits

WashingtonPost,17Feb2008

Draft Communications Data Bill

11

TheEuropeanCommissionhasdiscussedproposalsforaddinguniqueelectronicidentificationtoallmail items,usingRFIDchips 89. The stated motive behind this proposal is in relation to the liberalisation and privatisation of postal services,Europewide:inasituationofmultiplenewmailoperators,toavoidafragmentedservice,the Commission wished to pursue a unified mailtracking system. It is believed that this is a longterm project and at this stage Royal Mail does not appear to have been approached in regard to implementationhowever,thisdoesnotmeanthatthiscanbeignored. TheimplicationsofthisproposalarethatitwouldcreateaEuropewidedatabaseofallmail,thatwould interoperable, accessible by multiple different operators in different companies, different nations, and potentiallybypoliceandsecurityservicesindifferentnationsalso. In terms of privacy, it would be very difficult to ensure any meaningful level of privacy under this arrangement. The RFID system would also be able to gather very much more information, which would make the systemmuchmoreintrusiveanddamaging,intermsofimpactonprivacy. TheEUisverycommittedtothepromotionofRFIDtechnology. AttractionsofRFID,comparedwithvisualbarcodes,includethefollowing: greateraccuracy,withfewerreadingerrors theRFIDchipcancontainmoreinformation,andcanbewrittenwithextrainformation it would be possible to identify all the items within a bag, without having to view each item visually

RFID is closely linked to an internet technology called the "Internet of Things" that facilitates open communication of information, globally, across different enterprises. RFID is already is use by many supermarket and clothing chains, and is used to manage complex international manufacturing supply chains. RFIDwouldmakeitpossibletocollectmuchmoreinformation,moreeasily,makingmailtrackingfaster, simpleranduniversal.Itwouldbepossibletotracknotmerelymailsentbybusinesses,butalsototrack allmailfromeachpostbox,andtotrackeachstampsold.Theprivacyimplicationswillbemuchgreater as each mail item will carry a greater amount of data, and will be able to be tracked in much greater detail. It would be possible to track every Valentine card and loveletter and every plain brown envelopepostedtoanMP.Thiswouldleavenosuchthingasprivatemail. This makes it more important that the current Bill does not leave the door open to uncontrolled and unlimitedexpansionofdatacollection. Atpresent,nonationyethasfirmplansfortheintroductionofRFIDtothegeneralpost.Giventhelevelof supportfromtheEUandmajornations,andgiventhefallingcostofRFIDchips,itisreasonabletoexpect thatRFIDidentificationofpostmaybecomeuniversalwithinadecade.Somenations,suchasChina,are already applying RFID to a limited range of services, such as express items. Many postal services use RFIDtotrackmailbagsandpallets.TheinternationalUniversalPostalUnionandRoyalMailuseaformof RFIDtotestdeliverytimes,onspecialsampleitemsofpost. TheEuropeanproposalswillbeanimportantcontextforanyUKmeasuresforretentionofpostaldata. It would be useful to know how Britain sees its proposals for postal dataretention in relation to EuropeanproposalswhetherornotBritain'sschemeisseenasapilotforEurope.

8NomissingmailwithRFIDtags,saysCommission|EurActiv.com 9EUwantsRFIDchipsforitspostalservicesTheInquirer

12

Draft Communications Data Bill

PostalDataRetentionandHumanRights NecessityorAvailability? Ifthislegislationforpostaldataretentionisnotbeingintroducedinresponsetocombatanewtypeof crime,isitinsteadbeingintroducedduetotechnologicalfeasibility,i.e.,isthisbeingintroducedbecause ithasbecomepossibleandeasytoimplementratherthanbecauseitisnecessarytofightcrime? The government appears to propose that the test of necessity should only be applied when accessing data,onacasebycase orpersonbyperson basis,ratherthanasatestofwhetherwholecategoriesof data should be collected at all, hence that the government should not need to justify the necessity of introducinganewclassofretaineddata. If this became the basis on which new privacyeroding measures were introduced, this would be a dangerous slipperyslope. Given that technological capability is constantly growing, this would lead to continual expansion of government access to personal data and corresponding erosion of privacy and civilliberties. Retaineddatamightinitiallybeappliedtofightingseriouscrime,buttherapidincreaseinthecapability andreachofcomputersystemsovertimewouldenableanexpansioninitsuse,leadingtowardstheuse ofretaineddataintheenforcementofminorregulations. Dataretention has itself been made possible by the extremely rapid increase in available computer power,andtherapidlyfallingcostofstoringdataareportbytheBrookingsInstitutehasdescribedthis asapotentialthreattocivilliberties 10anditisonlyreasonablethattheuseofretaineddatashouldalso beconsideredinthiscontext. Functioncreephasbeenaconstantinthegrowthofthedatabasestate. Proportionality? Howwouldthedatabeused? Having"noplans"toretainpostaldatameansthat perhapsconveniently thegovernmentdoesnothave todiscussintendedusesforthatdata. It is quite likely that, rather being used for a small number of relatively serious offences, such as terrorismrelatedoffences,postaldatacouldbeusedwidely,onalargescale,forminormatters.Thisis likelybecausepostalmailcoverdatamaynotbeconsidered"privateinformation",hencewouldlargely escaperestrictionsonproportionalityofuse discussedinmoredetailbelow . Useofthisdataforminormatterswouldhaveapervasiveimpactonsociety. Itappearsthattheproposalsaredrivenbytechnologicalfeasibilityratherthantheneedtocombatanew typeofcrimei.e.thisisbeingintroducedbecausethisispossibleratherthannecessary. Onthisbasis,itappearsthatthisfailsthetestofnecessity. Giventhattechnologicalcapabilityisconstantlygrowing,thiswouldleadtocontinualerosionofprivacy andconstantexpansionofgovernmentaccesstopersonaldata. This Bill is Human Rights legislation, regulating the use of surveillance. As Justice points out, in their reportFreedomfromSuspicion 11

10 Recording Everything: Digital Storage as an Enabler of Authoritarian Governments, John Villasenor,BrookingsInstitute,December14,2011 http://www.brookings.edu/~/media/Files/rc/papers/2011/1214_digital_storage_villasenor/ 1214_digital_storage_villasenor.pdf 11FreedomfromSuspicion:SurveillanceReformforaDigitalAge,JusticeReport,October2011 http://www.justice.org.uk/data/files/resources/305/JUSTICEFreedomfromSuspicion

Draft Communications Data Bill

13

the general provisions of Article 8 ECHR were never intended to be a substitute for proper regulationoftheuseofsurveillance In effect, Article 8 required the introduction of further legislation to control surveillance. RIPA was introduced in response to this, and the current Bill replaces provisions in RIPA. The current Bill introducesnewsurveillancepowers,butalsointroducescorrespondingnewregulationofsurveillance. ThisBillisthushumanrightslegislation. The Bill also contains provisions to for the government to revise and increase the scope of permitted surveillancepowers,inClause9 7 7 TheSecretaryofStatemaybyorderamendsubsection 6 soastoaddtoor restrictthepermittedpurposes. GiventhatthisisHumanRightslegislation,intendedtodefinelimitsongovernmentsurveillancepowers, it seems strange that the government should be given the right to change and amend the limits of its powers,byorder,withoutaskingParliament.Thisdoesnotsoundlikearegimeintendedtoguarantee fundamentalrights.Thewholepointabouthumanrightsisthatitshouldnotbeeasyforgovernmentsto changeorrewritehumanrights. Many of the rights of access to retained data are very broadly written, with no apparent minimum thresholdtoensureproportionality,forexample,in9 6 6 Forthepurposesofthissectionitisnecessarytoobtaincommunicationsdata forapermittedpurposeifitisnecessarytodoso ... d intheinterestsoftheeconomicwellbeingoftheUnitedKingdom, e intheinterestsofpublicsafety, f forthepurposeofprotectingpublichealth, g forthepurposeofassessingorcollectinganytax,duty,levyorother imposition,contributionorchargepayabletoagovernmentdepartment, Publicsafety,publichealthandtheeconomicwellbeingoftheUnitedKingdomarevaguecatchall termswithnoindicationofproportionateuse; g byreferringtoanytax,dutyorcharge,indicatesno minimumlimitandnoproportionality. Thegovernmenthassuggesteditneedsthesepowersinrelationtoseriouscrimes.Ifthisistheintention, thensurelythisshouldbewrittenintothelaw.Asasuggestedexample,9 6b whichcurrentlyreads b for the purpose of preventing or detecting crime or of preventing disorder could be changed to preventing or detecting serious crimes and could be further enhanced by specifying expected to be punishablebyimprisonmentofoneyearormore. Theconceptofproportionalityhasitselfbeencriticisedforbeingashiftingsandleavesnoclearlydefined limits and creates impossible grey areas. The concept of proportionality is based on a principle of utilitarianism,inwhichallrightsareelasticandnegotiable.Afiercedebatehasragedforover200years, sincetheearliestdaysoftheUSSupremeCourt,overthisprincipleandwhetheritissuitabletodefine fundamentalrights 12.

SurveillanceReformforaDigitalAge.pdf


12 Stavros Tsakyrakis, Proportionality: An Assault on Human Rights?, Jean Monnet Working

14

Draft Communications Data Bill

Inregardtotheconceptofproportionality,ProfessorStavrosTsakyrakisoftheUniversityofAthenshas argued that , "The European Court of Human Rights is routinely balancing human rights against each other and against conflicting public interests and has elevated proportionality to the status of a basic principleofinterpretationoftheEuropeanConventiononHumanRights....proportionalityconstitutesa misguided quest for precision and objectivity in the resolution of human rights disputes and ... courts shouldinsteadfocusontherealmoralissuesunderlyingsuchdisputes."Inrelationtosimilarattemptsto balancerightsinUSlaw,SupremeCourtJusticeScaliamadethepointthatonecannotcomparethelength ofalinewiththeheavinessofarock. The approach of proportionality adopted in the ECHR and HRA seems to be a poor way to define fundamentalrights,thatwillleaverightsuncertainandvulnerabletoerosionovertime. This leads back to the need for Parliament to include clear definitions within the Bill of the limits to lawfuluseofretaineddata. Under the concept of proportionality, what limits would be placed on access to retained postal data? Whatwouldbeconsideredtobeaproportionateusewoulddependuponwhetherretainedpostaldata wasconsideredtobeprivatedata. IntheUS,postal"mailcover"informationisnotconsideredtobecoveredbyareasonableexpectationof privacy, thus does not receive constitutional protection. The same applies to any data shared with a thirdparty,suchastelephonenumbersdialledandevenbankaccountinformation 13. ThisisobviouslysignificantlydifferenttolawinBritainandEurope,butitdoesillustratethepotential problemsdefiningproportionalityinrelationtoretaineddata. Inthisregard,however,itappearsthatUSlawhasfailedtorecognisethequalitativeimpactwhendatais collectedsystematicallyandplacedinasearchablecomputerdatabase. How far would a British government be prepared to go in relation to accessing thirdparty data and applyingittogeneralgovernmentpurposes? TheBritishgovernmenthasrecentlydiscussedaccessingthirdpartydatafromsupermarketstorecards, to advise customers to change their eating habits, as part of a public health programme, within the Nudge programme of behaviour modification 1415. This is a substantial movement in relation to previousattitudestowardsaccesstopersonaldata.Storecarddataisextremelypowerful,revealingand potentiallysensitive 16. This example is potentially of interest in exploring the potential use of private data for purposes of publichealth,e.g.inrelationtoproportionalityandtheuseofClause9 6f oftheCommunicationsData Bill. Thisindicatesthepotentialdangersinrelationtoconceptssuchasproportionalityandstretchingtheuse ofdatatominormatters.


Paper09/08 http://centers.law.nyu.edu/jeanmonnet/papers/08/080901.pdf
13ReasonableExpectationofPrivacy,ElectronicFrontierFoundation,https://ssd.eff.org/your

computer/govt/privacy 14Chocolateagain?LoyaltycardscouldbeusedtotailorhealthadviceTelegraph 15 Supermarket spies: How the Government plans to use loyalty card data to snoop on the eatinghabitsof25millionshoppersDailyMail 16BigBrotherknowsallaboutmybunionopandthefishpieIateafterit:Howonewoman foundoutabouttheintimateinformationheldabouther,ByClaudiaJoseph,DailyMail14th August2011

Draft Communications Data Bill

15

Iscollectingmoredatathebestsolution? Exploringalternativeparadigmsincrimepreventionandpolicing Will collecting more personal data really help prevent and reduce crime in our society? Is crime detection, policing and punishment the best way to make a safer, more lawabiding society? Do other nations approach these issues more successfully by alternative paradigms? Can we discuss data retentionwithoutconsideringalternativeapproaches,whichcouldbemoresuccessfulwithoutrequiring furtherencroachmentonprivacyandcivilliberties? Consider one of the serious crime problems mentioned by the government in the case for this Bill: drugs. DrugsareamajorissueincrimeinBritain.Althoughonlyabout10%ofBritain'sprisonpopulationhave beensentenceddirectlyfordrugsoffences,ithasbeenestimatedthatdrugsarethemotivebehindthe majorityofacquisitivecrimeinBritain.TheNEWADAMresearch,the 2003 reportfromtheNumber 10StrategyUnitclaimedthatoverhalfofallpropertycrimesweredrugmotivated: Heroinand/orcrackuserscauseharmtothehealthandsocialfunctioningofusersandsocietyas awhole,butusersalsocommitsubstantialamountsofcrimetofundtheirdruguse costing16bn ayear . p.2 Drug use is responsible for the great majority of some types of crime, such as shoplifting and burglary inc85%ofshoplifting,7080%ofburglaries,54%ofrobberies 17 Surveyhasfoundthat60%ofcriminalsareusersofharddrugs 18 19. AlthoughthereisnoquestionthatBritainisrequired,forexamplebyinternationaltreaty,tomakeevery possible effort to stop the trade in drugs, the nations that have had the greatest success in reducing narcoticsusehavedonesobyprogrammesofharmreductionratherthandirectpolicing.Forexample, cannabisuseintheNetherlands,whichhasadoptedsociallycontrolledharmreduction,issubstantially lower than in neighbouring countries, which have adopted more traditional approaches of criminalisationanddirectpolicing 20. Directpolicinghasdismallyfailedtostopthenarcoticstrade.Thereisnosignthatnewpolicingmeasures willbeanymoresuccessfulatstoppingthedrugstrade.HarddrugsevenpenetrateBritain'sprisons,with widespread availability and prisoners complaining about leaving prison with more serious drug problemsthanwhentheyentered 212223. Isitreallyjustifiedtointroducemeasuressuchascommunicationsdataretention,withaseriousadverse impactoncivilliberties,inyetanother likelyfutile attempttostopnarcoticsbydirectpolicing? Britain imprisons a higher proportion of its population than most European nations only Spain is higher 24.

17StrategyUnitDrugsReportPhaseI,PrimeMinister'sStrategyUnit

2003 p.25

18 Trends in drug use and offending: the results of the NEWADAM Programme 19992002, 1960%ofcriminalstakeharddrugs,NickPatonWalshandJasonBurke,Guardian,Sunday20

HomeOfficeRDS

May2001 20DutchdrugpolicyinaEuropeancontexthttp://www.cedrouva.org/lib/boekhout.dutch.html 21Drugabuserisinginovercrowdedprisons,studyfindsGuardian,Friday13August2004 22 One In Eight Prisoners 'Develop Drug Problem In Jail' PA/The Huffington Post UK | 17/04/2012 23ExconsspeakoutoverdrugabuseinHMPGloucesterThisisGloucester|Friday,August03, 2012 24Prisonpopulationstatistics,HouseofCommonsLibrary,SN/SG/433424May2012

16

Draft Communications Data Bill

This is reflects attitudes to civil liberties in different nations how readily respective governments removethelibertyofcitizensbyimprisoningthem. TheBritishgovernmentusesimprisonmentinpreferencetomoreeffectiveharmreductionandcrime reductionstrategies. Let us consider an example of how postal data might be used in practice: to investigate suspected benefitfraud.Asatypicalillustration,considerthecaseofawomanwhomightbeclaimingbenefitsasa personlivingalone,havingrecentlyseparatedfromherhusband,butissuspectedtobecohabiting.An investigation based on retained postal data might reveal that she might still be receiving post for an estrangedhusband,thuswouldappeartobecohabiting.Thiswomanmighthaverevertedtohermaiden nameafterseparation,yetmightbereceivingpostfortwodifferentnames:hermaidennameandher marriedname. Insituationssuchasthis,wouldaccesstopostaldataanswerthequestionsormerelyraisemoredoubts? Isitlikelythatpostaldatawouldmerelyprovideajustificationtoinvestigatewithother,moreintrusive formsofsurveillance,suchasdirectedsurveillance? This situation illustrates the complexities of real life. Real lives are often not simple and clearcut. Relationshipsoftendonotstartorfinishneatly.Divorcelawrecognisesthatseparationcanbeanonoff business,withmanyattemptsatreconciliation.Amarriedcouplemaybelegallyseparated,yetstillliving togetherinthesamehome. Ratherthangatheringmorepersonaldata,inanattempttodeterminepersonalcircumstances,wouldit besimplerandbettertoredesignsystemssothatwenolongerrequiretoinvestigatesuchsituations? Ratherthangatheringmoreintrusivepersonalinformation,whynotdesignasimplerbenefitssystem? Gatheringmoredataaboutsuchpeopleandcircumstanceswouldnotexplainorclarifytheirsituation.It isundignifiedtoforcepeopletoexplainthesesituations,andoftenanyexplanationmaybeinconclusive oropentodoubt. ItisinterestingtomakecomparisonsbetweencommunicationsdataretentionandtheANPR Automatic NumberPlateRecognition networkonBritain'sroads. TheanalogybetweencommunicationdataretentionandtheANPRnetworkappliesbecausetheANPR systemwaslargelycreatedbyretainingprivatelygenerateddata,makingthisavailabletothepolice.The introductionoftheANPRsystemwaswidelyregardedasamajordevelopmentinmasssurveillance,yet itwasnevervotedonordebatedinParliament.Apparently,thiswasnotregardedasaHumanRights issue,presumablybecausethemovementofvehiclesonroadsispubliclyvisibletoanyone,ratherthan beingprivate,inmuchthesamewayasmailcoverinformationispubliclyvisibleandnotregardedas privateinformationunderUScaselaw. ThepoliceandHomeOfficeclaimtheANPRsystemhashadamajorimpactintermsofarrestsanduseby police,butitisinterestingtoseeifthishasreallybeeneffectiveinreducingcrimeandharmonroads,and whetheralternativemeasureswouldhavebeenmoreeffectivewithlessimpactonprivacy. TheANPRnetworkintroducedin2005aspartofProjectLaserwasbaseduponretainingdatagenerated within privatelyownedsystems.Themajorityofcamerasinthe ANPRnetworkwereprivatelyowned andhadbeencreatedforprivatepurposes,notasanationalpolicesurveillancenetworkonlyaminority ofthecameraswerepolicecameras,installedtofillgapsinthenetwork.Theprivatelyownedcameras were in systems such as at petrolstation forecourts used to prevent motorists driving off without paying and the TrafficMaster information system which was used ANPR to obtain live information about traffic speeds on trunk roads . TrafficMaster used ANPR to identify vehicles at different points alongaroad,andbytimingthemfrompointtopoint,determinedaveragetrafficspeeds.Havingtimed the vehicles, TrafficMaster then "forgot" the individual numbers, because it was not intended as a surveillance system. However, the police ACPO then stepped in and asked TrafficMaster to provide themwiththenumberplatedatafromtheircameras,whichthepoliceretained. For the ANPR network, the police have cited large numbers of arrests, stolen vehicles recovered, uninsuredstoppedorseized.However,therealmeasureofsuccessshouldbewhethertheANPRhasled toreducedratesofcrime,uninsuredvehiclesandaccidents.

Draft Communications Data Bill

17

However,despitetheuseoftheANPRnetworktodetectuntaxedanduninsuredvehiclesontheroads, BritainstillhasthehighestproportionofuninsuredvehiclesonitsroadsinWesternEurope 25. BritainwasthefirstnationtodeployANPRandcomprehensiverecordingofvehiclesonroads;Britain continuestohavethegreatestcommitmenttothisapproachinEurope.IfANPRwasthemosteffective means of tackling the problem of uninsured vehicles, Britain should now have the lowest level of uninsured vehicles. However, Britain has a higher level of uninsured vehicles than most European nations. From this, it appears that the alternative approaches to controlling vehicle safety and vehicle crime adopted by other European nations may have been more effective than policing by ANPR and universalsurveillance. The Home Office believes the answer is to expand the system yet further, by linking fuel sales to the ANPRnetwork,makingitimpossibletobuyfuelwithoutaninsuredvehicle 26.Itseemsthatthesystem willcontinuetogrow,addfunctions,andbecomemoreintrusive. ItisalsoworthnotingthattheUKANPRsystemalsohadaEuropeandimension.TheANPRsystemwas intendedaspartofalargerplan,whichincludedaccesstocar,driverandinsurancedetails.Ataboutthe sametimetheANPRsystemwasintroduced,in2005,BritainsignedthePrumConvention whichhad been in negotiation and planning for some time which created a Europewide exchange of vehicle informationandvehicleinsurancedetails,andrequiredinsurerstoprovideliveelectronicinformation aboutvehicleinsurance.TheUK'sANPRsystemwasverymuchinterlockedwithEurope'splanfordata systems. In relation to communications data retention, and postal data retention, this illustrates how cruciallyimportantitistoconsiderEUplansandthelargerEUcontext. IthasbeenarguedthattheANPRsystemisactuallymoreusefultopoliceintermsofcrimeintelligence. However,inrelationtocrime,ithasbeenarguedthattheANPRsystemgeneratestoomanyleads,and hasdistractedpolicetimefromtargetedpolicingpriorities.Thedifficultyinprioritisingahugenumberof ANPRleadswasarguedtohavebeenakeyfactortothetragiccaseoftheFacebookKillerinDarlington, whereaknownsexoffenderwithlivearrestwarrantswasleftfreetokillateenagegirl,despitebeing flaggedrepeatedlyontheANPRsystem 27 28.CouldthepoliceresourcesabsorbedbyANPRhavebeen deployedmoreeffectively,ifappliedtoanalternativeapproachorcrimecontrol? Despitethelevelofarrestsgenerated,thelessonfromANPRisthatmasssurveillanceandmoredatais nottheroutetoasafersociety.TheANPRsystemremainscontroversial:couldwehavedonemoreto improvepublicsafetywithouttakingthismajorsteptowardsasurveillancestate? Theroleofretaineddatainpoliceworkislikelytoexpandinproportiontotherangeofdataavailable. However,aswehaveseenwithvehicledatafromtheANPRsystem,ahighlevelofuseofsuchdata,ora highrateofarrestsbasedonthatdata,doesnotindicatethatpolicinghasbeenmademoreeffectivethan ifthedatawasnotavailableandpolicehadtorelyuponalternativemethods. Unfortunately,onceamajorinvestmenthasbeenmadeinamasssurveillancesystem,suchasANPRor communications dataretention, there is institutional momentum to continue further in the same direction the greater the public commitment, the more difficult it becomes to consider alternative

25UKstillhasmostuninsureddriversinWesternEuropeLouiseMeesonInsuranceAge|29Jul

2010

Streetofficialshopethehitechsystemwillcrackdownonthe1.4millionmotoristswhodrive withoutinsurance ByMartinFricker,DailyMail12Mar2012

26CCTVatpetrolstationswillautomaticallystopuninsuredcarsbeingfilledwithfuel,Downing

27IPCCchief:ANPRis'avictimofitsownsuccess'ThecommissioneroftheIndependentPolice Complaints Commission IPCC has said there are severe difficulties in running automatic number plate recognition systems, Guardian Government Computing, Monday 14 February 2011 28IPCCpublishesfindingsfrominvestigationintopoliceresponsetoANPRintelligenceonPeter Chapman 11February2011,http://www.ipcc.gov.uk/news/Pages/pr_110211_clevelandchapman.aspx

18

Draft Communications Data Bill

approaches.Themorecontroversialandunpopularadecision,thegreatertheimportanceofjustifyingit, andthemoredifficultitbecomestoretreat. Itmaybedesirabletoconsiderotherteststhannecessityandproportionalityinrelationtoproposalsto collect more personal data. Necessity and proportionality are the tests regarding compliance with the European Convention on Human Rights and the HRA. Necessity and proportionality would be the relevanttestsiftheintentionwastoallowaccesstothemaximumamountofdatapermittedbytheECHR andtheHRA.Isthistheintention,orwoulditbedesirabletomakeaccesstodatamorerestricted? Ratherthanmerelyaskaboutnecessityandproportionality,woulditbebetteralsotoaskquestionssuch as: How would this data by used by public bodies? How would this affect methods of working and relationships between the public and institutions? Will this lead to a situation where ordinary people havetorememberandjustifytheirlivesinimpossibledetail?Howwillthisaffectoursociety?Whatprice are we prepared to pay for privacy, which is an essential part of personal freedom? Are there better alternativestoretainingpersonaldata? Despitethepotentialthreatofterrorism,Britainisprobablymoresecuretodaythanatanytimeinthe last 400 years. Recently, the Royal Navy sent all of its warships abroad, and did not require to keep a singleshipindomesticwaters 29. DuringtheOlympics,securityservicesconsideredthattherewasneveranythreatfrommajorterrorist organisation 30 30 . Thesearenotthetimesinwhichnewsecuritymeasuresareneeded. It is understandable that the Home Office and the police should come to be concerned with potential threatsofcrimeandterrorismandregardtheseasrequiringnewpolicingmeasuresandnewpowers. The question is whether these concerns are justified, and outweigh the needs for privacy and constitutionalprotectionofliberty. Atpresent,itappearsthatmorepolicingmaynotbethemostappropriatesolutiontothemostsignificant crimeproblems in our society, and that nonpolice measures, based on harmreduction and social inclusion,havethepotentialtoreducecrimeandincreasepublicsafetyfarmorethanincreasedpolicing. SummaryOutstandingQuestions Ideally,thesummaryshouldbeasetoffirmconclusionsorrecommendations,howeverinthiscasethe summaryappearstobeasetofimportantquestionswhichthegovernmenthasfailedtoanswer. TheprovisionsforpostaldataretentionareprofoundandfarreachingIhopeyouwillnotapprovethis legislationunlesssatisfactoryanswersareprovidedtothefollowingquestions. i WhyhasthegovernmentincludedprovisionsforpostaldataretentionintheBillifithasnoplansto implementthem? ii What does the government mean when stating it has no plans to require dataretention by Royal Mailandotherpostaloperators? iii Whatspecificproblemsinrelationtocrimeandcriminalitywouldrequiretheintroductionofpostal dataretention?Isthereanynewformofcrime? iv Whatisthegovernmentcaseforpostaldataretention?Whyispostaldataretentionnecessary in termsoftheHRA ? v Why did the government make no mention of the case for postal dataretention in any of its publicationsabouttheBill?

29UKwatersleftunprotectedbyNavywarshipsinOctoberBBCNews1Nov2011 30UnpredictablelonewolvesposebiggestOlympicsecuritythreatGuardian9March2012

Draft Communications Data Bill

19

vi Istheintroductionofpostaldataretentionbeingdrivennotbycrimebutinsteadbypotentialeaseof implementation?Isthisbeingdrivenbytechnologicalcapabilityratherthanbycrime? vii What next? Where will it end? If government is allowed to encroach on privacy simply because technology has made it possible, given the onward march of technology, can we expect successive incursionstofollow,untilthereisverylittlepersonalprivacyleft? viii Howisitenvisagedthatretainedpostaldatawouldbeused?Whatpurposesisitrequiredfor? ix How much cost and effort would be required for Royal Mail to output address data from sorting machines,tocreateadatabaseofallmailitems?Arethesortingmachinesalreadycapableofproviding thisoutput,orwouldtheyrequireconversionorreplacement? x HasRoyalMailalreadycreatedadatabaseofmailitems,fortrackingpurposes,similartothatcreated bytheUSPostalService? xi WhatEUproposalsaretherethatmayberelevanttopostaldataretention? xii In relation to proportionality, what would be the appropriate minimum threshold for access to retaineddata?Shouldthisbereservedonlyforseriousoffences,orshouldthedatabeallowedtobeused for minor matters? Is there a reasonable expectation of privacy in regard to retained postal data, or shoulditberegardedaspubliclyvisibleinformation? xiii DotheprovisionsinSection9 6 haveanappropriateminimumthreshold,toensurethattheyare onlyusedproportionally? 6 Forthepurposesofthissectionitisnecessarytoobtaincommunicationsdata forapermittedpurposeifitisnecessarytodoso a intheinterestsofnationalsecurity, b forthepurposeofpreventingordetectingcrimeorofpreventingdisorder, c forthepurposeofpreventingordetectinganyconductinrespectof whichapenaltymaybeimposedundersection123or129ofthe FinancialServicesandMarketsAct2000 civilpenaltiesformarketabuse , d intheinterestsoftheeconomicwellbeingoftheUnitedKingdom, e intheinterestsofpublicsafety, f forthepurposeofprotectingpublichealth, g for the purpose of assessing or collecting any tax, duty, levy or other imposition, contribution or chargepayabletoagovernmentdepartment, Whatwordingwouldlimitaccesstoproportionateuse,incasesofappropriateseriousness? xiv Ifretainedpostaldatabecomesavailableforuseinminormatters,whateffectwouldthishaveon policeandotherservices? xv InapieceofHumanRightslegislation,whichisrequiredbytheECHR,andisintendedtodefinethe limits of government power, to protect personal rights and privacy, is it appropriate to have the provision,inSection9 7 ,forgovernmenttoexpanditspowersbyorder? 7 TheSecretaryofStatemaybyorderamendsubsection 6 soastoaddtoorrestrictthepermitted purposes. Isitappropriatetomakeiteasyforgovernmenttochangelegislationrelatingtohumanrights?

20

Draft Communications Data Bill

xvi How do the postal data retention measures in the Bill relate to the European Union? Does the Commission or do other EU nations have an interest in adopting postal data retention? Could the retentionofpostaldatainBritainbecome,ineffect,apilotforpostaldataretentionthroughoutEurope? xvii What other nations have introduced similar measures for comprehensive postal dataretention? WhydoesBritainneedthisifothernationsdonot? xviii HaveothernationstackledtheircrimeproblemsmoreeffectivelythanBritain,byothermethods, withoutresortingtodataretentionanddatasurveillance? xix Aretherealternativeparadigmsforcrimereductionotherthanincreasedpolicingandeverfurther encroachmentsuponcivilliberties? August2012

Draft Communications Data Bill

21

AVAAZ
Please accept this letter as a formal submission to the Joint Committee regarding the Draft Communications Data Bill. The submission is a petition, coordinated by the global campaigning group Avaaz.orgamongstitsUKbasedconstituents. In the last five months, 93,434 people have signed the petition opposing the current draft of the CommunicationsDataBill.Thetextofthepetitionreads: ToDavidCameron,NickCleggandTheresaMay: AsconcernedcitizensweurgeyoutoimmediatelydropplansforanInternetbigbrotherbill Thedraft Communications Data Bill . Our democracy and civil liberties are under threat from the excessive and unnecessaryinternetsurveillanceprovisionswithoutanyjudicialoversightinthisbill.Wehopeyouwill protectourprivacyandkeepyourelectionpromiseto'reversetheriseofthesurveillancestate'. Iveattachedcopiesofthesignersintextformatwiththisletter.Avaazsonlinemobilisationeffortispart ofabroadercivilsocietymovementtospeakoutagainstthebill,includingeffortsby38Degreesandthe OpenRightsGroup.Webelievethismovementdemonstratesthebroadpublicoppositiontothebill,and formerpolicechiefSirChrisFoxhasspokenoutagainstthelaw31. Ifthisbillweretobecomelaw,itwouldmakeaccessiblealistofallourcommunications,includingemail addresses and phone numbers of friends, family and others we connect with and the time, length and locationofthose interactions. Althoughthecontentofcommunicationswouldonly bevisibletopolice withawarrant,themajorityoftheBritishpublicfindthislawdangerousbecauseitexposesatreasure troveofinformationaboutustothegovernmentbutcontainsalmostnosafeguards,leavingitwideopen toabuse. Thatiswhy were submittingthispetitiontotheJointCommittee, inthe hopestheywillsee senseandrecommendthebillproceednofurther. Thankyouforyourattentiontothismatter,ifyouhaveanyquestionsorconcernsIwouldbemorethan happytoanswerthem.Welookforwardtohearingtheresultsofthispublicconsultation. August2012

31SirChrisFox,theformerpresidentoftheAssociationofChiefPoliceOfficers

Acpo ,saidthe proposalswerenotappropriateinafreecountry. http://www.telegraph.co.uk/news/uknews/lawandorder/9183641/Newsnoopingpowers couldbeillegalhumanrightswatchdogwarns.html

22

Draft Communications Data Bill

Steve Ball
IhavebeenauseroftheInternetsincethelate80'sandhavebeenprovidingInternetconnectivityfor customerssince1996.Ihavedevelopedcommunicationsequipment,whichhasbeenusedin businesseslargeandsmall,includingfinancial,industrial,educational,andgovernment.Ihave providedCommunicationsDataforcustomerdisciplinaryactionandPoliceaction. IamveryawareofhowmuchpersonalinformationcanbedeterminedpurelyfromCommunications Data.WithvastdatabasesoftheCommunicationsDataoftheentirepopulationofBritainitwillbe verytemptingtouseDataMiningandPredictiveAnalyticsinakindofMinorityReportprecrime detectionsystemwhichwilllikelythrowupnumerousfalsepositivesanddistractlawenforcement fromimportantgoalsliketacklinggangs,gunandknifecrime,drugsrelatedtheftandviolencewhich isveryunlikelytobesolvedbyofficerssearchingpeoplesprivatecommunicationsdata.Ascriminals becomeawarethattheirmobilephonestrackthem,andthatthePoliceareroutinelyreadingtheir privatecommunicationsdata,theywillsimplymovetheircrimeofflineandeitheruseuntraceable mobiles,ornotusemobilesatall.CriminalsmayalsouseCommunicationsDatatoprovide themselveswithfalsealibiswhilecommittingcrime. ManypeoplewilldroptheirFacebook,Google,Twittersocialmediaaccountsiftheybelievetheir privatedataisbeingroutinelyscraped,stored,collatedandfiltered,andmaybeopentohundredsof thousandsofgovernmentemployeestobrowsewithnothingmorethanasignatureofadesignated person. BoththeConservativesandLiberalswentintothelastelectionpromisingto"Reversethesurveillance state"createdunderLabour,butclearlyhadnointentionofdoingso;Labour'sIMPwassimply renamedCCDPwhenthenewgovernmentwaselected.Sincetheelectionnotonlyhasthisproposal forStatemonitoringofallcommunicationsbeenputforward,buttherearealsoplansfordefaulton censorshipofInternetwebsites ClairePerry'santiporncampaign ,andtomakethejobcomplete, theLevesonEnquiryislikelytorecommendrestrictionsoninvestigativereportingbythepress,in thelightofthephonehackingscandal. IfindthismovetoamoreauthoritariansocietyunderaConservativegovernmentextremely worrying,especiallysincethereseemstobesignificantcrosspartysupport. TheBilldoesnotmentionwhowillbeexempt,orhavespecialrestrictionsonaccesstotheir communicationsdata.IsuspectthatGovernmentministers,MoD,SIS,ForeignOffice,Treasury,thebig Banks,andlargecorporateswilldemandexemptionsfromthisbilltoprotecttheprivacyandsecurity oftheirbusinesstransactions. TheBilldramaticallyextendsthecapabilitiesenabledunderRIPA,andbroadensdefinitionsofa telecommunicationsserviceandatelecommunicationsdevicesuchthattheSecretaryofStatecan demandthatanyelectromagneticorelectricaldevicethatcommunicatescanbeforcedtohave monitoringbuiltintoit,forexampleallofthe'Smart'TVswithbuiltinmicrophones,cameras,and facerecognitionsoftwarecouldbeforcedtologcommunicationsdataforpeopleintheirownhomes, verylikethedevicesinOrwell's1984.Ofcourseourgovernmentwouldnotwanttodothis,butonce thislegislationisonthestatutebooks,itisthereforanyfuturegovernmenttoextendasitwantsBy Order. GENERAL: 1.HastheHomeOfficemadeitclearwhatithopestoachievethroughthedraftBill? TheHomeOfficeisvagueaboutexactlywhatithopestoachieve,andespeciallyvagueabouthowit hopestoachieveit.TheobjectivesboildowntomakingiteasierforPolicetoobtaincommunications datathattheyarecurrentlyunabletoobtain,butthegovernmentisvagueaboutwhat communicationsdataitisunabletoobtain,andaboutexactlyhowitwillfilltheseallegedgapsin capabilities.Thebillseemstobeanenablingact,allowingtheSecretaryofStateto"ByOrder" demandCSPsinstallspecifiedequipment,andcanalso"ByOrder"changewhohasaccesstothedata collected,effectivelyrewritingthedefinitionofcommunicationsdataatanytime.

Draft Communications Data Bill

23

2.HastheGovernmentmadeaconvincingcasefortheneedforthenewpowersproposedinthedraft Bill? Therehavebeenanumberofclaimssuchasstoppingpaedophiles,terrorists,andevenmurderersby theuseofthesepowersalthoughIamnotconvincedthatthepowersthatappeartobeenabledbythe billwillpreventcrimesalthoughtheymaybeuseful,inbuildingacaseafterarrests.TheBillcouldbe veryusefulindisruptingprotests,andreducingtheimpactofindustrialaction,investigative journalists,andintrackingdownwhistleblowers. 3.HowdotheproposalsinthedraftBillfitwithinthewiderlandscapeonintrusionintoindividuals privacy? ThisBillappearstogivethePoliceandnumerousgovernmentdepartmentsaccesstolargeamounts ofnotclearlydefineddatawithnothingmorethanthesignatureofa'designatedperson'.Therehave beennumerouscasesofroguePoliceofficersaccessingPNCandRIPAdataforexample'pinging' mobilephonesofcelebritiesfortabloid.ThereisareadymarketforsurveillancedataasOperation Weeting/Elvedenfound,althoughtheirfocusseemstobepurelyonNewsInternationalratherthan othertabloidsorPolicecorruption. 4.Whatlessonscanbelearntfromtheapproachofothercountriestothecollectionofcommunications data? OthercountriesthathaveintroducedDeepPacketInspectionbasedmasssurveillanceofthetype suggestedintheBillincludeChina,IranandKazakhstan.Myunderstandingisthatthesecountries havefoundDPIbasedsurveillanceeffectiveindetectingandcrushingprotestagainstthegovernment. TheArabspringtookmanydictatorsbysurprise,butincountrieswherethegovernmentscensor, controlandmonitortheInternettheyhavebeenabletoavoidorcrushuprisingsbeforetheyhave beenabletoattaincriticalmass.IhavenotbeenabletofindinstancesofgovernmentsusingDPIfor crimefighting,althoughthegovernmentsusingittooppressprotestmaydefinetheiruseasfighting terrorism,orpreventingcrimeanddisorder.Itismyconcernthatourgovernmentwillusethese draconianmonitoringpowerstospyonpeacefulantiwaroranticapitalismandotherprotestersin caseprotestsleadstodisorder,orcoulddamagetheeconomicwellbeingofthecountry.Isuspect thatinvestigativejournalistswillfinditveryhardtoprotecttheirsourcesanditislikelythatthiswill causeasignificantreductioninwhistleblowerbasedinvestigativejournalism,whichwillmake governmenteasier,andmuchlesstransparent. 5.Arethereanyalternativeproposalswithregardtothetechniqueandcostofobtaining communicationsdatathattheGovernmentcouldconsider? Fromthemanyvaguereportsofthegoalofthislegislation,thegovernmenthassaidthatitisunable toobtaincommunicationsdatafromforeignproviderssuchasFacebook,Twitter,Google,Skype Microsoft ,howeverallofthoseprovidersregularlyprovidethePolicewithcommunicationsdata andmorewhenaskedforit,althoughtheymayrequireacourtorder,iftheydonotbelieveitisfor detectingorinvestigatingseriouscrimesorterrorism,e.g.communicationsdataforprotestgroups.I believethatthedangersofhackingcommunicationstoscrapethecommunicationsdatafromthemis greaterthantheusefulnessofdoingso.Thesocialnetworkproviderswillprovidehelpinfighting seriouscrimesatalowcostwhereasIexpectthisBill'sproposalwillcostdramaticallymorethanthe estimated1.8Boncetheusualgovernmentprovidersstartridingthegravytrain. 6.ThedraftBillsitsalongsidetheDataRetentionRegulations.Howwillthesetwopiecesoflegislation interrelate?Woulditbepreferabletohaveoneoverarchingpieceoflegislationthatgovernsthe retentionofcommunicationsdata? IftheremustbemoreintrusionintotheprivatelivesofinnocentBritishcitizensthenthegovernment mustbecompletelytransparentaboutexactlywhatwillbemonitoredandwhyitisnecessaryrather thanusingglibtermssuchasItsonlythewhowhatwhenandwhere,notthecontents.This definitionmaybeapplicabletopostalmailortelephonecalls,butwhenappliedtocomplexInternet communicationsitistotallyunclearwhatwillbemonitoredandlogged.ForexampleifIsearch Googleforsnooperscharterthewebrequestwouldbe http://google.co.uk/search?q snoopers%20charter.Wouldthedatabaserecordgoogle.co.ukor thefullgooglerequestwhichincludesthegooglesearchIhaverequested?Datathatpeopleenteron FacebookisevenmorerevealingthanGooglesearches,andwhencombinedwithphonecalls,texts

24

Draft Communications Data Bill

andlocationdata,givesadetailedprofileofmillionsofpeoplecompletewithtaggedmugshotsanda completetimeline.WhatspecificallywillbescrapedfromFacebook,Twitter,Skypeetc? ThedefinitionofCommunicationsDatadoesnottouchthesevitalquestions.Ifthedetailsofevery searchrequestareloggedthenthismakesthedatabaseincrediblyintrusive.FrompeoplesGoogle searches,Facebookpostsandprofiles,Twitterfeeds,textsandmobilephonelocationdata,itis possibletotrackeveryonemoreeffectivelythantheStasievercould. 7.IfitisconcludedthattheprovisionsofthedraftBillareessential,arethereanyothermeasuresthat couldbescrappedasaquidproquotorebalancecivilliberties? ThisBillasIunderstandit,isamassiveattackoncivilliberties,anddwarfstheimpactofother legislation.Thegovernmentclearlywantsthislegislation considersitessential orIMPwouldhave beendroppedaspromised,ratherthansimplyrenamedCCDP.IsuspectmostMPshavenoideahow Orwellianthesemeasurespotentiallyarewithmostpeoplenowlivingtheirlivesonline. 8.WilltheproposalsinthedraftBillposeariskthatcommunicationsserviceprovidersseetheUKasa lessattractivebase.Whatmightbetheeffectonbusiness? TheuseofDPItohacksecurecommunicationse.g.withbanksandothersecurewebsiteswillputthe usersofsuchwebsitesatriskfromroguePoliceofficersandothergovernmentorCSPemployeeswho willhaveaccesstothedatabases.ItisnotatallclearexactlywhatwillbestoredforSSL communications see6above .BankingwebsitesrelyontheSSLencryptiontokeeptransactions safe,sohackingtheSSLencryptionwithDPIwillexposepersonalfinancialinformation,thatcouldbe usedbycriminalsforfraud.IfcommunicationsserviceprovidersarerequiredbyUKlawtoopenallof theircustomerscommunicationsdatatogovernmentsurveillancewithnoprecisedefinitionsofwhat willberecorded,thenmanywillchoseafreerlocationfortheirservicestoprotecttheircustomers,or perhapsrestrictwhatUKcustomerscandoonline.ServicessuchasPaypalwilllikelybeunsafeifSSL CommunicationsDataisloggedandopentohundredsofthousandsofGovernmentemployees,with justasignature.LargecorporatesandBanksareunlikelytoacceptsurveillanceoftheirtransactions, andwilldemandthattheyareexemptorprotectedfromthislegislation. COSTS: 9.Istheestimatedcostof1.8bnover10yearsrealistic? Thegovernmenthasbeendeliberatelyvagueaboutexactlywhatwillbemonitoredandexactlywhat equipmentwillbeusedtoperformthismonitoringsoitisverydifficulttojudgeexactlywhatthecost willbe,butwecanlookatthehistoryofbiggovernmentITprojectsandwecanseethattheinitial lowend estimateforthecostofthe"EntitlementCard"projectwasalso1.8B,andthatprojecttoo hadavaguedefinitionofhowitsgoalswouldbeachieved.AstheIDCardprojectevolvedthescaleof theprojectreduced,scrappingmostofthebiometrics,andsimplifyingitsimplementation,yetthe estimatedcostskeptrising.Itwaseventuallyscrappedafterwastingundisclosedsumsoftaxpayers' moneyandachievingnothingofanysignificantvalue.ThisisaDefence/Policingprojectsobidders willberestrictedtotheusualcompanieswhoregularlyfleecethetaxpayerwithoverpricedpoorly specifiedprojectsthatdramaticallyincreaseincostastheprojectsgoalschopandchangeduringthe implementation AircraftCarriers? . Atatimewhenevenbasicservicesarebeingcuttotheboneitismadnesstowastewhatwilllikelybe manybillionsofpoundsonaninvasionofprivacythatisveryunlikelytopreventmuchcrime.The moneywouldbebetterspentonconventionalpolicing,andcrimepreventionsuchastacklingthe problemofdrugs,guns,knives,andgangs.Forhigherlevelcrimeweneedlooknofurtherthanthe Banks moneylaunderingforduggangsandterrorists,manipulatinginterestratesforpersonalgain, taxevasion,financialfraud .Byactuallyprosecutingbankingcriminalityratherthansimplyfocusing oncrimecommittedbythepoorpeople,trustingovernmentandtheruleoflawmightbeenhanced.I suspecttheBankswilldemandtobeexcludedfromthislegislationtoprotecttheirbusiness transactions. 10.TheHomeOfficesuggeststhebenefitsthatcouldbedeliveredbytheenactmentofthedraftBill couldbeworthbetween56bn.Isthisfigurerealistic? Thisfigurehasbeensuggestedbuttherehasbeennobreakdownofexactlywherethesebenefits wouldcomefrom.Ifthegovernmentisreallyseriousaboutthisbillbeingamoneyspinnerthenit

Draft Communications Data Bill

25

shouldproduceadetailedbreakdownofexactlywherethismoneycouldcomefromandprovide relevantcurrentfiguressothatifthisprojectisimplementedthentheactualfigurescanbemeasured byeveryonetoseeexactlywhatthefinancialimpactis.Isuspectthatthesefiguresdonotincludethe costtothecountryofcommunicationsdatabeingusedbycriminalstocommitfraudulentfinancial transactions,ortoextortmoney. SCOPE: 11.Arethedefinitionsofcommunicationsdataandcommunicationsserviceproviderappropriate?Do theysensiblydefinethescopeofthepowersinthedraftBill? TheBillhasasimilardefinitiontoRIPAandtheDataRetentionRegulations,butIcanfindnomention anywhereofFacebook,Google,Skypeandotherproviderswhichareallegedtocauseproblems.This deliberatelyvaguedefinitionandtheabilityoftheSecretaryofStatetoredefinewhatequipment mustbeinstalledbyCSP"ByOrder"effectivelyallowsthegovernmenttomonitorwhatitlikes.When IhaveaskedspecificquestionsaboutwhatwillbemonitoredIhavebeentoldthatthisisnot disclosed.Wemustsimplytrustthisandeveryfuturegovernmentnottoabusetheseundisclosed powers.ThedefinitionofaCSPisverybroadandcouldincludeanyonewhooperatesorhascontrol overanycommunicationsdevice,whichcouldbeeverythingformTVstoADSLrouterstoPCs,and Tabletcomputers,somanufacturersofconsumerelectronicscouldbeforcedtoinstallsurveillance softwareondevicesinourhomes. 12.WhichpublicauthoritiesshouldbeabletoaccesscommunicationsdataunderthedraftBill?Should itbepossiblefortheSecretaryofStatetovarythislistbyOrder? Thereisavastlistofgovernmentdepartmentsthatcanaccesscommunicationsdata,andIam concernedthataccesstopersonalcommunicationsdatawillbecomeroutineamongmany governmentdepartmentsasfishingtripstoseeifthereisanythingofinterest.Asthenumbersof requestsincreases,theoversightforeachrequestwillreduce.Thechancesofstaff,criminals, tabloids,andprivateinvestigatorsgettingillegalaccesstoprivatepersonalcommunicationsdatais great.Shouldsomanygovernmentagenciesbeinvestigating"seriouscrimeandterrorism"whichis thestatedreasonfortheinvasionofprivacy?Surelyifthereiscriminalitythenthepoliceshould investigateandthereshouldbenoproblemingettingjudicialauthorityforaccesstocommunications data. 13.Howrobustaretheplanstoplacerequirementsoncommunicationsserviceprovidersbased overseas?Howrealisticisitthatoverseasproviderscouldbepursuedforbreachofduty? Google,Facebook,Twitter,Microsoft Skype alreadyprovidecommunicationsdataforUKPoliceand onlyrefusedataiftheyarenotconvincedthatthedataislegitimatelyrequired,butwillcomplywith courtorders.Thegovernmentwouldnotbelikelytopersuadetheseproviderstoallowdirectreal timeaccesstotheirdatabases,andwouldbeunlikelytobeabletoforcethemtocomplywithrequests theyfeelareunjustified.HoweverusingDPItoscrapedataoutofFacebook,Twitter,Googleand hundredsofwebmailprovidersisprobablyunrealisticduetothefrequentchangesandtheeffortto keepchangingfilters. USEOFCOMMUNICATIONSDATA: 14.Arethecircumstancesunderwhichcommunicationsdatacanbeaccessedappropriateand proportional?Whatkindofcrimesshouldcommunicationsdatabeusedtodetect? TheBillappearstogivealmostunrestrictedaccesstocommunicationsdatawhichIbelieveisopento abuse,e.g.Policesimplyneedstobeconsideringinvestigationacrimeorpossibledisorder.All requestedforcommunicationsdatashouldrequirejudicialauthorisation. 15.Istheproposed12monthperiodfortheretentionofdatatoolongortooshort? SAFEGUARDS: 16.Applicationsforaccessingcommunicationsdatawillbesubjecttoaseriesofsafeguardsincluding approvalbyadesignatedseniorofficerwithinthepublicauthoritymakingtherequest.Howshould designatedseniorofficerbedefined?Isthissystemsatisfactory?Arethereconcernsabout compliancewithArticle8ECHR? TheBillputsnolimitonthenumberdesignatedseniorofficersandallowsthemtodelegateauthority tootherstaff.BusyPoliceofficersarelikelytocreatemanydesignatedofficersasthenumberof

26

Draft Communications Data Bill

requestsfordataincreases.Policewilllikelyusethissurveillancedatabaseastheirfirstcallinany investigation,andcriminalsmaymanipulateittoprovidefalsealibis.Thereshouldbearequirement torequestallcommunicationsdatathroughajudicialauthority,andtheremustbeagoodreasonto intrudeontheprivatelifeofindividuals.WithoutjudicialoversightIdon'tthinkthislegislationcan properlycomplywithArticle8,butIamnotalawyer. 17.Wouldawarrantsystembemoreappropriate?Ifyoufavourawarrantsystemshouldthisapplyto allpublicauthoritiesincludinglawenforcementagencies?Shouldawarrantbenecessaryinall circumstances?Andwhatwouldtheresourceimplicationsbe? See16above.PerhapsPolicemightgetoutonthestreetsmoreanddostandardconventionalpolicing ratherthansittingintheirofficesearchingthroughpeoplesprivatecommunicationsdata.Theremust bejudicialoversightofallrequestsforpersonaldata,ifitseasyitwillberoutine,ifitsroutine,itwill beabused,officerscanmakegoodmoneysellingaccesstomobilephonelocations. Ifthegovernmentwantssafeguardsagainstabuseofsurveillancethenitshouldbemandatoryforthe victimofsurveillancetobeinformedofthesurveillanceandthereasononeveryoccasionwhenlegal actionisnottakenwithin12monthsofthesurveillance.Thiswillclearlyhighlightanyunjustifieduse ofsurveillancealthoughIdoubtverymuchthatthegovernmentwouldwanttoalertinnocentpeople toabusesofthesepowersinthisway. ENFORCEMENT: 21.Arethepenaltiesappropriateforthosepublicauthoritiesthatinappropriatelyrequestaccessto communicationsdata?ShouldfailuretoadheretotheCodeofPracticewhichisprovidedforinthedraft Billamounttoanoffence? ThereisastrongtendencyamongthePolicetocloseranksandprotectthereown,andtherewillbea reluctanceingovernmenttohaveanyabuseofthesepowersreportedinthepresssoIsuspectthat mostabuseofthesepowerswillbedealtwithbylighttouchinternaldisciplinarymeasures.There shouldbemandatoryjailtimeforabusesbythoseapplyingforsurveillancethatisnotjustified,and minimumfinesforeverydesignatedpersonthatauthorisedtherequests.Thiswouldmakepeople morecareful,andwouldreducefishingtrips. TECHNICAL: 22.Doesthetechnologyexisttoenablecommunicationsserviceproviderstocapture communicationsdatareliably,storeitsafelyandseparateitfromcommunicationscontent? UsingDeepPacketInspectionthecontentsofdatacommunicationscanbeexaminedtotakethe communicationsdataelementfromthestream.InordertoexamineSSLbasedcommunications https asusedinbankingGmailandmanyotheronlinesitesitisnecessarytoemployamaninthe middleattackandhaveaccesstotheprovidersprivatekeys,oruseafakeSSLcertificatetokeepthe browserhappyandallowtheequipmenttoaccessthecommunicationswiththesecurityremoved. BritishcompaniessuchasGammaInternationalhavebeensupplyingDPIbasedsurveillance equipmenttorepressiveregimestoallowthemtomonitorsecurecommunicationsusedby oppositiongroupsanddissidents,sothatoppositioncanbecrushed,beforeitcanbuildmomentum. Itwouldbenecessarytomaintainverylargenumbersoffilterstoextractcommunicationsdatafrom thedatastreamsofdifferentsitesandthetaskofmaintainingthesefiltersaswebsitesareupdated, couldbecomeverydemanding.AlthoughIthinkthisispossibleifnotaverypracticalwaytogetand storecommunicationsdata,Isuspectthatitwouldresultinmorethanbasiccommunicationsdata beingcaptured,tobesureofgettingitall.Thestoragerequirementsarelikelytobeenormous,andif vastnumbersofgovernmentstaffneed'nearrealtime'accesstothedatathenitislikelytobevery difficulttobothkeepitsecureandprovidethedatanearrealtime,soIsuspectthatsecuritywill suffer. 23.Howsafelycancommunicationsdatabestored? Data*can*alwaysbesecurelystored,butthecostofsecurityisintheeaseandspeedofaccess,so therewillalwaysbeatradeoffbetweeneaseofaccessandsecurity.Withtheverylargenumbersof requestsfordataIsuspectthatsecuritywillsufferanddatawillfallintothewronghands.The governmenthasbeenveryunwillingtodisclosetechnicaldetailsofthisprojectastheywerewiththe IDCardsproject,andIsuspectitwillbeanexpensivefailureasIDCardswere,orworseaninsecure

Draft Communications Data Bill

27

Orwellianmonitoringsystemwhichisroutinelyillegallyaccessed. 24.Aretheproposalsforthefilteringarrangementsclear,appropriateandtechnicallyfeasible? TheproposalsforfilteringdonotmentionDeepPacketInspection,thehackingofSSLwithmanin themiddleattacksorDataMiningbecausethiswouldalertthemediatothedangersofthisproposal. Iamconfidentthatthesehighlyintrusivetoolswillbeused,butIamnotconfidentthatthatthegoals ofmaintainingaccesstocommunicationsdatafromsocialmediaandwebmailsystemfromallofthe thousandsofprovidersontheInternetisatallfeasible.Itwouldprobablyberelativelysimpleto extractdatafromtwitter,becauseofitsrelativelysimpleformat,butthetaskofmaintainingfiltersfor allofthedifferentsocialmediaandemailsitesontheInternetwouldbeanenormoustask,andis thereforenottechnicallyfeasible.IftheintentionissimplytomonitorpeoplesTwitter,Gmail, Hotmail,Google andFacebookpoststhenitwouldbefeasible. 25.HoweasywillitbeforindividualsororganisationstocircumventthemeasuresinthedraftBill? Therearealreadymeasuresthatwouldcircumventthemeasuresinthedraftbill,forexampleaVPN productthatIwroteandmyemployersellstocustomersthatprovidesanencryptedVPNwiththe trafficsplitacrossmultipleADSLlinesfrommultipleADSLproviders thisisforresilienceagainstline andproviderfailures .Theproposedsurveillancewouldhaveadistributeddatabaseacrossthose ISPsbutitwouldnotbepracticaltolinktheDPItodecryptthepackets,andthedataoneachprovider wouldonlybeafractionofthedatastream.Astheseproposalsgetclosertoimplementation ifthey evergetthatfar thendevelopersofOpenSourcesoftwarewhovaluetheirprivacywilldeveloptools thathaveahigherlevelofsecuritysothattheyarenotpracticalorareimpossibletobreak.Criminals paedophilesandanyonewhovaluestheirprivacywillusetoolsthatenablethemtomaintaintheir currentlevelsofprivacy,soallthatwillbemonitoredarethestupidandtheinnocent. Usinghighgradeencryptiontoforeignserverswouldallowthosewhodonotwishtobemonitoredto passalloftheirInternettrafficthroughacountrythatdoesnotmonitoritspeoplesInternettrafficor doesnotsharesurveillancewiththeUK.Theharderthestateattemptstocontrolandmonitorthe peoplethehardermanypeoplewilltrytomaintaintheirfreedomandprivacy. 26.Arethereconcernsabouttheconsequencesofdecryption? MyunderstandingofthecurrentstateoftheartformassstatedecryptionofSSLencryptedtraffic,is touseamaninthemiddleattackandafakeorRIPArequestedSSLcertificates.Thebrowseraccepts theSSLcertificateandmakesasecureconnectiontothegovernmentblackboxwhichthenmakesa connectiontothetargetsite,andreencryptsthetraffic.Thisallowstheblackboxtohaveacleartext viewofthedataasitpassesthrough.Theproblemhereisthatsomeimplementationsofthishacking techniquearesaferthanothers,forexampletheDPIboxbyCyberoamusedthesamefakecertificate foreveryboxsotheywereallowinganyonewithanotherCyberoamboxoraccesstotheshared certificatetoaccessthedatae.g.viaawirelesslink.Thereisadangerthattheseproposalswillexpose thedecrypteddatatocriminalssothattheycancommitbankfraud,simplybypayingorcoercinga governmentorCSPemployeetopassonpersonalcommunicationsdata.Therehavebeenmanyleaks ofdatathathavebeenusedbyprivateinvestigatorstoprovidedatatoclientse.g.NewsoftheWorld journalists,thiswillsimplybeanothersource. Thereareplentyofencryptiontechniquesthatwillnotbepossibletodecryptonamasssurveillance basis,andcriminalsandpeoplewhovaluetheirprivacywillusethese,thiswillprobablyresultin innocentpeoplewhosimplywanttousetheInternetwithoutstatesurveillancebeingcriminalised. August2012

28

Draft Communications Data Bill

The Bar Council of England and Wales


Introduction TheBarCouncilrepresentsand,throughtheindependentBarStandardsBoard,regulatesover15,000 barristersinEnglandandWales.Barristersareindependent,specialistadvocateswhoprovideavital, frontlinepublicserviceandapoolofexpertisefromwhichthemajorityofthejudiciaryisdrawn,on whoseindependencetheRuleofLawandourdemocraticwayoflifedepend.TheBarCouncils membersincludebarristerswhoregularlyadviseandappearincourtproceedingsonbehalfofpublic bodies,includingGovernmentdepartmentsandinvestigatoryandprosecutingauthorities. ItistheviewoftheBarCouncilthatthecurrentregimeforobtaininginformationaboutindividuals privatecommunicationsandactivitiesisnotfitforpurpose,anddoesnotprovidetheprotections whichwewouldexpectofanyliberaldemocracy.Thelawsgeneraloverreachingoftheproper protectionofprivacyisexacerbatedbythefailureoftheRegulationofInvestigatoryPowersAct2000 RIPA properlytoprotectlegalprofessionalprivilege;afailurewhichiscarriedoverintothedraft Bill.ThiswrittenevidencelaysouttheBarCouncilsconcernsand,inparticular,makes recommendationsfortheprotectionoflegalprofessionalprivilege. HowdotheproposalsinthedraftBillfitwithinthewiderlandscapeonintrusionintoindividuals privacy? TheBarCouncilhasseriousconcernsaboutprovisionscontainedwithintheDraftCommunications DataBilltoextendtheRIPAregimetoincludeinternetandmobilephonebasedcommunications data.Thesefailtostrikeanappropriatebalancebetweencitizensprivacyandthepublicinterestina societygovernedbytheRuleofLaw. AccordingtoJUSTICE,sinceRIPAcameintoforcetherehavebeenatleast2.7mrequestsfor communicationsdataandover4,000authorisationsfordirectedsurveillance e.g.watchingan individualshome .Thisexcludeswarrantsandauthorisationsonbehalfofthesecurityservices.32 Initsexcellentreport,FreedomfromSuspicion:SurveillanceReformforaDigitalAge,JUSTICE states: RIPAhasnotonlyfailedtocheckagreatdealofplainlyexcessivesurveillancebypublicbodiesover thelastdecadebut,inmanycases,inadvertentlyencouragedit.Itspoordraftinghasallowedcouncils tosnoop,phonehackingtoflourish,privilegedconversationstobeillegallyrecorded,andCCTVto spread. Nodoubtpublicofficialsincludingthepoliceandsecurityservicesfinditoperationallyconvenient tobeabletoobtainasmuchinformationaspossibleaboutcitizensprivatecommunications,andto dosocovertly,i.e.withouttheknowledgeofthedatasubjects.Butconvenienceisnotthetest:the criticalquestionforcompliancewithArticle8oftheEuropeanConventiononHumanRightsis whetherthegathering,retention,orsubsequentuseofinformationisnecessaryinademocratic societyinpursuanceofadefinedlegitimateaim. Giventheevidencethatthecurrentregime whichwassupposedtobringdomesticlawintolinewith theUKsECHRobligations hasfailedtoprotectindividualsfromexcessiveintrusionintotheprivacy oftheircommunicationsandotheractivity,anyrebalancingofthesystemshouldbeinthedirection offurtherrestrainingthepowersofpublicbodiessothattheyaretargetedatthosegenuinelyunder suspicionofseriouswrongdoing.TheProtectionofFreedomsActwasawelcome,iflimited,stepin thatdirection.ItisdeeplyworryingthattheGovernmentnowproposestoreversethemodest

32http://www.justice.org.uk/data/files/resources/305/JUSTICEFreedomfromSuspicion

SurveillanceReformforaDigitalAge.pdf

Draft Communications Data Bill

29

progressmadeinthelastsessionofParliamentbyproposingawholesaleextensionofofficialaccess tocommunicationsinformation. WewouldaddthatitisfarfromclearthattheproposalsinthedraftBillarecompatiblewithEUlaw. ThepowersofMemberStatestorequirecommunicationsandinternetserviceprovidersroutinelyto retainuserdatawereharmonisedbytheDataRetentionDirective06/24/EClargelyatthe insistenceoftheUK,whichheldtheCouncilPresidencyattherelevanttime.Itishardtoseehowthe UKcanunilaterallyimposearequirementoncommunicationsandinternetcompaniestoretain,and permitofficialaccessto,widecategoriesofdatabeyondthosedefinedintheDirective.Indeed,the compatibilityoftheexistingDirectivewithprivacyrightsiscurrentlyawaitingconsiderationbythe CourtofJusticeoftheEuropeanUniononareferencefromtheIrishHighCourt.Thatfollowsaseries ofdecisionsofvariousMemberStatecourts includingtheGermanConstitutionalCourt striking downdomesticlegislationtransposingthecurrentDirectiveongroundsrelatingtoinfringementof privacy.GiventhatthemainpolicydriverbehindtheBillistheperceivedexternalthreattonational security,itmakessensefromapoliticalaswellasalegalstandpointformeasuresofthiskindto proceedonthebasisofEuropeanconsensus. LegalProfessionalPrivilege OneissueofparticularconcerntotheBarCouncil,givenourcloseinterestinissuesrelatingto administrationofjustice,islegalprofessionalprivilege LPP therighttoprivatecommunication betweenalawyerandtheirclients.RIPAmakesnomentionofLPP,andconsequentlytherelationship betweenLPPandtheauthoritiespowerstoobtainprivateinformationwasneverdebatedwhenthe RegulationofInvestigatoryPowersBillwasbeforeParliament.ThepowertooverrideLPPonlycame tolightwitha2009judicialdecisionoftheHouseofLords,InReMcE.33Thepresentstateofaffairsis highlyunsatisfactory.WerespectfullyinvitetheCommitteetourgetheGovernmentto a takethe opportunityoftheproposedlegislationtorestoretheprotectionofLPPinrelationtoexistingRIPA powers,and b ensurethatanynewpowerssimilarlyrespectLPP. Background:RIPAandLPP Therightofapersonincustodytoprivateconsultationwithalawyerisexpresslyprotectedin statute.Section58 1 ofthePoliceandCriminalEvidenceAct1984 PACE declares:Aperson arrestedandheldincustodyinapolicestationorotherpremisesshallbeentitled,ifhesorequests, toconsultasolicitorprivatelyatanytime. Theimportanceofanaccusedbeingabletoconferwiththeirlawyerinprivatehasalsobeen emphasisedinnumerouscasesontheECHR,decidedintheUKandinStrasbourg.FormerLordChief JusticeLordTaylorsummeduptheimportanceofLPPwhenheobservedthat: ...amanmustbeabletoconsulthislawyerinconfidence,sinceotherwisehemightholdbackhalfthe truth.Theclientmustbesurethatwhathetellshislawyerinconfidencewillneverberevealed withouthisconsent.Legalprofessionalprivilegeisthusmuchmorethananordinaryruleofevidence, limitedinitsapplicationtothefactsofaparticularcase.Itisafundamentalconditiononwhichthe administrationofjusticeasawholerests. LPPissubjecttothesensiblelimitationthatitdoesnotprotectcommunicationsmadeinfurtherance ofacriminalpurpose.Thisissometimesknownastheiniquityexception.Itexiststopreventabuse ofthelawyerclientrelationship. TheneedforreformofRIPAbecameapparentin2009,whentheHouseofLordsdecidedInReMcE,a NorthernIrelandappeal.TheHouseheldthatPart2ofRIPApermitsthecovertsurveillanceof meetingsbetweendefendantsandtheirlawyers,eventhoughnoexpressprovisionoftheAct authorisesitanddespitethecarefulprotectionofLPPbyPACE.

33

2009 1AC908 http://www.publications.parliament.uk/pa/ld200809/ldjudgmt/jd090311/mce1.htm

30

Draft Communications Data Bill

Part2ofRIPAdealswithcovertsurveillanceanduseofcoverthumanintelligencesources CHIS . Section27ofRIPAprovidesthat ConducttowhichthisPartappliesshallbelawfulforallpurposesif a anauthorisationunderthis Partconfersandentitlementtoengageinthatconductonthepersonwhoseconductitis;and b his conductisinaccordancewiththatauthorisation. Significantly,andasasignofthelackofclarityinherentinthecurrentregime,thejudgeswerenotof theunanimousviewthatsection27ofRIPAtrumpssection58ofPACE.LordPhillipsofWorth Matraversdissented,observing atparagraph41 : WhileRIPAenablesauthorisationofsurveillanceofcommunicationstowhichLPPattachesat commonlawitdoesnot,inmyview,enableauthorisationofinvasionbycovertsurveillanceofthe expressrightsgivenbystatutetoadetaineetoconsultalawyerprivately.Itwouldnotbe incompatiblewiththeConventionforpowertobegrantedinexceptionalcircumstancestocarryout suchsurveillance,butIconsiderthatthepowershouldbegrantedbyastatutethatadequately definedthosecircumstancesandprescribedwhowastoascertainthattheyexisted. LordPhillipssummarisedtheimportanceofLPPatparagraph45whenhesaidthatTherationalefor LPPisthatitisnecessaryifclientsarenottobeinhibitedfrombeingfrankwiththeirlawyers.His Lordshipstatedthattheconcernoftheclientinthesecircumstancesisthatthecommunicationmay bedisclosedandthenusedtotheirdetriment. Ifthestateisabletoeavesdroponlegitimatelyprivilegedcommunicationsforthesakeofgathering intelligence,therewillbeaninevitablechillingeffectuponclients,whowillfeelunabletospeak openlywiththeirlawyers.Thiswouldseriouslyunderminethefundamentalhumanrightaffordedby LPP.Itcreatesagraveriskofmiscarriagesofjustice,ariskwhichhasunfortunatelymaterialisedin recenthighprofilecasesinvolvinguseofCHISandwhichemphasisetheneedforLPPtobeexplicitly protectedbylegislation. UndercoverpoliceofficersPCMarkKennedyandDCJimBoyling,infiltratingprotestgroupspursuant toRIPAauthorisations,maintainedtheircoverwhilefellowprotesterswereprosecutedandtriedfor offences.InKennedyscase RvBarkshire&Others ,significantnondisclosure astheCourtof Appealfound ofhisroleledto20overturnedconvictionsandcasesdroppedagainstsixother campaigners. ThepresentLordChiefJustice,LordJudge,expresseddisquietthatanundercoverpoliceofficermay havebeenpartytolegallyprivilegedcommunicationsbetweenthedefendantsandtheirlawyers.The concernsoftheLordChiefJusticewereconfirmedinthecaseofDCBoyling RvJordan ,whenit emergedthatDCBoylinghadindeedattendedmeetingswiththedefendantandhissolicitor. TheBarkshireandJordancasesdemonstratetheseriousproblemslikelytoarisewhenpersonsacting underRIPAauthorisationsobtainaccesstoprivilegedinformation.Thisisnotsimplyaprivacyor confidentialityissue:therearewiderconcernsaboutfairtrialwhenservingpoliceofficerscovertly accessprivilegedinformationandareinapositiontopassitontotheCrown. TheBarCouncilsconcernsextendbeyondthecriminallaw.Anindividualwhoisbringingacivil actionagainstthestatecouldatthesametimebesubjecttosurveillancebythestate.Thiscouldbein circumstanceswherethereisnobasisforsupposingthattheindividualispursuingsomecriminal purposeratherthangenuinelyseekingadviceonhiscivilclaim.Thatprospect,inthelightofthe rationaleforLPParticulatedbyLordPhillips,isadisturbingone.Itisalsoironic,giventhatRIPAwas promptedinthefirstplacebythejudgmentoftheEuropeanCourtofHumanRightsinHalfordv.UK, acaserelatingpreciselytoapublicauthorityaccessinglegallyprivilegedcommunications. ThefactsofMcErelatedtosurveillance.Butthereasoninginthecaseappliesequallytotheother covertinvestigationtechniquesgovernedbyRIPA:interceptionofcommunications,acquisitionof

Draft Communications Data Bill

31

communicationsdataanduseofCHIS.Wesaymorebelowaboutthespecificareaofcommunications datainthecontextofthecurrentdraftBill. TheBarCouncilisnottheonlybodytohaveconcernsaboutLPPinthiscontext.Thiswashighlighted byNickPickles,DirectorofBigBrotherWatch,whenhegaveevidencetotheCommitteeonTuesday 17July: RIPAexplicitlyfailstorecogniseprivilegedcommunications.TheBarCouncilandtheLawSociety havebothbeenveryclearthatthereisnorecognitionforprivilegedcommunicationsatallinthe existingregime.34 TheGovernmentspositiontodate ThepreviousGovernmentgaveapartialresponsetoInreMcEbymakingtwoordersunderpowers containedinRIPA.Oneorderconcerneddirectedsurveillance,35theotherCHIS.36Theordersalter theauthorisationprocedureswheretheauthoritiesseektotargetlegallyprivilegedcommunications. TherewerealsorevisionstotheCodesofPractice.37 Thesafeguardssupposedlyprovidedbytheseinstrumentsareinsufficient.Wheresurveillanceis intendedtoacquireprivilegedinformation,theCodeofPracticeprovidesthatitshouldbe undertakenonlyinexceptionalandcompellingcircumstances.However,therangeofcasesinwhich thisexceptionalcourseshouldbetakenisextremelyilldefined.Thecodereferstothreatsto nationalsecurityortolifeorlimb.Inourview,thephrasethreattolifeorlimblacksclarityand, whileitmaycatch aswasnodoubtintended seriousintentionaloffencesofpersonalviolence,it couldextendtomoreminoroffenceswherephysicalinjuryresultsfromlackofreasonablecareor frombreachofadutythatgivesrisetostrictliability.Meanwhile,thetestsetoutintheCodeforthe authorisationofsurveillancethatislikelybutnotintendedtoacquireprivilegedinformationis identicaltothestatutorytestforanyauthorisationforintrusivesurveillanceunderRIPA;itcontains nospecialprotectionforprivilegedmaterial. Theoverarchingdifficulty,however,isthatthesechangesdonotaddressthefundamentalpointthat covertinvestigatorypowersshouldnotbeusedtotargetprivilegedcommunications.Thestatusquo should,inourview,betheprotectionofLPPinallbutthosecircumstancesinwhichlegalprivilegeis beingabusedforcriminalpurposes.Inanyevent,theordersdonotapplytointerceptionof communicationsandacquisitionofcommunicationsdata. Assuch,itwillnotbesufficientsimplytotweaktheseexistingcodesofconduct,allofwhichoperate ontheassumptionthatRIPAallowsLPPtobeviolatedforinvestigatorypurposes. ItisregrettablethatthepresentGovernmenthassofarcontinuedtodefendthecurrentRIPAregime inrelationtoLPP.DuringthescrutinyoftheProtectionofFreedomsBillintheLords,Baroness HamweetabledaNewClause,draftedbytheBarCouncil,toremedytheposition pleasesee Appendix .InGrandCommitteeforthatBill,theMinisterpointedoutthatthatnoonecanregard themselvesasbeyondthelaworimmunefrominvestigationorprosecution.38TheBarCouncil respectfullyagrees.Ourproposalwouldnothaveplacedanyonebeyondthelaw.TheNewClause wouldhavepreservedtheiniquityexception:privilegedoesnotattachtoinformationheld,or communicationsmade,infurtheranceofacriminalpurpose.Moreimportantly,theNewClause simplywouldhavebroughtRIPAintolinewithotherlegislation:seebelow.

34http://www.parliament.uk/documents/jointcommittees/communications

data/uc170712ev4HC479iv.pdf

35http://www.legislation.gov.uk/uksi/2010/461/introduction/made 36http://www.legislation.gov.uk/uksi/2010/123/introduction/made 37http://www.legislation.gov.uk/uksi/2010/462/introduction/made

http://www.legislation.gov.uk/uksi/2010/463/introduction/made 38http://www.publications.parliament.uk/pa/ld201011/ldhansrd/text/111215 gc0001.htm#11121597000383

32

Draft Communications Data Bill

TheMinisteralsoreferredinGrandCommitteetothe2010decisionoftheNorthernIrelandHigh Court,RAsapplicationforjudicialreview,39arguingthatthecourthadbeensatisfiedwiththe safeguardsaffordedbytherevisedSurveillanceCodeofPractice.Butinthatcasethecourtonlydealt withtheissueofsafeguardsinrelationtothesubsidiaryquestionofhowmaterialcollectedfrom surveillanceshouldberetainedandeventuallydestroyed.Onthecentralissueofwhetherthepolice couldproperlyconductsurveillanceduringmeetingsbetweentheapplicantandhissolicitor,theHigh CourtrulednotsurprisinglythatitwasboundtofollowInreMcE.Ifanything,thiscase emphasisestheimportanceofParliamentaddressingthequestionofLPP. ItissignificantthatRIPAcontainsnoexpressprovisionaboutprivilege,sotheissuewasnotdebated whenthelegislationwasconsideredinParliament.Instead,asignificantdeparturefromexistinglaw cameaboutnotthroughopendebateandvotesbybothHouses,butbytheretrospectiveapplication ofrulesofstatutoryconstruction. WheneverParliamenthashadanopportunitytoconsiderLPPasin1984whenPACEwasunder consideration,andagainin1997beforeenactingthePoliceActithasconsistentlyvotedtoprotect it,subjecttoprovisionswhichpreventtheabuseofprivilegeforacriminalpurpose.Anyextension beyondthesepowersneedstobeopenlydebatedinParliamentandinpublic. ThedraftBill Forallthosereasons,theBillasintroducedshouldcontainprovisionsamendingRIPAtorestorethe protectionofLPP. IfanyofthenewpowersproposedbythedraftBillareeventuallyapprovedbyParliament,thesetoo shouldbeenactedintermsthatprovideexpresslyfortheprotectionofLPP.Itisimportantto appreciatethataccesstocommunicationsdataraisesconfidentialityissueseverybitasimportantas moreobviouslyinvasivepowerssuchasinterceptionofcontent,thecarryingoutofsurveillanceor theuseofCHIS.InaseriesofjudgmentsbeginningwithMalonev.UK 1984 Ser.ANo.82,the EuropeanCourthasbeenatpainstopointoutthatinformationaboutwhocalledwhom,when,for howlong,etc.,raisesprivacyissuesinprincipleeverybitassignificantasinterceptionofcontent.The distinctionbetweencontentanddatahasbeenfurtherblurredbytechnologicaldevelopmentssuchas searchengines,cloudcomputingandvoiceoverinternetcommunications.InthecontextofLPP, informationaboutwhoconsultedwhichlawyersisitselfhighlysensitiveand,inconjunctionwith otherinformationavailabletotheauthorities,isliabletoenablethenatureandcontentofprivileged communicationstobeguessedatwithahighdegreeofaccuracy. IfitisconcludedthattheprovisionsofthedraftBillareessential,arethereanyothermeasuresthat couldbescrappedasaquidproquotorebalancecivilliberties? TheBarCouncilsharestheconcernsvoicedbyJUSTICE,BigBrotherWatch,Libertyandothers regardingthenecessityofextendingtheinterceptionregimetoinformationwhich,despitebeing labelledmeredata,canbeextremelyrevealing. Nevertheless,weappreciatetheneedfortheauthoritiestoutilisecarefullytargetedinterceptionand surveillancetoolsintheinterestsofcrimefightingandnationalsecurity.Ourprimaryconcernisthat theregimeonwhichthesenewpowerswillbepinnedisnotfitforpurposeandalreadyoverbroadin itsreachandeffect. ShouldtheGovernmentchoosetopursuetheplanslaidoutwithinthedraftBill,weurgeittoadd provisionstoamendRIPAinordertoprotectproperlylegallyprivilegedcommunications.Wehope thattheCommitteewillappreciatetheimportanceofsuchsafeguards,andweencourageitto considerthisissuewhenmakingitsrecommendationstotheGovernment.

39http://www.bailii.org/nie/cases/NIHC/QB/2010/99.html

Draft Communications Data Bill

33

August2012

34

Draft Communications Data Bill

BCS, The Chartered Institute for IT


BCSisgovernedbyaRoyalCharterwhichdefinesourpurpose:topromotethestudyandpractice ofComputingandtoadvanceknowledgeandeducationforthebenefitofthepublic.Webring togetherindustry,academics,practitionersandgovernmenttoshareknowledge,promotenew thinking,informthedesignofnewcurricula,shapepublicpolicyandinformthepublic. TheRoyalCharterenablestheInstitutetoadmitqualifiedmembers;withoutour70,000members wewouldbeunabletoundertakemanyofourcharitableactivitiestopromoteITatalllevels. UndertheCharter,BCSisrequiredtoestablishandmaintainstandardsofprofessional competence,conductandethicalpracticeforinformationsystemspractitioners. As a professional body, BCS represents its members and the IT Profession as a whole on issues of importance, and liaises with other professional bodies, the government, industry and academics to initiateandinformdebateonITstrategicissues.Wealsodeliverarangeofprofessionaldevelopment tools for practitioners and employees and as a leading IT qualification body; we offer a range of widelyrecognisedprofessionalandenduserqualifications. ConsultationQuestions: General: 1. HastheHomeOfficemadeitclearwhatithopestoachievethroughthedraftBill?

Notethelistoflegitimatepurposes wheretherighttononinterferenceisnotobligatory ,onpage 100ofthedraftBillandcopiedhereonpage7,underheadingSafeguards.Thelistisextensiveand appearstobewiderinscopethanthepurposestatedbyTheresaMayquotedabove.


2.

ThepurposestatedbyTheresaMayis:toprotectpublic;bringoffenderstojusticebyensuringthat communicationsdataisavailabletothepolice/security/intelligenceagencies.However,shealso notesthatpolice,theSeriousandOrganisedCrimeAgency SOCA andHerMajestysRevenueand Customsalreadyhaveaccesstothefullrangeofcommunicationsdata.Alltheseagenciesarethe onesstatedbyher above .So,iftheyalreadyhaveaccesstothefullrangeitisnotclearwhyfurther powersareneeded.Lateron andinconsistentwiththepreviousstatement itissaidthat communicationsdataregardingemailandinternetislessavailableandhardertoaccess. Itisnotedthatotherauthoritieshaveaccesstocommunicationsdata,butdonothaveaccessto,for example,thelocationofamobilephone.Itappearsthenthatthelocationofamobilephoneforother authoritiespresentsaproblem.Thedefinitionofotherauthoritieshowever,listssome organisationsoutsideofthescopeoftheBillasstatedinitspurpose above .Theotherauthorities thatareincludedintheabovepurposei.e.apoliceforce,SOCA,intelligenceservicesappeartoalready becateredfor.AdditionalotherauthoritiesaretheScottishCrimeandDrugEnforcementAgency, HerMajesty'sRevenueandCustomsandanysuchpublicauthoritynotfallingwithinparagraphs a to f asmaybespecifiedforthepurposesofthissubsectionbyanordermadebytheSecretaryof State.BCSconsidersthistobeambiguousandofconcern.

BCS,TheCharteredInstituteforITbelievesthatthereareinconsistenciesbetweenpurposeand proposal.

HastheGovernmentmadeaconvincingcasefortheneedforthenewpowersproposedinthedraft Bill? TheInstitutedoesnotbelievethatthecaseisentirelyconvincing.Weareoftheopinionthatthereare inconsistenciesbetweenthestatedpurposeandproposal.

Draft Communications Data Bill

35

Ontheonehand,theGovernmentsaysitalreadyhasaccess,butontheotherthat,emailandinternet poseproblems.Anotherproblem,accordingtoTheresaMaysstatement,isthatcurrentlyaccessto communicationsdataisretrospectiveandinsomecasesthepoliceneedtoaccessdatainnearreal time,notablywherelivesmaybeatrisk e.g.duringakidnap . ItisnotclearhowtheproposedBilladdressesthisnearrealtimeissueascurrently,thepolice andsomeotherpublicauthoritiescanaccessspecifiedcommunicationsdata,afterdemonstratingit isnecessarytoinvestigationandproportionatetoaimandobjective.Asfaraswecanseeinthe proposedBill,suchdemonstrationofnecessity andgettingauthorisationtoaccessdata remainsa requirement.TheInstitutepresumesthatthespecifiedcommunicationsdatamentionedaboveis onlydatathatprovidersalreadyholdandthatthenewaspectoftheBillistorequireInternetService Providers ISP tocollectandstorecommunicationsdata forminimumof12months .Thiswould goalongwaytoaddresstheproblemofemailandinternetcommunicationsdata. Again,theproblemofnearrealtimeaccessmaybehelpedbyISPscollectingcommunicationsdata, buta12monthstorageperiod oranyperiodlongerthan,say,14days isirrelevanttothisproblem. 3. HowdotheproposalsinthedraftBillfitwithinthewiderlandscapeonintrusionintoindividuals privacy? Byvirtueofthefactthatinformationcollectedshowingapersonslocation e.g.themobilephone issuementionedabove isofparticularinteresttorelevantpublicauthorities,addedtothatisan interestinwhoiscommunicatingwithwho,forhowlong,andhowoften.Thisinformationcouldbe ofinteresttootherswhohavenotbeenauthorisedtoaccessit.Despitetheextensiverequirementsof security,integrity,codesofconductetc.itisverylikely,basedonevidencefromdatabreachesinthe lastyearthatinterestedpartieswillgainaccess. Thecollectionofdataaboutindividualsusingdigitalservicesisalreadyagrowingconcern,suchas thewebbrowsingtracking,collectingsocialnetworkingdataandprofilebuilding.Itcouldbeargued thatgovernmenttracking/profilingintheinterestsofthesecurityofcitizensmightbejustified.The bigdifferencebetweencommercialinterestandthestateinterestistheimpactonandconsequences tothatindividualasaresultofstatescrutiny.Beingasuspecthasconsequences sometimeslife changingandtraumatic ,butasuspectisnotacriminaluntilevidenceandacourtsaysso. 4. Whatlessonscanbelearntfromtheapproachofothercountriestothecollectionof communicationsdata? TheInstituteisinterestedtoknowtowhatextentthemeasuresundertakeninothercountries e.g. China,Russia comparetowhatisbeingproposedhere.Argumentsoftenputforwardconcernthe protectionofnationalsecurityandcitizensrequiringintelligence.TheUKGovernmentisnotonly requiredtoprotectthenation,butalsotoactintheintereststoensurepublicwelfare.These argumentscouldbeequallymadeinothercountries. 5. Arethereanyalternativeproposalswithregardtothetechniqueandcostofobtaining communicationsdatathattheGovernmentcouldconsider? TheInstituteisnotawareofanyalternativeproposalsthattheGovernmentcouldconsider. 6. ThedraftBillsitsalongsidetheDataRetentionRegulations.Howwillthesetwopiecesoflegislation interrelate?Woulditbepreferabletohaveoneoverarchingpieceoflegislationthatgovernsthe retentionofcommunicationsdata? TheInstitutehasnoviewontheoptionsbeyondthosealreadyexpressedintheresponsetoprevious questions.

36

Draft Communications Data Bill

7.

IfitisconcludedthattheprovisionsofthedraftBillareessential,arethereanyothermeasures thatcouldbescrappedasaquidproquotorebalancecivilliberties? TheInstituterecognisesthedifficultiesofreconcilingtheprotectionofthepublicwhilemaintaining individualcivillibertiesinafreesociety.Amoreindepthassessmentoftheproposedprovisionsof theBillandtheirdirectimpactonindividualcivillibertieswouldincreaseawarenessandenablea moreconstructivedebateonthemeritsof,andthenecessityfornewprovisions. 8. WilltheproposalsinthedraftBillposeariskthatcommunicationsserviceprovidersseetheUKas alessattractivebase?Whatmightbetheeffectonbusiness? TheInstituteconsidersthistobefeasible.Itwouldcertainlybeinterestingtoseewhetheran argumentbasedonlossofbusinesswouldinfluenceagovernmentthatisapparentlyrespondingto theneedtoprotectpublic,bringoffenderstojusticebyensuringthatcommunicationsdatais availabletothepolice/security/intelligenceagenciestotheextentthatcivillibertiesandpublictrust inpublicauthoritiescouldbeatstake.Forinstance,isbusinessinterestahigherprioritythan protectingthepublicandnationalsecurity? Costs: 9. Istheestimatedcostof1.8bnover10yearsrealistic? Itisdifficulttodeterminewhetherthisisrealisticasthedetailislacking.Governmentcost predictionsonprojectsarehowevernotoriouslysubstantiallyunderbudgetandoftennotfeasible technically.

Note:onbothpoints 9 and 10 theargumentmadein 8 aboveapplieseithertheproposals madeinthedraftBillarevital topublicandnationalsecurity ortheyarenot.Iftheyarenot,the Governmentshouldnotbepursuingthislineitisdangerous tothepublic ,controversial withdue cause ,challengingtoimplement operationalcomplexities,technicalchallenges,jurisdiction challenges andmostlikelycanbebypassedbytheverypeoplelawenforcementagenciesare interestedin.
Scope: 11. Arethedefinitionsofcommunicationsdataandcommunicationsserviceproviderappropriate?Do theysensiblydefinethescopeofthepowersinthedraftBill? TheInstitutehasnoviewontheoptionsbeyondthosealreadyexpressedintheresponsetoprevious questions.

TheInstitutebelievesthatthecostofcomplyingwithrequestsfromsubscribersforpersonaldatavia theDataProtectionAct1998wouldincreasebutareunclearifoperatorsorgovernment thus FreedomofInformationAct couldbeconsideredasdatacontrollersforthisadditionalinformation. Thecostofstoringthisinformationcanvarygreatlybetweenoperatorsdependentoncontractual agreementswiththeirsuppliersi.e.iftheyarepayasyouuseratherthanoneoffpaymentsfor equipment. 10. TheHomeOfficesuggeststhebenefitsthatcouldbedeliveredbytheenactmentofthedraftBill couldbeworthbetween56bn.Isthisfigurerealistic? TheInstituteconsidersitdifficulttomakeajudgementwithoutknowingwhatthefigureisbasedon.

Draft Communications Data Bill

37

12. WhichpublicauthoritiesshouldbeabletoaccesscommunicationsdataunderthedraftBill?Should itbepossiblefortheSecretaryofStatetovarythislistbyOrder? a Police/security/intelligenceagenciesasspecifiedintheopeningsectionoftheBill,asnoted in 1 above. b No,notwithoutsomestringentprotectionsforthepublic,anddemocracy,inplace.

13. Howrobustaretheplanstoplacerequirementsoncommunicationsserviceprovidersbased overseas?Howrealisticisitthatoverseasproviderscouldbepursuedforbreachofduty? Itisdifficulttoseehowcommunicationsserviceprovidersbasedoverseascouldbepersuadedto participateinsuchascheme.Thereforeconsiderationshouldbegiventowhattypeofinformation securitymeasuresbasedonlegallybindingcommercialarrangementscouldbeputinplacethat wouldmeetUKrequirements. Itislikelyothergovernmentsmaybeinterestedinthedatacollected.TheInstitutewouldlike clarificationonwhetherserviceprovidersoperatingundersuchgovernmentswouldbeabletolegally resistanyinformationrequests. UseofCommunicationsData: 14. Arethecircumstancesunderwhichcommunicationsdatacanbeaccessedappropriateand proportional?Whatkindofcrimesshouldcommunicationsdatabeusedtodetect? TheInstituteconsidersitimportanttousethecommunicationdatatodetectcrimeswheremanylives couldbeatstake. 15. Istheproposed12monthperiodfortheretentionofdatatoolongortooshort? Itisdifficulttosay,asthereason i.e.purposeoftheBill forkeepingdataisnotclearlystated. Asnotedabove,inthecaseofanabductionandrisktolife12monthsisnotrelevant,probablyalso notrelevanttoplottingaterroristactivityorstreetriots.12monthscouldhoweverberelevanttoa moneylaunderinginvestigation,ororganisedcrimeinvestigations. ThereseemstobeaconflictbetweenClause4Subsection 1a whichimpliesuseofarolling12 monthperiodforeachcommunicationdataitemstored andClause6Subsection 3 whichimplies thateachoperatorcanchoosetodeletedataitemsatregularintervalsoflessthanorequaltoone monththusadataitemmaybedestroyedatthe12monthanniversarybutatthenextprescheduled interval,variabledependentonoperator,post12monthanniversary . Safeguards: 16. Applicationsforaccessingcommunicationsdatawillbesubjecttoaseriesofsafeguardsincluding approvalbyadesignatedseniorofficerwithinthepublicauthoritymakingtherequest.Howshould "designatedseniorofficer"bedefined?Isthissystemsatisfactory?Arethereconcernsabout compliancewithArticle8ECHR?

i Itisimportanttonotethatanysystem,evenwithchecksandbalances,isopentoabuse. ii Page99ofthedraftBillstates:Thepermittedpurposespursuethelegitimateaimssetoutin clause9 6 ,namely: a intheinterestsofnationalsecurity, b forthepurposeofpreventingordetectingcrimeorofpreventingdisorder,

38

Draft Communications Data Bill

d e f g h

i j

17. Wouldawarrantsystembemoreappropriate?Ifyoufavourawarrantsystemshouldthisapplyto allpublicauthoritiesincludinglawenforcementagencies?Shouldawarrantbenecessaryinall circumstances?Andwhatwouldtheresourceimplicationsbe? TheInstitutebelievesawarrantsystemwouldbemoreappropriate.Thiswouldberesourceheavy. 18. IstheroleoftheInterceptionofCommunicationsCommissionerandtheInformation Commissionersensible? Itislikelythatalloftherolesmentionedwillinpracticeinvolveotherpersonsidentifiedtodealwith theseissuesthescaleofwhatisproposedislikelytoexceedtheamountoftimeneededto undertakethisveryseriouswork,i.e.ongoingscrutinyandmanagement. ParliamentaryOversight: 19. ArethearrangementsforparliamentaryoversightofthepowerswithinthedraftBillsatisfactory?

forthepurposeofpreventingordetectinganyconductinrespectofwhichapenalty maybeimposedundersection123or129oftheFinancialServicesandMarketsAct 2000 civilpenaltiesformarketabuse , intheinterestsoftheeconomicwellbeingoftheUnitedKingdom, intheinterestsofpublicsafety, forthepurposeofprotectingpublichealth, forthepurposeofassessingorcollectinganytax,duty,levyorotherimposition, contributionorchargepayabletoagovernmentdepartment, forthepurpose,inanemergency,ofpreventingdeathorinjuryoranydamagetoa personsphysicalormentalhealth,orofmitigatinganyinjuryordamagetoapersons physicalormentalhealth, toassistinvestigationsintoallegedmiscarriagesofjustice,or whereaperson P hasdiedorisunabletoidentifythemselvesbecauseofaphysical ormentalcondition i toassistinidentifyingP,or ii toobtaininformationaboutPsnextofkinorotherpersonsconnectedwithPor aboutthereasonforPsdeathorcondition.

TheInstituteholdsnoparticularlyviewaboutwhetherthearrangementsforparliamentaryoversight ofthepowerswithinthedraftBillaresatisfactory. Enforcement: 20. Arethepenaltiesappropriateforthosecommunicationsserviceproviderswhofailtocomplywith therequirementsofthedraftBill? TheInstitutehasnoviewontheoptionsbeyondthosealreadyexpressedintheresponsetoprevious questions. 21. Arethepenaltiesappropriateforthosepublicauthoritiesthatinappropriatelyrequestaccessto communicationsdata?ShouldfailuretoadheretotheCodeofPracticewhichisprovidedforinthe draftBillamounttoanoffence?

Draft Communications Data Bill

39

Notethatunder3.Datasecurityandintegrity AtelecommunicationsoperatorwhoholdscommunicationsdatabyvirtueofthisPartmust a securethatthedataisofthesamequalityandsubjecttothesamesecurityandprotectionasthe dataonanysystemfromwhichitisderived,and b protectthedataagainstaccidentalorunlawfuldestruction,accidentallossoralteration,or unauthorisedorunlawfulretention,processing,accessordisclosure." In a above,thesecurityofdataonanysystemfromwhichitisderivedmaynotbeveryrobustand in b thisappliestoanydataheldaccordingtotheDataProtectionActandtherearemany instancesofdataloss,breach,unauthorisedaccess,etc.

GiventhelevelofassurancesandframeworkindicatedinthedraftBilltosafeguardtheprocessof access,whichemphasisetheseriousnessofwhatisbeingaccessed,itwouldseemreasonabletoapply asimilarlystrongpenaltyforthosewhodonottaketheirresponsibilitiesseriously. Technical: 22. Doesthetechnologyexisttoenablecommunicationsserviceproviderstocapturecommunications datareliably,storeitsafelyandseparateitfromcommunicationscontent? Thereisnocurrenttechnologyavailabletocapture/interceptallcommunicationdataexchange betweenNearFieldCommunicationenabledsmartphoneswhichareincloseproximity. 23. Howsafelycancommunicationsdatabestored? Webelievethatnoguaranteeofsafetycouldeverbegiven.

24. Aretheproposalsforthefilteringarrangementsclear,appropriateandtechnicallyfeasible? TheInstitutebelievesthattheyarenotatallclear.Itisdifficulttounderstandwhattheproposalsare. 113page48states"Inpractice,theSecretaryofStateordesignatedpublicauthoritymaycontract withanapprovedbodytoundertakethedaytodayoperationofthefilteringarrangements. However,legalresponsibilityforensuringtheeffectiveandlawfuloperationofthefiltering arrangements,andcomplyingwiththedutiesimposedbyclauses14to16,willremainwiththe SecretaryofStateorotherdesignatedpublicauthority." TheInstitutewouldwelcomeexplanationaboutwhatthecontractwithanapprovedbodymeans. Wewouldliketoknowwhoisinvolvedintheapprovalprocessandwhetherthismightbe outsourcedtoaprivatecompany. Furthermore,anydelegationofoperationalauthorityfromtheSecretaryofStatetoapublicauthority doesnotremoveultimateresponsibilityfromtheSecretaryofStatebutwhatisthepractical relevanceofthatresponsibility?WhatconsequenceswouldtherebetotheSecretaryofStateincases ofmisuseorerror leadingtobreachesofinformation ?Pastexperiencehasshownthatthemosta citizencouldexpectistheresignationoftheSecretaryofState.Withoutproportionateconsequences theemphasisontheSecretaryofStateasprotectorofacodeofconduct'thatprovidesassuranceto thecitizenandgeneralpublic,isarguablyrathermeaningless. 25. HoweasywillitbeforindividualsororganisationstocircumventthemeasuresinthedraftBill? Therearevarioustechnicalmeansavailabletothosewhowishtocircumventthesemeasures. IndividualsusingNearFieldCommunicationenabledsmartphonesincloseproximitymaybeableto circumventattemptstocapturecommunicationdata. 26. Arethereconcernsabouttheconsequencesofdecryption?

40

Draft Communications Data Bill

TheInstitutehasnoviewontheoptionsbeyondthosealreadyexpressedintheresponsetoprevious questions. August2012

Draft Communications Data Bill

41

Mark Benson
General: 1.HastheHomeOfficemadeitclearwhatithopestoachievethroughthedraftBill? Yes.TheHomeOfficehasclearlylaidoutthatitwantsarecordofwhateveryoneintheUKdoeson theInternet,regardlessofsuspicionofguilt. Runningcontentfiltersforsmallandmediumbusinesseswhichcapturesomecommunicationsdata itisincredibletoseewhatinformationcanbegleanedevenifyoudonthavethecontentofthe communication,particularlywherewebsiteaddressesareconcerned.Theprospectofanyone organisationhaveaccesstothatmuchsensitivedata whetherstoredinonedatabaseormany is frightening. 2.HastheGovernmentmadeaconvincingcasefortheneedforthenewpowersproposedinthedraft Bill? No.Whiletherewillalwaysbesituationswherehavingmoreinformationwouldproveuseful,there canbenojustificationinademocracyforsuchintrusionintopersonalprivacy,regardlessofwhatever safeguardsareclaimedtoprotectthedataandrestrictaccess. 3.HowdotheproposalsinthedraftBillfitwithinthewiderlandscapeonintrusionintoindividuals privacy? Theproposalsdonothingtoassuagethepotentialformisuse.Ifitcanbemisuseditwillbe,aswe haveseentimeandtimeagain. Again,noamountofjustificationshouldallowblanketmonitoringinademocracy. 4.Whatlessonscanbelearntfromtheapproachofothercountriestothecollectionofcommunications data? ThemodelsforthistypeandscaleofmonitoringwouldbeChinaorIran.Thesearenotmodelswe shouldbeaspiringto.CourtsinGermany,RomaniaandtheCzechRepublichavefoundsimilar arrangementsintheirrespectivecountriestobeunconstitutional. 5.Arethereanyalternativeproposalswithregardtothetechniqueandcostofobtaining communicationsdatathattheGovernmentcouldconsider? 6.ThedraftBillsitsalongsidetheDataRetentionRegulations.Howwillthesetwopiecesoflegislation interrelate?Woulditbepreferabletohaveoneoverarchingpieceoflegislationthatgovernsthe retentionofcommunicationsdata? 7.IfitisconcludedthattheprovisionsofthedraftBillareessential,arethereanyothermeasuresthat couldbescrappedasaquidproquotorebalancecivilliberties? 8.WilltheproposalsinthedraftBillposeariskthatcommunicationsserviceprovidersseetheUKasa lessattractivebase.Whatmightbetheeffectonbusiness? ThereisariskthattheUKwillbeviewedwiththesamecautionandconsideration,thatthosefor whomprivacyisaconsideration,applytoplaceswithlegislationlikethePatriotAct.Imyselfavoid runningserversincertaincountriesduetotheirinternetpoliciesandconcernforthesecurityofthe data. Costs: 9.Istheestimatedcostof1.8bnover10yearsrealistic? 10.TheHomeOfficesuggeststhebenefitsthatcouldbedeliveredbytheenactmentofthedraftBill couldbeworthbetween5 6bn.Isthisfigurerealistic? Scope: 11.Arethedefinitionsofcommunicationsdataandcommunicationsserviceproviderappropriate?Do theysensiblydefinethescopeofthepowersinthedraftBill?

42

Draft Communications Data Bill

FromtheperspectiveofanITprofessionalthedefinitionofcommunicationsserviceprovideris worryinglyvague.Asanindividualwhorunshisownemailserverandseveralserversforsmalland mediumenterprises,thewordingofthedraftbillThetermtelecommunicationsoperatorisdefined inclause28asapersonwhocontrolsorprovidesatelecommunicationsystem,orprovidesa telecommunicationsservice.wouldappeartoconsidermeaTelecommunicationsProvider.While thereareprovisionsinthebilltopotentiallyoffsetthefinancialimpact,thetaskwouldbebeyondthe scopeoftheservicesIcanprovide. 12.WhichpublicauthoritiesshouldbeabletoaccesscommunicationsdataunderthedraftBill?Should itbepossiblefortheSecretaryofStatetovarythislistbyOrder? Iwouldrathernoorganisationhaveaccesstoblanketcommunicationsdata.Itdoesnotmatterifthis dataisinoneormanydatabases,thescopeofthemonitoringandpotentialfordataminingis frightening.Ifthiscomestopass,accessshouldbelimitedtoPoliceandtheSecurityServicesonly, withjudicialoversight.Atnopointshouldthelistofthosewithaccess,changewithoutpublicdebate. 13.Howrobustaretheplanstoplacerequirementsoncommunicationsserviceprovidersbased overseas?Howrealisticisitthatoverseasproviderscouldbepursuedforbreachofduty? Whileitmaybepossibletoseekandobtainthecooperationofthelargerplayers e.gGoogle, Facebooketc ,thechoiceandpopularityofservicesontheinternetisinaconstantstateofflux. Pursingthemtoprovideinformationonuksubscribersthatitmaynotevenbeawareithas,wouldbe likeherdingcats. UseofCommunicationsData: 14.Arethecircumstancesunderwhichcommunicationsdatacanbeaccessedappropriateand proportional?Whatkindofcrimesshouldcommunicationsdatabeusedtodetect? 15.Istheproposed12monthperiodfortheretentionofdatatoolongortooshort? Typically,duetostorageconstraints,serversstorelogsforafewweeks,witharchivingthatmaybeas longas3months.Serversorapplianceswithhighthroughputmayonlystorelogsforamatterofdays ornotatall.Thisisusuallyadesigndecisionandisdonetoaidmaintainability,functionalityand usability.ThecostofstoringthedatawouldlikelybedisproportionatelyhighforSMEs,letalonethe questionofhowtoactuallydoitinthefirstplace. Safeguards: 16.Applicationsforaccessingcommunicationsdatawillbesubjecttoaseriesofsafeguardsincluding approvalbyadesignatedseniorofficerwithinthepublicauthoritymakingtherequest.Howshould "designatedseniorofficer"bedefined?Isthissystemsatisfactory?Arethereconcernsabout compliancewithArticle8ECHR? WithrespecttoArticle8ECHR,theuseofcommunicationsdata asmentionedinsection8ofDRAFT COMMUNICATIONSDATABILL,EUROPEANCONVENTIONONHUMANRIGHTSMEMORANDUMBY THEHOMEOFFICE tocomparethedatacollectedforatelephoneservicewiththatforemailorweb browsingismisleadingasinternetdataisnotchargedpercall.ISPsdonotrequirethisinformation i.e.individualemailorwebsessions tobilltheircustomers. ThememorandumitselfstatesByitsverynature,meteringisthereforetobedistinguishedfrom

interceptionofcommunications,whichisundesirableandillegitimateinademocraticsocietyunless justified..
Thejustificationbeingseriouscrimesandideally,onlymonitoringofdatawithawarrant,fromthat pointintimeforward.Toexpect12monthsofdatatobeonhandforeverybodyisfundamentally wrong. 17.Wouldawarrantsystembemoreappropriate?Ifyoufavourawarrantsystemshouldthisapplyto allpublicauthoritiesincludinglawenforcementagencies?Shouldawarrantbenecessaryinall circumstances?Andwhatwouldtheresourceimplicationsbe?

Draft Communications Data Bill

43

Awarrantysystemshouldbethedefaultcase.Onlylawenforcementagenciesshouldhaveaccessvia awarrantsystem.Ifotherpublicauthoritieshaveacasetopursuethentheyshouldpursueitthought theappropriatelawenforcementagencies.Thelikelyimpactwouldbetodeterflippantuseofthe system.Ifsuchasystemiseverputinplace,thebarrierstoentrymustbesohighastomakeevery useofthesystemasoneroustothoseseekingdataastheburdentoprivacyistotheindividuals monitored. 18.IstheroleoftheInterceptionofCommunicationsCommissionerandtheInformationCommissioner sensible? ParliamentaryOversight: 19.ArethearrangementsforparliamentaryoversightofthepowerswithinthedraftBillsatisfactory? Enforcement: 20.Arethepenaltiesappropriateforthosecommunicationsserviceproviderswhofailtocomplywith therequirementsofthedraftBill? 21.Arethepenaltiesappropriateforthosepublicauthoritiesthatinappropriatelyrequestaccessto communicationsdata?ShouldfailuretoadheretotheCodeofPracticewhichisprovidedforinthedraft Billamounttoanoffence? Technical: 22.Doesthetechnologyexisttoenablecommunicationsserviceproviderstocapturecommunications datareliably,storeitsafelyandseparateitfromcommunicationscontent? Itispossibletocapturedatafromcommonports i.e.emailonport25,webtrafficonport80 , identifythatprotocolandstripoutthecommunicationsdata.Howeverifencryptedand/or obfuscateditmaynotbepossibletoextractanymeaningfuldata. Capturingdataforallportsandprotocolsmayprovedifficult.Doingsoforalltrafficthatpasses throughalargeISPmaynotbepracticalduetotheamountofprocessingandstoragerequirements. Howeverduetothelayerednatureofthemanyandvariedprotocolsthatenablecommunicationson theinternet,onelayerscommunicationsdataislikelyembeddedinanotherlayerspayload or communicationscontent .SotostatethatNothingintheseproposalswillauthorisethe interceptionofthecontentofacommunication.isdisingenuousbecauseatsomepointitwillbe necessarytointercept,storeandreconstitutethecommunicationscontent howeverbriefly ofone protocoltoenabletheextractionofcommunicationsdataofanotherprotocolcontainedwithin. 23.Howsafelycancommunicationsdatabestored? Thatdependsontherisksyouwanttomitigateagainstandhowmuchmoneyyouwanttothrowat theproblem.Youneedtoconsiderphysicalsecurity,shouldthesystemsbephysicallyisolatedand canallISPsaccommodatetherequirement,isolatedfromthenetwork,securefromphysicalintrusion, safefromadverseconditions floods,fire,socialunrest,theftetc andusersecurity.Oneormore peoplewillhavetosetupandadministerthesystems.Aretheyconsideredfittohaveaccesstothat system?WhatsafeguardsandpenaltiesarethereforstaffatanISPcollectingthatdata? 24.Aretheproposalsforthefilteringarrangementsclear,appropriateandtechnicallyfeasible? Theproposalsarevaguewhentakeninthecontextoffilteringlargeamountsofdatawhichwould requireveryspecificparametersandthelikelyresultswouldonlybeapparentafterfilteringthedata. Alsodeterminingtheprecisionoftheresultswouldrequireveryspecificgoalsthatmaynotbe apparenttowhoeverisdoingtheactualfiltering.Thetechnicalfeasibilitydependsonthesystems thatstorethedata,howitisstored,thesystemusedtomanipulateandfilterthedataandtheskillof thepersoncreatingthedatafilter. 25.HoweasywillitbeforindividualsororganisationstocircumventthemeasuresinthedraftBill? Therearemyriadwaystocircumventthemeasuresinthedraftbill.Forexample,itsaseasyas runningaVirtualPrivateNetwork VPN ,TORconnectionorconnectingtoaDarknet. IttakesminutestosetupaVPN.VPNsarecommonlyusedbybusinessuserstosecurelyaccesstheir companynetworkfromapublicnetwork.

44

Draft Communications Data Bill

TORobfuscatesusertrafficallowingthetraffictoberoutedtorandomTORexitpointsaroundthe world.TORhasbeeninstrumentalinopposingrepressiveregimesaroundtheworld. Darknetsareessentiallydecentralisedprivatenetworksthatanyonecanjoin.Theyimplementtheir ownrulesi.e.anonymityandnologgingofconnectioninformation. Itisalsopossibletouseproxiestoanonymizeyourconnection.Withanonymousemailservicesthat donotrequireanysubscriberinformation,anonymousremailersandafewoftheaboveitiseasyto circumventthemeasuresinthedraftbill. ItisalsoeasytoconnecttoTORoraDarknetoveraVPNand/oroneormoreproxies. 26.Arethereconcernsabouttheconsequencesofdecryption? Whileitmaybetechnicallypossible,thetimeandeffortrequiredwouldlikelybehighunlessother meansareavailablei.e.knownweaknessesintheencryption,decryptingtrafficwithtrusted certificatesoramaninthemiddleattackormandatedbackdoors.Asthesewouldlikelybeexploited bycriminalsandboredteenagers,orquicklydetectedbysecurityresearchersorlegitimateusers,it wouldntbelongbeforeanyuseableexploitsbecamepublicandwerefixedoralternativesappeared. Moreover,decryptingencrypteddatatogetatcommunicationsdatawouldunderminepointtopoint securityandrenderthingslikeinternetbanking,ecommerceandVPNsuntrustworthy. August2012

Draft Communications Data Bill

45

Dr Paul Bernal
ThedraftCommunicationsDataBillraisessignificantissuesissuesconnectedwithhumanrights, withprivacy,withsecurityandwiththenatureofthesocietyinwhichwewishtolive.Theseissues areraisednotbythedetailofthebillbutbyitsfundamentalapproach.Addressingthemwould,inmy opinion,requiresuchasignificantredraftingofthebillthatthebetterapproachwouldbeto withdrawthebillinitsentiretyandrethinkthewaythatsecurityandsurveillanceontheInternetis addressed. Asnoted,therearemanyissuesbroughtupbythedraftbill:thissubmissiondoesnotintendtodeal withallofthem.Itfocusesprimarilyonthreekeyissues: 1 Thenatureofinternetsurveillance.Inparticular,thatinternetsurveillancemeansmuch morethancommunications,partlybecauseofthenatureofthetechnologyinvolvedand partlybecauseofthemanydifferentwaysinwhichtheinternetisused.Internetsurveillance meansmonitoringnotjustcorrespondencebutsociallife,personallife,finances,healthand muchmore.Gatheringbasicdatacanmakethemostintimate,personalandprivate informationavailableandvulnerable. 2 Thevulnerabilityofbothdataandsystems.Itisafallacytoassumethatdataorsystemscan everbemadetrulysecure.Theevidenceofthepastfewyearssuggestspreciselythe opposite:thosewhoshouldbemostableandtrustedwiththesecurityofdatahaveproved vulnerable.TheapproachofthedraftCommunicationsDataBillessentiallyagatherall thenlooklaterapproachisonethatnotonlyfailstotakeproperaccountofthat vulnerability,butactuallysetsupnewandmoresignificantvulnerabilities,effectively creatingtargetsforhackersandotherswhomightwishtotakeadvantageoformisusedata. 3 Therisksoffunctioncreep.ThekindofsystemsandapproachenvisagedbythedraftBill makesfunctioncreeparealandsignificantrisk.Data,oncegathered,isaresourcethatis almostinevitablytemptingtouseforpurposesotherthanthoseforwhichitsgatheringwas envisaged.Theserisksseemtobeinsufficientlyconsideredbothintheoverallconception andinthedetailoftheBill. Afterlookingattheseissuesfromanoverallperspective,thissubmissionwilladdresssomeofthe questionsspecificallyaskedbytheCommittee. IammakingthissubmissioninmycapacityasLecturerinInformationTechnology,Intellectual PropertyandMediaLawattheUEALawSchool.Iresearchininternetlawandspecialiseininternet privacyfrombothatheoreticalandapracticalperspective.MyPhDthesis,completedattheLSE, lookedintotheimpactthatdeficienciesindataprivacycanhaveonourindividualautonomy,andset outapossiblerightsbasedapproachtointernetprivacy.ThedraftCommunicationsDataBill thereforeliespreciselywithinmyacademicfield.Iwouldbehappytoprovidemoredetailed evidence,eitherwrittenororal,ifthatwouldbeofassistancetothecommittee. 1 TheNatureofinternetSurveillance 1.1 AssetoutinPart1ofthedraftbill,theapproachadoptedisthatallcommunicationsdata shouldbecapturedandmadeavailabletothepoliceandotherrelevantpublicauthorities.The regulatoryregimesetoutinPart2concernsaccessingthedata,notgatheringit:gatheringisintended tobeautomaticanduniversal.CommunicationsdataisdefinedinPart3Clause28verybroadly,via thecategoriesoftrafficdata,usedataandsubscriberdata,eachofwhichisdefinedinsuchaway astoattempttoensurethatallinternetandothercommunicationsactivityiscovered,withthesole exceptionofthecontentofacommunication. 1.2 Theallencompassingnatureofthesedefinitionsisnecessaryifthebroadaimsofthebillare tobesupported:ifthedefinitionsdonotcoveranyparticularformofinternetactivity whether existentorunderdevelopment ,thentheassumptionwouldbethatthosewhothebillwouldintend tocatchwouldusethatform.Thatthecontentofcommunicationsisnotcaptured thoughitis importantinrelationtomoreconventionalformsofcommunicationsuchastelephonecalls,letters andevenemails isoffarlesssignificanceinrelationtointernetactivity,asshallbesetoutbelow.

46

Draft Communications Data Bill

2 CommunicationsDataandtheseparationofcontent 2.1 Asnotedabove,thedefinitionofcommunicationsdataisdeliberatelybroadinthebill.On thesurface,itmightappearthatcommunicationsdatarelatesprimarilytocorrespondence bringingintheECHRArticle8righttorespectforprivacyofcorrespondenceandindeed communicationsliketelephonecalls,emails,textmessages,tweetsandsoforthdofitintothis categorybutinternetbrowsingdatahasamuchbroaderimpact.Apersonsbrowsingcanrevealfar moreintimate,importantandpersonalinformationaboutthemthanmightbeimmediatelyobvious. Itwouldtellwhichwebsitesarevisited,whichlinksarefollowed,whichfilesaredownloadedand alsowhen,andhowlongsitesareperusedandsoforth.Thiskindofdatacanrevealhabits, preferencesandtastesandcanuncover,toareasonableprobabilityreligiouspersuasion,sexual preferences,politicalleaningsetc,evenwithoutwhatmightreasonablybecalledthecontentofany communicationsbeingexaminedthoughwhatconstitutescontentiscontentious. 2.2 ConsideringaGooglesearch,forexample,ifRIPAsrequirementsaretobefollowed,the searchtermwouldbeconsideredcontentbutwouldlinksfollowedasaresultofasearchcountas contentorcommunicationsdata?Whoistherecipientofaclickedlink?Ifthedataistobeofanyuse, itwouldneedtorevealsomethingofthenatureofthesitevisitedandthatwouldmakeitpossibleto reverseengineerbacktosomethingcloseenoughtothesearchtermusedtobeabletogetbackto thecontent.Thecontentofavisitedsitemaybedeterminedjustbyfollowingalinkwithoutany furtherinvasionofprivacy.Whenslightlymorecomplexformsofcommunicationontheinternetare considerede.g.messagingorchattingonsocialnetworkingsitestheseparationbetweencontent andcommunicationsdatabecomesevenlessclear.Inpractice,assystemshavedeveloped,the separationisformanyintentsandpurposesafalseone. 40Theissueofwhetherornotcontentdatais gatheredisoffarlesssignificance:focussingonitisanoldfashionedargument,basedonaworldof penandpaperthatistoagreatextentoneofthepast. 2.3 Whatismore,analyticalmethodsthroughwhichmorepersonalandprivatedatacanbe derivedfrombrowsinghabitshavealreadybeendeveloped,andarecontinuingtoberefinedand extended,mostdirectlybythoseinvolvedinthebehaviouraladvertisingindustry.Significant amountsofmoneyandeffortarebeingspentinthisdirectionbythoseintheinternetindustry:itisa keypartofthebusinessmodelsofGoogle,Facebookandothers.Itisalreadyadvancedbutwecan expecttheprofilingandpredictivecapabilitiestodevelopfurther. 2.4 Whatthismeansisthatbygathering,automaticallyandforallpeople,communicationsdata, wewouldbegatheringthemostpersonalandintimateinformationabouteveryone.When consideringthisBill,thatmustbeclearlyunderstood.Thisisnotaboutgatheringasmallamountof technicaldatathatmighthelpincombatingterrorismorothercrimeitisaboutuniversal surveillanceandprofiling. 3 Thebroadimpactofinternetsurveillance 3.1 Thekindofprofilingdiscussedabovehasaverybroadeffect,onewithahugeimpacton muchmorethanjustanindividualscorrespondence.Itispossibletodetermine toareasonable probability individualsreligionsandphilosophies,theirlanguagesusedandeventheirethnic origins,andthenusethatinformationtomonitorthembothonlineandoffline.When communications andinparticulartheinternet areusedtoorganisemeetings,tocommunicateas groups,toassemblebothofflineandonline,thiscanbecomesignificant.Meetingscanbemonitored orevenpreventedfromoccurring,groupscanbetargetedandsoforth.Oppressiveregimes throughouttheworldhaverecognisedandindeedusedthisabilityrecently,forexample,theformer

40SeeforexampletheworkofDanielSolove,e.g.

Wash.L.Review,vol72,20032004,

ReconstructingElectronicSurveillanceLaw,Geo.

Draft Communications Data Bill

47

regimeinTunisiahackedintobothFacebookandTwittertoattempttomonitortheactivitiesof potentialrebels. 3.2 Itisofcoursethiskindofprofilingthatcanmakeinternetmonitoringpotentiallyusefulin counterterrorismbutmakingituniversalratherthantargetedwillimpactdirectlyontherightsof theinnocent,rightsthat,accordingtotheprinciplesofhumanrights,deserveprotection.Intheterms setoutintheEuropeanConventiononHumanRights,thereisapotentialimpactonArticle8 rightto privateandfamilylife,homeandcorrespondence ,Article9 Freedomofthought,conscienceand religion ,Article10 Freedomofexpression andArticle11 Freedomofassemblyandassociation . 41 Internetsurveillancecanenablediscrimination contrarytoECHRArticle14 prohibitionof discrimination andevenpotentiallyautomateitawebsitecouldautomaticallyrejectvisitors whoseprofiledoesntmatchkeyfactors,orchangeservicesavailableorpricesbasedonthose profiles. 4 Thevulnerabilityofdata 4.1 Theessentialapproachtakenbythebillistogatheralldata,thentoputcontrolsoveraccess tothatdata.Thatapproachisfundamentallyflawedandappearstobebaseduponfalse assumptions.Mostimportantly,itisafallacytoassumethatdatacaneverbetrulysecurelyheld. Therearemanywaysinwhichdatacanbevulnerable,bothfromatheoreticalperspectiveandin practice.Technologicalweaknessesvulnerabilitytohackersetcmaybethemostnewsworthyin atimewhenhackergroupslikeanonymoushavebeengatheringpublicity,buttheyarefarfromthe mostsignificant.Humanerror,humanmalice,collusionandcorruption,andcommercialpressures bothtoreducecostsandtomonetisedata maybemoresignificantandthewaysthatallthese vulnerabilitiescancombinemakestheriskevenmoresignificant. 4.2 Inpractice,thosegroups,companiesandindividualsthatmightbemostexpectedtobeable tolookafterpersonaldatahavebeensubjecttosignificantdatalosses.TheHMRClossofchildbenefit datadiscs,theMODlossesofarmedforcespersonnelandpensiondataandthenumerousand seeminglyregulardatalossesintheNHShighlightproblemswithinthosepartsofthepublicsector whichholdthemostsensitivepersonaldata.Swissbankslossesofaccountdatatohacksanddata theftdemonstratethateventhosewiththehighestreputationandneedforsecrecyaswellasthe greatestfinancialresourcesarevulnerabletohumanintervention.ThehighprofilehacksofSonys onlinegamingsystemsshowthateventhosethathaveaccesstothehighestleveloftechnological expertisecanhavetheirsecuritybreached.Thesearejustafewexamples,andwhilstineachcase differentissueslaybehindthebreachtheunderlyingissueisthesame:wheredataexists,itis vulnerable. 42 4.3 DesigningandbuildingsystemstoimplementlegislationliketheBillexacerbatesthe problem.Thebillisnotprescriptiveastothemethodsthatwouldbeusedtogatherandstorethe data,butwhatevermethodisusedwouldpresentatargetforpotentialhackersandothers:where therearedatastores,theycanbehacked,wherethereareblackboxestofeedrealtimedatatothe authorities,thoseblackboxescanbecompromisedandthefeedsintercepted.Concentratingdatain thiswayincreasesvulnerabilityandcreatingwhatarecolloquiallyknownasbackdoorsfor trustedpublicauthoritiestousecanalsoallowthosewhoarenottrustedofwhateverkindtofind arouteofaccess. 4.4 Onceothershaveaccesstodataortodatamonitoringtherightsofthosebeingmonitored areevenfurthercompromised,particularlygiventhenatureoftheinternet.Information,once released,cananddoesspreadwithoutcontrol.

41ForamoredetailedanalysisofthehumanrightsimpactoftheBill,seemycontributiontothe

UK ConstitutionalLawGroupBlog,athttp://ukconstitutionallaw.org/2012/07/11/paulbernalthe
draftcommunicationsbillandtheechr/

42Fordetailsoftheindividualdatalossesdiscussedhere,seeChapter5,Section2,of

Dodeficiencies indataprivacythreatenourautonomyandifso,caninformationalprivacyrightsmeetthis threat,availableonlineathttp://etheses.lse.ac.uk/321/

48

Draft Communications Data Bill

5 FunctionCreep 5.1 Perhapsevenmoreimportantthanthevulnerabilitiesdiscussedaboveistheriskoffunction creepthatwhenasystemisbuiltforonepurpose,thatpurposewillshiftandgrow,beyondthe originalintentionofthedesignersandcommissionersofthesystem.Itisafamiliarpattern, particularlyinrelationtolegislationandtechnologyintendedtodealwithseriouscrime,terrorism andsoforth.CCTVcamerasthatarebuilttopreventcrimearethenusedtodealwithdogfoulingorto checkwhetherchildrenliveinthecatchmentareaforaparticularschool.Legislationdesignedto counterterrorismhasbeenusedtodealwithpeoplesuchasantiarmstradeprotestorsandevento stoptrainspottersphotographingtrains. 5.2 InrelationtotheCommunicationsDataBillthisisaverysignificantriskifauniversal surveillanceinfrastructureisputintoplace,thewaysthatitcouldbeinappropriatelyusedarevast andmultifaceted.Whatisbuilttodealwithterrorism,childpornographyandorganisedcrimemight creeptowardslessseriouscrimes,thenantisocialbehaviour,thentheorganisationofprotestsand soforth.Furthertothat,therearemanycommerciallobbiesthatmightpushforaccesstothis surveillancedatathoseattemptingtocombatbreachesofcopyright,forexample,wouldliketo monitorforsuspectedexamplesofpiracy.Ineachindividualcase,theusemightseemreasonable butthefunctionoftheoriginalsurveillance,thejustificationforitsinitialimposition,andthebalance betweenbenefitsandrisks,canbelost.Aninvasionofprivacydeemedproportionateforthe preventionofterrorismmightwellbewhollydisproportionateforthepreventionofcopyright infringement,forexample. 5.3 Therisksassociatedwithfunctioncreepinrelationtothesurveillancesystemsenvisagedin theBillhaveanumberofdifferentdimensions.Therecanbecreepintermsofthetypesofdata gathered:asnotedabove,thesplitbetweencommunicationsdataandcontentisalreadyonethatis contentious,andastimeandusagedevelopsislikelytobecomemoreso,makingtherestrictionsasto whatiscontentlikelytoshrink.Therecanbecreepintermsoftheusestowhichthedatacanbeput: fromthepreventionofterrorismdownwards.Therecanbecreepintermsoftheauthoritiesableto accessandusethedata:fromthoseengagedinthepreventionofthemostseriouscrimetolocal authoritiesandothers.Allthesedifferentdimensionsrepresentimportantrisks:allhavehappenedin therecentpasttolegislation e.g.RIPA andsystems e.g.theLondonCongestionchargeCCTV system . 5.4 Preventionoffunctioncreepthroughlegislationisinherentlydifficult.Thoughitisimportant tobeappropriatelyprescriptiveanddefinitiveintermsofthefunctionsofthelegislation andany systemsputinplacetobringthelegislationintoaction ,functioncreepcananddoesoccurthrough thedevelopmentofdifferentinterpretationsoflegislation,amendmentstolegislationandsoforth. Theonlyrealwaytoguardagainstfunctioncreepisnottobuildthesystemsinthefirstplace:akey reasontorejectthisproposedlegislationinitsentiretyratherthantolookforwaystorefineor restrictit. ResponsestospecificquestionsraisedbytheCommittee 6 1 TheHomeOfficehasmadeitreasonablyclearwhatithopestoachievethroughthedraftBill, butasnotedabovetheeffectoftheBillcouldbeverydifferentfromtheaims.Thenatureof internetsurveillancemeansthatratherthanbeinganupdatingormodernisationofexisting lawregardingtheinterceptionofcommunications,thisissomethingonawhollydifferent scale:aformoftotalsurveillance,impactinguponvastlymoreaspectsofpeopleslivesthan justtheircommunications. 2 TheGovernmenthasnotmadeaconvincingcasefortheneedforthenewpowers:tojustify thevastlyhigherlevelofsurveillance,compellingevidenceneedstobepresentedthatnot onlyisthethreatlevelhighenoughbutthepowerseffectiveenoughtomakethecase. Neitherpointseemstohavebeensatisfied. 3 Asdiscussedinsections13above,theproposalsinthedraftBillrepresentahugeintrusion intoindividualsprivacy:oneaboveandbeyondanythinginthecurrentlandscape.

Draft Communications Data Bill

49

4 5

6 7 8 9 10

11

12

13

14

15 16

17 18 19

ThepowersenvisagedintheBillwouldputtheUKamongstthemostprivacyintrusiveinthe world.Ingeneral,onlypolicestatesandotherdespoticregimeshavesimilarpowers. Thefirstandmostobviousalternativeissimplynottobringinthislegislation.Ifanything, theUKshouldbelookingtoreducethelevelofprivacyintrusionontheinternet:tightening therestrictionsinRIPAandlookingtowardsarepealoftheDataRetentionDirective andthe correspondingUKlaw .PeterHustinx,theEuropeanDataProtectionSupervisor,calledthe DataRetentionDirectivethemostprivacyinvasiveinstrumenteveradoptedbytheEUin termsofscaleandthenumberofpeopleitaffectsthatcriticismshouldbetakenmuchmore seriously,andtheUKcouldplayakeyroleinthisregard.Weshouldbeleadingtheworldin respectforhumanrights:notinourlevelofprivacyintrusionandsurveillance. See5above.Oneoverarchingpieceoflegislationwouldbepreferable,butitshouldbeone basedonrespectforhumanrightsratherthanonuniversalsurveillance. Thiskindoflegislationshouldnotbesubjecttoanykindofquidproquo.Thereisnothingin thefieldthatcomparestointernetsurveillance. Nocomment. See10below Thisfigure,andthefigureinquestion9aboveishighlyspeculativetheassumptionsmade andtheirreliabilityshouldbetreatedwithagreatdealofscepticism.Iwouldreferthe committeetotheanalysisbyProfessorPeterSommerinhissubmissiontothecommittee:I fullyendorseProfessorSommersanalysis. Asnotedinsection2above,thewholeideathatcommunicationsdataandcontentcanbe effectivelyseparatediseffectivelyfallacious,anditishardtoseehowthedefinitionof communicationdatacanbemeaningfulinthefuture,astechnologiesandtheirusesdevelop. Inpractice,thescopeofsystemscreatedtoeffectthislegislationislikelytoencompass almostalldatausednotonlyincommunicationsbutintheuseoftheinternet. Thosepublicauthoritiesabletoaccesscommunicationsdatashouldberestrictedtoan absoluteminimum,anditshouldnotbepossiblefortheSecretaryofStatetovarythislistby order.GrantingsuchapowertotheSecretaryofStatewouldbetantamounttobuilding functioncreepintothelegislation seesection5above :extensionstopowersshouldrequire Parliamentaryscrutiny. Fromapracticalperspective,theseplansarelikelytobesupremelyineffective,andtheresult islikelytobemorepressureonUKISPstoprovidemoredata:ifGoogle forexample arent likelytocomplywithregulations,theISPsthroughwhichpeopleintheUKaccessGoogle wouldbeexpectedtointerceptandgatheralltraffictoGooglesites,extendingthedefinition ofcommunicationsdataappropriately.Again,thisbringsinaformoffunctioncreep. ThedefinitionsinClause9 6 arecurrentlysobroadthatitcouldbepossibletofitalmost anyactivitywithinthescopeoftheact.Forexample,theclausesuggests 9 6 c detecting crimeorpreventingdisorder,withoutanyclarificationastotheseriousnessofthecrimeor disorderthatwouldallowaccesstobegranted.Othertermsareevenmorecontentious: Clause9 6 d couldbeusedtojustifyaccesstoinvestigatecopyrightinfringement,for example.Thoughtheseare,asnotedintheexplanatorynotestothebill,thesametermsas usedinsection22 2 ofRIPA,thatshouldnotbeusedasareasontoaccepttheterms:rather, asarealisationthatsection22 2 ofRIPAistoobroadlycouched.Itisimportantto understandtheimpactofthebreadthofthesetermsincombinationwiththeuniversalityof surveillanceasdiscussedinsections13ofthissubmission.Effectively,whatisbeingput forwardbythisbillisuniversalinternetsurveillanceforalmostanypurposethatthe authoritiesrequire. Nocomment. Thissystemseemsunsatisfactory.Theideaofwarrantlessaccessisinitselfhighly questionableandopentoabuse,butifitmustbeintroducedthereshouldbeprecise definitionsthelevelofseniorityshouldbesetextremelyhighandtheprocessesusedmust betransparent,recorded,andfullyaccountable. Awarrantsystemwouldbemuchmoreappropriatebut,asnotedthroughoutthis submission,thesafeguards,andinparticularanywarrants,shouldberequiredtogatherthe data,nottoaccessthedatathathasalreadybeengathered. Nocomment. Arrangementsforparliamentaryoversightarenotsatisfactory.Asnotedinresponsetoq12 above,theSecretaryofStateshouldnothavethepowertovarythelistofauthoritieswithout

50

Draft Communications Data Bill

20 21 22 23 24

25

26 7 Conclusions 7.1 ThepremiseoftheCommunicationsDataBillisfundamentallyflawed.Byitsverydesign, innocentpeoplesdatawillbegathered andhencebecomevulnerable andtheiractivitieswillbe monitored.Universaldatagatheringormonitoringisalmostcertaintobedisproportionateatbest, highlycounterproductiveatworst. 7.2 ThisBillisnotjustamodernisationofexistingpowers,norawayforthepolicetocatchup. Itissomethingonawhollydifferentscale.Weascitizensarebeingaskedtoputahugetrustinthe authoritiesnottomisusethekindofpowersmadepossiblebythisBill.Trustisofcourseimportant butwhatcharacterisesaliberaldemocracyisnottrustofauthoritiesbuttheiraccountability,the existenceofchecksandbalances,andthelimitationoftheirpowerstointerferewithindividuals lives.Thisbill,ascurrentlyenvisaged,doesnotprovidethataccountabilityanddoesnotsufficiently limitthosepowers:preciselythereverse. 7.3 Evenwithoutconsideringtheissuesdiscussedabove,thereisapotentiallyevenbiggerflaw withthebill:itappearsveryunlikelytobeeffective.Thepeoplethatitmightwishtocatcharethe leastlikelytobecaughtthoseexpertwiththetechnologywillbeabletofindwaysaroundthe surveillance,orwaystopiggybackonotherpeoplesconnectionsanddrawmoreinnocentpeople intothenet.AsDavidDavisMPputit,onlytheincompetentandtheinnocentwillgetcaught. 7.4 Theentireprojectneedsathoroughrethink.Warrants orsimilarprocesses shouldbeput inplacebeforethegatheringofthedataorthemonitoringoftheactivity,notbeforetheaccessingof datathathasalreadybeengathered,ortheviewingofafeedthatisalreadyinplace.Amore intelligent,targetedratherthanuniversalapproachshouldbedeveloped.Noevidencehasbeenmade publictosupportthesuggestionthatauniversalapproachlikethiswouldbeeffectiveitshouldnot besufficienttojustsuggestthatitisneededwithoutthatevidence,nortoprovideprivateevidence thatcannotatleastqualitativelyberevealedtothepublic. 7.5 Thatbringsabiggerquestionintothespotlight,onethattheCommitteemightthinkisthe mostimportantofall:whatkindofasocietydowewanttobuildonewhereeveryonesmost intimateactivitiesaremonitoredatalltimesjustincasetheymightbedoingsomethingwrong?That, ultimately,iswhatthedraftCommunicationsDataBillwouldbuild.Theproposalsruncounterto someofthebasicprinciplesofaliberal,democraticsocietyasocietywherethereshouldbea presumptionofinnocenceratherthanofsuspicion,andwhereprivacyisthenormratherthanthe exception.IsthatwhattheCommitteewouldreallyliketosupport?

Parliamentaryoversight.Moreover,billslikethese,envisagingcompromisesinindividuals privacyandhumanrights,wouldbebetterwithsunsetclausesrequiringfullparliamentary scrutinyatregularintervalsandvotesinordertorenewthepowers. Nocomment. Penaltiesshouldbehigher,andfailuretoadheretotheCodeofPracticeshouldamounttoan offence.However,thekeypointshouldbethatfewerpublicauthoritiesshouldhaveaccessto thedata,sothatoffencesofthiskindshouldbelesslikelytooccur. Quitesimplyno!Seesection2ofthissubmission. Thefailuretounderstandthefundamentalvulnerabilityofdataandsystemsisoneofthe biggestproblemswiththeconceptofthisBill.Data,howeveritisstored,isvulnerable.See section4ofthissubmission Thefilteringarrangementsarereasonablyclear,probablytechnicallyfeasible,butlikelytobe inappropriateanddisproportionate.Theyamounttothecreationofasearchengineofthe entiredatabaseandasnotedabove,thatdatabaseeffectivelycoverstheentiretyofpeoples internetactivity.ThisisthecruxoftheBill. AsDavidDavisMPnoted,onlytheincompetentandtheinnocentwillgetcaughtbythisbill. Therealvillainswillbeabletofindwaystocircumventthiskindofdatagathering.See Conclusionsbelow. Nocomment.

Draft Communications Data Bill

51

August2012

52

Draft Communications Data Bill

Big Brother Watch


General: Firstly,wewouldbeginbyreaffirmingourviewthattheoperationandoversightoftheRegulationof InvestigatoryPowersActisdeeplyflawed,andtoaddfurtherlegislationthatisbaseduponthisAct withoutfirstundertakingacomprehensivereviewofRIPAisnegligenttothepointofrecklessness. TheBillissobroadlydrafteditischallengingtodeduceexactlywhattheHomeOfficeisproposingor howitwillwork.Part1andthenumerousdelegatedpowersmakedetailedscrutinyextremely challenging. ThisBillendsthepresumptionofinnocenceasweknowit.Itrepresentsashiftoftargeted surveillanceofthoseundersuspicionofeitherhavingcommittedorintheprocessofcommittingan offencetosurveillanceoftheentirepopulousjustincasesomeofthemeventuallycommitcrimes. TheremarksoftheMetropolitanPoliceCommissionerBernardHoganHowe,thatthesepowersare toenablethepolicetoeliminatetheinnocent,summatesneatlythecriticalreversalofreasonable suspicionnolongerbeingrequiredtomonitorsomeonescommunications. TheHomeOfficehasfailedtomakeanycaseaboutwhyBritainshouldbethefirstdemocraticstateto implementthiskindofpolicy.NorhastheHomeOfficerespondedtothelegitimateconcernthatthis policyaddslegitimacyofthesurveillancepursuedinChinaorIran,whichBritishforeignpolicyhas soughttopreventinothercountries. IwouldalsodrawthecommitteesattentiontoacounterterrorismwhistleblowerwhotoldtheIrish PostthatthethreatofanIrishdissidentattackontheLondonOlympicswasdeliberatelyoverstated bytheGovernmentandsecurityservices.Hetoldthenewspaper Thereisnobasiswhatsoevertosupportthattheory.Itappearstobeapropagandaexercisebythe securityservices. Inacivilsocietythischangeisafundamentalonethatcannotbeunderstated.Indeed,itis questionablewhetherasocietythatintroducedsuchindiscriminateandwidespreadmonitoring couldbedescribedascivil.TheBillmakessurveillancethenormandindividualprivacytheexception. Withrespecttothewiderlandscapeonintrusionofprivacywewouldsubmitthatthisisonapar withnootherexistingpieceoflegislation,indeeditrunscontrarytomuchoftheconsumerprotection onprivacythatBigBrotherWatchhascampaignedforandsupported.Forexample,wehave campaignedforawiderdefinitionofpersonalinformationtoensurethatnonpersonalidentifiers areincludedandthereforerequireconsenttobesoughtbeforedatalikeIPaddressescanberecorded andprocessed. TheHomeOfficehasalsofailedtoofferanyrealevidenceofhowthecurrentpowersarelacking.For example,theGermanFederalCriminalPoliceOfficementions381criminalcasesinwhichlaw enforcementagencieswerehamperedbyalackoftelecommunicationsconnectiondatacompared tothemorethan6millioncriminaloffencescommittedeveryyearinGermanythisrepresentsa marginalshareof0.01percent.Furthermore,onlytwoofthese381caseshadalinktoterrorism, despiterepeatedclaimsthatterrorismisonereasonforretainingtelecommunicationsdata.The HomeOfficehasnotbeenabletoofferanysubstantialstatisticalorcomprehensiveassessmentofthe currentregime. ItalsomarksanequallysignificantchangeofaskingCSPstomonitoruseofthirdpartysystems.How thiswillworkinlightofmodernencryptionhasnotbeenaddressedinanysubstantiveway,norhas thewiderquestionofCSPsessentiallybecomingprivatesurveillanceoperations.Themarket responsewillbefordeliberatelyprivatebydesignCSPstoemerge,ormeansofcommunicatingthat defeattheCSPmonitoringarrangements. Thesetechnologiesarealreadybeinglaunchedanddevelopedtoaddresslegitimatesecurityand privacyrisks,andtheHomeOfficehaswhollyfailedtodealwiththisissue.Forexample,various browsersarenowdesignedtoaltertheusertocompromisedCertificatingAuthoritiesandhave recentlystartedalertinguserswhoaretargetsofstatesurveillanceviamaninthemiddleattacks.

Draft Communications Data Bill

53

Thereisaclearriskthatthethirdpartyservicesusedwillincorporatesomeofthesetechnologies, andatthesametimedriveconsumerstoalternativeCSPs.Astechnologyimproves,theriskisthatthe Billleadstoanevengreaterdiminishmentofcapabilitybyexacerbatingcurrentlyweakdemandfor theseservices. Particularlyforsensitiveandhighvaluebusinesses,theymaywellmakecorporatedecisionsto relocatetoterritoriesthataremovingtoenhanceprivacyprotection,forexampleGermany. SomeaspectsoftheHomeOfficespresentationoftheBillhavebeenmisleadingatbest.Theshiftto mobile,webbasedcommunicationisrevolutionarytransitionfromfixedcommunications.To describetheproposalsintheDraftCommunicationsDataBillasmaintaininganexistingcapabilityis whollydisingenuous.Monitoringtheuseofmobilecommunications inparticularlocationdata and theuseofemailandwebbrowsersisnotmaintaininganexistingcapabilitybutdevelopingawholly newone. Thispointisparticularlyrelevanttopostalservices,whichcancertainlynotbedescribedaseither newortechnologyrelated,butareincludedinthescopeoftheBill. Fromcommunicationsdataitispossibletodeduceasignificantdegreeofsomeonespersonality, habitsandconditionwhethervisitingaplaceofworship locationdataeverySundayat10am,for example oraccessinglegaladvice divorcelawfirm orsupport SamaritansviaemailorAlcoholics anonymouswebsite .Noneofthisispossibleundertheexistingcapability. TheHomeOfficehasalsosoughttojustifythelegislationasbeingatooltofightpaedophilesand terrorists.YettheimpactassessmentfortheBillrecognisesHMRCarethemainfinancialbeneficiary, whileaconsultationonwhichpublicauthoritiesshouldbegivenaccessbeyondthoseorganisations namedintheBillisalreadyunderway. ThisechoestheearlystagesoftheRegulationofInvestigatoryPowersAct,whichwassimilarly proposedforonlyafewagenciesandforseriouscrimesbuthassincebeenextendedtocover hundredsofpublicauthoritiesandusedfortrivialmatters,insomecasesforbehaviourthatisnot criminal. TheHomeOfficehasalsosoughttopaintadistinctionbetweenLaboursplansunderIntercept ModernisationandtheCommunicationsDataBillbaseduponthepremisethattheBilldoesnotcreate asingledatabase.Thisiswrongfactuallyandtechnically.ThenHomeSecretaryJacquiSmithwrote inthe2009consultationforeword:thisconsultationexplicitlyrulesouttheoptionofsettingupa singlestoreofinformationforuseinrelationtocommunicationsdata. Itisalsounclearhowthefilteringarrangementswillworkwithoutsomeelementofdata centralisation. Thebroaderpointisthatthedifferencebetweenasingledatabaseandseveralseparatebut connecteddatabasesislargelysemantic. AstheinformationCommissionersresponsetothe2009HomeOfficeconsultationstated,this fundamentallychangestherelationshipbetweentheindividualandthestate Surveillanceinandofitselfdoesaffectbehaviour.AsTheGermanFederalConstitutionalCourt warned:Fearofsurveillanceandthedangerthatwhatonesaysorwritesisbeingrecordedandlater combedthroughbeforebeingtransferredtobefurtherexploitedbyotherauthoritiescaninitself leadtoselfcensorshipandotherformsofreticencetocommunicatewithothersandtothe emergenceofmoreconformistmodesofbehaviour. Withrespecttoothercountries,thecentrallessonistocollectlessdata. InsteadofdivertingasignificantamountofresourcetoaspeculativeITproject,theHomeOffice shouldbeinvestinginbetterforensicscapabilityinpoliceforcestodealwiththedatatheyalready collectfromsuspectsandinthecourseofinvestigations.

54

Draft Communications Data Bill

TheHomeOfficehasrecognisedevenifthisprojectis100%successful,itwillstillleaveacapability gapof15%.Thisiswheretherealthreatliesandthenatureofcommunicationsevolutionmeansthat thisfigurewillcontinuetogrowrapidly,evenwiththisprogramme. Indeed,theHomeOfficehasapproachedtheissuefromthemindsetofsomeonewhobelievesthat theonlythingthatneedstoberesolvedbeforeonecouldboiltheoceanisforalargeenoughpanto bedesigned.Itmissesthewiderandmorefundamentalpointaboutthelimitsofwhatisbeing considered.Thesituationrequiresaseriousrethinkingofsurveillancepowers,investigatory techniquesandnotalazypolicyresponsethathasbeenontheshelfintheHomeOfficeforadecade. The90daydetentionwithoutchargepolicywhenfirstproposedwasorchestratedandsupportedby manyofthesameorganisationsandindividualsthatarenowcallingforthislegislation.The Committeewillrecallthedirewarningsofwhatwouldhappenifthepowerswerenotgranted,and notetheirsimilaritywithmanyoftheargumentsnowbeingdeployed. Indeed,asthe7/7Inquestrecognised,itwasnotalackofinformationthathamperedthat investigationbutfailurestoprocessandactuponexistinginformation. Thiswashighlightedinthe7/7Inquestreport,whichstated:Post7/7enquiriesrevealedthat between22ndFebruaryand15thJune2005therewerefortyonetelephonecontactsbetweenmobile phonesattributedtoTanweer,Khan,andLindsayandhydroponicsoutlets.Itisunlikelythesecould havebeendetectedbysurveillancegiventhelargenumberofuntraceableoperationalphonesused bythebombersandonlyattributedtothemoncetheiridentitiesanddetailswereknown. TheICOsSurveillanceSocietyReport 2006 makesthispointclearly.ItstatesItisfarfromclear thatevennationalsecuritywillbeenhancedthroughthistechnology,andthatitwouldperhapsbe betterservedbyimprovingbordersecurityandconventionalintelligencegathering,underscoredby theAugust2006allegedAtlanticflightterroristplotinvolvingmorethan20Britons.AlthoughtheUS Administrationclaimedthattheoperationshowedtheneedformoreadvancedpassengerdata,the allegedplotwasfoiledbytheuseofinformers,undercoveragentsandtipoffs,anditishardtosee howadvancedIDsystemswouldhaveprovidedanythingmoreeffective. TheDataRetentionRegulationsarecurrentlysubjecttolegalchallengeandwewouldsupportthe argumentthattheexistingregulationsaredisproportionatelyintrusiveandshouldbereviewed. EvidencefromGermanyquestionsthebenefitoncriminalinvestigations.In2008dataretentioncame intoforce,yettheclearancerateforInternetcrimeinGermanydidnotchangesignificantly 2007: 82,9%,2008:79,8% ,norontheaverageclearancerateforallcrime 2007:55,0%,2008:54,8% . ThisBillwouldfundamentallyreversethepremisethatonlythosereasonablysuspectedofcrimes canbeputundersurveillance.Tosuggestthereisalegislativebalancetothistorebalancecivil libertiesunderstatesthegravityofthischange. TherisktobusinessgoesbeyondtheeffectonCSPsasrecognisedbytheVicePresidentofthe UnitedStatesattheUKscybersecurityconferencewhenhesaid:Whenbusinessesconsider investinginacountrywithapoorrecordonInternetfreedom,andtheyknowthattheirwebsite couldbeshutdownsuddenly,theirtransactionsmonitoredtheylllookforopportunities elsewhere. ThereisalsoaclearriskthatthesystemwillhamperinnovationbyCSPs.TheBillmakesprovisionfor theHomeSecretarytospecifyequipmentorsystemstobeused.Thiswillbecomearequirementof operationintheUK,sothefuturearchitectureofCSPswillbedesignedaroundintegrationand operationwiththerequiredequipment.Accordingly,theHomeSecretarysspecifiedequipmentwill becomeaconstraintontheCSPandnetworks,hamperinginnovationandputtingtheUKatan economicdisadvantage. Thisisparticularlycriticalatatimewhen4Gmobilenetworksandfibreopticbroadbandarebeing explored,bothhugelyimportanttoeconomicgrowth.However,thewiderissueisthatunforeseen technologymaybesimplyincompatiblewiththeUKsinfrastructureasaresultoftheHomeOffices

Draft Communications Data Bill

55

requirements.GiventhehistoryofGovernmentITprojectsitisnotcredibletothinkthattheHome Officewillbeabletokeeppacewithtechnologybyfrequentlyupdatingitsspecifiedequipmentand systems,andthismayalsoincursignificantcosts. Thereisalsoaquestionofwhetherthiscreatescompetitionissuesbetweenthoseproviderscovered byanOrderandthosenot.Equallytheabilityoforganisationstoproperlysecurethedatacollected willdependontheirabilitytoinvestinsecurityprovisions,anissuenotexploredintheBillsimpact assessmenteitherintermsofthecosttosuppliersortheimpactondifferentsizeproviders. Costs InlightofthefactthattheHomeOfficehasrefusedtopublishabreakdownofhowthe1.8bnfigure iscalculated,itisfairtosaythatthisprojectbearsallthehallmarksofpreviouslycatastrophic GovernmentITprojectsandthattheestimatedcostisnotrealistic. Indeed,whenaskedaboutthelikelyescalationofcostsinparliament,theMinisterhimselfcouldnot bringhimselftosaythathehadconfidenceinthecostestimates. 9July2012:Column16 Particularlygiventhenatureofthisproject,thereisaclearquestionaboutwhetherthefiltering provisionsarebaseduponclaimsfromsuppliersaboutproductsthatcoulddeliverthisfunctionality. AsthePublicAdministrationCommitteerecognised,Governmentisnotaninformedbuyerof technologyproductsandisheavilybeholdentosuppliersforexpertise.Sadlythisrelationshiphas beenfrequentlyabusedbysuppliers,ofteninnearmonopolisticorcartellikefashion, Theprojectgoesagainstseveraltenetsofprocurementbestpractice,includingtheCabinetOffices ownbenchmarkthatprojectsworthover100mshouldnotproceed.IftheHomeOfficesopennessin thelegislativeprocessisanyindicator,thelikelihoodisthatthiswillproduceaproprietarysolution thatwillnotbeanofftheshelfproduct,requiringongoingmaintenancethatcannotbesourcedfrom anotherprovider.Thislockinisamajordrivingfactorincostescalationinfutureyears. ItisalsoworthnotingthatoneofthecriticalfailuresintheITprocurementlandscapeistheinability ofthepublicsectortoaccuratelydetailthespecificationsoftherequiredsystem.Giventhatthe servicesinvolvedwillbytheirnaturehavetochangeregularly,thischallengeisevenmore pronouncedinthiscaseandthereforethemagnitudeforunforeseenchangerequestcostsmuch greater. ItshouldalsobenotedthattheseproblemsarenotlegacyissuesareportpublishedinJuly2012by theNationalAuditOffice NAO foundthatthedeliveryofa385millionImmigrationCaseWork ICW ITsystemfortheUKBorderAgencyisayearbehindscheduleandexceededitsoriginal2011 12budgetby28million.ThereportwentontosayWefound theITproject hadsufferedfroma lossoffocus,poorgovernancestructuresandoptimismbiasinplanningandreporting. TheHomeOfficehasalsorefusedtopublishabreakdownofthebenefitshavebeencalculated,further suggestingtheywillnotstanduptoscrutiny.Indeed,thehistoryofcriminalassetrecoveryis characterisedbyhugelyoverambitiousestimatesofthefinancialamountsinvolved.TheCommittee willrecalltheAssetRecoveryAgencystrackrecordofnotevenrecoveringenoughtocoveritsown costs. Scope Thedefinitionofcommunicationsserviceproviderissobroadastobealmostmeaningless.AsPaul BernalattheUniversityofEastAnglialawschoolsays,thedraftBillissobroadlywrittenitcould evenbeusedtomonitorcarrierpigeons. Indefiningcommunicationssystems,thephrasesignalsservingfortheactuationorcontrolofany apparatus s28 1 a ii issobroaditcouldincludeatelevisionremotecontrol,awireless thermostatordoorentrysystems. Theinclusionofthedetailsoftheusemadebyanypersonofapostalserviceisextremelybroadand equallyunprecedented.

56

Draft Communications Data Bill

Whichpublicauthoritiesshouldbeabletoaccessthedataisintrinsicallylinkedtothepurposesfor whichdatacanbeaccessed.IfthesupposedgaptheHomeOfficehasreferredtoisathreatto nationalsecurityandpublicsafety,itispuzzlingwhyHMRCarealsoabletoaccesscommunications data. Insofarasexistingcommunicationsdataisheld,itshouldbeforjudicialoversighttojustifyany requestforcommunicationsdataisacceptable.Thissafeguardwouldbefarmoreeffectivethanthe crudestepoftryingtoproducealistoftheorganisationscan/cannotaccessdata. Tobefullyeffectivethiswouldbebaseduponanarrowlydrawnlistofpurposeforwhichdatacould beaccessed. Itshouldabsolutelynotbepermissibleforthelistofeitherpurposesorpublicauthoritiestobe extendedwithoutfullParliamentarydebateandapproval,eitherthroughdelegatedlegislationorby Order. Itisdifficulttoforeseehowoverseasproviderscouldbecompelledtocomply,particularlywhere situationsarisewheretherequirementsoftheBillarecontrarytodomesticlaw,forexampledonot trackstyleprivacyregulation. Equally,whereserviceprovidershaveinternationaloperations,itisnotguaranteedthattheyare awarewhereaserviceuserisoriginatingfrom,thereforedecidingwhethertheyshouldbeloggedor not. UseofCommunicationsData: Thelistofpurposesforwhichcommunicationsdatacouldbeaccessedissobroaditisdifficultto envisageacriminaloffence orindeedacivilone whichwouldnotbecoveredbythescope.From unpaidparkingticketstodogfoulingandroadtrafficoffences,becausethelisthasbeenduplicated fromtheRegulationofInvestigatoryPowersActthesamewelldocumentedissueswithRIPAremain. OurownresearchundertheFreedomofInformationActhasconfirmedthatHumbersidePolice currentlyusecommunicationsdataforcategoriesincludingothernoncrimeandroadtraffic offences. SuppliedinAppendixA TheHomeOfficehasofferednodataontheneedfora12monthretentionperiod,andwhilewe wouldnotacceptthepremisethatdatashouldberetainedtheperiodof12monthsappearstohave littlebasisininvestigatoryneed. Ourownresearchhasfoundthatunderexistingarrangementstherearehugevariationsintheway CommunicationsDataisaccessedbypoliceforces.Forexample,KentPoliceofficersintwoyears made7664requestsfordata,with3237ofthoserejectedinternally.InthesameperiodMerseyside madeapproximately30,000requestswith500rejectedinternally. Safeguards Themainsafeguardinanylegalsystemisthatthepersonwrongedhastheabilitytoseekredress. UnderRIPAandasremainsthecaseunderthisBill,aninnocentpersonwhohadtheir communicationsdatawronglyaccessedwouldnotbeabletoseekredressastheywouldmostlikely neverknowwhathadtakenplace.Withjust10peoplefoundtohavebeenwrongfullysurveyedfrom morethanthreemillionRIPAauthorisations andfiveofthose10themembersofonefamily itis impossibletosaywithanyconfidencethattheCommissioner/Tribunalmodelofoversightisworking orindeedfitforpurpose. Wesupporttheviewthatlawenforcementagenciesshould,likepublicauthorities,requireawarrant toaccesscommunicationsdata.Thecurrentinvestigationsintothescaleofdatabeingpassedfrom lawenforcementagenciestothemediaandotherorganisationsmostnotablytheconstruction industryblacklisthighlightjusthowfarfromrobusttheexistingauthorisationschemeis. Thewiderriskisthatthedatawouldbestolenorsold.Thetypeofdatabeingcollectedwillclearlybe ofcommercialvalue,eitherfrompersonalgainorindustrialespionage.Thecurrentlegalpositionof

Draft Communications Data Bill

57

theGovernmentisthatithasnotenactedthecustodialprovisionforbreachesofSection55ofthe DataProtectionAct.Assuch,thedeterrentfordeliberatelyabusingdatacollectedisextremelyweak. Furthermore,thereisadangerthedatacollectedwouldbemonitoredwithouttheknowledgeofthe CSP.Inthecaseofforeignpowersorindustrialespionage,thiscouldhaveaseriouslydetrimental impactontheUKsnationalinterest. Wewouldquestionwhetherthepowersofthecommissionerswouldallowthem,forexample,to orderatechnicalauditofanyhardwareinstalled,ortoseetheaccesslogsofanysystemtheychoose toinspect.CurrentlytheInformationCommissionerreliesonnegotiatedpermissionwithrespectto privatecompanies,somethingthathasproventobeaserioushindranceintheGoogleStreetView investigation,forexample. ParliamentaryOversight TheseriesofpowersconferredontheHomeSecretarytomakeordersthatwoulddramaticallyalter thescopeoftheBillisadirectcircumventionofParliamentaryoversight. ThefactthattheJointCommitteehasnotyetseenadraftOrder,andthattheMinisterwasunableto saywhenquestionedthatitwouldseesuchadraftorder,highlightshowassurancesofParliamentary oversightarenotreassuring. Enforcement: Aspreviouslyhighlighted,thefactthatthereisnotacustodialpunishmentavailabletothecourtsin theeventofsomeonedeliberatelyaccessingdatatheyarenotentitledtoaccessisacriticalfailingin theenforcementprocess. ItshouldabsolutelybeanoffencetofailtocomplywiththeCodeofPractice. Enforcementshouldnotonlypursuethepublicauthorityresponsible,butalsotheSeniorAuthorised Officerresponsiblefortherequest. ThequestionofwhetherCSPscouldbeprosecutedorchallengedforcomplyingwiththeBillinother jurisdictionshasnotbeenaddressed. Technical Thetechnologyexistswherecommunicationstakeplaceentirelyintheopen,howeveritisfarfrom clearifthereisasuitablytechnologicalsolutionwherepartsorallofthecommunicationare encrypted,reroutedordeliberatelydisguisedinotherways.Theneedtoinspectthecontentof communicationstoassessthiswouldappeartobeprohibitedbytheBill,soevenifsuitable technologydidexistitisunclearifitsusewouldbelegal. Itisalegitimateconcernthatthetechnologyitselfwouldbeatargetforeitherattackorsurveillance, inparticulartoorganisedcrimeorforeignpowers.TheGreekVodafoneepisodecallsintoquestion howcapableCSPsareofsecuringlawenforcementaccessmechanismsagainstadeliberateand sophisticatedattack. Measurescanbetakentomitigatetheriskofloss,abuseorwrongfuldisclosurebutitisimpossibleto saywithoutqualificationthatthedatacanbestoredsecurely.Theonlyabsoluteprotectionisforthe datatonotbecollectedinthefirstplace. Itisimportanttonotethatthenormalcommercialincentivestomaintaindatasecuritydonotapply todatawheretheCSPdoesnotwanttostorethedata.Indeed,itmaybeaperverseincentiveto weakenprotectionoratleastfailtoputinplaceadequateprotectiontosupporttheargumentthat theCSPdoesnotwishtoberesponsibleforthiskindofsurveillance. Theproposalsforthefilteringagreementsaresoopaqueitisalmostimpossibletocritiquethem.The detailofthefilteringisentirelyabsentfromtheBill,andassurancesofprivacyprotectionseemto deliberatelyignorethewiderprocessingundertakenbythefilters. TheBilldoesnotexplicitlyforbidorrequirethatitistechnicallyimpossibletoundertakesearches basedonaparticularprofile,orthatonlyoneitemofmetadatacanbeadded.Forexample,detailing alltheidentitiesofmobilephonesinaparticulargeographicalareaatacertaintime,ortheidentityof

58

Draft Communications Data Bill

everypersonwhohasvisitedaspecificwebsite.Thisfishingtripstylepolicingistheveryhallmark oftheBillandatotalreversalofproveninvestigativemethods. GiventheHomeOfficeacceptstheBillwillstillleaveacapabilitygapof15% andthatisassumingthe Billis100%successful,atallordergiventhehistoryofGovernmentITprojects itisclearthat individualsandorganisationswillbeabletocircumventtheBill. Thefactthattechnologiescurrentlyinusetoprotectintellectualproperty,corporateinterests,enable secureremoteworkingandsupportsecureconsumertransactionswillinvariouswayscircumvent theprovisionsofthisBillillustratesthemagnitudeofthetechnicalchallenge. TheBillisinevitablybasedontodayslandscape,atatimewhenthedirectionoftravelforconsumers andorganisationsismovingtowardsmoresecurity,moreencryptionandmoreprivacy. Itisalsounclearhowtheproposalswillenabletheidentificationofcommunicationsofpeopleinthe sameopenonlinespaceforexampleacomputergamewithanonlineplayfunctionwhere hundredsofpeoplemaybeinvolvedinthesamegameasthereisnodirectpersontoperson communication. ThereareofcourselesstechnicalmeansofcircumventingtheBill,frommeetinginpersontothekind ofcheap,disposableSIMcardsacknowledgedinthe7/7inquest. Encryptionisthebasisofinternetsecurity.Anysuccessindecryptionifpossiblewithoutacomplicit thirdparty forexampleacertificatingauthority willleadtogreatereffortstoencryptcontentand moreadvancedformsofencryption.Itwillalsoundermineconsumerprotectionwhenusingonline servicesandmakeBritishbusinessesandcriticalnationalinfrastructurevulnerabletomalicious intent.Thisisawhollycounterproductiveoutcomewhichhighlightstheabsurdityofthislegislation. August2012

Draft Communications Data Bill

59

Caspar Bowden
CasparBowdenisanindependentadvocateforinformationprivacyrights.Hewasanexpertadviser toOppositionpartiesintheHouseofLordsforfivebills 43,andauthorofthefirstpaperon communicationsdataretention 44andthemostcomprehensiveonlineresourceonRIPA 45.From 20022011hewasChiefPrivacyAdvisertoMicrosoftin40countries,andfrom19982002was DirectoroftheFoundationforInformationPolicyResearch www.fipr.org .HeisaspecialistinData Protectionpolicy,EUandUSsurveillancelaw,privacyresearchincomputerscience,andafellowof theBritishComputerSociety.Headvisesseveralcivilsocietyassociations,andsitsasanindependent expertontheEUCommitteeforimplementingtheDataRetentionDirective 46.Theopinionsinthis submissionaretheauthor'sownanddonotrepresentanyorganization. SummaryandRecommendations

TheDataRetentionDirectiveiswithoutdoubtthemostprivacyinvasiveinstrumenteveradopted bytheEUintermsofscaleandthenumberofpeopleitaffects"PeterHustinx 47,EuropeanData


ProtectionSupervisor TheCommunicationsDataBill 48isthemostdangerouslongtermthreattoafreesocietyever proposedbyademocraticgovernment,andshouldberejectedinitsentirety.Thisresponseislengthy toprovidehistoricalandpolicycontexttotheJointCommittee 49integratingknowledgefromseveral disciplines. OvertwodecadestheUKhasbeeninthevanguard 50ofacoregroupoffiveEuropeancountries 51 seekingsystematicInternetsurveillance.Ablanketretentionregimegiveslawenforcementan InternetTardistogobackintimeandfindoutretrospectivelywhatanyonewasthinkingabout, whotheyweretalkingto,andwheretheywere.Apreservationregimeisopposedbysecurity bureaucraciesbecausetheywouldbeobligedtoseekauthorizationcasebycase andtheymightbe heldtoaccountforthosedecisionsretrospectively . Noofficialschemeforpreservationhaseverbeenpublished.Theauthorhasconsistentlyadvocated fordatapreservationastheonlyviablealternativepolicytoretention,andthefollowingsummary proposalsdevelopapositionfirstoutlinedelevenyearsago,whichrespectshumanrights,with proportionateandeffectivemeansforlawenforcement: Quickresponsepreservationonpersonswhohavebeenidentifiedasfacingarealand immediateseriousthreat,anddesignatedvulnerablegroups. Convictsofspecifiedcrimesreleasedonlicensemustregistertheirmeansofelectronic communicationfordatapreservationduringaprescribedperiod.

43 RIPA2000,H&SCA2001,ATCSA2001,IDCardsActs2005/6 44 CCTVforInsideYourHead:BlanketTrafficDataRetentionandtheEmergencyAntiTerrorism Legislation,CasparBowden,ComputerandTelecommunicationsLawReview2002 http://scholarship.law.duke.edu/dltr/vol1/iss1/47/ 45 InformationCentrefortheRegulationofInvestigatoryPowersAct www.fipr.org/rip/ 46 PlatformforElectronicDataRetentionfortheInvestigation,DetectionandProsecutionofSerious Crime http://ec.europa.eu/transparency/regexpert/detailGroup.cfm?groupID 2230 47 http://www.edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/EDPS/Pu blications/Speeches/2010/101203_Data_retention_speech_PH_EN.pdf 48 DraftCommunicationsDataBill14thJune2012http://www.official documents.gov.uk/document/cm83/8359/8359.pdf 49 http://www.parliament.uk/business/committees/committeesaz/jointselect/draft communicationsbill/ 50 DuncanCampbell28.06.1999,BritainSneaks"Enfopol"PlanIntoAction, http://www.heise.de/tp/artikel/2/2989/1.htmlalso http://www.heise.de/tp/artikel/6/6398/1.html 51 UK,Germany,France,theNetherlands,Sweden

60

Draft Communications Data Bill

Casebycasejudicialauthorizationforpreservation,targetedatthosereasonablybelievedto beengagedincriminalactivities withemergencyprocedures .Similarreformsshouldbe madeforpriorjudicialapprovalofinterceptionwarrants.Targetsshouldbenotified afterwardsofpreservationand/orinterceptionwheresuspicionsproveunfounded unless therearecompellingreasonsnottodoso . Acentreforanalysisofpreserveddata,intendedtoinvestigatelinksbetweencriminal groups,andgeneratenewtargetsforpreservation subjecttojudicialauthorization ReplacethecurrentthreeCommissionerswithaunifiedSurveillanceCommission,reporting toParliament,withmultiskilledinvestigatorsincludinghumanrightsandcomputerexperts, crediblyabletodetectanddeterabuse,corruption,andinsiderattacks. Afixedceilingonthenumberofinterceptionwarrants,andalargerceilingfortargetsof communicationsdatapreservation,whichcouldonlybealteredbyParliament.

Thedichotomyofdataretentionversusdatapreservation

BraveNewWorld1932,AldousHuxley andbiographerofPreJoseph,Richelieu'seminencegris

Therewassomethingcalledliberalism.Parliament,ifyouknowwhatthatwas,passedalawagainst it.Therecordssurvive.Speechesaboutlibertyofthesubject.

Thepolicychoicebetweendataretentionandpreservationisasharpdichotomy.Eitherdataexistsor itdoesn't.Themainobjectionsofprincipletomandatorysystematicretentionofcommunications dataare: atimemachinetoscrutinizeeveryone'spastbehaviourwithoutpriorreasonistyrannical Internetandmobileusagepatternsrevealsensitivedataaboute.g.politicsandintimatelife masssurveillanceofeveryonlinesocialrelationshipisincompatiblewithafreesociety locationdatahasspecialprivacyrisksbecauseitcaneasilybecorrelatedwithotherdata claimsthatitisnecessaryjusttomaintainpolicecapabilitiesdon'tstanduptoscrutiny communicationsdatamaybeequally ormore intrusivethaninterceptionofcontent mostcriminalscouldbecaughtbytargeteddatapreservationratherthanblanketretention dataretentionhasonlyhappenedthroughrushedlegislationinresponsetoshockingevents ifretentionofcommunicationsdataisjustifiable,whynoteveryotherkindofdataalso? Proponentsofdataretentionoftensaytheycannotunderstandthereasonsofobjectors.Theysaythat thedatawillonlybeaccessedwithproperauthoritywhenjustifiable;obviouslycircumstancesexist inwhichnoamountofforesightcanguaranteethatusefuldatawillhavebeenpreserved.UKpublic opinionhasneverregisteredstrongobjections unlikee.g.Germanywhichhasseenprotestsin40 cities 52 ,andthepoliceinsistthedataisvital.Sowhyobject? Theessentialreasonisthatalthoughpublicopiniondoesnotseemtodayanymoreconcernedabout theintensificationofsurveillancecapabilitiesusingtrafficanalysis,datamining,socialnetwork analysis,thatisaveryshorttermview.Ubiquitouspersonalcommunicationtechnologiesarehereto stay,andbecauseofexponentiallyfallingdatastoragecosts,inthelongruntwocontrastingstatesof societycanbeenvisaged.Subjecttoexceptions,thedefaultmustbeeitherthatindividualsdetermine whetherandwhentheirhistoryisrecorded,ordatawillexistabouteveryoneallthetime.Atsome pointinthefuture,mostpeoplewillunderstandtherealityofdataveillance 53andthelossof associatedfreedoms.UKpolicyisbasedontheideathatsolongasthisdoesn'thappenthereisno chillingeffect,noproblemfordemocracy. AnotherargumentoftenheardfromgovernmentisGoogle/Tescoenvywhataboutthemountains ofdata moreorless lawfullyaccumulatedintheprivatesector?Whyshouldthestatenotalso collectBigDataanduseforsociallybeneficialpurposes?Theweightofdisinterestedopinion amongstinformationprivacyandsecurityexpertsisclear.Indiscriminateaccumulationofpersonal

52 http://www.vorratsdatenspeicherung.de/content/view/161/79/lang,en/ 53 http://www.rogerclarke.com/DV/

Draft Communications Data Bill

61

dataisstoringuptroubleandthevauntedbenefitsofBigDataoftenamounttoexploitationwithout compensation,whichwilllikelyhavesociallyregressive 54outcomes.Intensecommerciallobbyingis alreadyunderwaytodeflectanddiluteregulationwhichcouldpreventtheseharms. Newcomputerscienceresearchshowshowprivacyengineering 55canmaintaintheautonomyand discretionwedependontoexplorenewsocialandpersonalexperiences,seekmedicaltreatmentand spiritualadvice,andenablejournaliststoresearchconfidentiallywhatitwouldbeimpolitictoreport withattribution.Howeverdataretentionandtheslowpaceoflegalreformisrapidlydemolishing mosttraditionalpossibilitiesforsuchprivilegedprofessionalandpoliticalprivacy.EvenintheUS, withtheConstitutionalprimacygiventofreedomofexpressionandindemnitiestothepress 56

ReportersCommitteeforFreedomofthePress,anadvocacygroup,saidtheeffectofthe currentinvestigationcomesontopofagrowingawarenessbyjournalistsinthelasttwo yearsthatthegovernmentoftentracksemployeesemailandtelephonecontacts.Reporters arebeginningtoresorttotheoldpracticeofmeetingonaparkbenchtoavoidleavingan electronictrail

FromDataRetentiontodatamining

ThebiggestproblemisthatMemberStatesuseretentiontodaynotonlytocombatterrorismand seriouscrime.AfterthesocalledePrivacyDirective,suchdatamaybeusedforotherpurposes,such ascrimepreventionortheprotectionofpublicorder,whichisaveryvagueterm...Theapplication mustbestrictlylimitedtoterrorismandseriouscrime.EUCommissionerCeliaMalmstrm 577th


July2012 CommunicationsdataretentionisapolicymadeinBritain.

Thelineageoftrafficanalysis analysisofpatternsofcommunicationsaboutwhoistalkingto whom asanintelligencetechniquecanbetracedbacktoWW2andevenWW1. 58 In1991anITVdocumentaryonelectronicsurveillanceincludedaninterviewwithaformerJoint IntelligenceCommitteeofficial 59,whodisclosedtheexistenceofamemorandumfromSirPeter Marychurch DirectorofGCHQ whichseemstohavesuggestedthedataminingofdomestic communicationsdataforsecuritypurposes. Police,securityandintelligenceorganizationshavebeenseekingtoestablishmandatorysystematic dataretentionsinceatleast2000.Anunpublishedpaper 60fromthemajorUKAgenciescollectively lobbyingtheHomeOfficetointroduceaNationalDataWarehousewaspostedontheInternetandis worthrereadingforitsprecociousambition.

54 e.g.behaviouraladvertisingwilldiscriminateagainsttheleastaffluent,leastabletoparticipatein commerciallife 55 DigitalPrivacy:Theory,TechnologiesandPractices.AlessandroAcquisti,SabrinaDeCapitanidi Vimercati,StefanosGritzalis,CostasLambrinoudakis eds .AuerbachPublications Taylorand FrancisGroup ,2007 56 NewYorkTimes1stAugust2012InquiryIntoU.S.LeaksIsCastingChillOverCoverage http://www.nytimes.com/2012/08/02/us/nationalsecurityleaksleadtofbihuntandnews chill.html?_r 2&pagewanted all&pagewanted print 57 http://www.faz.net/aktuell/politik/europaeischeunion/euinnenkommissarincecilia malmstroemwirwarensehrgeduldigmitdeutschland11808962.html 58 GeorgeDanezis,RichardClayton,IntroducingTrafficAnalysis 2007 http://research.microsoft.com/enus/um/people/gdane/papers/TAIntrobook.pdf 59 ITVWorldinAction1991,DefendingtheRealm,NickDaviesinterviewingRobinRobison formerJICofficial 60 LookingToTheFuturesubmissiontotheHomeOfficeforlegislationondataretentionfrom ACPO,ACPO S ,HMC&E,SS,SIS,GCHQ 21stAugust2000 http://cryptome.org/ncis carnivore.htm

62

Draft Communications Data Bill

4.WHATTYPEOFDATASHOULDBERETAINED?..Allcommunicationsdatageneratedinthe courseofaCSP'sbusinessorroutedthroughtheirnetworkorservers,involvingbothInternet andtelephoneservices,withinawidelyinterpreteddefinitionof"communicationsdata" ...TheAgencies'positionis,therefore,thatdatashouldberetainedforFIVEYEARS. 6.6.4Ifthefiguresareexpandedtotryandestablishtheglobalcostofdatastorageand retrievalacrosstheUKmarket,itisestimatedtoamounttoaround9millionperannum ThekerneloftheCDBwasalreadyfullyformedin2000,beforetheOlympics,nationalscalerioting, 7/7,Iraq,Afghanistan,and9/11.Thereisthedifferenceofastillstaggeringdemandforalonger retentionperiodthanhaseverbeencontemplatedinanycountry 61,theestimatedcostsarenow twentytimeshigher 62 1.8bnover10years ,andtheagendaofgeneralizeddataminingisnow moreorless outintheopen,albeiteuphemisticallydubbedFiltering ofhumongousamountsof datawhichoughtnottobecreatedforretentioninthefirstplaceexceptinsomerickety60'sTV dystopia . Bowden's2002paperondataretentionwenttopressbeforeACTSA2001passed,butstated Automatedtrawlingoftrafficdatabasesisapowerfulformofmasssurveillanceoverthe associationsandrelationshipsthatconstituteprivatelife.Italsorevealsthesequenceand patternofthoughtofindividualsusingtheInternetitcouldbedescribedasclosedcircuit televisionfortheinsideofyourhead ...Atthesametime NCIS werelobbyinginsecrettowarehousetheentirepopulations trafficdata,theDirectorofNCISwrotethat"conspiracytheoristsmustnotbeallowedtoget awaywiththeridiculousnotionthatlawenforcementwouldorevencouldmonitorall emails." 63 Oneofthemajorpurposesoftrafficanalysisofcommunicationsdataistoidentifytargetsthrough patternanalysis.TheDGforcounterterrorismattheHomeOfficeassertedinevidencetotheDraft CDBCommitteethat CharlesFarr 64 Q28 :Ifyouhavethedataprovidedforinthislegislation,thenyoucan resolveincreasinglyanonymouscommunications,whichareafeatureofthecommunications environmentinwhichwelive.Toputitanotherway,ifyouhavetherightkindofdata,issues ofanonymisationceasetobeasignificantproblem. 9/11andWarrantlessWiretappingintheUS Inadifferentforum,threedayslater,aseniortechnicalexpertwhodesignedverylargescaletraffic analysissystemsfortheNationalSecurityAgency theUScounterparttoGCHQ explainedhow,on thecontrary,mobiletelephoneanonymitycouldalwaysbemaintainedwithelementarytradecraft WilliamBinney 65:buythrowawayphonesandkeepbuyingthem...themostsecurewayisfor youtobuytwophones,giveonetoyourfriendandyoutakeone,itwillshowupinthegraph asalink,anisolatedlink,butyou'llnotbeconnectedanywhere

61 exceptforPoland,whichlegislated8yearsbrieflybyaccidentinthemid00's,andthenswiftly repealed 62 http://www.computerworlduk.com/news/itbusiness/3364147/governmentsdatasnooping billwillcost18bn/ 63 http://www.guardian.co.uk/technology/2000/jun/15/security.internet 64 UncorrectedOralEvidenceTakenBeforeTheJointCommitteeOnTheDraftCommunications DataBill 10thJuly2012 http://www.parliament.uk/documents/joint committees/communicationsdata/ucJCDCD100712Ev1.pdf 65 KeynoteatHOPE9conf NewYorkCity,13thJuly2012, http://www.youtube.lu/watch?v hqN59beaFMI1hr12m .

Draft Communications Data Bill

63

Itseemsunlikelythatsuchasimplecountermeasurewouldnotbewellunderstoodbyterrorists, eveniftrafficanalysiswouldbeeffectiveagainstopportunisticperpetratorsoflessseriouscrimes. Mr.BinneybecameawhistleblowerbecausehewasconcernedthattheNSAwasspyingonAmericans illegallyusingtrafficanalysisofcommunicationsdata,verymuchasisbeingproposedinthe RequestFilteringClause14oftheUKdraftCDBbill.Inhisremarkablespeech,worthwatchinginits entirety,hedescribeshowtheNSAhadalreadysoughtsuchdataillegallyinFebruary2001 66 i.e. before9/11andthepassageofthenotoriousPatriotAct .After9/11,theNSAinitiatedseveral furthercommunicationsmasssurveillanceactivitieswhichbecameknowncollectivelyas warrantlesswiretappingincludingonecodenamedStellarWind.Theseprogramsonlycametolight asaresultofdiligentinvestigativereportingusinginformationprovidedbyNSA andFBI whistleblowersconcernedaboutviolationsoftheUSConstitutionandstatutelaw.Forseveralyears, thesewhistleblowers andjournalistsandeditors havebeenthreatenedwithprosecutionon speciouscharges.Althoughstillnotwidelyreported,aconsistentpatterntohaveemergedisthat officialchannelsforescalation,investigationandCongressionalscrutinywerethwartedwiththe complicityofsomeofthemostseniorlegislativeandjudicialauthorities.Onlyaftertherevelationsof NewYorkTimesjournalistsJamesRisenandErichLichtblauwerepublishedin2005 aftertheir newspapercensoreditselfforayearuntilafterthe2004election didacomplaisantCongressmake whathadbeenillegal,legal inthewordsofanotherNSAwhistleblowerThomasDrake 67 through passingtheProtectAmericaAct2007andtheFISAAmendmentAct2008. RIPAs.16 3 effectively WarrantlessWiretappinginsidetheUK? TherelevanceofalltheabovetotheUKisthatinanalmostunnoticedsectionofRIPA2000,thesame issuehadbeenanticipatedandlegalizedpreemptively.Therewassubstantialdebateonthispointin theHouseofLordsasaresultofamendmentsandbriefing 68fromtheFoundationforInformation PolicyResearch.LordBassamrespondedtopointsindebateinaletter 69toLordPhillipsofSudbury LordBassam:....insomecasesselection oftrafficformasssurveillance willunavoidablybe appliedtoallinterceptedcommunications.Thisselectionisinpracticedesignedtocollect externalcommunicationsthatfitthedescriptionsinthecertificate.Itisthereforenotlikelyto catchmanyinternalcommunications.Itwouldofcoursebeunlawfultoseektocatchinternal communicationsintheabsenceofanoverlappingwarrantoracertificatecomplyingwith Section16 3 Althoughthefrontbenchesthenplayeddowntheissue asaresultofbriefingfromGCHQ ,some backbenchersremaineddissatisfiedatReport 70stage LordLucas:Both frontbench nobleLordsseemedtobestrivingextremelyhardtogivethe Governmentthebenefitofthedoubtandtofindsomewayinwhichwhatiswrittenplainly andclearlyintheBillshouldnotbetrue.ItisabsolutelyobviouswhatisintheBillatleastit istomeandthatis,yes,trawlingbecomeslegal.TheHomeSecretaryhastorenewthe warranteverythreemonths,buthecantrawlongroundsofeconomicwellbeingandserious crime,aswellasterrorism,toanyextentthathewishes. Byanalogy,twoUSsenators 71haverecentlyblockedrenewalofthecorresponding2008lawbecause

66 ibid32m 67 DemocracyNowinterviewwithThomasDrake26thMarch2012 http://www.democracynow.org/2012/3/26/part_2_former_nsa_employee_thomas49m 68 http://www.fipr.org/rip/#Overlapping 69 http://www.fipr.org/rip/Bassam%20reply%20to%20Phillips%20on%20S.15.3.htm 70 LordsHansard12thJuly2000 http://hansard.millbanksystems.com/lords/2000/jul/12/regulationofinvestigatorypowers bull#S5LV0615P0_20000712_HOL_383 71 http://www.wyden.senate.gov/news/pressreleases/wydenplacesholdonfisaamendments actextension

64

Draft Communications Data Bill

theyaskedfor anestimateofthenumberofpeoplelocatedintheUnitedStateswhose communicationswerereviewedbythegovernmentpursuanttotheFISAAmendmentsAct. TheOfficeoftheDirectorofNationalIntelligencerespondedthatitwasnotreasonably possibletoidentifythenumberofpeoplelocatedintheUnitedStateswhosecommunications mayhavebeenreviewedundertheauthorityoftheFAA. HowevertheanalogybetweenthecontroversyoverRIPA2000s.16 3 andtheFISAAmendmentAct 2008s.1881adoesnotholdinfourimportantsenses.Firstly,thecontroversyintheUShasbeen documentedinbooks 72,magazines 73 74,newspapers 75,currentaffairstelevisionprograms 76and websites 77 althoughitremainslittleunderstoodinthelegislature asaresultofinsider whistleblowersconcernedthatthecategoricalprotectionspromisedtoUScitizensbystatutesand theConstitutionwerebeingillegallysubverted. IncontrastintheUK,theissuesarisingfromRIPA16 3 haveonlybeenconsidered outsideof government byafewmembersoftheHouseofLordsandahandfulofsurveillancepolicyanalysts andneverbyaParliamentarySelectCommittee,ortheIntelligenceandSecurityCommittee,POST, ortheInvestigatoryPowersTribunalunlessperhapsinsecret .Therehasbeenexactlyonepress article 78,andnobooksortelevisiondiscussionwhatsoever. AseconddifferencefromtheUSsituationisthattheUKstatutesdonotpromiseanyanalogous categoricallysuperiorprotectionstoUKcitizens,indeedtheycannotdosobecausediscriminatingby nationalityinthiswaywouldbeincompatiblewiththeHumanRightsAct 79.InsteadRIPAdefines externalcommunicationsasthosewhichbeginorendoutsidetheUK,andcertificatedwarrantsfor trawlingthroughtheseusingsupercomputerstosearchforabstractfactors 80.TheBassamletter revealsthegovernmentin2000wellunderstoodthattheexternalconceptwasincoherentfordigital communicationsusingmultilayeredprotocols,splitintodatagrams,andautonomouslyrouted throughpacketswitchednetworks.HoweverthisissuewasfaraheadofwhatParliamentcouldthen assimilate,sotherewasnoproperdeliberationoftheconsequencesforprivacyandfreedom,inthe waythatisnowhappeningtosomeextentintheUS.ThecomparisonbetweentheUKandtheUS isespeciallyrelevantbecauseofthelongstandingintelligencetiesbetweenNSAandGCHQ,andtheir Internetsurveillancecapabilitiesaremuchlargerthanallotherdemocraticcountries. Thirdly,whilsttheintentionalwarrantlessmasssurveillancedocumentedintheUShasbeenwidely criticizedasillegal,wedonotknowifanyanalogousdomesticmasssurveillancehasbeenauthorized underRIPAS.16 3 certificatedwarrants.TheInterceptionCommissionerhasneverreferredtothat sectioninhispublishedannualreports,orindeedmadeanyreferencetocertificated trawling warrants 81.Interpretationofthe16 3 clauserequiresunravelingnestedandinterlockingclauses, 72 ErichLichtblauBush'sLaw:TheRemakingofAmericanJustice,2008,Pantheon 73 JaneMayer,TheNewYorkerTheSecretSharer http://www.newyorker.com/reporting/2011/05/23/110523fa_fact_mayer?currentPage all 23rdMay2011 74 JamesBamford,WiredTheNSAIsBuildingtheCountrysBiggestSpyCenter15thMarch2012 http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/ 75 SiobbhanGorman,WallStreetJournalNSA'sDomesticSpyingGrowsAsAgencySweepsUpData http://online.wsj.com/article/SB120511973377523845.html 10thMarch2008 76 PBSTheSpyFactory3rdFebruary2009 http://www.pbs.org/wgbh/nova/military/spy factory.htm 77 http://en.wikipedia.org/wiki/NSA_warrantless_surveillance_controversy 78 Theauthorattemptedtobriefnewspaperandbroadcastcurrentaffairseditorswithoutany apparentinterest,resultinginonlyin http://www.guardian.co.uk/technology/2000/aug/10/news.onlinesupplement 79 Av.SecretaryStateHomeDepartment 2004 UKHL56, 2005 2AC68 80 Factorsmayselectaccordingtotrafficpatterns whoistalkingtowhom ,keywords,voiceprints, andalgorithmsalsoexistforsearchingtextsforparaphrasedmeaning latentsemantic indexing . 81 Exceptinthefirstreportwhichdubiouslyinventedoverlappingwarrants http://www.fipr.org/rip/#Overlapping

Draft Communications Data Bill

65

phrasedintriplenegativesusingpseudotechnicaljargon.Noopenjurisprudenceorscholarshipcan developbecauseofthesecrecyprovisionsofRIPA.TheUKlostarelevantcaseattheECtHRin Strasbourgin2008 82butthatconcernedthepreviousIOCA1985law.TheBassamletterisallthatis known,butwedonotevenknowiftheIoCCisawareofthatletter,agreeswithorenforcesits prohibitions,orunderstandsitstechnicalities. Fourthly,therearesomeindications 83 84 85thattheStellarWindprogramintheUSmainlyorwholly concerneddatamininganalysisofnoncontentmetadata suchascommunicationsdatabut perhapsotherkindsoftransactionalrecordsalso ,notmassinterceptionofthecontentsof communications.Thedistinctionishabituallymuddledin everycountry's presscoverageand legislativedebate,buttrafficanalysisistheprimarytechniqueforselectingwhatcontentgets interceptedinbothtargetedandmasssurveillanceofcommunications.Itmightexplaintheblas confidenceofUSadministrationofficialsthatthistypeofdataminingdidnotbreaktheFISAlawat leastnotinthewaymostcriticsalleged. HowevertheprivacyinvasiverealityoftrafficanalysisinbulkisnotadequatelyrecognizedinUSor UKlaw.Thepost9/11surveillanceindustrialcomplexisfoundedontheshibboleththatwhilst contentdeservestheprotectionofawarrant,merecommunicationsdataengagesprivacyrights toavastlylesserextent,anditsacquisitionmaybeselfauthorizedbylawenforcementagencies.This legalfictionisprecariouslysustainedbylawenforcementagenciescarefullyavoidingtestcaseswhich mightupdatebindingprecedentsdatingfromtheeraofmechanicaltelephoneexchanges 86. TheAntiTerrorismCrimeandSecurityAct2001Ch.11introducedapowertocompelblanket retentionofcommunicationsdata,ifserviceprovidersdeclinedtodosovoluntarily.TheLiberal Democratsintroducedanamendmentwhichsoughtinsteadonlytopermitpreservationofdata directlyorindirectlyrelatedtonationalsecurity 87. LordPhillipsofSudbury:...whatevertheMinisterthinksaboutmasstrawlingandmass surveillance,theHomeOfficeknowsthatthatispreciselywhattheseclausesrelateto.Itis theirability,viatheSecretaryofState'sdirection,torequiretheentireindustrytoretainits entirestockoftrafficdataforanunlimitedperiod.Itisthatpowerthatenablesthesecurity industrytohaveaccess,viatheRegulationofInvestigatoryPowersActandtheData ProtectionAct,tothishugewarehouseofinformation.WeonthissideoftheHousehave repeatedlysaidthatwearenotcontentwiththebalanceasstruck.Thatiswhywewantthe amendmenttoremain. ...NCISisbuildingandhasmadeitquiteclearthatitwantstogoonbuildinganational trafficdatawarehouse.Thatisitsaim.Indeed,aseniormemberofthatbodysaidrecently, Wewanttohavealltheinformationwecanlayhandson.It'suptoyoufellowstostopus". InanexhaustingdebatebetweenbothHouses,inwhichfewparliamentariansgraspedtheconceptual differencebetweenretainingdataontheentirepopulationversusthesmallfractionaboutwhom priorsuspicionsmightexist,theamendmentwasonlyacceptedbythegovernmentinafogof confusionwithaseeminglyincoherentrationale 88.AQC'sOpinion 89laterobtainedbytheInformation 82 LibertyandothersvUKno.58243/00 2008 ECHR 83 http://en.wikipedia.org/wiki/NSA_call_database 84 USwiretaplawauthorityOrinKerron15thDecember2008 http://www.volokh.com/posts/1229325134.shtml 85 Newsweek12thDec2008 http://www.thedailybeast.com/newsweek/2008/12/13/nowwe knowwhatthebattlewasabout.html 86 ToksonM,AutomationandtheFourthAmendment,IowaLawReview,2011 http://128.255.56.99/~ilr/issues/ILR_962_Tokson.pdf 87 LordsHansard13thDec2001 http://www.publications.parliament.uk/pa/ld200102/ldhansrd/vo011213/text/11213 17.htm 88 CommonsHansard13thDec2001,DavidBlunkett HomeSecretary :Theamendment,in relationtopart11thereforesuggeststhatweshouldtrytoseparateoutthosepartsofdata.AsI triedtoexplainonanumberofoccasions,includinglastnight,itisnotpossibletodothat,but paradoxically,becauseitisnotpossibletodoit,itisnotreasonabletosuggestthatweshouldnot

66

Draft Communications Data Bill

Commissionerfoundthatblanketretentionwasabreachoftherighttoprivacy,anticipating subsequentargumentsovertheEUDataRetentionDirective 90,buttheICOchosetoacquiescetothe HomeOfficeandofferednofurtherresistance. WaitingforStrasbourg orLuxembourg ? SeveralConstitutionalCourtsaroundEuropehaveruledthatblanketdataretentionisunlawful 91.A caseinitiatedbyDigitalRightsIrelandwhichwilltestthehumanrightscompatibilityoftheDR DirectiveisnowinprogressattheECJ 92.TheECtHRhasrecognizedinunambiguousjudgments 93that therighttoprivatelifeunderArticle8isengagedby a processingcommunicationsdataperse,or b themerecollectionofdataaboutindividuals irrespectiveofwhetheritisexamined ,or c the indiscriminateaccumulationofdataaboutentirepopulations.Puttinga/b/ctogether,logicallythe Courtoughttofind whenasuitablecasearrives thattheprincipleofblanketretentionof communicationsdataforthepurposesoftrafficanalysisthroughdataminingisatleasta disproportionateviolationofArt.8,andperhapsalsothatnotonlyisthisunnecessaryinademocratic society,itisincompatiblewithdemocracy.ThisconclusioncanalsobededucedfromtheGeneral CommentontherighttoprivacyinInternationalCovenantofCivilandPoliticalRights 94. EvenwithregardtointerferencesthatconformtotheCovenant,relevantlegislationmust specifyindetailtheprecisecircumstancesinwhichsuchinterferencesmaybepermitted.A decisiontomakeuseofsuchauthorizedinterferencemustbemadeonlybytheauthority designatedunderthelaw,andonacasebycasebasis. HoweverUSandECHRjurisprudencedivergefundamentallyovertheprivacysensitivityof communicationsdata.UScourtshaveheldsofarthatindividualshavenoexpectationofprivacyin trafficandlocationdatabecausetheyarenecessarilydivulgedtothirdparty 95serviceoperators. TheUKtriedoutasimilarargumentatStrasbourginCoplandvUK 962007


doit.Iamthereforepreparedtoaccepttheamendmentsthathavebeentabled.Inordertobeable toimplementwhattheywant,wewillhavetoretainthedata,sothatitcanbeaccessedtotestout whethertheintelligenceservicesarerightinbelievingthatitisrelevantintacklingterrorists. ThatishowstupidtheLiberalDemocratsare. !? http://www.publications.parliament.uk/pa/cm200102/cmhansrd/vo011213/debtext/11213 36.htm BenEmmersonQC 31stJuly2002 http://www.guardian.co.uk/technology/2002/jul/31/internet.politics KostaEleni,ValckePeggy 2006 "Retainingthedataretentiondirective",CompLaw&Sec Report,Vol22,Issue5,p.370380 http://www.law.kuleuven.be/icri/publications/824a2_Kosta,Valcke_2006_CLS_DataRetentionDir ective.pdf e.g.Romaniawhichfoundthatapositiveobligationthatforeseesthecontinuouslimitationofthe privacyrightandthesecrecyofcorrespondencemakestheessenceoftherightdisappear http://www.legiinternet.ro/english/jurisprudentaitromania/deciziiit/romanian constitutionalcourtdecisionregardingdataretention.html CaseC293/12http://curia.europa.eu/juris/fiche.jsf?id C;293;12;RP;1;P;1;C2012/0293/P ECHR a Malonev.UK 1984 andCoplandv.UK 2007 , b Amannv.Switzerland 2000 and Rotaruv.Romania 2000 , c SandMarperv.UK 2008 CCRPGeneralCommentNo.16:Therighttorespectofprivacy,family,homeandcorrespondence, andprotectionofhonourandreputation Art.17 :.04/08/1998 http://www.unhchr.ch/tbs/doc.nsf/%28Symbol%29/23378a8724595410c12563ed004aeecd? Opendocument AmericanBarAssociationJournalTheDataQuestion:ShouldtheThirdPartyRecordsDoctrine BeRevisited? http://www.abajournal.com/magazine/article/the_data_question_should_the_third party_records_doctrine_be_revisited/ 1stAugust2012 http://www.bailii.org/eu/cases/ECHR/2007/253.html

89 90

91

92 93 94

95

96

Draft Communications Data Bill

67

UK:Althoughtherehadbeensomemonitoringoftheapplicantstelephonecalls,emailsand Internetusagethisdidnotextendtotheinterceptionoftelephonecallsortheanalysisof thecontentofwebsitesvisitedbyher.Themonitoringthusamountedtonothingmorethan theanalysisofautomaticallygeneratedinformationwhich,ofitself,didnotconstitutea failuretorespectprivatelifeorcorrespondence TheECtHRcompletelyrejectedthisviewintheirjudgment 43.TheCourtrecallsthattheuseofinformationrelatingtothedateandlengthoftelephone conversationsandinparticularthenumbersdialledcangiverisetoanissueunderArticle8 assuchinformationconstitutesanintegralelementofthecommunicationsmadeby telephone seeMalonev.theUnitedKingdom,judgmentof2August1984,SeriesAno.82, 84 .ThemerefactthatthesedatamayhavebeenlegitimatelyobtainedbytheCollege,inthe formoftelephonebills,isnobartofindinganinterferencewithrightsguaranteedunder Article8 ibid .Moreover,storingofpersonaldatarelatingtotheprivatelifeofanindividual alsofallswithintheapplicationofArticle81 seeAmann,citedabove,65 .Thus,itis irrelevantthatthedataheldbythecollegewerenotdisclosedorusedagainsttheapplicantin disciplinaryorotherproceedings. 44.Accordingly,theCourtconsidersthatthecollectionandstorageofpersonalinformation relatingtotheapplicantstelephone,aswellastoheremailandINTERNETusage,withouther knowledge,amountedtoaninterferencewithherrighttorespectforherprivatelifeand correspondencewithinthemeaningofArticle8. emphasisadded OneofthemostthoroughrecentexaminationsofthelegalityoftheEURetentionDirective emphasizedthatinanydeterminationofthecompatibilityoftheprincipleofretention 97thefact thattrafficanalysisanddataminingcanberealisticallyperformedusingtheretainedtrafficand locationdataisanaggravatingfactortobeconsidered. AFinnishRedHerring TheExplanatoryNotesofthedraftCDBfloatsaspeciouscomplianceargumentatfootnote 2 Seee.g.,K.U.vFinland 2008 ECHR2872/02,atpara.49 ....Althoughfreedomofexpression and confidentialityofcommunicationsareprimaryconsiderationsandusersof telecommunicationsand Internetservicesmusthaveaguaranteethattheirownprivacyandfreedomofexpression willbe respected,suchguaranteecannotbeabsoluteandmustyieldonoccasiontootherlegitimate imperatives,suchasthepreventionofdisorderorcrimeortheprotectionoftherightsand freedomsof others....Itisnonethelessthetaskofthelegislatortoprovidetheframeworkforreconciling thevarious claimswhichcompeteforprotectioninthiscontext. K.U.vFinlandappearedaroundthetimeofMarper,butattractedlittlecommentoranalysisatthe timeincomparison,andtheprominencegiventoitbytheHomeOfficeshowstheythinkitistheir bestripostetoECtHR'sdeprecationofindiscriminatecollection. Butdespitethe uncharacteristic rhetoricalsideswipesatInternetanonymity,itismuchweaker thanitseemsbecausetheseremarkswereindicta.Itisnotentirelyclearwhethertheauthorofthe judgmentunderstoodthepoint,butitwasnotnecessaryinthiscasetoconsiderthejustifiabilityof blanketandindiscriminateretentionofdatawhichwouldnototherwiseexist.Thedataatissueinthe K.U.casedidexist,butFinnishlawwasdefectiveinnotallowingitsusetoinvestigatethecrime.Itis

97 Feiler,L.,"TheLegalityoftheDataRetentionDirectiveinLightoftheFundamentalRightsto PrivacyandDataProtection",EuropeanJournalofLawandTechnology,Vol.1,Issue3,2010. http://ejlt.org//article/view/29/75

68

Draft Communications Data Bill

notreasonabletoassumethattheECtHRwouldwishtofinessesuchamassivelyimportantquestion, sothecasecannotbearthethesignificancetheHomeOfficeimplies. InteractionswithDataProtectionlaw

WeshouldselectanypersonfromtheinhabitantsoftheEarth...usingnomorethanfive individuals...hecouldcontacttheselectedindividualusingnothingexceptthenetworkofpersonal acquaintancesFrigyesKarinthy 981929


Communicationsdata,evenwithoutanyinformationaboutthecontentofcommunication,canreveal highlysensitiveinformationinsurprisingways.Muchinformationisrevealedthroughthesocial graphofrelationshipsbetweenindividuals,particularlyifeachconnectionisannotatedwithstrength information,suchashowoftentwoindividualscommunicate. Inferringsensitivedatafromthesocialgraph 99. Forexample,introvertsmightcommunicatemoreoftenwithasmallercircleofcontactswhoareall related,whileextrovertsmighttendtocommunicatelessoftenbutwithalargercircleofcontacts fromdifferentsocialspheres,revealingabasicprofileofpersonality.Suchinformationcanbe revealedsimplythroughpatternsofcommunication,whichsociologistshavestudiedfordecades priortotheadventofwidespreadInternetcommunication 100. Muchmorepowerfulinferencescanbedrawnusingtheprincipleofhomophilymostpeopleare muchmorelikelytocommunicatefrequentlywithindividualswhoarelikethem.Itisarobust phenomenonandhasbeenobservedacrossculturesandalargenumberofpersonaltraits,including age,occupation,socialclass,religion,politicalaffiliation,genderandsexualorientation,andalso includingimplicittraitslikeintelligence,attitudes,values,andaspirations 101. Intheseways,socialnetworkanalysisofcommunicationsdatacangeneratesensitive akaspecial category personaldata,withoutanyknowledgeofthecontentofcommunications.DataProtection Authoritieshaveremainedsilentaboutthisproblem ithasscarcelybeenaddressedinanyArt.29 Opinion 102 ,perhapsbecauseitseemstoocorrosivetoadefinableconceptofsensitivepersonaldata. Withtheadventofonlinesocialnetworks,researchershaverecentlybeenabletoacquiresufficiently largedatasetstodemonstratethepoweroflargescaleinferenceusinghomophily.Giveninformation aboutprivatetraitsofsomeindividuals,suchassexualorientationorreligion,itispossibleaccurately topredictthistraitformanyotherindividualsusingthesocialgraph. 103Verysimilarexperiments havesuccessfullydemonstratedpredictionofusers'politicalaffiliation 104 105 106,gender 107 108,and

98 originatorofthepostulateofsixdegreesofseparation 99 IamgratefultoJosephBonneauforhelpwiththispassage 100Wasserman,S.&Faust,K.,SocialNetworkAnalysis,CambridgeUniversityPress,1994 101McPherson,M.,SmithLovin,L.&Cook,J.,Birdsofafeather:Homophilyinsocialnetworks, AnnualReviewOfSociology,AnnualReviews, 2001 ,Vol. 27 ,pp. 415444 102Art.292010WP171ononlinebehaviouraladvertisingifanadnetworkproviderprocesses individualbehaviourinorderto'placehim/her'inaninterestcategoryindicatingaparticular sexualpreferencetheywouldbeprocessingsensitivedata 103Thisapproachwasfamouslydemonstratedinthecaseofsexualorientation,whereaverysimple algorithmusingonlybinaryfriendshipconnectioninformationandasmallnumberofmen knowntobehomosexualwassufficienttopredictthesexualorientationofabout6,000students atMITwithabout80%accuracy 104Lindamood,J.,Heatherly,R.,Kantarcioglu,M.&Thuraisingham,B.Inferringprivateinformation usingsocialnetworkdata,Proceedingsofthe18thInternationalConferenceonWorldWideWeb, ACM,2009,pp.11451146 105Mislove,A.,Viswanath,B.,Gummadi,K.P.&Druschel,P.Youarewhoyouknow:inferringuser profilesinonlinesocialnetworks,ProceedingsoftheThirdACMInternationalConferenceon WebSearchandDataMiningACM,2010,pp.251260

Draft Communications Data Bill

69

hobbies 109.Thistypeofinferencecouldimprovesignificantlygivenamorefinegrainedsocialgraph withinformationaboutthefrequencyanddurationofcommunicationbetweenindividuals. LimitstothescopeofcommunicationsdataBigBrowser CardinalRichelieu 15851642

"Ifyougivemesixlineswrittenbythemosthonestman,Iwillfindsomethinginthemtohanghim"

ThedefinitionofcommunicationsdatainthedraftCDBareessentiallyunchangedfromRIPA2000. Thedefinitionincludedthename orIPaddress ofwebsitesbrowsed www.bbc.co.uk ,but excludesanythingafterthefirstslash www.bbc.co.uk/news/ukpolitics18003315 . Itisworthrecallingthesequenceofeventswhichresultedinthislimitation.DuringtheRIPAdebate intheHouseofCommons,FIPRwarned 110thatanylogsofwebpagesvisited inthetransparent cachesofanISPorlogsretainedbyhybridcommunicationservicesincorporatingsearchenginesor portals couldbecaughtinthevaguedefinitions,andpromotedamendmentstodrawoutthe government'spositionintheHouseofLords.Aquickeningtempoofadversemediacoverage 111inthe tradeandbroadsheetpressincreasedthepressureforchangesandclarificationswhichhadbeen impassivelyblockedformanymonthspreviously LordLucas:...theidentityofeverysinglewebpagethatisvisitedisknown.Itisasifunderthe heading"communicationsdata"theGovernmentareabletoknowabouteveryshopthatI havevisitedandeverypageofeverybook,magazineorarticleIhaveread.IfImakearequest toasearchengine,inmostformatsthatcountsascommunicationsdatabecauseitisasignal toactuatethesearchengine. LordCopeofBerkeley:..."communicationsdata"ontheInternetwidenstheissueagreat deal,inparticular,inrelationtovisitstowebsites,andsoon....Webelievethatitmaybe necessarytohavegreatercontrolsovertheextentofthisintrusionthanatpresent. LordBassam:Itisbecomingclearthatthecurrentdefinitionisnotadequate...Idonothavea newdefinitionof"communicationsdata"tooffertoday Theminidebate 112showstheHouseofLordsatitszenithasarevisingchamber,butitspowersto convertforensiccrossexaminationintotextualchangeswere andare rathermodest.Thecritical factorwasagenerallossofconfidenceintheExecutive'scompetenceaboutthesubject's technicalities,whichobligedtheBillteamtomakeunusuallysweepingrevisionstotheseandother

106Zheleva,E.&Getoor,L.Tojoinornottojoin:theillusionofprivacyinsocialnetworkswithmixed publicandprivateuserprofiles,Proceedingsofthe18thInternationalConferenceonWorldWide Web,ACM,2009,pp.531540 107Kozikowski,P.&Groh,G.InferringProfileElementsfromPubliclyAvailableSocialNetworkData 2011IEEEThirdInternationalConferenceonPrivacy,Security,RiskandTrust2011,pp.876881 108Xu,W.,Zhou,X.&Li,L.Inferringprivacyinformationviasocialrelations,DataEngineering Workshop,2008.ICDEW2008.IEEE24thInternationalConferenceon2008,pp.525530 109Agarwal,A.,Rambow,O.&Bhardwaj,N.PredictingInterestsofPeopleonOnlineSocialNetworks, CSE'09:InternationalConferenceonComputationalScienceandEngineering 110FIPRPressReleaseonRIPThirdReadingHoCdebate9thMay2000 http://www.fipr.org/rip/PR3RHC.htm 111http://www.fipr.org/rip/#Observer250600 112http://hansard.millbanksystems.com/lords/2000/jun/19/regulationofinvestigatorypowers bill2#S5LV0614P0_20000619_HOL_458

70

Draft Communications Data Bill

sections,underanintensedegreeofpressscrutiny 113tokeepthemhonest,resultinginthe definitionswehavetodayforSubscriber,TrafficandUsedata 114. PolicerequeststoaccessSubscriberdata foraccountbilling haveneverneededjudicial authorization,butthiscategoryinaptlyincludesdeviceserialnumberswhichcantrackbehavior. Trafficdataisthemostprivacysensitive whoistalkingtowhatorwhom whichalsoincludes locationdata GPScoordinatesormobilebasestationIDs .HoweverdespitethehardwonBig Browseramendment,atechniqueinvolvingUsedatameanscontentcouldstillbededucedthrough fingerprinting 115thepagesofwebsites. Thisloopholeshouldbeclosedaspartofanewconceptofregulatingthemodeofanalysisforhuman rightscompliance seebelow ,butitwillneedCommissionerswithtechnicalaswellaslegalexpertise toapply seebelowonIoCCoversight . Theproblemofschizoidjurisdiction AproblemwhichhasdevelopedinthepastdecadeisthatsomeprovidersofInternetserviceswith headquartersintheUShavedevelopedthepracticeofrejectingtheapplicationofEUjurisdictionfor purposesofDataProtection forexamplerelyingonSafeHarborforminimalfulfillmentoftherights ofthedatasubject ,butontheotherhandtheywillrespondlocallyanddirectlytodemandsfromlaw enforcementauthoritiesforaccesstocommunicationsdata withoutinsistingontheanalogousstep ofrequiringLEAstoinvokeMLATprocedures .Thereisnolegalbasisforsuchaschizoidattitudeto recognizingjurisdiction,andthispracticeonlycontinuesbecause a theorganizationalfunctionsfor dataprivacyareoftendisconnectedfromtheservicingoflawenforcementrequests,and b some DPAsandeventheCouncilofEuropemaybeawareofthesepracticesbutfinditexpedienttoturna blindeyeabsentasharptestofdatasubjectrights.Nevertheless,personaldataarebeingprocessed withintheEUwhenlawenforcementdemandsareservicedinthiswayanddatasubjectsareentitled tofullexerciseoftheirrightsagainsttheControllerwithinEUjurisdiction. ItistotallyunclearhowforeignserviceprovidersoutsidetheUK ortheEU aregoingtoberequired tocomplywiththeprovisionsoftheCDB,butthereisclearlytheriskthattheproblemofschizoid jurisdiction,andlackoffull,promptandeffectiveenforceabilityofrightscouldbefurtheraggravated. Subjectaccessrightstothirdpartycommunicationsdata?

ExplanatoryNotesClause5:Accesstodata

orinpursuanceofacourtorder. ThisclauseostensiblyensuresaDataProtectionrightofsubjectaccess whichwasnotexpressly includedinthecorrespondingsectionofRIPAPt.1Ch.2 ,andthusoughttobewelcomeinprinciple. Howeveritisactuallyabeartrap,whichcouldmeanthatmostofthenewdatacollectedwouldbe ineligibleforsubjectaccess.

ProtectionAct1998 whichprovidesanindividualwiththerightofaccesstopersonaldata

30.Subsection 1 stipulatesthatcommunicationsdataheldbyatelecommunications operatorunderPart1canonlybeaccessedinaccordancewiththeprovisionsinPart2oras otherwiseauthorisedinlaw.Thesemayincludearequestundersection7oftheData

ThemajorpurposeofCDBisblanketcollectionofmetadataaboutuseof3rdpartyservices e.g. thosenotoperatedbytheuser'sISP ,tobecollectedbyDeepPacketInspection DPI boxeslocated 113Theauthorbriefedmorethan100journalistsovera12monthperiodfrom1999untilRoyal Assent 114DraftCDBClause28 3 :Dataidentifyingacomputerfileorcomputerprogramaccesstowhichis obtained,orwhichisrun,bymeansofthecommunicationisnottrafficdataexcepttothe extentthatthefileorprogramisidentifiedbyreferencetotheapparatusinwhichitisstored. 115https://blog.torproject.org/blog/experimentaldefensewebsitetrafficfingerprinting

Draft Communications Data Bill

71

throughouttheUKnetworkinfrastructure notnecessarilyjusttheretailoperatorwithwhomthe userhasabillingrelationship .TheowneroftheDPIbox ortheClause1apparatus willbethe putativeDataControllerforpurposesofsubjectaccess,buttheymaynotknow directlyorindirectly theidentityofthepersonwhosedataisbeingcollected.BecausetheDPA1998didnotgiveanyeffect tofourcrucialwordsofRecital26 orbyanyotherperson oftheEUDPDirective,dataisonly regardedaspersonalintheUKifitisdirectlyidentifiablebytheController,togetherwithother informationthatisormaylikelycometobeintheController'spossession.ThereforetheController willbeentitledtorefuseaccesstoanydatawhichitcannotexclusivelyanddirectlyassociatewiththe subject.Thismightincludeanydatapossiblybeingrelayedbytheuseronbehalfofanotherparty e.g.peertopeerroutingprotocolssuchasSkype 116 .Thepositionisnotevenclearfortheuser's directcommunicationswithanotherparty.TheISPonlyknowstheassociationbetweentheuser'sIP addressandsubscriberaccountdetails;itdoesnotknowabouttheuser'sidentifiersandhandlesat otherprotocollevelsofabstraction buttheISPwillneverthelessbeobligedtoinstallDPIboxes whichdocapturemetadatafromthesehigherlevelsofabstraction .TheControllermayevenrefuse tograntanaccessrequestonthegroundsthatthepartywithwhomtheuseriscommunicating if thatisanaturalperson hasatleastcoequalstatusasadatasubject,andonlyagreetofulfillthe requestwiththeexpressconsentoftheotherparty. WilltheuserbeabletomakeasubjectaccessrequesttotheoperatoroffilteringapparatusinClause 14,namelytheSecretaryofState,perhapsasaputative co ControlleroftheDPIboxes?Itappears thishasnotbeenprovidedforinClause5orelsewhere,andseveralDPA1998exemptionsmightbe arguable,notablys.28 nationalsecurity and/ors.29 prevention/detectionofcrime .Data processedbyGCHQorfornationalsecuritywouldbecategoricallyexemptfrommostpartsofthe DPA. Moreover,theproposednewEUDPRegulation,whichwouldotherwisebeexpectedtobroadenthe UKconceptofpersonaldata atlastunambiguously toincludeindirectlyidentifiabledata,willnot fillthislacunaiftheUK'sposition 117onthenewRegulationintheCouncilofMinistersprevails.The UKwishesthatonly"easilyidentifiable"datashouldbeconsideredpersonal footnote12 ,todelete theRecitalhighlightingthedangersofprofiling footnote11 ,and"questionedwhethersocalled online identifierswhichwereneverusedtotracebacktoadatasubjectshouldalsobeconsidered aspersonaldata" footnote14;seealsofootnote45 . ThecombinedeffectoftheseUKpositionsonthenewDPRegulationwouldmeanthatperhapsmost ofthecaptureddataabout3rdpartyserviceswouldbeineligibleforsubjectaccess,andresultina calamitouseviscerationofdatasubjectrights.Thefollowingstepswoulddisarmthisbeartrap: a arightofaccessmustbeestablishedagainsttheSecretaryofState,withexplicitwording topreventinvocationofDPAs.28/29exemptions,and b abroadmeaningofpersonaldatacomprehendingRecital26oftheEUDPDshouldbe adopted orthatintheunmolestednewRegulationwhichalreadyhassomeweaselworded Recitalsthatneedexcision Theeffectof a and b mustbeforthedatasubjecttobeabletoinvokethedistributeddatamining machineryof Clause.14 Filterstodiscoverwhatpersonaldatainabroadsensethetotalityof theCDBsystemknowsaboutthem.Anydatawhichcouldbeassociatedwiththedatasubjectasa resultofaRequestFilteroughttobeeligible.Onlyinthiswaycanthedatasubjectbeguaranteeda rightofinformationselfawarenesswhichwillallowthemtoregulatetheirconductinthesenseof ECHRArt.8qualityoflawrequirements.Thisisacorereasonfortheexistenceoftherightofsubject access. Distributeddatamining:thecoreoftheCommunicationsDataBill

116SeeStevensetal.IKnowWhereYouareandWhatYouareSharing" www.mpi sws.org/~stevens/pubs/imc11.pdf 117www.statewatch.org/news/2012/jun/eucouncilreviseddpposition1132612.pdf

72

Draft Communications Data Bill

Althoughithasbeentoutedasaconcessiontoandmeasureprotectiveofcivilliberties,froma technicalviewpointitiscoldcomfortthatthedraftCDBisbasedontheideaofleavingdatainthe distributedcustodyofserviceproviders,becauseveryprobablythenotionofacentralizeddatabase wasalwaysgoingtobeimpractical.Feworganizationhaveexperienceofdesigningnationalscale centralizeddatawarehousesforcommunicationsdata.TheNSAtriedwiththeirTrailBlazer 118project whichfailedexpensively.NSAsystemsarchitectandwhistleblowerWilliamBinneyexplained 119the keyproblemwithorthodoxrelationaldatabaseswasthattheycouldnotingestnewdatafastenough, sobecamebacklogged.Hehadsomesuccessobviatingthisproblemusingfastdatabasestructures suitableforverylargeworkingmemorysets,andexplainedthatoncetheconnectionsinthenational socialgraphgrewtoacertainscale,thegrowthincomplexitybegantoflattenoutbecausealready establishedconnectionsbegantoberepeated.Howevercollectionofallthedatadesiredbythe architectsofCDBisprobablyoutofreachevenofthesehighlyoptimizedtechniques,andthe intentionisclearlytousethedistributedcomputationaltechniquecommonlyknownas MapReduce 120.Essentiallythisisanefficientwayforapplyingafunctiontoavectorofdataphysically distributedacrossmanymachines,bringingtheintermediateresultsbacktoacentrallocation,and thenperformingafinalreductionofintermediateresultstoproduceafinishedmassivelyparallel computation. ThisiswhatisdescribedinClause14,andtheexplanatorymemorandumreadslikemarketingjargon fromasurveillancetradefair 121.Infactitmaybethefirstclauseoflegislationderivedfromasales brochure. ExplanatoryMemorandum82. ...TheRequestFiltermay:a providedetailsofdifferentoptionstheRequestFiltermay employtoprovidearesponsetoaspecificpublicauthoritydatarequest;andb foreach identifiedoption,providedetailsoftheanticipatedlevelsofinterferenceandthelikely precisionofthereturnedresults.TheinformationprovidedbytheRequestFilterwillenable thedesignatedseniorofficertounderstandhowtheFilterwillanswerparticularquestions, andwillguidehimthroughtheprocessofdeterminingwhichquestionshebelievesitis necessaryandproportionatetoask,takingintoaccountthefilteringandprocessingwhich willbeundertakenandthevolumeoffiltereddatawhichwillbedisclosed. AnamendmentwhichremovedthefollowinghighlightedpartsoftheMapReduceClausewould neutralizethecapacitytododistributeddatamining andthuspreventthesystembeingusedwith capabilitiesequivalenttoacentralizedsystem . 14 2 b i obtainingthedataordatafromwhichthedatamaybederived, ii processingthedataorthedatafromwhichitmaybederived, andretainingdata temporarilyforthatpurpose CompoundingthehyperOrwellianmenaceofdatamininganationaltrafficdatawarehouse describedbyaformerDPP 122asahellhouseofpersonalandprivateinformation ,isthe foreseeableriskthatinsiderscouldcolludetobypasscontrols.UsingseeminglylegitimateFilters whichtriggereddistributedqueriestomanyDPIboxes,informationaboutasurreptitioustarget couldbeextracted undertherubricofretainingdatatemporarilyforthatpurpose .Itwouldbe

118http://en.wikipedia.org/wiki/Trailblazer_Project 119KeynoteatHOPE9conference NewYorkCity,13thJuly2012, http://www.youtube.lu/watch?v hqN59beaFMI50m . 120http://en.wikipedia.org/wiki/MapReduce 121ISSWorld:BigDataAnalyticsandMassiveIPIntercept http://issworldtraining.com/ISS_WASH/track2.html 122SirKenMcDonald,31stDec2008 http://www.guardian.co.uk/uk/2008/dec/31/privacycivil liberties

Draft Communications Data Bill

73

verydifficulttodetectorprovethiswashappeningandtheIoCCaspresentlyoperatingwouldfind nothingsuspiciousinthelogfiles assuminghewasevenlooking . TheroleoftheInterceptionofCommunicationsCommissioner The2011report 123oftheInterceptionofCommunicationsCommissioner IoCC isthemostdetailed sincethefirstreportwaspublishedin1987.Themostseriousdeficiencyoftheoversightregimeis onlyfleetinglyacknowledgedit'sall literally apaperexercise. thepossibilityofsuccessfuldeliberateabuseisverysmallindeed,ifstatutorychannelsare beingused. Thereportshavealwaysbeensilentabouthowabusebyinsiderswiththetechnicaloradministrative abilitytobypassthepaperworkmightbedeterredordetected,yetthatissurelyoneofthemajor risks. FIPRsuccessfullypromotedaRIPAamendment 124allowingtheIoCCtoinsistthatreliableand verifiabletechnicalmeans 125mustbedesignedintointerceptionandcommunicationsdatalogging equipment,buthehasneverreferredinanyreporttoexercisingthesepowers,anditappearsthat effortsatverificationareconfinedtocomparingpapercopiesofdocumentsheldbydifferentparties. TheIoCCalwayshasappearedprimarilytorelyonthoseheischargedwithoverseeing,themselves volunteeringreportsoftheirownmistakes.Errorsarelamentedandusuallyrathertrifling typically atransposeddigit .Butover27years,theIoCChasneverdiscoveredanyseriouswrongdoingin interceptionpracticeswhatsoever thathehasrevealedpublicly . Thisyear,forthefirsttime,thereportquantifieserrorsdiscoveredbytheinspectionregime rather thanselfreported .Howeverthesizeoftherandomsample outofahalfmillionrequestseachof whichmayinvolvedataaboutmanyindividuals isnotgiven,withoutwhichtheoverallnumberof undetectederrorscanonlybeguesstimated,buttherearelikelytobethousands.TheIoCChas repliedthatitisnotpossibletogivethesamplesize.Whynot? Thereportmentionsthattwoindividualshavesufferedveryseriousconsequencesthroughsuch errors,butappearsblindtothestatisticalinevitabilitythanmanymorevictimsofsucherrorsmustbe sufferingequallyseriousinjustices. OveralltheUKappearsrelativelysecretiveandcomparespoorlytoothercountriesinthedegreeof Parliamentaryinvolvementintheoversightprocessaccordingtoacomprehensiverecentreportto theEuropeanParliament 126 Inthecaseofoversightofinformationsharing,itisdoubtfulifthecurrentUKarrangements satisfythestandardsproposedbytheUNSpecialRapporteur.Domesticlegislationfailsto outlineclearparametersforintelligenceexchange,includingtheconditionsthatmustbemet forinformationtobeshared,theentitieswithwhichintelligencemaybeshared,andthe safeguardsthatapplytoexchangesofintelligence.Nordoesitexplicitlyprohibittheuseof foreignintelligenceservicestocircumventnationallegalorinstitutionalcontrols....theUK experienceunderlinestheneedforcriticaldistancefromtheexecutivetobewoveninto

123InterceptionofCommunicationCommissioner2011Report www.intelligencecommissioners.com/docs/0496.pdf 124LordBassam'sremarksonAmendment50A10thJune2000 http://hansard.millbanksystems.com/lords/2000/jun/19/regulationofinvestigatorypowers bill#S5LV0614P0_20000619_HOL_82 125Asurveyofsuitablemethodsisoutsidethescopeofthispaperbutmightincludeahardware trustedcomputingbase,cryptographicallysignedandverifiableaudittrailsofprogramcodeand data,andmultiplesimultaneousdistributedlogfiles 126AidanWills,MathiasVermeulen2011:ParliamentaryOversightOfSecurityAndIntelligence AgenciesInTheEuropeanUnion http://www.europarl.europa.eu/committees/en/libe/studiesdownload.html?languageDocumen t EN&file 48800

74

Draft Communications Data Bill

oversightarrangements especiallyinsuchproceduralquestionsasappointmentof overseersandreporting ifpublicconfidenceistoberetained. Incontrast,undertheFrenchsystemaqualifiedperson withdeputies isappointedbyan independentcontrolCommission CNCIS 127 toconductpriorvalidationofallcounterterrorist requestsforcommunicationsdata,andtheCommissionalsoappliesscrutinyretrospectively.The Commissionalsoensurespriorauthorizationofallinterceptionwarrants turningroundemergency requestswithinonehour ,whicharecappedbelowafixednumberexpresslyforthepurposeof protectingcivilliberties.Authorizingdepartmentsmustapportionthisquotaceilingbetween themselves,andmakeprovisionfortheirowncontingencyreserve.Recentlytheindependenceof CNCISwastestedbyacomplicatedpoliticalscandalaboutcircumventionofproceduresbythe country'smostseniorintelligenceofficial,whoseobjectivewastotracethecommunicationsof journalistsatLeMondeandinhibittheirexposureofillegaldonationstothegoverningparty 128. Casestudieswhichdon'tstackup ThisyeartheIoCChasendorsed 129severalcasestudies,sixofwhichareofferedinsupportof presentpolicyoncommunicationsdata studies2,3,12,13,14,15 .Howeverfromeasilytraced mediareports,adifferentpictureemergeswhichpromptssomeskepticismabouttheimpressionhe gives CaseStudy2itisn'tclearifthesuspectswereidentifiedfromcellsiteanalysis butthatmay bethecase .Itisn'tclearifotherinvestigativemeansmighthaveidentifiedthesuspects. Oncethesuspectshadbeenidentified,itappearssubstantialotherevidencewasavailable andobtained. officerswereledtoKinsonCommononApril8duringasurveillanceoperationontarget suspects...AsthesearchcontinuedsodidthesurveillanceoperationandLammaliwas spottedwithfriendRyanDearcollectingsomethinginaholdallfromanareaofnearby RedhillCommon.Theywerestoppedbyofficersandfoundtobeinpossessionoffive furthershotgunsbelongingtoMrLangdown. 130

CaseStudy3concernsaccesstosubscriberdatatoconfirmtheidentityofanalreadyknown suspect,andthusdoesnotdemonstrateanynecessityforpriorretentionoftraffic/location data. CaseStudy12thesuspectwasnotidentifiedusingcommunicationsdata.Thecasecould notbetraced,soitisn'tclearwhetheranotherinvestigativestrategycouldhaveledtoa successfulprosecution AfingerprintfromthesceneidentifiedasuspectfromtheNorthamptonareaandtwoof hisknownassociatessubsequentlybecamesuspects.Mobiletelephoneswereidentified forthethreesuspects

CaseStudy13thesuspectwasnotidentifiedusingcommunicationsdata.Newsreports indicatethatblanketretentionwasnotnecessaryfordetectionorprosecution

127Commissionnationaledecontrledesinterceptionsdescurit18merapportd'activit Anne2009 http://www.ladocumentationfrancaise.fr/docfra/rapport_telechargement/var/storage/rapports publics/104000489/0000.pdf 128 http://fr.wikipedia.org/wiki/Affaire_Bettencourt#Violations_pr.C3.A9sum.C3.A9es_du_secre t_de_l.27enqu.C3.AAte_et_du_secret_des_sources 129IoCCAnnualReport2011ibid. 130 http://www.bournemouthecho.co.uk/news/districts/bournemouth/9341126.How_violent_ Bloxworth_robbers_were_caught/?ref rss

Draft Communications Data Bill

75

PoliceinvestigatingtheassaultandrobberyinKilmaursfoundtracesofhisDNAona handbagandarrestedGableashearrivedbackfromatriptoNorthernIrelandonaferry. Specialistsoftwarewasusedtodownloadinformationfromthesatnavdeviceinhiscar. Itlocatedhimatorclosetoeachofthecrimescenes.Hewasfoundtohavebeenjust20 secondsawayfromoneoftheautotellersheusedtostealcash 131

CaseStudy14concernsaccesstosubscriberdatatoconfirmtheidentityofanalready knownsuspect,anddoesnotdemonstrateanynecessityforpriorblanketretentionof traffic/locationdata. CaseStudy15theidentityofthesuspectwasalreadyknown,andastrategyof communicationsdatapreservationmaywellhavebeensufficientforprosecutionofongoing offences.

Thusonlyoneoutofsixrelevantcasestudiesgivesplausiblesupportforthestrictnecessity rather thanmereusefulness ofpriorblanketretentionoftheentirepopulation'strafficandlocationdata. Allowingthatnewsreportsmaynottellthewholestory,neverthelessiftheIoCCisretailingthese casesatfacevalue,presumablychosenfortheirpersuasiveness,whatdoesthistellusgenerally abouthisstandardsoflogicalrigourinapplyingatestofnecessity? WhatdoestheIoCCconsidernecessaryandproportionate? UndertheUKregime,almostalljurisprudenceaboutinterceptionandcommunicationsdatatakes placeinvisiblywithinthecraniumoftheIoCC,andalmostnowhereelse. Onpp.27ofthe2011reportitstatesthatinspectors "seektoensure...thedisclosurerequiredwasnecessaryandproportionatetothetaskin hand"

TheIoCCwasaskedbytheOpenRightsGroup ORG toexplainthemethodologyforverifyingthat authorizations/noticesscrutinizedbyrandomsamplingwereinfactnecessaryandproportionate. Forexample,isittheIoCC'sviewthathisfunctionsaredischargedifhesatisfieshimselfthatthe designatedpersonbelievedatthetimetheauthorizationwasnecessaryandproportionate,ordoes theIoCCapplyhisownjudgmentofnecessityandproportionality,ordoesheuseatestsuchasthe "manifestlyunreasonable"standardforjudicialreview?Here'sthereply: 21/8/12 Theinspectorsexaminethejustificationsfornecessityandproportionalitythat havebeensetoutintheapplication.Theinspectorswillalsoscrutinisethedecisionmadeby thedesignatedperson recordedintheirwrittenconsiderations .Thenecessityand proportionalitytestsforcommunicationsdataarequitespecificinordertojustifynecessity underSection22 2 theapplicantmustmakethelinkbetweenthecrime/offence orother purpose ,thesuspect,victimorwitness;andthephoneorcommunicationsaddress inordertojustifyproportionalitytheapplicantmustexplainhowthelevelofintrusionis justifiedwhentakingintoconsiderationthebenefitthedatawillgivetotheinvestigation, provideajustificationastohowthespecificdate/timeperiodsrequestedareproportionate andconsider,ifrelevant,whethertheobjectivecouldbeachievedthroughlessintrusive means.Collateralintrusionmustalsobeconsideredandanymeaningfulcollateralintrusion described forexample,theextenttowhichtheprivacyofanyindividualmaybeinfringed andwhythatintrusionisjustifiedinthecircumstance .Thecasemustbemadeforeach specificdatarequestandtheapplicationsupportingtherequestshouldstandonitsown.If theinspectorhasconcernsthatthetestshavenotbeenmet,theywillspeaktotheapplicant and/orthedesignatedperson.Theinspectormayalsoasktoseefurthersupporting documentation suchasthecasefile,policylogs,operationalbooketc . TheserepliesraisemanyquestionsaboutthespiritofECHRcompliance,withoutconcrete informationillustratingwhatisandisnotjudgedacceptable.Howmanypeople'sdatacanbe

131http://www.bbc.co.uk/news/ukscotlandglasgowwest15491273

76

Draft Communications Data Bill

accessedtoinvestigatewhattypesofcrime,whathappenstothatdatasubsequently,especiallyif somethingunexpectedisfound?Canarequestbewidenedifnothingisfoundinitially?Isanything donesystematicallytodetectattemptsatfishingexpeditions?Whatisthepolicyondisclosureof communicationsdataaccesstodefencecounsel?Thereisnopublishedpolicyonanyofthesematters. TheIoCCwasalsoaskedaboutpatternsofcommunicationsbetweenpeopleandwebsites seeabove Inferringsensitivedatafromthesocialgraph andwhetherheappliedparticularsafeguards,or requiredahigherlevelofjustification,forthismodeofanalysis.Hereplied: AllcommunicationsdatarequestsareprotectivelymarkedundertheGovernmentProtective MarkingScheme GPMS .Oncedisclosed,thecommunicationsdataissubjecttoDPA.DPAis notoverseenbytheInterceptionofCommunicationsCommissioner.

modalitiesofanalysisofinformationaboutprivatelifewhichisinscopeofECHRArt.8,butmaybe

Thisreplyillustratesakeydeficiencyofthecurrentoversightregime,whichfailstoregulatethe

whollyorpartiallyexemptedfromDataProtection,andtreatedasoutofscopebytheIoCC.Thenature andapplicationofthealgorithmsusedfordataminingandtrafficanalysismayseriouslyinfringe humanrights;thisisaseriouslacunainUKlegislation.

Appendices QueriesaboutpoliceoralevidencegiventoJointCommittee BothGaryBeautridgeandTrevorPearce repeatedly confusedtheInterceptionCommissionerwith theInformationCommissionerintheirevidence,castingsomedoubtabouttheiractualfamiliarity withoversightprocedures. HoweverthereisamuchgraverconcernaboutthegoodfaithofthepoliceevidencetotheCommittee on12thJuly 132,whenitwasstated: Q142 PeterDavies:Forsometimeithasbeenpossible,roughlyormoreprecisely,tolocate amobiletelephonethroughtheuseofcommunicationsdata.AteamIhaveledhasusedthat asalmostthesolemeansofdetectingaseriousdoublemurderinoneofmypreviousforces .... Q146 ...relatedtoaretiredcoupleshotdeadintheirhomeonthecoastofLincolnshirein August2004by,asitturnedout,thepreeminentorganisedcrimegroupthenoperatingin Nottinghamshire.Bluntly,withoutcommunicationsdatarelatingtocontactsbetweenmobile phonesitwouldnothavebeenpossibletodetectthatcrimeandlockupthepeople responsible... Q147 ...Bluntly,therewereotherpeopleinvolvedintheconspiracywhomit mighthavebeenpossibletoprosecuteandconvict,butwhoitbutwhoitwasnotpossibleto prosecuteandconvictbecausetherewasadatalossinthatinvestigation Tracingthiscaseusingthedetailsprovidedleadstonewsreportssuggestingthisaccountis materiallymisleading: Policefailedtoprotectinnocentcoupleexecutedinganglandrevengeattack,damning watchdogreportreveals 133 TheIPCCupheldfiveofsevencomplaintsmadebytheStirlands'family.Theyfound: AftertheshootingincidentattheirNottinghamhome,MrandMrsStirlandweregiven neitherprotectionnorhelpbyNottinghampolice.

132http://www.parliament.uk/documents/jointcommittees/communications data/uc120712Ev3HC479iii.pdf 133DailyMail22ndFebruary2008 http://www.dailymail.co.uk/news/article517442/Policefailed protectinnocentcoupleexecutedganglandrevengeattackdamningwatchdogreport reveals.html

Draft Communications Data Bill

77

Thatincidentwas"notproperlyinvestigated,despiterumourscirculatingaboutwhowas responsible". NottinghamshirePolice'sfailuretoshareintelligencewithLincolnshirePoliceaboutthe threattotheStirlandswas"unacceptable". TheresponsetoMrsStirland'scallabouttheprowlerwas"delayedandunsatisfactory". Moreoveritemergedtwoyearslaterattheinquestthat Stirlandrevengehitmen'knownbeforekillings' 134PolicehadidentifiedNottinghamcrime bossColinGunn'steamofsixhitmenweeksbeforetwokilledacoupleinarevengeattack,an inquestjuryheard....Theformerofficer,whoremainedanonymous,saidthetwomenwho killedtheStirlandshadbeennamedaspartofGunn'steamofhitmen. Althoughthiscasewasofferedinevidenceasanillustrationofthenecessityofblanketdataretention, inactualityitpreciselyillustrateshowdiligentandproactiveuseoftargeteddatapreservationcould bothpreventanddetectcrime.Hadcommunicationsdatapreservationcommencedpromptlyabout suspectsidentifiedweeksbeforethecrime,primafaciepolicemightwellhavebeenabletoprevent thecrimeaswellascatchtheperpetrators.Furthermore,itemerged,contrarytotheconclusionsof theIPCCinvestigation 135that: CorruptofficerfeddatatoColinGunnonStirlands 136Acorruptdetectivesearched NottinghamshirePolicecomputersforintelligenceaboutacouplekilledinagangland execution,aninquestheard. Itseemsironicthatthepoliceciteafatalcaseofpolicecorruptionanditssubsequentlybotched investigation,asjustificationforblanketretentionofdataabouttheentirepopulation.Itwouldbemore logicaltoproposeblanketretentionofdataontheentirepoliceforce.Thisisprobablynotthe conclusiondrawnbytheCommitteefromtheevidenceheard. Costsestimatesforpriorjudicialauthorizationtoaccesstrafficdata Inthe7thJulyevidencesession 137,AngelaPatrickofJUSTICEmadethesuggestion Q274 that additionalcostsforintroducingpriorjudicial magistrate authorizationtoaccessdatacouldbe estimatedbyextrapolatingcorrespondingHomeOfficefiguresprovidedfortheProtectionof FreedomsAct whichrequiredlocalauthoritiestogetmagistrateapproval Hereisthecalculation,basedontheHomeOffice'spublishedestimatesforPoFA 138 670kp.a ,and thenew2011InterceptionCommissioner'sreport. Localauthoritiesrequestscomprise0.4%ofthetotal pp.39IC .Supposemagistratesoughtto approvethe48% pp.29IC ofrequestscomprisingtrafficorusageorlocation orcombined data i.e.allrequestsnotpurelyforaccountsubscriberdata pp.29IC .Therationaleisthatsubscriber accountdataisretainedanyway,andthatdoesnotrevealdynamicbehavioraldatawhichisvery privacysensitive. Thereforetheinitialestimate 0.670/ 0.004x0.48 349mperyear However,thereisadiscrepancy,becausethetheHomeOfficefiguressay"wehaveassumedtherewill be5,500authorizationsbasedonlastyear'susage andweassessthemagistrate'sassessmentwill 134BBCNewsOnline3rdFeb2010 http://news.bbc.co.uk/2/hi/uk_news/england/nottinghamshire/8496826.stm 135http://www.ipcc.gov.uk/documents/stirland.pdf 136BBCNewsOnline17thFeb2010 http://news.bbc.co.uk/2/hi/uk_news/england/nottinghamshire/8496826.stm 137http://www.parliament.uk/documents/jointcommittees/communications data/uc170712ev4HC479iv.pdf 138RIPAandLocalAuthorities,IANo:HO0031Final,HomeOffice22/12/2010 http://www.homeoffice.gov.uk/publications/aboutus/legislation/freedombill/ripalocal ia?view Binary

78

Draft Communications Data Bill

take20mins ",whereastheIoCCsays"duringtheperiodcoveredbythisreport141localauthorities notifiedmetheyhadmadeuseoftheirpowerstoacquirecommunicationsdata,andbetweenthem theymadeatotalof2,130requests.Thisisanincreasefromthepreviousyearsfigures 134local authorities,1,809requests ." Accordinglywereducethe349mfigureprorata: 2130/5500 *349 135mperyear 139 Itshouldbeemphasizedthisestimateisanupperboundbasedonalargeextrapolation.A comprehensivesystemwhichintegratedpriorjudicialauthorizationofinterceptionwarrantsand communicationsdata,couldtriagedifferentcasestospecializedmagistrates,andsobemuchmore costeffectiveoverall 140. August2012

139However,itmightfairlybesaidthatthemagistratesconsideringtraffic/usage/combineddata requestswillbemakingmorecomplexdecisionsaboutproportionalityandnecessity.TheHome Officeestimatesthetotalcostofmagistrate'stimeas365/hr inclusiveofcourtoverheads 140TheFrenchCNCISregimeisnotbasedonseparatejudicialauthorization,butmanagesprior scrutinyofbothinterceptionsandcommunicationsdataaccess,withorganizational independence,atmuchlesscost

Draft Communications Data Bill

79

Greg Callus
1. Iamafreelancejournalist,abouttostartanewcareerasacommercialbarrister,andhavea particularinterestindigitaldevelopmentsastheyaffecttheworldsofjournalismandlaw. Thissubmissionisinapersonalcapacity,anddoesnotnecessarilyreflecttheviewsofany employer,grouporacademicinstitutionwithwhomIam orhavebeen affiliated.This submission,however,owesasignificantdebttocolleaguesattheOpenRightsGroupand allies,butinparticulartoAliceRossofTheBureauofInvestigativeJournalism TBIJ .

GENERALTHOUGHTS 2. Thereareothersubmissionswhicharefarbetterplacedtoexpressaviewonissuessuchas theTechnical,Costs,ScopeandEnforcement.Mysubmissionwillfocusalmostentirelyonthe Safeguardsquestions. 3. Briefly,though,IwouldmakejustashortcommentaboutthedistinctionbetweenContentof communicationsandCommunicationsData.ThedistinctionisrecognisedinRIPA,with Contentrequiringahigherdegreeofoversight,bothintermsoforiginalapprovalfor interception,andintheposthocscrutinybytheInterceptionofCommunications Commissioner's ICC inspectorate.CommunicationsDatainterceptionsareseenasless intrusive.Idonotbelievethisisactuallytrue. 4. Becauseofmywork,IgenerallyhavetobeincrediblycarefulaboutwhatIpublishitshould betruthful,itshouldbewithinthelaw,itshouldnotembarrassme.Consequently,thereis little ifanything thatIwrite whetherformyownpurposes,orinpublishedform,orin privatecommunications thatIwouldnotbepreparedtoseeinthepublicdomain.Iselfedit, evenselfcensor,becauseIconsideranythingIcommittowrittenformmightcomebackto hauntme. 5. Thisisovercautious,tobesure,butnomoresothanevenaslightlyclevercriminalor terrorist.ThecarecumparanoiaIwouldexpecttobeexhibitedbyaseriouscriminalor terroristwouldmeanthatmostofthemwouldcommunicateexpectingadegreeof interception,andselfcensoraccordingly.Selfcensorshipofcommunicationsrenders interceptedContentlessuseful,butalsolessintrusive. 6. Conversely,showmesomeone'swebbrowsinghistoryorwhotheysendatextmessagetoat 2am,andI'llknowmuchmoreaboutthem.CommunicationsDataislessobviouslyrich information,butitiscapableoftellingyoumoreaboutapersonthanselfcensoredcontent everwill.Whatmedicalconditionsdidtheygoogle?WhichFacebookprofilesdidtheydwell onlongest?WhichmobilephonemastsinRedLightDistrictsdidtheirphonemostfrequently use?CommunicationsDataisn'tjustprotoContentdata,orapreliminarystageof investigativedata:itoffersperhapsabetter yetmoreintrusive insightintotheprivatelife andthoughtsoftheuserofacommunicationstool.Youcanavoidsayinganythingsignificant inanemailorphonecall,butit'ssignificantlyhardertoavoidyourlocationbeinggivenaway byyourmobilephone.Byreflectingtheoftenunconsciouscommunicationsoftheuser or theirdevice ,CommunicationsDataiscapable,evenlikely,tosaymoreaboutthetarget's privatelifethanContentDataeverwill.Ideally,thebarforaccessingCommunicationsData wouldbeashigh,ifnothigher,thanforaccessingContentData.Thismaybeunrealisticgiven thedemandsoftheHomeOfficeandcurrentpractice,buttheassumptionthat CommunicationsDataislessintrusiveneedsexamination. SAFEGUARDS 7. Ihavelittletoaddtotheexpectedsubmissionsbycivillibertiesgroupsonthewarrants requiredforContentDataandtheinspectionregime.Thebiannualinspectionsseemtometo berelativelyappropriateoversightforthefewhundredsuchwarrantsissuedbyWarrant IssuingDepartments WIDs .Similarly,Ihavenoinsighttoofferontheissueofsafeguards surroundingPrisonerCommunications.Mysubmissionshallfocusonthesafeguards

80

Draft Communications Data Bill

surroundinginterceptionunderthecurrentChapterIIofRIPA:warrantlessinterceptionof CommunicationsData. 8. ThereisnoneedtoburdentheCommitteewithanexplanationofthecurrentRIPAsafeguard functions,butintheinterestsofbrevity,IwilldesignatethemajorrolesofRIPA authorisationwiththeirinitials:DesignatedPerson DP ,SinglePointofContact SPoC , SeniorResponsibleOfficer SRO ,andCommunicationsServiceProvider CSP . Therearethreesafeguardsissuesthatneedtobeaddressed,thoughtheirissuesoverlap significantly: a theworkingsoftheinternalsafeguardmechanism DP,SpoC,SRO b thesufficiencyoftheICCanditsinspectorateasanexternalsafeguard c thetransparencyofthetwosafeguardstoexternaloversightbythepress/public

9.

Thefirstisselfevidentlyimportant,andisscrutinisedintheICC'sannualreport,andthose reportsofferbothquantitativeandqualitativecauseforconcern.Thesecondissueisnota matterofqualitybutofscaleessentiallythedisproportionatevolumeofCommunications Datarequests,versusthesmallsizeoftheinspectorate.Thesetwoproblemscouldbothbe amelioratedbygreatertransparency requiringbetterdatacaptureinthefirstinstance ,so thatjournalistscouldstandabetterchanceofholdingpublicauthoritiestoaccountfortheir failures.Theissueoftransparencyandopendatasharingbybothpublicauthoritiesandthe ICCisthereforeoftheutmostconcern. 10. ThebestindependentworkontheinternalsafeguardshasbeendonebyAliceRossofThe BureauofInvestigativeJournalism TBIJ .ShesubmittedaseriesofFreedomof Information FoI requeststoallthePoliceForcesinEngland&Wales,andScotland,asking forthenumbersofRIPAaccessrequestsfrom20062011andtheproportionrejectedbythe DP.Herspreadsheetindicatesthatelevenofthethirtyeightforces includingthe MetropolitanPolice havenotprovidedthisdataattimeofsubmission.Herreportis summarisedhere:http://www.thebureauinvestigates.com/2012/04/05/variationsin policeaccesstophonerecordsraiseconcernsaboutoversight/

11. RossfoundsignificantdisparitiesbetweenpoliceforcesintheratesofrejectionofRIPA requestsbyDPs,rangingfrom0.19%toover30%.Whilstsomedemographic/geographical factors urban/rural,sizeofforceetc mightexplainpartofthis,eithersomeforceswere operatinganincrediblylaxsystemofinternalpushbackbyDPs,orotherforceswere submittingtotheDPahighproportionofinappropriateRIPArequests.Eitherwouldbe worrying,andourinabilitytosaywhichitisshouldalsobeofconcern.Theadequacyof training,andthestandardisationofproceduresshouldbeapriorityinmakingtheinternal regimemorerobustifitistocontinue.Thiswouldalsohelpmanagetheerrorrateidentified asrisinginthemostrecentICCreport. 12. Thereisworryinganecdotalevidence,bothfromRossbutalsointherecentICCAnnual Reports,thatthestrictoperationalindependenceofDPsfromtheinvestigatingunitseeking theRIPArequestisnotuniversallyguaranteed.Thisamountstoselfauthorisationof warrantlessinterceptionandinmyviewisthemosttroublingfailureoftheinternal mechanismofoversight.WhilstveryoccasionalinstancesinSpecialistForces suchasanti corruptionunitsinvestigatingthepolicethemselves mightrequirethistoensuresecrecyof operationsinternally,thereshouldbenoexcuseforthemajorityofpublicauthoritiesnot havinganentirelyoperationallyindependentDP. 13. Rossalsonotesthatcouncilsseemtobeespeciallytroublesome9%oferrorsrelatedtothe insufficientseniorityoftheDP,therewasfrequentfailuretogivereasonsforapproval,and aninstancewhereanApplicantwasalsoboththeDPandtheSPoC.ItisstrangethattheICC isnotvocallydissatisfiedwiththeuseofRIPApowersbycouncils,whocollectivelyaccount

Draft Communications Data Bill

81

for0.4%oftotalapplicationsbut10%oftotalidentifiederrors. 14. InthecourseofinvestigatingaspectsofthePhoneHackingscandalraisedbytheLeveson Inquiryproceedings,IwroteanarticleonthecurrentstateoftheICCinspectionregime,and itsfailings.Itshouldbeofextremeembarrassmenttousallthatoneofthelargestscale scandalsinmoderntimeswasrootedinthemisuseofinterceptedCommunicationsData especially'pinging'mobilephonestoascertainthelocationofcelebrities ,thattheNew YorkTimesreportedthatitwaspartlyduetoinformationobtainedunlawfullyoverthe courseofmanyyears,andthatthisentiresituationwentunnoticedinthereportsoftheICC. Imeannocriticismofthoseinvolvedmerelythatthevolumeofrequestsversusthefunding providedforexternalscrutinyandsafeguardsweresomismatchedastomakethetask impossible.Itisthesystemofoversightthatisinsufficient,nottheeffortsofthosewithan impossibletaskontheirhands.Ifhundredsofmillionsofpoundsaretobespentasproposed bytheDraftCommunicationsBill,isittoomuchtoexpectproportionatesumsshouldbe spentonrigidlyenforcingprivacyrights? 15. MyarticleonRIPAandpingingcanbereadhere: http://gregcallus.tumblr.com/post/20290988744/phonehackingmorepingingstill governmentpolicyandaparticularlyinterestingresponsebyleadingLiberalDemocrat bloggerMarkPackmayalsobeworthyourtime:http://www.markpack.org.uk/31123/six reasonstheinterceptionofcommunicationscommissionerhasfailed/ 16. Togiveaquickindicationofscale,inlastyear'sICCreport,therateofCommunicationsData accessrequestswasupto552,000orso,anincreaseof5%onthepreviousyear.Thereisno perfectwayofcorrelatingthistonumberofpeopleaffected:severalindividuals'datacanbe affectedbyasinglerequest,butasingleindividualcanbethesubjectofmanyaccess requests.However,thevolumeofrequestsaloneshouldgivepauseforthoughtastohowthis scaleofrequestscaneverbescrutinisedbyaChiefInspectorandfivecolleagues,whoalso havetooverseethe500 ContentDatawarrantsbyWIDs,andprisonercommunications interceptionsaswell.Samplingwouldbetheonlyway,andsamplingisidentifyingworrying numbersoferrors,butwhenevenasingleinstanceofunlawfulcommunicationsinterception issodeepabreachoftheindividualsprivacy,Idonotthinkthatthepaucityofexternal reviewisanythingclosetobeingadequate. 17. Ofgreatestconcernistheestimated31,000interceptionsofCommunicationsDataunderthe UrgentOralProcedure upfrom21,000orsothepreviousyear .Designedtosavetimeinlife andlimbdanger,forterroristplotsinprogressandkidnappings,itlowersthestandardsof oversightandrecordkeeping,makingscrutinybyeithertheICCinspectorateorothers almostimpossible.A50%increaseinUrgentOralRIPArequestssuggestseitherastartling leapinthedetectionofkidnappingsandterroristactivitythatsomehoweludedthenation's press,oragrowingmisuseofmorelaxroutestoaccessingCommunicationsData. 18. LackofdataeventhetotalnumbersofRIPAapplications versusthenumbersgranted is notuniversallyavailableanddatapaucitymakethesystemofsafeguardsopaqueto externalreview.Inmanypoliceforces,wecannotknowhowmanyaccessrequestsaremade, howmanyareinformallyrejected,whytheyarerejected.Thetypesofprocessmanagement softwarecommonplaceincommercialentitiesfororder/invoicemanagement asbuiltby companiessuchasSAPorORACLE seemswoefullylackinginthenoncommercialtradein CommunicationsData.Acentralisedsecuresystemforrequesthandling,authorisationbyDP, communicationtoSPOCandthenontoSCP,returnofdata,allwithtimestamps,reasoncodes andcomputerisedidentitycheckswouldgreatlyassistthesusceptibilityoftheRIPAregime tobothICCandjournalisticscrutiny. 19. Earlierthisyear,aspartofastoryIwasworkingon,IsentanFoIapplicationtotheHome Officerequestingthenamesandranks only ofthepastandpresentDP,SpoC,andSROat eachPoliceForceinEngland&Wales.MyFoIrequestwasturneddownongroundsthat releasingthenameswouldbeabreachoftheDataProtectionprinciples,whichisan allowableexceptionalbeit inmyview woefullymisappliedinthiscase.Internalreviewof

82

Draft Communications Data Bill

thisdecisionsawitupheld,andsoIhavereferredthecasetotheInformation Commissioner'sOffice. 20. TheDataProtectionprinciplesareimportant,buttheroleofscrutinisinglargescale surveillanceisapublicrole,andthepublicareentitledtoknowwhofulfilsthatrole.How elsecanajournalistdiscovertherelationshipsbetweenoperationalstaffandtheDPwho authorisestheirinterceptions?HowelsecanjournalistsdiscoveraDPwhoalsoactsasa SPoC?Howcanitbeprivatepersonalinformationforanypoliceofficertoholdthepositionof SeniorResponsibleOfficerforRIPAauthorisationsatherpoliceforce,andyetjournalists arenotabletoknowwhomtoholdresponsible,orevenhowseniorshemightbe? 21. IhaveconfidencethattheICOwillfollowcaselawinthisarea,andcompeltheHomeOffice toreleasewhatinformationithas,butthisisacommonthemeinRIPAstories.Comparedto morematureprocessessuchascivillitigationproceedings,orcriminaljusticefromarrest onwards,theRIPAregimeisincrediblyawkwardandopaque.AliceRosstoldmethatshe wasunabletoevencontacttheICC'soffice sometimesreferredtoastheIoCCO unableto actuallygetanaddressorphonenumberforthem,letalonereachapressofficerfor comment. 22. TheRIPAregimeoustedtheclassicalroleofthejudiciaryinissuingwarrantsforinvasive searches.ItisunlikelythattheDraftCommunicationsBillwillradicallychangethatposition. Ifwearetoacceptthepermanentlossofformaljudicialscrutinyinfavourofinternal authorisationandasmallinspectorate,thentwothingsbecomenecessary:transparencyof theinternalsafeguardsprocess,andanimprovedworkingrelationshipbetweentheIoCCO andthepress,sothatinlieuoftheadditionalmanpowerthatseemsunlikelytobe forthcoming,theinspectoratecanrelyonsupportofjournalistsinholdingpublicauthorities toaccount. 23. Inthetimeandspaceavailable,thiscouldonlybeawhistlestoptourofconcernsfromthe perspectiveofinvestigativejournalism.Ihopethatitbringssomesmallnoveltyof perspectiveorinformationthatmightproveusefulforyourpurpose.Ifthereisanywayin whichIcanassisttheJointCommitteefurther,pleasedonothesitatetocontactme.

August2012

Draft Communications Data Bill

83

Graeme Carter
1.ThedraftBillistheelectronicequivalentofplacingaGovernmentofficialineverypostalsorting officetorecordthedetailsofallmail. 2.AsDavidDavisMPhasstated,careercriminals oranyonewithanyunderstandingofinternet technology willbeabletoevadethemeasuresproposed. 3.PreviouslegislationsuchasRIPAhasbeenmisusedasdocumentedinnewspaperreports.Can therebeanydoubtthatthecurrentproposalswillsimilarlybemisused? 4.Officialsthroughouttheageshavesoughtthisdegreeofsurveillance.Willnobodystandupto them? 5.Justbecausesomethingismadepossiblethroughtechnologydoesnotmakeitdesirable:ifyou couldntdoitinonemedium,youshouldntdoitinanother. 6.TheseproposalssucceedbecausefewMPsandnoministershavethemoralfibretotellthepublic thatifwewishtoretainourhistoriclibertieswemaypayapriceinincreasedexposuretoterrorist andotherrisks.Officialstradeonthisweaknessbyadvisingministersthattheycanstandupinfront ofthecamerastosaytheyhavedonetheirbest. 7.Ifmorepeopledieinroadtrafficaccidentsthanthroughterrorism,whatdoesthatsayabout todaysprioritiesanddecisiontaking? 8.OtherActshavetakenthepowertoissuewarrantsoutofthehandsofmagistratesandintothe handsofunelectedofficials.Howmuchmoreofthisistobetolerated? 9.IfthisBillbecomeslawthenattheveryleasttheseniorinvestigatingofficerinacaseshouldhave torequestamagistrateswarranttoobtaindata,or,failingthat,awarrantshouldbesignedbythe electedPoliceCommissionerforthearea. August2012

84

Draft Communications Data Bill

Sean Cheshire
1.HastheHomeOfficemadeitclearwhatithopestoachievethroughthedraftBill?Gatheringdata oneveryUKcitizen,regardlessofifacrimehasbeencommitted 2.HastheGovernmentmadeaconvincingcasefortheneedforthenewpowersproposedinthedraft Bill?No 3.HowdotheproposalsinthedraftBillfitwithinthewiderlandscapeonintrusionintoindividuals privacy?Itfitssowell,itcompletelysquashesanyprivacy /sarcasm 4.Whatlessonscanbelearntfromtheapproachofothercountriestothecollectionof communicationsdata?Requirewarrantbeforedataiscollected 5.Arethereanyalternativeproposalswithregardtothetechniqueandcostofobtaining communicationsdatathattheGovernmentcouldconsider?Requirewarrantbeforedataiscollected 6.ThedraftBillsitsalongsidetheDataRetentionRegulations.Howwillthesetwopiecesoflegislation interrelate?Woulditbepreferabletohaveoneoverarchingpieceoflegislationthatgovernsthe retentionofcommunicationsdata?Zeroretention 7.IfitisconcludedthattheprovisionsofthedraftBillareessential,arethereanyothermeasures thatcouldbescrappedasaquidproquotorebalancecivilliberties?Sackallthelawmakers,andhave themstartagain 8.WilltheproposalsinthedraftBillposeariskthatcommunicationsserviceprovidersseetheUKas alessattractivebase.Whatmightbetheeffectonbusiness?communicationsserviceproviderswill haveasignificantbarriertoentry,asthecostsinvolvedinsettingupthemonitoringrequiredare prohivitive Costs: 9.Istheestimatedcostof1.8bnover10yearsrealistic?No1.8bneveryyearwillbeclosertothe realcosts 10.TheHomeOfficesuggeststhebenefitsthatcouldbedeliveredbytheenactmentofthedraftBill couldbeworthbetween56bn.Isthisfigurerealistic?Whatbenefits? Scope: 11.Arethedefinitionsofcommunicationsdataandcommunicationsserviceproviderappropriate? DotheysensiblydefinethescopeofthepowersinthedraftBill?Scopeistoowidetomakethisa reasonablequestion 12.WhichpublicauthoritiesshouldbeabletoaccesscommunicationsdataunderthedraftBill? ShoulditbepossiblefortheSecretaryofStatetovarythislistbyOrder?Novariation.Warrant required. 13.Howrobustaretheplanstoplacerequirementsoncommunicationsserviceprovidersbased overseas?Howrealisticisitthatoverseasproviderscouldbepursuedforbreachofduty?Unrealistic foranyoverseasproviderSovereignlawappliesonlytostatenotanyotherstate UseofCommunicationsData: 14.Arethecircumstancesunderwhichcommunicationsdatacanbeaccessedappropriateand proportional?Whatkindofcrimesshouldcommunicationsdatabeusedtodetect?Useofdatashould beusedtodetectthecrimeslistedinthewarrant 15.Istheproposed12monthperiodfortheretentionofdatatoolongortooshort?ToolongZero retentionunlessprovidedforbyawarrant

Draft Communications Data Bill

85

Safeguards: 16.Applicationsforaccessingcommunicationsdatawillbesubjecttoaseriesofsafeguardsincluding approvalbyadesignatedseniorofficerwithinthepublicauthoritymakingtherequest.Howshould "designatedseniorofficer"bedefined?Isthissystemsatisfactory?Arethereconcernsabout compliancewithArticle8ECHR?Warrantrequiredforspecificinvestigation 17.Wouldawarrantsystembemoreappropriate?Ifyoufavourawarrantsystemshouldthisapply toallpublicauthoritiesincludinglawenforcementagencies?Shouldawarrantbenecessaryinall circumstances?Andwhatwouldtheresourceimplicationsbe?Warrantsrequiredforallagencies,to includeSecretaryofState,andallgovernmentorganisations,includingMI5/6 18.IstheroleoftheInterceptionofCommunicationsCommissionerandtheInformation Commissionersensible?No ParliamentaryOversight: 19.ArethearrangementsforparliamentaryoversightofthepowerswithinthedraftBillsatisfactory? No.Parliamentcannotbetrusted,astheycameupwiththislegislationinthefirstplace. Enforcement: 20.Arethepenaltiesappropriateforthosecommunicationsserviceproviderswhofailtocomplywith therequirementsofthedraftBill?Nopenaltiesshouldbeimposeduntilawarrantsystemisinplace 21.Arethepenaltiesappropriateforthosepublicauthoritiesthatinappropriatelyrequestaccessto communicationsdata?ShouldfailuretoadheretotheCodeofPracticewhichisprovidedforinthe draftBillamounttoanoffence?Anypublicauthoritythatinappropriatelyaccessesthedatashould haveanyevidenceobtainedfromthataccessbarredfromanyandallcourts.Individualsthataccess thedataforpersonalreasonsshouldbedismissed,andinvestigatedforcriminaltrespass.Thiswould applytolawenforcementandMPswithoutexception Technical: 22.Doesthetechnologyexisttoenablecommunicationsserviceproviderstocapture communicationsdatareliably,storeitsafelyandseparateitfromcommunicationscontent?Inthe currentcontext,itisavailable,butunlesstheamountsgiveninmyanswertoquestion9aretaken intoaccount,thecostwouldbeprohivitive 23.Howsafelycancommunicationsdatabestored?Bynotstoringitinthefirstplace. 24.Aretheproposalsforthefilteringarrangementsclear,appropriateandtechnicallyfeasible?No. 25.HoweasywillitbeforindividualsororganisationstocircumventthemeasuresinthedraftBill? withcurrenttechnology,fairlyeasy.AprivateVPNtoanothercountrywillprovideyouwithawhole bunchofencrypteddata.Onlythosewhoareinherentlystupid whichthepolicecancatchwithout help orthosethathavenothingtohidewillgettheirdatastored.Thosethataretechnologically smart,orhavethemoneytopaysomeonetosetitupforthem,willbesafe,astheirdatawouldbeina formatthatcouldnotbedecrypted. 26.Arethereconcernsabouttheconsequencesofdecryption?No,forthereasonlistedintheanswer toquestion25 August2012

86

Draft Communications Data Bill

The Coalition for a Digital Economy


1.Introduction 1.1 The Coalition for a Digital Economy Coadec is an independent, nonprofit organisation that works to give UK digital startups and entrepreneurs their own voice in policy discussions and support legislation and other government policies that foster a vibrant, innovative and sustainable digital economy for Britain. We are made up of a wide range of members of the UK innovation community, including entrepreneurs, leaders of techdriven startups and SMEs, inventors and developers, and many others who believe that the future of Britain lies in the success of its digital economy. 1.2Weareawareofmanyindividualsandorganisationsthatwillrespondtotheconsultationonthe arguments surrounding the draft Bill's impact upon civil liberties and the technical problems surroundingtheimplementationofsuchabill,wewillberespondingonthebasisthatthebillmay havedetrimentaleffectonthebusinessesofthedigitalstartupsandentrepreneursthatweworkwith whowillfallintothecategoriesofCommunicationsServiceProviders CSPs . 1.3WeunderstandtheGovernment'saimandtheCSPsweworkwithallowforandaremorethan keentocomplywithlawfulrequestsfordata.IntheUKwehavesomeofthebesttimefordisclosure in the developed world and there are many existing methods for Government to obtain communications data from CSPs. On examining some of the new provisions within this Bill the businessesweworkwithwereextremelyconcernedonanumberoffronts. 1.4AsrequestedbyintheJointCommittee'scallforevidence,wehavekeptoursubmissionbrief.The discussionpointsbelowseektoaddressthemostrelevantquestionstothebusinessesweworkwith, butnotallofthequestionsinthecallforevidence. 2.Definitions 2.1WithregardstothedefinitionsofcommunicationsdataandCommunicationsServiceProvider,it is unclear whether the Home Office intended for these to be quite as broad as they could be theoreticallyapplied. 2.2ThedefinitionsastheycurrentlystandthrowupquestionssuchaswouldsmallandmediumCSPs beincluded?Doesitmatterifcommunicationsisonlyasmallaspectofyourbusiness?Isthelocation oftheserversanissue? 2.3 Under the current proposals any business providing any element of communications could be requiredtocollectdataontheirsubscribers.Thismeansitwouldnotjustbebigdigitalbusinesses whospecificallyprovideacommunicationsservice,suchasasocialnetworkoranemailprovider,but also retail sites that allow buyers to communicate with sellers, a recruitment website that allows employees to respond to adverts, a personal finance site that has contactable advisers, and many more. 2.4 These unclear definitions would create a legal uncertainty around digital startups and whether they would be required to comply with these measures. Uncertainty is a major disincentive for investors.AtatimewhenwearelookingtoincreaseinwardinvestmentinUKbusinesses,certaintyin cleardefinitionsisvital. 3.Costs 3.1 We are disappointed by the lack of consultation undertaken by the Home Office before these measures were proposed. When conducting the Impact Assessment to support the Bill which determinedthecostlevelannounced,theHomeOfficeonlyconsultedusersofthedata.Infailingto consultmorewidelywiththeCSPswhowouldbeexpecttodeliverthesesystemsitisdifficulttosee howthecostshavebeendetermined. 3.2Therearefurtherunknownfactorsthatmeanthepreviouscostscalculatedasthereremaintoo many unknown factors in the proposals. As mentioned earlier in this response the definitions are extremelybroad,soitisdifficulttodeterminethenumberofbusinessesthatwillbeaffected.Ifthere is no provision for small businesses, every single entrepreneur developing a digital business with somecommunicationselementcouldberequiredtoinvesttimeandcapitaldevelopingasystemto complyandrecoupthecosts. 3.3Thiswouldn'tjustapplytoexistingdigitalbusinesses.Thecostsforthispolicyaretobeapplied on a 10year basis, however 10 years ago many of the services we regularly use today didn't exist

Draft Communications Data Bill

87

suchasTwitter,Facebook,GmailandSkype.AsUKstartupsgrow,andtheaimofseeingworldleading digitalcommunicationsbusinessestorivalexistingorganisationstocomefromtheUKisrealised,this cost could increase phenomenally in a few short years. 4.Collectionandretention 4.1 As well as the initial concerns about whether digital startups and SMEs would be required to complywithsuchanorder,mostofthebusinesseswespoketoweredisturbedbythepossibilityof being asked to develop standardised systems for data collection and to retain data they would not normallycollect. 4.2Entrepreneurs,andearlystagestartupswhichoftenconsistofteamsof2or3peoplewouldface huge challenges installing collection systems and setting up automated access systems without compromising the security of their systems. Increasingly startups are encouraged to develop using leantechniquestodevelopproductsandserviceswithoutlargeamountsofinitialfunding,andoneof themostimportantprinciplesbehindthisisminimumviableproduct.Theideaistocreateaversion of a product or service that serves a test function and release it as soon as possible in order to continuetoiterateandreleaserepeatedlytorefinetheproduct. 4.3 Being forced to build into each iteration a standardised system for collecting, retaining and makingaccessiblecommunicationsdatawouldseverelyimpactuponadigitalbusinessesabilitytodo productdevelopmentandthesystemswillinalllikelihoodhavetoberegularlyupdatedtocopewith growthandanyadditionalservicesthathavebeenadded. 4.4Askingstartupstoretaindatathattheydonotneedinthecourseoftheirbusinesswouldseemto addanadditionalbarriertoentryandcapitalexpenseincollectionresourcesandimpactupontheir existing relationships with the customers. This was a core concern of the businesses we spoke to about these proposals who value the privacy of their customers data. They were shocked at the possibility of being asked to retain data without their subscribers knowledge and potentially being asked to disclose this without the option of having oversight of the data that would be released. 4.5 This would take away the control customers have over the privacy and use of their data out of theirhands.ForcustomersnotbasedintheUKthiswouldinalllikelihooddrivethemtousesystems basedelsewhereandbusinessesbasedoutsidetheUKwouldbeabletomarkettheirservicesonthe basisthattheydidnotautomatedsystemstoprovidelawenforcementagencieswithcustomersdata withoutanyoversightwhenincompetitionwithaUKbasedfirm. 5.Innovation 5.1 Asking digital businesses to standardise their data collection systems fundamentally misunderstandsthewaydigitalbusinessesaredeveloped.Theveryarchitectureofadigitalbusiness restsuponthewaytheyhandlethedatatheycollect.Ifdigitalbusinessesareforcedtostandardise thisyouriskkillinginnovationandkeepingUKbusinessesstuckin2012fortheforeseeablefuture. 5.2WealreadyfaceashortageofskilledcodersanddevelopersintheUK,andtheGovernmenthas recognised this and kickstarted the process of reforming ICT GCSEs to make them more able to deliver programming skills desperately required in digital industry. If you inhibit their ability to innovate they will be increasingly likely to be attracted by the prospect of growing their business abroad. 6.Growthofstartups 6.1IntheUKover8.3%ofourGDPisgeneratedthroughtheInternet,whichisalargersharethan anyotherEUeconomy.In2010thiswasworth121billion. Inatimewherewearelookingtothis vitalsourceofgrowthcreatinganewabarriertoentrywouldseemtocounterthePrimeMinister's aimtomaketheUKthebestplaceintheworldtostart,runandgrowahitechcompany. 6.2 Our fundamental concern regarding the process is that while the impact assessment seeks to determine the cost, and the Home Secretary has recognised the concern on the impact on civil liberties,nowhereintheBillorinstatementsfromtheHomeOfficehastheeffectthisbillwillhave onsmallbusinessesbeenrecognised. 6.3 To highlight some of the arguments we have made in this submission below are two existing businessesweworkwithwhocouldberequiredtocomplywithanorder. Zummer www.zummer.co

88

Draft Communications Data Bill

ThiskindofproposalcreatesanimpossiblesituationwhereIwouldbeexpectedtomakeall dataaccessiblewhilesimultaneouslyexpectingmetoclampdownondataintrusion.While thepoweroftheinternetcancauseconcernsformonitoringcommunicationactivity,onthe flipsideisitmeansIcanincorporatemycompanyanddatainanothercountry,whichwould seemfarmoreappealingifthisbillweretobepassedasitis.IfIwasgivenawarrantthat orderedmetohandoverdatathenofcourseIwouldcomply,buttheonuswouldn'tbeonme toputitinastandardisedformatforthepolice,thatsnotmyjob,anddoesn'tearnmoneyfor me,mybusiness,ormyinvestors.

Asocialappthatallowsuserstocreatealivewallforavarietyofusesincludinganevent,a topic, a question, and many other. The walls created on Zummer update in realtime, and feature photos, videos, locations, songs and comments can all be added to the live walls. Zummer was founded by Tony Million, a successful entrepreneur who previously co developedtheSoniquemediaplayerthathadover100millionusersinitspeakandwassold toLycosfor$55million. Tonytoldus:

7.Conclusions 7.1Whilewearegratefulthatwehavebeenaffordedthisopportunitytocommentontheproposals, itisourbeliefthatmanyoftheobjectionscouldhavebeenaddressedwithafullconsultationprocess, where expert opinion could have been consulted to avoid some of the most apparent flaws, particularlyinrelationtothetechnicalissues. 7.2Thebillasitcurrentlystandsunderminesthefundamentalnatureofdigitalbusinessesbydictating howtheyhandletheirdata.Itthreatensinnovationandrisksdrivingdigitalbusinessesawayfromthe UKbyreducingtheUK'scompetitiveness. 7.3 Thereneedstobeafullandproperconsultationprocess so the issues can be discussedand the Governmentcangarnerapropersoundingofthepublic'samenabilitytowardstheseproposalsand thebusinessesaffectedcanhavetheirconsiderationstakenintoaccount. 7.4 The cost needs to be more accurately assessed with supporting evidence and consultation with thosewhowillbeexpectedtodeliverthesesystem. 7.5Therangeofdatathatcanbecollectedfromabusinessshouldbelimitedtocommunicationsdata theyalreadycreateaspartoftheirregularbusinessactivitiesratherthanadditionaldatatheydonot use, and requirement for standardising data collection should be reconsidered as it undermines startupsabilitytoinnovateandgrow. August2012

We are particularly concerned aboutthe proposals as we would find itdifficulttoput up, eventemporarily,anyextracostsofimplementingasystemliketheonethatisproposed.We would also be concerned about any extra data we would be compelled to collect from our providers who use our service which could deter them from wanting to be listed on our platform.

Teddle www.teddle.com Teddle is an online service that connects providers with their community enabling customers tobook quality local servicessuchas cleaners, plumbers, carpenters,tutorsand manymore,instantly.TeddlewasfoundedbyJulesColeman,AlexDepledgeandTomNimmo andtheyfirmlybelievethatlocalsmallbusinessisattheheartofeverycommunityandtheir platformaimstohelpcustomersfeelpartoftheircommunitywhilealsodrivingmoneyand growthintothelocaleconomy. Theytoldus:

Draft Communications Data Bill

89

Wendy Cockcroft
ThesearemycommentsontheCommunicationsDataBill,AKAtheSnooper'sCharter,proposals.To cutalongstoryshort,theproposedbillisapointlesswasteoftimeandamassiveintrusionintothe privacyofthecitizensandresidentsoftheUK.Itrepresentsthevenal,selfish,sleazystateofthe membersoftheGovernmentwhoproposeditandisablightonBritain'srecordasafreeandfair country.Getridofitnow!Thisiswhy: General:

1.HastheHomeOfficemadeitclearwhatithopestoachievethroughthedraftBill?

2.HastheGovernmentmadeaconvincingcasefortheneedforthenewpowersproposedinthedraft Bill?

Ithasinsomeways:itwantstobeabletofindoutwhowehavebeencommunicatingwithonour phones,inourlettersandinouremails. However,ithasn'ttolduswhichprivatecontractorswillbeinvolvedandwhatfor.Italsohasn't explainedwhat"abusinesscase"forthecommunicationsdatarequiredbythelocalauthoritiesis.It alsohasn'ttolduswhyblanketsurveillanceofthepopulationisnecessarywhenatargetedapproach wouldbemoreeffective.

3.HowdotheproposalsinthedraftBillfitwithinthewiderlandscapeonintrusionintoindividuals privacy?

No,notatall.Ifanything,ithasconvincedusthatthey'reinthralltotheindustrylobbyistswhostand togainconsiderablyfromthisintermsofdatamining that'swhatthe"businesscase"is,isn'tit? and managementfees.It'sparticularlygallingtolearnthatwetaxpayersaretofootthebillforthis nonsense.We'rehavingnoneofit! Itisoutrageousthatanygovernmentofficialwantstoknow,withoutawarrant,whoI'vebeen communicatingwithbymail,phone,oremail.It'sapresumptionofguilt!Haven'tyouheardofHabeas Corpus?Oh,wait,you'replanningtogetridofit.Sillyme,Ikeepforgettinghowmuchyouaredoing todismantlethestructureofourdemocracy.

4.Whatlessonscanbelearntfromtheapproachofothercountriestothecollectionof communicationsdata?

Nottocopytheoppressiveregimeswherethisisinforce.Haveyounoticedhowbadlytheir economiesaredoing?Chinaisonlyworkingatthelevelitisbecauseithasdevalueditscurrencies, practicesprotectionism,andpermitsWesterncompaniestooutsourcejobstothem.Stopoutsourcing andthetruthisrevealed:oppressionisbadfortheeconomy.Contrastthatwithcountriesthatdonot receivethesamelevelofFDA foreigndirectinvestment andyou'llseeIamright. Thecurrentproposalscreatemorehaystackstohideneedlesin.Atargetedapproachwithwarrants requiredtoaccessthedataworksmoreefficiently.Warrantssafeguardourrights,andmustbeissued forallattemptstoputanyoneundersurveillance.Warrantscanbeissuedperpersonratherthanper item,Iwouldn'topposethat.

5.Arethereanyalternativeproposalswithregardtothetechniqueandcostofobtaining communicationsdatathattheGovernmentcouldconsider?

90

Draft Communications Data Bill

6.ThedraftBillsitsalongsidetheDataRetentionRegulations.Howwillthesetwopiecesoflegislation interrelate?Woulditbepreferabletohaveoneoverarchingpieceoflegislationthatgovernsthe retentionofcommunicationsdata?


Getridofallretention.Don'tretainanydatawithoutawarrant!

7.IfitisconcludedthattheprovisionsofthedraftBillareessential,arethereanyothermeasures thatcouldbescrappedasaquidproquotorebalancecivilliberties?
Civillibertiesareunbalancedasitis.Getridofdataretentionexceptaspartofacriminal investigation.

8.WilltheproposalsinthedraftBillposeariskthatcommunicationsserviceprovidersseetheUKas alessattractivebase.Whatmightbetheeffectonbusiness?

Costs: ISPsthemselvesarebestplacedtotellyouthat.http://www.meritalk.com/pdfs/big data/MeriTalk_Big_Data_Gap_Press_Release.pdfprovidesanideaofwhatthislookslike.Bearinmind thatwhentheycollectthedatatheyhavetostoreitandthatmeansbuyingmoreservers.You demandthattheyunderwritethecostofthispointless,wastefulexercise,andtheyhavetopassthe costsontous.We'reinthemiddleofarecessionandI'mawebdesigner.Thisraisesmyoperating costs.WhyshouldIsupportitifit'sdoingnothingapartfromprovidingapowertripforsome bureaucrat?ShowmeAbenefit.Justone. Nowthinkaboutthetimespentlookingfortheinformationyouwant.Actuallythinkaboutit.Let's makethiseasyenoughforapoliticiantounderstand:ifyouhaveanemailaccountandgetalotof emails,howdoyoufindtheemailyouarelookingfor?InGmailthere'sasearchfunction.Imayusea nameorakeywordtofindwhatI'mlookingforbutitcantakesomeconsiderabletime,eveninmy ownpersonalemailaccount,tofindtheitemIamlookingforifthekeywordornameIamusingas thesearchtermisrepeatedalotintheemailsIhavestored. Nowmultiplythisbyabout50millionandyou'llseetheproblem.Someofushavemultipleemail accounts.Icertainlydo.NOWcanyouseetheproblem?Andyouwonderwhywefightagainstthis?

9.Istheestimatedcostof1.8bnover10yearsrealistic?

10.TheHomeOfficesuggeststhebenefitsthatcouldbedeliveredbytheenactmentofthedraftBill couldbeworthbetween56bn.Isthisfigurerealistic?

No,notatall.Everytimethegovernmentcomesupwithaprojectedcostfornonsenseofthiskind, theactualcostsspiraloutofcontrol.

No,it'snonsense.Firstofall,wethetaxpayers,whovotedtheliarswhosaidtheywouldrollbackthe surveillancestateintooffice,areobligedtopaymoretoourISPstofacilitatethiswastefulnonsense. Theywillneedmoreserversandthewarehousespacetostorethemintostoreourdata. Actuallydecryptingthisisanothermatteraltogethersothedataitselfisjustsittingthereinthe servers,gatheringdustandcobwebs. Thenyouhavetopayforthemanhourstotrytogetholdofapieceofinformationusingsearchterms that,asIpointedoutearlier,maywellapplytohundredsofthousandsofotherpeople.Goodluckwith that. Trustmeonthis,the56bn probablymore willbegoingtotheprivatecontractorsyouplantoget tooverseethedataretentionanddecryption. Scope:

Draft Communications Data Bill

91

11.Arethedefinitionsofcommunicationsdataandcommunicationsserviceproviderappropriate? DotheysensiblydefinethescopeofthepowersinthedraftBill?
No,becausetheydismissthelegitimateconcernswehavethattheinformationwillbemishandled andthepowersabused.

12.WhichpublicauthoritiesshouldbeabletoaccesscommunicationsdataunderthedraftBill? ShoulditbepossiblefortheSecretaryofStatetovarythislistbyOrder?
No.Getawarrant.Andgetridofthebill.

Ah,soyou'venoticedtheflawsintheplan?Theonlysolutionisconsolidationandpermittingthe centralizationthatwouldmaketheinternetvulnerabletoattack.Decentralizationiswhatkeepsit afloat.Ifyoudon'tunderstandhowitworks,don'tlegislateforit.

13.Howrobustaretheplanstoplacerequirementsoncommunicationsserviceprovidersbased overseas?Howrealisticisitthatoverseasproviderscouldbepursuedforbreachofduty?

14.Arethecircumstancesunderwhichcommunicationsdatacanbeaccessedappropriateand proportional?Whatkindofcrimesshouldcommunicationsdatabeusedtodetect?

Allofthem,usingawarrant,inatargetedapproachthataccessesthecommunicationsdataofthe subjectsoftheinvestigation,notallofus.

15.Istheproposed12monthperiodfortheretentionofdatatoolongortooshort?

16.Applicationsforaccessingcommunicationsdatawillbesubjecttoaseriesofsafeguardsincluding approvalbyadesignatedseniorofficerwithinthepublicauthoritymakingtherequest.Howshould "designatedseniorofficer"bedefined?Isthissystemsatisfactory?Arethereconcernsabout compliancewithArticle8ECHR?


Getawarrant!

Safeguards: Thereshouldbenomassdataretentionatall.ThesafeguardsareinadequateandasIpointedoutit's apresumptionofguilt.

17.Wouldawarrantsystembemoreappropriate?Ifyoufavourawarrantsystemshouldthisapply toallpublicauthoritiesincludinglawenforcementagencies?Shouldawarrantbenecessaryinall circumstances?Andwhatwouldtheresourceimplicationsbe?

18.IstheroleoftheInterceptionofCommunicationsCommissionerandtheInformation Commissionersensible?

Warrantsshouldberequiredbyanyandallpersonsandagencieswhowishtohaveaccesstoour communicationsdata.Warrantsperpersonratherthanbyitemthatdescribethescopeandpurpose oftheinformationrequired,withevidenceforprobablecause,willsuffice.Resourcerequirementsfor thiswouldbelowerbecauseofthemanhoursthatwouldbespentdiggingforthisinformationwould befewerthaninamasssurveillancesituation. No,notatall. ParliamentaryOversight: Pointless,sinceyou'reinthebusinessoferodingourprivacyrights.Whywouldsomeonewhocares nothingforourprivacywanttoprotectitanddefendourrights?It'soxymoronic.

92

Draft Communications Data Bill

20.Arethepenaltiesappropriateforthosecommunicationsserviceproviderswhofailtocomplywith therequirementsofthedraftBill?
No,andIdon'tbelieveforamomentthattheywouldbeenforcedatall.

No,notatall. Enforcement: Notgonnahappen.RememberJeanCharlesdeMenezes?That'swhy.You'dletsomethingawful happen,shrug,sayit'snotyourfault,thendoitagain.Andagain,andagain.

19.ArethearrangementsforparliamentaryoversightofthepowerswithinthedraftBillsatisfactory?

21.Arethepenaltiesappropriateforthosepublicauthoritiesthatinappropriatelyrequestaccessto communicationsdata?ShouldfailuretoadheretotheCodeofPracticewhichisprovidedforinthe draftBillamounttoanoffence?


Youshouldjustscrapthebill.

Notreally.Imagineawallbetweenyouandthepropertyofthemannextdoor.Itcomesuptoyourhip inheight.It'saboundarymark,butthat'sit.Ifyouwanttotakeashortcuttogettohishouseyouhave onlytoclimboverthewall.Notevenclimb.Onelegover,thentheother,andyou'rethere.

22.Doesthetechnologyexisttoenablecommunicationsserviceproviderstocapture communicationsdatareliably,storeitsafelyandseparateitfromcommunicationscontent?

23.Howsafelycancommunicationsdatabestored?

Don't,exceptaspartofacriminalinvestigationunderjudicialauthority,withawarrant.

24.Aretheproposalsforthefilteringarrangementsclear,appropriateandtechnicallyfeasible?

It'sallahugepileofhogwashbecausethere'sahugegulfbetweenwhatyouclaimyouwantandwhat wouldactuallyhappeninpractice.

25.HoweasywillitbeforindividualsororganisationstocircumventthemeasuresinthedraftBill?

VPNs,meshnetworking,codedconversations,othermethodsofcommunicationincludingtalkingto eachotherinlocationsoutofthereachofsurveillanceequipment.StopwatchingJamesBondand thinkabouthowpeopleactuallyoperateinpractice.DavidDaviesputitbestwhenhesaidyou'dcatch theinnocentandtheincompetent.He'sright,payattentiontohim.

26.Arethereconcernsabouttheconsequencesofdecryption?

Theymightinterferewiththeoperationoftheinternetitself,theymaycreatevulnerabilitiesfor criminalstoexploit...youknowhowverminandweedsdevelopimmunitytopoisons?That,buton theinternet.Peoplewillfindwaystostrengthenencryptionandyouwillfindwaystobreakit.See malwarefordetails. Conclusion: Youreallyhaven'tthoughtthisthrough,haveyou?Stopmessingwiththeinternetandstoperoding ourprivacyrights.Allthissurveillanceisacostlyfavourtotheprivatecontractorswhohave frightenedyouintoit.RemembertheSeventiesandEightieswhentheIRAwerebombingthe

Draft Communications Data Bill

93

country?Rememberthecompletelackofcallsforgeneralpublicsurveillance?Ilivedthroughthat andcanassureyouthatmasssurveillanceofthepublicisunwantedandunnecessary.Stopitnow! August2012

94

Draft Communications Data Bill

Paul Connolly
IamanaccountantlivingandworkinginNorthampton.AlthoughIcalluponmyownexperiencesin life,publicfinanceandITprojectfinanceinthisdocument,I'mnotholdingmyselfoutasanexpertin anyfield,rathersimplyasaninformedandconcernedcitizen. BelowIgivemypersonalopinionsrelatingtothedraftCommunicationsDataBillandwouldaskthat theJointCommitteeconsiderthesewhendeliberatingthebill. Ithinkthebillshouldbecompletelyscrapped.IhaveconcentratedonthreemainreasonswhyIthink this: DirectconflictwiththeHumanRightsAct. Technicalunfeasibility. Financialdetrimenttosmallbusinessandthuscreatingeconomicdamage. 1.DirectconflictwiththeHumanRightsAct 1.1ThebasicthrustofthebillisforInternetServiceProviders ISPs toautomaticallycollectnew widersetsofdatathateachcitizenhastransmitted.Nosuspicionofwrongdoingisneededto warrantthisexpansionofcollection,thisinformationistobegatheredbyvirtueofthesimplefact thatthecitizenexistsandcommunicates. 1.2Thisimpliesthateveryoneisundersuspicion,thattheiractionshavebeenrecordedasevidence fortheirpossiblefutureprosecution,waitingonlyforthepolicetoturntheirattentiontothat particularcitizenwhenthetimecomestoinvestigatethem. 1.3Promotersofthisbillarequicktoassureusthatthe"content" e.g.themessageinsidetheemail, ortelephoneconversation willnotbekept,andonlythe"communicationdata" whorangwhom, when,fromwhereandforhowlong willbekept. 1.4Thisstatementseemsintendedtoplacateoppositiontothebill,butbeliesthetruthofthe staggeringpowerthatprofilingwithcommunicationsdataactuallyhas.Imaginethat,ifGoogle,with currentcommunicationsdata,canautomaticallydropadvertsontoyourwebpagethatarespookily closetoyourowntastesandpastimes,thenwhataconcertedeffortbythesecurityforcescouldput togetherfromayetwideranddeepersetofyourcommunicationsdata. 1.5ThefalseimprisonmentoftheBirminghamSixspringstomind.Theywereinthewrongplaceat thewrongtimebut"fittedtheprofile". 1.6The"communicationsdata"asdescribedinthebillisclearly"correspondence"asdescribedinthe HumanRightsActarticle8.1.Bydenyingthecitizen'srighttokeephisorherdatafreefrom systematiccataloguingasevidence,thestatewouldnotberespectingprivatelifeandfamilyofits citizensnortheircorrespondence. 2.Technicalunfeasibility 2.1Inordertostripoutfromacitizen'scommunicationsthe"content"andkeeponlythe "communicationsdata",theISPsmustusesomethingcalled"DeepPacketInspection".Thisisa techniqueperformedbypurposebuilthardwareorsoftware a"snifferprogram" which interrogateseachblockofdataasitcomesdowntheline. 2.2Ananalogywouldbetosayitistheelectronicequivalentofopeningtheenvelopethatcontains mylettertoJohn,recordingeverythingbefore"DearJohn"andeverythingafter"Yourssincerely", thenreplacingtheletterinto,andresealing,theenvelope,thensendingtheenvelopeonwardsto John. 2.3Inelectronicscommunications,ISPswouldneedtousethesesnifferprogramstodothisbut,these daystheresomanyofformsofelectronic"envelopes"thatcontainthisdata,including,butnot restrictedto,email,webmail,socialmessage,chatandgamingapplications,viop e.g.skype ,instant messaging. 2.4Thatmeansfirstly,thatwritingandtestingtheseprogramswouldbeenormouslyproblematicand costly,Iwillexplainfurther. 2.5Let'stakeanemail.Thesnifferprogramwouldfirsthavetointerceptandassemblethatemail, figureoutwhatiscontentandwhatiscommunicationsdata,takeexactlyonlythecommunications dataandleavethecontentbehind. 2.6Rememberthatifeventhesmallestpartofcontentdataispulled,thenthatdataasevidenceis inadmissibleincourt,sotheprogramhastobehonedtonearperfection.

Draft Communications Data Bill

95

2.7Intheolddays,withaconventionalemail,mostofthiscommunicationsdatainformationsat convenientlyinanareacalledthe"header",whereitwaseasytogetatandstripout.Butwith webmail,itisnowmingledwiththe"html"codescatteredinthebodyofthewebpage. 2.8Astheuseofthistypeofwebcommunicationsgrows,thecomplexityofthesesnifferprograms willneedtobecomemoresophisticated.Themanipulationthattheseprogramsperformeffectsthe webpage'stransmissionspeed,soevenifthelexicographicalhurdlesweresomehowovercame,the speedoftheinternetwoulddramaticallyslowdown akintoChina . 2.9Overtimetheproblemofthisintermingledcontentandcommunicationsdatawithinwebpages wouldhitmoredifficulties: 2.10Everytimeachangeinthewiderinternetoccurs, agoodexamplewouldbethecurrentHTML5 rollout ,webpagecodewouldchangeandthesesnifferprogramswouldneedrecalibrating.A humanbeingwouldagainhavetounpickthehtmlcodetoseparatethecontentfromthedata communicationstoupdatethesnifferprogram. 2.11ThishumanwouldneedtobeanintelligentandexperiencedITprofessionalwhounderstands codeandthenatureofdata.Itisunlikelythatsuchpeoplewouldbeinterestedinsuchboringand unsatisfyingwork. 3.Financialdetrimenttosmallbusinessandthereforeeconomicdamage 3.1Thebillmentionstheimplementationcostbeing1.8bnandthebenefitsbeing5bnto6.2bn.I couldn'tfindanyitemisationofthesecostsandbenefitswhichiswhatIwouldexpectfromany professionallywritteninvestmentprojectproposal. 3.2GiventhespectacularfailureoftheIDcarddatabaseITproject;whereamalconceivedproject wasallowedtospendpublicmoneyunfetteredbeforecollapsing,thestateneedstoensurethesetting upofproperbudgetarycontrolintoitsproposals.Whichalsomeanssincereandtransparent attemptstoquantifytheirestimates. 3.3Theomissionofthesedetailspointseithertoanunwillingnesstosharetherealdetailor,justas worryingly,thattheHomeOfficecannotestimatethesecostsandbenefitsscientificallybecauseit doesn'tknowhowitwillimplementtheproject. 3.4Butevenourconcernoftheseunknowncosts,initself,isnotthemajorproblemhere.The cripplingeffectofthepushingofthatcostburdenontothesmallISPsistheproblem. 3.5WithDeepPacketInspectionsniffercapabilitydemandhigh,andcapableITtalentsupplylow, thentherecouldbealargefeeupliftdemandedbytheITdevelopersthatcandothiswork.SmallISPs wouldeitherhavetocaveintohighconsultingcostsorbebeholdentosomekindofsoftwareor hardwaresolutionofferedupbythebigplayerswhichtheywouldstillneedtomanage.Theywould stillenduppaying,eitherthroughexpensivetraining,orexpensivemaintenancecontracts. 3.6Abarriertoentrywouldbecreated,keepinghostingstartupsout.Thehostingindustrywould becomeincreasinglyvulnerabletothelargehostingcompanies. 3.7Largecompaniestendtoconsumetalentrathernurtureit.Theyconcentrateonconsolidating theircommercialpositionratherthandirectingcreativeenergythatconversely,aboundsinasmall business. 3.8Ifsmallbusinessesareeradicatedfromtheindustryinthisway,themultinationalswillbefreeto restructureoperationsviatheirfavouritetaxhavens e.g.similartowhatlargeinternetfirmsnowdo inIreland ,therebydenyingtheexchequerrightfultaxrevenuesfromoperationsintheUK,and createanothermarketfailurehereintheUK. August2012

96

Draft Communications Data Bill

Joe Corrall
General: 1. HastheHomeOfficemadeitclearwhatithopestoachievethroughthedraftBill? No.Therehasbeenalargedegreeofdeflectionwhenaskeddirectquestionsaboutthescope andfocusofthebill. 2. HastheGovernmentmadeaconvincingcasefortheneedforthenewpowersproposedin thedraftBill? No.TheGovernmenthasnotprovidedstrongevidencethatexistingwarrantpowersare ineffectiveandthatthisleveloftrackingandsurveillancewillbepositive,ratherthan oppressive. 3. HowdotheproposalsinthedraftBillfitwithinthewiderlandscapeonintrusioninto individualsprivacy? Tomyperspective,whileEUlawsandotherorganisationsseektoprotectorenforceprivacy fortheindividual particularlytherecentdroppingoftheACTAproposalasanexample ,this isoddswiththatclimatebyenablinggreaterlossofprivacy. 4. Arethereanyalternativeproposalswithregardtothetechniqueandcostofobtaining communicationsdatathattheGovernmentcouldconsider? Haveyouconsiderednotspyingonyourowncitizens? 7. IfitisconcludedthattheprovisionsofthedraftBillareessential,arethereanyother measuresthatcouldbescrappedasaquidproquotorebalancecivilliberties? Removalofonelibertyerodingmeasureshouldnotbeconsideredasacceptabletotradefor another.Wouldyoureplaceonedictatorwithanother? Costs: 9.Istheestimatedcostof1.8bnover10yearsrealistic? Absolutelynot.Giventhemassiveoverspendoneverysignificantgovernmentprojectforthelast10 yearstheoddsofhittingthisprojectedtarget10yearsinthefutureisvirtuallynil.Giventhecosts requiredinstoringtheamountofdataaimedtobecollectedalonewouldrackupbillsinthemillions peryear. 10.TheHomeOfficesuggeststhebenefitsthatcouldbedeliveredbytheenactmentofthedraftBill couldbeworthbetween56bn.Isthisfigurerealistic? Absolutelynot.Thisisageneralisedfigurepluckedfrommidairbasedonnothingbutassumptions. Storingdataandtrackingeverydigitalcitizenofthisnationcannotpossiblysavemoney,onlycost. Imamazedthisfigurehasbeenquotedasitshowsacompletenegligenceandperhapsignorancefor thebasictenantsofcommerce. Scope: 12.WhichpublicauthoritiesshouldbeabletoaccesscommunicationsdataunderthedraftBill? ShoulditbepossiblefortheSecretaryofStatetovarythislistbyOrder? Intheeventofthisbillpassing,onlypoliceenforcementshouldhaveanyaccesstoitsdata.Political partiesshouldhavenoaccess,andnoeffect,overitscontents.ShouldsuchadatabasebecompiledI wouldtrustprofessionallawenforcementofficialsoveranMPwithanarthistorymajortobe handlingit. 13.Howrobustaretheplanstoplacerequirementsoncommunicationsserviceprovidersbased overseas?Howrealisticisitthatoverseasproviderscouldbepursuedforbreachofduty? GiventheGovernmentscurrentattitudetoextraditionrequestsfromtheUSAIwouldsayyoustand aboutasmuchchanceasasnowballinhellofsuccessfullypursuinganyorganisationabroadfor breachofduty.

Draft Communications Data Bill

97

UseofCommunicationsData: 15.Istheproposed12monthperiodfortheretentionofdatatoolongortooshort? Drasticallytoolong.Ifthecrownprosecutionserviceisunabletoformulateacasewithin12months ofthecrimetakingplaceIwouldarguethattheyarewastingtaxpayertimeandmoney.Giventhatno databaseiseversecure Imasoftwaretester,trustmeonthis storinganysuchdataforanylength oftimeisonlyincreasingthesecurityriskofthisdatabeingtakenformaliciouspurposes. Safeguards: 17.Wouldawarrantsystembemoreappropriate?Ifyoufavourawarrantsystemshouldthisapply toallpublicauthoritiesincludinglawenforcementagencies?Shouldawarrantbenecessaryinall circumstances?Andwhatwouldtheresourceimplicationsbe? Ifthebillshouldpass,awarrantshouldbevitalforpreventingabuseandunnecessaryintrusioninto thepublicsprivatelife.Whiletheadditionaldemandonjudgeswouldbenoticeable,asmoother warrantapplicationprocess,andtheknowledgethatsuchmeasuresarealast,notafirst,resort shouldminimisethis. 18.IstheroleoftheInterceptionofCommunicationsCommissionerandtheInformation Commissionersensible? No.Weareinaclimateofausteritywhereanincreasingpercentageofthepublicstrugglestoafford daytodayliving,andyouwantthecreationoftwonewhighpayingcommissionerrolesforone aspectofpolicythatcouldbeeasilyhandledbythecurrentjudicialauthority?Idontthinkthats goingtobeaneasysell. Enforcement: 21.Arethepenaltiesappropriateforthosepublicauthoritiesthatinappropriatelyrequestaccessto communicationsdata?ShouldfailuretoadheretotheCodeofPracticewhichisprovidedforinthe draftBillamounttoanoffence? Itshouldamounttoanoffence.Misuseofpublicoffice.Misuseofprivatedata.Misuseofpower. Takeyourpick. Technical: 22.Doesthetechnologyexisttoenablecommunicationsserviceproviderstocapture communicationsdatareliably,storeitsafelyandseparateitfromcommunicationscontent? No.ThisbillcompletelyneglectstoexaminetheuseofproxiesandVPNsystemswhichwouldplace allactivitybeyondthetrackingabilityofanyISP.Anyseriouscriminalactivity thetypethisbillis supposedtotarget wouldbeoperatedoverthesepubliclyavailableservicesandyousimply wouldntgetthelogyoudesire.Itseemsthisbillwouldonlyapplytothestupidortheinnocent. 23.Howsafelycancommunicationsdatabestored? Itcant.AsaleadsoftwaretesterIcanreliablyinformyouthatnosystemissecure,andnotdatabase doublyso.Giventhatyouwillwantthisdatabaseinternetaccessiblefordifferentdepartmentstouse itsamatterofwhen,notif,itgetshackedanddetailsmadepubliclyavailable. 24.Aretheproposalsforthefilteringarrangementsclear,appropriateandtechnicallyfeasible? No.Whileyouclaimtorecordonlydataheadersofinternetcommunication,itsimpossibletoreceive thiswithoutalsoreceivingthecontentofthetransaction. 25.HoweasywillitbeforindividualsororganisationstocircumventthemeasuresinthedraftBill? Veryeasy.AquickGooglesearchwillgiveyoualostofproxyserverspubliclyavailablethatyou cannottrackactivityover. 26.Arethereconcernsabouttheconsequencesofdecryption? Yes.Ifyoudecryptanencryptedtransaction,youaddatokentothattransactionwhichindicatesthat theactionwasdecrypted.Thiswillrenderanumberoffinancialcommunicationsinvalidasitwould appearthecommunicationhasbeentamperedwith.

98

Draft Communications Data Bill

Idoubtverymuchyouveperformedafeasibilitystudyofthisaction? July2012

Draft Communications Data Bill

99

Simon Cramp

IthinkjustliketomakethefollowingpointwhichmaybefurtherquestionsandconcernedIhave Inthedraftbillitseemstomakeclearitwouldbeifenactedasthecommunicationsdataact2012.but whatIcantfindinthedraftbillisanyconsultationwiththedepartmentofculturemediaand Olympicsandsportandbusinessandinnovationandskillswhoarethesponsoringdepartmentof ofcomthetelecommicationsregulationassetupundertheofficeforcommunicationact2002and thenprovidedandcarryoutitspowersunderthecommunicationact2003andwithaviewrecently bythesecretaryofstatefordcmsinamendingitwithanewwhitepaperlaterthisyearintheformof thedraftcommunicationsbillwhyisthehomeofficeseemtobeactingaloneinthedraftbillwhenit seemstherehasbeennodiscussionbetweengovernmentdepartmentImaybewrong. TwoOfcomaskedfordataalreadyfortelevisionandotherthingonavoluntarybasisformotioning thingswhydoesnotsayinthedraftbillthatperhapscertainnumbersofpeopleeitherviaofcomor thesecurityserviceareventied Itjustseemstocomefromthewrongwaythatitjustthehomeofficethatistheonlygovernment departmenttobethesponsoringdepartment TheotherthinkIwasgoingtosayIamconcernedreifsomeaccedeintlyclickonawebsitethey shouldntandthenconsquesieshappeningsayiftheyhavealearningdisabilityoramentalhealth problemwillitbetreatedwithsymphyandsentively.AlthoughIacceptitcanworktheotheraswell

August2012

100

Draft Communications Data Bill

Patrick Cunningham
1. Thebillisnotrequired.Therearemorethanadequateoptionsinplaceforgovernment agenciestoaccesstheprivateinformation,bothphysicalandelectronic,ofpeoplesuspectedofcrimes orterroristacts.Thesearewelltriedandtested,aresubjecttoproperscrutinybythecourtsandby parliament,andhavesuitablechecksandbalancesinplacetoensurefairdealingandreasonable recourseforindividualswhofeelaggrievedorunjustlytreated. 2. Thepowersenvisagedinthebillwillnotonlyremovetheopportunityforindividualsto challengeunfairtreatmentatthehandsofthepolice,theintelligenceservicesandothergovernment agencies,itwillremoveeventheirrighttoknowthatcertainactshavebeencarriedoutanddata collectedandretained.Thisfliesinthefaceofourlonghistoryofrespectforindividualhumanrights andtherightforindividualstoknowwhatdataisbeingheldaboutthembygovernmentagencies. 3. Theargumentthattheinformationgatheredwillonlybeusedforbenignandlegitimate purposespresupposesthatthecurrentlyprevailingpolitical,publicorderandmilitaryconditionswill continue.Thisisafallaciousargument;afuturedictatorialgovernmentorpolicestatewouldusethe informationandinformationgatheringchannelswhichthebillwillestablishforitsownpurposes. 4. Eventhepresentregimesofpoliceandintelligencehavebeenshowntoindulgeincoverups, illegalactivitiesandcontraventionsofhumanrights.Miscarriagesofjusticebecauseoftheillegaland unjustactionsofmembersofthepoliceandintelligenceserviceshavebeen,andcontinuetobe, uncoveredonadepressinglyfrequentbasis.Thisbillwillmakeitmuchharderforindividualcitizens touncoversuchfailings,shortcomingsandillegalactivities,andmakeiteasierforthoseperpetrating themtodosowithoutfearofdiscovery. 5. TheWaronTerrorhasresultedintheremovalofmanypersonallibertiesalready unnecessarilyandfarinexcessofwhatisrequiredtomaintainanadequatelevelofpublicsafety. Insteadofspendingmillionsonenhancingoursecurityservicesthegovernmentshouldbemaking realandeffectiveattemptstonegotiateapropersettlementoftheunderlyingglobalissues Palestine,humanrights,culturalrespect,fairtradeandmutualsupport.TheWaronTerrorwill neverbewon,becauseitisnotawar,itisnotafightagainstanoppressor,butanunstablesituation arisingoutofdeepseatedinjustices.Theseinjusticesarecapableofbeingresolved;allwelackisthe politicalwilltoresolvethem. 6 Ourdemocracyreliesonrespectforthethreepowerstheexecutive,parliamentandthe courtstomaintainaproperbalance,avoidtheunacceptableexerciseofpowerbyoneelementand maintainthebalancebetweentherightsoftheindividualandtheneedsofthegovernment.Thisbill fundamentallyunderminesthatbalance.Therequirementforgovernmentagenciestoobtainconsent fromthejudiciaryforarangeofactivitiesisoneofthemostfundamentalexpressionsofour commitmenttothebalanceofthethreepowers,andonewhichhasstoodthetestoftimeand permittedoursystemofpolicingbyconsent.Ifthisbalanceisshiftedfurtherinthedirectionitis alreadygoing,thegovernment,theintelligenceservicesandthepoliceruntheriskoflosingthe consentofthepeople,andthiswillresultinarapidbreakdownofouruniquesociety.Thisisalready happening;insteadofrespondingtoitwithincreasingauthoritarianism,thegovernmentshouldbe strivingtoredressthebalanceandtoregainthetrustandconsentoftheBritishpeople. 7. Inotefromyourconsultationdocument http://www.parliament.uk/business/committees/committeesaz/jointselect/draft communicationsbill/news/callforevidence/thatTheHomeOfficesuggeststhebenefitsthatcould bedeliveredbytheenactmentofthedraftBillcouldbeworthbetween56bnandtheestimated cost is 1.8bnover10years.Whatarethebenefitsreferredtoandhowhavethisfigurebeen arrivedat?Itworriesmethatthesebenefitswillincludecommercialadvantagederivedfromthe governmentsproposedsurveillance,somethingwhichisnotsupposedlyanintentionofthebilland somethingwhichwouldbewhollyimmoral,unjustifiableandabhorrentifitweretobecomefact.I

Draft Communications Data Bill

101

cannotenvisagehowthecountrycouldbenefittothetuneof56bnpurelyfromtheuseofthedata collectedwithinthetermsofreferencesofardisclosed. 8. TheBillenvisagestheestablishmentofanotherwholelayerofpubliclyfundedposts;an InterceptionofCommunicationsCommissionerandanInformationCommissioner,alongwiththeir offices,staffandestablishments.Thesepostsareunnecessary;wealreadyhaveawellestablished courtssysteminplacewhichundertakesmanyofthedutiesthesepostswouldfulfil,anddoesso effectivelyandcosteffectivelyinabalancedwaywhichholdstherightsandresponsibilitiesofboth citizensandofficialsinequalregard.Theofficialsappointedtothesenewpostswouldbepolitical appointeesandwouldnotbedirectlyanswerabletotheelectorateorthegeneralpublic.Theywould besubjecttopoliticalpressureandwouldnotthereforeadequatelyfulfiltheroleofguardiansofthe rightsofthepublic.Theywouldalsorepresentanunnecessaryexpense. 9. Iobjecttothetoneofyourconsultationpaper linkedtoabove .Itappearstoacceptthatthe billwillbeenactedinsomeformandasksquestionsdesignedtofinetunethebill.Itdoesnot addressthefundamentalissueofwhethersuchabillisneeded.Idonotacceptthatthebillisneeded. Itshouldbeabandonedforthwith,andthegovernmentshouldinsteaddraftabilloutliningthe safeguardsneededtoavoidunauthorisedaccesstoelectronicdata,inordertobringlegislationinto linewiththeelectronicage,withthesamecriteriaasastartingpointthatarealreadyincorporated intoourlegislationprotectingtraditionalmethodsofcommunicationpostalservicesandtelephony, forexample.Thisshouldcoverunauthorisedaccessbyindividualsandbygovernmentagencies.The newbillshouldalsoclarifythelimitswhichthecourtsshouldimposeonthevarioussurveillanceand lawenforcementagencies,andenshrinetherequirementforacourtordertobeinplacebeforeany surveillanceiscarriedout,withrobustrequirementsforevidencetojustifytheorder.Further,the conceptoftherebeingsomesystemofbargainingoverlegislationoutlinedinyouritem7.is abhorrent.Itwillneverbeacceptabletotradeoneareaofpersonallibertyforanother.Personal libertyisastartingpoint,andanyerosionmustbebackedupbyoverarchingargumentsofnecessity ineverycase.Itcanneverbevalidtoexchangeoneareaofcivillibertyforanother;ifitmightbe acceptableunderthesecircumstancestoscrapaninfringementoflibertywhichalreadyexists,then thatinfringementshouldbescrappedanywaybecauseitisclearlynotnecessaryatthemost fundamentallevelrequiredtojustifyitinthefirstplace. Inconclusion,thisgovernmentscrappedtheillconceivedandantilibertarianproposalofthe previousgovernmenttobuildanationaldatabaseandimposeidentitycards,andforthatIam grateful.Itisverystrangethatthesamegovernmentisnowintentonimposingundemocraticand unaccountablepowerstointerferewithourpersonalcommunications.Pleasethinkagain.Ofcourse therearemanyoccasionswhenitwillbejustifiedforourenforcementagenciestoaccessthepersonal communicationsofindividualsinvolvedinterrorismorcrime,buttherighttodosoisonewhich shouldbeexercisedwithrestraintandpropercare,andonlyinexceptionalcircumstances.Thisbillif enactedwouldopenthefloodgatesandresultininnumerableofficialsdemandingtherighttoknow whatwearesayingtowhomandwhen,onthemostuntenablegrounds.Itgoesagainstour fundamentalhumanrightsascitizensoftheUnitedKingdom,andshouldbedropped. September2012

102

Draft Communications Data Bill

Chris Davey
HastheHomeOfficemadeitclearwhatithopestoachievethroughthedraftBill? No,thereseemstobeseveralhighlevelobjectivesalongthelinesof Nationalsecurity,crime preventionanddetection butnoneseemtohavedetailedanalysisintohowthisbillwillspecifically addresstheseobjectives. HastheGovernmentmadeaconvincingcasefortheneedforthenewpowersproposedinthedraftBill? Thebilladdsapresumptiontoguiltontoeverypersoninthiscountry.Nomemberofparliament wouldagreetohavealloftheirphysicalmailoralloftheirfacetofaceconversationsmonitoredand recordedasitwouldbeagainsttheircivilliberties.Thesameshouldbetrueofeveryformof communication.Ifthereissuspicionofwrongdoingthenletthecourtsdecideifmonitoringisan adequateresponseinsteadofmonitoringthemajorityofpeoplewhoaredoingnothingwrong. Italsopresumesthatthepeoplewhoarecommunicatingaboutthingsofinterestedbetheycriminal orofnationalimportancewontbeencryptingthecontentoradjustingthedetailsofwhatisbeing senttowho.Itsthesamementalityasinternetprovidersblockingdirectaccesstopiracysites,this onlystopspeoplewhowouldntbeusingthemaccessingthem.Anyonewhowantstousethemknows howtoaccessthemviaothermeans.Inthesamewaythisisonlygoingtocaptureinformationon peoplewhodontwanttobetalkingviasecuremeans. HowdotheproposalsinthedraftBillfitwithinthewiderlandscapeonintrusionintoindividuals privacy? Thebillisclearlyhighlyintrusive.Thevastmajorityofpeopledonothingwrongandyetyouwantto capturedataonallofthem.Howcanthisbeposedasareasonableresponsetocrimeornational security. Arethereanyalternativeproposalswithregardtothetechniqueandcostofobtainingcommunications datathattheGovernmentcouldconsider? Yes,letthecourtsdecideonacasebycasebasiswhatcanbecaptureddependingontheriskinvolved inthecase. TheHomeOfficesuggeststhebenefitsthatcouldbedeliveredbytheenactmentofthedraftBillcould beworthbetween56bn.Isthisfigurerealistic? Whereistheevidencethatsupportsthis?Thepolicecanrequestaccesstothisinformationatpresent sohowisstoringitforlongerperiodsoftimegoingtoprovideanyformofpositivefinancialbenefit? Safeguards: Giventhegovernmentsformonkeepingdatasecureitisunlikelyanyamountofsafeguardscanmake thebillworthwhile.Therehavealsobeenanumberofhighprofilefailuresofcommunication providerstoproperlysecureinformationmuchofwhichhaslargelybeenleakeddirectlyontothe internetbyhackinggroups.HasanyanalysisbeenputintothecosttotheUKeconomyofall communicationrecordsbeingpotentiallypubliclyavailable? August2012

Draft Communications Data Bill

103

The Direct Marketing Association


Introduction TheDirectMarketingAssociation UK Limited DMA isEurope'slargesttradeassociationinthe marketingandcommunicationssector,withapproximately900corporatemembersandpositioned inthetop5%ofUKtradeassociationsbyincome.ThetotalvalueofdirectmarketingtotheUK economywasestimatedtobe9.1billionin2011.Thiscomprisesthreeseparatefigures;4.3billion onexpenditureondirectmarketingmediaandactivities,1.1billionongoodsandservicesbrought inbycompaniestoenabletheundertakingofdirectmarketingactivityand3.7billiononthe spendingofpeopleemployedintheindustryasconsumers PuttingaPriceonDirectMarketingThe DMAJuly2012 .TheDMArepresentsbothadvertisers,whomarkettheirproductsusingdirect marketingtechniques,andspecialistsuppliersofdirectmarketingservicestothoseadvertisersfor example,advertisingagencies,outsourcedcontactcentresetc.TheDMAalsoadministerstheMailing PreferenceService,theTelephonePreferenceServiceandtheFaxPreferenceService.Onbehalfofits membership,theDMApromotesbestpractice,throughitsDirectMarketingCodeofPractice,inorder tomaintainandenhanceconsumers'trustandconfidenceinthedirectmarketingindustry.The DirectMarketingCommissionisanindependentbodythatmonitorsindustrycompliance.Pleasevisit ourwebsitewww.dma.org.ukforfurtherinformationaboutus. TheDMAwelcomestheopportunitytorespondtothisinquirybytheJointCommitteeonthedraft CommunicationsDataBill. 1.GeneralComments. TheDMAwelcomestheGovernmentsplantorevisetheframeworkundertheRegulationof InvestigatoryPowersAct2000.Howeverwehaveamajorconcernovertheapplicationofthedraft CommunicationsDataBilltopostalservices. 2.PostalServices. WeareparticularlyconcernedoverClause25ofthedraftBillwhichextendstheapplicationofParts1 and2topostaloperatorsandpostalservices.Wearenotawarethatanypostaloperatorcurrently hasthetechnologytorecordtherelevantdetailssuchaswherealetterwithaparticularaddressonit waspostedorenteredthepostaloperatorssystem.Thecostofinstallingsuchasystemwouldbe immenseandwedoubtwhetherthebenefitswouldbeproportionatetothecostofinstallingsucha system. WenotethatinClause26ofthedraftBillthereisaprovisionrequiringtheGovernmenttomake arrangementstoensurethatpostaloperatorsreceiveanappropriatecontributiontowardtheircosts ofcompliancewithParts1and2.However,webelievethatthecostsofcompliancewouldbefarmore thananylikelycontribution. August2012

104

Draft Communications Data Bill

Mark Drury
1.IsubmitthatthedraftBilliswronginprinciplebecauseitseekstoturntheentireUKpopulation intocrimesuspects. 2.IfIamsuspectedofacrimethepoliceshouldinvestigateme,andobtainanorderfromajudgeif theyfeeltheneedtobreakintomyhomeorinterceptmycommunications.IfIamnotsuspectedofa crimethenthepoliceshouldleavemealonetogoaboutmybusiness. 3.Thepresumedlogicofthegovernmentsecurocratsappearstobe: Noactualcrimehasyetbeencommitted,butitmightbeinfuture,andbyanyone. Thereforeweneedtoputtheentirepopulationundersurveillance. 4.Thisisafurtherextensionofthestatecollecting,trawlingandretainingdataaboutpeople's everydayactivities'justincase'ANPRisanotherexample.ThisisinconsistentwithBritishvaluesas itviolatesboththeideaofbeing'innocentuntilprovenguilty'andthat'anEnglishman'shomeishis castle'. 5.HerMajesty'sGovernmentishappytopointthefingeratothercountrieswhichroutinelyspyon theircitizens.ButtheEastEuropeanSTASIcouldonlyhavedreamtofthesurveillancecapability moderntechnologyandthisdraftbillwouldhavegiventhem.Itiscompletelyinappropriatefora parliamentarydemocracy. 6.Inconclusion,asIamnotacrimesuspect,thestatehasnobusinessknowingwhoIamtalkingto freedomofassemblyandassociation ,whatIamreading respectformyprivateandfamilylife, homeandcorrespondence orwhatIamsaying freedomofexpression . July2012

Draft Communications Data Bill

105

Keith Edkins
1.3Thissubmissionrelatestotechnicalconsiderationsregardingcommunicationsovertheinternet. Letotherpensdwelloncostandprivacy. Sections2to4ofthissubmissionrelateto telecommunicationsoperatorsprovidingtelecommunicationsystems.Sections5and6relatetothe provisionofservices,andsection7toauthoriseddisclosureandtheRequestFilter.Finallyinsection 8Irefertothecommittee'squestions11,13,24&25andproffermyownanswers. 1.4Someofmycommentsarephrasedintermsthatimplementingalltherequirementswhichare theoreticallyprovidedforbytheBillwouldplacedisproportionateburdensonpersonsand companies.Ifitisnotenvisagedthatcertaintheoreticalrequirementswouldeverbeimplementedby order,thesecommentsmayalternativelybereadtoindicatethatthenonimplementationleavesgaps incoveragewhichindividualsororganisationscouldexploittocircumventtheintentionsoftheBill. 2.DomesticComputerSystems,andGeneralObservations 2.1Ingeneral,itappearstomethattheprovisionsintheDraftBillrelatingtocomputer communicationsaretoodeeplyrootedinanassumptionthatcomputerusageismuchlikelandline telephoneusage.Underthismodel,thecomputerusersitsathomeinfrontofacomputerconnected bycableorfibreopticstoarespectableBritishtelecommunicationsoperator,whoisentirely responsibleforhisinternetandemailcommunicationsandthereforeabletoseparatethedatafrom thecontent.Hehassignedawrittencontractwithhistelecommunicationsoperator whichIshall sometimesabbreviateasTO ,whothereforeknowswherehelives. 2.2EveninthissimplecasethereareuncertaintiesintheBill.TheExplanatoryIntroductionstates thattheBillwillnotrequirethecollectionofallinternetdatabutitisunclearwhatthismeans,and theBilldoesnotclarify.Doesitrequirethecollectionofallinternettrafficdata,viz.theaddressof everywebpagevisited,butnotthecontentsofthepages?Orwillitrequireonlyonerecordforeach domain aswww.officialdocuments.gov.uk visitedwithinsometimeperiod,perhapswithacount ofhowmanypageswereaccessed?Iassumethiswillbeclarifiedinthesection1orders,butitis regrettablethatitisnotpossibletocommentonitatthisstage.Iwill,fornow,pointoutthatmany webpagescontainadvertisements,foritistheadvertisingrevenuewhichfundsfreewebcontent.A samplepageonTheIndependentnewspaper'swebsite,forexample,invokedimagesandother contentfromnolessthan15domains,andatelecommunicationsoperatorisunlikelytobeableto distinguishthisadditionaltrafficfromthatwhichtheuserconsciouslyinitiated.Itwouldseemthat, whateverthelevelofcommunicationsdataintendedtobeheld,theamountofitthatwouldbe generatedisconsiderablymorethanmightatfirstsightbeexpected,andover90%ofitmaybe irrelevanttotheuser'sintendedactivity. 2.3ItislikelythattheuserwillbeconnectedtotheinternetthroughadomesticRouterorHubdevice whichalsoprovidesconnectivityforothermembersofhishousehold,includingwirelessconnectivity tootherrooms.Isahouseholderwhooperatessuchadeviceregardedasatelecommunications operatorwithregardtoothermembersofthehousehold?itwouldseemthathesatisfiesthe definitionofcontrollingorprovidingatelecommunicationsystem.Isagentlemantoberequiredto storecommunicationsdatainrelationtocomputerusagebyhischildren,hiswife,orhisservants?It isprobablynottheintentionthatasection1orderwouldbemadeoranoticeissuedinaninstance suchasthis;butsupposethehouseholdisacollege,oranentireapartmentblock,connectedtothe internetbyfairlysophisticatedroutingequipmentwoulditberequiredthattheoperatorsofthis equipmentrecordcommunicationsdata,overandabovethoserecordskeptbytheexternal telecommunicationsoperator,inordertodeterminewhichcommunicationsdatarelatestowhich individualcomputeruser? 2.4Ifacompany suchasBTRetail providesafullinternetserviceforsomecustomersandphysical connectiontothirdpartyinternetsuppliersforothercustomers,canordersmadeundertheBillbeso phrasedastoplacedifferentresponsibilitiesonitwithregardtothetwoclassesofcustomer?Andif, forexample,BTRetailisinturnbuyingsystemorservicecapacityfromBTWholesale,aretheyboth TOs,andifsocanordersbesophrasedastoavoidcompellingdoublecollectionofcommunications data?

106

Draft Communications Data Bill

2.5Willallnoticesmadeundersection1 2 b bepublished;ifnotwilltheexistenceandcontentsof noticesbeobtainablefromtheSecretaryofStateunderFreedomofInformationlegislation?Canan orderimposerequirementsorrestrictionsdirectly,withoutrecoursetoanotice,asthewordingof sections1 2 b and4 1 a ii appearstoallowbutforwhich8 1 b doesnotimposeadutyof compliance?Cananoticeeverbecancelled? 2.6HowistheSecretaryofStatetoidentifypersonswhoaretelecommunicationsoperatorswho needtobemadethesubjectofanorderandanotice?Thereisnorequirementonpersonswhothink theymightberegardedasTOstoproactivelydeclarethemselves. 2.7Insection28personincludesanyassociationorcombinationofpersons,whileinsection7 1 anoticeoftheSecretaryofStatemustspecifythepersontowhomitisgiven.Howshallthe SecretaryofStatespecifyanassociationorcombinationofpersonswhichisnotanorganisationwith arecognisedcorporatename?Ifthisistobedonebynamingseverallyalltheindividualsassociated orcombined,wouldthenoticebevoidforinaccuracy,orlapseuponanychangeintheassociationor combination?Further,whatconstitutespublicationin7 1 c ?itisneitherdefinedherenorinthe InterpretationAct1978.ArewetosupposethattheLondonGazetteisnormalreadingmatterfor telecommunicationsoperators?Writingisdefined intheInterpretationAct asincludinga mechanicallyproducedvisibleformsofwords.Doesthismeanitisimpossibletoserveanoticeby electroniccommunication,oronablindtelecommunicationsoperator? OthersectionsoftheBill havetheoptionofinaformwhichproducesarecordofithavingbeengiven. 2.8Willtelecommunicationsoperatorsbepermittedtonotifytheircustomersastowhat,ifany, communicationsdatatheyareholding? 3.PublicWiFiConnections 3.1Thesimpledomesticmodeldescribedin2.1aboveisnottheonlywayinwhichourcomputeruser canconnecttotheinternet.HecantakehislaptopcomputertoalocationofferingWiFiconnectivity. SuchWiFihotspotsmaybefound,interalia,incafs,ontrainsandlongdistancecoaches,andin hotels,andatpresentmayormaynotinvolvepaymentorregistration.Connectiontotheinternet maybethroughtwoconnectedsystems,onebeingprovidedbythelocationandonerunbya telecommunicationsoperatorcontractedbythelocation. 3.2IstheoperatorofaWiFihotspot caf,trainoperatingcompany,etc. toberegardedasa telecommunicationsoperator?Willheberequiredtoobtainpersonalidentificationbeforeallowing computeruserstoconnecttotheinternetviahissystem whichhemaynotneedtodoforbusiness reasons ,andtoretainthisinformation;oratleasttorecordsomeuniqueidentifierofthecomputer, suchasitsMediaAccessControl MAC address?Alternatively,ifthehotspotisconnectedtothe internetthroughaseparatetelecommunicationsoperator,willthatTOberequiredtoobtainand retainuserorcomputerinformationadditionaltothatrequiredwhenprovidingservicetoadomestic user,forthepurposeofidentifyingtheindividualwhousedthesystems? 4.PublicComputers 4.1Apersonmaymakeuseofacomputerwhichisnothisown,butisprovidedasapublicor commercialservice.Publiclibrariesareatypicallocationwheresuchcomputersmaybefound,asare InternetCafs. 4.2Istheoperatorofaccesscomputers libraryauthority,InternetCaf,etc. toberegardedasa telecommunicationsoperator?Willthatoperatorbeexpectedtoobtainpersonalidentification,as askedin3.2above?Wouldschoolsallowingpupilstousecomputersberequiredtokeepdataonthis use?Wouldasimilarrequirementextendtoemployersprovidingcomputersfortheuseoftheir employeeswouldthisdependonwhetherornottheemployerpermitsadegreeofprivateuseof thecomputers? 5.Webmailservices,andInternationalconsiderations

Draft Communications Data Bill

107

5.1Movingonfromthesystemstotheservicesaspectoftelecommunicationsprovision,thecomputer usermaychoosenottousetheemailserviceofthecompanyprovidinghisinternetconnection,but insteadtouseawebbasedemailservicesuchasthepopularoneprovidedbyGoogleMail,currently brandedasGmail. 5.2 Digression SinceGoogleisbasedinMountainView,California,USA,thisisaconvenientmoment forsomeremarksoninternationalaspectsoftheDraftBill.Section33 4 statesthatthisActextends toEnglandandWales,ScotlandandNorthernIreland thatis,theentireUnitedKingdom .Thisis standardphraseologyforanActofParliament,andisoverriddenintheDraftBillonlybythe definitioninsection28ofatelecommunicationsystemexistingintheUnitedKingdomor elsewhere;butfailstoaddressthefactthatwearedealingwithaWorldWideWeb.Forexample, againinthedefinitionsection28,communicationincludessignalsservingeitherforthe impartationofanythingbetweenpersons,betweenapersonandathingorbetweenthings.Arewe thentoreadthisasmeaningimpartationbetweentwopersonsorthingsbothofwhomareinthe UnitedKingdom?Itseemsveryunlikelythatthisisactuallytheintention.Isit,then,supposedto meanimpartationbetweentwopersonsorthingsatleastoneofwhomisintheUnitedKingdom? Possibly,althoughthiswouldseemtobethemoststrainedreadingpossibleofsection28,anda difficultobjectiveforaTOtoachieve.ItwouldseemthatonceaTOismadesubjecttoanoticeofthe SecretaryofState,theycanonlypracticallyobeyitbyretainingallcommunicationsdatawhichcomes theirway,throughanypartoftheirtelecommunicationsystem.Ifthelawfulnessofthis,possibly excessive,retentionisquestionedinotherjurisdictions,theymustarguethatthisisconductin pursuanceoftherequirementofwhichtheyhavebeennotified,undersection8 3 b .Further, sections5&6definerequirementswithregardtothesafeguardingandthetimelydestructionof communicationsdataheldinaccordancewiththeBill;howeveritwouldappearthattheseclauses wouldnotbecontravenedbydatadisclosureoroverlongretentionoccurringoutsidetheUnited Kingdom,particularlyifthedatawasinitiallycollectedoutsidetheUK. 5.3Asfurtherdigressions,withregardstosection5 andperhaps6 ,shouldnottheBillprovidethat theSecretaryofStatemaybyOrderpermitthatcommunicationsdataheldtosatisfyUKlegislation mayalsoberetainedandusedtosatisfyspecifiedparallel,suitablysafeguarded,legislationofother nations toavoidthenecessityofTOshavingtoretainaseparatecopyoftheircommunicationsdata foreachnationtheyoperatein ?Further,withregardstosection8 1 a asitbearsonsection5,is anapplicationforinjunctivereliefreallyaneffectivemeansofenforcingaprovision viz.prohibition ofdisclosure wherethebreachoftheprovisionwillonlybecomeapparenttotheSecretaryofState afterthebreach,andanyensuingdamage,hasalreadyoccurred?Withregardtothedefinitionin section28ofatelecommunicationsystemexistingwhollyorpartlyintheUnitedKingdomor elsewhere,thisappearstoincludethecasewhollyelsewhereisthatreallytheintentionorshould theorelsewhereberemoved? 5.4Returningtowebmail,isanoverseascompany,suchasGoogleinrespectofGmail,toberegarded asatelecommunicationsoperatoronwhomanoticecanbeservedundersection1 2 b ?Inthelight ofsection33 4 Iwouldarguenot,evenbytheBill'sownphrasing,letalonethepracticallimitsofthe powersofourParliament.Icontendthatinsection28telecommunicationsoperatormeansa personintheUnitedKingdom regardlessofwheretheirsystemexists ,andthatpersonincludes anorganisationintheUnitedKingdom;andthatinsection7 1 c thenoticeoftheSecretaryofState mustbegivenintheUnitedKingdom.Furtherthatevenifanoticewereconsideredserved,under section8 2 thedutyisonlyenforceablebycivilproceedingsintheUnitedKingdom,wherethe Courtswouldhavetroubleestablishingjurisdictionoveracompanybasedoverseas.Insection 9 3 d anauthorisedofficercouldonlyissueanoticeintheUnitedKingdomtorequirea telecommunicationsoperatortodisclosedata.Sections5and6onlimitsofaccessanddata destructionwouldnotapplyatalltoaTOoutsidetheUnitedKingdom.Numerousotherlimitations couldbeevinced;forthemomentIwillconcludebyassertingthatundersection26 6 cost contributionpaymentswouldbeeligibletobemadeoutofmoneyprovidedbyParliamentonlywhen paidtoTOsintheUnitedKingdom. 5.5InthecaseofaUKbasedwebmailoperatoronwhomanoticecouldbeserved,issection 1 2 a i expectedtobeusedtorequiresuchoperatortoobtainacoresetofSubscriberdata

108

Draft Communications Data Bill

whichhemaynotrequireforhisbusinesspurposes,suchasrealname,addressandperhapsdateof birthoftheuser?Atpresent,asanexample,thesignupforGmailrequestsonlynameanddateof birth,anditseemsnoattemptismadetoverifyeventhese.Itisthereforeextremelyeasytoobtain multipleemailaccounts,oraccountsinbogusnames,fromsuchcompanies,asExplanatoryNote73 pointsout andregistrationsformanyotherservicesareonlycheckedbyrequiringaresponseto anemail,whichisreallynocheckatall .Wouldtheoperatorberequiredtotakestepstovalidatethe subscriberdata,e.g.bydemandingacknowledgmentofapostalcommunicationsenttothepurported address which,quiteasidefromitsludicrouslowtechnatureanddelaywouldn'tactuallyprovethe name ?Iftheoperatorisrequiredtoobtainsuchdata,wouldhethenberequiredtoattempttokeep theaddressuptodate,giventhatmanycomputeruserswillchangeaddressquiteoften?Wouldhebe requiredtoobtainthisdataretrospectivelyfromuserswhosignedupbeforethepassageoftheBill intoanAct?ItseemslikelythatimposingamoreoneroussignupprocedureonTOssubjecttonotice thanthatusedbyotheroperatorswoulddriveuserstochooseoneoftheotheroperatorsformere convenience,eveniftheyhavenoactivereasontoconcealtheiridentities. 5.6Doesthedefinitionoftelecommunicationsoperatorsextendtopersonsforwhomprovisionofa telecommunicationsserviceisincidentaltotheirprincipalactivity?WhatIhaveinmindis collaborativeprojectswhichprovideameansforcollaboratorstocontactoneanotherwithout publiclydivulgingemailaddresses andtherebyexposingthemtotheactivityofspammers .I myselfsometimesreceiveemailthroughthreesuchprojects:GeographBritainandIreland,Project GutenbergDistributedProofreaders,andOpenStreetMapping,towhichIcontribute.Itisofno importancetothecollaboratorswhetherthesearebasedoverseas PGDPisbasedinNewJersey or intheUK astheothertwoare .Registrationfortheseprojectstypicallyonlyrequiresonetogivea name whichisn'tvalidated andanemailaddress whichaswehavesaidbeforecaneasilybe obtainedwithoutvalidation .Asfarastheemailstageofthecommunicationgoes,theprojectsare indeedactingastelecommunicationsoperators,butintheemailheaderthesenderappearstobethe project,nottheoriginatinguser,whose purported nameappearsonlyascontentoftheemail.To obtainsubscriberdata forwhatitisworth itwouldbenecessarytocaptureinformationatan earlierstageintheprocess,atthepointwhereawebconversationisusedtogenerateanemail. 6.SocialMedia 6.1Thespaceofthissubmissionisnotgoingtopermitmetoaddresscomprehensivelythequestion ofmessagessentthroughmodernsocialmediasystems,whichdonotutiliseemailatall.Iwillmerely makesomeobservationswithregardstotrafficdataandTwitter,thesystemwithwhichIammost familiar ignoringforthemomentthecomplicationthatTwitterisbasedinSanFrancisco . 6.2Twittermessages tweets canreachrecipientsinatleast3ways.Theclassicmethodisthata tweetisnotexplicitlyaddressed,butisroutedtothoseotheruserswhoarefollowingthetweeter. Thelistoffollowerscanbeextremelylongforapopularaccount:theofficialaccountforsingerAdele hasover8millionfollowers thisnumberappearstobeincreasingbysome1520perminuteand willthereforebeapproaching9millionbytheclosuredateforsubmissionstoyourCommittee.I believethisisthegreatestnumberoffollowersforanyBritishperson,andthatmanyofthefollow linksareautomaticallygeneratedratherthandeliberatelylodgedbythefollowers. Canthedefinition ofTrafficDatalogicallyassociatedwithacommunicationbestretchedtocoverthisfollowerlist? Well,perhaps,althoughIwouldsayitislogicallyassociatedwiththeaccountratherthanthe message.Inanycasethereisthequestionofthepracticalityofstoringthesheervolume;becauseas eachperson'slistoffollowersmaychangebetweensuccessivetweets,thecurrentlistoffollowers willhavetobestoredseparatelyforeachtweet.Itseemsquitepossibleforthecommunicationsdata associatedwithatweettobeamilliontimeslargerthanthetweetcontents!Andinanycase,Twitter donotholdvalidatedsubscriberdata,onlyapurportednameorpseudonym,andanemailaddress whichmayhavebeencreatedforabogusname,foreachTwitteraccount. 6.3Thesecondmethodisforatweettobeexplicitlyaddressedtoanotheruserbyincludingtheir usertaginthemessage,as@keithedkins inwhichcasethetweetwillalsobeseenbyyour followers;althoughifyoureplytoanincomingtweetthereplyisonlyseenbythoseofyourfollowers whoalsofollowthesender.Areyoustillwithme? .ThistagnodoubtqualifiesasTrafficdata,being

Draft Communications Data Bill

109

informationidentifyingtherecipientcomprisedinthecommunication,andTwittermusthaveto extractitforoperationalpurposes,sopresumablywouldbeabletoretainit.Suchextractionwould howeverconflictwiththestatementintheExplanatoryIntroduction andvariantstothesameeffect intheexplanationsbutnotsoclearcutintheBill thatcommunicationsdataisverydifferentfrom communicationscontent,forsuchatagisbothdataandcontent.Apopularformoftweetisa recommendationofaccountsworthfollowing,whichconsistsalmostentirelyof@tags,andtherefore thetrafficdatarequiredtobestoredwouldcomprisealmosttheentirecontentofthemessage. 6.4Thirdly,tweetscanberetrievedbyuserstowhomtheyarenotdirectlyaddressed,andwhoare notfollowingthesender,bysearchingonthecontents.Thesendermayfacilitatethisbyincludinga hashtag,thus#TellDaveEverythingalthoughwiththecurrentTwittersoftwareanywordor wordsinthetweetmaybesearchedfor.Theuseofhashtagsenablesspontaneouslyformedinterest groupstocommunicateinamannerwhichescapestheclutchesoftheDraftBill,asthereceiptof messagesisentirelybasedoncontentwhichcouldnotplausiblyberegardedastrafficdata. 6.5Otherwaysofcommunicatingwithoutemailaretoonumerousformeeventolistfully,letalone considerindetail.AmongstthemareothersocialmediasitessuchasFacebookandLinkedIn, discussionforums,"haveyoursay"boxesonnewssites,weblogsorblogswhichallowresponsesto beposted,directcommunicationswithwebsitessuchasebankingandecommerce,and collaborativelyeditedsitessuchasWikipedia.Afrequentfeatureinsuchsystemsisthatthe distinctionbetweencommunicationsdataandcommunicationscontentisobscure,orthat communicationsareavailabletobereadbypersonsnotconnectedtothemessageby communicationsdatainanyway. 7.Disclosure&theRequestFilter 7.1Iwillnowmakesomeobservationsonsections1416regardingRequestFiltering,withsome commentsonauthoriseddisclosureingeneral.Asaleadin,section9 1 b ii ,relatingtothe obtainingofcommunicationsdataforthepurposesoftestingordevelopingsystems,whileclearly verynecessary,appearstobesomethingofanafterthoughtthispurposeisnotfollowedthroughin section9 6 .Isjudicialapprovalundersection11requiredforalocalauthoritytoobtaindatawith whichtodeveloportestitssystems?Does9 5 b ,whichforbidsthedisclosureofPart2datatoany personotherthananauthorisedofficer,permitittobedisclosedtothesystemprogrammersfor testingpurposes,giventhatthesemaybeemployedbyexternalcontractorsandevenbased overseas?Aparallelprovision16 5 a regardingtestingofsystemsusedforfilteringwouldappear torequiretheSecretaryofStatetoobtainoperationalcommunicationsdataforthepurposeof testing.Thispurposeisfollowedthroughin16 2 b and16 3 ,althoughsomewhatcumbersomely requiringeveryindividualwhomayread,obtainorprocessthedatatobeauthorisedbythe SecretaryofState;buttheredoesnotappeartobeanydefinedprocedurefortheSecretaryofStateto obtainthisdata,onherownbehalf,bysomeformofnoticewhichfallsshortofbeinganauthorisation. 7.2TheExplanatoryNotes 84 appeartoenvisagetheoperationoftheRequestFilter,potentially correlatingseveralstreamsofrawdatatoproducethelimiteddatarequestedbythedesignated seniorofficerapublicauthority,asapurelyautomatedprocess.Thisstrikesmeaswhollyunrealistic. IwouldhaveexpectedeachinvestigationforwhichrecourseisneededtotheRequestFiltertobe uniqueincharacterandneedtobeundertakeninaninteractivemannerinwhichsentienthuman beingsattemptdataextractions,viewtheresults,andrefinetheirattemptsaccordingly frankly,I doubtwhetheritcanbemadetoworkatall,butIwillleaveotherstodiscussthis .Iwouldexpect thesehumanoperatorstoneedamixtureofdetectiveskills suchasonemighthopetofindinthe verypolice&securityforceswhichtheRequestFilterisservingtokeepatarm'slengthfromthe data anddatabasemanipulationskills whichwouldmostlikelybefoundinexternalcontractors ; andindeedsection16 1 a providesfortheSecretaryofStatetoauthoriseindividualstocarryout theseactivities.Iwonderquitewhotheseparagonsofvirtueare,whocanbetrustedtohandledata whichthepoliceandsecurityservicescannot.Ialsofeelitislikelythatwhenthedataisdeliveredup tothedesignatedseniorofficerconcerneditwillprovetobenotquitewhathewanted,especiallyif heisonlyabletomakehisrequirementsknownthroughtheoriginalauthorisationinwriting or othermeansleavingarecord ;andifhehasthentoissueanamendedauthorisationtotelltheFilter

110

Draft Communications Data Bill

whathereally,really,wants,theinterestsofjusticewillnotbewellservedifthebasicdatahas alreadybeendestroyedinsuchawaythatitcanneverberetrieved. 7.3Withregardtodisclosure,thistermdoesnotseemtobedefinedintheBill.Isuggestitshouldbe madeclearthatmerelypassingcomputermediafrompersontopersoncontainingfilesof communicationsdata,incircumstancesinwhichitcannotbereasonablyanticipatedthattheywillbe readorprocessedbyunauthorisedpersons,doesnotconstitutedisclosure.Suchpassingwould includeplacingbackuptapesinsecuredepositories,andtheconveyanceofauthorisationdataon dismountablemedia DVDs,say byRoyalMailorothercarriers.Thereprobablyalsoneedstobe provision,connectedtosection13 1 ,toprovidethatauthorisationdatamustbedisclosedina convenientform,toavoidthepossibilityofarecalcitrantTOdisclosingthedataintheformofa truckloadofpaperprintoutoronamillionfloppydisks andthenaddinginsulttoinjuryby reclaimingthecost . 7.4Explanatorynote9statesthatCommunicationsdatacanbeusedasevidenceincourt.Willthe SecretaryofStateretainexpertwitnessestoexplainhowtheRequestFilterworksingeneralandhow itwasappliedinaspecificcase,andwhatlevelofcredencecanbeplacedinitsoutput?Willitnot causeadversecommentincourtiftheCounselfortheProsecutionstatesthattheevidenceheis presentinghasbeenprocessedandfiltered,andthatmoreovertheoriginalevidencehasbeen destroyedinsuchawaythatitcanneverberetrieved?HowfarbackintotheRequestFilterprocess willtherequirementofdisclosureundertheCriminalProcedureandInvestigationsAct1996extend, ifatall? 8.Conclusion 8.1FinallyIwillprofferanswerstofouroftheCommittee'sQuestions.MyresponsetoQuestion11. Arethedefinitionsofcommunicationsdataandcommunicationsserviceproviderappropriate?Do theysensiblydefinethescopeofthepowersinthedraftBill? No.Theyaretoobroadlyphrasedtobeimplemented,therequirementoninternetdataisnoteven clear.Conversely,whatcanactuallybeimplementedwillbesignificantlyincomplete. 8.2MyresponsetoQuestion13.Howrobustaretheplanstoplacerequirementsoncommunications serviceprovidersbasedoverseas? Aboutasrobustasachocolateteapot. 8.3MyresponsetoQuestion24.Aretheproposalsforthefilteringarrangementsclear,appropriate andtechnicallyfeasible? No;unanswerablebecauseoftheothersectionsofthisresponse;probablynot. 8.4MyresponsetoQuestion25.Howeasywillitbeforindividualsororganisationstocircumvent themeasuresinthedraftBill? Aseasyasobtaininganuntraceablewebmailaccount.About2minuteswork. July2012

Draft Communications Data Bill

111

Bruce Elliot
ThedraftbilltroublesmedeeplyandIdonotbelievethatitshouldbepassedinitscurrentform. Thenatureoftheintrusionconcernedwithcollectingandanalysingcommunicationsdata Istartfromtheobservationthatthecollectionofcommunicationsdatawhichthebillseeksto facilitateisextremelyintrusive.Acomprehensivesetofsuchdatarelatingtoapersonorpersons wouldenabletheownerofthedatatodrawfirmconclusionsabout: Thesexualpreferencesofthepeoplemonitoredandtheiractualpractices Thereligiousandpoliticalbeliefsofthepeoplemonitoredandtheirmembershipofpolitical organisations Thesocialcontactsofthepeoplemonitored,includinganyextramaritalaffairs Anyactualorsuspectedhealthconditionsforthepeoplemonitored Itseemsquiteclearthatthecollectionofsuchdataisasignificantinvasionofprivacy,ofsimilar magnitudetothesearchingofaprivateresidence.Ifanyoneisindoubtaboutsuchastatement,they mightliketoconsiderthe hopefully hypotheticalpossibilitythatsuchdatamightfallintothehands ofthelessscrupulouspartsofthemedia. Thesafeguardsagainstmisuse Iacceptthatthereareoccasions,inattemptingtopreventanddetectgreatcrimes,wheresuchan invasionmaybejustified.Itseemstomethatthesafeguardsagainstabuseshouldbeofsimilar strengthtothoseagainstabuseofthepowertosearchprivateresidences.Itthereforeseemstome thisdatashouldonlybecollectedunderthatauthorityofawarrantissuedbyajudge.Italsoseemsto methatadditionalsafeguardsshouldincludethefollowingasaminimum: Thereshouldbearequirement,exceptinverylimitedcaseswherepublicsafetymightbe compromised,thatsubjectsofdatacollectionshouldbeinformedthatthedatahasbeencollectedon themwithinaperiodoftimefromthecollection.Afterall,onecannothaveoneshomesearched withoutknowingaboutit. Thereshouldbearequirementforcommunicationsdatacollectedtobedeletedwithinalimited periodunlessitisbeingusedinanactiveinvestigationandproceduralsafeguardsthatthatexception isnotusedasaloophole Thereshouldbearequirementongovernmentagenciescollectingcommunicationsdatatopublish statisticsonhowmanypeoplearethesubjectofsuchcollection,bothasamatterofprincipleandto reassurethepublicthatthepowersarenotbeingmisused. IamnotanexpertontheECHRbutitseemstomethatthespiritoftheconventionwouldrequire safeguardsofthissortofstrength,iftheUKistoclaimcompliance. TheneedtoavoidinadvertentlycriminalisingthosewhousecommunicationsprovidersoutsidetheUK Asaseparatepoint,itseemstomethatthosedraftingthebillshouldtakegreatcarenottodosoina waywhichcriminalisesthosewhousecommunicationsprovidersoutsidetheUKbyplacing obligationsuponthempersonallytoretaincommunicationsdata,whichinpractice,thegreat majorityofindividualswillbeunabletocomplywith. August2012

112

Draft Communications Data Bill

Equality & Human Rights Commission


Scopeofthissubmission 1. ThissubmissionsetsouttheEqualityandHumanRightsCommissions theCommissions analysisofthedraftCommunicationsDataBill;specifically,howproposalsalignwithequality andhumanrightslaw. ThisrelatestotheCommissionsstatutorydutytomonitorandadviseonequalityandhuman rightsenactmentsandadviseonthelikelyeffectofaproposedchangeoflaw 141. Inparticular,proposalsforthisdraftbillhavebeenassessedinrelationtoArticle8ofthe HumanRightsAct:

2. 3.

Article8:Righttorespectforprivateandfamilylife 1 2 Everyonehastherightforhisprivateandfamilylife,hishomeandhiscorrespondence. Thereshallbenointerferencebyapublicauthoritywiththeexerciseofthisrightexceptsuch asisinaccordancewiththelawandisnecessaryinademocraticsocietyintheinterestsof nationalsecurity,publicsafetyortheeconomicwellbeingofthecountry,forthepreventionof disorderorcrime,fortheprotectionofhealthormorals,orfortheprotectionoftherightsand freedomsofothers. Inconsideringhowthelegislativeframeworkforcommunicationsdatashouldbereformed, theCommissionhasdrawnonitsresearchstudypublishedin2011,'Protectinginformation privacy' 142.Asummaryofthisissetoutbelow.

4.

Introduction 5. Oneofthemostimportantdutiesofastateistoprotectthesecurityofitscitizens,especiallyby enablingcriminaljusticeagenciestopreventanddetectcrime.Inextremecases,thismay engageArticle2oftheHumanRightsAct:therighttolife 143.TheCommissionrecognisesthat dischargingthisobligationwhilestillprotectingfundamentalcivilliberties,suchastherightto privacy,presentssignificantdifficultiesinmoderntimes. 6. Technologicalchanges,particularlyoverthelastdecade,havecreatednewproblemsin gatheringintelligencetopreventanddetectcrime.Peoplearecommunicatinginanincreasing

141EqualityAct2006,section11. 142'Protectinginformationprivacy',Raab,C.AndGoold,B.,EqualityandHumanRightsCommission

2011http://www.equalityhumanrights.com/uploaded_files/research/rr69.pdf

143Article2:RighttoLife,HumanRightsAct1998

1 Everyone'srighttolifeshallbeprotectedbylaw.Nooneshallbedeprivedofhislifeintentionally saveintheexecutionofasentenceofacourtfollowinghisconvictionofacrimeforwhichthe penaltyisprovidedbylaw. 2 DeprivationoflifeshallnotberegardedasinflictedincontraventionofthisArticlewhenitresults fromtheuseofforcewhichisnomorethanabsolutelynecessary a indefenceofanyperson fromunlawfulviolence; b inordertoeffectalawfularrestortopreventtheescapeofapersonlawfullydetained; c inactionlawfullytakenforthepurposeofquellingariotorinsurrection.

Draft Communications Data Bill

113

varietyofnewwaysandingreaternumbers.Datageneratedthroughelectronic communicationsisalreadyvastandwillcontinuetogrow. 7. Developmentsinelectroniccommunicationshavealsoalteredpublicperceptionsofwhatisor isnotintheprivatedomain.Theconceptofinformationprivacyisstrugglingtoevolveinline withthepaceoftechnologicaladvances.Thisdraftbillprovidesanopportunitytoaddressthis andtoreconsiderandreachconsensusonwhatinformationprivacymeans. Mostwillagreethecurrentlegislation,particularlyRegulationofInvestigatoryPowersAct 2000 RIPA ,hasbecomeoutdated,soreformisrequiredtomodernisethelaw,butthereare othergoodreasonstochangethelawtoo. Devisingaworkableregimethatcanplugtheintelligencecapabilitygapwithoutcreatinga statesurveillanceregimeamountingtoasnooperscharter bydefault isthedifficulttaskthat thegovernmentandlegislatorsface. Thehumanrightslegalframeworkprovidesthebasistofindtherightbalancebetween competingconsiderations,suchassecurityandprivacy.Thecentralquestionfromahuman rightsperspectiveiswhetherthemeasuresinthebillareaproportionateintrusiononthe righttoprivacyandalsootherhumanrightsthatcouldalsobeengaged.

8.

9.

10.

TheCommissionsevidence 11. In2011,theCommissionpublishedareportoninformationprivacy,examiningthreats, particularlyrelatedtotheactivitiesofthestate,whichhaveemergedinrecentyears144. 12. Thecentralfindingofthisreportwasthattheexistingapproachtotheprotectionof informationprivacyintheUKisfundamentallyflawed,andthatthereisapressingneedfor widespreadlegislativereforminordertoensurethattherightscontainedinArticle8 145are respected. 13. Thereportarguesfortheestablishmentofanumberofkeyprivacyprinciplesthatcanbe usedtoguidefuturelegalreformsandthedevelopmentofsectorspecificregulation.It identifiestwoprincipalareasofconcern:thestateshandlingofpersonaldataandtheuseof surveillancebypublicbodies Keyfindings 14. Theprivacylandscapehasbeentransformedinrecentyearsbyaseriesoflandmarklegislative reforms,includingtheHumanRightsAct,theDataProtectionActsof1984and1998,andRIPA. 15. Therehasalsobeenadramaticincreaseintheamountofpersonalinformationheldbythe publicsector,duetotechnologicaldevelopmentsandasteadyexpansionoftheroleofthe state.

144'Protectinginformationprivacy',Raab,C.AndGoold,B.,EqualityandHumanRightsCommission

2011http://www.equalityhumanrights.com/uploaded_files/research/rr69.pdf

145Article8:Righttorespectforprivateandfamilylife,HumanRightsAct1998

114

Draft Communications Data Bill

16.

Thecurrentsystemhasaweak,fracturedandpiecemealapproachtotheprotectionofhuman rightstoprivacy.ActssuchastheDPAandRIPAareriddledwithgapsandcontradictions,and arealsointerpreted,administeredandoverseenbyarangeofseparateregulators, independenttribunals,andcourts.Asaconsequence,ithasbecomeverydifficultfor individualstounderstandwhathappenstotheirpersonalinformation,orwhattheyshoulddo whenthatinformationismisused.Thecurrentsystemhasfailedtoprotectprivacyrightsina numberofcases. Theproblemislikelytobecomemoreacute.Thestatesdemandsforpersonalinformationwill continuetogrowinrelationtonationalsecurity,lawenforcementandcitizensaccesstopublic services.Sofar,thisexpansionhasbeenaccompaniedbyonlyarelativelysmallincreaseinthe powersorresourcesavailabletoregulatoryauthoritiessuchastheInformation CommissionersOfficeorthevariousCommissionersinthefieldofsurveillance. Amorecomprehensiveapproachtoprivacyisneeded,basedonafirmcommitmentto implementationofArticle8oftheECHR.Thisinvolvesreformingthelawandtheregulatory systemtocreateacomprehensiveprivacyprotectionregimetosupersedethepiecemeal inventoryofmeasuresortoolsimplementedinadisjointedfashionbyvariousagents.The relevantregulatoryagenciesneedtobestrengthened. Lawisessential:withoutlegalspecificationofprivacyrights,otherinstrumentsarelikelytobe incapableofprovidingtheremediesthatindividualsmayneed.Thelawneedstobeflexible enoughtorespondtothemanyandvariedthreatstoprivacy. Theprincipleswrittenintolaworunderpinningitmustbereflectedinthespecificationof otherinstruments.Theseareseenasreinforcementsandcomplementstothelawandnotas substitutesfor,orweakerversionsof,privacylaws. Therearemanywaysofprotectingprivacyinadditiontolegalprovisions,includingself regulatoryapproaches,'privacyenhancingtechnologies',privacybydesign,andpublic awarenessandeducation.Suchcomplementary,nonlegalapproachestotheprotectionof informationprivacyhaveanimportantparttoplayinupholdinginformationprivacyrights.

17.

18.

19.

20.

21.

Recommendations 22. Thisreportmakesfourmainrecommendations: 23. AclearsetofprivacyprinciplesshouldbedevelopedbasedontheHRAprovisionsandused asthebasisforfuturelegislation,andtoguidethedecisionsofregulatorsandgovernment agenciesconcernedwithinformationprivacyanddatacollectionindifferentcontexts. 24. Existinglegislationthattouchesonprivacyshouldbereformedtoensurethatitisconsistent withtheprivacyprinciplesrecommendedearlier.Atminimum,suchreformshouldconsolidate andimprovetheexistingRIPAanddataprotectionregimesinrelationtoinformationprivacy andsurveillance. 25. Greaterregulatorycoherenceshouldbepromoted.Thereshouldbeanefforttorationaliseand consolidatethecurrentapproachtotheregulationofsurveillanceanddatacollectioninthe UK,withparticularattentionpaidtotherelationshipbetweenthevariousstatutory Commissionersresponsibleforprotectinginformationprivacy.

Draft Communications Data Bill

115

26.

Improvedtechnological,organisational,andothermeansofprotectionshouldplayanintegral partininformationprivacyprotection.Thedevelopmentanduseoftechnologicalandnon legalsolutionstotheproblemofinformationprivacyprotectionshouldbeencouragedby government,andmoreresourcesdevotedtopubliceducationandawarenessaroundprivacy.

27.

Therighttoprivacyisatriskofbeingerodedbythegrowingdemandforinformationby governmentandtheprivatesector.Unlesswestarttoreformthelawandbuildaregulatory systemcapableofprotectinginformationprivacy,wemaysoonfindthatitisathingofthe past. TheCommissionsanalysis 28. Respondingtothejointcommittee'scallforevidence,theCommissionwillsetoutananalysis ofthehumanrightsissuespertainingtotheDraftCommunicationsDataBill,basedonour expertperspectiveasaUnitedNationsaccredited'Astatus'NationalHumanRightsInstitution NHRI . 29. Insummary,theproposalsinthedraftbilltocollectandstoreallformsofelectronic communicationsintheUKfor12monthswhichsomepublicauthoritiescanthenaccess, basedonanumberofbroadlydefinedpurposesappeartobetoovagueandwillinterfere withtherighttoprivacy.Consequently,themeasureswillneedtobeclearlyjustifiedand thoroughlyscrutinised.Currently,basedontheinformationpresented,ouranalysisisthata cogentandcompellingcasefortheproposedmeasureshasnotbeenmade. 30. Everyoneconcernedabouttheirsecuritywishestoseethepolicegivenjustifiablepowersto investigatecrimes.However,sincethenatureandextentoftheproblemsthepolicehave experiencedresultingfromtheintelligencecapabilitygaparenotknown,itisdifficultto answerquestionsrelevanttoassessingtheproportionalityofthemeasures.TheCommission wouldadvisethatitmaybeusefulforthejointcommitteetobepresentedwithfurther evidence,fromtheHomeOfficeand/ortherelevantpublicauthoritieswhowouldliketohave thesepowers,toenablebetterconsiderationoftheeffectivenessoftheproposedmeasuresand investigationofalternatives. 31. Itisclearthatsensitiveinformationconcerningthereasonsforthediminishingintelligence capabilitygapcannotbedisclosedpubliclybecausethiscouldcompromiseexistingcrime preventionandinvestigationcapabilities.Nevertheless,theimportantdemocratictaskof parliamentarylegislativescrutinymustbeproperlysupportedbythegovernmentandrelevant publicauthoritiesinrelationtothisbill. 32. TheCommissionsanalysiswouldfurthersuggestRIPAisunlikelytobethebestvehicleforthe newlegislation.TheCommission'sanalysisofRIPAandtherighttoprivacyaresetoutfullyin theresearchreport'Protectinginformationprivacy' 146.Thiswouldsuggestabetterstarting pointthanRIPAfortheproposalsisrequired. 33. Despiteassurancesfromthegovernmentandthepolice,validconcernswithhumanrights implicationsstillremainconcerning:

146'Protectinginformationprivacy',Raab,C.AndGoold,B.,EqualityandHumanRightsCommission

2011http://www.equalityhumanrights.com/uploaded_files/research/rr69.pdf

116

Draft Communications Data Bill

34.

what'communicationsdata'actuallyisandwhethercontentcanreallybeseparated, thebreadthofpurposesforwhichdataistobecollectedandstored, thenumberofpublicauthoritieswhowillhaveaccesstosuchdata,and thenatureandqualityofsafeguardstopreventmisuseandprotectimportantindividualrights, includingtherighttoprivacy. TheCommissionsanalysiswouldsuggestsubstantialimprovementstothedraftbillcanbe madeintheseareas.Otherwise,therearesignificantrisksthatthemeasuresinthedraftbill couldcompromisehumanrightssafeguardsandresultingreateropportunitiesforhacking, identifyingwhistleblowers,compromisingtheworkofinvestigativejournalistsandintruding onthelawyer/clientrelationship.Consequently,webelievegreaterscrutinyofthemeasures andimprovedsafeguardsarerequired. Formostpublicauthorities,apartfromlocalauthorities,theauthorisationprocesstoaccess communicationsdataisdependentonlyoninternaldecisionmakers.Thepresent authorisationsystemisperceivedtolackindependenceanditisprobablynotthebestprocess tobalanceandsafeguardindividualrights. Externaloversightandregulationinthisareaiscurrentlycoveredbyanumberofbodies, includingtheInformationCommissioner,theInterceptionofCommunicationsCommissioner andtheInvestigatoryPowersTribunal.Concernsaboutthecomplexityandlackof effectivenessofthisregimearerealandneedtobeaddressed. Preventingmisuseispreferabletoactingafterithasoccurred.Effectiveregulationmaynotbe possibleaftertheevent,ifundertakenbyaregulatorresponsibleforprobingupwardsofhalfa milliondataaccessrequestsona'casebycase'basis.Thisisnotasufficientsafeguardin relationtotheproposalscontainedinthedraftbill,andsignificantimprovementsareneeded inthisregard. Lackofknowledgeaboutdatabeingaccessedhindersindividualrightstoseekredressthrough regulatorsorcourtsandtribunals.Again,theCommissionsanalysissuggestsrelianceonthis currentsystemisnotasufficientsafeguardinrelationtotheproposalscontainedinthedraft bill.Significantimprovementsarealsoneededinthisregard. Finally,alotofthedetailinrelationtothedraftbillislefttotheSecretaryofStatetodevise throughdelegatedordermakingpowers.NotwithstandingthefactthatParliamenthasarole inauthorisingtheseorders,theCommissionwouldsuggestitispreferabletohaveasmuch detailonthefaceofthedraftbillaspossible,ratherthaninseparateorders.Ultimately,this increasesdemocraticscrutiny,aidsunderstandingandreducescomplexityforallconcerned.

35.

36.

37.

38.

39.

Improvedsafeguards 40. Inthissubmission,theCommissionhassetoutitsanalysisofhowthedraftCommunications DataBillalignswithhumanrightslegislation,drawingonthefindingsofitsresearchreport, 'Protectinginformationprivacy' 147.Basedonthis,thefollowingimprovementsmaybe necessaryandproportionatetoimprovethedraftbillandtherebystrengthencompliancewith therequirementsoftheHumanRightsAct1998:

147Ibid.

Draft Communications Data Bill

117

41. Itispositivethatacommitmenthasbeenmadetoincorporate'Privacybydesign'and'Privacy enhancingtechnology'intothetechnologythatwillbeconstructed.However,asastarting point,thedraftbillrequiresclearprinciplesperhapsbasedonthoseinSchedule1oftheData ProtectionAct1998.

42. 43. Whatamountstodatacontentshouldbedefinedonthefaceofthedraftbill,asshouldthose bodiespermittedtoaccessdata.Thepurposesshouldberestrictedtothosepermittedunder theHRA.Clause5 1 b shouldstatewhatinfactisalreadyauthorisedbylaw. Thelegislationneedstobemuchclearerandlesscomplex,soeveryonecanunderstandtheir rightsandresponsibilitieswithouthavingtoresorttolawyersand/ortocourtsandtribunals.

44. Independentauthorisationofdataaccessrequests bythejudiciaryorotherindependent body shouldbethenorm,especiallyformoreintrusiveinformationbeyondbasicsubscriber details.Thisshouldcomplementinternalapprovalprocesses.Aworkablesystemisrequired forurgentrequests,perhapswithretrospectivescrutiny.

45. Thethresholdtoaccessdatashouldbesetatahighlevelinthelegislationtopreventtrivial andotherdisproportionaterequests.Clause9 6 istoobroadinpermittingdatarequestsfora numberofreasonsthatdonotnecessarilyfallwithinlimitationssetoutinArticle8HRA.

46. Thereisalackoftransparencyinthepresentproposalsintermsnotifyinginnocentpeopleat anappropriatepointintimethattheirdatahasbeenaccessedanddestroyed.Individuals as wellasregulators shouldreceivenotificationatanappropriatepointintime,subjecttoother considerationsforexample,notcompromisinganongoinginvestigation.Thiswillactasa deterrentagainstmisuseandaidaccountability.

47. Alegalrequirementtohaveasystemcomprehensivelyrecordingwhatdatahasbeenaccessed, bywhom,when,forwhatpurpose s andwhenthedatahasbeendestroyedshouldalsobe requiredonthefaceofthedraftbill.

48. Sanctionsformisusehavetobesetatalevelthatprovidesarealdeterrent.Consideration shouldbegiventoimposingcriminalsanctions,includingbreachesofSection55oftheData ProtectionAct1998andbreachesofarelevantcodeofpractice.

49. TheSecretaryofStatesdelegatedpowersunderthebillshouldbeconsiderablyreduced; furtherchangesincludingadditionalpowers,shouldrequireprimarylegislationthatcanbe thoroughlydebatedandscrutinisedbyParliament.

50. Alegalrequirementtomonitor,reviewandreportontheoperationofthelegislationshouldbe placednotonlyonregulators,butalsoongovernmentandrelevantpublicauthorities.

118

Draft Communications Data Bill

August2012

Draft Communications Data Bill

119

The foundation for Information Policy Research


TheFoundationforInformationPolicyResearch FIPR isanindependentbodythatstudiesthe interactionbetweeninformationtechnologyandsociety.Itsgoalistoidentifytechnicaldevelopments withsignificantsocialimpact,commissionandundertakeresearchintopublicpolicyalternatives,and promotepublicunderstandinganddialoguebetweentechnologistsandpolicymakersintheUKand Europe. WewouldliketomakethefollowingcommentsandrecommendationstotheJointCommitteeonthe draftCommunicationsDataBill.AmemberofourAdvisoryCouncil,ProfessorPeterSommer,has submittedaresponsediscussingtechnicaldetails,whichwewillnotrepeathere;inthisresponsewe focusonthestrategicaspects. 1.Astatethatcanwatchanybody,orastatethatcanwatcheverybody? Indemocraticcountrieswehavehistoricallylimitedourcapacityforgovernmentsurveillancein variousways,whiledespotstrytowatchthewholepopulation.Inthepastthismayhavebeenpartly amatterofpriorities;citizenswhocanvoteoptforschoolsandhospitals,notsecretpolicemen.Butas technologyslashesthecostofsurveillance,itmightjustbepossibletohaveschoolsandhospitals,and watcheveryonetoo.Shoulddemocraticgovernmentsgiveintothistemptation,ortakeamore principledposition?TheBillmaybetheonerealopportunityforthisParliamenttoconsiderthis question. Britainshouldremainoneofthestatesthatcanwatchanybody,butnoteverybody.Weunderstand thatBTalreadyhastheDPIcapacity installedforthepurposesofinterception tomonitorabout 100,000Internetsubscribers.TheotherbigISPspresumablyhaveasmuchagain,andGCHQnodoubt hasfurthercapacityonbackbonelinks.RatherthanacceptingtheHomeOfficebidforamassive expansionofthisalreadysubstantialcapability,theCommitteeshouldinsteadrecommendapolicyof selectivedatapreservation:communicationsdatawouldbecollectedonlyfortargetedindividuals, suchasseriouscriminalsreleasedonlicense,oronthesexoffendersregister.Inanycase,we recommendthatcollectionshouldbesubjecttoanoverallvolumelimit say100,000subscribers to compelthepoliceandintelligenceagenciestoprioritise.Itshouldbesubjecttojudicialoversight. 2.Communicationsdataonly,orinterceptiontoo? InthedraftbillanditstestimonytotheCommittee,theGovernmenthasbeenvagueaboutwhatit intendstodowiththenewpowers.IthasbeenmuchlessvagueinitsworkontheEuropean TelecommunicationsStandardsInstituteTechnicalCommitteeonLawfulInterception ETSITCLI ,a standardsbodystaffedbypeoplefromintelligenceagencies,telcos,ministriesandswitchgear suppliers,withaverystrongBritishcontingent.ETSITCLIdrewupthetechnicalstandardsfor governmentaccesstomobilephonelocation,trafficdataandcontent,andhasnowdecidedtoextend itsstandardstothefacilitiesthatGoogle,Facebookandothercloudserviceproviderswillbeordered toofferthepoliceandtheintelligenceagencies.WestronglyurgetheCommitteetostudythe documentETSIDTR101567LawfulInterception LI Cloud/VirtualServices CLI ,whichwe incorporatehereinbyreference 148.Thismakesclearthattheagenciesgoalisnotjustaccessto communicationsdata,butinterceptiontooaswiththepreviousGovernmentsInterception ModernisationProgramme. TheCommunicationsDataBillwillgivetheSecretaryofStatethepowertocompelserviceproviders toinstallinterceptionequipmentofthegovernmentschoice,bysecretorder.AlthoughtheBillclaims thatitdoesnotempowerinterception,nothinginitpreventsitsbeingusedtodirecttheinstallation ofequipmentwhichisthenusedforinterceptionunderotherlaws.TheDPIequipmentthatcanbe usedtocollecttrafficdatacanequallybeusedforinterception;thisisjustamatterofitsinstructions.

148http://www.3gpp.org/ftp/tsg_sa/WG3_Security/TSGS3_LI/2012_45_Bratislava/SA3LI12_044.doc

120

Draft Communications Data Bill

WerecommendthattheCommitteeamendtheBillsothatequipmentinstalledunderitspowers cannotbeusedforinterception.IftheHomeOfficewillnotacceptthis,thentheCommitteewillhave atleastachievedclarityaboutgovernmentintentions. 3.Shouldcloudserviceaccessbeautomated? Atpresent,cloudserviceproviderssuchasGoogle,YahooandFacebookscreenlawenforcement accessrequestsmanually.Onereasonisthatcanbeveryhardtotellwhetherapoliceforceor intelligenceagencyhasjurisdiction. ImaginethatafutureBritishministerordiplomatpassesthroughCairoInternationalAirporten routetoSouthSudanonanofficialvisit.Sheopensherlaptoptocheckhergmail.Thelocal intelligenceservicenotices,andinvokesitslawenforcementinterfacetohergmailaccount.Suppose thattheCommunicationsDataBillpassedinitspresentform,whereupontheUKcompelledallcloud serviceproviderstobuildaninterfaceforaccesstowebmail.Othercountriesthendemandedaccess too;eveniftheproviderslimitaccesstodemocraciesinwhichtheyhaveemployees,itishardtosee howtheycandenyaccesstoFrance,Italy,andEgypt. Nowconsider:howmuchshouldtheMukhabaratbeabletoget?Onlythosemailitemsshesent, receivedorviewedwhileonEgyptiansoil?Everythingshegotinthelast14days?Everythingshell sendandreceiveinthenext14daystoo?Allofherinbox?HerGoogledocsandhercalendartoo?The agencieswillgrabthelotiftheycan.Butwhatisproportionateandnecessary,andhowcansystems bebuiltthatrespectjurisdiction?Itisnotcleartousevenhowtospecifysuchsystems,letalonebuild them. Designingalawenforcementinterfacethatwillgiveautomaticaccessbutrespectusersrightsis madeevenharderbythefactthattargetsofinvestigationusecloudsystemsinnonstandardways. Forexample,anumberofterroristgroupshaveusedwebmaildeaddrops,wheretheycommunicate bysharingtheusernameandpasswordtoawebmailaccount,andleavingmessgesinthedraftsfolder ratherthansendingthemasformalemails.Sotrafficdatamaynotreallybe,ormean,whatit ostensiblysays;indeedtheagenciescanredefinetrafficdatabydescribinganewmodusoperandi realorimagined . Intheabsenceofaclearanddetailedexplanationofhowtopreventsuchaninterfacebeingabused byforeignintelligenceservicestothedetrimentoftheUKscriticalinterests,theUKshouldnotbe pushingforittobebuilt. TheCommitteemightnotethatCESG,whichdoesprotection,isa subsidiaryofGCHQ,whoseprimarymissionisoffensive,sooffencemaybefavouredoverdefencein policyadvice. Inanycase,werecommendthatlawenforcementaccesstocloudservicesshouldbydefaultinvolve manualscrutinybytheserviceprovider;andtoensurethatthescrutinyiscareful,nonewlawshould indemnifytheprovideragainstprovidinginformationcontrarytootherlaws.Itisquiterightand properthatcloudservicecompanyexecutivesshouldfacelitigationorevenprosecutionifthey violateusersrightsbyhandingoverprivateUKinformationtoaforeignintelligenceagency orfor thatmattertoanewspaperoracriminalgangthatbribesanemployeeofagovernment . 4.Ifsomeaccessisautomated,whatshouldthescopebe? Whatlawenforcementinterfacesshouldbeautomated?Existingsystemsgiveautomatedaccessto phonerecordsandhandletensofthousandsofrequestsamonth.Thisispossiblebecausephone recordsaresimple;thequestionofjurisdictiondoesntarise.Cloudservicesarecomplex,and jurisdictionisnottheonlyfactor:therearemorethanfortywaysfortwoFacebookusersto communicatewitheachother,andnewmechanismsareintroducedconstantly.Arequirementfor automatedeavesdroppingwouldimpairinnovation,asateamdevelopinganewfeaturewouldhave tothinkthroughalltheaspectsofinterceptionincludingjurisdictionandliabilitybeforethefeature couldship.

Draft Communications Data Bill

121

Complexitycanalsobeanemergentproperty,andinthisrespectweareconcernedaboutthedraft billsprovisionsonfiltering.Theideaistoenableaninvestigatortomakecomplexqueriesonsimple dataheldinmultipledifferentsystems.SupposeforexamplethatanoppositionMP,orajournalist, wereleakedasensitivepolicydocumenttowhichonlytwelvecivilservantshadaccess.Atpresent investigatingsuchaleakmightinvolveinterrogatingthetwelvesuspects,orevenarrestingtheMP.In future,aninvestigatorwouldbeabletoquerythehundredsofdifferentCSPssayingtellusallthe peoplewithwhomthesethirteentargetscommunicatedinthelasteighteendays.Thesecontactlists wouldbecombinedatGCHQ,whomightspotthatofficialnumberninephonedanacademiccriticalof governmentpolicy,andhalfanhourlatertheacademiccalledtheMPsmobilephone.That,atleast,is thetheory.ThefilteringprovisionsopenupthedoortolargescaledataminingoftheInternet;what Googledidforthecitizensearchingforstuff,theBillwilldoforinvestigatorssearchingforvillains. Inpracticethereareseriousobstacles.First,theindividualcommunicationsserviceproviderswould havenowayofassessingwhetheranyparticularrequestfordataisproportionate,necessaryor otherwiselawful,soifsuchrequestscanbemadeautomaticallytocloudserviceproviderstheywould raisetheissuesalreadydiscussed.Second,asProfessorSommerpointedout,theboundarybetween trafficdataandcontentischangingconstantly,andhassomehardcases.Agoodexampleisyour diary.Manyfirmsnowadaysrunoncorporatecalendaringsystems,whichcanbeavaluableresource forinvestigators:anFSAofficialinvestigatinginsidertradingwouldlovetotrawlallthestaffdiaries ofthetargetbank.Butisthistrafficorcontent?Nodoubtagencieswillarguetheformer;butbankers maywellbeunrelaxedabouttheideathattheirinternalandclientcontactscouldbetraced automaticallyviasurreptitiousintelligenceserviceaccesstotheircorporatecalendaringsystem. Third,ThewaytheBilliscurrentlydrafted,itwillcatchallsortsofmachinetomachinetransactions suchasATMsandcardtransactionsinshops,securitywebcams,wirelessdorbells,insurancecar trackingsystems,andevensettopboxesthattrackwhatyouwatch;theseposefurtherproblemsof contentversustraffic.Finally,itsproposedthatthefilteringrequestswouldincluderequestsfor contentaswellastrafficdata,whichGCHQwouldfiltersoastopassononlyrelevanttrafficdatatoa requestingpoliceforce.SothefilteringprovisionsoftheBillappeartoauthoriseGCHQtocollect arbitrarydata includingcontent fromanyCSP.ItsworthnotingthatinNSA/GCHQterminology, interceptioniswhathappenswhencontentisscrutinisedbyahumananalyst;ifitsjustscrapedup intoadatabaseforfutureusethatscalledcollection.TheCommitteeshouldbecarefulabout terminology! WerecommendthatthefilteringprovisionsberemovedentirelyfromtheBillandthatthedefinition oftrafficdatabemadecompletelyexplicitinordertopreventmissioncreep. 5.WilltheBillimpaircompetition? IfcommunicationsserviceprovidersarecompelledtoinstallenoughDPIequipmenttomonitorall subscriberconnections,thiswillbeeasierforrelativelycentralisedCSPssuchasBTthanformanyof itscompetitors.IfCSPsarerequiredtohavestaffwithsecurityclearancestomaintaintheDPI equipment,thiscouldbedifficultforsmallprovidersandimpossibleformoststartups. Ifcloudserviceprovidersarerequiredtoprovidelawenforcementinterfacesonthesamebasisas traditionaltelcos,theywillsuffersubstantiallyhighercostsbecauseoftheirmorecomplexservice offeringsandbecauseoftheuncertaintiesinjurisdictiondiscussedabove.Alegalrequirementforall newcommunicationsservicestobeinterceptreadycouldimposeaveryhighcostonstartups; sensibleentrepreneurswouldgoelsewhere.ThiswouldbeevenworseifanyITstartuprequired someonewithaclearance alargenumberoftechstartupsinvolveforeignnationals .TheBillas proposedmightbewelcomedbyBT,whichmightrebuilditsnetworkattaxpayerexpense,butits effectsoninnovationcouldbesevere.Theremustbealevelplayingfield,sotheproposalthatthe HomeSecretaryacquirethepowertogivesecretorderstoCSPsisunacceptable.Werecommendthat anyinterceptionrequirementimposedonfirmsbeappliedtoallfirmsequally,andbesubjectto publicconsultationfollowedbyavoteinParliament. 6.Shouldthestatebeabletocompeltreachery? TheBillwillempowertheHomeSecretarytoordercompaniesorindividualstobuildbackdoorsinto

122

Draft Communications Data Bill

theirsystems:ineffect,todoublecrosstheircustomersoremployers.Thewriterdeclaresaninterest, asoneofmypostdocsisamaintainerofTor,ananonymouscommunicationsystemusedbycitizens incountrieslikeIranandChinatocircumventInternetcensorship.IfthecurrentBillweretobecome law,theHomeSecretarycouldserveuswithasecretordercompellingustomodifythesoftwareto createundocumentedlogsandmailthemtoGCHQ.WewouldprobablysafeguardTorsintegrityby postingamonthlydeclarationunderoathonourwebsitethatwehavenotbeenplacedunder compulsion.Shouldthisfailtoappear,ourcolleagueselsewherewillknowthatnomoresoftware fromtheUKshouldbetrusted. Theimpactonbusinessofapowertocompelstafftobesilentlydisloyalmightbefarreaching.A prudentUSsoftwarefirmmightdecidenottolocateanydevelopersintheUK,forexample.Butthe implicationsarenotrestrictedtosoftware.Part3oftheRegulationofInvestigatoryPowersAct permittedaChiefConstabletoseizeacryptographickey;eventhoughsuchnoticeshavetobeserved ondirectors,theirveryexistencehasledatleastoneinternationalbanktoremovekeymaterialfrom thecontrolofLondonstaff,whichinturnledtoitsauditfunctionforEuropemovingfromLondonto Switzerland.Legalisedtreacheryisbadforbusiness,andtheBillmustnotenableministerstocompel it. 7.Whichagencyshoulddothewatching? Formanyyears,muchofthecivillibertiescommunityhasconsideredGCHQsinterception operationstobealowpriority,becausemostoftheirsurveillanceactivitiesweredirectedoutside Britainandbecausetheproductwasverycloselyheld.Buttheworldappearstobechanging. TheUSNationalSecurityAgencymovedtointernalsurveillanceafter9/11,turningitsresources againstUScitizensinwaysthatbrokeUSlaw albeitretrospectivelylegalisedbyCongressin2008 . NowtheNSAisGCHQsmentor;itnotonlyleadstheFiveEyesintelligencesharingagreementbut spendsmuchmorethantheUK,Canada,AustraliaandNewZealandputtogether.SotheNSAsets doctrineandstandardsacrossalliedgovernmentsforcommunicationsintelligenceandinformation security.AstheUSAisthelargestbuyer,andthedominantplayerintheWassennaarArrangement whichcoordinatesexportcontrols,italsoshapesthemarketforinterceptionequipment.Evensuch minoraspectsofUSpolicyasthesponsorshipofacademiccentresofexcellenceininformation securityhavebeenimportedintotheUK. SoitisnotsurprisingtonotethattheBillwillgreatlyexpandGCHQsdomesticsurveillance capabilities.ButParliamentshouldthinkhardabouttheprospectofGCHQtransformingitselffroman essentiallymilitaryagency,taskedwithuncontroversialjobssuchasdecipheringHitlerstelegrams ortappingChairmanMaosphone,intoaninternalpoliceagencywithbroadscopeandnoeffective oversight.Itsimplyhasthewrongculture.Thecandoapproachadoptedfordealingwithenemiesin wartime orduringtheColdWar isnotrightforinternaluseinanationatpeaceandwiththelowest recordedcrimeratesever.Acentralcommsdatafacilitydrivenbyintelligenceagenciesmightalsobe oflittleusetothepolice;theywouldnothavethesecurityclearancetoknowwhatitcontained.Ifthe UKneedsaninternaltechnicalsurveillanceagencyitshouldbemoreliketheFBIthantheNSA;it mustbeabodythatsharesthepoliceethosandissubjecttodemocraticaccountability. Wethereforerecommendthatanycentralfunctionsrelatingtothecollectionandprocessingof communicationsdatashouldbeunderthecontroloftheproposednewNationalCrimeAgency,orthe MetropolitanPolice,ortheNPIA,ratherthanGCHQortheSecurityService. 8.Whoshallwatchthewatchers? TheInterceptionCommissionerandhiscolleagueshavefailedtowinmuchconfidence.Thereisa tendencyforregulatorstobecaptured;aregulatedindustryusuallyknowsmuchmorethantheydo aboutwhatsgoingon.Itshouldsurprisenoonetoseethisintheinterceptionbusinessbecauseof thehighlytechnicalnatureoftheactivity. Britainisalmostaloneintheworldinnotpermittinginterceptproducttobeusedinevidence.

Draft Communications Data Bill

123

Officialswhoarguethattheskywouldfallifpolicyweretochangecanneverexplainwhytheskyhas notfalleninsomanyothercountriessuchastheUSAandtheNetherlands.Butonceintercept productisusableinevidenceitwillbetestedinthecourts;thistransparencywilldomoretoprevent abusethananyregulatorcould.Also,asnotedaboveandexplainedbyProfessorSommer,the distinctionbetweencontentandtrafficdataisbecomingincreasinglyproblematic.Wetherefore recommendthatthelawbechangedtoallowinterceptproductinevidence,andfurthermorethat targetsofsurveillancewhoarenotprosecutedshouldeventuallybenotifiedofthesurveillance. Sunlightisthebestdisinfectant. 9.Thehumanrightstest Itisextremelydoubtfulthatmasssurveillancewithoutwarrantorevensuspicioncouldcomplywith humanrightslaw,specificallysection8oftheEuropeanConventiononHumanRights.TheData RetentionDirectivewasmuchlessdraconian,yetthetwosupremecourtsthatexaminedlocal implementations inGermanyandRomania foundthemnoncompliant.EveniftheHumanRights Actwererepealed,itsreplacementwouldsurelyreimplementECHRsolongasBritainremainsinthe CouncilofEurope.TheECHRwasreflectsbothEuropesandBritainsdeepestvalues. ThefactthattheBillostensiblyonlyfacilitatesaccesstocommunicationsdatadoesnotreallymitigate theproblem.Suchdatacanrapidlydisclosethemostsentitiveaspectsofacitizenslife; communicationwithapsychiatrist,aminorityinterestdatingsiteoraservicesuchasNarcotics Anonymouscanbeprofoundlyrevealing.Yet,aswenotedabove,theBillappearsoncarefulstudyto facilitateinterceptionaswell. WethereforerecommendthattheCommitteecommissionindependentlegaladviceonwhat amendmentsmayberequiredtothedraftBilltoensurehumanrightscompliance. Summary Wemakethefollowingrecommendations: 1. Collectionshouldbesubjecttoanoverallvolumelimit say100,000subscribers tocompel thepoliceandintelligenceagenciestoprioritise,andshouldbesubjecttojudicialoversight. 2. TheCommitteeshouldamendtheBillsothatequipmentinstalledunderitspowerscannot beusedforinterception. 3. Lawenforcementaccesstocloudservicesshouldbydefaultinvolvemanualscrutinybythe serviceprovider;andtoensurethatthescrutinyiscareful,nonewlawshouldindemnifythe provideragainstprovidinginformationcontrarytootherlaws. 4. ThefilteringprovisionsmustberemovedentirelyfromtheBillandthedefinitionoftraffic datamadecompletelyexplicitinordertopreventmissioncreep. 5. Anyinterceptionrequirementimposedonfirmsmustbeappliedtoallfirmsequally,andbe subjecttopublicconsultationfollowedbyavoteinParliament. 6. TheBillmustnotempowerministerstocompeltreachery. 7. Anycentralfunctionsrelatingtothecollectionandprocessingofcommunicationsdata shouldbeunderthecontroloftheproposednewNationalCrimeAgency,ortheMetropolitan Police,ortheNPIA,ratherthanGCHQortheSecurityService. 8. Thelawshouldbechangedtoallowinterceptproductinevidence,andtargetsofsurveillance whoarenotprosecutedshouldeventuallybenotifiedofthesurveillance. 9. TheCommitteeshouldcommissionindependentlegaladviceonwhatamendmentsmaybe requiredtothedraftBilltoensurehumanrightscompliance. August2012

124

Draft Communications Data Bill

The Financial Services Authority


1. We welcome the opportunity to submit this memorandum to the Joint Committee on the draft CommunicationsDataBill.Inthismemorandum,wesetout: a. b. c. d. e. f. the FSAs role and responsibilities, and the extent and nature of our interest in communicationsdata; ouraccesstocommunicationsdata; ouruseofcommunicationsdata; thespecificmeasuresweusetosafeguardcommunicationsdata; theimpactthatawarrantingsystemwouldhaveonourabilitytoreducefinancialcrime andtacklemarketabuse;and theroleoftheInterceptionofCommunicationsCommissionersOffice IOCCO .

Executivesummary 2. We welcome the draft Communications Data Bill, which would consolidate and update powers essentialtoourenforcementwork. 3. 4. Wearealerttothesensitivitiesofusingcommunicationsdata,andhavemechanismsinplaceto ensurethatsuchinformationisusedappropriatelyandsecurely. We recognise that there must be a balance between the safeguards in the process to acquire communicationsdataandtheefficiencyofthatprocess.WeconsiderthatthedraftBillgetsthis balancerightandweasktheCommitteetoconsidercarefullyanypossiblechangestothedraft Bill that would have a detrimental impact on our ability to reduce financial crime and counter marketabuse.

FSAroleandresponsibilities 5. 6. The FSA is the single statutory regulator for the great majority of financial services in the UK. OurpowersareconferredprimarilybytheFinancialServicesandMarketsAct2000 FSMA . FSMArequirestheFSAtopursuefourobjectives: a. b. c. d. 7. marketconfidencemaintainingconfidenceintheUKfinancialsystem; financialstabilitycontributingtotheprotectionandenhancementofstabilityoftheUK financialsystem; consumerprotectionsecuringtheappropriatedegreeofprotectionforconsumers;and the reduction of financial crime reducing the extent to which it is possible for a regulatedbusinesstobeusedforapurposeconnectedwithfinancialcrime.

The Financial Services Bill currently going through Parliament introduces a new regulatory environment, splitting the FSA into the Financial Conduct Authority FCA and the Prudential RegulationAuthority PRA .TheFSAsfinancialcrimeobjectivewillmovetothenewFCA.Asthe Billstands,theFCAwillhaveanoperationalobjectivetoprotectandenhancetheintegrityofthe UKfinancialsystem.TheintegrityoftheUKfinancialsystemincludes:

Draft Communications Data Bill

125

a. b. c. d. e. 8.

itssoundness,stabilityandresilience; itsnotbeingusedforapurposeconnectedwithfinancialcrime; itsnotbeingaffectedbybehaviourthatamountstomarketabuse; theorderlyoperationofthefinancialmarkets;and the transparency of the price formation process in those markets. Financial Services Bill,cl.5 1

We currently have powers under the Regulation of Investigatory Powers Act to acquire communications data for the purposes of criminal investigations. Under the European Market AbuseDirective,theFSAmustalsohavepowerstoobtaincommunicationsdataforcivilmarket abusecasesthesepowersarecurrentlyprovidedunderFSMA,butwouldbeconsolidatedinto theCommunicationsDataBill.

Accesstocommunicationsdata 9. ItisofvitalimportancetotheFSA,andgoingforwardtheFCA,thatweretainourabilitytoaccess communicationsdata.

10. Wearenotoneofthecoreauthorities suchaspoliceforcesorHMRC mentionedinthedraft CommunicationsDataBill.AsanoncoreauthorityweneedtobedealtwithbyanOrderbythe Secretary of State. We have no concerns about this as the Bill stands. However, if the Bill is amended to distinguish between core and noncore authorities, we would consider our substantivepositiontobethesameasthecoreauthorities,andwouldrecommendappearingon thefaceoftheBill. 11. Ourprocessestosafeguardcommunicationsdataarepracticallythesameasthecoreauthorities. Wewouldthereforehaveseriousconcernsabouttheimpactonourabilitytoinvestigatecasesas aresultofanyadditionalrequirementsonus. Usingcommunicationsdata 12. Legislation needs to keep pace with developing technologies as we are seeing increasing sophisticationbycriminalsseekingtoevadedetection.WewelcomemeasuresintheBillthatwill ensurecommunicationsdataisavailable. 13. Our use of communications data regularly supports and underpins successful criminal prosecutions. Communications data is intrinsic to our ability to investigate effectively and prosecutemanyofthecriminaloffenceswedealwith.Ithasplayedakeyevidentialrolein121 criminalenquiriessinceFebruary2009.Thesecomprised:96enquiriesintoallegationsofinsider dealingcontrarytos52CriminalJusticeAct1993;14enquiriesintoallegationsofunauthorised business contrary to s19 of FSMA; and 11 enquiries into allegations of market manipulation contrary tos397 FSMA. Some ofthese enquiries have resulted in criminal prosecutionsand/or the disruption of serious financial crime and have enabled us to achieve convictions against individualsresultinginsignificantcustodialsentencesandconfiscationproceedings. 14. Communications data frequently provides critical evidence in preventing, detecting and prosecutingmarket abuse criminal and civil and unauthorised business criminal cases. The communicationsdataprovidesinitialinvestigatoryleadsthatenableustoidentifythoseinvolved in alleged criminality andalsoto evidence directly communications between suspects. Without thisevidenceitwouldbeimpossibletoprosecutethemajorityofthecaseswedealwith. 15. Marketabusecasesinvolvinginsiderdealingareoftenreferredtoasaninformationcrime,as theactionunderlyingtheoffenceisthatofpassinginformationbetweenparties.Intrinsicallythe abilitytodemonstratecontactbetweenpartiesisakeyelementintheevidencerequiredtoprove

126

Draft Communications Data Bill

insiderdealinghasoccurred.Withoutcommunicationsdataitwouldbeimpossibletoprosecute mostoftheseoffences. 16. We investigate a wide range of serious criminal offences. Recently, communications data was used in an investigation into an illegal investment scheme to successfully locate the suspects office premises. Typically, given the criminal nature of their activity, suspects move office location every few weeks. Finding the current location of the office allowed us to apply to the Courtforasearchwarrantandexecuteasearchatthepremisesbeforeitmovedagain. Retentionperiod 17. Inevitably, any cutoff point for retaining data means that it will not be possible to investigate someleads.Weappreciatetheneedforbalanceandtheproposed12monthperiodforretaining communicationsdataisproportionateinthecurrentregulatoryenvironment. 18. However,theretentionperiodmayneedtobereviewedifawarrantingsystemisintroduceddue totheanticipateddelaysthiswouldcause.Inthesecircumstancesitislikelythatanunacceptable amount of relevant communications data would be lost as a result of it falling outside the retentionperiodandwewouldrequestalongerretentionperiodtotakeaccountofthis.Wenote, however,thatevenalongerretentionperiodwouldnotmitigatethediversionofresourcesand delayininvestigationsifawarrantingsystemwastobeintroduced. Safeguards 19. We believe our processes provide a robust level of scrutiny to communications data requests. Belowwesetoutourprocedurestoensuredataisusedappropriatelyandsecurely. 20. Our application process is identical to that used by Law Enforcement, SOCA, HMRC and the IntelligenceServices.WeuseaHomeOfficeapprovedapplicationformthatwesupplementwith additional guidance and advice to applicants about the information required to satisfy the applicationthresholds. 21. In accordance with IOCCO guidance, any FSA applicant requesting authorisation to access communications must be employed within a relevant area and have completed our approved trainingprogramme. 22. OurDesignatedPersonsmustbeemployedasaHeadofDepartmentintheEnforcementDivision. Nooneofalowerrankisauthorisedtoapproveanapplicationforanyformofcommunications data. 23. TheApplicantcanonlysubmitarequestforauthorisationtoobtaincommunicationsdatafroma HeadofDepartmentwhoisnotresponsiblefortheinvestigation,ensuringtheindependenceof theDesignatedPerson. 24. OurSinglePointofContactconsistsoftwoaccreditedofficerswhoarestationedinasecurearea within the FSA. They are the only two FSA employees able to access the secure sites and download communications data which they do through the Government Secure Intranet. The data is downloaded from this separate IT system and is transferred to us using government approvedsecureUSBdrives.TheseUSBdrivesarekeptatalltimeswithinthesecureareaatthe FSA. 25. Applicationsforcommunicationsdataandtheresultingdataareencryptedandheldsecurelyon our server. Only our two accredited officers have the necessary digital keys and passwords to accesstheinformationwehold. Impactofapotentialwarrantingsystem

Draft Communications Data Bill

127

26. We do not consider a warranting system to be appropriate for our obtaining communications data. The cases that we prosecute are very technical in nature. To understand the offence, explanationofthetypeoftrading,methodoftradingandthenatureofthefinancialmarketsis required. If we were to request a warrant for communications data then the background information in support of our application would require technical market or trading explanations. We are concerned that this will have an impact on any such application, causing delayandcoststobothourselvesandHerMajestysCourtService,reducingboththenumberof leadsweareabletofollowandthenumberofcaseswecanprosecute. 27. Wecurrentlymaintainasystemthatiswellbalancedbetweenthesafeguardsoutlinedaboveand anefficientsystemthatallowsustofrequentlyapproveorrefuserequestswithin24hoursand maintainthepaceofinvestigations.WecurrentlyassignthesameDesignatedPersontodealwith requests under RIPA for communications data that may arise during an investigation. This DesignatedPersonisabletoreadthebackgroundofthecasefromtheoutsetandiswellplacedto consideranddealwithrequestsfordatathroughoutthelifespanoftheinvestigation.Thisavoids the need for numerous individuals to read the background material before determining an application,whichinturnenablesrequeststobedealtwithefficientlyandeffectively. 28. EveniftheCourtwasablededicateresourcestoasimilarprocessofassigningasinglejudgeto eachinvestigation,wewouldanticipatesignificantdelay.Therearesomecomparisonswiththe arrangements we have in place to apply to a Magistrates Court to obtain search warrants for premises under the Police and Criminal Evidence Act 1984. We are often asked to give our applicationsinadvancetotheMagistratesCourtsothattheycanbeassignedtoanexperienced DistrictJudge,ratherthanamagistrate.Thejudgeoftenconsidersthepapersinadvancebefore ourapplication.AsaresulttheseapplicationsunderstandablytakesometimefortheCourtsto dealwith. 29. Other than in exceptional circumstances, applications for communications data would not be dealtwithbythecourtsasurgentlyassearchwarrantsare.Delayswouldreducethenumberof leadswecouldinvestigateandthereforecaseswecanprosecute. 30. Inadditionweapplyforarelativelylownumberofsearchwarrantsannually.Bycomparison,in 2011wemade2,325requestsforcommunicationsdata.Ifwecontinuereducingfinancialcrime and countering market abuse effectively, we will need to make multiple applications to Court everyworkingday,withadetrimentaleffectonbothFSAandCourtresources. RoleoftheInterceptionofCommunicationsCommissionersOffice IOCCO 31. We believe IOCCO plays an important role providing a complete independent review of our procedures. 32. WhenIOCCOattendourofficetheylogintooursystemasourSinglePointofContact.Thisgives them unfettered access to all our computer folders and they have complete access to every applicationmadebyus.Theytestatrandomanddipsampleourcases,givingthemanopenand accurateabilitytoreviewourapplications. 33. WehavereceivedconsistentlypositivereportsfromIOCCOfollowinginspections.IOCCOstated initslatestreporttheFSAemergedwellfromthisinspection.Theinspectorwassatisfiedthat

the public authority is acquiring communications data lawfully and for a correct statutory purpose.OverallthepublicauthorityhasagoodlevelofcompliancewiththeActandCoP.Avery good standard of application is being produced and the principles of necessity, proportionality andcollateralintrusionarewelljustified.

34. These reports from IOCCO are indicative of the fact that we take our obligations in relation to communicationdataveryseriously. August2012

128

Draft Communications Data Bill

Mike Gerbrais
GENERALOBSERVATIONS Clarityandspecificityaremoreessentialthanusualinthepresentdraft.Lawsoriginallydrafted becauseofoverridingneedinoneareaareattimesabusedormisusedinothersinwaystheoriginal draftershadnotanticipated. Beforecommentingonthisdraft,itisinstructivetoconsidertheRegulatoryofInvestigatoryPowers. Thereisnothinginherentlyquestionableabouthavingcloseto700publicbodiesaddedtotheRIPA, untilputinthecontextthattheoriginaldrafterslistedjust32andmayhavewishedinretrospectto controltheadditionsmoretightly.Thereisnothingwrongwithlegislativepowertomonitorfor terrorism,untilputinthecontextofcouncilsusingpowersgrantedforterrorismcrises,toticketfor dogfouling.Itisalsosoberingtoconsiderthedisproportionateusesthatgoodintentionscanleave inthepastthishasseenlawsintheCriminalJusticeAct2003intendedtoreduceextremelyviolent photographsusedtoprosecuteacartoonofTonytheTiger,antiterrorismlawsusedforlittering,and anautisticcitizenunderextradition.IntheUnitedStatesandthe2011SOPAmarkuphearing, legislatorsproposedmeasuresofgreatharmtotheinternet,referringtoworldclassexpertsin securityderisivelyasnerds.Theriskispresent. Technologyandsurveillancelawsperhapsbeyondallothers,havethescopetobeabusedthisway. Safeguardsneedtobecorrespondinglymorerigorousthanusual.Scrutiny,gooddefinitions,and clarityofunintendedoruncontrolleduses,canensurethatfutureSI'sandusageremainsbroadlyas parliamentplanned. Whilethegoalislaudable,Ifearfortheactualoutcome.Keyclausesanddefinitionsinthislawareso openastoallow almost anythingtobeappliedto almost anyone.Inafewyearsdetermined criminalswillbemoredataliterate;seriouscriminalswillcovertheirtracksevenindata communicationswhileabilllikethepresentwillbeusedforcrimeswhicharetrivial,onthegrounds thepowerexistsandthemattersarecrimes,howeversmallregardlessoftherisktosocietal structure,privacyandchillingoffreespeech. Lawmakersaredeeplyurgedtoconsiderthescopeforgoodintentionstobeabused,lessonsof history,tonotbecomplacentordismissiveofthefearsandrisksinherentinabilllikethis,andapply thegreatestdegreeofcautionandrigour,ifindeedtheydecidetopressahead. Wecanlivewithoccasionalcrime,howeversevere.Wecannotlivewellwithlossoftherighttospeak andassociatefreelythatsuchdraconianbroadandopencontrolsdefineforus. THEDRAFT 1 TheSecofStatemaybyorder afterconsultation "imposerequirementsorrestrictionson telecommunicationsoperatorsorotherpersons"Whatotherpersons?Asitstands,thisallows impositiononanybusiness,typeoforganisation,ornaturalpersonnotbeingtelecommunications operators.Thereisonlyobligationtoconsult. Severity:Hugepotentialforconcern. Action:Delete otherpersons ,oradd uponsomeformofparliamentaryconsent .Ifathreat issoserioustoaddanentireclassofpeople,orpersonswhoareinnowaytelecoms operators,itisseriousenoughthatparliamentarycontrolisbetter. "Requirements"isveryopen.Thiscanmandatethatindustryandindividualsadoptmeasuresthat areoutdated,deemedlesssecureorcompetitive,ordetercuttingedgebestpracticesbeyondthe normsuchasadvanceddatasecuritymeasures,restrictstoragelocationsorbackups,prevent

Draft Communications Data Bill

129

upgrades,andgenerallydisruptBritishbusinessasaworldleader.Datasecuritymovesveryfastand operatorsmayneedtomigrateorupdatefasterthantheycanobtainconsenttoupdate.Itisgenerally bettertospecifyaninterfaceorstandardbycreatingwhereneededamandatoryspecificationtobe metorexceeded,thenleavingtheresttotheopenmarket. 3 AtelecommunicationsoperatorwhoholdscommunicationsdatabyvirtueofthisPartmust a securethatthedataisofthesamequalityandsubjecttothesamesecurityandprotectionasthedata onanysystemfromwhichitisderiveddataiscommunicatedfromandviamanysystems.Howon earthdoesthedraftercontemplateanoperatorwillknowwhatsystemdataisderivedfrom,much lessbeabletoensurethesamesecurityandquality?Thisisarequirementthatcannotreasonablybe imposedasdrafted.ActionPerhapswhatismeant:whoholdscommunicationsdatamustsecure thatthedataheldbythem,orontheirbehalf,isofthesamequalityandsubjecttothesamesecurity andprotectionasanysystemundertheircontrolfromwhichitwasderived? QUESTION:Isthereadutytoretaincontrol,ortonotremovedataoutsidetheUK?Itisnot beyondcontemplationthatacompanymaychange,beacquired,havesystemsmovedoverseas byaparent,oroutsourcetoathirdparty notatelecomsoperator sothatinsome circumstancesdatamayceasetobeundertheirpracticalcontrol.Mustsecurethatthedata remainsundertheircontroland etc ? 5 Theoperatormustputinplaceadequatesecuritysystems includingmanagementchecksand controls governingaccesstothedatainordertoprotectagainstanydisclosure Thisisroutinelydonepoorlyinmostindustries.EvenmajorbodiessuchastheMinistryofDefence, DepartmentofWorkandPensions,Google,Microsoft,Sony,havehadseriousdatatheftorloss. Mediumtelecomsoperatorswillnotmeetorexceedthesecuritycapabilitiesofmultibillion organisations.Thisclauseistoothless.Inanylossofdataitisalmostimpossibletoshowculpability ofaresponsibleindividualunlessactionscanbemeasuredagainstaclearstatementofrequired criteria.ACTIONAtelecomsoperatorshalldesignateoneormoredirectorsorequivalenttobe eachresponsibleforensuringcompliancewiththisrequirement. Itiseasyandcorrecttoclaimnosystemisperfect.Thesinglebestpracticalcontrolisnot technical,butastrictdutyofvigilance,bywhichtheresponsibleofficerisrequiredtoatleastidentify weaknesses.Thereisnojustificationforlackofvigilance,andadutytobewatchfulaswellassecure createsthesinglebestdefenceofanyexpectationofsecurity.ACTIONIndividualoffencesrelatedto failuretoeither i takenecessarystepsfortheidentificationofweaknesses,or ii maintainsystems inasecurestate. 7 Boardhaveto"consider"anyissuesandtheSecofState"consider"likewise. Canwehavesomespecificgroundsorcriteriastatedforappeal?Otherwisethisisnosafeguardand toothless. 9 THISSECTIONHASSERIOUSFLAWSPERHAPSTHEMOSTSEVEREINANYSECTION Thissectionasitstandsisthewholeterrorismlawusedfordogfoulingproblemallover. a There isnodeminimislevelofinfractiononanycategory,althoughnobodywouldexpectthistobeused fordogfouling. b Categoriesaresovagueastobewhateveronewishesthemtomean. c The controlsoverproportionalityandcorrectuseareveryweaklydrafted. d Thereisnoallowancefor thepossibilitythatanauthorisedpersonmaynotknowthebestwaytoachievetheirpurposeorthat theoperatormayhaveanequallyvalidpreferencethatreducescostordamage. e TheSecretaryof Statemayauthoriseanypersonandanyconductwithoutrestrictionorreasonableness. f Thereis noobligationtostatethepurposetotheoperator,evenintermssuchastoobtainthefollowing dataordatapertainingtosoanoperatorcannotknowiftheauthorisationisabusedormoreis donethanshouldbe. g Ifawiderangeofactionsareauthorisedinsomematteroutofabundanceof caution asmaybeexpected thereisnocontrolthatanauthorisedpersonshallminimisethedataor

130

Draft Communications Data Bill

activitiesundertakenorlookattheminimumdatacompatiblewiththepurpose,iftheydiscoverthat lessinvasivenessthanauthorisedwillsuffice. h Thereisnotestofreasonablenessinanymatter. Forexample Deminimis:Anadditionalclausetobeadded,thatforeachcategoryofpurposestatesalevel ofseverityorspecificactionsthatisasdeminimisforthatcategory,inordertoringfence lessseveremattersoractionsthataregenerallynotintendedtobecomepurposes.For exampleforcrime,onemightspecifyacrimecapableofimprisonmentforacertaintime. ActionAddto 9 6 subjectineachcasetoademinimisrequirementsetout bySIor similar andappendto 9 7 "...andtheirdeminimisrequirements" Strongersafeguardonconduct: 9 1 c and 9 2 "conductauthorisedisproportionateto whatissoughttobeachieved"areunwieldybecausetheyfirststatetheauthorisationis proportionate,thenappeartoreversethatbyauthorising"anyconduct"unlimited.Alsowhat maybenecessaryisoftenlessthanwhatis outofabundanceofcaution authorised.Since 9 2 canonlyapplyif 9 1 c hasalreadyapplied,amend 9 2 toread"toengagein conductthatis i notinexcessoftheauthorisedconductand ii nomorethanthat reasonablyrequiredinordertoensuretheachievementof orprocure thepurpose" Absolutecourseofaction:Itmaybethatanauthorisedpersonisnotsufficiently orfalsely believesthemselvestobe knowledgeableaboutthesystem,dataorimplicationsofthe conductconcerned,ortherearemorethanoneacceptablewaytoprocurethepurposeand theoperatorconsidersonewaytobepreferableto,orlessdisruptivethan,another.Thereis nosafeguard. Bywayofexampleitmaybethatinsomecircumstances,anauthorisedcourseofconduct would fortechnicalreasonsunappreciatedordismissedbytheauthorisedperson cause riskofsomelossordamage,ofneedlessoperatorhardship,forexampleiftheirproposed activitywouldfailduetoabackuporcausedatainconsistency.Anauthorisedpersonhas absoluteauthoritytodoanactionthemselves,orrequireitsdoingbyanotherperson,and maypresson.ActionThissectionshouldcontemplatetechnicalissuesknowntothe operatorthatmaycausedamageordisruption,andtakestepstominimisethem.Theymay havesignificancetotheauthoriser,theoperator,orboth. Validpurposes:Theseareunreasonablywide.Tociteafew: NATIONALSECURITY.Putinandtherecentshowtrial?China? DETECTIONOFCRIME.Allcrime?Dogfouling? INTERESTSOFECONOMICWELLBEING.Anydemandcoercedbyanysubstantialoverseas power?IftheUnitedStatesplayinghardballsaystheywill hypothetically onlyallow favourabletermsonatradematterifweagreeinprincipletopasssomekindsof communicationsdatatothem,isthatwhatismeant?Arethereanysafeguardsorstrong restrictionsrelatedtodatabeingpassedoverseas? PUBLICSAFETY.Dogfouling? ANYTAX.Anyamounttoanydepartmentofanykind? 10 Statementofpurpose: Thereisnorequirementtostatethepurpose.Thepurposeofaccessistoobtaindatapertainingtoa matter,orofaspecifictype,orofspecificcurrency,recencyorthelike.Insomecasesthepurpose maybesecret,butthenatureofdatasoughtwilloftennotbe,astheoperatorscooperationis required.Agivenconductmaybeusedinanymanner,reasonablyorotherwise.Ifanauthorisation statesthepurpose,thenitbecomesmucheasiertoprevent,identifyandaddressconductnotwell relatedtothepurposeorusedforotherpurposes.

Draft Communications Data Bill

131

AsummaryofapplicablelawapprovedbytheSecretaryofStateshouldberequiredtobeincludedor annexedwithanyauthorisation,forreferenceofthepersonexecutingtheauthorisation,and person s presentedwithit 13 Reasonablenessclause:thestateddutyisto"comply",notto"reasonably"comply.Ifcompliance wouldcauselossordamage,thenthiscouldbeaproblem. 13 3 append: "...ormaycausedisproportionatedamage includinglossorriskoflossofdata ,disruption, orcost." "Suchanoperatororpersonisrequiredinsteadtoprovidegoodcauseandtouseall reasonableeffortstoprocuretheachievementofthepurposebyanothermeansasmaybe agreedbytheauthorisedperson." 14 THISSECTIONALSONEEDSMORESAFEGUARDS TherearenorestrictionsessentiallythisseemstosaytheSecretaryofStatemayaccessandexamine alldatatofindanythingthatmaypossiblybeanykindofitem broadlyinterpreted in9 6 ".Thisisa chartersowideastooverturnanyprivacyrestrictions,ifnotsafeguarded. Ataminimum,filteringgenerallyisoftwotypes: a specifictargetedfilteringinwhichalldataisscannedondemandforspecificwords, communications,patternsorotherdatalikelytobeofvalueinaspecificincidentor investigation; b generaluntargetedfilteringinwhichallorsomecategoryofdataisindiscriminatelyand routinelyscanned,withoutpriorknowledgeofanyspecificmatter,inordertoidentifysuch mattersortheirpossibleoccurrence. Generaluntargetedfilteringistheonerequiringrestriction,becauseitlooksateveryoneandevery actionofanycitizen,andprovidesameansofdataaccessand"datamining"thatisattheheartof widespreadpublicapprehension.Theappropriaterestrictionsarethatbydesignoftherelevant systems,communicationsdatashouldmandatorilynotbereadilyaccessible directlyorotherwise orprovidedtoanypersonorothersystem,exceptinafewcircumstances.Especially: Generaluntargetedfilteringshallnotbeperformedonsystemsthatbydesign,minimise exposureofdetailsofpersonsandcommunicationsdata,otherthan a fortestingpurposes or b encounteringdatathatitisintendedtonotifyandreportaspotentiallysignificant. Otherthantheseexceptions,systemsusedforgeneraluntargetedfilteringshallbedesigned tominimizeandpreventunauthorisedreviewofdata,datamining,orprivacybreachbyany personorpersons,ortransmissionordeliveryofthesametoanypersonorsystemoutside theapprovedfilteringprocess. And 15 4 alsorequiresreflectionofademinimis 16 through 21 Confusingtermauthorisationdatadoesntintuitivelymakesense.Canthisbereplacedby authorisedcommunicationsdata? 28 Thedefinitionofcommunicationdataitselfisstrange,see a i .Avisualimageisnotbyitsnature acommunication ifIscananimageofapictureorkeepanaudiorecordingofabookonmy computeristhisacommunication.Theclause a i isalsoredundantbecausesaveddata,images etcarealreadydocuments.Therealsenseofacommunicationiscapturedby ii anyway. ConcernUnclearastoneedfor a i whichalsoappearstomakethisactencompassanundesirably hugerangeofnoncommunications.

132

Draft Communications Data Bill

Action 1. remove a i ,ifneededmergingitscontentsintothedefinitionofdocument; 2. ifatanypointthetermcommunicationneedstoencompassthedeletedmeaningof a i , thenamendtostatecommunicationsordocumentwhichisclearer. August2012

Draft Communications Data Bill

133

The Global Network Initiative


1.TheGlobalNetworkInitiative GNI welcomestheopportunitytoprovidewrittenevidencetothe CommunicationsDataBillJointScrutinyCommittee.Wehavethreespecificconcernsthatwedetailin oursubmission: a Broadening the collection and retention of new data on anyone in the UK using communicationsservices; b The assertion of jurisdiction over nonUK based communications service providers when servicesareaccessedintheUK; c A reserve power that would empower the Home Secretary to require UK providers to captureandretaindata specificallyandonlyforlawenforcementpurposes ifrequirements tocaptureandretaindatacannotbedirectlyimposedonanonUKprovider. 2.GNIisamultistakeholdergroupofcompanies,civilsocietyorganizations includinghumanrights andpressfreedomgroups ,investorsandacademics,whohavecreatedacollaborativeapproachto protect and advance freedom of expression and privacy in the Information Communications and Technology ICT sector. GNI has developed a set of Principles and Implementation Guidelines to guide responsible company action when facing requests from governments around the world that could impact on the freedom of expression and privacy rights of users. These Principles and Implementation Guidelines are based on international human rights standards and are attached to thiswrittenevidenceinAppendixA.AppendixBhasafulllistofparticipantsandobserversofGNI. 3. It is the duty of governments to respect, protect, promote and fulfil human rights, including to ensure that national laws, regulations and policies are consistent with international human rights lawsstandards.GNIacknowledgesthedutyofagovernmenttoprotectitscitizensandpublicsafety. Itisrightthatgovernmentsconsiderhowthechangingcommunicationslandscapeimpactspolicing operationsandeffortstoprotectnationalsecurity.However,theapproachtakenmustreflectthefew and limited circumstances within the Universal Declaration of Human Rights that provide for the limitationoftheserights.Findingtherightapproachisnoteasy,particularlyintheglobal,complex, andconstantlyevolvingICTsector. 4. No other democratic nation has proposed the approach set out in this Bill. The UK plays an important leadership role in the development of international legal standards and has far reaching influencesonpolicythinkinggenerally.Thisincludesthedevelopmentofpolicyandlegalframeworks relatingtocommunicationstechnologyandtheprotectionofhumanrights.Forexample,theUKused its convening power to assemble government, industry and civil society representatives to the London Conference on Cyberspace in October 2011, the first gathering of its kind that brought together the cybersecurity community with the human rights community. 149 The UK also engaged early to help form an international coalition of governments now working together on freedom of expressionontheInternet. 150 5. There are very active debates internationally on the future of Internet governance. Several proposals,includingoneattheUNGeneralAssemblyforacodeofconductoninformationsecurity areindicativeofeffortsbyrepressiveregimestoexertagreaterdegreeofcontrolovertheInternet. Thiscouldincludeplacinggreaterrequirementsoncompanies. 151

149Formoreinformationseehttp://www.fco.gov.uk/en/globalissues/londonconference

cyberspace/.

150SeeFreedomOnline:JointActionforFreeExpressionontheInternet,TheHague,9December

2011,availableat http://www.minbuza.nl/binaries/content/assets/minbuza/en/the_ministry/declarationfinalv 14dec.pdf. 151InternationalCodeofConductforInformationSecuritypresentedtoUNGeneralAssembly12 September2011,http://news.dotnxt.com/2011/09/13/chinarussiasecuritycodeofconduct.

134

Draft Communications Data Bill

6.WhilstthesebroaderissuesareoutsidethedirectscopeoftheUKCommunicationsDataBill,they demonstratethewiderinternationalcontextwithinwhichthedraftBillsits.WeurgetheCommittee toconsidertheglobalcontextinitsscrutinyofthedraftBillandbemindfulofpossibleunintended consequencesthat could undermine the UKs ability to support and further freedom of expression andprivacyrightsinternationally.WewouldsuggestitisnotinthebroaderinterestsoftheUKto initiatelegislationthatcouldgiveauthoritarianregimesjustificationfortheirapproach. 7. The Bill broadens the collection and retention of new data on anyone in the UK using communications services. This includes requirements to generate datanot required for business purposes and not routinely collected by providersspecifically and only for the purpose of law enforcementaccess.ThisprovisiongoesbeyondtheexistingrequirementsundertheRegulatoryand InvestigatoryPowersAct RIPA andtheEUsDataRetentionDirective. 8. This aspect of the Bill could set a powerful precedent for repressive regimes to follow when seeking to justify surveillance on their own populations. Regimes attempt to claim legitimacy for theiractionswhentheyareabletopointtosimilarrequirements,evenifonlyintheformofpolicy statements or draft legislation, in leading democratic nations. An example of exactly this type of reactioncamefromChinainresponsetostatementsmadeinParliamentbythePrimeMinisterDavid Cameroninthedaysfollowingtheriotsin2011aroundtheneedtoconsiderplacinglimitsonsocial networks and allowing greater government access to user communications in certain circumstances. 152 9. This is an enabling Bill that would require secondary legislation or Notices/Orders to be fully implemented. It is not clear whether secondary legislation or Orders, including those that would specifythedatasetstobecollected,wouldbemadepublic.Thesedetailsshouldbemadeavailableso thatstakeholdersandParliamentcanmakeproperassessmentsaboutproportionalityandtheimpact oftheGovernmentsproposals. 10. Technological advances are also blurring the distinction between communications data and content that is at the heart of this Bill. For example, the URL for a web address can provide considerableaccesstoinformationaboutthetypeofcontenttheuserisviewing.Stakeholdersmust be reassured that communicationsdata could be reliably extractedwithoutalsodisclosing content. Takenalongsidetheexpandedscopeofdatacollectionforanyoneusingcommunicationsservicesin theUKthismustbeconsideredwhenassessingtheproportionalityoftheproposals. 11.TheassertionofjurisdictionovernonUKbasedcommunicationsserviceproviderswhenservices are accessed in the UK is problematic. Companies considering the provision of services in markets wherefreeexpressionandprivacyrightsmaybeatriskmayconsiderwaystomanageandoperate theirservicestomitigatehumanrightsrisks.ThisisoneoftherequirementsinGNIsPrinciples.Itis alsoconsistentwithintheUNProtect,RespectandRemedyframeworkandGuidingPrinciples. 153We have seen worrying trends in legislative proposals in a range of countries that hold intermediaries liablefortheactivitiesoftheirusersinwaysthatcouldhaveseriousimplicationsforfreespeech.One example is the draft Internet decree by the Government of Vietnam that places requirements on foreignprovidersnotlocatedinVietnamtocollaboratewiththegovernmentinthefilteringofawide variety of information such as that which could undermine the fine customs and traditions of the nation. Whilst filtering requirements and retention of communications data are not analogous,

SpecificcommentsontheCommunicationsDataBill

152GlobalTimes,RiotsleadtorethinkofInternetfreedom,13August2011,availableat

http://www.globaltimes.cn/NEWS/tabid/99/articleType/ArticleView/articleId/670718/Riots leadtorethinkofInternetfreedom.aspx. 5UNGuidingPrinciplesonBusinessandHumanRights:ImplementingtheUnitedNations'Protect, RespectandRemedy'Framework",availableathttp://www.business humanrights.org/SpecialRepPortal/Home/ProtectRespectRemedy Framework/GuidingPrinciples.

Draft Communications Data Bill

135

assertionsofjurisdictionare.ThedraftBillcouldprovideunintendedjustificationforactionsbyother governments.TheUKGovernmentshouldconsidertheseconsequences,includingtheimpactoflaws enactedinotherjurisdictionsontheprivacyrightsofUKcitizensasitpreparesthislegislation. 12.Evenifotherjurisdictionsdonotenactsimilarorcontrarylaws,UKcitizensdatacouldstillbeat jeopardy. Once other governments become aware of the storage of this additional communications data,lawenforcemententitiesinotherjurisdictionswillseektoobtainitaswell.IfICTcompaniesare required to obtain and retain communications data for UK residents law enforcement entities in otherjurisdictionscouldhavealegitimateclaimtoseekaccesstoit.NonUKlawenforcemententities may either try to obtain it through UK law enforcement or by exerting pressure on companies to releasethedatawithoutUKcooperation. 13.AreservepowerproposedintheBillwouldempowertheHomeSecretarytorequireUKproviders tocaptureandretaindata again,specificallyandonlyforlawenforcementpurposes ifrequirements cannot be directly imposed on a nonUK provider. Setting aside the technical challenges of whether this can be done, there are two specific problems. First, this requirement could have the effect of increasingpressureonnonUKproviderstocooperatewithlawenforcementininformal,voluntary agreements. In contrast, GNIs Implementation Guidelines commit companies to encourage governmentstobespecific,transparentandconsistentinthedemands,laws,andregulationsthey issue. Secondly, although we understand the challenge that law enforcement faces in regard to accessingcommunicationsdatainatimelyfashion,proposalstoaddressthisissueshouldbeginwith existing processes. If processes such as mutual legal assistance treaties MLATs are insufficiently fleet of foot, then government should initiate a concerted effort to review and improve them. This wouldbeafarmoreproportionateresponsetothelegitimateconcernthatdatamaynotbeavailable by the time a lawful request is served on a provider. In June 2012 a GNI commissioned report recommendedthataccesstodatathroughtheMLATprocessneedstobemademoreefficient,with safeguardsinplace. 154

Conclusion

14.Asitconsidersthislegislation,thecommitteehasanopportunitytoguidegovernmentonhowthe legitimateneedsoflawenforcementcanbeconsistentwithinternationalhumanrightsstandards.It hastheopportunitytodevelopanapproachthatwouldserveasaworthymodelforothercountries. ThedraftBilldoesnotsucceedinthisrespect.Werecommendthatmoretimebetakenandrevisions consideredtoensurethattherightsofindividualsarerespected,soastoshapearegimethattheUK wouldbecomfortablehavingcopiedbyothergovernments. GlobalNetworkInitiative WrittenEvidencetotheCommunicationsDataBillJointScrutinyCommittee AppendixA:GNIPrinciplesandImplementationGuidelines PrinciplesonFreeExpressionandPrivacy 1. Preamble 2. FreedomofExpression 3. Privacy 4. ResponsibleCompanyDecisionMaking 5. MultiStakeholderCollaboration 6. Governance,Accountability&Transparency AnnexA:Definitions AnnexB:EndNotes

154IanBrownandDouweKorff,DigitalFreedomsinInternationalLaw:PracticalStepstoProtect

HumanRightsOnline,June2012,availableat http://www.globalnetworkinitiative.org/news/newreportoutlinesrecommendations governmentscompaniesandothershowprotectfree.

136

Draft Communications Data Bill

1.Preamble ThesePrinciplesonFreedomofExpressionandPrivacy thePrinciples havebeendevelopedby companies,investors,civilsocietyorganizationsandacademics collectivelytheparticipants . ThesePrinciplesarebasedoninternationallyrecognizedlawsandstandardsforhumanrights, includingtheUniversalDeclarationofHumanRights UDHR ,theInternationalCovenantonCivil andPoliticalRights ICCPR andtheInternationalCovenantonEconomic,SocialandCulturalRights ICESCR . 155156 Allhumanrightsareindivisible,interdependent,andinterrelated:theimprovementofoneright facilitatesadvancementoftheothers;thedeprivationofonerightadverselyaffectsothers.Freedom ofexpressionandprivacyareanexplicitpartofthisinternationalframeworkofhumanrightsandare enablingrightsthatfacilitatethemeaningfulrealizationofotherhumanrights. 157 Thedutyofgovernmentstorespect,protect,promoteandfulfillhumanrightsisthefoundationofthis humanrightsframework.Thatdutyincludesensuringthatnationallaws,regulationsandpoliciesare consistentwithinternationalhumanrightslawsandstandardsonfreedomofexpressionandprivacy. InformationandCommunicationsTechnology ICT companieshavetheresponsibilitytorespectand protectthefreedomofexpressionandprivacyrightsoftheirusers.ICThasthepotentialtoenablethe exchangeofideasandaccesstoinformationinawaythatsupportseconomicopportunity,advances knowledgeandimprovesqualityoflife. ThecollaborationbetweentheICTindustry,investors,civilsocietyorganizations,academicsand otherstakeholderscanstrengtheneffortstoworkwithgovernmentstoadvancefreedomof expressionandprivacyglobally. Forthesereasons,thesePrinciplesandtheiraccompanyingImplementationGuidelinesestablisha frameworktoprovidedirectionandguidancetotheICTindustryanditsstakeholdersinprotecting andadvancingtheenjoymentofhumanrightsglobally. Theparticipantshavealsodevelopedamultistakeholdergovernancestructuretoensure accountabilityfortheimplementationofthesePrinciplesandtheircontinuedrelevance,effectiveness andimpact.Thisstructureincorporatestransparencywiththepublic,independentassessmentand multistakeholdercollaboration. Theparticipantswillseektoextendthenumberoforganizationsfromaroundtheworldsupporting thesePrinciplessothattheycantakerootasaglobalstandard. 2.FreedomofExpression Freedomofopinionandexpressionisahumanrightandguarantorofhumandignity.Therightto freedomofopinionandexpressionincludesthefreedomtoholdopinionswithoutinterferenceandto seek,receiveandimpartinformationandideasthroughanymediaandregardlessoffrontiers. 158

155Itisrecognizedthatotherregionalhumanrightsinstrumentsaddresstheissuesoffreedomof

expressionandprivacy,including:TheEuropeanConvention,implementedbytheEuropean CourtofHumanRights;theAmericanConvention,implementedbytheInterAmericanCourtof HumanRightsandInterAmericanCommission;andtheOrganizationofAfricanUnity, implementedbytheAfricanCommissiononHumanandPeoplesRights.

156ThesePrincipleshavealsobeendraftedwithreferencetotheWorldSummitontheInformation

SocietyTunisAgendafortheInformationSociety. 157ItshouldbenotedthatthespecificscopeofthesePrinciplesislimitedtofreedomofexpression andprivacy. 158TakenfromArticle19ofUniversalDeclarationofHumanRightsandArticleof19ofthe InternationalCovenantonCivilandPoliticalRights.ItshouldbenotedthattheseArticles

Draft Communications Data Bill

137

Freedomofopinionandexpressionsupportsaninformedcitizenryandisvitaltoensuringpublicand privatesectoraccountability.Broadpublicaccesstoinformationandthefreedomtocreateand communicateideasarecriticaltotheadvancementofknowledge,economicopportunityandhuman potential. Therighttofreedomofexpressionshouldnotberestrictedbygovernments,exceptinnarrowly definedcircumstancesbasedoninternationallyrecognizedlawsorstandards. 159Theserestrictions shouldbeconsistentwithinternationalhumanrightslawsandstandards,theruleoflawandbe necessaryandproportionatefortherelevantpurpose. 160 161 Participatingcompanieswillrespectandprotectthefreedomofexpressionoftheirusersby seekingtoavoidorminimizetheimpactofgovernmentrestrictionsonfreedomof expression,includingrestrictionsontheinformationavailabletousersandtheopportunities foruserstocreateandcommunicateideasandinformation,regardlessoffrontiersormedia ofcommunication. Participatingcompanieswillrespectandprotectthefreedomofexpressionrightsoftheir userswhenconfrontedwithgovernment 162demands,lawsandregulationstosuppress freedomofexpression,removecontentorotherwiselimitaccesstoinformationandideasin amannerinconsistentwithinternationallyrecognizedlawsandstandards. 3.Privacy Privacyisahumanrightandguarantorofhumandignity.Privacyisimportanttomaintaining personalsecurity,protectingidentityandpromotingfreedomofexpressioninthedigitalage. Everyoneshouldbefreefromillegalorarbitraryinterferencewiththerighttoprivacyandshould havetherighttotheprotectionofthelawagainstsuchinterferenceorattacks. 163 Therighttoprivacyshouldnotberestrictedbygovernments,exceptinnarrowlydefined circumstancesbasedoninternationallyrecognizedlawsandstandards.Theserestrictionsshouldbe consistentwithinternationalhumanrightslawsandstandards,theruleoflawandbenecessaryand proportionatefortherelevantpurpose. Participatingcompanieswillemployprotectionswithrespecttopersonalinformationinall countrieswheretheyoperateinordertoprotecttheprivacyrightsofusers.


referencetherighttofreedomofopinionandexpression,andthendescribethelimited circumstancesinwhichtherighttofreedomofexpression i.e.notopinion canberestricted. ThatistheapproachtakenbythesePrinciples. 159ThenarrowlydefinedcircumstancesshouldbetakenfromArticle19oftheInternationalCovenant onCivilandPoliticalRights ICCPR ,namelytheactionsnecessarytopreservenationalsecurity andpublicorder,protectpublichealthormorals,orsafeguardtherightsorreputationsofothers. ThescopeofpermissiblerestrictionsprovidedinArticle19 3 oftheICCPRisreadwithinthe contextoffurtherinterpretationsissuedbyinternationalhumanrightsbodies,includingthe HumanRightsCommitteeandtheSpecialRapporteuronthepromotionandprotectionofthe righttofreedomofopinionandexpression. 160SeeAnnexAforanillustrativedefinitionofRuleofLaw. 161ThesePrincipleshavebeendraftedwithreferencetotheJohannesburgPrinciplesonNational Security,FreedomofExpressionandAccesstoInformation.TheJohannesburgPrinciplesprovide furtherguidanceonhowandwhenrestrictionstofreedomofexpressionmaybeexercised. 162Participatingcompanieswillalsoneedtoaddresssituationswheregovernmentsmaymake demandsthroughproxiesandotherthirdparties. 163TakenfromArticle12oftheUniversalDeclarationofHumanRightsandArticle17ofthe InternationalCovenantonCivilandPoliticalRights.

138

Draft Communications Data Bill

4.ResponsibleCompanyDecisionMaking TheimplementationofthesePrinciplesbyparticipatingcompaniesrequirestheirintegrationinto companydecisionmakingandculturethroughresponsiblepolicies,proceduresandprocesses. ParticipatingcompanieswillensurethatthecompanyBoard,seniorofficersandothers responsibleforkeydecisionsthatimpactfreedomofexpressionandprivacyarefully informedofthesePrinciplesandhowtheymaybebestadvanced. Participatingcompanieswillidentifycircumstanceswherefreedomofexpressionand privacymaybejeopardizedoradvancedandintegratethesePrinciplesintotheirdecision makinginthesecircumstances. ParticipatingcompanieswillimplementthesePrincipleswherevertheyhaveoperational control.Whentheydonothaveoperationalcontrol,participatingcompanieswillusebest effortstoensurethatbusinesspartners,investments,suppliers,distributorsandother relevantrelatedpartiesfollowthesePrinciples. 164165166 5.MultistakeholderCollaboration Thedevelopmentofcollaborativestrategiesinvolvingbusiness,industryassociations,civilsociety organizations,investorsandacademicswillbecriticaltotheachievementofthesePrinciples. Whileinfringementonfreedomofexpressionandprivacyarenotnewconcerns,theviolationofthese rightsinthecontextofthegrowinguseofICTisnew,global,complexandconstantlyevolving.For thisreason,sharedlearning,publicpolicyengagementandothermultistakeholdercollaborationwill advancethesePrinciplesandtheenjoymentoftheserights. Participantswilltakeacollaborativeapproachtoproblemsolvingandexplorenewwaysin whichthecollectivelearningfrommultiplestakeholderscanbeusedtoadvancefreedomof expressionandprivacy. Individuallyandcollectively,participantswillengagegovernmentsandinternational institutionstopromotetheruleoflawandtheadoptionoflaws,policiesandpracticesthat protect,respectandfulfillfreedomofexpressionandprivacy. 167 6.Governance,AccountabilityandTranparency

Participatingcompanieswillrespectandprotecttheprivacyrightsofuserswhenconfronted withgovernmentdemands,lawsorregulationsthatcompromiseprivacyinamanner inconsistentwithinternationallyrecognizedlawsandstandards.

164Operationalcontrolmeansthepower,directlyorindirectly,todirectorcausethedirectionof

themanagementandpoliciesoftheentity.Thismaybebycontract,ownershipofvotingstockor representationontheBoardofDirectorsorsimilargoverningbody.

165SeeAnnexAforadefinitionofBestEfforts. 166Itisrecognizedthattheinfluenceoftheparticipatingcompanywillvaryacrossdifferent

relationshipsandcontractualarrangements.Itisalsorecognizedthatthisprincipleappliesto businesspartners,suppliers,investments,distributorsandotherrelevantrelatedpartiesthatare involvedintheparticipatingcompanysbusinessinamannerthatmateriallyaffectsthe companysroleinrespectingandprotectingprivacyandfreedomofexpression.Theparticipating companyshouldprioritizecircumstanceswhereithasgreatestinfluenceand/orwheretherisk tofreedomofexpressionandprivacyisatitsgreatest. 167Itisrecognizedthatparticipantsmaytakedifferentpositionsonspecificpublicpolicyproposalsor strategies,solongastheyareconsistentwiththesePrinciples.

Draft Communications Data Bill

139

ThesePrinciplesrequireagovernancestructurethatsupportstheirpurposeandensurestheirlong termsuccess. ToensuretheeffectivenessofthesePrinciples,participantsmustbeheldaccountablefortheirrolein theadvancementandimplementationoftheseprinciples. Participantswilladheretoacollectivelydeterminedgovernancestructurethatdefinesthe rolesandresponsibilitiesofparticipants,ensuresaccountabilityandpromotesthe advancementofthesePrinciples. Participantswillbeheldaccountablethroughasystemof a transparencywiththepublic and b independentassessmentandevaluationoftheimplementationofthesePrinciples. AnnexA:Definitions FreedomofExpression:FreedomofexpressionisdefinedusingArticle19oftheUniversalDeclaration ofHumanRights UDHR andArticle19oftheInternationalCovenantonCivilandPoliticalRights ICCPR : UDHR:Everyonehastherighttofreedomofopinionandexpression;thisrightincludes freedomtoholdopinionswithoutinterferenceandtoseek,receiveandimpartinformation andideasthroughanymediaandregardlessoffrontiers. ICCPR:1.Everyoneshallhavetherighttoholdopinionswithoutinterference. 2.Everyoneshallhavetherighttofreedomofexpression;thisrightshallincludefreedomto seek,receiveandimpartinformationandideasofallkinds,regardlessoffrontiers,either orally,inwritingorinprint,intheformofart,orthroughanyothermediaofhischoice. 3.Theexerciseoftherightsprovidedforinparagraph2ofthisarticlecarrieswithitspecial dutiesandresponsibilities.Itmaythereforebesubjecttocertainrestrictions,buttheseshall onlybesuchasareprovidedbylawandarenecessary: a Forrespectoftherightsorreputationsofothers; b Fortheprotectionofnationalsecurityorofpublicorder ordrepublic ,orof publichealthormorals. Privacy:PrivacyisdefinedusingArticle12oftheUniversalDeclarationofHumanRights UDHR and Article17oftheInternationalCovenantonCivilandPoliticalRights ICCPR : UDHR:Nooneshallbesubjectedtoarbitraryinterferencewithhisprivacy,family,homeor correspondence,nortoattacksuponhishonourandreputation.Everyonehastherightto theprotectionofthelawagainstsuchinterferenceorattacks. ICCPR:1.Nooneshallbesubjectedtoarbitraryorunlawfulinterferencewithhisprivacy, family,homeorcorrespondence,nortounlawfulattacksonhishonourandreputation. 2.Everyonehastherighttotheprotectionofthelawagainstsuchinterferenceorattacks. RuleofLaw:Asystemoftransparent,predictableandaccessiblelawsandindependentlegal institutionsandprocesseswhichrespect,protect,promoteandfulfillhumanrights. PersonalInformation:Participantsareawareoftherangeofdefinitionsforpersonalinformationor personallyidentifiableinformationandacknowledgethatthesedefinitionsvarybetween jurisdictions.ThesePrinciplesusethetermpersonalinformationandinterpretthistomean

140

Draft Communications Data Bill

informationthatcan,aloneorinaggregate,beusedtoidentifyorlocateanindividual suchasname, emailaddressorbillinginformation orinformationwhichcanbereasonablylinked,directlyor indirectly,withotherinformationtoidentifyorlocateanindividual. User:Anyindividualusingapubliclyavailableelectroniccommunicationsservice,forprivateor businesspurposes,withorwithouthavingsubscribedtothisservice. BestEfforts:Theparticipatingcompanywill,ingoodfaith,undertakereasonablestepstoachievethe bestresultinthecircumstancesandcarrytheprocesstoitslogicalconclusion. AnnexB:EndNotes ImplementationGuidelinesforthePrinciplesonFreeExpressionandPrivacy 7. PurposeofthisDocument 8. ResponsibleCompanyDecisionMaking 9. FreedomofExpression 10. Privacy 11. MultiStakeholderCollaboration 12. Governance,Accountability&Transparency AnnexA:Definitions 1.PurposeofthisDocument ThePrinciplesonFreedomofExpressionandPrivacy thePrinciples havebeencreatedtoprovide directionandguidancetotheInformationandCommunicationsTechnology ICT industryandits stakeholdersinprotectingandadvancingtheenjoymentofthesehumanrightsglobally. TheseImplementationGuidelinesprovidefurtherdetailsonhowparticipatingcompanieswillputthe Principlesintopractice.Thepurposeofthisdocumentisto: DescribeasetofactionswhichconstitutecompliancewiththePrinciples. ProvidecompanieswithguidanceonhowtoimplementthePrinciples. AsdescribedintheaccompanyingGovernance,AccountabilityandLearningFramework,each participatingcompanywillbeassessedontheirprogressimplementingthePrinciplesaftertwoyears andannuallythereafter. TheeffectivenessoftheseImplementationGuidelineswillbereviewedandassessedasexperiencein implementationofthePrinciplesgrows.Thereviewprocesswillinclude: Removing,revisingoraddingguidelinesasappropriate. ConsideringthedevelopmentofdifferentversionsoftheImplementationGuidelinesthatmaybe tailoredtospecificregionsorsectors. 2.ResponsibleCompanyDecisionMaking BoardReview,OversightandLeadership TheBoardsofparticipatingcompanieswillincorporatetheimpactofcompanyoperationson freedomofexpressionandprivacyintotheBoardsreviewofthebusiness. TheBoardwill:

Draft Communications Data Bill

141

Receiveandevaluateregularreportsfrommanagementonhowthecommitmentslaidoutin thePrinciplesarebeingimplemented. Reviewfreedomofexpressionandprivacyriskwithintheoverallriskmanagementreview process. ParticipateinfreedomofexpressionandprivacyrisktrainingaspartofoverallBoard education.

HumanRightsImpactAssessments Participatingcompanieswillemployhumanrightsimpactassessmentstoidentifycircumstances whenfreedomofexpressionandprivacymaybejeopardizedoradvanced,anddevelopappropriate riskmitigationstrategieswhen: Reviewingandrevisinginternalproceduresforrespondingtogovernmentdemandsforuser dataorcontentrestrictionsinexistingmarkets Enteringnewmarkets,particularlythosewherefreedomofexpressionandprivacyarenot wellprotected. Reviewingthepolicies,proceduresandactivitiesofpotentialpartners,investments, suppliersandotherrelevantrelatedpartiesforprotectingfreedomofexpressionandprivacy aspartofitscorporateduediligenceprocess. Designingandintroducingnewtechnologies,productsandservices. Thehumanrightsimpactassessmentswillbeundertakentodifferentlevelsofdetailandscope dependingonthepurposeoftheimpactassessment.However,participatingcompaniesshould: Prioritizetheuseofhumanrightsimpactassessmentsformarkets,products,technologies andservicesthatpresentthegreatestrisktofreedomofexpressionandprivacyorwhere thepotentialtoadvancehumanrightsisatitsgreatest. Updatehumanrightsimpactassessmentsovertime,suchaswhentherearematerial changestolaws,regulations,markets,products,technologies,orservices.

ApplicationGuidance:BoardcouldmeanaManagementBoardorExecutiveBoardifthesearemore appropriatefortheparticipatingcompanysstructure.

Drawuponresourcesfromhumanrightsgroups,governmentbodies,international organizationsandmaterialsdevelopedaspartofthismultistakeholderprocess. Includeaconsiderationofrelevantlocallawsineachmarketandwhetherthedomesticlegal systemsconformtoruleoflawrequirements. Utilizelearningfromreallifecasesandprecedents. Focusonpotentialpartners,investments,suppliersandotherrelevantrelatedpartiesthat areinvolvedintheparticipatingcompanysbusinessinamannerthatmateriallyaffectsthe companysroleinrespectingandprotectingprivacyandfreedomofexpression. Incorporatetheoutputsofhumanrightsimpactassessmentsintoothercompanyprocesses, suchascorporateriskassessmentsandduediligence.

Partners,SuppliersandDistributors

142

Draft Communications Data Bill

ParticipatingcompanieswillfollowthesePrinciplesandImplementationGuidelinesinall circumstanceswhentheyhaveoperationalcontrol. Whentheparticipatingcompanydoesnothaveoperationalcontrolitwillusebesteffortstoensure thatbusinesspartners,investments,suppliers,distributorsandotherrelevantrelatedpartiesfollow thePrinciples. Participatingcompaniesshouldfocustheireffortsonbusinesspartners,investments,suppliers, distributorsandotherrelevantrelatedpartiesthatareinvolvedintheparticipatingcompanys businessinamannerthatmateriallyaffectsthecompanysroleinrespectingandprotectingfreedom ofexpressionandprivacy.Theparticipatingcompanyshouldprioritizecircumstanceswhereithas thegreatestinfluenceand/orwheretherisktofreedomofexpressionandprivacyisatitsgreatest.

ApplicationGuidance:Itisassumedthatthisapproachwillbetakeninallrelevantcontractssigned aftercommittingtothePrinciplesandtoallrelevantpreexistingcontracts. ApplicationGuidance:Operationalcontrolmeansthepower,directlyorindirectly,todirectorcause thedirectionofthemanagementandpoliciesoftheentity.Thismaybebycontract,ownershipof votingstockorrepresentationontheBoardofDirectorsorsimilargoverningbody.

IntegrationintoBusinessOperations Participatingcompanieswilldevelopappropriateinternalstructuresandtakestepsthroughouttheir businessoperationstoensurethatthecommitmentslaidoutinthePrinciplesareincorporatedinto companyanalysis,decisionmakingandoperations. Overtimethiswillinclude: Structure Thecreationofaseniordirectedhumanrightsteam,includingtheactiveparticipationof seniormanagement,todesign,coordinateandleadtheimplementationofthePrinciples.

ApplicationGuidance:Itisrecognizedthattheinfluenceofparticipatingcompanieswillvaryacross differentrelationshipsandcontractualarrangements.Seethedefinitionofbesteffortsprovidedin AnnexA.

ApplicationGuidance:Thisteammaybuildonexistinginternalcorporatestructures,suchas corporatesocialresponsibility,policy,privacyorbusinessethicsteams.

Procedures Establishingwrittenproceduresthatensureconsistentimplementationofpoliciesthat protectfreedomofexpressionandprivacyanddocumentingcompliancewiththesepolicies. Documentationofpoliciesandcomplianceshouldbesufficientlydetailedastoenablelater internalandexternalreview. Establishingameansofremediationwhenbusinesspracticesthatareinconsistentwiththe Principlesareidentified,includingmeaningfulstepstoensurethatsuchinconsistenciesdo notrecur. Incorporatingfreedomofexpressionandprivacycomplianceintoassuranceprocessesto ensurecompliancewiththeprocedureslaidoutinthePrinciples.

Ensuringthattheproceduresrelatedtogovernmentdemandsimplicatingusersfreedomof expressionorprivacyrightsareoverseenandsignedoffbyanappropriateandsufficiently seniormemberofthecompanysmanagementandareappropriatelydocumented.

Draft Communications Data Bill

143

Maintainingarecordofrequestsanddemandsforgovernmentrestrictionstofreedomof expressionandaccesstopersonalinformation. Employees CommunicatingthePrinciplestoallemployees,suchasthroughthecompanyintranet,and integratingthecompanyscommitmenttothePrinciplesthroughemployeetrainingor orientationprograms. Providingmoredetailedtrainingforthosecorporateemployeeswhoaremostlikelytoface freedomofexpressionandprivacychallenges,basedonhumanrightsimpactassessments. Thismayincludestaffinaudit,compliance,legal,marketing,salesandbusinessdevelopment areas.Whereappropriateandfeasible,theorientationandtrainingprogramsshouldalsobe providedtoemployeesofrelevantrelatedpartiessuchaspartners,suppliersand distributors. ComplaintsandAssistance Developingescalationproceduresforemployeesseekingguidanceinimplementingthe Principles. Providingwhistleblowingmechanismsorothersecurechannelsthroughwhichemployees andotherstakeholderscanconfidentiallyoranonymouslyreportviolationsofthePrinciples withoutfearofassociatedpunishmentorretribution.

3.FreedomofExpression GovernmentDemands,LawsandRegulations Participatingcompanieswillencouragegovernmentstobespecific,transparentandconsistentinthe demands,lawsandregulations governmentrestrictions thatareissuedtorestrictfreedomof expressiononline. Participantswillalsoencouragegovernmentdemandsthatareconsistentwithinternationallawsand standardsonfreedomofexpression.Thisincludesengagingproactivelywithgovernmentstoreacha sharedunderstandingofhowgovernmentrestrictionscanbeappliedinamannerconsistentwiththe Principles. Whenrequiredtorestrictcommunicationsorremovecontent,participatingcompanieswill: Requirethatgovernmentsfollowestablisheddomesticlegalprocesseswhentheyareseeking torestrictfreedomofexpression. Interpretgovernmentrestrictionsanddemandssoastominimizethenegativeeffecton freedomofexpression. Interpretthegovernmentalauthoritysjurisdictionsoastominimizethenegativeeffectonto freedomofexpression.

Note:Forexample,eachcompanymightappointordesignateaninternalombudsmanor auditortomonitorthecompany'sbusinesspracticesrelatingtofreedomofexpressionand privacy.

ApplicationGuidance:Itisrecognizedthatthenatureofjurisdictionontheinternetisa highlycomplexquestionthatwillbesubjecttoshiftinglegaldefinitionsandinterpretations overtime.

144

Draft Communications Data Bill

Seekclarificationormodificationfromauthorizedofficialswhengovernmentrestrictions appearoverbroad,notrequiredbydomesticlaworappearinconsistentwithinternational humanrightslawsandstandardsonfreedomofexpression.

ApplicationGuidance:Overbroadcouldmean,forexample,wheremoreinformationis restrictedthanwouldbereasonablyexpectedbasedontheassertedpurposeoftherequest.
Requestclearwrittencommunicationsfromthegovernmentthatexplainthelegalbasisfor governmentrestrictionstofreedomofexpression,includingthenameoftherequesting governmententityandthename,titleandsignatureoftheauthorizedofficial.

ApplicationGuidance:Writtendemandsarepreferable,althoughitisrecognizedthatthere arecertaincircumstances,suchaswherethelawpermitsverbaldemandsandinemergency situations,whencommunicationswillbeoralratherthanwritten.


Adoptpoliciesandprocedurestoaddresshowthecompanywillrespondininstanceswhen governmentsfailtoprovideawrittendirectiveoradheretodomesticlegalprocedure.These policiesandproceduresshallincludeaconsiderationofwhentochallengesuchgovernment demands. Challengethegovernmentindomesticcourtsorseektheassistanceofrelevantgovernment authorities,internationalhumanrightsbodiesornongovernmentalorganizationswhen facedwithagovernmentrestrictionthatappearsinconsistentwithdomesticlawor proceduresorinternationalhumanrightslawsandstandardsonfreedomofexpression

CommunicationsWithUsers Participatingcompanieswillseektooperateinatransparentmannerwhenrequiredbygovernment toremovecontentorotherwiselimitaccesstoinformationandideas.Toachievethis,participating companieswill,unlessprohibitedbylaw: Clearlydisclosetousersthegenerallyapplicablelawsandpolicieswhichrequirethe participatingcompanytoremoveorlimitaccesstocontentorrestrictcommunications. Disclosetousersinaclearmannerthecompanyspoliciesandproceduresforrespondingto governmentdemandstoremoveorlimitaccesstocontentorrestrictcommunications. Giveclear,prominentandtimelynoticetouserswhenaccesstospecificcontenthasbeen removedorblockedbytheparticipatingcompanyorwhencommunicationshavebeen limitedbytheparticipatingcompanyduetogovernmentrestrictions.Noticeshouldinclude thereasonfortheactionandstateonwhoseauthoritytheactionwastaken. 4.Privacy DataCollection

ApplicationGuidance:Itisrecognizedthatitisneitherpracticalnordesirablefor participatingcompaniestochallengeinallcases.Rather,participatingcompaniesmayselect casesbasedonarangeofcriteriasuchasthepotentialbeneficialimpactonfreedomof expression,thelikelihoodofsuccess,theseverityofthecase,cost,therepresentativenessof thecaseandwhetherthecaseispartofalargertrend. ApplicationGuidance:Policiesandproceduresadoptedbyparticipatingcompanieswill addresssituationswheregovernmentsmaymakedemandsthroughproxiesandotherthird partiestoevadedomesticlegalprocedures.

Draft Communications Data Bill

145

Participatingcompanieswillassessthehumanrightsrisksassociatedwiththecollection,storage,and retentionofpersonalinformationinthejurisdictionswheretheyoperateanddevelopappropriate mitigationstrategiestoaddresstheserisks GovernmentDemands,LawsandRegulations Participatingcompanieswillencouragegovernmentstobespecific,transparentandconsistentinthe demands,lawsandregulations governmentdemands thatareissuedregardingprivacyonline. Participatingcompanieswillalsoencouragegovernmentdemandsthatareconsistentwith internationallawsandstandardsonprivacy.Thisincludesengagingproactivelywithgovernmentsto reachasharedunderstandingofhowgovernmentdemandscanbeissuedandimplementedina mannerconsistentwiththePrinciples. Participatingcompanieswilladoptpoliciesandprocedureswhichsetouthowthecompanywill assessandrespondtogovernmentdemandsfordisclosureofpersonalinformation.Whenrequiredto providepersonalinformationtogovernmentalauthorities,participatingcompanieswill: Narrowlyinterpretandimplementgovernmentdemandsthatcompromiseprivacy. Seekclarificationormodificationfromauthorizedofficialswhengovernmentdemands appearoverbroad,unlawful,notrequiredbyapplicablelaworinconsistentwith internationalhumanrightslawsandstandardsonprivacy.

ApplicationGuidance:Overbroadcouldmean,forexample,wheremorepersonalinformation isrequestedthanwouldbereasonablyexpectedbasedontheassertedpurposeofthe request.

Requestclearcommunications,preferablyinwriting,thatexplainsthelegalbasisfor governmentdemandsforpersonalinformationincludingthenameoftherequesting governmententityandthename,titleandsignatureoftheauthorizedofficial.

ApplicationGuidance:Writtendemandsarepreferable,althoughitisrecognizedthatthere arecertaincircumstances,suchaswherethelawpermitsverbaldemandsandinemergency situations,whencommunicationswillbeoralratherthanwritten.


Requirethatgovernmentsfollowestablisheddomesticlegalprocesseswhentheyareseeking accesstopersonalinformation. Adoptpoliciesandprocedurestoaddresshowthecompanywillrespondwhengovernment demandsdonotincludeawrittendirectiveorfailtoadheretoestablishedlegalprocedure. Thesepoliciesandproceduresshallincludeaconsiderationofwhentochallengesuch governmentdemands. Narrowlyinterpretthegovernmentalauthoritysjurisdictiontoaccesspersonalinformation, suchaslimitingcompliancetouserswithinthatCountry.

ApplicationGuidance:Itisrecognizedthatthenatureofjurisdictionontheinternetisa highlycomplexquestionthatwillbesubjecttoshiftinglegaldefinitionsandinterpretations overtime.


Challengethegovernmentindomesticcourtsorseektheassistanceofrelevantauthorities, internationalhumanrightsbodiesornongovernmentalorganizationswhenfacedwitha governmentdemandthatappearsinconsistentwithdomesticlaworproceduresor internationalhumanrightslawsandstandardsonprivacy.

ApplicationGuidance:Itisrecognizedthatitisneitherpracticalnordesirablefor participatingcompaniestochallengeinallcases.Rather,participatingcompaniesmayselect

146

Draft Communications Data Bill

CommunicationswithUsers Participatingcompanieswillseektooperateinatransparentmannerwhenrequiredtoprovide personalinformationtogovernments.Toachievethis,participatingcompanieswill: Disclosetousersinclearlanguagewhatgenerallyapplicablegovernmentlawsandpolicies requiretheparticipatingcompanytoprovidepersonalinformationtogovernment authorities,unlesssuchdisclosureisunlawful. Disclosetousersinclearlanguagewhatpersonalinformationtheparticipatingcompany collects,andtheparticipatingcompanyspoliciesandproceduresforrespondingto governmentdemandsforpersonalinformation. Assessonanongoingbasismeasurestosupportusertransparency,inaneffectivemanner, regardingthecompany'sdatacollection,storage,andretentionpractices.

casesbasedonarangeofcriteriasuchasthepotentialbeneficialimpactonprivacy,the likelihoodofsuccess,theseverityofthecase,cost,therepresentativenessofthecaseand whetherthecaseispartofalargertrend. ApplicationGuidance:Policiesandproceduresadoptedbyparticipatingcompanieswill addresssituationswheregovernmentsmaymakedemandsthroughproxiesandotherthird partiestoevadedomesticlegalprocedures.

5.MultistakeholderCollaboration EngagementinPublicPolicy Participantswillencouragegovernmentsandinternationalinstitutionstoadoptpolicies,practices andactionsthatareconsistentwithandadvancethePrinciples. Individuallyorcollectivelyparticipantswill: Engagegovernmentofficialstopromoteruleoflawandthereformoflaws,policiesand practicesthatinfringeonfreedomofexpressionandprivacy.

ApplicationGuidance:ParticipatingcompanieswillworkwiththeOrganizationtoraise awarenessamongusersregardingtheirchoicesforprotectingtheprivacyoftheirpersonal informationandtheimportanceofcompanydatapracticesinmakingthosechoices.

ApplicationGuidance:Promotingruleoflawreformcouldincluderuleoflawtraining, capacitybuildingwithlawrelatedinstitutions,takingpublicpolicypositionsorexternal education.

EngageindiscussionswithhomegovernmentstopromoteunderstandingofthePrinciples andtosupporttheirimplementation. Encouragedirectgovernmenttogovernmentcontactstosupportsuchunderstandingand implementation. Encouragegovernments,internationalorganizationsandentitiestocallattentiontothe worstcasesofinfringementonthehumanrightsoffreedomofexpressionandprivacy. Acknowledgeandrecognizetheimportanceofinitiativesthatseektoidentify,preventand limitaccesstoillegalonlineactivitysuchaschildexploitation.ThePrinciplesand ImplementationGuidelinesdonotseektoalterparticipantsinvolvementinsuchinitiatives.

Draft Communications Data Bill

147

Participantswillrefrainfromenteringintovoluntaryagreementsthatrequiretheparticipantsto limitusersfreedomofexpressionorprivacyinamannerinconsistentwiththePrinciples.Voluntary agreementsenteredintopriortocommittingtothePrinciplesandwhichmeetthiscriterionshould berevokedwithinthreeyearsofcommittingtothePrinciples.

InternalAdvisoryForum AconfidentialmultistakeholderAdvisoryForumwillprovideguidancetoparticipatingcompanieson emergingchallengesandopportunitiesfortheadvancementoffreedomofexpressionandprivacy. ExternalMultistakeholderLearningForums ParticipantswillpromoteglobaldialogueandunderstandingofthePrinciplesandsharelearning abouttheirimplementation.Participantswillengagewithabroadrangeofinterestedcompanies, industryassociations,advocacyNGOsandothercivilsocietyorganizations,universities,governments andinternationalinstitutions. Participantswillcreateagloballearning,collaborationandcommunicationprogram.Thisprogram willidentifystakeholders,topicsandforumsforlearning,collaborationandcommunicationactivities.

ApplicationGuidance:Itisrecognizedthatparticipantsmaytakedifferentpositionsonspecificpublic policyproposalsorstrategies,solongastheyareconsistentwiththeseprinciples.

ApplicationGuidance:Thiscouldinclude,forexample,theInternetGovernanceForum,the InternationalTelecommunicationsUnion,theUNGlobalCompactandtheUNSpecialRepresentative oftheSecretaryGeneralonhumanrightsandtransnationalcorporationsandotherbusiness enterprises.

PartofthislearningprogramwillbeanannualMultistakeholderLearningForumfocusingonthe rightstofreedomofexpressionandprivacy,thespecificscenariosinwhichtheserightsareaffected andotherbroaderissuesrelatedtotheimplementationofthePrinciples. Whereparticipantshaveactivitiesoroperationsinthesamecountriestheywillseektocollaborate onthedevelopmentoflocaldialoguesonrelevantprominentissuesandemergingconcernsinthose localities. Participantswilldevelopandshareinnovativetools,resources,processesandinformationthat supporttheimplementationofthePrinciples. Includedinthelearningprogramwillbeaconsiderationoftherolethattoolssuchasencryption, anonymizingtechnologies,securityenhancementsandproxytechnologiescanplayinenablingusers tomanagetheirmediaexperiencesandprotectfreedomofexpressionandprivacy. 6.Governance,AccountabilityandTransparency Governance AmultistakeholderrepresentativeBoardwilloverseethisinitiative,describedinmoredetailinthe accompanyingGovernance,AccountabilityandLearningFrameworkdocument. ReportingonImplementation Therewillbethreedifferentlevelsofreportingontheprogressbeingmadetoimplementthe Principles,describedinmoredetailintheaccompanyingGovernance,AccountabilityandLearning Frameworkdocument. IndependentAssessment

148

Draft Communications Data Bill

TherewillbeasystemofindependentassessmentoftheimplementationofthePrinciples,described inmoredetailintheaccompanyingGovernance,AccountabilityandLearningFrameworkdocument. AnnexA:Definitions FreedomofExpression:FreedomofexpressionisdefinedusingArticle19oftheUniversalDeclaration ofHumanRights UDHR andArticle19oftheInternationalCovenantonCivilandPoliticalRights ICCPR : UDHR:Everyonehastherighttofreedomofopinionandexpression;thisrightincludes freedomtoholdopinionswithoutinterferenceandtoseek,receiveandimpartinformation andideasthroughanymediaandregardlessoffrontiers. ICCPR:1.Everyoneshallhavetherighttoholdopinionswithoutinterference. 2.Everyoneshallhavetherighttofreedomofexpression;thisrightshallincludefreedomto seek,receiveandimpartinformationandideasofallkinds,regardlessoffrontiers,either orally,inwritingorinprint,intheformofart,orthroughanyothermediaofhischoice. 3.Theexerciseoftherightsprovidedforinparagraph2ofthisarticlecarrieswithitspecial dutiesandresponsibilities.Itmaythereforebesubjecttocertainrestrictions,buttheseshall onlybesuchasareprovidedbylawandarenecessary: a Forrespectoftherightsorreputationsofothers; b Fortheprotectionofnationalsecurityorofpublicorder ordrepublic ,orof publichealthormorals. Privacy:PrivacyisdefinedusingArticle12oftheUniversalDeclarationofHumanRights UDHR and Article17oftheInternationalCovenantonCivilandPoliticalRights ICCPR : UDHR:Nooneshallbesubjectedtoarbitraryinterferencewithhisprivacy,family,homeor correspondence,nortoattacksuponhishonourandreputation.Everyonehastherightto theprotectionofthelawagainstsuchinterferenceorattacks. ICCPR:1.Nooneshallbesubjectedtoarbitraryorunlawfulinterferencewithhisprivacy, family,homeorcorrespondence,nortounlawfulattacksonhishonourandreputation. 2.Everyonehastherighttotheprotectionofthelawagainstsuchinterferenceorattacks. RuleofLaw:Asystemoftransparent,predictableandaccessiblelawsandindependentlegal institutionsandprocesses,whichrespect,protect,promoteandfulfillhumanrights. PersonalInformation:Participantsareawareoftherangeofdefinitionsforpersonalinformationor personallyidentifiableinformationandacknowledgethatthesedefinitionsvarybetween jurisdictions.TheseImplementationGuidelinesusethetermpersonalinformationandinterpret thistomeaninformationthatcan,aloneorinaggregate,beusedtoidentifyorlocateanindividual suchasname,emailaddressorbillinginformation orinformationwhichcanbereasonablylinked, directlyorindirectly,withotherinformationtoidentifyorlocateanindividual. User:Anyindividualusingapubliclyavailableelectroniccommunicationsservice,forprivateor businesspurposes,withorwithouthavingsubscribedtothisservice. BestEfforts:Theparticipatingcompanywill,ingoodfaith,undertakereasonablestepstoachievethe bestresultinthecircumstancesandcarrytheprocesstoitslogicalconclusion. GlobalNetworkInitiative WrittenEvidencetotheCommunicationsDataBillJointScrutinyCommittee AppendixB:GNIParticipantsandObservers

Participants

Draft Communications Data Bill

149

ThefollowingorganizationsareparticipatingintheGlobalNetworkInitiative. AnnenbergSchoolforCommunication,UniversityofSouthernCalifornia ChristineBader,KenanInstituteforEthicsatDukeUniversity BerkmanCenterforInternet&SocietyatHarvardUniversity BostonCommonAssetManagement CalvertGroup CenterforDemocracy&Technology CentreforInternet&Society CentrodeEstudiosenLibertaddeExpresin ChurchofSweden CommitteetoProtectJournalists DominiSocialInvestmentsLLC ElectronicFrontierFoundation Evoca F&CAssetManagement Folksam GoogleInc. HumanRightsFirst HumanRightsinChina HumanRightsWatch IndexonCensorship InternationalMediaSupport IMS Internews MicrosoftCorp. Movements.org RebeccaMacKinnon,NewAmericaFoundation ResearchCenterforInformationLaw,UniversityofSt.Gallen TrilliumAssetManagement UniversityofCalifornia,BerkeleySchoolofInformation Websense WorldPressFreedomCommittee Yahoo!Inc.

Observers

ThefollowingcompaniescurrentlyhaveobserverstatuswiththeGlobalNetworkInitiative: Afilias Facebook

150

Draft Communications Data Bill

William Heath
ThisDraftCommunicationsBillisnotworthtinkeringwith;itshouldberejectedoutofhand.The intentionformasdataretentioniswrongandtheapproachtosolvingtheproblemiswrong. Falsepremiss TheGovernmentsaysitislosingaccesstocertaincategoriesofdata.Theworldisindeedchanging fast,andpeoplewithbadintentionsusenewtools.Butitfailstosetoutthewidercontext:thereisa floodofhighlyspecificdataavailabletogovernmentandtothesecurityagencies.Askthem:dothey ordotheynotroutinelyhaveaccessnowtovastlymoredataaboutanyindividualcomparedwith20 yearsago?Whyistherenopublicdebatesetinthiscontext? Thecasethismerelyrestoresacapabilitywhichhasbeenerodedisatbestunproven,atworst deliberatelymisleading. Corruptionofpublicservantsandofsuppliers Acceptingthatmostpublicservantsarehonestandmostsupplierstogovernmenttrytodoagood job,neverthelessroutinelyplacingvastamountsofhighlyrevealingdataabouteveryoneinthehands ofCSPsandaccessibletolargenumbersofpublicservantscreatesrisk.Itfurtherdamagespeople's trustinpublicservantsandinstitutions.Forthelargelyhonestandlawabidingcitizenitchangesthe roleoftheircommsserviceproviderssothatinsteadofwhereessentialdoingtheirlawfuldutyas requiredtheyworkroutinelyforthesecretstateagainsttheindividual'sinterests. Humanrights;whistleblowers OthersmaketheargumentthisisnotconformanttoourEuropeanhumanrightsobligations.Ifind thispersuasiveanditisaseriouspoint.Iparticularlyfeartheimpactonwhistleblowers.CDPisan apparatusforensuringaGovernmentdoingwrongcanshootthemessenger. GovenmentITspend MypreviouscompanytrackedwithaweandgrowingconcernnotjustthescaleofgovernmentIT spend,butthelackofefficacywithwhichitwasdone.Worstofallwastheprofoundlywrong intentionbehindmuchofwhatwasdone:centraliseddatabasesforhealth,education,childrenand theNationalIDScheme. Thisisnowstartingtoberectifiedwithatotallydifferent,citizenoriented,designdriven,lowcost, agilecultureinthenewGovernmentDigitalService. ButCDPisoldschool:hyperambitious,basedontheflawedpremissthatshinytechnologypoliticians don'tproperlyunderstandwillneverthelesscureoursocialillsandkeepussafe,pronetomassive escalatingcosts,nocrediblecostbenefitanalysispublished.Itfavoursbigestablishedservice providersovernewagiletechbusinessesbyplacingoverhead,complexityandadditionalcostonthe servicestheyoffer. Ithinkthe1.8bncostestimateislowballedtogetthisthrough.AnecdotallytheusualhistoricMoD practicewasbidlowtogetprojectsthroughParliament;youmultiplythatfirstestimatebypi 3.14 togettherealcost.Thatmayapplyhere.Wesimplydon'tknow,becausetheHomeOfficeisso secretiveaboutitscostestimates asifthecostofourITprojectswerethevitalinformationthat renderstheUKunsafe . SomeofwhatisinthedraftBillissooutrageous egthegeneralpowersgrantedtotheHome Secretary thatitmaybedeliberatelyintendedforsacrificetogetthemainpointsthrough.Dontplay along.Thisshouldberejectedoutofhand.

Draft Communications Data Bill

151

Insteadweneed ashared"problemstatement"onwhichmostinformedparticipantscanagreeonthefacts anopenconsultationordebatewhichistechnically,legallyandcommerciallywellinformed evaluationofthewiderrangeofoptionsavailablenowandinthefuture,inthewidercontextof whattheworldisbecoming aformaldesignprocesswhichaddressesthecoreprobleminahumanandintelligentmanner.This countryhasbrilliantservicedesignerswhocanaddressthemselvestoproblemsofcrimeand security.ThereisnosigntheuhavebeennearthisdraftBill. This"politiciansfallacy"modelofsolvingseriousproblemsbycreatingmassiveITprojectsthrougha legislativeprocesshasbeenprovenrepeatedlytofail,andatgreatexpense.Theclearestsignalyou cansendthatthisissimplynotgoodenough,thattimeshavechanged,andthingswillbedone differentlyisnottotinkerwiththis.Justrejectit. August2012

152

Draft Communications Data Bill

HMRC
HMRCistheUKstaxauthority.ItisresponsibleforsafeguardingtheflowofmoneytotheExchequer throughitscollection,complianceandenforcementactivities.Thedepartmentalsoadministersthe paymentofbenefitsandcreditstothoserequiringfinancialsupport.In2011/12HMRCcollected 474.2billionintaxesandpaidoutover42billioninbenefitsandcredits. TheflowofsuchlargesumsofmoneyacrossHMRCstaxandbenefitssystemsinevitablymakesthe departmentatargetforpredatoryandsophisticatedOrganisedCrimeGroups OCGs attractedbythe prospectoffinancialgain. ThethreattotherevenuefromOCGsappliesequallyacrossthefullrangeoftaxsystems.Examples includesophisticatedandsustainedattacksagainstonlinedirecttaxregimessuchasIncomeTaxSelf AssessmentbyOCGsoperatinginthecybercrimearena;indirecttaxfraudssuchascigaretteand tobaccosmuggling,alcoholsmuggling anddiversion ;hydrocarbonoilssmuggling andlaundering andVAT includingMultiTraderIntraCommunityMTICfraud .Tocombatthiscriminalactivity HMRCdeploysthefullrangeofintelligencegatheringcapabilitiesincludingtheacquisitionof communicationsdata CD whichfeaturesintheoverwhelmingmajorityofourcriminal prosecutions. CDprovidesintelligencetosupportoperationalactivityleadingtoarrests,andseizuresofmoneyand contraband.Itisalsoadducedinevidencetosupportcriminalprosecutions. General: 1. HastheHomeOfficemadeitclearwhatithopestoachievethroughthedraftBill? Yes.TheEUDataRetentionDirectivedoesnotimposeanobligationonUKCommunicationsService Providers CSPs toretaindatatheyotherwisewouldnotretainaspartoftheirnormalbusiness processes.Thismeansthatcertaincategoriesofcommunicationsdataparticularlyinrelationto offshoreCSPsarenotavailabletosupportinvestigationsintocriminalactivity. Insomecasesweareabletoobtainthismaterialundertheprovisionsofmutuallegalassistance treatiesbutthisisacumbersome,bureaucraticand,aboveall,slowprocessthatpreventsanyreal timeinvestigationofcrimeandprovidesnoguaranteethatthematerialrequestedwilleventuallybe madeavailable.TheBillwillcorrectthissituationbyobligingUKCSPstoretainthisdataasitpasses overtheirnetworks.Thematerialwillbeheldfornomorethan12monthsinlinewithcurrent legislationandlawenforcementagenciessuchasHMRCwillonlybeabletoobtaindatathatrelates toaspecificinvestigationaslongasitisproportionateandnecessarytodoso.Wefullysupportthe aimsoftheobjectivesoftheBill. Arecentinvestigationhighlightsthedifficultieswearecurrentlyexperiencing.Aspartofan investigationintoa600millionMissingTraderVATfraudchainwecouldnotobtainfroman overseasCSPtheIPloginhistoriesofseveralkeytargets.Asaconsequencewewereunableto identifylinksinthecriminalconspiracyandwewereunabletouseCDtoevidenceassociation betweenconspiratorsduringthesubsequentcourtcase. 2. HastheGovernmentmadeaconvincingcasefortheneedforthenewpowersproposedin thedraftBill? Yes.CDisacriticalinvestigativeandevidentialtoolforthelawenforcementagencies.Adegradation inthiscapabilitywouldputlivesatriskandasfarasthisDepartmentisconcernedhinderour abilitytoidentifyandprosecutecriminalgangsandindividualsthatattacktheUKtaxsystem. OperationTulipboxwasaMissingTraderIntraCommunityVATfraudinvestigationwhich highlightedtheimportanceofcommunicationsdata.CDprovidedkeyintelligencetolinktargets,

Draft Communications Data Bill

153

establishfraudulenttradingpatternsandrebutdefencearguments.Thetrialconcludedwith sentencesof15,14and9yearsforthethreecoconspirators.10millionworthofassetswere identifiedforconfiscation,andwepreventedarevenuelossof91.2millionbyidentifyingand closingdownthefraudulenttradingnetwork.Perhapsmoreimportantly,thestrategicintelligencewe gatheredwhilstconductingtheinvestigationenabletheGovernmenttochangetherateofVATonthe tradedcommoditytozero,therebypreventingotherorganisedcrimegroupsfromexploitingthe potentialforfraudulentgain. WewouldnothavebeenabletoachievetheseresultswithoutaccesstoCDandtherefore maintenanceofthiscapabilityiscriticallyimportanttous. 3. HowdotheproposalsinthedraftBillfitwithinthewiderlandscapeonintrusioninto individualsprivacy? ThisBillprovidesnonewpowerstolawenforcementagencies.CDrequestsmustbemadeinthe contextofasubjectsRighttoRespectforPrivacy.Theymustbenecessary,proportionateandmust takeintoaccountthedegreeofcollateralintrusion.Furthermore,communicationsdataisprobably theleastintrusivemethodofcovertinvestigation.ItseemsoddlypossiblethatifthisBillshouldfail, lawenforcementagenciesmayhavetorelyonmoreintrusivemethodsofinvestigationto compensatefortheirinabilitytoacquirerelevantcommunicationsdata. COSTS: 10. TheHomeOfficesuggeststhebenefitsthatcouldbedeliveredbytheenactmentofthedraft Billcouldbeworthbetween56billion.Isthisfigurerealistic? PlacedinthecontextofHMRCsviewthatCDwasinstrumentalinprotectingsome870millionof revenueinthelastfinancialyearthenapredictedbenefitfromthedraftBillofbetween56billion spreadacrossthewiderlawenforcementcommunityoveratenyearperiodseemsareasonable estimate. AllofourmostseriouscrimeinvestigationsrelyonCDtoidentifysuspects,establishrelationships withinandbetweencriminalorganisations,anddirectoperationalactivitytoevidencecrime,seize contrabandandcriminalcashandmakearrests. AsCDasaninvestigativetooldegradeswemaypartiallyfillthegapwithmorecostlyandmore intrusiveformsofsurveillancehoweveritisunlikelythatwewillbeabletofullycompensateforthe declineintheavailabilityofCDwithouttheproposedBill.This,inturn,willhaveasignificantimpact onourabilitytomeetthechallengingSpendingRoundtargetsthatwehavebeensetbythe Government. USEOFCOMMUNICATIONSDATA 14. Arethecircumstancesunderwhichcommunicationsdatacanbeaccessedappropriateand proportional?Whatkindofcrimesshouldcommunicationsdatabeusedtodetect? Yes.WeuseCDfortwopurposesonly,thepreventionanddetectionofcrimeandtheassessmentof tax.WeusetheformertosupportinvestigationsintocriminalattacksontheUKstaxsystems.The latterrepresentslessthan1%ourtotalCDrequestsandislimitedtosubscriberchecksonly RIPA s21 4 c butisneverthelessakeytoolinidentifyingthosewhoowesubstantialsumsintax. Isthe12monthperiodfortheretentionofdatatoolongortooshort. 15. WebelievethecurrentUKdataretentionperiodoftwelvemonthsrepresentsafairbalancebetween theneedsoftheinvestigatorandtheArticle8rightsoftheindividual.Wenotethatitisinlinewith thepositiontakenbythemajorityofourEuropeanpartners. SAFEGUARDS

154

Draft Communications Data Bill

17. Wouldawarrantsystembemoreappropriate? Webelievethatthecurrentsystemstrikesagoodbalancebetweentheneedsoftheinvestigatorand thesafeguardingofsensitiveandprivateinformation. AcrossHMRCapproximately100HigherOfficers equivalenttoInspectorrankinthepolice are accreditedtoauthoriserequestsforsubscriberdata RIPAS21 4 c .Thesesocalleddesignated persons DPsRIPAPart1,Chapter2CodesofPractice receivespecifictrainingfortheirrolealong withcontinuousprofessionaldevelopmentingoodpracticeandnewguidance.Theywillbe independentofanyinvestigationrequiringtheirauthoritytoacquiresubscriberdata. WehavethreeSeniorOfficers equivalenttoSuperintendentrankinthepolice whocanauthorise moresensitivecommunicationsdata RIPAS21 4 a&b .Theyareexpertsintheacquisitionof communicationsdataandareACPOaccreditedSinglePointsofContactabletoengagedirectlywith CSPs.Theyarenotattachedtoanyoperationalteamsotheycanbefullyindependentofanyrequest theymayhavetoauthorise.Theyprovideoutofhourssupporttooperationsandarealso responsibleforreviewingthequalityofthesubscriberdataauthorisationsbytheHigherOfficers. ArobustinspectionprogrammeoverseenbytheInterceptionofCommunicationsCommissioners Office IOCCO assurestheseprocesses.WearevisitedonceayearbyIOCCOwho,duringavisit usuallylastingfourtofivedays,willfullyreviewtheendtoendapplicationprocess,includingthe qualityofconsiderationsbytheDP. Itishardtoenvisageasystemofjudicialauthorisationthatcanmatchthecurrentlevelofscrutiny withoutadverselyimpactingontheefficiencyandeffectivenessoftheinvestigationprocess.Weare concernedatthepotentialforjudicialauthorisationtobeaslower,andpossiblylessinformed, processaswellasraisingsomepracticalissues. Wewouldenvisagethatanyhearinginrespectofanapplicationforcommunicationswouldrequire thepresenceoftheapplicanttoansweranyquestionsthatthemagistratemayhave. Anyquestionsinrelationtotheavailabilityofthedatarequested,theprocessesforobtainingitand thepotentialadditionaldatawhichcouldbeobtainedwouldrequiretheadditionalpresenceofan accreditedSPoCincourtandpossiblyarepresentativeoftheCSP. Wouldcourtsbepreparedtositatshortnoticeorwouldtherebespecifieddayswhencourtshandled communicationsdatarequests? Howwouldcourtshandlereferrals?Thatis,thoserequestswherethereisachangeofCSPorwhere theoriginalnoticewasservedandhasnotbeencompliedwithandneedstobereissued.Wouldthere beautomaticaccesstotheoriginalmagistrate? WouldmagistratesappropriatelytrainedinCDbereadilyavailabletodealwiththelevelofrequests? Wouldsuchrequestsbemanagedgeographicallyorwouldtherebedesignatedmagistrateswitha nationalremit? IstheroleoftheInterceptionofCommunicationsCommissionerandtheInformationCommissioner sensible? Inourview,theOfficeoftheInterceptionCommissionerprovideseffectiveandprovenoversightof theprovisionsofRIPAPart1Chapter2.Theannualinspectionsarecomprehensiveandthoroughand thefindingsarepublishedintheInterceptionCommissionersannualreport.Wheredeficienciesin anagencyorforcearedetected,thereisarequirementfortheagencyorforcetorespondwitha detailedactionplantoremedythedeficiency. ENFORCEMENT 21. Arethepenaltiesappropriateforthosepublicauthoritiesthatinappropriatelyrequestaccess tocommunicationsdata?ShouldfailuretoadheretotheCodeofPracticewhichisprovidedforinthe draftBillamounttoanoffence?

Draft Communications Data Bill

155

AstheUnitedKingdomstaxadministration,HMRCiskeenlyawareoftheimportanceofpolicing accesstosensitiveinformation.TheS.19oftheCommissionersofRevenue&CustomsAct2005 createsanoffenceofwrongfuldisclosureofrevenueandcustomsinformationanditisamatterof recordthatwewilltakefirmactionagainstmembersofstaffwhoacquireandmisuseinformationto whichtheyarenotentitled,uptoandincludingdismissalandprosecution. WewouldhavenoobjectiontotheinsertionintotheBillofanoffenceofwrongfulaccesstoand/or misuseofcommunicationsdata,shouldthisreassurethepublic. August2012

156

Draft Communications Data Bill

ISPA
AboutISPA TheInternetServicesProvidersAssociation ISPA isthetradeassociationforcompaniesinvolvedin the provision of Internet Services in the UK. ISPA was founded in 1995, and seeks to actively representandpromotetheinterestsofbusinessesinvolvedinallaspectsoftheUKInternetindustry. ISPA membership includes small, medium and large Internet service providers ISPs , cable companies, web design and hosting companies and a variety of other organisations. Our members may be affected by the Communications Data Bill in various ways. ISPA currently has over 215 members, representing more than 95% of the UK Internet access market by volume. ISPA was a foundingmemberofEuroISPA. We have been involved in the area of communications data for many years, including the development of data retention provisions under both the AntiTerrorism Crime and Security Act 2001 and the Data Retention EC Directive Regulations 2009 and ISPA members have great experienceinhandlingRIPArequests. Introduction 1. ISPA members accept that law enforcement agencies should have reasonable access to communicationsdatainordertohelpinthedetectionandinvestigationofseriouscrimeandto safeguardnationalsecurity.However,anycommunicationsdataregimeneedstobeworkablefor the industry and capable of earning user trust, as well as be proportionate and balance the requirementsoflawenforcementwithboththelevelofintrusionintousersprivacyandthecost andburdenplaceduponcommunicationserviceproviders CSPs . 2. Webelievethatthecurrentregimeperformsfairlywell,inparticularthededicatedexpertisein the Single Point of Contact System SPOC , which has provided for an effective means of structuringtherelationshipbetweenlawenforcementauthorities LEAs andCSPs.Thecurrent system also ensures that the costs that CSPs incur when they comply with requests can be reimbursedsothatCSPscontinuedinvestmentininnovationandservicedevelopmenthasnot,so far, been adversely impacted by data retention requirements. This also acts as a safeguard to ensurethatlawenforcementtoonlyrequestsdatawherethecostcanbejustified.Itiscrucial thattheseelementscontinueaspartofanyfuturecommunicationsdataregime. 3. AsanassociationrepresentingavarietyofCSPs,ISPAhasparticularexperienceandknowledge of costs and burdens placed on CSPs. Below we will argue that a great deal of uncertainty surrounds the proposals and the main changes should be viewed as significant extensions to current capabilities. We have grouped our comments according to the themes raised in the Committeescallforevidence. 4. Industryneedsclearerandmoredetailedinformationonwhattheproposalswillactuallymean inpracticefordifferentCSPs.TheywillhaveasignificantimpactonhowtheUKInternetisrun and our members need to fully understand how this will affect them. We would urge the Committee to address the points summarised below with Government so that the whole data retentionprocessisclearandproportionate. Summaryofmainpoints 5. We accept that law enforcement should be able to access communications data in a changing communications environment, but this has to balance the requirements of law enforcement, privacyofusersandtheimpactonbusiness.ItisnotcleariftheDraftBillachievesthis.

Draft Communications Data Bill

157

6.

WewelcomethatcostrecoveryisincludedintheDraftBillasitensuresamoreeffectivesystem andreflectsthefactthatourmembersdonotgainfromretaininganddisclosingcommunications data. TheDraftBillhasthepotentialtoputtheUKatacompetitivedisadvantageanddestabilisethe market, with the UK seen as a less attractive and more onerous place to do business digitally, affecting both inward investment and services being made available. In challenging economic timeswequestionwhetherthisshouldbeagovernmentpriority. InourviewtheDraftBillamountstoasignificantextensionofthecurrentcapabilitiesandshould beviewedassuch.Thisisparticularlytrueofthepowerstocaptureandretainthirdpartydata andthefilteringarrangement. Dueinparttothelackofdetailedinformationmadeavailable,weareyettobeconvincedthatthe proposals technically possible on the scale envisioned or that foreign CSPs will provide the necessaryinformationtoUKlawenforcement.

7.

8.

9.

10. ThechangingdefinitionsofCSPandcommunicationsdatahavethepotentialtoincludeawider rangeofCSPsanddatathanpreviously. 11. Far too much discretion is given to the Home Secretary without the necessary Parliamentary oversight to ensure that significant changes proposed are proportionate and necessary. Parliamentshouldbetoldwhatdatawillberetained,forwhatpurposesandmakesurethatthe necessarysafeguardsareinplacetobalancethedifferinginterestsoflawenforcement,usersand businesses. Generalcomments/requirementsoflawenforcement 12. ISPA members fully understand that the communications landscape is changing and that this warrants a review of the current communications data regime. However, we feel that that the DraftBillismissingcrucialdetail,principallybecauseofthenumberadditionalrequirementsthat couldbeintroducedbyorder,noticeandregulations.Agreatdealmoreworkneedstobedone toexplainwhatthecurrentproposalswillmeaninpractice.Whilstweunderstandthatconcerns about security and confidentiality may limit what can be revealed publicly and what can and cannotbewrittenonthefaceoftheDraftBill,wefeelthatthecurrentlevelofinformationmakes it hard to undertake an adequate, indepth assessment of the proposals. To help us fully understandtheimplicationsofwhatisbeingproposed,wewouldurgetheCommitteetoseekas clearinformationfromtheHomeOfficeaspossibleonwhatthe DraftBillwillmeaninpractice forallinvolved. 13. TheHomeOfficearguesforlawenforcementtobeabletomaintainaccesstocommunications dataastechnologyandwaysofcommunicatingevolve.However,itisnotclearthattheproposals in the Draft Bill merely maintain current capabilities in a changing environment. For example, the obligation to generate data that is not required for business purposes, the requirement to captureandretaindataofathirdpartyandtheextendeddefinitionofCSPrepresentsignificant changes. We question whether such extensive additional powers are proportionate and necessaryandwhetherlessintrusivealternativesmightbemoreappropriate. 14. On this basis, we believe that the Draft Bill would in fact extend existing capabilities in that it would require CSPs to retain data that they would otherwise not retain for business purposes and capture and retain data about services they do not own or operate. This could create a capability to track relationships and interactions between individuals in multiple contexts and acrossmultipleonlineenvironmentswheretheymeet.

158

Draft Communications Data Bill

15. IncomparisonwithotherWesterncountriestheproposalsarefarreachingandbeyondcurrent norms.ItcouldsetaprecedentforsimilarlegislationelsewheresoitisimportantthattheDraft Bill is fully scrutinised and explained as clearly as possible. How the proposals fit with the GovernmentswidergoalsofmakingtheUKadigitalhubtohelpboostgrowthanditssupportof theInternetfreedomagendaisunclear. Costs 16. It is currently difficult to determine with any accuracy the costs of the proposals to ISPA members but we note that the Home Offices cost estimates and risk assessments are made on the basis of optimistic assumptions. We would encourage the Committee to test these assumptions.Thereappeartobethreekeyelements: 1 costsincurredbyCSPs; 2 abilitytobringoverseasprovidersintotheretentionregime;and 3 thecontinuingdevelopmentofcommunicationsservices. 17. The costs that will be incurred by CSPs could be significant but there is insufficient detail to determine whether the Home Offices assessment of 859 million is correct. ISPA believes, however,thatthekeycostsrelatedtotheretentionelementoftheproposalswillbeduetothe Home Office and not CSPs. This is because the final costs will primarily be dependent on the retentionnoticesissuedbytheHomeOfficetoCSPs,whichwillspecifythetechnologythatCSPs willberequiredtodeployandtheamountofdatatheyarerequestedtoretain. 18. WestronglywelcometheHomeOfficescommitmenttomaintainingthecurrentsystemofcost recoveryforCSPs.CSPsdonotgainfromretaininganddisclosingcommunicationsdata.Itisfor thisreasonthatwehopethattheCommitteeendorsesParliamentssupportforthecostrecovery systemandweencourageCommitteememberstogofurtherandensurethatthecostrecovery for CSPs is guaranteed on the face of the Bill. This would provide a longterm guarantee that would bar future Governments from transferring retention costs to CSPs and thereby jeopardisinginvestmentofCSPsinnetworkinfrastructureandservices. 19. Therequirementtocaptureandretaindatatypeswhicharenotrequiredforbusinesspurposes or to collect data relating to third party services is likely to impact the way CSPs build and operatetheirbusinesses.ThisisnotwhyISPsruntheirnetworksandistechnicallyverycomplex. Thisobligationcouldforceourmemberstoredesigntheirnetworksbasedontheobligationto retain, rather than on commercial interest or economic effectiveness. Furthermore, there is a concernforsmallandstartuptechcompaniesthattheymaybebroughtintotheregimeatany moment.Thiscouldseverelyimpactoninnovation,affectcurrentandnewbusinessmodelsand divert resources away from business investment and discourage international companies from choosingtobasethemselvesintheUK.TheHomeOfficeshouldbeabletooffercertaintytoCSPs aboutwhoandwhatisinscopeandhowtheprocessmaycomeabout. 20. The estimated costs seem to be based on a number of assumptions. In the interests of transparency, and to enable Parliamentandthe wider public to understandthe whole process, furtherdetailshouldbeprovidedonhowthefigureof859millionwascalculated.Theaccuracy oftheseestimatesisimportanttoanassessmentoftheoverallproportionalityoftheDraftBill. Not only must the costs be accurately assessed but industry must be assured that the costs of complying with the eventual obligations can be fully recovered. We therefore query whether contingency plans are in place for a situation where it becomes clear that the money that has

CostsincurredbyCSPs

Draft Communications Data Bill

159

been allocated turns out to be insufficient e.g. because the need to retain third party data exceedsexpectations . 21. Two of the key elements of the new proposals are the extension of retention requirements to providers outside the UK and the ability to require UK CSPs to retain data of third party providers. According to comments made by the Home Office, these two proposals are closely interlinked as the third party data retention requirement would only be used if overseas providerswereunwillingtocomplywithanordertoretaindatainthefirstinstance.Theability tobringoverseasprovidersintotheretentionregimewillthereforehaveasignificantimpacton overallcostsasthecapturingoftherelevantoverseasdataviaUKproviderswouldbetheleast costefficientsolution. 22. Thereisaconcernoverhowtheserequirementswillbeviewedinothercountriesandpossibly copied. Asserting UK jurisdiction on overseas providers is a significant step and it is not clear thatthisisaproportionate,necessaryorrealisticpolicystep.WedonotfeelthattheHomeOffice has provided a compelling case for such sweeping powers and it is not clear that less radical alternatives suchasreformingMutualLegalAssistanceTreaties havebeenfullyexplored.We wouldencouragetheCommitteetoexplorethisfurther. 23. AtpresentGovernmentestimatesthatthereisa35%gapincommunicationsdataavailability which,iftheproposalsareintroduced,couldbereducedto25%.Itisunclearhowthebaseline i.e.100%ofdata forthisassessmenthasbeenderived,howitwilldevelopwithnewformsof communicationsandwhetheritwillstayatthecurrentlyestimatedlevel.Itisnotcertain whetherthedatacontainedinthisgapisnotalreadyavailabletoLEAsbutisnotcurrently requestedproperly.Wefurtherquestionwhethertheproposalsarejustifiedandrepresentvalue formoneyforonlya10%increaseincurrentcapabilities.Developmentsinthecommunications industryaredifficulttopredictandthereislittleexplanationintheconsultationdocumentof howtheGovernmenthastakenaccountofthisintheestimationofcosts. Levelofintrusionintousersprivacy 24. ISPAmembersbelievethatanyintrusionintousersprivacyshouldbekepttoaminimumandbe proportionate and necessary in order to avoid a situation where average users feel inclined to change their online behaviour in response to the proposals. The Draft Bill should be viewed within the wider debate around privacy and use of data online, which is based on a system of trust and a trend towards greater transparency. The level of intrusion is actually not fully explainedorunderstoodbecauseagreatdealofthedetailremainsunclear. 25. ThefilteringcapabilitiesthattheDraftBillincludescouldpresentadditionalriskstoprivacy.As anadditionalthirdpartyisbeingincludedinthedisclosureofprivatedata,itcouldbecomean additional attack vector for malicious agents looking to obtain information about individuals. There also exists the possibility for legal representations being made by other parties via the courtstoaccessdataretainedforthepurposesofcivilcasesorasdefencematerialinothercases. 26. Questions of intrusion, proportionality and necessity arise in relation to the retention of and accesstodata.Thescope,definitionsandalsothepresenceofappropriatesafeguardsproposed bytheDraftBillwillplayanimportantpartindeterminingtheanswertothesequestions.

Abilitytobringoverseasprovidersintotheretentionregime

Thecontinuingdevelopmentofthecommunicationsindustry

Scope&Definitions

27. WhilsttheDraftBillappearstomakeonlyaminorchangetothedefinitionofcommunications data it potentially has a substantial impact. The introduction of the new term telecommunications operator and the inclusion of overseas providers effectively makes a

160

Draft Communications Data Bill

significantchangecomparedtotheestablisheddefinitionsofpubliccommunicationsproviders under the Regulation of Investigatory Powers Act 2000 RIPA or communications providers undertheAntiTerrorismCrimeandSecurityAct2001 ACTSA . 28. TheDraftBillstermtelecommunicationsoperatorreferstoapersonwhocontrolsorprovidesa telecommunications system, or provides a telecommunications service and will thus cover, amongotherthings,socialnetworkingproviders,webmailandinstantmessaging. 29. If the definition of communications data is applied to these wider areas, for example, then it becomes clear that these providers will not only be required to retain new types of data comparedtoatraditionalCSP butthatthesedatatypesalsohavethepotentialtobefarmore revealing and intrusive than the data that is currently being retained for law enforcement purposes.Forexample,thedraftBilldefinessubscriberdataasinformation otherthantraffic data or use data held or obtained by a person providing a telecommunications service about thosetowhomtheserviceisprovidedbythatperson.Socialnetworksoftenasktheirusersfor information about their gender, religion, relationship status etc. which should not only be consideredasverypersonalinformationbutisalsoinformationthatiscurrentlynotretainedfor lawenforcementpurposes. 30. A further challenge of definition is determining what within a communication application constitutescommunicationsdataand,assuch,wouldneedtoberetained,asopposedtodatathat wouldneedtobecollectedthroughlawfulintercept.Withincommunicationsapplicationssuchas socialnetworkingservicesoronlinegaming,thedifferentialsbetweenwhatwouldtraditionally constitute Internet traffic and content become less distinct. The Committee should consider whethercommunicationsdatacanbereliablyextractedfromcontentdatainthisscenario. 31. Inadditiontochangingdefinitions,theDraftBillextendsthescopegeographicallybyrequiring overseasproviderstoretaindataorbymakingthisdataaccessibleviaUKCSPs.TheHomeOffice says that these new retention requirements only cover data relating to UK citizens or people staying within the UK during the time for which the data is requested, yet the requirement provides access to a wider data set than this. The Committee should consider whether such a broadpowerisnecessaryandproportionateifthepolicingneedismuchnarrower. 32. Theprecisedatatypesaswellastheproportionalityandfeasibilityoftheproposedextensionto thescopeofthedataretentionregimemeritfurtherinvestigationbytheCommittee.Untilthisis known,theimpactoftheproposalscannotbeaccuratelyquantifiedbyParliamentorCSPs. 33. Higher levels of intrusion would warrant the introduction of new safeguards and additional oversightmechanisms.Aswearguedearlier,thisshouldbeappliedtoboththeretentionofand theaccesstocommunicationsdata.Asothersmayfocusmoreonaccesstodata,wewillfocuson theretentionofdata. 34. Oversight of data retention should take place on multiple levels. Parliament plays a key role in thisandwewelcomethattheCommitteehasbeengiventheopportunitytoscrutinisethecurrent proposalsintheformofaDraftBill.Weareconcerned,however,thatnumerousrequirementsin addition to those on the face of the Draft Bill could be introduced by orders, notices and secondarylegislation,i.e.withlimitedparliamentaryoversight.Forexample,thedatatypesthat CSPswouldhavetoretainwouldonlybespecifiedinnoticesbytheSecretaryofState,without furtherscrutiny.Ascurrentlydrafted,thecurrentDraftBillwouldputagreatdealofpowerinto

SafeguardsandEnforcement

Draft Communications Data Bill

161

the hands of the Home Secretary and to ensure that the retention of data is proportionate, Parliamentaryoversightneedstoberobust. 35. It is proposed that oversight would be provided by the Interception of Communications CommissionersOffice IoCCO andtheInformationCommissionersOffice ICO .Theproposals of the Draft Bill lead to a situation in which CSPs would be required to retain much larger volumesofcommerciallysensitivedatawithacorrespondingincreaseinburdenstostoreand manage it appropriately, including securing and restricting access to it, for law enforcement purposesauthorisedbytheDraftBill.TheCommitteemustbesatisfiedthat,whateverproposals are passed by parliament the IoCCO and ICO are sufficiently resourced to address these issues. Theymustalsohavethenecessarypowersandaccesstoinformationtheywouldneedtoperform their oversight roles effectively. We would also welcome clarification on what proposed role Ofcomwillhaveintheprocess. 36. TheCommitteewillbeawarethattheEUDataRetentionDirective EUDRD isunderreview,and thereisapotentialfortheperiodofretentiontobereduced.Anyreformorchangestothewider communications data landscapeshould be flexible and allow fordevelopments inEurope tobe reflectedintheUK. TechnicalaspectsoftheDraftCommunicationsDataBill 37. TheDraftBillraisesseriousconcernsabouttechnicalfeasibilitywhichhaveyettobeexploredin detail. 38. Requiringcompaniestogeneratedataspecificallyandonlyforlawenforcementpurposesorto capture and retain data about third party services sounds simple but they are technically very complexanddifficultpropositions.Wewouldliketodispeltheideathatexistingequipmentcan be easily reconfigured to capture and retain third party data. DPI and such technology can be used by ISPs for legitimate traffic management processes, but it does not follow it could be repurposedtofulfiltherequirementssetoutintheDraftBill.Weareyettobeconvincedthat currenthardwarecanhandlethevolumeoftrafficthatmovesacrossserviceprovidernetworks atthislevel. 39. There is a further concern that the inline devices that would be placed into the network are vulnerabletohackersandcriminalsandpronetocausesinglepointsoffailure.SincetheDraft Bill and the backstop powers rely heavily on such complex technical solutions, we would encouragetheCommitteetoconsiderwhetherthisapproachcouldbetechnicallyfeasibleorcost effectivetoimplement. 40. The Draft Bill contains powers for law enforcement to use a filtering arrangement to match individualsvariouscommunicationsacrossdifferentplatforms.Again,wefeelmoreinformation is required to better understand what this will mean in practice and whether more safeguards need to be put in place to safeguard privacy. By extending the value chain and analysing data from multiple sources rather than from the source itself, as the filter is expected to do, the reliabilityofthedatacouldbecompromisedanditsevidentialandintelligencevaluelost. 41. Intermsoftheutilityofcapabilitiesproposed,ISPAisconcernedthattheywouldbeevadednot onlybecauseuserswillincreasinglyturntoencryptingtraffic,butalsobytheprospectthatitwill become the norm and be built in as standard by third parties, i.e. even where users havent specificallydecidedtoencrypt.ThiswouldimpairtheabilityofCSPstomanagetrafficontheir networks,asitwouldallappearasastreamofdifferentencryptedcommunicationsstreamswith

162

Draft Communications Data Bill

no easy way to differentiate the content within those streams. In addition, we are yet to be convincedhowthirdpartydatacouldbereliablyextractedfromencryptedtraffic. August2012

Draft Communications Data Bill

163

Dr Dominic Jackson
Iamaprivateindividualrepresentingnoonebutmyself.Iamatechnologyenthusiastand keenstudentoftheworkingsoftheInternethoweverIamalsoapersonwhoguardsmy privacyjealously. Insummary,thedraftcommunicationsdatabillisanabhorrentpieceoflegislation.Itdoes farmorethanmerelyupdatingexistingpowersandseekstogivebroadpowerstospyon allUKInternetusersfornogoodreason.Itisaclassicsolutioninsearchofaproblemand shouldberejectedattheearliestopportunity. TheGovernmenthasmadenoconvincingcaseoftheneedforthepowersproposedinthis Bill.Theonlyvaguejustificationsarehandwavinghypotheticalscarestoriesabout terroristsusingtheInternet,socialmediaandtheliketocommunicateandplanatrocities. Theimprovedconveniencetolawenforcementofthepowerssoughtisnowherenearenough justificationforseekingtorecordwhocommunicateswithwhatorwhom,ineveryInternet operationcarriedoutintheUK. ItisdisappointingtoseeaGovernment,whichcampaignedonthebasisofrepealingsomeof theLabouradministration'sexcessessuchastheIdentityCardsAct,introducesuch legislation.ThedraftCommunicationsBillsharesmanyofthefundamentalfailingsofthe IdentityCardsAct,suchaslackofcleardescriptionoftheproblemstobesolved,appealsto fears,scaremongeringandparanoiaaboutterrorismandcoststhatwillalmostcertainly spiraloutofcontrolatatimewhenthecountrycanillaffordsuchwastefulness.Moreover,if passed,thepowersintheBillwillalmostcertainlybesubjecttodemandsfromothers,such asthemediaindustrylookingtoprosecutecopyrightinfringers. IamconcernedthattheUK'sapproachwillactasagreenlightandatemplateforother countriestointroducesimilarlegislation.Canadaattemptedtointroducedatamining powerswhichwererebuffedonlyafteramassiveoutcry andarguably,incompetencefrom seniorCanadiangovernmentfiguresduringthedebateandcontroversialguerillatactics fromthoseopposedtotheplans .Australiahasalsoproposedsimilarplans,apparently modelledontheUKapproach. TheintersectionofthedraftCommunicationsDataBillwithdataretentionpowersisofdeep concerntome.DataretentioninEuropewaspassedbecauseofaclassicpieceofpolicy launderingbytheBlairgovernmentduringthemid2000satatimewhenterrorism scaremongeringwasaneverydayoccurrenceinGovernmentrhetoric.Havingtried unsuccessfullytogetsuchlegislationpasseddomestically,theBlairgovernmentmovedto EuropeandmanagedtoobtainanEUDirectivetomandatethatwhichtheycouldnotachieve athome.DataretentionhasalreadybeenrejectedinsomeEUstates notably,Germanyand Romania asunconstitutional.TheremainsofthispowerintheUK,togetherwithvague representationsaboutwhatcommunicationsdatashouldbecollected,representamassive infringementofcivilliberties,againfornogoodreason seepreviouscommentsabout Governmentterrorismhype .Thequestionofif12months'retentionistoolongortooshort isemphaticallyansweredwithtoolongbutthecorrectperiodshouldbeeithernothingor nexttonothing e.g.24or48hours .Theperiodofdataretentionalsoobviouslyhasa bearingonthecostsoftheproposalgiventhestoragecapacityneededtoretainthedata. IamdeeplyscepticalaboutthecostsandbenefitsquotedforthisBill.GovernmentIT projectssuchasthisALWAYSoverrunintermsoftimingsandcosts.Theyareinevitably subjecttofeaturecreepastheprivatesectorcontractorsinvolvedgorgetheirfaceson lucrativeGovernmentcontracts.ThishasbeenseenwithcountlesspreviousGovernmentIT projectssuchasNHSSpineandindeedtheIdentityCardsAct.Iseenojustificationforthe benefitsquotedfortheBillandsuggestthatthemoneyallocated,ifitneedstobespentatall, shouldbedirectedtowardsbetterpolicing. Thenotionthatcommunicationsdata suchaswhoiscommunicatingwithwhomandthe

164

Draft Communications Data Bill

dateandtimeofthecommunications canbeseparatedfromthecontentofthe communicationitself,isacompletefallacyinInternetterms.IfitisrecordedthatIvisited www.example.comthenitisobviouslytrivialtoreplaymyvisitandprobablyinspectthe contentofthecommunicationeventhoughthiswasnotoriginallystored.ThedraftBillis alsoworryinglysilentonwhetheronlythefactthatIvisitedwww.example.comwillbe recorded,orwhethertheindividualpageswithinthatsite somepossiblywithcustomURLs arisingfrompersonalinformationsuchasauserloginthatIpasstothesite willbe recorded.ThisfallacyisakeyunderlyingassumptionofthedraftBillandthatitis demonstrablyfalsedoesnotinstilconfidenceintherestoftheBill.TheBillalsofailsto appreciatethat,withmoderntechnology,itisperfectlyfeasibleforcommunicationsdatato consistofafiveminuteAmazonEC2instancethattalkedtoawebapplicationthat momentarilyexistedinsomeothercloudsomewhereandthenvanished.Thedatacollected onsuchephemeral,virtualcommunicationsis,forallpracticalpurposes,useless. Likewise,thequestionsraisedaboutsecurityofthedataoncecollectedignoretheelephant intheroomofthehumanfactor.Thatistosay,anydatabasesecurityisonlyasstrongasits weakestlink,andaboveacertainlevelofbasiccomputersecuritythisweaklinkwill inevitablybethehumanoperatorsofthedatabase.Eveniftheyarenotinherentlycorrupt thentheycanbecorruptedthroughblackmail,extortionandthelike.Wehaveseenfromthe recentNewsInternationalscandalshowthiskindofinfluencecanbebroughttobearoncivil servantsandotherfiguresentrustedwithprivatedata.Giventhatthedaytodayrunningof thepowersproposedbythedraftBillwouldalmostcertainlybeoutsourcedtominimum wageslavesemployedbyG4Sandthelike,itisnothardtoimaginethemotivesfor corruption,northeopportunity,whichjustleavesthemeanswhichisn'thardtoimagine either. ThesecondmajorfallacyofthedraftBillisthatstoringthedatacollectedinanumberof separatedatabaseswillsomehowbesaferthanifitwasallstoredinonecentralised database.Againthisbetraysalackofunderstandingofmoderntechnology;itisjustastrivial withmoderncomputingpowertoindexandthussearchacrossamultitudeofdatasources asitistosearchjustone.Google'sbranchingoutintoimageandvideosearchingwithjust onesearchtermshouldbetreatedasanexampleofthis.Itwillbetrivialtoassemblea completepictureofpeople'slivesfromthevariousdatasourcesthisBillcontemplates creatingwhichrepresentsamassiveinvasionofprivacy. ThemeasuresproposedintheBillcouldbeeasilycircumventedeitherbyuseofencryption andVirtualPrivateNetworks,deliberatelyusingnonUKprovidersorbyswitchingtooffline communications.Theseriousterroristwilldoubtlessadoptthesemeasures,leadingtothe Billonlyaffectingtheincompetentamateurandthelawabidingcitizen.Thesuggestion madeinGovernmentcirclesthatencryptioncouldbebrokenforthepurposesofthisBilldo notbearthinkingabout:strongencryptionunderliesmanyofthepositiveaspectsof21st centurylifesuchasonlinebanking,ecommerceandonlineservicingofutilityaccountsand convenientinteractionwiththeState suchasupdatingtheelectoralregisterandpaying counciltaxonline . TheunintendedconsequencesofthisdraftBilldonotrequiremuchthought.Investigative journalistsmightunintentionallyrevealtheirsources,CEOsofcommercialorganisations loggedascommunicatingwithoneanothermightunintentionallyrevealtakeoverplans, abusedwomeninhidingmighthavetheircoverblown.Thenotionalapplicationofthe powersinthedraftBilltoidentifyingterroristcellswouldbeequallyapplicableto identifyingmembersofothercellsofcivilsociety suchasGreenpeace,digitalrights campaigners,Occupy .ThesameobjectionsapplyastotheIdentityCardsAct:today's governmentsmightconsiderthemselvesbenigntowardssuchmovementsbutwhatof tomorrow'sBNPgovernment?OncehandedovertotheStatetheinformationcanneverbe erasedfromtheState'slogsandthisaloneshouldbereasontoscrapthedraftBill. Theevidenceprofferedinfavouroftheproposedpowersisweakandconsistsofhand

Draft Communications Data Bill

165

August2012

wavingWhatifscenarios.Morepeoplearekilledinroadaccidentsthaninterroristattacks eachyearintheUK.Terroristsdoubtlessuseofflinecommunicationsmethodssuchas meetinginpubs,restaurantsandotherpublicplaces.Doesthismeantheproprietorsofsuch establishmentsshouldberequiredtorecordwhoenterstheirpremisesandwhotheytalkto, andpassthisontotheState?Ofcoursenotcommonsenserevoltsattheidea!Takentoits logicalconclusion,everyoneshouldbelockedupinprisonuntiltheycanprovetheyarenota terrorist,butlogisticsaside,acivilisedsocietyagainfindsthisidearepulsive. Ultimately,preventingterroristatrocitiesisamatterforhighlyskilledhumanintelligence workers.Itisaclassicneedleinahaystackproblem;aftertheeventitisofteneasy with hindsight toidentifythelinksbetweentheperpetratorsandthentoshowthat,actually,the authoritieshadallthisinformationalreadyandcouldhavejoinedthedotsandthus stoppedtheattack.However,beforetheevent,theproblemistoidentifytherelevantdots inamongsttheseaofotherdotsandofjoiningthe relevant dotsbeforeitistoolate. Fromthiscontext,throwingmorehayontothestackontheoffchancethatitcontains anotherneedle,isclearlyawasteofeffort.Onewouldusesophisticatedtechniquesto narrowdowntheareaofthehaystackthatneedssearching,forexampleusingmetal detectorsoraskingwhereaneedlewaslastseen. Toconcludethethemesofthepreviousparagraph,presumingitisarealthreatandnotjust hypeandparanoia whichisinitselfdebatable ,theproblemsofseriouscrimeandterrorism willbeaddressedbycleverpoliceanddetectivework;identifyinglikelyperpetratorsand concentratingonTHEMALONEtoidentifytheirnetworkofcontacts,thenuseundercover officerstoinfiltratethegangs,preventthemobtainingexplosivesandweaponsandgathered evidencetobringthememberstojustice.Thereisampleevidencefromglobalnewsreports thatintelligenceagenciesacrosstheworldarehavingsomesuccesswiththesetactics.There isnoevidencethatwarrantless,unjustifiedmasssurveillanceofthepopulationisachieving orwillachievethesameresults. TheoftquotedmaximisIfyou'venothingtohide,you'venothingtofear!Thisishighly disingenuous.IDOhavesomethingtohide,namelymypersonalprivacyanddesireto proceedwithmydailylifefreeofinterruptionorharassmentbytheState.Everysingle personhasthissamefactor;ourownreasonableexpectationsofprivacyandtherefore,by implication,theconverseoftheclichdmaximmustbetrue.WeALLhavesomethingtohide andsoweALLhavesomethingtofearfromlegislationsuchasthis. ThedraftBillhasnosolidunderlyingfoundationinfactorreality,itisthelatestinaseriesof terroristparanoiapiecesoflegislation.IasktheCommitteeandParliamentasawholeto pleaseburytheideasitcontainsbackinthegroundwheretheycamefrom,ideallywitha stakethroughtheheartandsaltingtheearthabovethemtopreventtheconceptsrisingfrom thedead,astheyhavedoneinthislatestrehashoftheLabourgovernmentsdiscredited InterceptModernisationProgramme.

166

Draft Communications Data Bill

Andrew James
General: 1.HastheHomeOfficemadeitclearwhatithopestoachievethroughthedraftBill? Ithasbuttheproblemisithasntoutlinedhowitwilldothis. 2.HastheGovernmentmadeaconvincingcasefortheneedforthenewpowersproposedinthedraft Bill? No,theargumentisnotconvincing.Theargumentisfundamentallyflawedinthatanylegislation wouldneverbeflexibleenoughtoprovidefortheveryproblemitisintendedtosolvetherapid changeincommunications. 3.HowdotheproposalsinthedraftBillfitwithinthewiderlandscapeonintrusionintoindividuals privacy? Thewiderlandscapeischangingatsucharapidrate,thateventhemostrecentlegislative instrumentscanbearguedasquicklybecomingoutdated.Butmoretothepoint,communications datanowdescribesonespersonallifetoamuchdeeperlevel shoppingtransactionsforexamplecan bearguedasacommunicationsdatawhereaspreviouslyitwouldnotbecommunicationdata,aresult ofourchangingbehavioursutilisingtheinternet . 4.Whatlessonscanbelearntfromtheapproachofothercountriestothecollectionof communicationsdata? TheUKisentirelyuniqueintermsofhistoriccontextandtherelationshipbetweenthe telecommunicationindustryandthepolicing/intelligencearena.Itwouldbemisleadingtolookat othercountriesintermsofstrategiclessons. 5.Arethereanyalternativeproposalswithregardtothetechniqueandcostofobtaining communicationsdatathattheGovernmentcouldconsider? Yes,thegovernmentshouldtakeariskbasedapproachtoidentifyingapplicationbased communications Skype,MSN,Facebook,FaceTimeetc. andascertainhowthemanagingcompanies Microsoft,Google,Apple canprovidemeaningfulcommunicationsdataonaneedsdrivenbasis.The obligationshouldbedrawnawayfromthecommunicationprovider/ISPandtowardstheapplication layer.Thisiswherethetrendisheading.Theresponsemustbemuchmoreagile intechnicaland legalterms thanwhatthegovernmentiscurrentlyproposingoritwillbemoneyunwiselyspent. 6.ThedraftBillsitsalongsidetheDataRetentionRegulations.Howwillthesetwopiecesoflegislation interrelate?Woulditbepreferabletohaveoneoverarchingpieceoflegislationthatgovernsthe retentionofcommunicationsdata? TheEUDRDisahighlevelguidelinethatoffersnoclarityonexactlyhowCDwouldbecollectedand managedintheUK,nordoesitofferanyrelevance,specifically,forthelawenforcementlandscapein theUK. Ofcourseitwould,butthegovernmentispushingthisthroughasanurgentlegislationandEU requirementswouldnotallowforachangeintheharmonisationpolicyrequiringanEUregulationin thisareasothisisamootquestion. 7.IfitisconcludedthattheprovisionsofthedraftBillareessential,arethereanyothermeasures thatcouldbescrappedasaquidproquotorebalancecivilliberties? Thelegislationprovidesforpowerswhichcanbeinterpretedinanumberofways,itisnotclearatall, howtheHomeOfficeintendstoutilisethesenewpowers,whetheritwouldmaintainaregisterofall communicationsdata,oraskoperatorstodothat. 8.WilltheproposalsinthedraftBillposeariskthatcommunicationsserviceprovidersseetheUKas alessattractivebase.Whatmightbetheeffectonbusiness?

Draft Communications Data Bill

167

ForSMEs,theanswerwillbeofcourseitwillbelessattractive.Theratesinvolvedinstoringand beingabletoprovidecommunicationsdataisahugeadministrativeburden. Costs: 9.Istheestimatedcostof1.8bnover10yearsrealistic? Noway.Firstly,howcansomethingsounpredictableasthecommunicationsmarketbepredicted withanyreliabilityfor10yearsaway weareinthispositionbecausewedidntpredictwhereweare nowwouldhappen! .Secondly,over85%ofdefenceandsecurityprogrammes majorprojects have beenseriouslyunderestimatedinthelast20years.Thisissimplyafingerintheairguess.The governmenthasalreadyspenthundredsofmillionsonthissince2005andhasnotyetdelivered anything. 10.TheHomeOfficesuggeststhebenefitsthatcouldbedeliveredbytheenactmentofthedraftBill couldbeworthbetween56bn.Isthisfigurerealistic? Againtherearenorobustquantitativeassessmentsthatcouldpossiblymakethisfigurerealistic.It isaroughestimateatbestandisbasedonconjectureandopinionoftheagencieswhostandto benefit,thefigureoughttobeproperlyassessedbytheNAOasshouldtheentirecostbasisofthe programme. Scope: 11.Arethedefinitionsofcommunicationsdataandcommunicationsserviceproviderappropriate? DotheysensiblydefinethescopeofthepowersinthedraftBill? No.ThedefinitionofcommunicationdataisbasedontheformerdefinitionofCDfromRIPA.Itmakes nodistinctiontonewcommunicationdata.Forexample,howdoesonedefinethelimitbetweenthe communicationdataandthecontentforanamazontransactionforabookoncounterterrorism,or aconversationonSkype?Howwouldthelegislationbesecuredenoughtonotallowforcatchall interpretationtotheactualreallifemechanismsthatwillbedevelopedtocaptureCD?Thedefinitions andscopeareconfusedandmisguided. 12.WhichpublicauthoritiesshouldbeabletoaccesscommunicationsdataunderthedraftBill? ShoulditbepossiblefortheSecretaryofStatetovarythislistbyOrder? Thelistshouldbedeterminedonariskbasedapproach,withimmediatethreattolifebeingfirstand soon. 13.Howrobustaretheplanstoplacerequirementsoncommunicationsserviceprovidersbased overseas?ManyUKcompaniesarebasedabroadandregulatedbyBritishlaw.Aslongasacompany operatesheretheyareexposedtoBritishregulationSantanderinSpainetc.Howeverthedetailof theregulationofoverseasthirdpartdatamustbeaddressedintighterdetailintheplans.The problemhereisthatitisincrediblyeasyforsomeoneintheUKtoturnontheircomputerand communicateviaamethodthathasnolegalbaseintheUKthisisamajorprobleminthelegislation thatisagainnotaddressed.E.g.IfanappcompanycreatesanappsuchasWhatsApp,sayinRussia, andIcommunicateonthatusingmylaptop,isittheoperator mybroadbandprovider orWhatsApp thatprovidesthecommunicationdata.Techically,theoperatorhasnoaccesstothecommunication data,andlegally,theWhatAppownersarebasedinRussiasohavenoobligationtoprovidethatdata totheUKoperator.Ifthiscantbeansweredthewholepointofthisprogrammeoflegislationis entirelyflawed. UseofCommunicationsData: 14.Arethecircumstancesunderwhichcommunicationsdatacanbeaccessedappropriateand proportional?Whatkindofcrimesshouldcommunicationsdatabeusedtodetect? 15.Istheproposed12monthperiodfortheretentionofdatatoolongortooshort? Itistooshortforcomplexandhighprofileinvestigations.Itistoolongforcivillibertiespurposes. Safeguards:

168

Draft Communications Data Bill

16.Applicationsforaccessingcommunicationsdatawillbesubjecttoaseriesofsafeguardsincluding approvalbyadesignatedseniorofficerwithinthepublicauthoritymakingtherequest.Howshould "designatedseniorofficer"bedefined?Isthissystemsatisfactory?Arethereconcernsabout compliancewithArticle8ECHR? 17.Wouldawarrantsystembemoreappropriate?Ifyoufavourawarrantsystemshouldthisapply toallpublicauthoritiesincludinglawenforcementagencies?Shouldawarrantbenecessaryinall circumstances?Andwhatwouldtheresourceimplicationsbe? Howwouldthisworkinathreattolifesituation?Theresourceimplicationsaremassive. 18.IstheroleoftheInterceptionofCommunicationsCommissionerandtheInformation Commissionersensible? Yes. ParliamentaryOversight: 19.ArethearrangementsforparliamentaryoversightofthepowerswithinthedraftBillsatisfactory? Theyarebetterthan2yearsago! Enforcement: 20.Arethepenaltiesappropriateforthosecommunicationsserviceproviderswhofailtocomplywith therequirementsofthedraftBill? TherearenopenaltiesdescribedinthedraftBill.ThedraftBillreferstotheFinancialServicesand MarketsAct2000only. 21.Arethepenaltiesappropriateforthosepublicauthoritiesthatinappropriatelyrequestaccessto communicationsdata?ShouldfailuretoadheretotheCodeofPracticewhichisprovidedforinthe draftBillamounttoanoffence? Technical: 22.Doesthetechnologyexisttoenablecommunicationsserviceproviderstocapture communicationsdatareliably,storeitsafelyandseparateitfromcommunicationscontent? Technologyexisttostoreanysortofdataaslongasthatdataisdefinedandtheprocessisauthorised. Communicationsdataandcontentdefinitionsarefarfromclearandarevariableacrosstypesof communication,sotheanswertothisquestionisno. 23.Howsafelycancommunicationsdatabestored? Dependentonmultiplevariables,veryornotatall.Thequestionispointlesswithoutgivencontext. 24.Aretheproposalsforthefilteringarrangementsclear,appropriateandtechnicallyfeasible? No. 25.HoweasywillitbeforindividualsororganisationstocircumventthemeasuresinthedraftBill? AnyorganisationwhocanarguethegreynessoftheclausesinthisdraftBillwillbeableto circumventcompliance.Anyindividualwitha4yearoldstechnicalabilitycouldcommunicatewith anyoneelsewithoutbeingexposedtothemechanismsintendedbythisdraftBill. 26.Arethereconcernsabouttheconsequencesofdecryption?

Draft Communications Data Bill

169

Ithinktherearebiggerconcernsherethandecryption.Acriminalisnotgoingtouseencryptionwhen theycansimplyuseanumberofcommunicationappsinsequence GChat,WhatApp,iMessage, MyMessage etc. Thecommunicationsenvironmentinthelast10yearshasmovedonfromtelephonesandpost,toa worldwhereIcananddouseover10typesofIPbasedapplicationandnonapplicationlayer communicationsperday.Thegovernmentistryingtomatchthishumanevolutionandsociety evolutionledrapidchangewithapieceoflegislationandacostlytechnologicalsolutiondesigned nowandforthenext10years.Thelogictotheapproachisflawed.Itwontwork,itwillonlycostthe taxpayerbillionsandmoveusinthewrongdirectioninthedelicatebalanceoflibertyandsecurity. August2012

170

Draft Communications Data Bill

JANET
1. ThisisthesubmissionoftheJNTAssociation,tradingasJanet,totheJointCommitteeonthedraft CommunicationsDataBill. 168JanetistheUKsNationalResearchandEducationNetwork,ahigh speedprivatedatanetworkthatconnectsalluniversities,colleges,researchorganisationsand schoolsnetworkstoeachotherandtothepublicInternet. WeareconcernedthatthedraftBillwill,perhapsunintentionally,affectamuchwiderrangeof networks,dataandusersintheUKthanthecurrentDataRetentionRegulations Q1,2,11 ,andthat itcoulddamagethereliabilityof,andconfidencein,computersandnetworksthatisessentialifthe UKistoachievethesocialandeconomicbenefitsofaninformationsociety Q9,26 .Wealsobelieve thatthepossibilityofmanynewprocessesforobtainingcommunicationsdatawillleadtoconfusion andcreatenewopportunitiesforunauthorisedaccesstothatdata Q16,23,26 . Q1.HastheHomeOfficemadeitclearwhatithopestoachievethroughthedraftBill? Q2.HastheGovernmentmadeaconvincingcasefortheneedforthenewpowersproposedinthedraft Bill? 3. ThedraftBillwouldgivetheSecretaryofStatethepowertoorderthecollectionofcommunications datafromanytelecommunicationsoperator;thisisdefinedinclause28 1 ofthedraftBillsoasto includepublicandprivatenetworksbothinsideandoutsideeveryorganisationintheUKaswellasa highproportionofdomesticproperties.Currentdataretentionrequirementsonlyapplytothemuch smallernumberofpubliccommunicationsproviders,asdefinedinRegulation2 e oftheData Retention ECDirective Regulations2009,derivingfroms.151oftheCommunicationsAct2009. TheHomeOfficescasefortheBilldoesnotmentionnorjustifythissignificantincreaseinthe networks,organisationsandusersthatmaybesubjecttodataretentionrequirements,norcanwesee anyneedforittoachievetheBillsstatedpurpose.Wethereforerecommendthatthescopeofthe Clause1powerbereducedtopubliccommunicationsprovidersasunderthecurrentdataretention regime. Q9.Istheestimatedcostof1.8bnover10yearsrealistic? 5. Thefinancialcostslargelydependonhow,andhowoften,thepowerscreatedbytheBillare exercised,socannotbeestimatedfromtheinformationthathasbeenpublished. Howeverwenotethatthepowersmayalsoimposenonfinancialcostsontelecommunications operatorsandtheirservices.Manynetworks,includingJanet,havebeendesignedtoensurethata singlefailuredoesnotcauselossofconnectivity.Asideeffectofthisimprovedresiliencethroughthe provisionofmultiplepathsistomakeithardertocollectcommunicationsdataasthereisnolonger anysinglepointwherealldatacanbecollected.TheBillappearstogivetheSecretaryofStatethe powertoordersuchresiliencetoberemovedtofacilitatetheavailabilityofcommunicationsdata, eventhoughthiswouldmakethenetworkunsuitableforthegrowingrangeofteaching,researchand operationalpurposesthatdependonhighlyreliablenetworks.Anordertoaddnewmonitoring devicesintoanetwork,ortoalterthenormaltrafficrouting,couldalsohaveanunpredictableeffect onitsreliabilityandperformance.

2.

4.

6.

168http://www.parliament.uk/documents/jointcommittees/communications

data/commsdataCfE.pdf

Draft Communications Data Bill

171

7.

TheBillmayalsorequiretelecommunicationsproviderstoinstallandmanagenewsystemstocollect communicationsdata,andwillrequirethemtokeepcollecteddatasecure.Thiswillrequire continuingeffortbyexpertnetworkandsecurityengineersandprivacyspecialists.Organisationsthat havesuchspecialistswillforgopartoftheircontributiontothedevelopmentandoperationof productsandservices;organisationsthatdonotcurrentlyhavesuchskillswillneedtorecruitthem inareassubjecttoskillsshortages. Q11.Arethedefinitionsofcommunicationsdataandcommunicationsserviceproviderappropriate?Do theysensiblydefinethescopeofthepowersinthedraftBill?

8.

ThedraftBilldoesnotusethetermcommunicationsserviceprovider,whichonlyappearsinthe Notes.ThedraftBillinsteaddefinesandusesthetermtelecommunicationsoperator.Wedonot considerthateitherthedefinitionoftelecommunicationsoperatororcommunicationsdata in clause28 1 5 isappropriate. AsinourresponsetoQ1&2above,wedonotbelievethattelecommunicationsoperator,asdefined inclause28 1 oftheBillistheappropriatescopefortheclause1power.

9.

10. Thedefinitionofcommunicationsdatainclauses28 1 to28 5 willextendmuchwiderthanthe normalmeaningofthatterm andthestatedintentionofthedraftBill whenitisappliedto organisationssuchasuniversities,webmailandsocialnetworkservices,allofwhichappeartobe includedinthecurrentdefinitionoftelecommunicationsoperator. 11. Thisisbecausecommunicationsdataisdefinedinclause28 1 astheaggregateofusedata, trafficdataandsubscriberdata.Clause28 5 thendefinessubscriberdataasinformation otherthantrafficdataorusedata heldorobtainedbyapersonprovidingatelecommunications serviceaboutthosetowhomtheserviceisprovidedbythatperson.Inotherwords communicationsdatawillcompriseallinformationheldbytheserviceprovideraboutthe individualswhousetheservice.Inthecaseofauniversityorsocialnetworkthiswouldcovermuch morethanisnormallyconsideredsubscriberorcommunicationsdata:forexampleitwouldincludea studentsacademicrecordoramemberofstaffspersonnelfile.Indeedsince,unlikeclause28 4 definingusedata,clause28 5 doesnotexcludethecontentofcommunications,itappearsthat communicationsdatawouldalsoincludethecontentofalltheusersmessagesthatwereheldbythe telecommunicationsoperator. 12. ToremovethisproblemthedraftBillsdefinitionofsubscriberdatashouldbereplacedbya definitionthatstateswhatsubscriberdatais,ratherthanwhatitisnot. Q16.Applicationsforaccessingcommunicationsdatawillbesubjecttoaseriesofsafeguardsincluding approvalbyadesignatedseniorofficerwithinthepublicauthoritymakingtherequest.Howshould designatedseniorofficerbedefined?Isthissystemsatisfactory?Arethereconcernsabout compliancewithArticle8ECHR? 13. ThecurrentRegulationofInvestigatoryPowersActPart1ChapterII RIPA regimeestablishesa single,welldefined,processforaccessingcommunicationsdata.Thishasallowedcommunications providerstodeveloptheirownprocessesforhandlingRIPAnoticesthroughasinglepointofcontact, ensuringthatalldisclosuresofcommunicationsdataareprompt,lawfulandefficient.Topromote suchefficiency,theHomeOfficeCodeofPractice 169prohibitsanyuseofotherpowerstoobtain communicationsdata.

169http://www.homeoffice.gov.uk/publications/counterterrorism/ripaforms/codeofpractice

acquisition

172

Draft Communications Data Bill

14. Clause9 2 ofthedraftBillwouldreversethisapproachbypermittinganyconducttobeusedto requestororderthedisclosureofcommunicationsdata.Communicationsproviderswouldnolonger beabletoadoptstandardprocesses,sincetheymightreceivevalidrequestsorinstructionsthrough anyprocessandinanyformthatanydesignatedseniorofficerconsidersnecessaryand proportionate.Thiswillinevitablyslowdowntheprocessofaccesstocommunicationsdataand increaseitscosts.AsdiscussedinourresponsetoQ23&25below,webelieveitwillalsoincreasethe opportunityforfraudulentaccesstostoredinformation. 15. Clause9 3 encouragesalternativestothestandardRIPAprocess whichisdescribedinclause 9 3 d ,bygivingexamplesofaskinganypersonapparentlyincludingwithinacommunications providerwhomaybeabletoobtaincommunicationsdatatodoso;Clause9 4 wouldthen authoriseobtainingordisclosure...oranyotherconductbysuchaperson,evenifitwould otherwisebeacriminaloffenceforexampleunders.55oftheDataProtectionAct1998.Indeedclause 9 2 appearstoallowsuchapersontoberequired,ratherthanjustasked,toobtainanddisclose data,whichwouldmaketheRIPAprocessredundant.TheexistingRIPAprocesswasdesignedto promotetheinterestsoflawenforcement,communicationsprovidersandusers.Wedonotconsider thatcreatingalternativeprocessesunderclause9 2 willbesatisfactoryforanyofthoseinterests. Q23.Howsafelycancommunicationsdatabestored? Q25.HoweasywillitbeforindividualsororganisationstocircumventthemeasuresinthedraftBill? 16. Itishighlyunlikelythatcommunicationsdata orindeedanyotherdata canbestoredcompletely safely:thereareexamplesofinformationbeingobtainedwithoutauthorisationfrombothpolice 170 andISP 171databases.Successfulattackscanusebothtechnicalandhumanweaknesses,asdiscussed intheInformationCommissionersreportsWhatPricePrivacy 172andWhatPricePrivacyNow. 173 17. Weareespeciallyconcernedthatallowingmultipleprocessesforobtainingcommunicationsdata underClause9 2 particularlysincetheseprocessescanbelessformalthanthecurrentRIPAone willmakeitmucheasierforblaggerstoobtaincommunicationsdatabyfraudulentimpersonation. Telecommunicationsprovidersandotherswithaccesstocommunicationsdatawillberequiredby thatClausetorespondtonewandvariedformsoflegitimaterequestandorder,makingitmuch easierforablaggertoexplainwhyhisrequestvariesfromthosethathavebeenseenbefore. Protectingagainstthisriskwillrequirescrupulouschecksbytherecipientsofallrequestsunder Clause9 2 ,thusdelayinglawfulaccesstodataandincreasingtheworkloadforbothprovidersand thedesignatedseniorofficerswithwhomtheywillhavetoverifyeverynewprocess. 18. ThedatacollectionandstoragesystemsenvisagedbytheHomeOfficewillrepresentattractive targetsforthosewhowishtoobtaindataaboutusers.Evenifonlylocalcommunicationsdatais storedthiswillbeinlargerquantitiesthanatpresent.HowevertheHomeOfficehavealsoindicated thatitwillbepossibletoobtaindataaboutcommunicationsusingthirdpartyproviders;thiscanonly bedonebyexaminingthecontentofcommunicationsandextractingcommunicationsdatafromit.

170http://news.bbc.co.uk/1/hi/uk/7033935.stm 171http://www.theaustralian.com.au/australianit/telecommunications/anonymoushackersdump

stolendatabelongingtoaustralianfirmaapt/storyfn4iyzsr1226437681976

172

http://www.ico.gov.uk/upload/documents/library/corporate/research_and_reports/what_price _privacy.pdf 173http://www.ico.gov.uk/upload/documents/library/corporate/research_and_reports/ico wppnow0602.pdf

Draft Communications Data Bill

173

Suchsystemswillbeaparticularlyvaluabletargetforattack,sinceaccess eitherthroughahumanor technologicalattack tosuchasystemcouldprovidetheabilitytoreadallthecommunications contentthatpassesthroughit,asisreportedtohavehappenedtoVodaphonePanaphonssystemsin Greece. 174 Q26.Arethereconcernsabouttheconsequencesofdecryption? 19. Ourconcernsthatdatastorageandcollectionsystemswillbeanattractivetargetforunauthorised accesswouldbeincreasedifthosesystemswerestoringoraccessingtheplaintextofinformationor communicationsthatarecurrentlyencrypted.Aswellastheharmresultingfromthelossof informationconsideredsufficientlysensitivetojustifyencryption,evenarumourofunauthorised accesstoadecryptingsystemcoulddamagepublicandbusinessconfidenceintheInternetasasafe waytocommunicate.TheGovernmentsplansforanesocietydependoncitizensandbusinesses beingwillingtosendandreceivesensitiveprivateinformationovertheInternet,whethertoe government,ehealthorebusinesssystems.Ifindividualsdonotbelievethatbrowserencrypted communicationsaresafethenitwillbedifficulttopersuadethemtousethesesystems. August2012

174http://spectrum.ieee.org/telecom/security/theathensaffair/

174

Draft Communications Data Bill

Peter John
General: 1. HastheHomeOfficemadeitclearwhatithopestoachievethroughthedraftBill?

ItisimportanttounderstandthatcrimesliketerrorismoftenusedbytheHomeOfficetojustify masssurveillancepresentlyposeanegligiblerisktolifeintheUK; UKDeaths,PerAnnum

Toputthosenumbersinperspective,6peopledieeveryyearfallingoutoftrees.Butthereisno expectationthatcrashmatswillbeplacedunderalltreesintheUKjustincase. Ifyouwanttosavelives,theconclusionisinescapableBestvalueisderivedbyspendingbillions preventingpeoplesmoking.Ratherthanspendingbillionsinterceptingthecommunicationsof innocentpeopleandthelawabidingbusinessesthatservethem. Theothercrimefrequentlycitedasjustificationformasssurveillanceistheheinousoffenceofchild murder/paedophilia.TheHomeOfficecitedtheshockingexamplesofIanHuntley&LeviBellfield. InthecaseofHuntley,however,itwasrevealedthathehadbeenasuspectinaseriesofsexual offencesandburglaries..yethadstillbeenallowedtoworkinaschool.Thereisnothingtosuggest thatretainedcommunicationsdatawouldhavepreventedHuntleysoffences.Therewasaserious failurebypublicauthoritiestoaccuratelyvethisbackground,andaseriousfailurebypoliceto reconciledataonhisbehaviour. Bellfieldwasnamedbypoliceasasuspectinconnectionwithnumerousunsolvedmurdersand attacksonwomendatingbackto1990,andthemurderofa14yearoldgirlin1980.AssistantChief ConstableJerryKirkbysaid,"QuestionswillbeaskedwhetherBellfieldcouldhavebeencaughtand wemustaccept,anddo,thatmistakesweremade".Thereisnoevidencetosuggestthatretained communicationsdatawouldhavepreventedBellfieldsoffences. Inbothcases,aseriousfailurebypolicetocorrelateavailableconventionalintelligenceallowedthe offencestooccur.

Draft Communications Data Bill

175

2.

HastheGovernmentmadeaconvincingcasefortheneedforthenewpowersproposedinthe draftBill?

No seeprevanswer . Britainisbroadlyasaferplacenowthanithaseverbeen. Consequently,areductioninunwarrantedsurveillance,andgreaterpromotionofdemocratic freedom,wouldbeawelcomechangeofstrategy. 3. HowdotheproposalsinthedraftBillfitwithinthewiderlandscapeonintrusioninto individualsprivacy?

TheUKhasthroughthelaissezfaireindifferenceoflazyandcorruptregulatorsbecomeasocietyI barelyrecogniseitfrommychildhood.Aplacewhereintrusionintopersonalprivacyhasbecomeso ubiquitousitexceedsthedystopianvisionofGeorgeOrwells1984. Atthesametime,theopportunitiesforredresswhenpublic&privatesectororganisationsoverstep therightsofcitizenshavebeencompletelyunderminedbytimidandcorruptregulation&law enforcement. Thereisnoeffectiveprotectionorremedywhenthelawisbroken. Forthatreason,Ifullyexpecttoemigrateinthenext12months,toasocietywherepersonallibertyis betterprotected. 4. Whatlessonscanbelearntfromtheapproachofothercountriestothecollectionof communicationsdata?

TheJointCommitteemightbewisetolooktooverseashistory;Thosewhocannotlearnfromhistory aredoomedtorepeatit. TheretheactivitiesoftheStasibearcomparison.TheStasioperatedoneoftheworld'sbiggestmass surveillanceoperations.TheStasiusedmasssurveillancetoidentifypoliticaldissentamongcitizens. Becausecitizenswereawarethattheirgovernmentwasspyingonthemacultureofmistrust resulted.Politicswereonlydiscussedwheresurveillancecouldnotreach,andonlywithclosefamily. IsthatreallytheexampleyouthinktheUKshouldfollow?Adatabasethatencompassestheprivate communicationsofallUKcitizens?Ifso,Ifearyoureignoringhistoryatyourperil. 5. Arethereanyalternativeproposalswithregardtothetechniqueandcostofobtaining communicationsdatathattheGovernmentcouldconsider?

Interceptionofcommunicationsshouldbealastresort,usedinonlythemostseriouscasesof criminalmisconduct,andonlywhenawarranthasbeenobtained. Masssurveillancewillcompeltheunconditionaluseofencryption,ultimatelydrivingupthecostof masssurveillanceinanescalatingselfdestructivespiralofcountermeasures. ThatimpactsboththecoststoGovernment,andthecosttoUKtelecommunicationsusers including commercialandpersonalusers . 6. ThedraftBillsitsalongsidetheDataRetentionRegulations.Howwillthesetwopiecesof legislationinterrelate?Woulditbepreferabletohaveoneoverarchingpieceoflegislationthat governstheretentionofcommunicationsdata?

176

Draft Communications Data Bill

ItwouldbepreferableiftheJointCommitteeweretorecommendthatlegislationcompliedwiththe EuropeanConventiononHumanRightsarticle8,whichstipulates;

Everyonehastherighttorespectforhisprivateandfamilylife,hishomeandhis correspondence.
Retainingcommunicationsdataofinnocentpeople andwearepresumedinnocentuntilproven guiltyofacrime isnotproportionate.UnlessyouconsidertheUKanationofcriminalsuspects. 7. IfitisconcludedthattheprovisionsofthedraftBillareessential,arethereanyothermeasures thatcouldbescrappedasaquidproquotorebalancecivilliberties?

No. ToquoteBenjaminFranklin;

"Theywhocangiveupessentiallibertytoobtainalittletemporarysafety,deserveneitherliberty norsafety."
Theprivacy/security/integrityofmycommunicationsisnotacommodityIampreparedtotrade. 8. WilltheproposalsinthedraftBillposeariskthatcommunicationsserviceprovidersseethe UKasalessattractivebase.Whatmightbetheeffectonbusiness?

TakingforexamplethePhormaffair,UKcommunicationsserviceprovidersdemonstratedthatthey wereincapableofbeingtrustedtorespecttheprivacy/security/integrityofUKtelecommunications. PhormWebwisewasanindustrialespionagescamthatharvestedcommercialintelligencefromUK telecommunications,andsoldtheresultingintelligencetothehighestbidder. Theeffectonbusiness?Theonlyrationalresponsetosuchasurveillancethreatistostopusingthe UKtelecommunicationsnetwork,oradoptthestrongestpossibleencryptionmethods. IwouldnotrecommendanyonelaunchabusinessintheUKatpresentbecausetherearenoeffective safeguardsinthiscountryagainstunlawfulcommunicationssurveillance. Costs: 9. Istheestimatedcostof1.8bnover10yearsrealistic?

Itseemsverypoorvalueformoney. 10. TheHomeOfficesuggeststhebenefitsthatcouldbedeliveredbytheenactmentofthedraftBill couldbeworthbetween56bn.Isthisfigurerealistic? IdontbelievetheHomeOfficecouldeverjustifythatfigure.Themoneywouldbebetterspent addressingthedeficienciesinpoliceinvestigativeprocedures,intelligencehandling,thechild protectionregister,andeliminatingrampantpolicecorruption. Scope: 11. Arethedefinitionsofcommunicationsdataandcommunicationsserviceproviderappropriate? DotheysensiblydefinethescopeofthepowersinthedraftBill?

Draft Communications Data Bill

177

Sorry,noresponsetooffer. 12. WhichpublicauthoritiesshouldbeabletoaccesscommunicationsdataunderthedraftBill? ShoulditbepossiblefortheSecretaryofStatetovarythislistbyOrder? Sorry,noresponsetooffer. 13. Howrobustaretheplanstoplacerequirementsoncommunicationsserviceprovidersbased overseas?Howrealisticisitthatoverseasproviderscouldbepursuedforbreachofduty? Essentially,itisanonsensetobelievethatyoucaneverpoliceoverseasproviders,orimposeeffective constraintsonthem.KingCanutehadmoresuccessturningthetides. ThebeliefamongsomeMembersofParliamentthattherecouldeverbeaglobalstandardfor communicationsregulationissimplydelusional.Inconsistentregulationwillalwaysexistbetween democraticnationsononehand,andthecorruptauthoritariannationsontheother. TheissueismoreaboutdeterminingwhethertheUKbecomesamodelofademocraticnation,ora modelofacorruptauthoritariannation. UseofCommunicationsData: 14. Arethecircumstancesunderwhichcommunicationsdatacanbeaccessedappropriateand proportional?Whatkindofcrimesshouldcommunicationsdatabeusedtodetect? CommunicationsDatashouldbeusedtodetectanyseriouscriminaloffence.Itshouldnotbegathered frominnocentpeopleuntilacrimeissuspected. 15. Istheproposed12monthperiodfortheretentionofdatatoolongortooshort? CommunicationsDatashouldnotberetainedwithoutawarrantobtainedinadvance.Theevidence shouldbedestroyedonceapoliceinvestigationhasconcluded. Andretainednolongerthanthat. Safeguards: 16. Applicationsforaccessingcommunicationsdatawillbesubjecttoaseriesofsafeguards includingapprovalbyadesignatedseniorofficerwithinthepublicauthoritymakingthe request.Howshould"designatedseniorofficer"bedefined?Isthissystemsatisfactory?Are thereconcernsaboutcompliancewithArticle8ECHR? EverysupposedsafeguardfailedwhenBTconductedillegalcovertsurveillanceofitssubscribers usingPhormsRussiandevelopedspywarein2006,2007and2008. TheICOrefusedtointervene. Ofcomclaimedithadnopowerstoact. ThevariousSurveillanceCommissionersclaimedtheyhadnoroletoplay. Andthepolicerefusedtoinvestigate. TheCPSrefusedtoprosecute.

178

Draft Communications Data Bill

SoifBritishTelecomcancovertlyinterceptthecommunicationsof200,000oftheirsubscribersand thebusinesseswhoservethem,usingRussiandevelopedspyingtechnology,withcomplete impunityWhydoyouthinkanyonewouldhaveanyconfidenceinthesupposedsafeguardsthe HomeOfficeclaimwillguaranteeprotectionfromabuse? Itissimplyapreposterouslie. 17. Wouldawarrantsystembemoreappropriate?Ifyoufavourawarrantsystemshouldthis applytoallpublicauthoritiesincludinglawenforcementagencies?Shouldawarrantbe necessaryinallcircumstances?Andwhatwouldtheresourceimplicationsbe? Yes,awarrantbasedsystemwouldbemoreappropriate. 18. IstheroleoftheInterceptionofCommunicationsCommissionerandtheInformation Commissionersensible? TheInvestigatoryPowersTribunalhashistoricallyupheldfewifanycomplaints; IPTComplaints20012008

Inaddition,theyclaimtheyhavenoroleoverseeingtheactionsofprivatesectororganisationsthat engageinunlawfulsurveillance. Untiltheoversightdemonstrablyincludesrobustenforcementofthelaw,andthescopeofthe oversightisextendedtoprivatesectororganisations,themeasuresareutterlyinsufficient. ParliamentaryOversight: 19. ArethearrangementsforparliamentaryoversightofthepowerswithinthedraftBill satisfactory? Parliamenthasdemonstratednocapabilitytoeffectivelyoverseecommunicationssurveillance.Ido notbelieveMPshavethetechnicalexpertiserequiredtounderstandthemeansorextentofunlawful surveillance.Whydoyoubelievethatsituationwouldchangeasaconsequenceofthisbill? Enforcement: 20. Arethepenaltiesappropriateforthosecommunicationsserviceproviderswhofailtocomply withtherequirementsofthedraftBill?

Draft Communications Data Bill

179

No,theyaretooweak.Evidencesuggeststhatthepolice&regulatorswillnotenforcepenalties againstpeoplewhoviolatethelaw,andwillevencitethetrivialnatureofpenaltiesasreasonnotto engageinenforcement. 21. Arethepenaltiesappropriateforthosepublicauthoritiesthatinappropriatelyrequestaccess tocommunicationsdata?ShouldfailuretoadheretotheCodeofPracticewhichisprovidedfor inthedraftBillamounttoanoffence? Theunlawfulinterceptionofcommunicationsisalreadyacriminaloffence.Butfewpeopleareever prosecuted. Technical: 22. Doesthetechnologyexisttoenablecommunicationsserviceproviderstocapture communicationsdatareliably,storeitsafelyandseparateitfromcommunicationscontent? ThetechnologyexiststoallowCSPstocapturesomeaspectsofcommunicationsdataaboutinnocent peopleandthebusinessesthatservethem. Howeverthequestionismorewhetheritiseverappropriateforthemtogathersuchinformation withoutawarrant,ortheexplicitconsentofthesenderANDrecipient. Ibelievetheanswertothatquestion,inademocraticfreesociety,isalwaysno. 23. Howsafelycancommunicationsdatabestored? Verysafely.Untilitiscompromised. ExamplesofsecurityspecialistsrecentlycompromisedincludeStratfor emailstolen ,HBGary emailsstolen ,USArmy theWikileaks/BradleyManningaffair .Andmanyothers. Iforganisationssuchasthesecannotprotecttheirowncommunicationsdatasecurely,theJoint Committeemightcontemplatewhyanyassurancesofabsolutesecuritycaneverbetakenatface value. Inshort,communicationsdataoncestoredislikelytobestolen,abusedandcompromised. 24. Aretheproposalsforthefilteringarrangementsclear,appropriateandtechnicallyfeasible? No.Icouldexplainwhytheywillneverbetechnicallyfeasible,butnotin6pagesusinglanguageyou wouldunderstand. 25. HoweasywillitbeforindividualsororganisationstocircumventthemeasuresinthedraftBill ? Thebillwillsimplyhastentheblanketuseofencryptionand/oronionroutingwhichwillentirely defeat oratleastsubstantiallyimpair thevalueofmasssurveillance. Inaddition,countersurveillancetools someofwhichIhavedeveloped willlikelyfurtherdiminish thevalueofretaineddatabycreatingablizzardofunusablenoise thatwillalsoneedtoberetained . 26. Arethereconcernsabouttheconsequencesofdecryption? Ifencryptedstreamsareroutinelyinterceptedanddecrypted,confidenceinanyformofUK telecommunicationsencryptedorotherwisewillbelost.

180

Draft Communications Data Bill

Atthatpoint,anyuseoftheUKcommunicationsnetworkbecomeswhollycompromised,andthe infrastructurebecomesinherentlyuntrustworthy.TherethenremainsnobasisforassumingthatUK telecommunicationsareprivateorsecureagainstunauthorisedsurveillance. Whichwouldbeatragedy,butassumingIcanemigrate,onethatwouldbeyourproblemtoresolve,and notmine. August2012

Draft Communications Data Bill

181

Just West Yorkshire


WedonotbelievethattheUKgovernmenthasputforwardaconvincingorcogentcasefortheneed forthenewpowersproposedinthedraftBillandwebelievethattheproposedmeasureserodecivil liberties. WeendorsethefindingsoftherecentlypublishedReportbyBigBrotherWatch acivilliberties group entitledAlegacyofsurveillancewhichhighlightsveryseriousconcernswiththeuseof surveillancebypublicauthoritiesandthelackoftransparencythatcurrentlyexists.Thispositionis alsoendorsedbytheCommunitySecretaryEricPickles. http://www.guardian.co.uk/politics/2012/aug/22/bbcofstedsecrecysurveillance WeconcurwithNickPickles,directororthecampaigngroupBigBrotherWatch,condemnationofthe proposals:

"Thisisanunprecedentedattackonprivacyonlineanditisfarfromclearthiswillactuallyimprove publicsafety,whileaddingsignificantcoststointernetbusiness.Noamountofscaremongeringcan hidethefactthatthispolicyisbeingcondemnedbyMPsinallpoliticalparties."

Clearlythereisaveryrealriskofthenewproposedpowersbeingabusedormisusedbypublicsector organisations.Theplanswouldgiveunrestrictedandcarteblanchepowertoinstitutionswithoutthe properchecksandbalancesbeinginplace.TheextensiveuseoftheRIPAlegislationbylocalcouncils andpublicservicesclearlyhighlightthepotentialforabuseofanylegislationwhichseekstostrip awaytheindividualsrightstoprivacy. Weconsidertheargumentthatthesepowerswillhelptoreducecrimetobefatuous.Positive outcomesincriminalinvestigationsarebestachievednotthroughincreasedsurveillancebutthe appropriatedeploymentofpoliceofficerstotacklecrime. Furthermorethepressandmediahaveconsistentlyhighlightedcasesofpolicecorruptionandfraud theverygroupsthatismostlikelytousethislegislation.JUSTalsobelievesthatthelackofpositive relationshipsbetweenBMEcommunities viz,Muslims,AfricanCaribbeangroups andthepoliceasa consequenceofthepolicetargetingpotentialterroristsandextremistsandgunandknifecrimecould leadtothesegroupsbeingunfairlytargetedundertheproposedmeasures.Thereisarealriskof sensitive,privateandpersonalinformationbeingabused. Althoughtheproposedmeasurehighlightsoneofitskeybenefitsastheabilitytotrackpedophiles, therecentexampleofaformerpoliceofficerwithWestYorkshirePolicewhowasconvictedof makingindecentimagesofchildren,highlightsthatinthewronghands,thesepowerscarryagrave risktotheindividual.http://www.wakefieldexpress.co.uk/news/local/morewakefield news/formerwestyorkshirepolicedetectiveschildpornshame14712857 TheOfficeoftheInformationCommissionerhasexpressedgravedoubtsaboutthemasssurveillance projecttoo.Hebelievesthecasehasnotbeenmadetojustifythesweepingexpansioninthepowerof thepoliceandotherpublicbodiestotrawlthroughprivatecommunications,includingvisitsto FacebookandeBay. Thegovernmenthasclaimedthisproposalisneededtofightterrorismandseriouscrimes; HowevercomputerdatabasesandsystemssuchasNICHE,PNC,ANPR,VENOM,HOLMES,OIS,WYSE alreadyexistandprovidethepoliceandotheragencieswithanextraordinaryamountofdataand intelligenceonindividuals,propertiesandbusinesses. Likewiseautomaticclassification,riskbasedprofiling,systematictrackingandrecordingoftravel anduseofpublicservices,automateduseofCCTV,analysisofbuyinghabitsandfinancial transactions,andtheworkplacemonitoringoftelephonecalls,emailandinternetusearealready usedextensively.

182

Draft Communications Data Bill

Underthenewproposals,ISPswouldinstallhardwarefromGCHQtheGovernment'selectronic snoopingagencyallowinginvestigatorstotapintoarealtimefeedofdata,andexaminewhen communicationsweresent,andwhoto,inordertobuildupintelligenceoncriminalactivity.Itisour clearpositionthatsufficientpowersalreadyexist,whichservelawenforcementandpublicagencies adequately. OnlyveryrecentlyaSupremeCourtrulinghasconfirmedthattheretentionofinnocentpeoplesDNA bythePoliceaftertheyhavebeeninvestigatedandclearedofanoffenceisunlawfulandthatitwas incompatiblewitha2008EuropeanCourtofHumanRightsdecision.Clearlythereforeinthesame logicaroundthelawfulretentionofdatainrelationtoinnocentpeopleshouldapply. Ourconcernsaboutthelackofsafeguardsaroundtheconfidentialityoftheinformationis substantiatedfollowingtherecentadmissionbytheMinistryofJusticethattheirsystemshadbeen subjecttoanonlinecyberattack.http://www.independent.co.uk/news/uk/politics/homeoffice andministryofjusticetargetedbyanonymoushackersinassangeprotest8069811.html FurthermoreaccordingtoGooglesTransparencyReport,fromJanuaryJune2011lastyear,they received1,279userdatarequestsfromUKauthoritiesandrefusedtocomplywith37%.Clearlythere wereconcernsaroundthereleaseofpersonaldatathatdidnotmeetthedisclosuretestsunderthe DataProtectionAct.Underthisproposal,thatnumberofrefusalswoulddroptozerosignalingno validityorthresholdtestsfortherequests. Theproposalisamassiveencroachmentonprivacy,andhasmanyassociatedsecurityrisksand potentialforfurtherabuse.Tostoredetailsofinternetuseforayeartoallowpoliceandintelligence servicestoaccessitiswhollydisproportionateandunnecessary.ThereiscleardisquietamongMPs toowiththemostrecentconcernbeingarticulatedbySeniorToryDavidDavisMPwholabeledthe proposal"incrediblyintrusive" ThehugecostofthespyingprojectatatimewhentheGovernmentismakingcutselsewhereisnot justifiable.Inaneraofausterity,themoneywouldbebetterspentonfundingkeypublicservices suchashospitals,schoolsandcommunityprojectsandaddressthewideningdeficit. JUSTWestYorkshirefearsthattheverypeoplethatsnoopingplansareintendedtouncoverserious organisedcriminalgangs,majorfraudsters,paedophilesaretheveryoneswhoarealreadyusing technologytoavoidbeingsnoopedupon.Thereforetheproposedlawisnotonlyadisproportionate responsebutwhollyinadequatetodealwiththeproposedproblem. August2012

investigators,subjecttocomplyingwiththerelevantlegalrequirementsduringtheinvestigationor detectionofacrime. notsurewhatthismeans

Presently,ISPskeepdetailsofwhichwebsitesusersvisit,andwhotheysendandreceiveemailsand internetphonecallsfrom,for12months.Thisinformationcanbeaccessedretrospectivelyby

Draft Communications Data Bill

183

JUSTICE
ExecutiveSummary Surveillanceisanecessaryactivityinthefightagainstseriouscrime.Whentargeted,itcanplaya vitalpartinournationalsecurity.Unnecessaryandexcessivesurveillance,however,destroysour privacyandblightsourliberty. TheDraftBillbuildsontheexistingandinadequateregulatoryprovisionsinRegulationof InvestigatoryPowersAct2000 RIPA .JUSTICEconsidersthattheRIPAmodelisneitherforward lookingnorhumanrightscompliant. TheprovisionsintheDraftBillproposeanationwideandblanketintrusionintotheprivatelifeof everypersonintheUKusingmoderntechnologytocommunicate,toenhancetheirdailylivesand supporttheirfreedomofexpression.Itwouldprovidefortheexponentialexpansionofthecollection ofinformationabouthowweusetheinternet,mobiletelephones,landlinesandthepostto communicatewitheachother.TheInformationCommissionerhascalledthisastepchangeinthe relationshipbetweentheStateandthecitizen.Weagree. TheprovisionsintheDraftBillarebroad,vagueandunjustified.Nosignificant,newsafeguardsare offered.Importantly,weareyettoseeclearevidencetosupporttheGovernmentscasethatsuch expansionisnecessaryorappropriate. Currently,around500publicauthoritiesarecapableofaccessingourcommunicationsdatausing existingsurveillancepowers.RIPAallowsthesepublicbodiestoselfauthoriseaccesstoourpersonal information.JUSTICEconsidersthatthisapproachposesasignificantthreattoourpersonalprivacy. Priorjudicialauthorisationforaccesstosurveillancepowers,includingaccesstocommunications datashouldbethedefaultinmostcircumstances.Fewerpublicauthoritiesshouldbeabletoaccess thissensitiveinformationaboutourprivatelivesandaccessshouldbelimitedtothosecircumstances whensurveillanceisstrictlynecessary,principally,forthepurposesofpreventinganddetecting seriousoffences. Rootandbranchreformofourexistinglawonsurveillanceisneededtoprovidefreedomfrom unreasonablesuspicionandamodernsurveillanceframeworkforadigitalage;notthefurther expansionofsurveillancecapabilitywithouttrulyeffectivesafeguardsagainstabuse. a Introduction 1. Foundedin1957,JUSTICEisaUKbasedhumanrightsandlawreformorganisation.Itsmissionis toadvanceaccesstojustice,humanrightsandtheruleoflaw.ItisalsotheBritishsectionofthe International Commission of Jurists. Last year, we published Freedom from Suspicion:

Surveillance Reform for a Digital Age, calling for the wholesale reform of the existing legal
frameworkforsurveillance,intheRegulationofInvestigatoryPowersAct2000 RIPA . 175 2. WewelcometheopportunitytosubmitbothwrittenandoralevidencetotheJointCommitteeon the Draft Communications Data Bill the Joint Committee . We regret that the Draft Communications Data Bill the Draft Bill is severely lacking in detail and posed as a broad enablingpowertoarrangeforthecollection,retentionanduseofpersonalinformation,withvery

175JUSTICE,

FreedomfromSuspicion:SurveillanceReformforaDigitalAge,Nov2012.Hardcopiesof thisreportwillbeprovidedtomembersoftheJointCommitteeonrequest.Chapter4,which considerscommunicationsdata,isprovidedasanAnnextothissubmission. http://www.justice.org.uk/resources.php/305/freedomfromsuspicionHererin,Freedomfrom Suspicion.

184

Draft Communications Data Bill

little detail provided on how these powers might be exercised in practice. This approach will significantlyunderminetheeffectivenessofprelegislativescrutinybyParliament,commentators andthewiderpublic. b Background 3. The Communications Data Bill introduced in 2008 by the previous Government, would have, among other things, required communications service providers to give police and intelligence agencies unprecedented access to their networks for the purposes of facilitating interceptions andrequestingdata.ItwaswithdrawninthefaceofwidespreadoppositionfromJUSTICEand othercivillibertiesorganisations,Parliamentariansandthepublic.TheformerDirectorofPublic ProsecutionsSirKenMacdonaldQC,forinstance,describedthoseproposalsasseekingtocreate an unimaginable hellhouse of personal private information. 176 In 2009, the Labour GovernmentconsultedonaseriesofproposalswhichwouldenabletheGovernmenttorequire privateproviderstocollectcommunicationsdata,againforthepurposesoffacilitatingaccessto thatdatabypublicauthorities.Again,inthefaceofopposition,theseproposalswereshelved. 177 4. The Coalition Programme for Government committed to end the storage of internet and email recordswithoutgoodreason. 178Yet,earlyinitslife,theCoalitionalsocommittedtointroducing a programme to revisit access to communications data. 179 However, the Government also promised to legislate in order to put in place the necessary regulations and safeguards that would ensure that our response to this technology challenge is compatible with the Governmentsapproachtoinformationstorageandcivilliberties. 180 5. 6. Unfortunately,theDraftBillfailstomakegoodonthesecommitmentstorobustsafeguardsfor theprotectionofourrighttoprivacyonline. The Draft Bill builds upon our existing framework for surveillance in the Regulation of Investigatory Powers Act 2000 RIPA . RIPA currently provides for requests for access to communications data. Communications data is defined by RIPA and includes subscriber data, traffic data and user data. Broadly, subscriber data is information held by a provider about a user;trafficdataoutlinesinformationsuchasthelocationofthecommunicationandthepeople

PrivatefirmmaytrackallemailandcallsbyRichardNortonTaylorandAlanTravis,The Guardian,31December2008. 177JUSTICEssubmissiontotheHomeOfficeConsultation,Protectingthepublicinanchanging communicationsenvironment,in2009isavailable,here: http://www.justice.org.uk/resources.php/190/communicationsdatacollectionandusejustice response 178CabinetOffice,TheCoalitionProgrammeforGovernment,p11 179SecuringBritaininanAgeofUncertainty:TheStrategicDefenceandSecurityReview Cm7948, October2010 ,p44. 180SecuringBritaininanAgeofUncertainty:TheStrategicDefenceandSecurityReview Cm7948, October2010 ,p44.
176See

Draft Communications Data Bill

185

involved,anddetailsoftheequipmentused;andusedatarelatestotheusemadeoftherelevant service forexample,whatwebsitesauserhasvisitedetc . 181Namedpublicbodiescanaccess different categories of data for different purposes, following internal administrative authorisation by a senior officer within their organisation. Following the passage of the Protection of Freedoms Act 2012, local authorities may only access limited data following authorisationbyamagistrate althoughtheseprovisionsarenotyetinforce . 7. The request to a service provider may be in the form of an authorisation section 22 3 or a notice section 22 4 , the difference being the former is a request for information that the provideralreadyholds,whileanoticeisadirectiontotheprovidertoacquireitonbehalfofthe requestingbody.Noticesandauthorisationslastonemonthunlessrenewed. 182Serviceproviders mustcomplywithnoticesrequiringaccesstocommunicationsdataunderRIPA,unlessitisnot reasonablypracticabletodoso. 183Ifnecessary,theSecretaryofStatecanseekaninjunctionfor theenforcementofthenotice. 184OversightisprovidedbytheInterceptionofCommunications Commissioner. 185 Since late 2005, public bodies able to make requests have been subject toan inspectionregimecarriedoutbyaninspectorateunderthedirectionofaChiefInspectorandthe supervisionoftheCommissioner. 8. The Data Retention EC Directive Regulations 2009 which implement the EU Data Retention Directive 9.
186 require certain public communications operators to retain information originally

heldforcommercialpurposesforupto12months. 187 The overriding difference between the existing framework and the Draft Bill is the shift away from the presumption that for limited purposes, the State may access data already retained or reasonablyobtainablebyserviceproviders,whenshowntobenecessaryandproportionatefor thepreventionordetectionofcrimeandotherreasonswhichservethepublicinterest.Whilethe existingmeasuresareflawed wereturntothisbelow ;theDraftBillwouldcreateapowerfor theSecretaryofStatetodeterminethatallcommunicationsdataaboutthepopulationsactivities and habits should be retained on a blanket basis, just in case it should prove justifiable for a publicauthoritytoseektoaccessthatinformation.Thispotentiallyexponentialexpansionofthe storageofdataaboutourpersonalliveswouldcreateanew,andJUSTICEsubmits,inappropriate, understandingabouttheroleoftheStateinprivatecommunications.

181

interceptionofcommunicationsdata.Sections21and22,RIPAgovernthecurrentframework. 4 and 7 . 183Section22 7 . 184Section22 8 . 185Section57 2 b .SeefurtherChapter3above. 186Directive2006/24EC 187SI859/2009


182Section23

Freedomfromsuspicion,Chapter4,providesfullerdetailsontheexistingrulesgoverning

186

Draft Communications Data Bill

c TheDraftBill 10. Part1oftheDraftBillcloselyfollowstheintentionofthepreviousGovernmentbyproposingthat thegeneration,collectionandretentionofdataaboutallonlineandtelephoniccommunications in the UK becomes universal, with information about us all gathered and stored without any connectiontothelikelihoodthatourcommunicationsareconnectedwithcriminalbehaviour. 188 11. Clause 1 creates a broad delegated power which will allow the Secretary of State to compel telecommunications operators to generate, collect or otherwise obtain new data about our communicationswhichisneitherrequiredbyprovidersforcommercialpurposesnorcurrently held. 189Itmakesclearthattherequirementswhichcanbeimposedwillbeverybroad,including togenerate,collect,retainandprocessdata;tocomplywithspecificstandardsortousespecific systems includingthroughthedevelopment,acquisitionanduseofnewsoftwareorhardware . 12. However, the detail of how these arrangements will be secured is left to secondary legislation and very little information is provided in either the Explanatory Notes or the accompanying impact assessments prepared by the Home Office. No Draft Order has been produced for considerationbytheCommittee.DetailedarrangementswillbemadebyacombinationofOrder by affirmative resolution and subsequent notices served on individual providers which may notbepublishedorprovidedtoparliamentforscrutiny . 190Giventheseriousnessofthechange proposed by the Draft Bill, the limited information provided for the purposes of parliamentary andpublicscrutinysignificantlylimitstheabilityofbothdecisionmakersandcommentatorsto closelyexaminehowthetechnologyandproceduresenvisagedbytheGovernmentwilloperate inpractice. 13. Part2oftheBillprovidestheregulatoryregimeforaccesstothedatacollectedunderPart1.It broadly replicates the existing administrative procedures in RIPA, with the only prior judicial authorisationrequiredbylocalauthorities Clause11 .Allotherpublicauthoritieswillbeable

188ThepreviousproposalsinitiallyproposedaGovernmentdatabaseforthispurpose;earlyinthe

oppositiontoitsintentthoseproposalsshiftedtofocusoncompulsionofprivateprovidersto gatherinformationabouttheirusersforthepurposesofensuringthatmaterialshouldbe availableshoulditberequestedbypublicauthorities. 189Clause1 190Clause7 1 explainsthatnoticesservedandprovidedforbyanyOrdermadeunderClause1must beinwritingandmustspecifythepersontowhomitappliesandmustbegiveninsuchawayas todrawittothatpersonsattention.Thereisnorequirementforpublication.Itisclearthatthe SecretaryofStatewouldbeempoweredtopublishbutnotrequiredtodoso.Whileproviders mightinsistonacertaindegreeofcommercialconfidence,sinceasignificantamountofdetail abouthowourcommunicationsdatawillberetainedandprotectedfrominadvertentdisclosure maybeinsuchnotices,itlimitstheopportunityforbothparliamentaryandpublicscrutiny significantlyifeventhegeneraltermsofhowthetechnologyandprocessesenvisagedbytheBill willoperateinpractice.Similarnoticesservedunderexistingpowerse.g.undertheData RetentionRegulationshavenotbeenpublished.Whenrequestsforpublicationhavebeen made,theyhavebeenrefusedforreasonsofnationalsecurity.

Draft Communications Data Bill

187

toaccessthedataafterselfauthorisationfollowinganadministrativeprocesssetoutintheDraft Bill Clause 9 . The list of public authorities empowered to access the data collected will be provided by Order no draft has been provided, as the Secretary of State is reviewing whether existingauthoritiesempoweredtoaccesscommunicationsdatatocontinuetodoso .Atahigh point, in 2007, 795 public bodies were eligible to access communications data under RIPA. 191 Thereremainover500bodiescurrentlyauthorisedunderRIPA. 192 14. Clause 14 of the Bill gives the Minister the power to establish filtering arrangements for the purposesoffacilitatingthelawful,efficientandeffectiveobtainingofcommunicationsdata.The Government has explained that the filtering mechanism will be automated but will be able to searchacross different sources ofdata held by different providers to ensure the most effective answertoanindividualpublicauthorityrequestforaccesstodata.TheExplanatoryNotesmake clear that the filtering mechanism may operate before a request has been formulated that is, beforeanindividualauthorityhasdeterminedthatarequestisnecessaryandproportionate . 193 The Government stresses that although this information will be processed by a Government controlled mechanism, it will be done automatically and will not allow the public authority in question to access data unless specifically authorised under Part 2. The Bill provides for the Secretary of State to delegate the operation of this filtering mechanism to another public authority.Itisunclearhowthisfilterwilloperate,itsintendedtechnicalspecificationsorwhoits intendedoperatorwillbe. d Privacy,communicationsanddata 15. Thateachofthedistinctactsofcollection,retentionanduseofpersonalinformationisprotected byourrighttorespectforprivatelife,homeandcorrespondenceguaranteedbyistrite. 194The

191

FreedomfromSuspicion,para173.

192Inhislastreport,theInterceptionofCommunicationsCommissionerreportedthat400local

authoritiesalonewereeligibletoaccessdata heinspected71ofthosebodies .Heinspecteda further99publicauthoritiesalsoauthorisedtoactunderRIPAforthispurpose.SeeAnnual ReportoftheInterceptionofCommunicationsCommissioner2011,HC496. 193ExplanatoryNotes,paras7477. 194InMalonevUK 1984 7EHRR14,theCourtconsideredtheattachmentofametercheckprinter toatelephonelineforthepurposesofrecordingthetimecallsweremade,towhomandforhow long.TheCourtconsideredthatthecollectionofthisinformationengagedtherighttoprivacy, butinthesecircumstancescouldbejustifiedbyreferencetothecommercialneedforasupplier ofservicestolegitimatelyensureasubscriberischargedcorrectly.Thisusewasproportionate andjustifiable.However,passingtheinformationtothepolicewithoutstatutoryauthorityand relevantsafeguardsagainstabusewasnot.See,forexample,paras5684.Itisworthnotingthe gatheringandcollationoftheinformationhereisjustifiedbythecommercialneedtoretain information.TheDraftBilldoesnotlimititseffecttomaterialalreadyheldbysuppliersand operators,butwillrequirethegenerationorretentionofdatanotneededforanycommercial purpose.Thequestionofjustificationheregoestowhetherthegenerationorretentionofthis informationcanbejustifiedforthepurposessetoutbytheHomeOfficeinconnectionwiththe potentialforsomecommunicationstoinforminvestigationsandinquiriesbypublicauthorities. InAmannvSwitzerland 2000 30EHRR843,forexample,theCourtheldthatthestoringof informationabouttheapplicantonacardinafilewasfoundtobeaninterferencewithprivate life,eventhoughitcontainednosensitiveinformationandhadprobablyneverbeenconsulted.In RotaruvRomania 2000 8BHRC449,atpara43,theCourtstressedthatevenpublic

188

Draft Communications Data Bill

protectionofprivatecorrespondenceisguaranteedbyinternationalandEuropeanlaw,inboth Article 8 of the European Convention on Human Rights and the equivalent provision of the European Charter of Fundamental Rights. 195 The collation, retention and use of personal information are specifically protected by the domestic and EU legal framework on data protection,forexampleintheDataProtectionAct1998. 16. The authority for both the extension of the collection of data in Part 1 of the Bill and the provisionsforaccesstoit inPart2 mustbejustifiedseparatelybyreferencetoalegitimateaim andmustbeshowntobeproportionateandnecessarytomeetthataim.Toavoidviolatingthe righttorespectforprivacy,thestatutoryprovisionsauthorisingbothretentionandaccessmust beinaccordancewiththelaw: a. AretheprovisionsintheDraftBillsufficientlyclearandprecisetoallowindividualsto understand when their data will be retained, and in what circumstances it may be accessedbytheState? b. c. HasevidencebeenproducedtoshowhowtheprovisionsintheBillwillbenefitthisaim, and to support the Governments case that the interference with individual privacy posedbytheBillwouldbeproportionatetothebenefittobeachieved? d. e. AreadequateandeffectivesafeguardsagainstabuseprovidedintheBill? 17. Weexplainbelowwhy,inourview,eachofthedistinctpartsoftheDraftBillposeasignificant risktotheindividualrighttoprivacy.Asexplainedinoneoftheleadingcases,surveillanceoften occurs without the knowledge of the individual whose rights are in play. So, in most cases an individual will never know whether his information has been reviewed or what has been retained.Onlyinthelimitedcircumstanceswhentheinformationisusedinatrialorwhenan authorityacknowledgesthesurveillancethatanindividualmaybeabletochallengeitspropriety. Aretheproposalstheleastrestrictivemeansofachievingtheaiminquestionandhave alternativesbeenconsidered? Dotheprovisionsaddressalegitimateaim,addressingthepreventionanddetectionof crimeorothersignificantpublicinterests?


informationcanfallwithinthescopeofprivatelifewhereitissystematicallycollectedandstored infilesheldbytheauthorities. 195Article7.

Draft Communications Data Bill

189

In thesecircumstances, there is asignificant obligation onthe Stateto ensure that surveillance powersarecloselydrawn,safeguardsappropriateandprovisionmadeforeffectiveoversight:

itis unacceptablethattheassuranceoftheenjoymentofarightcouldberemovedby thesimplefactthatthepersonconcernediskeptunawareofitsviolation.. 196


18. TheCourtstressedthatthejustificationofanysurveillancemeasuresplacesasignificantburden onStatestoadopttheleastintrusivemeasurespossible:

P owersofsecretsurveillanceofcitizens,characterisingastheydothepolicestate,are tolerableundertheConventiononlyinsofarasstrictlynecessaryforsafeguardingthe democraticinstitutions. 197


19. JUSTICEstronglyopposestheproposalinPart1oftheBilltoexpandthegeneration,collection and retention of communications data. We consider that the expansion of the pool of data collectedaboutouronandofflinerelationshipswithoneanotherposesasignificantrisktoour privacyandultimately,theGovernmenthasfailedtoprovideevidencetosupportthisextended provision for the capturing of data. Existing provisions under RIPA to access communications dataarealreadyextremelybroadandtheGovernmenthasfailedtoillustrateclearlywhythese powersareinadequateorwhyproposalsofthebreadthproposedintheBillarejustifiable. 20. Theretentionofdataposesaninterferencewiththerighttoprivacy,bothinitscreationandin the risk that it may be accessed unlawfully or in error. As the Newton Committee reported in 2003,thereareobviousriskstoprivacyinkeepinginformationaboutindividuals.Theexistence of data creates its own demand for access to it from a wide range of bodies for a variety of reasons, mostly unrelated to national security. It also creates the potential for abuse. 198 We thereforeconsiderthattheexistingpoolofcommunicationsdataliabletoberetainedshouldnot beexpandedunlessacaseofstrictnecessitycanbemadeout. 21. TheGovernmentmustillustratewhythesemeasuresareneeded.Weacceptthattechnologyis changing; as is the way we communicate with each other. However, simply because it may be possible for the State to gain access to a significantly greater pool of information about our private lives as a result of this shifting technological and social base does not mean that it necessarilyshould.

196

1978 72EHRR214,paras36,41.

197Ibid,para42.SeealsoPara49:

TheCourt,beingawareofthedangersuchalawposesof underminingorevendestroyingdemocracyonthegroundofdefendingit,affirmsthatthe ContractingStatesmaynot,inthenameofthestruggleagainstespionageandterrorismadopt whatevermeanstheydeemappropriate.


December2003 ,para398.

198ReportoftheReviewofPrivyCounsellorsoftheAntiTerrorismCrimeandSecurityAct2001

190

Draft Communications Data Bill

22. WeregretthattheECHRmemorandumandthePrivacyImpactStatementpreparedbytheHome OfficeandtheothermaterialprovidedtotheJointCommitteefallssignificantlyshortofproviding parliamentarians and the public with adequate information on its case for reform. We are particularlyconcernedaboutanumberofstatementsmadebytheGovernment: a. Expansion, not maintenance: We take issue with the repeated assertion in the consultationdocumentandassociatedmaterialswiththeassertionthattheseproposals areneededbecauseavitaltoolisdisappearingorthattheprovisionsarenecessaryto ensure communications data is availablein the future as it has been in the past. 199 This is compounded by the ECHR Memorandum which refers to the reduction in the availability of communications data that will have serious consequences for the UK and the need to mitigate the reduction in capabilities caused by the decline in the availability of communications data. 200 This capability gap is not evidenced in any of the documents associated with the Draft Bill. The Impact Assessment asserts that increasingly police and others are unable to get access to communications data; some data is no longer retainedfor business reasons; some providers offering services in this country are based overseas. 201 There is little clarification of the circumstances when communications data which would previously available is no longer, nor any evidenceprovidedofhowthisgaphasimpactedontheabilitytopreventordetectcrime. Neither is information given about the Governments predictions on the impact of changingtechnologicalcapabilities.Inotherwords,thegovernmentseekstojustifythe expansion of its already considerable powers to require the retention of communicationdataonthebasisofaseriesofpredictions,eachofwhichisquestionable atbestandspeculativeatworst. 202 Themotivationforthischangeisintheevolvingwaythatwecommunicatewitheach other.Thereisnochangeordecreaseinthecapacityoftheauthoritiestoaccessexisting data,asprovidedbyRIPA byissuinganoticeunderRIPA,apublicauthoritycanrequire abodytogenerateinformationnototherwiseheldorunderanauthorisationtoprovide dataalreadystored .Instead,therealconcernisthataswechangeourmeansof communicating,thepotentiallyavailablepoolofcommunicationsdataisexpanding. Muchofthedatathatcouldbecollectedabouthowwerelatetooneanotherisnot currentlycollectedanditmaybetechnicallyimpossibleforproviderstodousingtheir existingsystems.Withoutanystatutorycompulsionorbusinessneed,thereisno

199Foreword,

DraftCommunicationsDataBill,TheresaMay.

200DraftCommunicationsDataBill,page100. 201ImpactAssessment,page3 202ThisreflectsthelastconsultationonthisissueundertakenbythepreviousGovernmentonthis

issue.TheJUSTICEresponsetothatconsultationisavailablehere: http://www.justice.org.uk/resources.php/190/communicationsdatacollectionandusejustice response.Seepara6.

Draft Communications Data Bill

191

motivationforprivateproviderstogeneratethisdataabouttheirusersactivities.This isexplainedmoreclearlyintheImpactAssessmentwhichacceptsthattheGovernment hasconsideredtwospecificproblems: a thatcertaintypesofdataaboutour communicationsisnotcurrentlygenerated;and b thatmanynewformsoftechnology arebasedoverseasandthirdpartyproviderswithintheUKdonotroutinelystore informationabouttheirusersactivitiesontheseforums. TheprovisionsintheDraftBillarenotdesignedtoredressareductionincapability. Insteadtheyaredesignedtoincreasetheabilityofpublicauthoritiestoaccess informationabouthowwecommunicatebywideningthepoolofinformationthatisheld intheUKaboutouractivitiesonandoffline.Specifically,theywilltargetouruseofnew technologieslikeFacebookorGmailwhicharewebbasedandwithoutanyneedtostore informationaboutuserswithintheUK.Itwillalsocoverprivatecommunications networks,suchasthoserunbyBlackberryorinternalcommunicationsnetworks operatedbycompaniesandotherbusinesses. 203 b. Statecollectionofpersonalinformation:TheGovernmenthasimpliedthat,sincethedata retainedundertheBillwillberetainedbyprivatesectorproviders,theobligationonthe State to justify the retention is less onerous. The Governments view is that the only obligationinplayontheStateinthesecircumstancesmaybeapositiveobligationto effectively regulate the activities of the private sector in order to secure the safe retentionofthedata,includingbyenforcingtheexistinglegalframework. 204 Thisispotentiallymisleading.TheStatehasdistinctpositiveobligationstoregulatethe processingofpersonalinformationbyprivateindividuals,inordertoprotectindividual rights.However,theissuesraisedbytheBillarefarremovedfromthequestionsraised bythemishandlingofpersonalinformationgatheredbytheprivatesector;forexample, afailureoftheStatetoregulatethemisuseofprivatelygatheredCCTVfootage.The DraftBillwouldplaceacompulsoryobligationontheprivatesectortoretain informationwhichitwouldnototherwiseneednorwant.Itisthiscompulsory obligationtoretainanactoftheState,nottheprivatesectorwhichmustbejustified. Itmayassist,inthesecircumstances,toviewtheprovidersasagentsactingonbehalfof theGovernmentforthepurposesofcollectingandretainingdata.Thefirstquestion mustbewhethertheGovernmenthasproducedsufficientevidencetojustifythe requirementtoretain.Thesecond,whetherthatretentionisinpracticeaccompaniedby adequateandeffectivesafeguardsfortheprotectionofprivateinformation. 205

DataWatchdogquestionscaseforemailsnooping,02April2012.The InformationCommissionersOfficereferredtotheexpansionofthecollectionofcommunications dataasastepchangeintherelationshipbetweenthecitizenandtheState. 204ExplanatoryNotes,ECHRMemorandum,paras1015 205DraftCommunicationsDataBill,pages9699,paras815.Inthissectionofthememoranda,the GovernmentreliesonaseriesofcaseswhichrelatetothepositiveobligationsoftheStatetoact toprotectoneindividualagainsttheactionsofanotherprivateindividualbyregulatingtheir conductbylaw,includingthroughthecriminallaw.So,inBottavItaly,theItalianGovernment hadapositiveobligationtoenforcedisabilitylegislationagainstprivateproviderstoensure accessfortheapplicant;inKUvFinland,theinabilitytoforcethedisclosureoftheidentityofthe userofaninternetservicemeantthattheGovernmentfailedinitspositiveobligationtoprovidea formofredressandprotectionforachildwhoseidentityhadbeenabusedonline;andinVon Hannover,theStatehadanobligationtoprotectanindividualsprivacyagainstthepublicationof photographstakeninapublicplacebyaprivateproviderwithoutconsent.Noneofthesecases areanalogoustotheproposalsintheBillandweurgetheCommitteetoexaminetheevidence
203TheTelegraph,

192

Draft Communications Data Bill

c.

What does data mean?: The Government explains its view that interception of the content of communications should be considered a more serious interference than the data associated with it. However, the historical distinction about the retention of communicationsdataandtheinterceptionofcommunicationsisnotnecessarilyfeasible in the light of evolvingtechnology. The information recorded by a phone meter in the early1980sisnothing,whencomparedtowhatistodayrecordeddigitallyinrespectof everymobilephonecall,textmessageorinternetsession.Trafficdataforaphonecall, forinstance,includesnotonlythenumbersofthecallerandthecalled,thetime,dataand durationofthecall,butalsodatashowingthelocationofeachparty,whetherthenearest telephone exchange or increasingly GPS data. Similarly, the traffic data associated with a single email message will typically include not only the data and time of the message, when it was sent and received, etc but also the senders login name and IP address, from which can be gained a variety of information including, in certain cases, theparticularcomputerusedanditslocation.Trafficdatafromaninternetsessionwill include similar information as well as, for instance, the URLs of websites visited e.g. www.justice.org.uk , and the time spent on each site. In addition to socalled traffic data, communications data also includes service use data produced by service providers, e.g. itemised phone bills or internet records, and subscriber data; i.e. the name and date of birth of the customer, their billing address, contact and payment details.

Inthissense,theideaofcommunicationsdataasbeingpurelyenvelopedataishighly misleading:nobodywritestheirfriendscreditcarddetailsonanenvelope,stilllesstheir own.Itshouldalsobeobviousthattheunnecessaryordisproportionatedisclosureof detailsaboutapersonsprivatecommunicationscaninsomecasesbeeverybitas damagingtothatpersonsprivacyasanactualinterceptionoftheircommunications, particularlywhenitrevealstheirlocationataparticulartimeanddateorthefactoftheir contactwithaspecificperson.Similarly,areviewofapersonsinternetactivitiescan allowanintimatepicturetobebuiltabouttheirindividualchoicesandpersonalhistory, includinginformationabouttheirhealth.Storingthesumofourannualcommunications dataacrossmultipleproviderscouldcreateanextremelyfullpictureofourpersonal preferences,activitiesandhabits.Thecollationofthiskindofdata,accessibledirectlyor


whichtheGovernmenthasprovidedtojustifytheneedtocompelprivateproviderstogenerate, collateandretaindataforitspurposesclosely.Thesecaseshavemoreincommonwiththecases wheretheGovernmenthascollatedmaterialbutnotnecessarilyusedthematerialinpracticeor whereithasconductedstrategicsurveillance seeforexample,RotaruvRomania,Ammanv SwitzerlandandLibertyvUK AppNo58243/00,Judgmentdated1July2008 .The GovernmentreferstothecaseofMalonevUK,consideredabove,wheretheCourtconsideredthe collationofmeteringinformationforbillingpurposeslegitimateandcompatiblewithArticle8 ECHR.Asexplained,thecollectionofinformationforlegitimatecommercialreasonswillinvolve distinctconsiderationtotheproposaltorequiretheprivatesectortoretainmaterialitwouldnot otherwiseretainforpublicpurposes.

Draft Communications Data Bill

193

acrossdatasetsthroughafilteringmechanismcouldhaveaseriousimpactonourright torespectforourprivatelives. Othersaremorecapableofcommentingonthetechnologicalfeasibilityofdividing contentandcommunicationsdata,butJUSTICEunderstandsthatthisisincreasingly difficult.AsagroupofacademicsintheInformationSystemsandInnovationGroupof theLondonSchoolofEconomicsnotedintheir2009briefingonthegovernments InterceptionModernisationProgramme, 206thedistinctionbetweensocalledtraffic datarelatingtointernetuse,ontheonehand,andtheactualinterceptionofthecontents ofacommunication,ontheother,isbecomingincreasinglyblurred,particularlybythe useofdeeppacketinterception: 207 d. Doescollectingdataviolateourprivacy?:TheGovernmentarguesthatthecollectionand retentionofdatarequiresalesserdegreeofjustificationthanuseofdata.Weacceptthat theproportionalityofindividualmeasureswillvaryaccordingtotheseriousnessofthe interference concerned and its potential impact and the significance of the evidence that the measures utilised are necessary and proportionate to any legitimate aim. However, the documents accompanying the Bill give very little weight, if any, to the proposed interference with individual privacy posed by the expanded retention of communicationsdata.Importantly,althoughthePrivacyImpactAssessmenttacklesthe privacyimplicationsofaccessunderPart2,andsafeguardsassociatedwithretention,it makes no provision or assessment of the justification for the compulsory retention provisionsinPart1.Significantly,itfailstograpplewithongoingEuropeanchallengesto the Data Retention Directive; the specific implications of the collection of data for particular groups of individuals; or any wider human rights considerations associated withthegenerationandcollectionofdata: i. These provisions will operate in addition to the existing Data Retention Regulationswhichprovideforsomeproviderstoretaincertainuserdataforup to12months.TheRegulationsfurtherthanrequiredbytheEUDataRetention Directive. The Draft Bill would go significantly further by creating a default assumption that all information about our communications with each other mightberetainedjustincase,onarolling12monthbasis,ensuringthatatany one time the State will have access to an annual history of our on and offline activities.AsignificantnumberofEUcountrieshaverefusedtoimplementthe EU Data Retention Directive; and its provisions, or associated implementing legislation, declared unconstitutional by judicial authorities in a number of countries, including Ireland, Belgium and Germany. The European Court of

BriefingontheInterceptionModernisationProgramme June 2009 . 207ProfessorPeterSommeroftheInformationSystemsandInnovationGroupquotedintheLSEpress release,HomeOfficeinternetsurveillanceproposalswontworksaysLSEstudy,17June2009.


206LSEPolicyEngagementNetwork,

194

Draft Communications Data Bill

Justice is expected to consider the compatibility of the Directive and its implementation across Europe in more detail during the next year when it considersacasereferredtoitfromIreland DigitalRightsIreland . 208Thatthe Governmenthaschosentopressaheadwiththeexpansionofourframeworkfor the collection and retention of communications data while this uncertainty continuesataEuropeanlevelissurprising. ii. ThattheGovernmentfailstograpplewiththeprivacyimpactoftheretentionof communications data is disappointing; but it also neglects to consider the potential impact of Part 1 on particular groups. For example, the Bar Council has, in its evidence to the Joint Committee highlighted the specific problems which may result from the collation of information generated by individuals communicatingwiththeirlegalrepresentatives,bylawyerscommunicatingwith their clients or with lawyers communicating with each other about their cases. 209Insofarasitfailstoeffectivelyrecognisetherighttolegalprofessional privilege, the existing RIPA framework is flawed. That this Draft Bill fails to recognisethepotentiallychillingeffectthatPart1couldhaveontheconfidence of clients in the secrecy of their communications with their legal advisers is worrying.Further,therearenospecificexemptionsprovidedfromthescopeof Part 1 at all. This could mean that individual legal firms could be required as telecommunications operators to comply with an individual notice to generate data.JUSTICEconsidersthatthiswouldclearlyviolateboththerighttorespect for private life and the right to due process. However, without a clear exemption, or any indication from the Government on how these particularly sensitive communications will be handled, it is difficult to be assured. Other groupsareequallyoverlooked.CommunicationsbetweenParliamentariansand lobby groups, between MPs and their constituents; the communication of journalistswiththeirsources;andtheactivitiesoftradeunions,protestgroups andoppositionpartieswillallbecoveredbyPart1. iii. Theinternetisavitalmodernresourceforfreedomofexpressionandfreedom ofassembly.Thepublicreactiontotheprospectthatourinternetusemightbe monitoredthroughtheretentionofdataaboutourusehasbeenvehement.This

DigitalRightsIrelandvTheMinisterforJusticeandOthers, 2010 2006/3785P. AfullerconsiderationofeachofthechallengesisprovidedbytheEuropeanCommissioninits reporttotheCouncilandtheEuropeanParliamentonthisissue:COM 2011 225. http://ec.europa.eu/commission_2010 2014/malmstrom/archive/20110418_data_retention_evaluation_en.pdf 209http://www.barcouncil.org.uk/mediacentre/newsandpressreleases/2012/august/barcouncil callsfor'snoopers'charter'toprotectlegalcommunications/
208Seeforexample,

Draft Communications Data Bill

195

has been replicated in other countries where increasingly draconian controls havebeenplacedbytheStateontheconditionsforitsuse forexampleinother EU countries implementing the EU Data Retention Directive . That the Government has failed to grapple with the potentially chilling impact of these measures on ordinary users of these services is some cause for concern. The lackofpublicconsultationbeforetheDraftBillwaspublishedisperhapsrelated to the Governments narrow view of its potential and perceived impact on individualusers. e. Whataretherealcrimefightingbenefits?:TheGovernmentsclearestassessmentofthe justification for retention is found in the Impact Assessment, which sets out in broad assertions the business case for reform and the expected benefits of the change proposed.However,theinformationprovidedisexceptionallyslim.Expectedbenefitsof thechangesproposedintheDraftBillareassessedat5.06.2billionandarebased upon: ananalysisofcriminalbehavioursbytheSeriousandOrganisedCrimeAgencyandan

analysisofthefuturecommunicationsmarketbasedonOFCOMandothermarket sources.
Thebenefitsaresaidtoaccruefrompreventingtaxfraudandfacilitatingtheseizureof criminalassets.However,theyalsoincludebenefitsaccruedfromlivessavedand childrensafeguardedbasedonstandardestimatesbyHomeOfficeeconomists.Other benefitswhichcannotbemonetisedincludedrugsseized,successfulmurderconvictions andthepreventionofterrorism.Withoutfurtherexplanationitisextremelydifficultto understandhowtheseassertedbenefitshavebeencalculated.Itisclearthatfurther evidencehasbeenproducedbytheGovernmentandParliamentariansmaywishtoask forfurtherinformation. However,nowhereintheinformationprovidedbytheGovernmentisthereaclear explanationoftheGovernmentsviewthattheblanketcollectionofallcommunications datawithoutconnectiontoanyspecifictypeofcommunicationortothelikelihoodthat thecommunicationsmayleadtoevidenceofcriminalitycanbejustified.This unfortunatelyreflectstheapproachofthepreviousGovernmenttotheblanketretention ofDNAgatheredfrompeoplearrestedbutnotconvicted.Thepotentialusefulnessof successfulDNAmatcheswasinappropriatelytakenasthestartingpointforjustification, asheretheusefulnessofaccesstocommunicationsdataisheldoutasthesolepillarto supportPart1oftheBill.However,thisisinadequateforthepurposesoftheimposition ofablanketruleofthistype,whichmustbeexaminedcloselyforclearjustificationthat thedataretainedisnomorethannecessaryandproportionate. 210Forexample,the Governmentmakesnoestimateofwhatproportionofthedataretainedislikelytobe

210Seeforexample,

MarpervUK 2009 48EHRR50.Inthatcase,theCourtexplainedthatmeasures whichoperatewithoutregardtoindividualimpactandcharacteristicsmustbeaccompaniedby clearjustificationandappropriatesafeguards,concludingthatthethenarrangementsforthe indefiniteretentionofDNAsamplestakenfrominnocentpeoplearrestedbutneverconvicted wasdisproportionateandinviolationofArticle8ECHR.

196

Draft Communications Data Bill

usedinconnectionwiththepreventionanddetectionofcrime;nordoesitgiveany indicationofhowmanycaseswherecommunicationdataassistedinconviction,that convictioncouldnothavebeenobtainedbyothermeans;similarly,nofiguresare providedfortheprojectedincreaseincapacitytosecureconvictionsfollowingthe expansionofthecollectionofcommunicationsdataproposedbyPart1.Theanswersto atleastsomeofthesequestionsmusthavebeenpreparedinordertosecurethefinancial estimatesgivenintheImpactAssessment.However,theyhavenotyetbeendisclosed. f. Strikingtherightbalance?JUSTICEconsidersthatitisclearthattheproportionalityof thesemeasureshavenotyetbeenfullyexploredbyGovernment.TheGovernmenthas not, satisfied the requirement for compelling evidence that these measures are strictly necessary.Inourview,itisclearthattheyarelikelytoviolatetherighttorespectfor privatelife. e Therelevanceofsafeguards

25. The safeguards outlined by the Government in connection with the expanded collection and retentionofcommunicationsdataarethemselveslimited: a. Retention is limited to 12 months. The Government explains its view that the data retainedwillbedestroyedafter12months exceptwhereextendedforthepurposesof legal proceedings is a significant safeguard against abuse. 212 However, this safeguard shouldnotbeoverplayed.Whiledatawillonlyberetainedforayear,theeffectofPart1 will be to create at any point in time an annual picture of the populations communications activity. This rolling diary of communications data could be kept for each individual in the country, albeit stored across multiple providers and accessed throughtheGovernmentcontrolledfiltermechanism. b. Useandprocessinglimited:TheGovernmentalsopointstotheexpressresponsibilityon providerstodestroythedatawhenitisnolongerlawfullyheldandthatuseofthedata otherthanauthorisedbytheDraftBillwillbeprohibited. 213However:

Thegeneration,collectionandretentionofnewdata Part1

23. The Government relies predominantly on proposed safeguards against the arbitrary abuse of the new powers to support its case forreform. The caselaw from Strasbourg on surveillance has focused closely on the efficacy of safeguards associated with surveillance in their examinationoflocallawsfortheprotectionofthenationalinterest.Asaninternationalcourt,it has generally afforded a significant margin of appreciation to States in connection with State surveillanceinassessingthenecessityforparticularmeasures.211 24. However, there can be no question that it is for Parliament to be satisfied that these intrusive measuresaretrulynecessaryandappropriatebeforeproceedingwiththeproposalsintheDraft Bill. Safeguards alone cannot justify the shift in the relationship between the State and the individualenvisaged.

211

FreedomfromSuspicion,Chapter2.

212DraftCommunicationsDataBill,ECHRMemorandum,para14 213Ibid

Draft Communications Data Bill

197

i. This fails to acknowledge the significant number of public bodies who are alreadycapableofaccessingcommunicationsdataforanextremelybroadrange ofpurposes wereturntothisissue,below ; ii. Italsoneglectsthatthelargerthepoolofdatacollated,thegreatertheriskthat itmaybemismanagedordisclosedinerror.Inhislatestreport,theInterception of Communications Commissioner refers to almost 900 self reported errors undertheexistingframeworkforaccess.Afailuretounderstandthescopeof thepowersintheDraftBillcouldleadtounlawfuldisclosure.However,human andmechanicalerrorcanequallyleadtotheunlawfuldisclosureofdata.Both privateandpublicbodieshave,overthepastfiveyears,sufferedfromsignificant embarrassment as a result of lost data for example the Department for Work andPensionslosinginformationaboutfamiliesclaimingchildbenefit . iii. TheDraftBillanditsExplanatoryNotesmakeclearthatnotonlywillaccessbe permittedforthepurposesspecifiedintheBill,butforotherlawfulpurposes. TheGovernmenthaveexplainedthatthiscouldincludeaCourtOrder. 214So,for example, disclosure might be sought in the course of civil litigation from a telecommunications provider through the use of a Norwich Pharmacal Order, forexample,whereonepartytolitigationarguesthattheproviderismixedup in the dealings of the other party as a result of the use of his service for wrongdoing. iv. The Draft Bill provides for the Secretary of State to expand the purposes for whichaccessispermittedbyOrder wereturntothisbelow ; v. The Draft Bill does not propose to create an offence of unlawfully disclosing data. If material is disclosed other than in accordance with the Draft Bill, it is likelythatthemostsignificantdeterrentwillbeafineimposedundertheData ProtectionAct1998.Inlightofthefactthattheserequirementsmaybeapplied to businesses with a multimillion pound turnover, a fine may not be a significantdeterrent.Whilewearereluctanttorecommendnewoffences,but the limited deterrent of the existing measures reduce the limits placed on individualssubjecttoPart1requirements. c. Securityobligations:TheBillrequirespersonsretainingdatasubjecttoPart1toputin place adequate security systems to govern access to the data and to protect against unlawfuldisclosure.Unfortunately,withoutfurtherinformationaboutthetechnicaland proceduralarrangementsimposedbyPart1,andthecorrespondingneedforsecurity,it isextremelydifficulttoassessthelikelycapabilitiesofanysecurityarrangements.Since thesespecificsarelikelytobeconfinedtonoticesservedonpersonsunderPart1,which may not be published, independent and impartial assessment of the effectiveness of securityarrangementsislikelytobeimpossible. Consultationandproceduralguarantees:Clause2oftheBillprovidesthatwhenanotice isimposed,theSecretaryofStatemustcomplywithcertainconsultationandprocedural requirements.Unfortunately,thesemeasuresareentirelygearedtowardstheprotection oftheinterestsofthepersonssubjecttoPart1notices,nottheprivacyrightsofusers.It provides for consultation with the person subject to requirements, with the Technical Advisory Board established under RIPA and OFCOM, none of whom have any specific obligationtoconsiderprivacyorthenecessityandproportionalityoftherequirements beingconsidered.Weconsiderthatwhilethiswouldbeavitalproceduralrequirement for the protection of the commercial and other interests of telecommunications operators, it adds little to the protection for individual users. There is no statutory requirement for public consultation proposed, nor is it proposed that the Information CommissionersOfficewouldbeconsulted. TheroleoftheInformationCommissionersOffice:Part3oftheBillprovidesanewrole for the Information Commissioner in relation to data held under Part 1. The

d.

e.

214Clause5.ExplanatoryNotes,paras3031.

198

Draft Communications Data Bill

Commissioner is required to keep under review the operation of measures relating to data security; the destruction of data and any provision in any Clause 1 Order which relate todata security Clause 22 5 . While we welcomethe recognitionof arole for theInformationCommissioner,wenotethattheproposeddutiesechoandsupplement existing statutory functions which exist under the Data Protection Act 1998. While specific statutory functions here provide a degree of specific scrutiny, these are in themselveslimitedtodatasecurity.TheInformationCommissionerisnotempoweredto consider the necessity or proportionality of any specific requirement or any issues relating to access by a public authority to data. These functions are reserved to the Interception of Communications Commissioner. In any event, the Information Commissionerhashimselfquestionedwhetherwithoutsignificantfurtherresourceshe wouldbecapableofconductingthereviewproposedintheDraftBill. f. The role of the Interception of Communications Commissioner: We consider that the oversight of the Interception of Communications Commissioner ICC under the existing RIPA procedures is inadequate to protect the individual right to privacy. The provisionsintheDraftBillextendtheexistingmeasurestothenewproposalsinParts1 and2withlittleornomodification.WeaddresstheworkoftheICCbelow.

Accesstodata Part2

26. That the provisions in Part 2 broadly replicate the provisions in RIPA for access to communicationsdataisdisappointing.JUSTICEconsidersthatthereareasignificantnumberof flaws within RIPA which are magnified when applied to the proposed expansion of data generation in Part 1. Principally, we are concerned that these powers will continue to be exercisedbyafargreaterrangeofbodiesthanmaybestrictlyjustifiedandforpurposeswhich are not necessarily proportionate in light of the impact of compulsory surveillance powers on individual privacy. As explained above, the bodies which will exercise the right to access data undertheDraftBillhavenotyetbeenfinalised. 27. ThepurposeswhichtriggertherighttoaccessdatagatheredunderPart1broadlyfollowthose outlinedinRIPA.JUSTICEconsidersthatthepurposesoutlinedinRIPAarealreadyoverlybroad. MeasuresdesignedascompulsorypowersforsurveillancebytheStatemaybeessentialforthe investigation of serious crime, but as the purposes in RIPA devolve from the prevention and detectionofseriousoffencestheriskthattheywillbeuseddisproportionatelyincreases.When RIPA was introduced, the only bodies to exercise powers under the Act were the police, intelligence services and HMRC. While the powers under the Act might appropriately be extendedtootherlawenforcementagenciesandtheemergencyservices,itsextensiontoother bodies should be justified by reference to the strict necessity test identified by the Strasbourg Court. When these powers are extended to the investigation of minor criminal or regulatory offences such as flytipping, or for administrative purposes, such as the checking of school catchment,weconsiderthattheiruseishighlylikelytobedisproportionate.Thatisnottosay that such minor offences are not important or deserving of investigation. Rather it is that the harminvolvedisbydefinitioninsufficientlyserioustojustifytheinherentriskthatsurveillance posestotheprivacyofanypersonundersuspicion.Similarly,inconnectionwiththeuseofthese powers for other purposes such as the identification of persons , less intrusive forms of investigation are likely to be an equally effective and therefore more proportionate means of investigatingminorcrimesthantheresorttosurveillancepowers. 215 28. In addition, many of the safeguards relied upon by the Government are also based upon the flawedproceduralarrangementsofRIPA:

215

FreedomfromSuspicion,paras180181.

Draft Communications Data Bill

199

a.

Authorisation: JUSTICE considers that the administrative authorisation procedure provided for in Clauses 9 and 10 provide for inadequate independent scrutiny of the need for access to data. These provisions are largely modelled on RIPA. In Freedom fromSuspicion, weexplainedourviewthatpriorjudicialapprovalshouldbethedefault authorisation mechanism for most surveillance activities, including access to communicationsdata.Whileitisnodoubttruethatseniormembersoforganisationsare typically wellplaced to supervise the operational decisions of their subordinates, and moremindfuloftheirultimateaccountabilitytothepublic,itisalsoclearthatseniorand junior members of the same organisation will inevitably share an interest in achieving the necessary results. The relative seniority of a Police Superintendent would not normallybeenough,forinstance,tomakehersufficientlyobjectivetoauthoriseasearch warrant, unless it was a genuine emergency and there was not sufficient time to approach a judge. Still less is it realistic to expect a Deputy Chief Inspector to be sufficientlyindependentofaninvestigationbeingcarriedoutbyhissubordinatesinthe TradingStandardsService,forexample,toobjectivelyassesswhethersecretlyaccessing someones communications data is a necessary and proportionate interference with theirrighttoprivacy. 216 AlthoughtheCourtshavestoppedshortofexpresslyrequiringpriorjudicial authorisationinallcases,inmanycasesithasbeenconsideredessential.Itisseenasthe paramountmeansofprotectingindividualprivacyininstanceswheretheindividual themselvesmaybeunawarethattheirinformationisbeinghandled.Inthosecases wherenoformofpriorjudicialoversighthasbeenavailabletheothersafeguards imposedbydomesticarrangementsforsurveillancehavebeenrobustandscrutinised extremelycloselyandthemeasuresinquestionhavebeensubjecttorobustreviewafter theevent. 217Forexample,inarecentdecisioninvolvingretentionofinformationabouta student,theCourtsaid:

b.

Theruleoflawimplies,interalia,thatinterferencebytheexecutiveauthoritieswith anindividual'srightsshouldbesubjecttoeffectivesupervision,whichshould normallybecarriedoutbythejudiciary,atleastinthelastresort,sincejudicial controlaffordsthebestguaranteesofindependence,impartialityandaproper procedure. 218

Proportionalityandnecessity:TherequirementintheBillthatonlyauthorisationswhich are proportionate and necessary should be a significant safeguard against abuse. The Billrequiresthatthemeasuresinquestionbeproportionatetothegoaltobeachieved. Since access engages privacy, this requires public authorities to effectively apply the Conventiontestsetoutabovetoeachaccessauthorisation.Unfortunately,inpractice, theapplicationofthisrestrictioninRIPAhasnotprovedasignificantbarriertoaccess. Neither public authorities, individual officers or the Interception of Communications Commissionerappeartohaveappliedarigorousreviewoftheproportionalityofexisting requestsfromahumanrightsperspective. Forexample,inthecontextofrestrictingaccessoflocalauthoritiestocommunication data,theInterceptionofCommunicationsCommissionerconsideredexistingpowers exercisedproportionatelyasrequestsfromlocalauthoritiesmadeupalowproportionof overallrequestsandtherehadbeenveryfewerrorsselfidentifiedbylocalauthorities. HealsoconsideredtheuseofRIPAforthepurposesofpursuingflytippingan appropriateandproportionateuseofcompulsorysurveillancepowers,regardlessof

BriefingontheInterceptionModernisationProgramme June2009 ,p30:nowseemsagoodtimetoquestionwhetheraseniorofficialinanorganisation withaninterestintheoutcomeofaninvestigationisthebestpersontojudgetheapplicationfor accesstocommunicationsdatamadebyajuniorfigureinthesameorganisation. 217Seeforexample,UzunvGermany,AppNo35623/05,2September2010. 218RotaruvRomania 2000 8BHRC43atpara59.


216Seee.g.LSEPolicyEngagementNetwork,

200

Draft Communications Data Bill

othermeansofinvestigation. 219Hefailedtoconsiderwhethertheuseofthepowersin individualcaseshadbeenjustified.Similarly,duringtheJointCommitteesevidenceon theDraftBill,ithasbeensuggestedthatthepoliceusethesepowersfornoncrime purposesandforlowleveltrafficoffences. Thereis,aninherentriskinanycriminalinvestigationinvolvingintrusivesurveillance thattheresultinginvasionofprivacywillinhindsightprovetohavebeenunnecessary becausetheinitialsuspicionturnsouttobefalse:whatLordNeubergerdescribedasone oftheparadoxesofsurveillance. 220Thisinherentriskcanbeminimisedby,forexample, requiringthatlessintrusivemeansbeconsideredfirst,butitcanneverbeeliminated. Whetheritisproportionate,therefore,toruntheriskofinvadingsomeonesprivacyin theknowledgethattheymayturnouttobeinnocentdependsonseveralfactors, includingthereasonablenessofthesuspicionbutalsotheseriousnessoftheoffencein question.Itisthedifference,inotherwords,betweenbreakingdownthedoorto someoneshotelroombecauseyouthinktheyarebeingmurdered,andbreakingdownto doortotheirhotelroombecauseyouthinktheyhavestolenyourtoothbrush.Inboth cases,yoursuspicionmaybeverywellfoundedbutthereisalsoaninevitableriskthat youaremistaken.Andshoulditturnoutthatyouaremistaken,thereasonablenessof yoursuspicionwillbeoflittlecomforttothepersonwhoseprivacyyouhave unnecessarilyinvaded.Butatleastinthecaseofsuspectedmurder,wewouldsaythat theseriousnessofthesuspectedoffence,combinedwiththereasonablenessofyour suspicionhelpedtoexcuseyouractions.Thesamecouldnotbesaidofthetoothbrush. 221 Unfortunately,thereislittleevidencethatthistestisbeingappliedappropriatelyin practiceorthatitoperatesasasignificantsafeguardforpersonalprivacy. c. The role of the Interception of Communications Commissioner and the Investigatory PowersTribunal:TheroleoftheInterceptionofCommunicationsCommissionerandthe Investigatory Powers Tribunal is not capable of providing adequate, independent and transparent review to provide reassurance that individual privacy is respected in the operationofRIPA.Asexplainedabove,expostjudicialreviewmaybeadequateinorder to ensure respect for private life only where that review is accompanied by adequate existing safeguards to ensure that individual rights are afforded appropriate respect. Unfortunately,reviewbytheICCandtheIPTissignificantlylacking.Bothmechanisms arefundamentallyflawed.AsweexplaininFreedomfromsuspicion: i. Review by the ICC is by way of dipsample and the selfreporting of errors. This means that only a handful of the almost 500,000 requests for communications data a year are reviewed for example, there were 895 individual errors selfreported to the Commissioners office during the last reporting period; and he inspected less than 200 individual public authorities exercisingpowersinconnectionwithcommunicationsdata ; ii. Between 2005 and 2010, no reports were made that any public authority decisionhadbeendisproportionateorunnecessary.In2011,theCommissioner reported that in one case it had been reported that powers had been used inappropriately.However,thislattercaseinvolveduseofcommunicationsdata powers in connection with school admissions, an issue which had been consideredbytheIPTinthe Patoncaseandhelddisproportionate andwhich hadbeencoveredsignificantlyinthepressduring2011 .AstheCommissioner

219 220

FreedomfromSuspicion,paras172181. InreMcE 2009 UKHL15atpara111. FreedomfromSuspicion,paras172181.

221Forfurtherinformationabouttheapplicationoftheproportionalitytestinthiscontextsee:

Draft Communications Data Bill

201

highlights in his report, this is the only case in which his inspections have identifiedaninappropriateuseofthesepowers. 222Giventhattherehavebeen probablysomewhere closeto threemillion requestsmade since January 2004, this suggests either a degree of effectiveness in public body decisionmaking thatapproachesinfallibility,ormorelikely,thattheCommissionersoversightis ineffective. iii. The IPT lacks transparency and any of the procedural safeguards associated withaccessibleredressoreffectiveoversightofferedbyordinarytribunals.The likelihood that individuals will become aware of surveillance is low in the Patoncase,thesurveillancecametolightdueanerrormadebyalocalauthority employee , making bringing a case before the IPT extremely unlikely. When cases are brought, they may be argued in secret, and in the absence of the applicantandtheirlegalteam.IfacaseproceedstoadecisionbytheTribunal, the applicant may only be told if he has won or lost and may be significantly deprivedofanyreasonforthedecisioninthecase. 223 d. Filtering: The Government refers to the filtering arrangements in the Draft Bill as minimisingthelikelyinterferencewithArticle8rightsposedbyrequestsforaccess. 224 As explained above, we find this argument extremely difficult to follow. There is very little information available about how the filtering mechanism will operate. However, whathasbeenexplainedisthatthismechanismwillallowtheGovernmenttojoinup datasets held by numerous providers toprovide afuller picture relevant to a request. This mechanism will enable the creation of an extremely full picture about an individualsprivatelifeortheactivitiesofagroupofindividuals.Thisinformationwill be accessed before a request is authorised, albeit within the filtering process. This in itself would appear to create a greater risk to individual privacy, not an additional safeguard. Without significant further details on the technical and procedural arrangements for the operation of the filter, including which public authority will operateit,itisimpossibletoprovideareliableandclearanalysisoftherisksassociated withitsfunctioning. RepealofGeneralPowers:TheECHRMemorandumandthePrivacyImpactAssessment includes the decision to repeal certain general powers to access data within the Governments assessment of the proportionality of these measures. 225 JUSTICE have called for the repeal of these general powers, which would most likely fail any Convention challenge if one were brought, for lack of legal certainty or appropriate safeguards. The Government committed in its counterterror review published in January 2011 to rationalise the bases by which communications data could be acquired. 226 We welcome the decision to repeal these provisions. However, this decisionshouldnotbetreatedasatradeoffora quidproquofortheexpansionofdata collected.

e.

f TimetoripupRIPA? 29. The introduction of the Draft Communications Data Bill provides an ideal opportunity for Parliament to consider the underlying legal framework for the existing broad powers of state surveillanceinRIPA.Theexistingpoolofcommunicationsdataliabletoberetainedshouldnot

2222011AnnualReportoftheInterceptionofCommunicationsCommissionerHC496,page44.

223AfullercritiqueoftheineffectivenessoftheIPTisprovidedin

9. 224ExplantoryMemorandum,para21 225ExplanatoryMemorandum,para21. 226Cm8004,January2011,page5.

FreedomfromSuspicion,atChapter

202

Draft Communications Data Bill

be expanded. Instead, RIPA should be revisited with a view to significant reform. In so far as accesstocommunicationsdataisconcerned: a. Publicauthorities:Thenumberofpublicauthoritiesabletoaccesscommunicationsdata should be significantly reduced; and ideally limited to the police, law enforcement agencies intelligence and emergency services and to any other bodies dealing with seriouscriminaloffences; b. Access: The purposes for which communications data may be accessed should also be revised, with a view to limiting significantly the circumstances when communications datamaybeusedproportionately.Whiletherequirementthatthemeasuresshouldonly beexercisedwhennecessaryandproportionateshouldbeasignificantlimitationonthe circumstances when data requests are made; in practice this has not operated as a particularrestrictiontoadministrativeauthorisation; c. Prior judicial authorisation: The default for the majority of requests should be prior judicialauthorisation.Thiswillsignificantlyincreasetheindependenceoftheoversight mechanisms in play and the likelihood that data will only be accessed when necessary and proportionate. Exemptions may be considered to allow police, law enforcement agencies, intelligence and emergency services access to limited subscriber data including information about account holders name, address and contact details, for example andforaccessinemergencysituationstootherdata subjecttoasubsequent judicial authorisation within a reasonable period, for example, 48 hours . 227 Some objectionhasbeenraisedabouttheuseofpriorjudicialauthorisationinconnectionwith administrative difficulties, the need for speed and costs. We consider that these difficulties should not be overplayed, particularly in light of the breadth of the powers beingexercisedandtheirimplicationsforpersonalprivacy. d. Review and oversight: If prior judicial authorisation is in place as a default, the importanceofsubsequentreviewwillbelesssignificantandlessonerous.However,we have recognised that independent monitoring and review of decisions made and the operationofthelegislationwouldbesensible.Inourview,thisshouldbeconductedby theInformationCommissionerinconnectionwithnonlawenforcementactivitiesandby theSurveillanceCommissionersinsofarasreviewisnecessaryinconnectionwiththe activitiesofthepolice,lawenforcementandintelligenceagencies. 228

h Conclusion 30. These proposals have been presented by Government as an innocuous and technical shift necessitated by degradation in existing investigatory powers. Instead, the Draft Bill creates a platform for the Government to collate information about each of us which would allow an undefinedlistofpublicauthoritiesaccesstoarollingannualdiaryofouronandofflinepersonal lives for an extremely broad range of purposes. This would be a stepchange in the way

227Anexceptionbasedonadhocsupervisioncouldbecarvedoutforlawenforcementbodiesacting

inanemergency asexplainedaboveandinFreedomfromSuspicion .Thebulkofrequestsfor communicationsdatarelatetorequestsfromthepolice,lawenforcementandotheragenciesfor subscriberdata. Between20052011,theproportionofrequestshasbeenbetween54%and 80%.SeeFreedomfromsuspicion,para160.Seealso2011ReportoftheInterceptionof CommunicationsCommissioner. Accesstolimitedsubscriberdata suchasname,addressand contactdetails bythepoliceandotherlawenforcementagenciesoremergencyservicesmight justifiablybeexemptedandsubjecttoadministrativeauthorisation.However,wenotethat althoughthedefinitionofsubscriberdatausedintheBillreflectstheprovisioninRIPA,the applicationofthatdefinitiontothenewproposalstogatherdatainPart1willexpanditseffect forexample,subscriberdatamightincludeaFacebookprofile,informationheldbyauniversity networkaboutitsstudents,includingforexample,transcripts,orbyemployersabouttheir employees .Wewouldconsiderpriorjudicialauthorisationasadefaulttheappropriatetrigger foraccesstothiskindofdata. 228Further,moredetailedinformationaboutJUSTICEsrecommendationsforreformcanbefoundin FreedomfromSuspicion,atpages8586.SeeAnnex2

Draft Communications Data Bill

203

31. WeurgetheJointCommitteetorejecttheGovernmentscaseforreformandtocallforrenewed focusonthefailingsofourexistinglawonsurveillancebeforefurtherlegislativeexpansionofthe collectionofpersonaldataispursued. August2012 AnnexCallforEvidence:TheCommitteesQuestions Inourwrittenevidence,wehavefocusedonourkeyconcernsabouttheBill. WeprovidebelowshortsummaryresponsestoanumberofthequestionsissuedbytheCommittee, foreaseofreference.Thesesummaryresponsesshouldbereadtogetherwithourfullsubmission andparagraphnumbersareprovidedforcrossreference.Thatwehavenotprovidedananswerto oneoftheCommitteesquestionsshouldnotbereadassupportforanypartoftheBill. General: 2.HastheGovernmentmadeaconvincingcasefortheneedforthenewpowersproposedinthedraft Bill? JUSTICEdoesnotconsiderthattheGovernmenthasmadeaconvincingcaseforreform.The powersprovidedforintheDraftBillareextremelybroadandthejustificationprovidedis entirelylackinginevidentialsupport.Theysupplementanalreadybroadlegalframework forsurveillanceinRIPA,whichinourview,lackstheessentialsubstantiveandprocedural safeguardsnecessaryfortheprotectionofindividualprivacy.

information about ourconduct is stored, being collated just in case it may beuseful forState purposes.

3.HowdotheproposalsinthedraftBillfitwithinthewiderlandscapeonintrusionintoindividuals privacy? TheproposalsintheDraftBillwouldcreateablanketauthorityforgenerationandcollection ofunprecedentedamountsofinformationabouthowweallcommunicateintheUK,whether onoroffline.Weconsiderthatitsprovisionsposeaseriousrisktoourrighttorespectfor privacy.

4.Whatlessonscanbelearntfromtheapproachofothercountriestothecollectionofcommunications data? TheseprovisionswilloperateinadditiontotheexistingEUDataRetentionRegulations whichprovideforsomeproviderstoretaincertainuserdataforupto12months.The RegulationsgofarfurtherthanrequiredbytheEUDataRetentionDirective.TheDraftBill wouldgosignificantlyfurtherbycreatingadefaultassumptionthatallinformationaboutour communicationswitheachothermightberetainedjustincase,onarolling12monthbasis, ensuringthatatanyonetimetheStatewillhaveaccesstoanannualhistoryofouronand offlineactivities. AsignificantnumberofEUcountrieshaverefusedtoimplementtheEUDataRetention Directiveanditsprovisions,orassociatedimplementinglegislation,declared unconstitutionalbyjudicialauthoritiesinanumberofcountries,includingIreland,Belgium andGermany.TheEuropeanCourtofJusticeisexpectedtoconsiderthecompatibilityofthe DirectiveanditsimplementationacrossEuropeinmoredetailduringthenextyearwhenit considersacasereferredtoitfromIreland DigitalRightsIreland .ThattheGovernment haschosentopressaheadwiththeexpansionofourframeworkforthecollectionand retentionofcommunicationsdatawhilethisuncertaintycontinuesataEuropeanlevelis surprising.

6.ThedraftBillsitsalongsidetheDataRetentionRegulations.Howwillthesetwopiecesoflegislation interrelate?Woulditbepreferabletohaveoneoverarchingpieceoflegislationthatgovernsthe retentionofcommunicationsdata?

204

Draft Communications Data Bill

Asexplainedabove,thelegalityoftheprovisionsintheEUDataRetentionDirectiveis subjecttoreview.JUSTICEhascommissionedfurtherresearchontherelevanceoftheEU FrameworkforthedebateontheBill.IfthisisavailablewhiletheJointCommitteesinquiry isongoing,wewillprovideittomembers.

7.IfitisconcludedthattheprovisionsofthedraftBillareessential,arethereanyothermeasuresthat couldbescrappedasaquidproquotorebalancecivilliberties? Weconsiderthatthesemeasuresposeasignificantriskthattheywillviolatetheindividual righttorespectforprivacyinpractice.Rightscannotbeswoppedliketradingcards.If interferenceisidentified,theonlywayofaddressingtheviolationconcernedistoremovethe interferenceortoadoptadditionalsafeguardstoreduceitsimpact.Removingunrelatedbut offendingmeasurescannotprovideredress. ThattheGovernmentsMemorandumontheECHRandtheExplanatoryNotesaccompanying theBillpresenttherepealofanumberofgeneralpowersforpublicauthoritiestoobtain informationasaquidquoprofortheprovisionsintheBilloranadditionalsafeguardfor personalprivacyisinappropriate.Eachoftheseilldefinedgeneralpowerswereliableto challengeregardlessoftheintroductionofthenewmeasuresintheBill. Whiletheirrepealiswelcome,thisshouldnotbetreatedasatradeofffortheequallyill definedandcontentiouspowersintheDraftBill. Scope: 11.Arethedefinitionsofcommunicationsdataandcommunicationsserviceproviderappropriate?Do theysensiblydefinethescopeofthepowersinthedraftBill? 12.WhichpublicauthoritiesshouldbeabletoaccesscommunicationsdataunderthedraftBill?Should itbepossiblefortheSecretaryofStatetovarythislistbyOrder? ThenumberofpublicauthoritiescurrentlyabletousesurveillancepowersunderRIPAhas expandedexponentially.Weconsiderthatthenumberofbodiescapableofusing surveillancepowersmoregenerallyisdisproportionate.Equallyweareconcernedthatthe useofsurveillancepowersdisproportionatelyinconnectionwithadministrativeor regulatoryoffencesandminorcrimesisinappropriateandconsiderthatthepurposesfor whichsurveillancepowersmightbeusedshouldberevisited. TheSecretaryofStateseekstheflexibilityofadiscretiontoexpandthescopeofthepowers intheDraftBill,arguingthattherepealofgeneralpowersmayrequiretheexpansionofthe scopeoftheDraftBillasbodiesmakeabusinesscasefortheuseofthepowerstherein.

JUSTICEconsidersthatmanyofthegeneralpowersareripeforrepealandthatalternative meansofpursuingthefunctionstheyweredeterminedtoserveareavailablewithoutresort tosurveillance.Thatthenecessityfortheuseofthesepowershasnotbeenexploredatthis stageisacauseforconcern,notjustificationtoprovidetheSecretaryofStatewitha delegatedpowertorevisitthelistofbodieswhichareabletoaccessourcommunications data. UseofCommunicationsData: 14.Arethecircumstancesunderwhichcommunicationsdatacanbeaccessedappropriateand proportional?Whatkindofcrimesshouldcommunicationsdatabeusedtodetect? Weconsiderthattheexistingprovisionforaccesstocommunicationsdatashouldbe reviewed,withaviewtorestrictingthenumberofpublicbodieswhocanusethesepowers. Ideallythepowersshouldbeusedprincipallyforthepreventionanddetectionofserious crimesandbybodieswithfunctionsdesignedforthatpurpose. Safeguards: 16.Applicationsforaccessingcommunicationsdatawillbesubjecttoaseriesofsafeguardsincluding approvalbyadesignatedseniorofficerwithinthepublicauthoritymakingtherequest.Howshould "designatedseniorofficer"bedefined?Isthissystemsatisfactory?Arethereconcernsabout compliancewithArticle8ECHR?

Draft Communications Data Bill

205

17.Wouldawarrantsystembemoreappropriate?Ifyoufavourawarrantsystemshouldthisapplyto allpublicauthoritiesincludinglawenforcementagencies?Shouldawarrantbenecessaryinall circumstances?Andwhatwouldtheresourceimplicationsbe? 18.IstheroleoftheInterceptionofCommunicationsCommissionerandtheInformationCommissioner sensible? Weconsiderthattheexistingframeworkforaccesstocommunicationsdatashouldbe amendedtoprovideforpriorjudicialauthorisationasadefaultinmostcases.Weconsider thattheoversightofferedbytheInterceptionofCommunicationsCommissionerdoesnot provideadequatescrutinytoprotecttheindividualrighttorespectforprivacy. ParliamentaryOversight: 32. ArethearrangementsforparliamentaryoversightofthepowerswithinthedraftBillsatisfactory? WeconsiderthatthereisverylimitedprovisionforparliamentaryoversightintheDraftBill. TheDraftBillanditsaccompanyingdocumentsprovidelittledetailonhowthemeasures proposedwillworkinpractice,includinghowsafeguardswillbeformulated.TheCommittee hasnotbeenprovidedwithanyDraftOrderwhichwouldprovideafullerpictureofhowthe Governmentproposestoproceed. TheDraftBillwouldachieveitsgoalbyacombinationofOrder affirmativeresolution and notices governedbytheOrderandnotnecessarilypublished .Weconsiderthatthelackof detailabouttheproposedOrders,andthelackoftransparencywhichwilloperateinthe noticeschemesignificantlylimitstheopportunityforeffectiveparliamentaryscrutinyofthe impactofthesemeasuresontherighttoprivacyinpractice.

Technical: 22.Doesthetechnologyexisttoenablecommunicationsserviceproviderstocapturecommunications datareliably,storeitsafelyandseparateitfromcommunicationscontent? 23.Howsafelycancommunicationsdatabestored? 24.Aretheproposalsforthefilteringarrangementsclear,appropriateandtechnicallyfeasible? Thesequestionsarebestaddressedbyotherswithgreatertechnologicalexpertise.However, thereislimitedinformationavailableonthetechnologywhichtheGovernmentintendsto use,anditisclearthatitisexpectedtovaryaccordingtothearrangementsinplacewitheach provideroroperator.Thisinformationwilllikelybeincludedinnoticeswhichmayneverbe publishedandtheopportunityforindependentscrutinyoftheeffectivenessofthe technologyutilisedwillbeextremelylimited Storageofpersonaldatabythepublicandprivatesectorisnotoriouslydifficult.Errorshave occurredinbothhumanandautomatedsystemswhichhaveledtotheinadvertentdisclosure ofinformationunlawfully. Asweexplainabove,weregretthatthefilteringarrangementsprovidedforintheBillarefar fromclearorappropriate. Annex2

FreedomfromSuspicion:Chapter4
August2012

206

Draft Communications Data Bill

Sir Paul Kennedy


Pleaseacceptthisasaresponsetothefivequestionsinyourletterdated17thJuly2012.Inaddition AnnexA attached containsmywrittenevidenceinrelationtothedraftCommunicationsDataBill. Mywrittenevidenceonlyaddressesthequestionsthatarerelevanttomyroleorthoseinrelationto whichIamabletocontributeevidence. 1. Howwouldyouwishtochangeyourcommunicationsdatarequestinspectionregimeinlightof theproposalsinthedraftBillandifcostswerenoobject?Whatnewpowersandresourceswould yourequiretosatisfyyourselfthatyoucouldreallygettothebottomofwhethereverypublic authoritywasusingitspowerscorrectlyandifnotwhynot? Thedraftbilldoesnotchangethecurrentapplicationorauthorisationprocessfortheacquisitionof communicationsdatabypublicauthorities.Thesametestsofnecessityandproportionalitymustbe metandtherequestsmustbeauthorisedbyaseniorofficerfromeachrelevantpublicauthority.The currentinspectionregimeworkswellandIregarditasrobust.Assuch,Idonotanticipatechanging mycurrentoversightregimeinrelationtotheacquisitionofcommunicationsdatabypublic authoritiesasaresultofthebill.Mylatestannualreportoutlinesthecurrentinspectionregime 2011 AnnualReportSection7.2 . Aspartofthecurrentinspectionregimeapplicationsarescrutinisedtoascertainwhetherpublic authoritieshaveusedtheirpowerscorrectly.Duringthelocalauthorityandotherpublicauthority inspections suchasGamblingCommission,InformationCommissionersOfficeetc itisusually feasibleformyInspectorstocheckeveryapplication.AsaresultIamsatisfiedthatthesepublic authoritiesareusingtheirpowerscorrectly,orthatmyInspectorshavereportedoncaseswherethey arenot.Itisobviouslynotfeasibleduringtheinspectionsofthelargerusers,suchaspoliceforces,to examineeveryapplicationandinsteadarandomsampleisselectedfromthepublicauthoritys databaseandfromsomeofthecommunicationserviceproviders CSPs systems.Arguablyitisless likelythatthelargervolumeuserswouldinappropriatelyusetheirpowers,astheSinglePointsof Contact SPoCs intheseorganisationsarefulltimecommunicationsdatastaffwhoaretrainedtoa highlevel.Theyrobustlyperformaguardianandgatekeeperrole.Howeveritwouldbehelpfulifthe recordkeepingrequirements specifiedinparagraph6.5ofthecurrentAcquisitionandDisclosureof CommunicationsDataCodeofPractice wereextendedtocollectstatisticsinrelationtothenumber ofapplications ratherthanjustthenumberofauthorisationsandnotices ,thenecessitypurpose underwhichthedatawasacquired suchasprevent/detectcrimeetc andthespecificoffence/ crimeunderinvestigation.Thiswouldenablemoremeaningfulconclusionstobedrawnandwould provideafurtherindicationastowhetherpublicauthoritiesareusingtheirpowersappropriately. Theproposalsinthedraftbillwouldextendmyoversightintwoareas.First,myrolewouldbe extendedtooverseethecollectionofcommunicationsdatabyCSPs.Second,myrolewouldbe extendedtooverseetheoperationofthefilteringarrangements.Inordertocarryoutthisadditional oversightitislikelythatmoreresourceswillberequiredasmyInspectorateisalreadyworkingatfull capacity.Howeveruntilthetechnicaldetailsofthisoversightaredetermined i.e.numberand frequencyofCSPaudits,formatoffilteringoversight,etc. ,itisnotpossibleformetocommentonthe extentoftheextraresourcesrequired. 2. Your2010annualreportstates atpara7.26 thatwhileagoodlabelofindependenceand objectivityexistsintheDesignatedPersonsapprovalsprocessinmostorganisations,the exceptionisSpecialBranchandProfessionalStandards.Iwouldlikeareportonwhatwasgoing

Draft Communications Data Bill

207

wrongintheseorganisationsandwhatstepsweretakentoaddresstheseissuesduringthelast year. ThisstatementrelatedtotwospecialistdepartmentsProfessionalStandards PSD andSpecial Branch SB whichexistwithinthemajorityofpoliceforcesandlawenforcementagencies LEAs . DuringthepoliceforceandLEAinspections,theapplicationsmadebythesetwospecialist departmentsarealwaysscrutinisedduetothefactthattheremightbeslightlydifferentsystemsand proceduresinplace.In5ofthe40policeandLEAinspectionsthatwereundertakenin2010,my InspectorswereconcernedthattheDesignatedPersons DPs werenotindependentineitheroneor bothofthesespecialistareas. Paragraph3.11oftheCoPoutlinesthatDPsshouldnotberesponsibleforgrantingauthorisationsor

givingnoticesinrelationtoinvestigationsoroperationsinwhichtheyaredirectlyinvolved,although itisrecognisedthatthismaysometimesbeunavoidable,especiallyinthecaseofsmallorganisations orwhereitisnecessarytoacturgentlyorforsecurityreason.WhereaDPisdirectlyinvolved,their involvementandtheirjustificationforundertakingtheroleofDPmustbeexplicitintheirrecorded considerations.DuetothesensitivenatureoftheworkundertakenbySBandPSDitisacceptedthat


onoccasions,forreasonsofsecurity,apersonwhoisdirectlyinvolvedinaninvestigationmayneed toactastheDP.Thisispermissible,butinsuchcasestheDPsmustensurethattheirinvolvementand theirjustificationforundertakingtheroleisexplicitintheirrecordedconsiderations. Essentially,myInspectorsidentifiedthattheDPswhowerescrutinisingtheapplicationsinoneor bothofthesespecialistareasin5policeforcesandLEAsweredirectlyinvolvedintheinvestigations, butwerenotmakingthisexplicitintheirrecordedconsiderations.Thisconductconstitutesnon compliancewiththeCoP.HowevertheapplicationswerelawfulastheywereapprovedbyaDPofthe requiredrank.Icanreportthatrecommendationsweremadeforthese5publicauthoritiestotake correctiveactionandtheyarenowcompliantinthisrespect.MyChiefInspectordisseminatesthe mostfrequentrecommendations ofwhichthiswasone toallpoliceandLEASPoCsonanannual basistoenablethemtoreviewtheirsystemsandprocedures.Inmy2011AnnualReport page34, paragraph3 Icommentedthatthereisnowagoodlevelofcomplianceinthisarea.Icanfurther reportthatthisissuehasnotbeenidentifiedinanyofthepoliceforceorLEAinspectionsconducted todatein2012. 3. Yourreportstates atpara7.27 thatthreepoliceforceprofessionalstandardsdepartments requestedcommunicationsdatafordisciplinaryinvestigationsratherthanforcriminal investigations.Wasthisbreakingthelaworonlythevoluntarycodeofpractice? Myreportstatedthattwopoliceforceprofessionalstandardsdepartmentsrequested communicationsdatainrelationtodisciplinaryinvestigationswheretherewerenocriminaloffences underinvestigation.SuchconductconstitutesabreachofPartIChapterIIofRIPA.The communicationsdatainthesecaseswasnotacquiredinaccordancewiththelawduetothefactthat communicationsdatacanonlybeacquiredifitisnecessaryongroundsfallingunderSection22 2 of RIPA. ItisalsoworthnotingthattheAcquisitionandDisclosureofCommunicationsDataCodeofPracticeis notvoluntary SeeSections71and72ofRIPA .TheCodeofPracticeisissuedbytheSecretaryof Stateandisadmissibleinevidenceincriminalandcivilproceedings. 4. Yourreportnotes atpara7.28 averysignificantincreaseintheuseoftheurgentoralprocess foracquiringcommunicationsdata.Wereyousatisfiedthatthisincreasewasjustified?Younoted

208

Draft Communications Data Bill

thatrecordkeepingwith87%ofthepoliceforcesandlawenforcementagencieswasgoodor satisfactoryinthisarea.Whattypeofmistakeswereseenintheother13%ofagencies?What stepshavebeentakentoimprovetheproblemswithrecordkeepingintheseagenciesandhow havethingschangedsince2010? Essentiallyyesthisprocessisstillpredominantlyusedinlifeatimmediateriskcases.Asyouwill seefrommy2011annualreport,90%ofpublicauthoritiesinspectedin2011areachievingagood standardinthisareaoverall.My2011annualreportoutlinesthatoneseriouscomplianceissue blanketorrollingauthorities wasidentifiedinasmallnumberoftheurgentoralrequestsin3 policeforceinspections Page35Paragraph2 .AsIoutlineinmyreport,Iwassatisfiedthatthese instanceswerenotwilfulorrecklessfailures,howeveritisstillimportanttoensurethatthecorrect processisalwaysappliedandthatthedataisacquiredinaccordancewiththelaw.The3policeforces havetakencorrectiveactioninthisareatopreventrecurrence. Themajorityoftheotherrecommendationsinthispartoftheprocessrelatetothequalityofthe contemporaneousrecordthatismaintainedduringtheurgentoralprocessinsomepoliceforces andLEAsthisrecordwasnotsufficientlycompletedandasaresultthereweregapsintheaudittrail oranincompleterecordoftheactionstakenanddecisionsmade.Insuchcases,myinspectorsdiscuss theindividualinvestigationswithrelevantstaffandexamineotheravailabledocumentation suchas incidentlogsandpolicybooks tosatisfythemselvesthattheprocesswasusedappropriately.The frequentrecommendationsinthisareahavebeendisseminatedtoallSPoCstoenablethemtoreview theirsystemsandprocedures.Goodpracticetemplatesinthisareahavebeensharedbypublic authoritiesandadoptedbythosewhohadfailingsinthisarea. 5. Younote atpara7.34 thattheSecurityServiceswereresponsibleforsomesignificantand recurrentbreachesoftheCodewhendatarequestswereregularlyapprovedbyDesignated Personsofinsufficientrank.Whatpenaltiesdoyouthinkshouldexistwhenanorganisation repeatedlybreakstheCode? TheinstancesdescribedaboverepresentedbreachesofPartIChapterIIoftheActastheDPswere notoftheprescribedrank/level.Thiswasnotawilfulorrecklessfailuretocomplywiththe legislationandtheerrorswerecausedbyanincorrectsystemsettingwhichunfortunatelywent unnoticed.Itisimportanttomakethepointthattheseerrorshadnobearingontheactual justificationsforacquiringthedata i.e.therequestswerenecessaryandproportionate and furthermore,thatnocollateralintrusionoccurredinrelationtotheserequests.Iwassatisfiedwith themeasuresputinplacetopreventrecurrenceoftheerror. ShouldIestablishthatanindividualhasbeenadverselyaffectedbyanywilfulorrecklessfailureby anypersonwithinarelevantpublicauthorityexercisingorcomplyingwiththepowersandduties undertheActinrelationtotheacquisitionordisclosureofcommunicationsdata,Ishall,subjectto safeguardingnationalsecurity,informtheaffectedindividualoftheexistenceoftheInvestigatory PowersTribunalanditsrole. Furthermore,anumberofpiecesoflegislationandoffencesalreadyexisttoaddressinstanceswhere communicationsdataisrequestedinappropriately,i.e.,malfeasanceinpublicoffice,DataProtection Actoffencesetc.Iftheinvestigationresultsinacourtcase,thepublicauthorityriskshavingthe communicationsdataevidenceruledasinadmissibleifithasnotbeenobtainedinaccordancewith thelaw.Theultimatepenaltywouldbeforthepublicauthorityspowerstoberemovedby Parliament.Iseenocurrentneedforfurthersanctions.

Draft Communications Data Bill

209

Iwouldofcoursewelcomeanyfurtherquestionsyouhaveinrelationtomy2011AnnualReportto thePrimeMinisteroncetheCommitteehashadtimetostudyit. AnnexA SubmissionofWrittenEvidencetothe JointCommitteeontheDraftCommunicationsDataBill bySirPaulKennedyInterceptionofCommunicationsCommissioner Question2:HastheGovernmentmadeaconvincingcasefortheneedforthenewpowersproposedin thedraftBill? 1.1Itisclearthattheintentionofthenewpowersistoensurethatcommunicationsdata continuestobeavailabletopublicauthorities.Ibelievethatitisrighttoupdatethelegislative frameworksofarasisnecessarytoensurethatthereisacontinuingcapabilitytoobtain communicationsdata.Astrongcaseismadethatwithoutthenewpowerstherewillbeadeclinein capability. Question3:HowdotheproposalsinthedraftBillfitwithinthewiderlandscapeonintrusioninto individualsprivacy? 1.2Thedraftbilldoesnotchangethecurrentapplicationorauthorisationprocessforthe acquisitionofcommunicationsdatabypublicauthoritieswhichishumanrightscompliant.Thesame testsofnecessityandproportionalitymustbemet.Requestswillonlybemadebythepublic authoritiesapprovedbyParliamenttoacquiredataandtherequestswillbeapprovedbyasenior officerwhomustbelievethetestsofnecessityandproportionalityhavebeenmet. 1.3Thenewpowerswillalsoprovideforfilteringarrangements,whichwillreducetheamountof communicationsdatathatisdisclosedtoapublicauthoritywhenmorecomplicateddatarequestsare made,thusreducingtheintrusionintoprivacy. 1.4Inadditionthedraftbillwillclosetheloopholethroughwhichlocalauthoritiesandsome otherpublicauthoritiesareabletouseotherpowers suchastheSocialSecurityandFraudAct2001 toacquirecommunicationsdata.Iwelcomethisandhaveexpressedconcernsinthepastthattwo regimesexistforacquiringcommunicationsdatainsomepublicauthorities.ThecurrentRIPA process tobereplacedbytheCDbill isarobustsystem,underwhichallapplicationsarescrutinised byatrainedandaccreditedSPoCpriortobeingconsideredandapprovedbyaDPwhoholdsasenior positioninthepublicauthority.TheoversightoftheexerciseofRIPApowersismyresponsibilityand themeansofredressforcomplaintsisthroughtheInvestigatoryPowersTribunal.Otherpiecesof legislationthatarecurrentlyusedtoacquirecommunicationsdatadonothaveanysuchoversight. Thedraftbillwillremovetheseotherstatutorypowerswithweakersafeguards. Question12:Whichpublicauthoritiesshouldbeabletoaccesscommunicationsdataunderthedraft Bill?ShoulditbepossiblefortheSecretaryofStatetovarythislistbyOrder? 1.5Thepowersshouldnotbelimitedtojustpoliceandintelligenceagencies.Parliamenthas delegatedstatutoryenforcementfunctionstoanumberofotherpublicauthoritiesandasaresult theyhaveaclearstatutorydutytoinvestigateanumberofcriminaloffences,someofwhicharetheir soleresponsibility.Oftenthecriminaloffencesthatthesepublicauthoritiesinvestigateareregarded asveryimportantatalocallevelandprovidethepublicwithreassuranceandprotection.For example,localauthoritiesusecommunicationsdatatoidentifycriminalswhopersistentlyripoff consumers,cheatthetaxpayer,dealincounterfeitgoods,andpreyontheelderlyandvulnerable.The statisticsprovidedtomyofficeshowthatsuchotherpublicauthoritiesaccountedforjustover1%of

210

Draft Communications Data Bill

thetotalrequestssubmittedin2011.Thevolumeofrequestsislow,butthisdoesnotmeanthatsuch publicauthoritiesshouldnotbeabletousethepowerswhentheycandemonstratenecessityand proportionality.Itissensibletotaketheopportunitytoreviewthecurrentlistofpublicauthorities whohaveaccesstoensurethatitisstillrequired,butthepowertovarythelistofauthorised authoritiesbyOrderisvaluableandshouldberetained.ItenablestheSecretaryofStatetorespondto changingcircumstancesandemergingneeds. Question14:Arethecircumstancesunderwhichcommunicationsdatacanbeaccessedappropriate andproportional?Whatkindofcrimesshouldcommunicationsdatabeusedtodetect? 1.6Thedraftbilldoesnotchangethecurrentapplicationorauthorisationprocessforthe acquisitionofcommunicationsdatabypublicauthoritieswhichishumanrightscompliant,apart fromtheadditionofonemorestatutorypurposerelevanttotheFinancialServicesAuthority.The sametestsofnecessityandproportionalitymustbemet.Requestscanonlybemadebythepublic authoritiesapprovedbyParliamenttoacquiredataandanyrequestswillbeapprovedbyasenior officerwhomustbelievethetestsofnecessityandproportionalityhavebeenmet.Themajorityof communicationsdatarequestsaresubmittedforthepurposeofpreventingordetectingcrime,but communicationsdatamayalsoberequiredforotherpurposes,suchasinordertopreventdeathor injuryorintheinterestsofpublichealth. 1.7 Itwouldbedifficulttosetacrimethresholdfortheuseofcommunicationsdatafora numberofreasons,evenbyreferencetothegravityoftheoffence.Previousstatutoryattemptsto defineseriouscrimehavenotproducedsatisfactoryresults e.g.inrelationtominimumsentences andsomelessseriousoffencescanhaveveryseriousimpactsonthevictims.Itisthereforemuch bettertoleaveittotheauthorisingofficertodecide,inrelationtothefactsofeachindividual investigation,whethertheapplicationtousecommunicationsdatatodetectitisnecessaryand proportionate. Question15:Istheproposed12monthperiodfortheretentionofdatatoolongortooshort? 1.8 Onthebasisoftheinformationatpresentavailable12monthsseemstobeanappropriate period,butitshouldbeopentoreviewinthelightofexperience Question16:Applicationsforaccessingcommunicationsdatawillbesubjecttoaseriesofsafeguards includingapprovalbyadesignatedseniorofficerwithinthepublicauthoritymakingtherequest.How shoulddesignatedseniorofficerbedefined?Isthissystemsatisfactory? 1.9Thereisarobustapplicationandauthorisationprocessinplacetoacquirecommunications data.EachapplicationhastobevettedandqualityassuredbyanaccreditedSPoCbeforebeing consideredbyaDP.Ihaveobservedthatpublicauthoritystaffundertakethisinternalscrutinywith dedicationandintegrity.Thereisarobustsysteminplacetopreventanyoneotherthananaccredited SPoCfromacquiringthecommunicationsdatafromtheCSPsandthisisanimportantsafeguard. 1.10ADPmustbeaseniorofficerinthatpublicauthoritywhoserank/levelhasbeenprescribed bylaw.Thissystemissatisfactory.Itisimportanttoensurethatthedesignatedseniorofficersare comparableintermsofrank/grade/levelacrossthevariouspublicauthoritiesthathaveaccess. Question17:Wouldawarrantsystembemoreappropriate?Ifyoufavourawarrantsystemshould thisapplytoallpublicauthoritiesincludinglawenforcementagencies?Shouldawarrantbe necessaryinallcircumstances? 1.11Awarrantsystemwouldnotbeappropriateforcommunicationsdatarequestsinthesame waythatitisforinterceptionwarrants.Thevolumeofcommunicationsdatarequestsistoohighin

Draft Communications Data Bill

211

comparisontointerceptionwarrantstomakethisfeasibleandinadditioncommunicationsdata requestsaresignificantlylessintrusivethanacquiringthecontentofcommunications. 1.12IamnotconvincedthattheGovernmentsproposaltorequirealllocalauthoritiestoobtain theapprovalofamagistratebeforetheycanusethesepowerswillhavemuchimpactotherthanto introduceunnecessarybureaucracyintotheprocessandincreasethecostsassociatedwithacquiring thedata. Question18:IstheroleoftheInterceptionofCommunicationsCommissionerandtheInformation Commissionersensible? 1.13Itiscrucialfortheretobeindependentandrobustoversightofthesepowers.Thedivisionof theoversightbetweentheInformationCommissionerandtheInterceptionCommissionerisclearand appropriate.IamsupportedbyaChiefInspectorandfiveinspectorswhoareallhighlytrainedin relationtotheacquisitionanddisclosureofcommunicationsdata.Myteamhasagoodunderstanding inrelationtohowthehumanrightsprinciplesofnecessityandproportionalityapplytothe acquisitionofcommunicationsdataandtheextenttowhichcommunicationsdatamayassistpublic authoritiesincarryingouttheirfunctions.Iwillcontinuetoprovideoversightinrelationtothe acquisitionofcommunicationsdata,andinadditionIandmysuccessorwillalsooverseethe collectionofcommunicationsdatabyCSPsandthefilteringarrangements.Thesetwoadditional functionsrequirealeveloftechnicalknowledgeandexpertisewhichispresentinmystaff.The CommissionerwillcontinuetoreporttothePrimeMinisterannuallywithrespecttothecarryingout ofhisfunctions. Question20:Arethepenaltiesappropriateforthosecommunicationsserviceproviderswhofailto complywiththerequirementsofthedraftBill? 1.14 Thepresentregimeiseffectivebecausetheparticipantsarecooperative.Itisimportantthat theircooperationismaintained. Question21:Arethepenaltiesappropriateforthosepublicauthoritiesthatinappropriatelyrequest accesstocommunicationsdata?ShouldfailuretoadheretotheCodeofPracticewhichisprovidedfor thedraftBillamounttoanoffence? 1.15 Myexperienceisthatallpublicauthoritiestryhardtocooperate,andwelcomeassistanceto enablethemtodoso.Theyadmittheirmistakes,andtrytodevisewaystoavoidanyrepetition.Allof thatcouldbejeopardisedbyincreasingpenalties,andIfailtoseewhatwouldbegained. August2012

212

Draft Communications Data Bill

Mr J R S Kistruck
1 Effectiveness Thepurposeoftheproposalistomakecommunicationspatternsvisibletotheauthorities.This dependsontheideathatidentifiablepersonsororganisationsusethesamecommunication endpoints suchasemailaddresses,phonenumbersandIPaddresses oversubstantialperiodsof time. Anyhalfintelligentcriminal,followingthisbill,willusefrequentchangesofaddressandphone number,amongperhapshundredsatanyonetime,inordertofragmentandconfusethepatterns visibletoanyinvestigator.Thetechniquesforthisstyleofevasionarealreadywelldevelopedamong thehackercommunity.Theywillspread,andcauseaslightincreaseincommunicationscostsfor criminalsbecauseoftheinconvenience.Unfortunately,theextracosttothebaddieswillbemuchless thantheextracosttotherestofus,anditwillnotevenslowthemdown. Theproposalwillthereforebeineffectiveforitsprimarypurpose. 2. Wideaccessibility Makingcommunicationsdataaccessibletothepoliceandthesecurityservicesmightbejustifiableif itwereeffective.Makingthesameenormousrangeofdataaccessibletootherpublicbodiesisquitea differentproposition.FewpeoplewouldtrustlocalofficesoftheDWPwiththeirpersonal communicationsdata,letalonetheinterestedofficersoflocalcouncils. Anyassurancethatwewontallowthatintherulesisnotworththepaperitwouldbepublishedon. Oncethedataisonfile,theusesofitwillcreepoutwardsstepbystep,andeachsteplookssmallto thegovernmentthatallowsit.Withintenyearsuseofthatdatawouldbewidespread,andvested interestswouldbetoobigtoletitbegivenup. 3. Safeguards Ifthebillgoesahead,theinformationaboutmostpeoplescommunicationswillbeheldbyamodest numberofwelldefinedprivatecompanies,theISPs.Theyarelarge,bureaucraticinstitutions,runby ordinaryhumanbeingslargelygovernedbyprocedures.Therewillperforcebepeopleand proceduresforrecoveringthedataaboutpastcommunicationpatterns.Thosepeopleandthose procedureswillbevulnerabletoerrorandtocorruption. Wherethereisastrongincentivetoinvestigate,mereprocedureswillnotstandintheway.The historyoftheNewsoftheWorldphonehackingscandalshowsjusthoweasyitisforsafe repositoriesofinformationtobebreachedwhenenoughmoneyorotherinterestisinvolved.Note thatthisisahumanproblem,notatechnicalone! Reviewingthehistoryofknownleaksandlossesofpersonalinformationbothfromtheprivateand thepublicsectoroverthelastfiveyears,noreasonablepersonwouldwillinglytrusttheirdatatosuch ascheme. August2012

Draft Communications Data Bill

213

The Law Society


TheLawSocietyofEnglandandWales TheSociety istheprofessionalbodyforthesolicitors professioninEnglandandWales,representingover150,000registeredlegalpractitioners.The Societyrepresentstheprofessiontoparliament,governmentandtheregulatorybodiesandhasa publicinterestinthereformofthelaw. I. HistoricallyEnglishlawhasprotectedprivacyinparticularcircumstancesbuthasnever acceptedageneralrighttoprivacy.TheHumanRightsAct1998,byincorporatingthe EuropeanConventiononHumanRights ECHR intoEnglishlaw,changedthat.Viathe incorporationofArticle8oftheECHR,Englishlawnowrecognisesaqualifiedrightto respectforprivateandfamilylife.Thisgeneralrightissupplementedbythedataprotection frameworkenshrinedintheEUDataProtectionDirectiveandtheUKsDataProtectionAct 1998. EffectivedataprivacyanddataprotectionrightsareessentialtolifeinanInformation Society.Thevastquantitiesofpersonaldatageneratedbydigitaltechnologiesofallkinds meanthatwithoutconstantvigilance,andsomerestraintbytheState,personaldataprivacy willquicklycollapse.Itisworrying,therefore,thattheGovernmentsplanswillcompel organisationstocollectinformationabouttheirusersthattheywouldnothavepreviously hadareasontocapture,usingtechnologymandatedbyandforthepurposesoftheHome Office. Itisessentialtorecognisethat,rightlyorwrongly,theGovernmentsproposalsarehighly intrusive.TheGovernmenthasemphasisedthatitsproposalsinvolvetheretentionof,and accessto,communicationsdatanotcontent.Theimplicationisthattheyareonlymildly intrusive.However,astheInformationCommissionerpointsout:Youcantellanawfullot aboutsomepeoplespersonalcircumstancesfromthepeopletheyaretalkingtoandthe websitestheyvisit. 229Indeed,itwouldscarcelybeworthwhilefromtheGovernments perspectivetointroducethismeasureifyoucouldnot. TheGovernmenthasalsosoughttodistinguishitsproposalsfromthoseofthe CommunicationsDataBill2008byemphasisingthattherearenoplanstocreateasingle governmentdatabase.Theseearlierproposalswerescrapped,inlightofwidespread condemnationfrompoliticiansofallparties,aswellasnonpoliticians..Itisclearthata single,centraldatabasecapturesthepublicimaginationinawaythathighlightstheprivacy andsecurityissuesatstake;itisnotclear,however,thatnumerousprivatelyowned databasesarelessprivacyintrusive.Masssurveillanceofinnocentpeopleisstillbeing proposed. Acomprehensivereviewofthelegal,institutionalandtechnicalframeworkwithinwhich surveillancepowersareexercisedintheUKislongoverdueand,inthisregard,the ProtectionofFreedomsAct2012 POFA wasamissedopportunity.Inparticular,theLaw SocietyhasrepeatedlycalledforanoverhauloftheRegulationofInvestigatoryPowersActto ensureexplicitprotectionofcommunicationsbetweenlawyersandtheirclients,whichisa commonpositionaccrossthelegalprofession. TheSocietywelcomestheJointCommitteesprelegislativescrutinyofthedraft CommunicationsDataBillandthechallengingquestionsonwhichithasinvitedcomments andonwhichtheSocietyoffersitsviewsbelow.

II.

III.

IV.

V.

VI.

1.

HastheHomeOfficemadeitclearwhatithopestoachievethroughthedraftBill?

229InformationCommissionersstatementontheCommunicationsDataBill,27April2009

214

Draft Communications Data Bill

1.1. ThebroadobjectivesoftheBillareclear.Thatis,toensurethatcommunicationsdatafrom internetbasedcommunications instantmessaging,socialnetworksetc areobtainedand retainedbyCSPsandcanthenbeobtainedbyauthorisedpublicauthoritiesinappropriate circumstances. 2. HastheGovernmentmadeaconvincingcasefortheneedforthenewpowersproposedinthedraft Bill? 2.1. TheGovernmentscaseisthatcommunicationsdatahaveplayedaroleinallmajorSecurity Servicecounterterrorismoperationsandmostseriousorganisedcrimeinvestigations.It nowarguesthatlackofcommunicationsdataisbeginningtohamperinvestigations. 2.2. TheLawSocietysviewofthisargumentmirrorsthatoftheEuropeanDataProtection Supervisor EDPS ,PeterHustinx,inrelationtotheEuropeanDataRetentionDirective. Hustinxhasarguedthatifameasureisalreadyinplaceandpracticalexperiencehasbeen gainedthereshouldbesufficientqualitativeandquantitativeinformationavailablewhich allowsanassessmentofwhetherthemeasureisactuallyworkingandwhethercomparable resultscouldhavebeenachievedwithouttheinstrumentorwithalternative,lessprivacy intrusivemeans.Suchinformationshouldconstitutegenuineproofandshowthe relationshipbetweenuseandresult. 230.Hustinxconcludedthatthequantitativeand qualitativeinformationprovidedbyMemberStateswasinsufficienttoconfirmthenecessity ofdataretentionasrequiredbytheDataRetentionDirective.IntheSocietysviewthe Governmentspublishedevidencebaseforadditionaldataretentionpowersissimilarly weak. 3. HowdotheproposalsinthedraftBillfitwithinthewiderlandscapeonintrusionintoindividuals privacy? 3.1. TheproposalsintheBillreinforceandextendanenablingframeworkintheUKthat underpinswhatmany,includingtheInformationCommissioner,havecalledasurveillance society.ThedriftintoasurveillancesocietyiswhytheSocietyarguesthatPOFAwasa missedopportunity.TheSocietydoes,however,welcometherecognitioninPOFAofthe principleofjudicialapprovalforcertainapplicationstoobtainordisclosecommunications data.Thecaseforextendingthisprincipleshouldformpartofanyfuturereviewof surveillance. 4. Whatlessonscanbelearntfromtheapproachofothercountriestothecollectionof communicationsdata? 4.1. TheLawSocietyhasnotexploredthisquestioninanydepth.However,theSocietynotes thatPrivacyInternationalhaveclaimedthattheonlyothercountriesintheworldthathave thekindofmasssurveillancesystemsthatareproposedareChina,IranandKazakhstan 231. 5. Arethereanyalternativeproposalswithregardtothetechniqueandcostofobtaining communicationsdatathattheGovernmentcouldconsider? 5.1. TheSocietyisnotawareofany.TheSocietydoesthinktheHomeOfficeshouldidentify alternatives,publishtheevidenceforandagainst,andconsultbothexpertsandmembersof thepublictoensurethatwecanhaveaninformeddebate.

230OpinionoftheEuropeanDataProtectionSupervisorontheEvaluationreportfromthe

CommissiontotheCouncilandtheEuropeanParliamentontheDataRetentionDirective Directive2006/24/EC .31May2011 231PrivacyInternational,SubmissiontotheJointCommitteeonthedraftCommunicationsDataBill

Draft Communications Data Bill

215

6.

ThedraftBillsitsalongsidetheDataRetentionRegulations.Howwillthesetwopiecesoflegislation interrelate?Woulditbepreferabletohaveoneoverarchingpieceoflegislationthatgovernsthe retentionofcommunicationsdata? 6.1. TherelationshipbetweentheDataRetention ECDirective Regulations2009andthe proposalsintheBillisnotentirelyclear.TheRegulationsapplytocommunicationsdatato theextentthatsuchdataaregeneratedorprocessedintheUKbyatelecommunications operatorintheprocessofsupplyingaparticularcommunicationsservice.ThedraftBill enablestheSecretaryofStatetomakeanordertoensurethatcommunicationsdataare availabletobeobtainedfromtelecommunicationsoperators.Theimplicationisthatthe datatobeobtainedundertheBillarenotdatathatwouldberetainedbyoperatorsinthe normalcourseoftheirbusiness.However,astheHomeOfficeacknowledges,andthe rationalefortheBill,isthattheUKstelecommunicationsinfrastructureischangingrapidly. Itfollowsthattheboundarybetweendatathatwillberetainedinthecourseofbusinessand datathatwillnotisalsoshifting andnotnecessarilysimplyinthedirectionoflessdata retentionforbusinesspurposes Onthefaceofit,therefore,oneoverarchingpieceof legislationwouldbepreferable.

7.

IfitisconcludedthattheprovisionsofthedraftBillareessential,arethereanyothermeasures thatcouldbescrappedasaquidproquotorebalancecivilliberties? 7.1. Civillibertiesshouldnotbetradedinthisway.IftheprovisionsoftheBillarewrongthey shouldnotbeadopted;ifothermeasuresdeservetobescrappedonhumanrightsgrounds theyshouldbe.

8.

WilltheproposalsinthedraftBillposeariskthatcommunicationsserviceprovidersseetheUKas alessattractivebase.Whatmightbetheeffectonbusiness? 8.1. ThisisaquestionforCSPs.

Costs: 9. Istheestimatedcostof1.8bnover10yearsrealistic? 9.1. TheSocietydoesnottakeaviewonthismatter. 10. TheHomeOfficesuggeststhebenefitsthatcouldbedeliveredbytheenactmentofthedraftBill couldbeworthbetween56bn.Isthisfigurerealistic? 10.1. Nocomment. Scope: 11. Arethedefinitionsofcommunicationsdataandcommunicationsserviceproviderappropriate?Do theysensiblydefinethescopeofthepowersinthedraftBill? 11.1. Nocomment. 12. WhichpublicauthoritiesshouldbeabletoaccesscommunicationsdataunderthedraftBill?Should itbepossiblefortheSecretaryofStatetovarythislistbyOrder? 12.1. ThelimitedevidenceprovidedbytheHomeOfficeexplainingtheneedforthisBillconcerns SecurityServiceantiterroristoperationsandseriousandorganisedcrimeinvestigations. LimitingaccesstotheSecurityandIntelligenceServices fortheirstatutorypurposes and tothepolicefortheinvestigationanddetectionofseriouscrimewouldbeappropriate. 12.2. ItshouldnotbepossiblefortheSecretaryofStatetovarythelistbyOrder.Parliamentary debateandapprovalshouldbenecessarybeforeanyextensionofaccessispermitted.

216

Draft Communications Data Bill

13. Howrobustaretheplanstoplacerequirementsoncommunicationsserviceprovidersbased overseas?Howrealisticisitthatoverseasproviderscouldbepursuedforbreachofduty? 13.1. Itseemsentirelyunrealistictopursueoverseasproviders.TheHomeOfficeshouldexplain howitsplanswillworkinpractice. UseofCommunicationsData: 14. Arethecircumstancesunderwhichcommunicationsdatacanbeaccessedappropriateand proportional?Whatkindofcrimesshouldcommunicationsdatabeusedtodetect? 14.1. Asstatedabove Q.12 ,intheabsenceofanyclearerjustification,limitingaccesstothe SecurityandIntelligenceServices fortheirstatutorypurposes andtothepoliceforthe investigationanddetectionofseriouscrimewouldbeappropriate 15. Istheproposed12monthperiodfortheretentionofdatatoolongortooshort? 15.1. Withoutastrongerevidencebaseitisunclearwhetherornotanyretentionisnecessary and,ifitis,whether12monthsistoolongortooshort.TheHomeOfficeshouldexplainthe basisonwhich12monthshasbeenchosen. Safeguards: 16. Applicationsforaccessingcommunicationsdatawillbesubjecttoaseriesofsafeguardsincluding approvalbyadesignatedseniorofficerwithinthepublicauthoritymakingtherequest.Howshould "designatedseniorofficer"bedefined?Isthissystemsatisfactory?Arethereconcernsabout compliancewithArticle8ECHR? 16.1. AstheSocietyexplainedinitsintroductorystatement,theSocietyregardstheseproposals ashighlyintrusiveanddoeshaveconcernsaboutcompliancewithArticle8.Independent judicialreviewwouldbebetter.Incasesofurgencysuchreviewmightneedtotakeplace aftercommunicationsdatahadbeenaccessed.Suchcasesshouldbeexceptional. 17. Wouldawarrantsystembemoreappropriate?Ifyoufavourawarrantsystemshouldthisapplyto allpublicauthoritiesincludinglawenforcementagencies?Shouldawarrantbenecessaryinall circumstances?Andwhatwouldtheresourceimplicationsbe? 17.1. Awarrantsystemwouldbeappropriate.Itshouldapplytoallpublicauthorities.Any evaluationoftheresourceimplicationsshouldtakeintoaccounttheprobablereductionin thenumberofapplicationsforcommunicationsdata. 18. IstheroleoftheInterceptionofCommunicationsCommissionerandtheInformation Commissionersensible? 18.1. Yes,iftheOfficeswhichsupportthemareproperlyresourced.Oversightarrangementscan onlybeeffectiveiftheycanbeimplementedinpracticeandtheInformationCommissioner hasalreadyhighlightedtheneedforadditionalresources. August2012

Draft Communications Data Bill

217

George Lawrence
Costs/Technical MyunderstandingisthattheBillseekstoexpandtheexistinginterceptionframeworktocoverpeer peercommunications likeSkype .Thesuggestedcostisaround10annuallyperelectronically connectedperson. Theconcernisthatunlikehistoricalnetworksbasedonhightransmissioncostswhichrequiretobe centrallyswitchedtoconservetransmissionresource,moderncommunicationismostcosteffective whenthenetworkisdistributedbecausetransmissionisrelativelyverycheapincomparisonto centralswitching. Therequirementsofmonitoringreimposethecentral 'hub' controlelementandinvalidatea moderncommunicationsystem'sdistributedarchitecture.Sowhilepurelymonitoringmaybecosted assuggested,thelossofopportunitycostofbeingunabletomakeuseofthemodernarchitecturefor newcommunicationmodesismuchhigher. General Itiswidelyrecognisedthatsecurityagenciesneedtomonitorcommunications.Thishasbeenona targetedbasisnoncommunicationsevidencepointingtoindividualsundersuspicion.The communicationsoftheindividualscanthenbe*selectively*monitored.Howeverwhatisbeing proposedistouseasearchofdataforallcommunicationstofindpeopletowatch.It'sthisblanket proactivetrawling,notasatargetedresponse,thatwillinvalidatethecosteffectivetechnologythat peopleexpect.Itisalsoaconceptualshiftinapproachtoanindividual'srighttoprivacy. August2012

218

Draft Communications Data Bill

Stacey Leigh Ross


1.HastheHomeOfficemadeitclearwhatithopestoachievethroughthedraftBill? MyunderstandingisthatthisBillisdeemednecessarytogivethePolicethetoolstofightterrorism, paedophiliaandothernefariousorganisedcrimes.
Nottomymind.WhileIunderstandtheneedtoprovideourlawenforcerswiththetoolstodotheir jobseffectively,Ifeelthisisnotthewaytodoit.Theconstantmentionofterroristsandpaedophiles almostseemstobeawaytofrightenthepublicintoagreementwiththisProposal.WhenIquestioned theneedforsuchaninvasionofcivillibertieswithmylocalMP,thiswasthestandardresponse. Frankly,Ifeelthatthisiscreatingahaystackwithinwhichtofindaneedle.Collectingthismuch informationwillmakemeanthatmuchmoreinfowillneedtobesiftedtofindthesuspectsyouare after.Surelythereisamoreeffectiveway. Inaddition,thepeoplewhothisBillwantstotargetaremediasavvyenoughtoavoidthe communicationsnetthatanyonemightdesigntocatchthem.Isuspectyouwillonlynabtherank amateursandcarelessyoungpeoplewhouseinflammatorylanguagethatcausesaredalertonyour securitysweepsystems. General:

2.HastheGovernmentmadeaconvincingcasefortheneedforthenewpowersproposedinthedraft Bill?

Iamconcernedabouttheprecedentthatthissets.Afewyearsago,RIPAwaspassedandwegave awaysomeofourfreedoms.Ifeellikethisisaslipperyslope.Ifwesayyestothis,inafewyearstime whentechnologyevolves,willwebebackagain,infringingfurtherandfurtheruntilwetrulyhavea BigBrotherstatewhereeveryoneisundersurveillance. Thisproposalmakesitseemlikeeveryoneisapersonofsuspicion,andifwereallsuspicious individualsthenwhoarewetrulybeingprotectedfrom? Idontknow,Imnotthatversedinthis.Perhapswhatweneedisathinktankcomprisingonthe groundofficerswhoactuallyhavetousethesystemtodotheirjobs,membersofthepublicfroma variedcrosssection,andtechnologicalexperts.Ibelievethismightbeabetterwaytodesignamore effectiveandlessinvasivesolution.

3.HowdotheproposalsinthedraftBillfitwithinthewiderlandscapeonintrusionintoindividuals privacy?

4.Whatlessonscanbelearntfromtheapproachofothercountriestothecollectionofcommunications data?

56Noanswer

7.IfitisconcludedthattheprovisionsofthedraftBillareessential,arethereanyothermeasuresthat couldbescrappedasaquidproquotorebalancecivilliberties?
Isitevenlegalforthegovernmenttosuddenlydecidetoremovethisaspectofmycivilliberties.Is thisproposedinvasionofprivacyevenlegal?

8.WilltheproposalsinthedraftBillposeariskthatcommunicationsserviceprovidersseetheUKasa lessattractivebase.Whatmightbetheeffectonbusiness?
Iwouldthinktheydfinditmoreattractive,theygetmoneytoholdaveritablemarketinggoldmine thattheycouldusetoboosttheirsales! Costs:

9.Istheestimatedcostof1.8bnover10yearsrealistic?

Isanyestimateeverrealisticingovernment?Budgetsalwaysendupgoingover.Myconcernismore that,herewearebeingbeatenovertheheadaboutthedeficit,thedeficit,thedeficitandinthe midstofcuttingbackonrealessentialslikeschoolrepairs,policing,fireservices,etc.werelookingto

Draft Communications Data Bill

219

findalmost2bntohandovertoprivatecompanies someofwhicharentevenUKcompanies to collectatruckloadofdata,mostofwhichwedontevenneedcauseitwillberandominfolikehow manytimesIcallmymum,shoponAmazonforbabyproductsandlookuparecipeonbbc. Surely,ifweregoingtofindmoneyforsomething,itshouldbeto: buildupoureducationsystem, supportouryoungpeoplesowehavebetteradultsinthefuture, enableourdefenceforcestodotheirjobswiththerightequipmentand lookafterthemwhentheycomehome properly! , buildupourresearchanddevelopmentsectorssowereaheadintheenergygame, pumpmoneyintooursmallbusinessestohelprebuildoureconomy Thelistisendless.AsfarasImconcerned,collectingmountainsofirrelevantdatathatwilleventually fallintothewronghandsandusedforpurposesforwhichitwasnotintended,isNOTapriority.

10.TheHomeOfficesuggeststhebenefitsthatcouldbedeliveredbytheenactmentofthedraftBill couldbeworthbetween56bn.Isthisfigurerealistic?

Great!Hasanyoneworkedoutthepossiblecostsofthisgoingwrong?Databeinglost,sold,usedby thewrongpeople?Prosecutionofinnocentpeople?Moreinstancesofwastedcourttimewithpeople likePaulChamberswhothreatenedtoblowupalocalairportinfrustrationandhadtowaitforan appealsjudgetofigureoutitwasajoke!Lawsuitsfromtheseinnocentpeoplewhovehadtheirlives turnedupsidedown?Alltheactualcriminalsthatwewillbeignoringuntilitstoolatebecausewe assumeournewgrandsystemwillcatchall,whentheveryoneswewanttocatchareslipping throughthenet? Scope:

11.Arethedefinitionsofcommunicationsdataandcommunicationsserviceproviderappropriate?Do theysensiblydefinethescopeofthepowersinthedraftBill?

12.WhichpublicauthoritiesshouldbeabletoaccesscommunicationsdataunderthedraftBill?Should itbepossiblefortheSecretaryofStatetovarythislistbyOrder? 13.Howrobustaretheplanstoplacerequirementsoncommunicationsserviceprovidersbased overseas?Howrealisticisitthatoverseasproviderscouldbepursuedforbreachofduty?


Wesimplyshouldnotbecollectingthisinfointhismannersoforme,thisquestionisirrelevant.

No.Iamespeciallyconcernedaboutconflictsofinterest.Willitbedeemedinpoortasteforwealthy businessmanfriendsofpoliticiansandseniorofficialstobetheoneswhosecompaniesarecollecting thisinfoandmakingatidysumdoingso?

ThisBillseemstosuggestthattherearenocircumstances.Allcommunicationsproviderswillbe collectingallyourtrafficinforegardlessofwhethertheyhavereasontoornotjustincaseyouturn outtobesuspicious withinthe12monthsretentionperiod,ofcourse .Icanjustpictureitnow. Cameron,Clegg,orwhoeverelsemightendupinpowersayssomethingthatirritatesme.Ina subsequentphonecalltomymum,IgetoverexcitedandsayIwishsomeonewouldbombhis bicycleorsomethingequallysillyandthenextthingIknowMI5isonmydoorstepinterruptingme hangingoutthelaundryorfeedingmychildbecauseImathreattothePMofthehour. Safeguards: 1618WhileIappreciatethattheseseemalogicalsafeguardtoputinplace,Iamsurethatyouwill forgivemylackoffaithinmostpoliticalofficesafterthelastfewyearsofproofthatfew,ifany, positionsofpowerarenotabused.IonlyneedtocitethetopbrassattheMetpolice,thefallofNews oftheWorldetal,theMP'sexpensesscandalandthat'sjustthetopbilledones.Giventhathistory,

14.Arethecircumstancesunderwhichcommunicationsdatacanbeaccessedappropriateand proportional?Whatkindofcrimesshouldcommunicationsdatabeusedtodetect?

BasedonourhistorywiththeUSAbendingoverbackwardstohelpusthewaywedotohelpthem? Highlyunrealistic.ChinaandIndiaarealsobecomingtechnologicalsuperpowers,dowereally imaginethatwewouldhaveanycontroloverinformationthattheymightdecidetokeepandhold? UseofCommunicationsData:

15Noanswer

220

Draft Communications Data Bill

whatguaranteedoesanyordinarycitizenhavethatwithaccesstosomuchinformationthatthosein powerwillnotsuccumbtotemptationandfindprofitableusesforwhattheyshouldbesafeguarding. I'drathernotbewatchingcourtproceeding10yearsfromnowwiththevariousCommissioners defendingthe'loss'and'resurfacing'ofdatathattheyshouldneverhavehadtosafeguardinthefirst place.Asmymotherusedtosay,whytemptpeople? ParliamentaryOversight: Enforcement: 2021Abittoolittletoolate.Afterthehorsehasboltedandtheinformationisouttherein circulation,allthefinesintheworldwillnotstopitfrombeingused.Peoplewillalwaysfindaway. Wewontneedtoenforceanythingifwenevercollectsuchamassiveamountofpersonaldatathat wedontneedinthefirstplace. Technical: 2226Myonlycommenthereistoaskhowyouplantodealwithfalsepositivesandfalsenegatives, butImaintainthatIfeelthisdatashouldnotbecollectedinsuchawidereachingmannertherefore eliminatingtheneedforthistechnicalconversation. InConclusion: Fordecadesbigbusinesseshavebeentryingtotrackcustomerseverymoveformarketingsuccess thinkTescoClubCard .AssomeonewhousedtoworkinadvertisingandmarketingresearchIknow thisinformationwouldbeaveritablegoldmineforanybusiness.Icannotseehowanygovernment canensurethatacompanydoesnotusetheinformationthattheyarecollectingandstoringfortheir ownpurposes.Ialsowouldliketoknowhowwecanbesurethattheinformationhasbeendestroyed afterayearhaspassed. Furthermore,Ireiteratethatwehavemorepressingneedsthanthefundingofheavyhandedplan thatcreatesamountaintofindamolehill.Whyarentwefindingmoneytosupportthedevelopment ofourfuture?Ouryoungpeople,ourNHS,ourbusinessdevelopmentandcareeropportunities,our policeservice,ourresearchanddevelopment,ourenergydilemmas,ourdefenceforces?Surelythese aremoreimportantrightnow. Ihonestlydonotcarewhetherthisis/wasaLabour,LibDemorConservativeproposalmyresponse isthesame.Ifeelthereisnorealisticorfeasiblewaytotrulypolicethisinformationorensureits safetyandsoitwouldbesafertoonlycollectwhatisactuallyneededratherthanmorethanis needed.Inpractice,thisistoocostlyanexcess.Theargumentthatweneedthisfornationalsecurity andtobeabletoensureconvictionsincourtisvalidbutthissolutioniswaytooextreme.Iamsure thatthereisahybrid,amiddlegroundthatcanbefoundthatdoesn'tcompromiseeveryindividual's civillibertiesforthesakeofapreciousfew.Itrulybelievethereareenoughintelligentand enlightenedmindsinparliamenttocomeupwithabettersolution.Thisisnotit. August2012

19.Noanswer

Draft Communications Data Bill

221

LGA
Whataccessdocouncilscurrentlyhavetocommunicationsdata? Councilscanaccesscommunicationsdataforthepurposeofpreventingordetectingcrimeor preventingdisorder. CouncilscurrentlyhaveaccessunderRIPAtotelephone/internetsubscriberandbilling informationonly.Councilsdonothavethepowerstoobtainthecontentofanytelephonecall oremail. Councils use communications data to protect residents and businesses from those that are deliberatelyandpurposefullytryingtocauseharm. Communications data is essential to the work carried out by councils to tackle benefits / council tax fraud, rogue traders, loan sharks, doorstep crime, anti social behaviour, serious environmental crime, commercial flytippers, animal welfare issues and counterfeit goods. Thesecrimesareoftentargetedatthemostvulnerableinourcommunities. Losing access to communications data would leave councils without the tools to protect residentsandleaveroguetraderstooperatemorefreelyinourcommunities. Rightstoprivacyforindividuals The LGA recognises that the public are understandably concerned about unnecessary and intrusiveuseofinvestigatorypowersbyGovernmentbodies. We support the use of safeguards that can reassure the public that access to data is used responsiblyandproportionately. While the LGA believes that councils only access data when absolutely necessary and in proportion to the suspected crime, we accepted the introduction of magistrates approval undertheProtectionsofFreedomsAct2012foraccesstodata. Safeguardstoaccessingdata The LGA believes that the current framework through which councils can access communicationsdataprovidesthesafeguardsthatthepublicarelookingfor. UnderRIPA,accesstocommunicationsdatawasalreadysubjecttointernalapprovalata DirectororHeadofServicelevelandbyelectedmembersthroughregularreviewsof requestsmadeunderRIPA. Councilsarealsosubjecttoexternal,independentoversightbytheSurveillance CommissionerandInterceptionCommissionersoffices,whichreportdirectlytothePrime Ministereachyear. The Protection of Freedoms Act requires councils to seek magistrates approval each time councilswanttoaccesscommunicationsdata. Councilsbehavingresponsibly TheintroductiontotheDraftBillitselfstates,Localauthoritiesaccountforlessthan0.5%of totalRIPArequestsforcommunicationsdata.Thisextremelylowfigureshowsthatcouncils areexercisingtheirpowersinaresponsiblewayandonlyrequestingdatawhenabsolutely necessary. In fact, local authority requests only constitute 0.3% of requests for communications data. This figure has remained consistent since 2006 when reporting was introduced. SirPaulKennedy,inhispositionasInterceptionofCommunicationCommissioner,presented evidence to the Freedoms Bill Committee in 2011, which stated, I am aware that some

sectionsofthemediacontinuetobeverycriticaloflocalauthoritiesandthereareallegations thattheyoftenusethepowerswhichareconferreduponthemunderRIPAinappropriately. However, I can categorically state that no evidence has emerged from our inspections that havetakenplacebetween2005and2010,whichindicatesthatcommunicationsdataisbeing usedtoinvestigateoffencesofatrivialnature,suchasdogfoulingorlittering.Onthecontrary itisevidentthatgooduseisbeingmadeofcommunicationsdatatoinvestigatethetypesof offenceswhichcauseharmtothepublic,suchasinvestigatingroguetraders,loansharksand flytippingoffences.SirPaulKennedyadded,Oftenthetelephonenumberorcommunications address is the only information / intelligence the local authority has to progress the investigationandidentifytheallegedoffender.

222

Draft Communications Data Bill

CommunicationsdatasupportingGovernmentpriorities TheGovernmentisrunningacampaignentitled,Targetingbenefitthieveswiththetagline, Itsnotifwecatchyou,itswhen. InApril2012,theGovernmentlaunchedtheNationalTradingStandardsBoardtoprovidea structurethroughwhichcouncilswouldberesponsiblefor combatingpriorityareassuchas loansharksandinternetscams. CouncilshaveacrucialroleindeliveringthesestrategicGovernmentaims,whichcanonlybe achievedwithaccesstocommunicationsdatatotacklepersistentoffenders. TheLGAprovidedextensiveevidenceonthevalueofcouncilaccesstocommunicationsdata duringthedebateontheProtectionofFreedomsAct.ThisActonlyreceivedRoyalAssenton 1stMayandwearedisappointedthatwearerequiredtocommitresourcetorevisitingthis debatesosoon. Clause11ofthedraftCommunicationsDataBillandtherecentProtectionsofFreedomsAct providecouncilswiththepowerstocontinueaccessingcommunicationsdatawithapproval from a magistrate. This shows a clear recognition from Government of the importance of thesepowersforcouncilstoprotectcommunitiesfromcrime. However,sincetheBillwaspublished,theHomeOfficehasadvisedthattheLGAisexpected to make a business case for a specific Order to ensure that councils can retain access to communicationsdata. This change in stance, along with differing legal views about whether an Order is actually required,hascreatedsignificantconfusionandconcernaboutGovernmentintentionsonthis matter. It would be helpful to have a clear message from Government to support the importanceofcouncilsretainingaccesstocommunicationsdatainordertoprotectthemost vulnerable parts of our communities from crime and to acknowledge that councils are makinggooduseofcurrentpowersinawhollyproportionatemanner. Casestudies 1. ShropshireCounciltacklingbenefitfraud AbenefitclaimantconvictedbyShropshireCouncilreceived26weeksimprisonmentforfailingto notifyofthecouncilofherpartnerspresenceinthehousehold,leadingtoanoverpaymentofover 40kincouncilandDWPbenefits.ChecksontelephonenumbersandSKYrequestswerecriticalto establishingthepartnerwasresidentattheproperty. 2. Protectingresponsiblebusinessesandcreatingafaireconomy WolverhamptonCityCouncilacquiredcommunicationsdatatoinvestigatethelargescale manufactureanddistributionofcounterfeitmediaproductsviatheInternetandcomputerfairs.The offenderwasconvictedandsentencedtothreeyearsimprisonment.Theestimatedlosstolegitimate businesseswasintheregionof1millionandthiswasstoppedwhenthefourcounterfeiting factoriesweredismantled. 3. Protectingthepublicfromdangerousgoods NottinghamshireCountyCouncilsuccessfullyputastoptotheimportandsaleofdangerous counterfeitelectricalgoods,whichwereputtingunassumingconsumersatrisk.Dataaboutmobile telephoneuseenabledtheCounciltoobtaindetailsofassociatesofthemainoffenders.Thecase resultedinthemainoffendergettinga41/2yearprisonsentenceforimportingdangerous counterfeitelectricalgoods.Anassociategota10monthsentence. NottinghamshireCountyCounciladvisesthatwithoutthecommunicationsdatatheinvestigation wouldcertainlyhavebeenprolonged andmoreexpensive andisunlikelytohavesucceeded. 4. Protectingvulnerableresidentsfromroguetraders Anelderlycouplehadbeencoldcalledattheirproperty.ThecouplewereadvisedbyDesigner Drivewaysthatvariousworksneededtobecarriedoutincludingpowerwashingthepatio;layinga newblockpavingdriveway;anewgardenwall;supplyinganewgate;removalofconifersfromthe backgardenandlayingapatiooverthearea;treatingthejoistsintheatticforwoodwormandlaying

Draft Communications Data Bill

223

newinsulation.Thepaperworkprovidedforthevariousjobsdidnotcomplywithlegislation; cancellationrightswerenotprovidedandsurveyorsreportsshowedthattheworkhadnotbeen carriedoutproperlyorthattherewasnoneedfortheworkinthefirstplace.Thecouplepaid DesignerDriveways14,500. Thetraderconcernedindicatedthatthecompanythathadcarriedouttheworkwasnothingtodo withhim.AsubscribercheckcarriedoutbyCardiffCityCouncilshowedthatthemobilephonewas registeredtohimandillustratedclearlinkagestothelimitedcompany.Onthe17thApril2012the defendantpleadedguiltytofraudcharges.Hewassentencedto18monthsimprisonmentwhichran concurrentlywithaprisonsentencethathewasalreadyserving. 5. Protectingvulnerableresidentsfromroguetraders TheCentralEnglandTradingStandardsRegionalScambusterTeambasedatSolihullBorough Council,andWestMidlandsPolicejointlyinvestigatedaroguebuilderwhencomplaintswere receivedfromtwomembersofthepublicthattheyhadbeenrippedoff.InitiallytheCrown ProsecutionServiceadvisedagainstgoingtotrialbecausetherewereonlytwovictimsanditwould thereforebedifficulttoprovethefullextentofhiscriminality.Outgoingcallrecordswereobtainedin relationtothesuspectsphoneandthisenabledtheinvestigationteamtoidentifyanumberofother victimswhowerepreparedtogiveevidence,manyofwhomhadbeenunawarethattheyhadactually beenthevictimtoafraud.Theoffenderobtainedapproximately200,000byfraudfromhisvictims overan18monthperiod.ThecasewaseventuallytriedinBirminghamCrownCourtandtheoffender pleadedguiltyandwassentencedto4yearsimprisonment.Itisextremelyunlikelythathewould havebeenbroughttojusticeiftheinvestigatingofficershadnotmadeeffectiveuseofthepowersto acquirecommunicationsdata. 6. Preventingoutbreaksoffoodpoisoning ThecaseconcernedthesupplyofchickentoseveralfoodbusinessesintheCardiffarea.Thebusiness wasnotregisteredasafoodbusinessanditwasnotknownwhetherthemeatwasillegalsourcedand unsafe.Noneoftheinvoicesgivenspecifiedacompanyname,addressorcontacttelephonenumber. However,oneofthefoodbusinessownersconfirmedthatheorderedthechickenfromamobile telephonenumber. Asubscriberonthisnumbergavearesidentialaddressfromwhichthedefendantwassubsequently traced.Onthe21stJuly2011defendantpleadedguiltytooffencesundertheGeneralFoodRegulations 2004andfined.Thiscouldnothavebeentracedwithoutaccesstocommunicationsdata. Theeconomicimpactofanoutbreakoffoodpoisoningwouldhavebeensignificantand,potentially, fataltoelderlyandvulnerablepeople. 7. Policingonlinesales HampshireCCwerecalledtoinvestigateimporterofcounterfeitgolfclubsandaccessorieswhosold themviaeBay.DespitetwoseizuresfromHMRCatportofentry,hecontinued.RecordsfromeBay andPaypalwerecontradictoryintermsofidentificationoflocationofoffender.Aseriesofemail addressesprovidedtoeBay/Paypalwerecheckedbymeansofrequestingsubscriberdetailsandthe offenderlocatedasaresult. Despitepleadingguiltyatfirstopportunity andthereforegettingamandatory30%discountonthe penalty ,theoffenderwassentencedto30monthsimprisonment reducedonappealto21months andwasorderedtopayaconfiscationorderintheregionsof108,000.Thisdemonstratesthe seriousnessofthecrime. 8. Maintainingroadsafety Alargescalepurchaserandsellerofwasfoundtobeselling'clocked'cars.Carswereboughtat auctionwithhighmileagesandthensoldviaeBay/AutoTraderwebsitewithfraudulentdescriptions applied.Thecarsconcernedwerelowvalueones,typicallynomorethan2000.Over50carswere soldinamisdescribedmannerandwithfalsifiedservicehistory.Thevalueofthefraudwasinexcess of60,000.Falsenamesandaddresseswereused,however,itwaspossibletotracethoseconcerned usingsubscriberdetailsinrespectofmobiletelephonenumbersandemailaddressesprovided.

224

Draft Communications Data Bill

Despitepleadingguiltyatfirstavailableopportunity andthereforegettingamandatory30% discountonthepenalty ,theoffenderwassentencedto20monthsimprisonment. 9. WorkingwiththePolicetostopemailscams TheCouncilreceivednotificationofresidentsreceivingChineseinheritancescamletters.Theletters promisedreleaseofaninheritancefromapersoninChinaonpaymentofanadministrationfee. LetterswerepostedwithRoyalMailSmartStampdetailsonthemandtopotentialvictimsalreadyon 'suckerlists'whoarethereforepotentiallyveryvulnerabletosuchactivity.TheCouncilobtained subscriberdetailsfromRoyalMailindicatingthepersonsandaddresseswithintheUnitedKingdom whohadreceivedletters,makingthefraudmucheasiertotackle. TheinvestigationwasreferredtotheMetropolitanPoliceasitinvolvedworkonascalebeyondthe councilboundaries.However,councilinvolvementenabledarapidresponseandenabledthepoliceto targettheirresourcesatdealingwiththeoffenders.Thecouncilwasalsoabletoprovideadviceto residentsonavoidingthescam. 10. Tacklingbenefitfraud NeathPortTalbotCBCsuccessfullyprosecutedamanforillegallyclaiming5000ofhousingbenefits usingcommunicationsdata.Officialtelecomsinformationwasusedtoshowthatthenumberslisted inhisplanningapplicationformandmortgageapplicationwerefalseanddeliberatelymisleading. Theevidencefromthetelecommunicationscompanieswasusedtoproveintenttocommitbenefit fraudandthattheindividualhadprovidedfalseinformationforfinancialgain.Hewasgivena12 monthcommunitypunishmentorderfor240hoursofunpaidworkandtoldtorepaythe overpaymentofbenefitandcourtcosts. July2012

Draft Communications Data Bill

225

Liberty
ExecutiveSummary TheDraftCommunicationsDataBillrelatestotheproposedcollection,retentionandavailabilityof communicationsdataacrosstheUK.Itisnoexaggerationtosaythattheselegislativeproposals signalamajorshiftintherelationshipbetweenthecommunicationsindustry,thestateandthe public.Neverbeforehaveprivatecompaniesbeencalledupontoorchestrateblanketcollectionof personaldatawhichtheyhavenobusinessreasontoretain.Thisbriefingwillinterrogatethecapacity whichcouldbecreatedundertheseproposals,thedepthofthecivillibertiesimplicationsandthe limitationsoftheproposedsysteminlawenforcementterms. Communicationsdataishighlyrevealing.Inanaveragedaywecanexpecttogeneratealargeamount ofcommunicationsdata,includingfromactivityonsocialnetworkingsitessuchasFacebookand LinkedIn,thedetailsofcommunicationsviaTwitter,thehistoryofwebsitesvisited,thetimeatwhich telephonecallsweremade,whotheyweremadetoandhowlongthecalllasted,thelocationofan individualmakingorreceivingamobilephonecallaswellasthedurationandtimingofthephone callandsubscriberinformationrelatingtothesourceorrecipientofcommunicationsandtheirdirect debitdetails. Suchdataisincreasinglydifficulttodistinguishfromcontentandweunderstandthatinorderto facilitatethecollectionofdataunderthisBill,telecommunicationproviderswillberequiredtoinstall technologythathasthecapacitytoroutinelyinterceptallcommunications.Thisnotonlyexacerbates humanrightsconcernsbutalsomakesclearthatthisproposalisaboutextendingratherthan maintainingtheabilityoftheStatetomonitorcommunications. IntheUKarrangementscurrentlyexistfortheretentionofsomecommunicationsdata.Thisisasa resultofanEUDirectivethatwastransposedintoUKlawin2009.However,similarrulesinplacein otherEUcountrieshavebeenrecentlysubjecttosuccessfullegalchallenge.Indeedconstitutional courtsacrossthecontinentincludinginGermany,RomaniaandBulgariahaveruledthattheir respectivearrangementsforretainingsomecommunicationsdataareunconstitutional.Asignificant caseiscurrentlypendingbeforetheEuropeanCourtofJusticewhich,forthefirsttime,willdirectly interrogatethecompatibilityoftheEUDirectivewithhumanrightsobligations.Weareunsurewhy theGovernmenthasnotwaitedfortheoutcomeofthisjudgmentbeforepressingaheadwithmore intrusiveplans. LibertybelievesthatcurrentUKdataretentionarrangementsareadisproportionateinterference withtherighttorespectforprivatelifeandunderminerespectforfreedomofexpression.The proposalssetoutintheDraftBillgosignificantlyfurtherandsufferevengreaterflawsasaresult. Libertyhasneveropposedtargetedsurveillancewithpriorauthorisation,onthebasisofindividual suspicion,butthisDraftBillamountstonothinglessthanblanketsurveillanceofthepopulationat large,turninganationofcitizensintoanationofsuspects. Introduction 1. TheDraftCommunicationsDataBill theDraftBill wasannouncedintheQueensSpeech andpublishedbytheHomeOfficeon14thJune2012.Itiscurrentlyundergoingaperiodofpre legislativescrutinybytheDraftCommunicationsDataBillCommittee theCommittee .Liberty appreciatestheopportunitypresentedbyprelegislativescrutinyoftheDraftBill,butgiventhe privacyimplicationstheseproposalscarryforallUKresidentswearedisappointedthattherehas beennopriorpublicconsultationundertakenbytheresponsibledepartment.Inparticular,we understandthattherehasbeennoformalprocessofconsultationwithcommunicationservice providers.OnthisbasiswefinditverydifficulttounderstandhowtheHomeOfficehasreachedits conclusionsabouttheextentofpotentialcollaboration,norindeedthecostsimplicationsofits proposals. 2. Beforeembarkingonasubstantialanalysisoftheseproposalswemustfurtherexpress concernattheirbroadandvaguenature.OurattemptstocritiquethisDraftBillhavebeenhampered

226

Draft Communications Data Bill

byaseriouslackofdetail.Thebestwaytodescribeitsprovisionsisfutureproof:highlyenabling andlackinginfocusedprescription. ThedetailoftheDraftBill

Part1DataCollection

3. Clause1oftheDraftBillgrantstheSecretaryofStatethepower,byorder,toimposeany requirementorrestrictiononanoperatorwhichisaimedatensuringtheavailabilityof communicationsdatatospecifiedbodies.ArrangementsaroundaccesstodataaredealtwithinPart 2,butClause1 b makesclearthatoperatorsmayberequiredtoretainorotherwisehandledatain ordertofacilitateaccessoutsidethearrangementsprovidedforinPart2oftheDraftBill.Thenon exhaustivelistofrequirementswhichmaybeimposedonoperatorsincludeobtainingorprocessing dataandenteringarrangementswiththirdpartiesinordertofacilitatetheavailabilityofdata. 232The processingofdataincludesthereading,organisation,analysis,copying,correction,adaptationor retrievalofdataanditsintegrationwithotherdata. 233Requirementsmaybeplaceddirectlyonan operatorbyorderorprovisionmaybemadeinanordertoallowforrestrictionsorrequirementsto beimposedbynotice. 234 4. Subclause1 3 providesthatoperatorsmaybemadesubjecttoadditionalregulatory obligationsdesignedtofacilitateswiftaccesstodataandmakeprovisionaboutstandards, equipment,systemsandtechniques. 235Requirementsmaybeplacedonoperatorsinrelationto servicesprovidedbyanotheroperator.Communicationsdataforthepurposesofthepermissive regimesetupbyclause1carriessubstantiallythesamemeaningasprovidedforunderRIPA;the regimeappliestopostaloperators. 236Subclause1 4 statesthatanauthorisationmaynotpermit conductconsistingoftheinterceptionofcommunications;asexploredbelowthisprohibitionis difficulttosquarewithourknowledgeofthetechnologicallimitationsofDPIsoftwareandhardware. 5. Undertheheadingsafeguardsclause2placestheSecretaryofStateunderanobligationto consultwithOFCOM,theTechnicalAdvisoryBoardandoperatorsorpersonsrepresentingoperators orwithstatutoryfunctionsinrelationtooperators. 237TheTechnicalAdvisoryBoardissolely concernedwiththetechnicalorfinancialviabilityandnottheprivacyimpactofproposals. 6. Clause4providesthatdatamustberetainedfor12monthsfromthedateofthe communicationunlessashorterperiodisprovidedforinaspecificnoticeortheoperatorisinformed thatthedataisormayberequiredforlegalproceedings,inwhichcaseoperatorswillberequiredto retaindatauntilinformedotherwise.Ifitbecomesapparentthatcommunicationsdataisnot requiredforlegalproceedings,thepublicauthoritywhichhasrequestedtheinformationshould informtheoperatorofthatfact. 7. Clause5makesclearthatoperatorscannotdisclosedataexceptinaccordancewithPart2of theDraftBilldealingwithaccessandauthorisation,orotherwiseasauthorisedbylaw,thiscould includeadisclosurerequiredbycourtorderassuggestedbytheexplanatorymemorandum,but wouldclearlycoverothersituationsinwhichtheSecretaryofStateauthorisesaccessotherwisethan inaccordancewithPart2undersubclause1 b .Theoperatorisrequiredtoputinplacesecurity

232Clause1 233Clause1

2 . 5 . 234Clause1 2 b . 235Clause1 3 . 236Clauses28and25. 237Clause2.

Draft Communications Data Bill

227

provisiontoprotectagainstunlawfuldisclosurewhichcanincludemanagementchecksandcontrols; nofurtherdetailisprovidedabouttherequirementofadequatesecuritysystems. 238 8. Clause6providesforthedestructionofdataattheendoftheretentionperiod.Destruction cantakeplaceatmonthlyintervals,meaningdatacanberetainedforuptoanadditionalmonth pendingthenextroundofdatadestruction. 9. Clause7setsoutothersafeguards.AlllistedsafeguardssetoutinthissectionoftheBill relatetoprocessandspecificallytheformofrequests.Anoticemadepursuanttoanorderrequiring retentionofdatamustbeinwriting,specifytherecipientandbegiveninamannerappropriateto bringittotheintentionoftherecipient.239Therecipientofthenoticemustbeallowedtoreferthe noticetotheTechnicalAdvisoryBoard,inaccordancewithtimescalesspecifiedintheorderthe boardwillconsidertechnicalandfinancialconcernsraisedbyoperators,reportingbacktothe operatorandtheSecretaryofState.TheSecretaryofStatewillhavetheoptiontowithdrawtheorder afterreceivingareportfromtheBoard:thisisthesecondsafeguard.IftheSecretaryofStatechooses toconfirmherordernofurtherreferralsarepossible. 10. Clause8dealswithenforcement.Requirementsdealingwiththewaydatashouldbeheld,the durationofretention,accessanddestructionoranyotherrequirementorrestrictionimposedby orderareenforceablebytheSecretaryofStatethroughcivilproceedings. 240Whereworkisincidental toorreasonablyundertakeninconnectionwithconductthatisauthorisedunderthisPartoftheBill anditisnotconductforwhichanauthorisationorwarrantcouldandshouldhavebeensought independently,itisnottoleadtocivilliability. 241

Part2Accessingdata

11. Clause9makeslegislativeprovision,viaaprocessofinternalauthorisation,foraccesstoall formsofcommunicationsdatabyanypoliceforce,theSeriousOrganisedCrimeAgency,HMRC,the intelligenceservicesandanyotherpublicauthoritydesignatedinaSecretaryofStateorder. 242Before datacanbeaccessedbyanemployeetheauthorisationofadesignatedseniorofficeroftheauthority concernedmustbesought.Ifgrantedtheemployeewhomadetherequestbecomesanauthorised officerforthepurposesoftherequest.Thedesignatedseniorofficermayonlygrantauthorisations whereheorshebelievesthatitis: i necessarytoacquirethedataforapermitted purpose; ii necessarytoobtainthedata: a forthepurposesofaspecificinvestigationoroperation; or b forthepurposesoftesting,maintainingordevelopingequipment, isnecessaryandproportionatetotheaim. 243 12. ThisprovisionmirrorsRIPAandthepermittedpurposessetoutatsubclause9 6 remainas broadandilldefined.Anadditionalpurposeisaddedatsubclause6 c whichrelatestothe preventionanddetectionofanyconductinrespectofwhichcivilenforcementactionformarket

systemsorothercapabilitiesrelatingtotheavailabilityorobtainingof communications iii theconductauthorised data;and

238Clause5 239Clause7

2 1 240Clause8 3 241Clause8 4 242Clause21. 243Clause9 1

. . . . .

228

Draft Communications Data Bill

abusemaybetakenbytheFinancialServicesAuthority. 244Thesepermittedpurposescanbeaddedto orrestrictedbytheSecretaryofStatebyorder. 245 13. Thedesignatedseniorofficermaygrantauthorisationforhimselforanyotheremployee withinhispublicauthorityandtheauthorisationcanextendtoanyconductinrelationtoa communicationssystemordataderivedfromsuchasysteminordertoobtaincommunications data. 246Clause9 3 containsanonexhaustivelistofthetypeofconductwhichcanbeauthorised includingrequiringanypersonwhomtheauthorisedofficerbelievesholdscommunicationsdatato discloseittoapersonidentifiedintheauthorisation.Clause9 4 statesthatanauthorisationmay grantaccesstocommunicationsdatatoapersonwhoisnotauthorisedintheorderforanyconduct whichhas,asitsaim,theenablingorfacilitatingofobtainingcommunicationsdata.Subclause9 5 b providesthatauthorisationsmadeundersubclause9 3 maynotinvolvethedisclosureofdatato thoseoutsideofthepublicauthorityinquestion. 14. Clause10makesprovisionfortheforminwhichauthorisationsornoticesmadepursuantto authorisationsaretobemadeinparticularthenatureofrequirementsshouldbespecified.Notices mustspecifytheofficeorpositionofthepersongivingit,therequirementsimposedandtheoperator uponwhomtherequirementsareimposed. 15. Clause11setsoutaregimeofjudicialapprovalforlocalauthorityaccesstocommunications datawhichmirrorstheprovisionsofsections23AandBofRIPA. 247Whereanapplicationismadefor aMagistratesorderapprovinganauthorisation,theindividualwhoisthesubjectoftheauthorisation neednotbeinformed;thesameistrueofhislegalrepresentatives.AMagistratemayapprovethe authorisationwheresatisfiedthat,atthetimeofthegrantandatthetimetheapplicationcomes beforetheCourt,therequirementssetoutatsubclause9 1 ,whichdealwithinternalauthorisation, aresatisfied. 16. Localauthoritiescanstillonlyseekaccesstouseandsubscriberdata. 248Asidefromlocal authoritiesandthosepublicauthoritieslistedonthefaceoftheDraftBill,provisionaroundtherange ofpublicauthoritiestowhichaccesswillbegranted,thetypesofdatatowhichaccessisauthorised andauthorisationprocessesarelefttosecondarylegislation:nodraftorderhasyetbeen forthcoming. 249 17. Clause12providesforauthorisationstobeoperationalforrenewableperiodsofamonth.If thegroundsfortheoriginalauthorisationnolongerexist,adesignatedseniorofficermustcancelthe authorisation.Clause13placesoperatorsunderaduty enforceablebycivilproceedingsbroughtby theSecretaryofState toobtainordisclosethecommunicationsdatainawaythatminimisesthe amountofdatathatneedstobeprocessedforthepurposeconcerned. 250Clause13alsoreaffirmsan operatorsdutytoactinaccordancewiththerequirementsofanoticegiveninaccordancewithan authorisation,howevertheyarenotrequiredtodoanythinginpursuanceofthatdutywhichitisnot reasonablypracticabletoexpectthemtodo. 18. Clause14providesforfilteringarrangementstobeputinplacebyGovernment.Theclauseis incrediblybroadlyframedanditsscopeobscure.TheSecretaryofStateisempoweredtoputinplace
244TheDraftBillprovidesfortherepealofothercorrespondingpowersandisthereforeeffectivelya consolidationofexistingprovisioninonepieceoflegislation. 245Clause9 7 . 246Clause9 2 . 247Uncommencedprovisionsinsertedbysection37oftheProtectionofFreedomsAct2012. 248Seeclause17. 249WeunderstandthattheSecretaryofStatehasaskedthosepublicauthoritiesseekingtoretain accesstocommunicationsdatatosetoutthebusinesscaseforongoingaccess. 250Clause13 1 .

Draft Communications Data Bill

229

anyarrangementssheseesfit,forthepurposesofassistingoperatorstodeterminewhether retentioncouldbesecuredinaccordancewiththeprovisionsofclause9,ortofacilitateefficientand effectiveaccesstodata.InparticulartheSecretaryofStatecanobtaindataonbehalfofanauthorised officerandobtainthedatafromwhichthedatamaybederived. 251ItisalsoclearthattheSecretary ofStatecanretaindataforthepurposeofprocessingthatdata,allowingfortemporaryexecutive retention,processinganddistributionofdatabroughttogetherfrommanydifferentsources. 252The Governmentmaintainsthatclause14isdesignedtocreateanautomatedsystemwhichwillensure thatonlythatinformationrelevantandrequiredbyaparticularauthorisationisretained,butthe extenttowhichthiscentralfilterwillbeautomatedisnotclear.Clause16whichsetsoutdutiesin connectionwiththeoperationofthefilterprovidesthatasidefromdisclosuretodesignatedsenior officers,disclosureispermittedforthepurposesofsupport,maintenance,oversight,operationor administrationofthefilteringarrangements.Whatisclearisthatthefilteramountstoatemporary centralisedstoreofpotentiallylargeamountsofcommunicationsdataoperatedandmaintainedby theexecutive,givingtheGovernmentaverysignificantroleatthecentreofthedataretentionand disclosureregime. 19. Throughthefilter,theSecretaryofStatewillseektomakepublicauthoritiesawareofthe extentofcommunicationsdataavailableandprocessdatawithdisclosurebasedonanassessmentof whatisneededbytherequestingauthority.Thecentralfilterwillbringtogetheratomisedpiecesof datatocreatearevealingwhole.Further,accordingtoProfessorPeterSommer,aleadingtechnical expertinthefield,thefilterislikelytousecontentandcommunicationsdatainordertocorrectly identifypatternsofcommunication. 253 20. Clause15makesclearthattheproposedcentralfiltermaybeusedbothforthepurposesof obtaininganddisclosingcommunicationsdata.Subclause15 2 referstothetemporaryretentionof dataandsubclause16 1 c providesforthedestructionofdataobtainedandprocessedthroughthe filterwhenthepurposesoftheauthorisationhavebeenmet:nouppertimelimitforretentionof datainthecentralfilterisprovided.Anauthorisationmadebyadesignatedseniorofficermust recordtheofficersdecisionastowhetherdataistobeobtainedanddisclosedthroughthis centralisedprocessandthedescriptionofdatathatmaybeprocessedinaccordancewithaparticular authorisation.Clause16restatesthepurposesforwhichcommunicationsdataretainedinthecentral storecanbedisclosed.Thereisarequirementtoputinplaceasecuritysystemtogovernaccess,no detailsaregivenabouttheformorextentofsecurityrequired.Retrospectiveannualreportsonthe operationofthefilteringdatabasearetobesuppliedbytheSecretaryofStatetotheInterceptionof CommunicationsCommissionerassoonaspossibleaftertheendofeachcalendaryear. 254Significant processingerrorsmustbereportedtotheCommissioner. 255 21. Clause17providesthatlocalauthoritiesmaynotaccesstrafficdataoranyextradata generatedbyoperatorsinresponsetoarequestbyarelevantpublicauthority.TheSecretaryof Statemayplacerestrictionsonthegrantingofauthorisationsbydesignatedseniorofficersincluding inrelationtodatastoredbyGovernmentaspartoffilteringarrangements. 256TheSecretaryofState maydelegateanyofherfunctionsinrelationtofilteringarrangementstoadesignatedpublic authority.

Part3Scrutinyofretentionofandaccesstocommunicationsdata

251Clause14 252Clause14

2 b . 2 .IntheaccompanyingexplanatorynotestheGovernmentnotesthatdatagenerated bycurrentformsofonlinecommunicationwillrequiregreateraggregationandprocessingfor exampletheyenvisagecasesinwhichfragmentedcommunicationsdatafromanumberof differentsourceswillbecoordinatedthroughthefiltertoprovideafullerpicture. 253SubmissionofProfessorPeterSommertotheJointCommitteeontheDraftCommunicationsBill, para44. 254Clause16 6 . 255Clause16 7 . 256Clause17 4 .

230

Draft Communications Data Bill

22. Part3replicatesprovisionsofRIPAprovidingfortheretrospectiveoversightofdata retentionanddisclosurebytheInterceptionofCommunicationsCommissioner. 257Operatorsmust keepsufficientrecordsofactionstakeninaccordancewiththeprovisionsoftheBilltoallowfor reviewbytheCommissioner. 258 23. Clause23providesforthejurisdictionoftheInvestigatoryPowersTribunaltobeextended tocovernewpowersgrantedunderParts1and2. 24. Clause25extendsthereachofParts1and2tocoverpostaloperatorsinthesamewayas theyapplytotelecommunicationsoperators.Clause26obligestheSecretaryofStatetomake paymentstowardsthecostsincurredorlikelytobeincurredbytelecommunicationsandpostal operators.Paymentmaybemadesubjecttoconditions.ItisfortheSecretaryofStatetodetermine thescopeandextentofarrangementsforpayments,includingspecifyingwhichpaymentsshouldbe madetoparticularoperators. 259Clause27incorporatesSchedule3whichprovidesforamendments toRIPAtoextendCodesofPracticetocovertheprovisionsofthisDraftBill.Schedule3alsoprovides foramendmentstoRIPAallowingforregularrevisionofcodesofpractice.TheSecretaryofStateis requiredtoconsiderrepresentationsmadearounddraftcodesandmaymodifyadraft.Bothcodes andrevisionstocodesmustbelaidbeforeParliamentandaresubjecttotheaffirmativeresolution procedure. Background 25. TheRegulationofInvestigatoryPowersAct2000 RIPA governstheuseoftargeted surveillanceintheUK.BeforeRIPAcameintoforce,ourstatutebookcontainedanumberoftargeted surveillancepowersdevelopedinanadhocwayovertheyears.RIPAwasdesignedtoconsolidatethe lawandtoincorporatehumanrightsprinciplesofnecessityandproportionality.Atitsinception, RIPAwasdesignedtodealwithaccesstocommunicationsdataandaccessiscurrentlygovernedby ChapterI,PartIIofRIPAandtheRegulationofInvestigatoryPowers CommunicationsData Order 2010.Section22 4 ofRIPAprovidesthecurrentdefinitionofcommunicationsdatawhichhasthree components: i Trafficdata:thistellsyou,amongstotherthings,wherethemobilephone,internetconnectionetc waslocatedatthetimeacommunicationtookplacee.g.whereamobilephonewaswhenitreceived ormadeacallaswellasdatagoingtotheidentityofthesourceandrecipientofthecommunication; ii Serviceuse:thistellsyouhowacommunicationoccurred i.e.wasitviaemail,atextoraphone calletc ,thedateandtimeitoccurredandhowlongitlasted; iii Subscriberinformation:thistellsyouanyinformationheldbythepersonwhohassignedupto thecommunicationsservice,forexamplethenameandaddressandanydirectdebitdetailsofthe user.

Part3generalprovisions

Access

26. RIPAprovides,onthefaceoftheAct,forallformsofcommunicationsdatatobeavailableto theintelligenceservices,thepolice,theSeriousOrganisedCrimeAgency SOCA ,HMRCandother specifiedpublicauthoritiesprovidedforbyorder;theseincludetheFinancialServicesAuthority,the

257SavewhereoversightisreservedtotheInformationCommissionerorthejudiciary

22 1 ,thisisaMagistrateforEnglandandWales . 258Clause22 6 . 259Clause26 5 .

underclause

Draft Communications Data Bill

231

GamblingCommissionandtheNationalHealthServiceTrust. 260Thepowertoacquireserviceuse dataandsubscriberinformationisavailabletoover430localauthoritiesandasignificantnumberof otherpublicauthorities,includingtheFoodStandardsAgency,theCharityCommissionandthe EnvironmentAgency. 261Thepermittedpurposesforwhichcommunicationsdatamaybeaccessed arebroadandilldefined,includingintheinterestsoftheeconomicwellbeingoftheUKandtoassess orcollectanytax,dutyorothertypeofgovernmentcharge. 262TheActprovidesforaregimeof internalauthorisationforaccesstocommunicationsdataforalargenumberofpublicbodies.Section 37oftheProtectionofFreedomsAct2012amendedRIPAtorequirepriorjudicialauthorisationfor accesstocommunicationsdatabylocalauthorities 263howeverthissectionisnotyetandevenoncein force,willonlyaffectasmallfractionofcommunicationsdatarequests.

27. Whilecommunicationsserviceproviders BT,Virginetc typicallyretainsomeinformation abouttheircustomerspastuseofcommunicationsfortheirownbusinesspurposes e.g.itemised phonebills theywerenotuntilrelativelyrecentlyobligedtoretainanysuchdataabouttheir customers. 28. Asmallshiftinthisareatookplacein2001whentheAntiTerrorismCrimeandSecurityAct wasrushedthroughParliamentfollowingthetragiceventsof9/11.Amidahostofdraconiananti terrorpowersstoodPart11,providingforthecreationofvoluntaryagreementsbetweenservice providersandtheGovernmentfortheextendedretentionofcommunicationsdataTheinternet initiallyobjectedtothesevoluntaryagreements,withtheSecretaryGeneraloftheInternetProviders AssociationinformingthenHomeSecretary,RtHonDavidBlunkett,thattheindustrywasnot convincedthatextendingthelengthoftimecompaniesholdontocustomerlogswasnecessaryfor thefightagainstterrorismandorganisedcrime. 264InJulythatyeartheInformationCommissioner publicallywarnedtheHomeOfficethatplansforavoluntarycodeofpracticefortheretentionof communicationsdatacouldviolatehumanrightsprotectionsbecauselogssupposedlyretainedfor thepurposesofseriouscriminalinvestigationscouldbeaccessedforsuchpurposesasthelevyingof taxes. 265TheFoundationforInformationPolicyResearchalsocameoutinopposition,warningofthe dangersofapolicyrejectedbycivilsociety,Europesdataprotectioncommissionersandnow internetserviceproviders. 266 29. Notwithstandingwidespreadconcernsabouttheimpactofaproposedvoluntarycode,in 2003theHomeOffice,securedaseriesofagreementswithserviceproviders.Todatewedonotknow thedetailsoftheseagreementsnordowehaveconfirmationofthepartiesinvolved.Theseinitial

Availability

RegulationofInvestigatoryPowers CommunicationsData Order2010, Schedule2,Part1. 261ForthefulllistseetheRegulationofInvestigatoryPowers CommunicationsData Order2010, Schedule2,Part2. 262Seesection22ofRIPA.Communicationsdatacanalsobeaccessedinanemergencytoprevent deathortopreventormitigateinjuryoranydamagetoapersonsmentalorphysicalhealth.For thetypesofsurveillancelocalauthoritieshaveaccessto,theSecretaryofStatecanmakeorders extendingthepurposeforwhichauthorisationscanbemade.Todateordershavebeenmadeto allowcommunicationsdatatobeaccessedtoinvestigateallegedmiscarriagesofjusticeandto assistinidentifyingdeceasedpersonsorpersonsunabletoidentifythemselvesbecauseofa physicalormentalcondition.SeeRegulationofInvestigatoryPowers CommunicationsData Order2010,SI480/2010. 263Section37oftheProtectionofFreedomsActhasnotyetbeenbroughtintoforce. 264TheGuardian,InternetproviderssaynotoBlunkett,22Ocober2002,availableat: http://www.theregister.co.uk/2002/10/22/uk_isps_oppose_data_retention/. 265TheGuardian,InternetproviderssaynotoBlunkett,22Ocober2002,availableat: http://www.theregister.co.uk/2002/10/22/uk_isps_oppose_data_retention/. 266TheGuardian,InternetproviderssaynotoBlunkett,22Ocober2002,availableat: http://www.theregister.co.uk/2002/10/22/uk_isps_oppose_data_retention/.
260Forthefulllistseethe

232

Draft Communications Data Bill

agreementsrelatedtoinformationalreadykeptforcommercialpurposes,establishingaminimum periodforretention. 30. In2002theHomeOfficeattemptedanotherpolicytoextendaccesstocommunicationsdata toawiderangeofpublicauthoritiesauthoritieswithnolawenforcementremitwhatsoever, includingparishcouncils.Inthefaceofhugeopposition,theseplanswerescaledback,howeverthe RIPAregimestillgrantsaccesstoahugerangeofpublicauthoritiesonthebasisofaprocessof internalauthorisation. 31. Stilldissatisfiedwithcapabilitiesinthisarea,in2005theHomeOfficeusedtheUK presidencyoftheEUtopushthroughcompulsoryarrangementsforcommunicationsdataretention whichresultedintheEUDataRetentionDirective2006. 267TheDirectiveprovidesforthemandatory retentionofcommunicationsdata alreadyretainedforbillingorcommercialpurposes forbetween 6and24months.SwedenpostponedtheimplementationoftheDirectivefacinghugefines,whilst acrossEUmemberstatescaseswerebroughtchallengingthedomesticlegislationtransposingthe Directive. 268 32. BackintheUKandbeforethetransposinglegislationhadevencomeintoforce,theHome OfficeInterceptionModernisationProgramme IMP wasalreadyintrain.TheGovernmentdeclared anintentiontobringforwardlegislation,aCommunicationsDataBillin20082009. 269Initial proposalswerepremisedontheconstructionofacentraliseddatabase,buttheseplanswerehastily droppedinfavourofaseriesofindustrycontrolledminidatabases.Oppositiontotheexplosionin statesurveillancefacilitatedbythelastGovernmentwaspronounced,withLiberalDemocratLeader NickCleggobservingofthelastLabourGovernment,inFebruary2008,thatitisthisGovernment thathasturnedtheBritishpublicintothemostspieduponontheplanet. 270 33. InApril2009theUKfullytransposedtheDirectivebywayoftheDataRetention EC Directive Regulations2009 theregulations ,whichprovideforrequirementstobeplacedon serviceproviderstoretaincommunicationsdatakeptordinarilyforcommercialpurposesfora minimumof12months.WestilldonotknowwhichUKbasedcommunicationscompaniesare requiredtoretainourdata;requestsfordisclosurearemetwiththefamiliarrefrainthatinformation cannotberevealedforreasonsofnationalsecurity. 271TwomonthslaterinJune2009,theHome OfficelauncheditsconsultationProtectingthePublicinaChangingCommunications Environment. 272Havingrejectedplansforacentraliseddatabase,theresultingproposalsstrongly resemblethosewhichnowformtheDraftCommunicationsDataBill.ThenHomeOfficeMinisterLord WeststatedthattheobjectiveoftheIMPistomaintaintheUKslawfulinterceptand communicationsdatacapabilitiesinachangingcommunicationsenvironment. 273Initsresponseto theconsultation,theUKslargestcommunicationsserviceprovider,BT,pointedoutthat:

267Directive2006/24/ECoftheEuropeanParliament. 268Exploredfurtheratparagraphs6468below.

'InternetSurveillance,pg2.Availableat: www.parliament.uk/briefingpapers/SN06304.pdf. 270Hansard,6Feb2008:Column951. 271TheDataRetention ECDirective RegulationsrequiretheSecretaryofStatetogivenoticeto thosetelecommunicationprovidersheorshewishestoretaindata.In2009aFreedomof InformationRequestwassubmittedtotheHomeOfficerequestinginformationregardingthe identityofthoseserviceproviderswhichhadreceivednoticesunderregulation10ofthe Regulations.ThisrequestwasrefusedbytheHomeOfficeandtherelatedcorrespondenceis availableat:http://www.whatdotheyknow.com/request/notices_under_regulation_10_of_s 272http://www.officialdocuments.gov.uk/document/cm75/7586/7586.pdf.ReadLibertys Responsehere:http://www.libertyhumanrights.org.uk/pdfs/policy09/libertys communicationsdataconsultationresponse.pdf. 273Hansard,8July2008:ColumnWA76.
269SeeHouseofCommonsBriefingnote,

Draft Communications Data Bill

233

t heproposalswouldoutsourcedatacollection,processingandretentionto CSPs ratherthanbuildingacentralGovernmentdatabaseandcouldresultin significantbrand, reputationandcustomerrelationshipissuesforCSPs retainingdataonthescale proposedwouldraisesignificantissuesof proportionality,especiallyinviewofthe factthatonlyafractionofthedata mightbeused.Moreover,findingthepiecesof informationthatmightproveto beusefultotherelevantauthoritiesamongstthemountainofdata thatwill beavailabletothemwillbenoeasytasktheproverbialneedleina haystack. 274 InJune2009,thesamemonththattheconsultationwaslaunchedtheLeaderoftheConservative Party,DavidCameron,arguedthat t odayweareindangeroflivinginacontrolstate.Everymonth

over1,000surveillanceoperationsarecarriedout.Thetentaclesofthestatecanevenriflethrough yourbinsforjuicyinformation. 275

34. Libertywasamongstthemanygroupsandindividuals,includingserviceprovidersandother industrybodieswhoexpressedconcernsattheseproposalsandinlightofwidespreadopposition, LabourshelvedtheprojectinNovember2009. NotwithstandingtheCoalitionscommitment,inJuly2010thefirstsignsofauturnemergedasthe HomeOffice,inaDraftStructuralReformPlan,statedthatitwouldpublishproposalsforthestorage ofinternetandemailrecords,includingintroducinglegislationifnecessary. 276ByOctober2010,the GovernmentsplanshadapparentlysolidifiedintoanattempttorevivethediscreditedIMP,withthe StrategicDefenceandSecurityReviewoutliningamongstawiderangeofotherproposalsplansto

Keychangesproposedtothecurrentregime 35. TheDraftBillwouldchangecurrentarrangementsfortheretentionofcommunicationsdata inthreesignificantways: i First,undertheDraftBill,unprecedentedrequirementsmaybeplacedonUKbasedoperatorsto collectandprocesscommunicationsdatageneratedbywebbasedservicessuchasGmailand Facebook,providedbyoverseasoperators,whichcrosstheirdomesticnetworks. 278Itiswidely suggestedthattheonlywaytoobtainsuchinformation,intheabsenceofvoluntaryagreementswith thirdpartyproviders,isthroughDeepPacketInspection DPI technology.Accordingtooneleading expert,whilstDPIcanoperateassoftware,whentrafficlevelsarehighspecialisedhardwaremustbe installedwhichcapturesadatastreamasitcrossesanoperatorsnetwork. 279

introduceaprogrammetopreservetheabilityofthesecurity,intelligenceandlawenforcement agenciestoobtaincommunicationdataandtointerceptcommunicationswithintheappropriatelegal framework. 277

274SeeBTResponseto2009HomeOfficeConsultation:ProtectingthePublicinaChanging

CommunicationsEnvironmentavailableat http://www.btplc.com/thegroup/regulatoryandpublicaffairs/ukpublicaffairs/responsestopolicy consultations/commsdatabtresponse200709.pdf,paragraph5. 275SpeechbyRtHonDavidCameron,GivingPowerBacktothePeople,25thJune2009,availableat: http://www.conservatives.com/News/Speeches/2009/06/David_Cameron_Giving_power_back_t o_the_people.aspx 276HomeOfficeDraftStructuralReformPlan July,2010 availableat: http://www.homeoffice.gov.uk/publications/aboutus/corporatepublications/structural reformplan/pdfversion?view Binary. 277SecuringBritaininanAgeofUncertainty:TheStrategicDefenceandSecurityReview,October 2010,availableat: http://www.direct.gov.uk/prod_consum_dg/groups/dg_digitalassets/@dg/@en/documents/digi talasset/dg_191634.pdf?CID PDF&PLA furl&CRE sdsr,page44. 278Clause1 3 c ii . 279SubmissionofProfessorPeterSommertotheJointCommitteeontheDraftCommunicationsBill, para41.

234

Draft Communications Data Bill

ii Second,thedefinitionofthosebodiesrequiredtoretaindataissignificantlywidercoveringall telecommunicationsoperators operators asopposedtothepubliccommunicationsproviders referredtointheretentionregulations.Anoperatorisapersonwhocontrolsorprovidesa telecommunicationssystem,orprovidesatelecommunicationsservice. 280Thisincludesall telecommunicationscompaniesBT,Orange,TalkTalk,Vodafoneandothers,butwouldalsoextendto manufacturersofcommunicationsequipmentwhocouldbecalledupontoadapttheirproductswith theaimoffacilitatingaccesstocommunicationsdata,andtoprivatenetworksforexampleblackberry messengerorinternalintranetoperatorsinprivatecompaniesorotherorganisations.Requirements couldalsobeplacedonanyonewhoownsamobilephoneorothertelecommunicationsequipment includingaprivateindividual. iii Third,theBillmakesprovisionforcentralfilteringarrangementstobeoperatedbytheHome Office.Thecentralfilterwillbringtogetheratomisedpiecesofdatatocreatearevealingwholewhich canbedisclosedtopublicbodiesinresponsetospecificrequests.Whilstnotacomprehensivecentral databaseinitself,thisisacoordinatedGovernmentoperatedfacilitythroughwhichmanyrequests fordatawillbeprocessed.Theprivatelyoperateddatabaseswillbejoineduptocreateanintegrated system.Thisregimeraisesmanyofthesameconcernsasalargeandcentralisedstoreandnodetails aregivenaboutsecurityarrangements,ortheclearlyenvisagedhumaninvolvementinwhatthe Governmentdescribesasanautomatedsystem.Furtherthefilteringarrangementsprovidedforin theBillthrowintosharpfocusthedepthandbreadthoftheinformationwhichcanbegleaned throughacomprehensivesystemofdataretentioncombinedwithsubstantialandsophisticated processingarrangements.TheGovernmenthaslabouredthedistinctionbetweencontentand communicationsdata;itscaseisthattheprivacyimplicationsofthelateraresmallbycomparison. Yetthecentralfilterwillprovideforvastswathsofdata,retainedbydisparatecompanies,tobe scannedforrelevantinformation,connectedupandshapedintoacoherentandacutelyrevealing wholedatacanbematcheduptorevealahugeamountaboutanindividualslifeinordertowork outwhetherarequestmadebyadesignatedseniorofficerisnecessaryandproportionate.TheBill anticipatesthekindofadvancedprocessing,shapingandlinkingofdataprovidedforinthefiltering arrangementstotakeplaceasaprecursortoestablishingthenecessityofaccess.Thiscarrieshuge potentialforindepthprocessingofthedataofinnocentindividualsindividualswhowilllikely neverknowthattheirdatahasbeenhandledinthiswayandareconsequentlydeprivedofany opportunitytomountachallenge. 36. TheDraftBillcontainssubstantiallythesameprovisionsforaccessasprovidedforunder RIPAasamendedbysection37oftheProtectionofFreedomsAct2012.Asidefromthefour enforcementagenciesprovidedforonthefaceoftheDraftBillwhichmirrorprovisioninRIPA,details aboutthepublicauthorities,includinglocalauthoritieswhichwillbepermittedtoaccessdatawillbe providedinsecondarylegislationexpectedtoreflecttheprovisionsoftheRegulationofInvestigatory Powers CommunicationsData Order2010.Asatpresent,localauthoritieswillnothaveaccessto trafficdataandaccesstotrafficdatabyotherpublicauthorities outsideofthoselistedintheBill willbegovernedbySecretaryofStateorder.ScrutinyarrangementsprovidedforundertheBill substantiallymirrorthoseprovidedforinRIPA. 281 Thecivillibertiesimplicationsofblanketdatacollection 37. ThecivillibertiesconcernsaroundthisDraftBillrelatetoallthreeofitscomponentparts: datacollection,accessandscrutinyadditionalconcernsaroundtheprocessingofdatainacentral filterwhichspancollectionandaccessalsocarrysignificantprivacyimplications. 38. Muchattentionhasbeengiventotheproposedaccessarrangementsprovidedforinthe DraftBillwhichlargelymirrorthosealreadyinexistence.Libertyagreesthatpressingconcernsexist inthisareaandtheseconcernsintensifyasthepoolofdataretainedincreases.Howeverwebelieve

280Clause28. 281See,Chapter2ofPart1ofRIPA,inparticularsection57.

Draft Communications Data Bill

235

thatthemorefundamentaldangerofthisDraftBillistheprovisionitmakesforashiftfromlimited dataretentiontoblanketdatacollection. 39. TheGovernmentsattemptedjustificationforrequiringtheblanketcollectionandretention ofcommunicationsdataisbasedonfourhighlyquestionableassumptionswhichwewillexaminein turn,firstthatcommunicationsdataisnotparticularlyrevealing,secondthatcommunicationsdata canalwaysbepracticallyandconceptuallydistinguishedfromcontent,thirdthatblanketretentionof communicationsdatawillleadseamlesslytogainsinlawenforcementandfinallythatrequiring blanketcollectionofthisinformationwilldonomorethanmaintaincapability.

Revealingnatureofcommunicationsdata

40. TheGovernmentarguesthatcommunicationsdataislessrevealingthandatageneratedby, forexample,interceptionorbugging,andthatthisjustifiesaconsiderabledivergenceinapproachto thattakenwithothertargetedsurveillancepowers.Thisassumptionishighlyquestionable. Communicationsdatacanbuildupanincrediblyintimatepictureofourlives.Withtheproliferation ofmobileformsofcommunication,inadditiontotracingthetiming,duration,recipientandsourceof acommunication,specificdetailsaboutanindividualslocationcanalsobecollected.Whencombined withsubstantialsubscriberinformation,therevealingnatureofcommunicationsdataishardto dispute.Compileandcoordinatethisinformationforeverycall,text,email,tweet,blogandFacebook postingandyouhaveamapofourdailyroutines,ourrelationships,ourhabitsandpreferences,the streetswewalk,whereweworkandsocialise,theextentandnatureofourcommunicationswith others.Furthermore,considertherangeofsituationsinwhichjustthefactofasinglecommunication andtheidentityofthepartiesspeaksvolumes:thephonecallfromaseniorcivilservanttoaTimes reporterimmediatelybeforeamajorwhistleblowerscandalfillsthefrontpages,theemailtoacivil libertieswatchdogfromapoliceofficerduringthecourseofaninquestintoadeathinpolicecustody. Therecordofawebsitevisited,whichfallsfirmlywithinthedefinitionofcommunicationsdata,can alsobeincrediblyrevealing.Consider,forexample,thecaseofateenagerviewinganabortion website,acelebrityaccessingthewebsiteofanHIVserviceprovider.Wemustnotunderestimatethe intrusionthattheretentionofcommunicationsdata,withoutmore,represents. 41. InAprilthisyear,inresponsetothedisclosureoffurtherdetailsoftheGovernmentsplansto extendthecollectionofcommunications,SirTimBernersLee,inventoroftheworldwideweb,came outinoppositiontotheproposals.InaninterviewwiththeGuardianhestressedthattheplanned extensionofthestate'ssurveillancepowerswouldmakeahugeamountofhighlyintimate informationvulnerabletotheftorreleasebycorruptofficials,addingthat:

42. TheInternetServiceProvidersAssociationhasalsojoinedthebuildingoppositiontothese proposalspointingtoitsconcernsaboutthenewpowerstorequirenetworkoperatorstocapture andretainthirdpartycommunicationsdatainclud ing thescope,proportionality,privacyanddata protectionimplicationsandthetechnicalfeasibility. 283AccordingtoareportintheIndependent, afterbeinginformallybriefedbyGovernmentearlierthisyear,theAssociationexpressedconcern thatnetworkoperatorsaregoingtobeaskedtoputprobesinthenetworkandtheyareupsetabout

"Theamountofcontrolyouhaveoversomebodyifyoucanmonitorinternet activity isamazing.Yougettoknoweverydetail,yougettoknow,inaway,moreintimatedetailsabouttheir lifethananypersonthattheytalktobecause oftenpeoplewillconfideintheinternetasthey findtheirwaythroughmedical websitesorasanadolescentfindstheirwaythroughawebsite about homosexuality,wonderingwhattheyareandwhethertheyshouldtalkto peopleabout it." 282

TimBernersLeeurgesGovernmenttostopthesnoopingbill,Tuesday17April 2012.Availableat:http://www.guardian.co.uk/technology/2012/apr/17/timbernerslee monitoringinternet. 283DraftCommunicationsDataBillISPAsinitialstatement,June142012.Availableat: http://www.ispa.org.uk/draftcommunicationsdatabillispasinitialstatement/.


282TheGuardian,

236

Draft Communications Data Bill

theidea...it'sexpensive,it'sintrusivetoyourcustomers,it'sdifficulttoseeit'sgoingtoworkandit's goingtobeanightmaretorunlegally. 284 Blurringofrecordandcontentofcommunications


43. Atonetimeafirmdistinctionbetweencommunicationsdataandcontentwouldhavebeen morecredible,forexamplewhenmuchcommunicationwasbyletter:everythinginsidetheenvelope iscontent,everythingontheoutsidecommunicationsdata.Tosaythatthingsarenolongersosimple isasignificantunderstatement.Theproliferationofinnovativenewformsofonlinecommunication andtheresultantfragmentationanddiversificationhascreatedacomplexandmultifaceted communicationslandscape.InsupportofitsargumentthattechnologyismakingtheRIPAdefinitions ofcommunicationsandinterceptionmoreandmoredifficulttosustain,theLSE,inastudyexamining remarkablysimilarproposalsputforwardbythelastGovernment,observed:

44. Communicationsservicesarenowprovidedbyahostofcompaniesbasedallovertheworld. Webbasedservicessuchaswebmailandsocialnetworkingsitesdominatethecommunications landscape.Thedomesticcompanieswhoprovideourinternetaccess,forexampleBT,TalkTalkor Virgin,arenolongerthecompanieswhichprovidethemostwidelyusedemailservicessuchGmail andHotmailorsocialnetworksiteslikeFacebookorTwitter.Detailsofthesecommunicationsarenot routinelyretainedbythosethatbillusbecausewearechargedperiodicallyforaccess,ratherthanfor eachuseofaservice.DespiteHomeOfficeclaimsthatthisDraftBillisaboutworkingcollaboratively withoperators,includingthosebasedoverseas,wehavenoclearpictureoftheextenttowhich,for example,webmailproviderslikeGooglecollectorretaincommunicationsdatageneratedbyservice users,nevermindtheirwillingnesstohandthisinformationover.TheHomeOfficeacknowledgethat wherevoluntaryagreementsarenotforthcoming,otherarrangementswillbeputinplacetoensure datacollectionandretention.Ourunderstandingisthatastraditionalcommunicationsservice providerslikeBTbecomeincreasinglyamerevehicleforaccessingotherwebbasedservicesthe centralityofDeepPacketInspection DPI technologytothesystemasawholebecomesinescapable. 45. DPIisthegenericnamefortheequipmentthatwouldberequiredforthecollectionand analysisofthirdpartydata.TheLSEsstudyintothelastGovernmentsInterceptionModernisation ProgrammemaintainsthateveryuseofDPIisinfactaninterception,evenifitspurposeistogain accesstocommunicationsdata. 286DPIblackboxescapturetheentiredatastream,computer programmesorscriptsarethenwritteninordertoextractthedescriptionofdatarequired. 287By requiringUKbasedoperatorstoinstallDPIblackboxesontheirlinestocaptureeverydatastream whichcrossestheirnetworks,thisDraftBillprovidesforthecreationofthephysicalinfrastructure fortheinterceptionandretentionofallofourcommunications.Ifweacceptthateffective programmesorscriptscanbewrittenwhichdiscardthecontentandcollectthecommunications

Wedonotpretendtobetechnicalexperts.Wedohoweverunderstandthatthereareincreasing practicaldifficultieswithinnewtechnologiesindistinguishingcommunicationsdatafromcontent andperhapsmoredisturbinglyinrecordingcommunicationsdatawithoutcapturingcontent.

Historicallytherehavebeentwoentirelyseparateregimesforauthorisingaccessto communicationsdata andforinterceptingcontent.Westronglydoubtthatthisframework canbemaintainedinthenewICTenvironmentofwebbasedemail,socialnetworking,online gamingandcloudcomputing. 285

284ReportmadeonthebasisofareportintheSundayTimes.SeetheIndependent,

http://www.independent.co.uk/news/uk/homenews/policeandmi5getpowertowatchyou ontheweb7606788.html. 285LSEBriefingontheInterceptionModernisationProgramme,page3. 286Ibid,pg22. 287Ibid,pg37.

powertowatchyouontheweb,Monday2April2012.Availableat:

PoliceandMI5get

Draft Communications Data Bill

237

Lawenforcementgains?

data,wecannotavoidthefactthat,withareformulationoftheseprogrammes,thenatureofthedata retainedcouldbedramaticallyaltered.Whatismore,theLSEalsodescribeshowblackboxeswhich containDPIsoftwarecanbeprogrammedandreprogrammedremotely. 288Ultimatelythereis nothingtostopanotheradministrationfrombringingforwardlegislationwhichmakesfulleruseof thenewcapabilitywhichwillbecreatedbytheproliferationofDPIblackboxes. 46. Libertybelievesthatanumberofobviousunansweredquestionsarisearoundtheuseofthis technology,forexamplewhowillexerciseeffectivecontroloverDPIboxes?Whowillwritethe programsorscriptswhichdictatethoseaspectsofthedatathataretoberetainedandthoseparts whichwillbediscarded?Whatarethetechnologicalandcostimplicationsofensuringthatsoftware installedandprogramswrittenkeeppacewiththetechnologicaladvancementincludingnewforms ofinternetbasedcommunication?Willorganisedcriminalsbeabletoevadedetectionbyusing encryptionoranonymisationtechniques,hijackingthepoorlysecuredinternetconnectionsofothers orchangingtheIPaddressofacomputermomentbymoment?Furthersometechnologyexperts havewarnedthatmoderncommunicationsaresocomplicatedthatitmaybeimpossibletoseparate outthebasiccontactdatafromthecontentintermsofthedataretained. 289

47. Ourabilitytocommentonpotentiallawenforcementgainsofblanketcollectionisrestricted bytheunansweredquestionswhichremainaroundtheroleofcommunicationsdatainlaw enforcementandotherareas.Westilldonothaveafullpicture,acrossallthosepublicbodiesableto accesscommunicationsdata,ofthetypesofinvestigationforwhichdataisaccessed,theextentof accessandthenumberofindividualsaffected.Wearetoldthat,overthepastdecade, communicationsdataplayedarolein95%ofallseriouscriminalinvestigations,butwehavenoidea abouttheextentofthisrole.Wascommunicationsdatacentraltotheoperationoraperipheral detail?Howmanyoftheseinvestigationsledtosuccessfulprosecutions?Couldtheprosecutionhave beensecuredwithoutaccesstothisdata?Furtherinhowmanylowlevel,nonseriousandevennon criminalinvestigationsiscommunicationsdataused?Arecentfreedomofinformationrequest involvingHumbersidepolicerevealedthataresidualcategoryforcommunicationsdataaccess requestsisothernoncrime. 290 48. TheGovernmentsargumentassumesthatfurthercollectionofcommunicationsdatawill leadseamlesslytobetterlawenforcement,howeverthecollectionandstorageofyetmorepersonal informationalsobringsrisks.Inrecentyearsthegovernmenthaslost25millionchildbenefitrecords aswellasthepersonalinformationofthoseservinginthearmedforces,witnessesincriminalcases andprisoners.Furthercommunicationsdatacollectionandretentionnecessarilymeansthatthedata willpassthroughmorehandsandpotentiallybemoresusceptibletobureaucraticerrorandeven fraud.Communicationsdatacanbejustasinterestingandrevealingasinterceptedcontentandinthe aftermathofthephonehackingscandalweshouldbeparticularlywaryofcreatenewtargetsfor abuseandmisuse. 49. Inothercountriesreportsofunlawfulinterceptionshouldservetocautionusagainstthe creationoftheinfrastructurefortheinterceptionofallourcommunications.InGreeceinrecentyears theunlawfuluseofinterceptioncapabilitywaswidelyreported.Thescandalreportedlyinvolved wiretappingofErikssonsoftwareusedbyVodafonewhichhadthecapabilitytointercept communicationsdataalbeitthatwasnottheprimarypurposeforwhichitwasused.Weunderstand thatthehackersoperatedinsuchawaythatitwasntcleartheinterceptcapabilitiesinthesoftware

288Ibid,pg26. 289SeeDailyTelegrapharticle:

2012,availableat:http://www.telegraph.co.uk/news/uknews/lawand order/9330945/SnoopinglawswillstoppaedophileringssaysTheresaMay.html. 290SeeevidencetotheDraftCommunicationsDataBillCommitteeonWednesday11thJuly:

'Snooping'lawswillstoppaedophilerings,saysTheresaMay,14June

Humbersidepoliceconfirmedthattheyhaveusedthisnearly200timesinthreeyearsfortraffic offences,andterrorismisnotlistedasoneofthecrimes,theyevenbeautifullylistthecategory othernoncrime.NickPickles,BigBrotherWatch.

238

Draft Communications Data Bill

werebeingusedandtheiractivitiesreportedlywentundetectedfromAugust2004untilJanuary 2005;theywerefinallyshutdowninMarch2005. 291 50. SimilarlyinItalyamultifacetedwiretappingscandalreportedlyinvolvingTelecomItalia rangedfrom1996untilitwasfinallyuncoveredin2006.Afreshandapparentlyunrelated wiretappingscandalinwhichTelecomItaliawasalsoimplicatedemergedin2007.Bothscandals werereportedlyhuge,complexandhavestillnotbeenfullyuncovered;ithasbeenvariouslyalleged thattheyinvolvedintelligenceservicesandwereboundupinstatesurveillanceandsecurity, terrorismandrendition,aswellascorporateinfighting.Theoriginal,longrunningscandalinvolved theexploitationofaflawinTelecomItaliassecuritysystems,whichallowedapersontosetup wiretapswithoutleavinganytrace.Thephonesofpoliticiansandotherhighprofilepoliticianswere reportedlytappedusingexistinginfrastructure. 292 51. AccordingtotheLSEmultiplevulnerabilitiesintheinfrastructurefortheretentionof communicationsdatahavereportedlybeenuncoveredintheUSthatwouldallowadversariestotake themoverandperformunlawfulinterception. 293Securingtheconfigurationofdevicestoprotect againstunwarrantedinterceptwillbeamatteroftheutmostimportance,buttodatewehavelittle informationaboutthearrangementstobeputinplacetoprotectagainstsecuritybreaches.Thescope oftheseproposalsthrowsthepotentialimplicationsofabreachintosharpfocus. 52. TheInterceptionofCommunicationsCommissionerslatestreportprovidesfurthercausefor concern.During2011publicauthoritiesasawholesubmitted494,078requestsforcommunications data,52%oftheserequestswereforsubscriberdata,25%fortrafficdataand6%forserviceusedata 17%ofrequestswereforacombinationofdifferentsortsofdata. 294During2011,895 communicationsdataerrorswerereported,withapproximately80%ofthoseattributabletopublic authoritiesand20%toCommunicationsServicesProviders. 295Thisincluded99identifiedbythe CommissionersOfficefromthesmallsampleofcasesreviewed.296Inareportagooddealfullerand moredetailedthaninpreviousyears,theCommissioneralsoreferencedtwocasesinwhich individualswerearrested,wronglydetainedandaccusedofcrimesonthebasisofdataerrors, 297 furthercommunicationsdatahadbeenillegitimatelyusedbyalocalauthoritytodeterminewhethera

291ThescandalwasreportintheWallStreetJournalon21June2006:

InearlyMarch2005,George Koronias,VodafoneGroupPLC'stopexecutivehere,contactedtheGreekprimeminister'soffice aboutanurgentsecuritymatter.Vodafone'snetworkinGreecehadbeeninfiltratedbyphone tappingsoftwaretargetinganelitegroupofcellphones:thoseassignedtomanyofthecountry's leaders,includingseniorpoliceanddefenseofficials,cabinetmembersandtheprimeminister himself.Formoresee:http://online.wsj.com/article_email/SB115085571895085969


lMyQjAxMDE2NTIwMTgyNTE1Wj.html.

292Forreportsofthescandalsee:http://news.bbc.co.uk/1/hi/business/5367754.stm;

http://www.reuters.com/article/2010/01/05/usitalyspyidUSTRE60435E20100105; http://www.infoworld.com/t/business/telecomitaliaembroiledinnewespionagescandal999; http://www.theregister.co.uk/2008/04/14/telecom_italia_spying_probe_update/. 293SeeIbid,pg26:StudiesofinterceptionequipmentconformingtotheUS

communicationssurveillancestandards underCALEA wereinthepastfoundtocontain multiplevulnerabilitiesthatwouldallowadversariestotakethemoverandperform unlawfulinterception.


294InterceptionofCommunicationsCommissionersAnnualReporttothePrimeMinister2011,

Chapter7,pg2829.

295Ibid,pg30. 296InterceptionofCommunicationsCommissionerReport2011,pg30and32:

http://www.intelligencecommissioners.com/docs/0496.pdf.

297Ibid,pg31.

Draft Communications Data Bill

239

familylivedintherightschoolcatchmentarea. 2980.4%ofannualrequestsforcommunicationsdata aremadebylocalauthorities. 299 53. DespitereiteratedwarningsaboutthediminishingcapabilitiesoftheStateasregards communicationsdatalittlementionismadeofcurrentloopholesincapabilityortheextenttowhich theywouldbeleftunchangedbytheproposals.Ourunderstandingisthattherehasandwillalways bemethodsofcommunicationthatdonotcomewithintheStatesreachandthesearejustaslikelyto bemethodsofrelativelylittlesophisticationaswellasthoseofgreatersophistication.Oneexampleis theuseofunregisteredpayasyougomobilephones.Inreviewingthefuturecommunications landscapeitisreasonabletosuggestthattrulysophisticatedcriminalnetworkswillcontinuetomake useofreadilyavailableanonymisedmethodsofcommunication.

Extendingratherthanmaintainingcapability

54. InevidencebeforetheCommittee,inadditiontointheexplanatorynotesandimpact assessmentsaccompanyingtheDraftBill,theHomeOfficereiteratesitsclaimthatprojected technologicalchangeswilldecreasetheStatescapabilityasregardstheuseofcommunicationsdata. Whileitisdifficulttoarguewiththesubstanceofthetechnologicalchangesprojected,thedescription givenisnotableforwhatismissing.Technologicalinnovationhas,andwillcontinueto,reaphuge gainsforlawenforcementintheUKbuttheGovernmentmakesnoattempttopresentthecurrent proposalsinhistoricalcontext.Bythiswedonotsuggestthataprotracteddiscussionoftelephonyor othertechnologicalinnovationsisrequiredrathersomereferencetohowtheabilitytoaccess recordsofcommunicationsbetweenindividualsis,initself,arecentboonforlawenforcementwould giveamuchfullerpictureofwherewecurrentlystand.Nottoolongago,beforethewideavailability ofmobilephonesandemail,mostcommunicationsbetweenindividuals,ifnotcarriedoutthrough traditionaltelephonyorletterwriting,wouldhavebeenconductedfacetoface.Thiswouldhave presenteddifferentpotentiallymorechallengingobstaclestolawenforcement.Justbecausein recenttimestheStatehasbenefittedfromaccesstocommunicationsdatathatwasalreadyrecorded andretainedbycommunicationsprovidersdoesnotmeanthattotalaccesstoallcommunications datashouldberequired,foralltime,regardlessofcostandimplications.Further,itdoesnotfollow thatjustbecausecommunicationsdatacanberecordedandhistoricrecordsmadeavailablethatthey should.Forgoodreasonothersupposedlymoreintrusivesurveillancetechniquesavailableunder RIPAsuchasbugging whetherinprivateorinpublic ,theuseofhumancovertsurveillanceorthe interceptionofcommunicationsneedpriorauthorisationonthebasisofindividualsuspicion.Once authorisedtheycanonlybecarriedoutinthefuture.TheGovernmentisnotpresentlyarguingthat weshouldallberoutinelyorrandomlysubjecttobugging,coverttrackingorinterceptionjustin casebut,ifthepresentproposalisallowedtopass,proposalsforothertypesofblanketorrandom surveillanceirrespectiveofsuspicionjustincasearealogicalnextstep.

Impactonfreedomofexpressionandassembly

55. Inadditiontotheveryobviousprivacyimplications,itisimportanttorememberthat proposalsofthisnatureengageotherfundamentalhumanrights,mostnotablytherighttofreedom ofexpressionasprotectedbyArticle10oftheECHRandfreedomofassemblyasprotectedbyArticle 11.Weneedonlylookattheroleofsocialmediainorganisingtheproteststhathaveprecipitatedthe spreadofdemocracyacrosstheMiddleEast,torealisethatfreedomscentraltothepromotionand preservationofdemocracy,freedomofexpressionandfreedomofassemblyinparticular,are engagedbymeasuresprovidingfortheblanketcollectionofinformationaboutthewebhabitsofthe populationatlarge.FreedomHouses2011FreedomontheNetReport,observesthat: InEgyptandTunisia,forexample,democracyadvocateshavereliedheavilyonFacebookto

mobilizesupportersandorganizemassrallies.Similarly, BahrainiactivistshaveusedTwitterand YouTubetoinformtheoutsideworld aboutthegovernmentsviolentresponsetotheirprotests.

298Ibid,pg43. 299Ibid,pg39.

240

Draft Communications Data Bill

EveninCuba,one ofthemostclosedsocietiesintheworld,severalbloggershavebeenableto reportondailylifeandhumanrightsviolations. 300


56. InSaudiArabia,acountrywherefreedomofexpressionisstrictlycircumscribed,online activistshavebeenabletoexposecorruptionandhypocrisyamongsttherulingroyalfamily. 301 SimilarlyinternetusersinThailandhaveplayedasignificantroleinchallengingtherulingelitessince theThaimilitarycoupof2006. 302InRussiaandVenezualawithrestrictionsonbroadcastmedia outletsgrowing,theinternethasbeenseizeduponbythoseseekingtodemonstratetheir dissatisfactionwiththeregimeandmobilizeopposition. 303Thepotentialcreatedbytheinternetfor empoweringordinarycitizensandgivingavoicetothevoicelessisarguablyoneofthemostinspiring developmentsofrecenthistory. 57. Inourdevelopeddemocracytoo,theinternethashadahugeroletoplayintheflourishingof democraticparticipation.Democracyrequiresfreeandfairelections,butitdoesnotstopthere.The internethasgivenordinarypeopleaforumtocontributetodebatesofnationalsignificance,organise peacefulprotestonalargescaleandputrealandimmediatepressureonourpolitical representatives.Grassrootsactivismaside,theinternethasalsogiventhewholepopulationthe abilitytocommunicateininnovativenewwayswithlovedonesnomatterwhereintheworldthey are,ithasallowedpeopletonurturefriendships,developcontacts,shareideasandreachoutto everyoneoranyoneabouttheissuesthatmattertothem.Neverbeforehastherighttospeakyour mindbeensorealasintheinternetage. 58. Repressiveregimesthroughouttheworldhavefeltjustifiablythreatenedbytheempowering impactoftheweb.Techniquesemployedtostifleonlinefreedomincludeblockinghugeareasof contentandfilteringaccesstoeveryareaofthewebwithinajurisdiction. 304Widespreadmonitoring isalsoatechniqueusedbysomeregimestolimitthecapacityoftheinternettoeffectsocialchange. FreedomHousereportsthat: TheIranianauthoritieshavetakenarangeofmeasurestomonitoronline communications,

59. Onewaymanyoppressiveregimeshaveoptedtocontroltheinternetisbyrequiring communicationsservicesproviderstofurtherarepressiveagenda.Aftersocialnetworkingsites facilitatedpivotalprotestsinEgypt,theauthoritiesdirectedinternetserviceproviderstoremove pathwaysforcomputeruserstoconnecttorequestedwebsites, 306whilstinIrantacticsinclude orderingtheremovalofpostsdeemedoffensivefromthesitesofbloggingserviceproviders. 307 Zimbabwes2007InterceptionofCommunicationsActallowstheauthoritiestomonitortelephone andinternettraffic,andrequiresserviceproviderstointerceptcommunicationsonthestatesbehalf. Itisverydifficulttoaccuratelyassessthescopeofinternetcontrolsemployedbysecretive authoritarianregimes,butwhatisclearisthatmonitoringwebactivitiesinvariouswaysisavehicle forcurtailingtheflowofideaswhichmayultimatelyleadtosocialchange.

andanumberofprotesterswhowereputontrialaftertheelectionwereindictedfortheiractivities onFacebookandBalatarin,aPersian sitethatallowsuserstosharelinksandnews. 305

FreedomontheNetReport2011,pg3.Availableat: http://www.freedomhouse.org/sites/default/files/FOTN2011.pdf. 301Ibid,pg289291. 302Ibid,pg9. 303Ibid,pg910. 304Ibid,withChina,CubaandIranamongsttheworstculpritsseepg23,24and26inparticular. 305Ibid,pg26. 306Ibid,pg7. 307Ibid,pg26.


300FreedomHouse,

Draft Communications Data Bill

241

60. IftheschemeenvisagedintheDraftBillisbroughtintoforce,wewilldistinguishourselves amongstEuropeancountriesastheleadersinonlinesurveillanceandearnaplaceonaspectrum includingsomeofthemostoppressiveregimesintheworld.Libertybelievesthattheknowledgethat detailsofwebhabitsarecollectedonmasswiththepossibilityoffutureaccesseverpresent,will createarealshiftinonlinebehaviour.Therearemanydifferentwaystocurtailfreedomofexpression online,masscollectionofinformationwhethercarriedoutbythestateorsimplyorchestratedby Governmentandoperatedbytheprivatesectorisoneofthose. 61. Aswellasanattackoftheplaceoffreeexpressioninourwidersocialfabric,thespectreof onlinesurveillancewillhaveveryrealandspecificimpacts,forexampleonjournalists, whistleblowersandtradeunionists.TheprotectionofferedbyArticle10coversjournalisticsources oneoftheethicalcornerstonesofreporting.Thecentralityofjournalisticsourcestoafreemediawas fullyendorsedinacaseinvolvingtheFinancialTimesin2001.Attemptstoforcethenewspaperto discloseitssourceswereultimatelydefeatedinrecognitionoftherealpotentialchillingeffecton pressfreedom. 308Inanotherstarkexampleoftheroleofdatacollectioninstiflingfreedomof expressionandfreedomofassembly,Libertyrecentlytookupthecauseofthousandsofworkers whosedetailswerestoredonasecretdatabasediscoveredthreeyearsago.Fulldetailsofthe informationcollectedarestillemerging,butamongstthedatastoredwasinformationindicatinga historyoftradeunionism. 309AnofficialfromtheOfficeoftheInformationCommissionerreportedly toldaTribunalthatsomeoftheinformationcouldonlyhavebeensuppliedbypoliceorthesecurity services. 310Asignificantnumberofmajorfirmsallegedlyusedtheinformationinmakingrecruitment decisions.Datacollectiononthescaleproposedcanonlyaddtotheriskthatscandalsofthistypewill berepeated. Unlawfulnessofblanketcommunicationsdatacollection/retention 62. Proposalstocollectandretainrecordsofallelectronicandpostalcommunications necessarilyengagetherighttorespectforprivateandfamilylifeprotectedbyArticle8ofthe EuropeanConventiononHumanRightsasprotectedbyourHumanRightsAct1998 theHRA .As withmostHRArights,therighttoprivatelifecanbelimitedwherethelimitationcanbeshowntobe necessaryandproportionatetosatisfythelegitimateaimofpreventinganddetectingcrimeaswellas othersocialinterests.Whilstcommunicationsdataisundoubtedlyusefulincrimedetectionitdoes notfollowthatcollectingandretainingallcommunicationsdatabetweenallindividualsis proportionate.Stilllessthatprocessingcommunicationsdatajustincasewouldsatisfy requirementsofnecessityandproportionalitywhicharecentraltotheprotectionofpersonalprivacy inthiscountry.Thelawenforcementimplicationsareatbestunclear,thesecurityrisksgreatandthe intrusivenessofcommunicationsdataincontrovertible. 63. AsaresultoftheDataRetentionDirective,thecurrentregimeacrossEuropeallowsforthe retentionofcertaincommunicationsdatabycommunicationsserviceprovidersforafixedperiod. ThedraftCommunicationsDataBillwouldextendthelawbeyondtheDirective.Assuch,casesonthe Directivearehighlyinstructive:IftheDirectiveisdisproportionateunderhumanrightslaws,thenthe CommunicationsDataBillmustbetoo. 64. ConstitutionalcourtsacrosstheContinenthavedeclaredthatthepresentEUregimefor retentionofrecordsviolatesbasicrightsandfreedoms.InOctober2008,theRomanianConstitution CourtbecamethefirsttodeclarelegislationtransposingtheEUDirectiveinbreachofitsConstitution. TheCourtfoundthatthemandatoryretentionofcommunicationsdataschemeengagedanumberof

308

309SeeLibertysblog, 310TheIndependent:

FinancialTimesLtdandOthersvUnitedKingdom Applicationno.821/03 . Blacklistingscandalcontinues,8August2012.Availableat:http://www.liberty


humanrights.org.uk/news/2012/blacklistingscandalcontinues.php.

Thousandsofworkers'blacklisted'overpoliticalviews,Tuesday7thAugust. Availableat:http://www.independent.co.uk/news/uk/homenews/thousandsofworkers blacklistedoverpoliticalviews8010208.html.

242

Draft Communications Data Bill

fundamentalrights,namelytherighttofreedomofmovement,therighttointimate,familyand privatelife,privacyofcorrespondenceandtherighttofreedomofexpression.Infindingits transposinglegislationdisproportionate,theCourtreliedon,amongstotherissues,thereversalofthe ordinarypresumptionofinnocenceandthelackofareasonedbasisfortheretentionperiodrequired, findingalsothatretentiononthescalerequiredwaslikelytoprejudice,toinhibitthefreeusageof therighttocommunicationorexpression. 311TwomonthslatertheBulgarianSupreme AdministrativeCourtfollowedsuit,findingitsownenablinglegislationincompatiblewiththe countrysconstitutionalprotectionofpersonalprivacy.312 65. InMarch2010,GermanysConstitutionalCourtdeclaredtheprovisionsofitslawtransposing theDirectiveunconstitutional.Infindingthecommunicationsdataretentionregimeincompatible withconstitutionalprotectionforpersonalprivacy,theCourtcommentedthattheprotectionof

communicationdoesnotincludeonlythecontentbutalsothesecrecyofthecircumstancesofthe communication,includingif,whenandhowmanytimesdidsomepersoncontactanother. 313The Courtwentontofindthattheevaluationofthisdatamakesitpossibletomakeconclusionsabout hiddendepthsofapersonsprivatelifeandgivesundercertaincircumstancesapictureofdetailed personalityandmovementprofiles;thereforeitcannotbeingeneralconcludedthattheuseofthis datapresentsalessextensiveintrusionthanthecontrolofthecontentofcommunications. 314

66. TheCypriotConstitutionalCourtinFebruary2011ruledordersissuedunderitstransposing lawunconstitutional 315andinMarchthesameyeartheCzechConstitutionalCourtannulled transposinglegislation,expressingdoubtastowhethersuchwidespreadretentionofdatawas necessaryoreveneffective. 316AcaseispendingbeforetheHungarianConstitutionalcourtwhich involvesachallengetotransposinglegislationsurroundingthedepthofdataprocessing. 317 67. 2012hasseenmorequestionsraisedaroundthelegitimacyoftheEUregime,withaleaked EuropeanCommissionpapersettingoutdoubtsastothelegalityandutilityoftheDirective.318Inthis document,theCommissionacknowledgesthelackofsupportfortheDirectivescrimetackling aspirationsandpointstothevagariesofthescheme.ThelegalityoftheDirectiveisnowsettobe challengeddirectlyunderArticle8oftheEuropeanConventiononHumanRightsaswellasparallel

311Decisionno1258oftheRomanianConstitutionalCourt,8October2009.Availableat:

http://www.legiinternet.ro/english/jurisprudentaitromania/deciziiit/romanian constitutionalcourtdecisionregardingdataretention.html.SeealsoEuropeanCommission, ReportfromtheCommissiontotheCouncilandtheEuropeanParliament,Brussels,18.4.2011, COM 2011 225final,para4.9. 312SeeEDRIreport,BulgarianCourtAnnulsAVagueArticleOftheDataRetentionLaw,17December 2008.Availableat:http://www.edri.org/edrigram/number6.24/bulgarianadministrativecase dataretention.SeealsoEuropeanCommission,ReportfromtheCommissiontotheCounciland theEuropeanParliament,Brussels,18.4.2011,COM 2011 225final,para4.9. 313Bundersverfassungsgericht,1BvR256/08.Englishpressreleaseat http://www.bundesverfassungsgericht.de/pressemitteilungen/bvg10011en.html judgment onlyinGerman ,fortranslatedextractsfromthejudgementseeEuropeanAreaofFreedom Security&Justice,OntheBVGrulingonDataRetention:Solangehereitgoesagain,available at:http://afsj.wordpress.com/2010/03/05/solangehereitgoesagain/.SeealsoEuropean Commission,ReportfromtheCommissiontotheCouncilandtheEuropeanParliament,Brussels, 18.4.2011,COM 2011 225final,para4.9. 314Ibid. 315EuropeanCommission,ReportfromtheCommissiontotheCouncilandtheEuropeanParliament, Brussels,18.4.2011,COM 2011 225final,para4.9. 316EuropeanCommission,ReportfromtheCommissiontotheCouncilandtheEuropeanParliament, Brussels,18.4.2011,COM 2011 225final,para4.9. 317EuropeanCommission,ReportfromtheCommissiontotheCouncilandtheEuropeanParliament, Brussels,18.4.2011,COM 2011 225final,para4.9. 318Theleakedreportisavailableat: http://quintessenz.org/doqs/000100011699/2011_12_15,Eu_Commission_data_retention_refor m.pdf.

Draft Communications Data Bill

243

provisionintheEUCharter,inthecaseofDigitalRightsIrelandreferredtotheEuropeanCourtof Justice ECJ bytheHighCourtinIreland. 319Inthispreliminaryreference,theHighCourtspecifically askwhethertheDirectiveiscompatiblewithArticle7oftheEUCharter/Article8ECHR rightsto privacy ;Article8Charter protectionofpersonaldata ;andArt11Charter/Article10ECHR freedomofexpression .TheDigitalRightsIrelandcasewillbehugelysignificantforthefutureofthe presentdataretentionframeworkaswellasfortheDraftBillunderconsideration.Itisstartling thereforethattheUKGovernmentisnotwillingtowaitforthedecisioninthisimportantcasebefore pressingaheadwithevenmoreintrusiverules.AssumingtheECJclearlyanswersallthequestions posedbytheHighCourt,theimplicationsofthecasewillbehighlyimportant.IftheCourttakesthe samelineadoptedbysomanynationalconstitutionalcourts,thentheDirectivemaybeannulledon groundsofproportionalityandbreachofhumanrights.Suchadecisioncouldpavethewayfora successfullegalchallengetothelawfulnessofthepresentregimeintheUKcourtsandwould seriouslyunderminegovernmentargumentsabouttheneedandlegitimacyofgoingfurtherunder thedraftCommunicationsDataBill. 68. Libertybelievesthatthepresentframeworkforcommunicationsdataretentionisinbreach ofArticle8andthattheproposalscontainedinthisDraftBillwhichnecessarilygomuchfurther wouldputtheUKfurtherinbreach.AnanalogycanbemadewiththeretentionofDNA.Itis uncontroversialtosaythatDNAprofilescanbeincrediblyusefulindetectingandpreventingcrime. ThatisnottosaythatauniversalDNAdatabasewouldbedesirable.Indeedthecreationofa universalDNAdatabasewouldbeadisproportionatemeansofachievingthelegitimateaimofcrime detectionandprevention.ThiswasconfirmedinthejudgmentinSandMarpervUKinDecember 2008andreflectedintherevisingprovisionsoftheProtectionofFreedomsAct2012. 320Therenow appearstobeageneralacceptanceofthefactthatthelastgovernmentspolicyofindefinite,blanket retentionoftheDNAofallthosearrestedwasunlawfulandunacceptablydetrimentaltopersonal privacy. ReviewofRIPA 69. WhiletheoriginalintentionofRIPAwastobringtheUKbetterinlinewithuniversally recognisedhumanrightsstandards,thelegislationwhichresultedanddevelopmentssincemeanthat itsreviewandrevisionislongoverdue.LibertyhaslongcalledforanoverhauloftheRIPAframework sothatsafeguardscanbeincorporatedthatbetterprotectthoseintheUKfromunnecessaryand heavyhandedsurveillance.

Accessarrangements

70. LibertysupportstheamendmenttoRIPAcontainedintheProtectionofFreedomAct2012 whichrequirespriorjudicialauthorisationinsomeareasofcommunicationsdataaccess.Thisreform isreplicatedintheDraftBill.Whilsttheinclusionofwarrantyrequirementsforlocalauthorityaccess iswelcome,itdoesnotaddressconcernsabouttheadditionalcapacityauthorisedbythisBillandthe swathesofadditional,revealingdatawhichwillberetained.Furthertheimpactoflimitedprovision forjudicialauthorisationshouldnotbeoverstated,giventhatlocalauthoritiesaccountforonly0.4% ofrequestsforaccesstocommunicationsdata. 321ThelatestReportoftheInterceptionof CommunicationsCommissionerrevealsthat,during2011only141of400localauthoritiesableto accesscommunicationnotifiedtheCommissionerthattheyhadmadeuseoftheirpowers. 32279%of theselocalauthoritiesmadelessthan20requests,58%lessthan10. 323Giventherelativelysmall numbersinvolved,andthelimitednatureofalocalauthoritylawenforcementcapacity,Liberty questionstheneedforanylocalauthorityaccesstocommunicationsdata.

319

320SeePart1ofthe 321Ibid,pg39. 322Ibid,pg38. 323Ibidpg39.

DigitalRightsIreland 2010 IEHC221. ProtectionofFreedomsAct2012.

244

Draft Communications Data Bill

71. Thepurposesforwhichdatacanbeaccessedbylocalauthoritiesorotherrelevantpublic authoritiesremainunnecessarilybroadandilldefined.Nodefinitionisgivenastowhatis,for example,intheinterestsofnationalsecurityortheeconomicwellbeingoftheUK.Wedoknow, however,thatthelastgovernmenttookanalarminglyexpansiveviewofwhatmaybejustifiedinthe nameoftheeconomicwellbeingoftheUKarguingononeoccasionthatrestrictingdrugusers accesstowelfarebenefitsisjustifiedtofurtherthataim. 324InevidencetotheCommittee,Charles Farr,theDirectoroftheOfficeforSecurityandCounterTerrorismattheHomeOffice,refusedtorule outaccesstocommunicationsdataforthepurposeofidentifyingthosecaughtspeakingonthe telephonewhilstdriving. 325Humanrightsstandardsrequirethatintheexerciseofsurveillancethere mustbeadequatesafeguardstoprotectthecitizenagainstexcessiveintrusionorotherabusesof rights.Theuseofbroadandvaguenotionssuchasnationalsecurityandeconomicwellbeinggive risetoarealriskthatthedisproportionateuseofsurveillancewillbeauthorised,goingbeyondwhat isnecessarytoprotectthepublicfromharm.Thiscouldinterfereunacceptablywithpoliticaland otherlawfulactivitythatoughttogounimpededinademocraticsociety.Webelievethatthese groundsshouldbebetterdefined,particularlyasthepreventionordetectionofcrime,orserious crime,isalreadyincludedwhichshouldcapturethemajority,ifnotall,ofthegroundsonwhich surveillanceneedstobeauthorised.TheabilityoftheSecretaryofStatetoexpandthelistbyorder alsocontrastswiththeprescriptivenatureofArticle8.Thisraisesseriousconcernsoverthe compatibilityofRIPApowerswiththerighttorespectforpersonalprivacy. 72. Libertyhasongoingconcernsabouttheprocessofselfauthorisationwhichcurrentlyapplies acrosstheboardandremainsinplaceforallthosepublicauthoritieslistedonthefaceoftheBilland, subjecttoprovisiontothecontraryinsecondarylegislation,allotherpublicauthorities savefor localauthorities towhomaccessisgranted.UndertheDraftBillotherpublicauthoritiesincludedin theaccessregimewillcontinuetooperateasystemofinternalauthorisation.Seniorpoliceofficers andHomeOfficeofficialsclaimthatthedesignatedseniorofficerauthorisingaccessto communicationsdatawillnotbesomebodyinvolvedintheparticularoperationorinvestigationfor whichtheinformationissought.Itshouldbenoted,however,thattheDraftBillmakesexplicit provisionforadesignatedofficertoauthorisehisownaccesstocommunicationsdataandplacesno restrictionsonhisabilitytoauthoriseaccessbyreferencetotheextentofhisinvolvementinthe investigationconcerned. 326TheCodeofPracticewhichcurrentlygovernsaccesstocommunications dataspecificallydealswiththisissueandwhilstmaintainingthatdesignatedpersonsshouldnotbe

responsibleforgrantingauthorisationsorgivingnoticesinrelationtoinvestigationsoroperationsin whichtheyaredirectlyinvolved,thisassertionissubstantiallyunderminedbythecaveatalthoughit isrecognisedthatthismaysometimesbeunavoidable,especiallyinthecaseofsmallorganisationsor whereitisnecessarytoacturgentlyorforsecurityreasons. 327

73. Libertymaintainsthatevenifadesignatedofficerisnotdirectlyinvolvedinaninvestigation itisentirelyunacceptableforpublicauthoritiestobeabletoselfauthoriseaccesstorevealing personaldata,particularlywhentheaccessregimeissobroadlyframed.Considerationsofnecessity andproportionalityshouldbeassessedbyamemberofthejudiciarywhowillbebothindependent andadeptatconductingtheArticle8balancingexercise.Wedonotseektoimpugntheintegrity senioremployeesofourlawenforcementagencies,butratherpointouttherealitythattheirprimary concernwillrelatetotheoperationalcapacityoftheiragency.Thisisamatteroforganisationculture andisperfectlyunderstandable,butitisalsoarealitywhichmitigatesinfavourofindependentthird partyauthorisation.

324SeetheExplanatoryNotestotheWelfareReformBillatparagraph418,availableat: 325SeeEvidencetotheCommitteeonTuesday10thJuly. 326Clause9

http://www.publications.parliament.uk/pa/cm200809/cmbills/008/en/2009008en.pdf. 2 .

327HomeOfficeCodeofPracticefortheAcquisitionandDisclosureofCommunicationsData,

paragraph3.11.

Draft Communications Data Bill

245

74. Inthecasesofthoseorganisationswhichdonotroutinelyaccesscommunicationsdata,our concernsaregreaterstill.Apublicofficialwithinapublicauthoritythatmaynotexercisesuch powersonaregularbasisishardlywellplacedtodeterminewhenconductwillorwillnot unnecessarilyordisproportionatelyinterferewithapersonsprivacy.Wearefurtherconcerned aboutthelackofcertaintyaroundaccessprovisionsforpublicauthorityaccesswhichareleftto secondarylegislation.

Scrutiny

75. UnderthedraftBillretrospectiveoversightofthenewsystemofdataretentionwillcontinue tobeprovidedbytheInterceptionofCommunicationsCommissioner,theCommissionerwill continuetobeappointedbythePrimeMinisterwithhisannualreportsmadetothePrime Minister. 328NotwithstandingtheeffortsofthepresentorfutureCommissioners,asystemoflimited retrospectiveauthorisationcomesnowhereclosetoprovidingeffectivescrutinyofasystemwhich carriessuchhugeconsequencesforpersonalprivacy,particularlywhenwehavesolittledetailabout theresourcesandinparticularthetechnicalexpertiseavailabletotheCommissioner. 76. ItisnotanoffenceunderRIPAtounlawfullyaccesscommunicationsdataandwhilstan offencemaybemadeoutundersection55oftheDataProtectionAct1998,theonlyavailable sanctionisafine. 329WhileLibertydoesnotusuallysupportthecreationofnewcriminaloffences giventheexcessiveamountsofcriminallawthatalreadyexists,unlawfulaccesstocommunications datashouldbeanoffenceunderRIPA,withappropriatepenalties.Whilstmostpeoplewillnever knowwhetherornottheirdatahasbeenimproperlyretainedoraccessed,forthosewhodofindout, themainconsequenceforapublicauthorityofaccessingdatawithouttheappropriateauthorisation, forexample,isthepossibilityofcivilactionbeingtakenagainstthemundertheHRA.However,the majorityofactionstakenundertheHRAinrespectoftheuseofRIPApowersmustbetakenbefore theInvestigatoryPowersTribunal IPT .TheprocedureoperatedbytheIPTisfarfromadequate.It isundernodutytoholdoralhearingsbeforewhichapersonmayberepresentedandevenifitdoes decidetoholdahearing purelyatitsdiscretion alloftheTribunalsproceedings,includingtheoral hearings,mustbeconductedinprivate. 330RIPAitselfprovidesthat,subjecttoanyrulesmadebythe IPT,theIPTcanonlynotifythecomplainantwhethertheyhavewonorlost. 331Rulesmadein2000 providethatiftheIPTfindsinthecomplainantsfavourtheIPTmustprovidehimorherwitha summaryoftheirdetermination,includingfindingsoffact.Note,however,thatthisismerelya summaryofthedeterminationandifacomplainantlosesnoreasonsatallwillbegiven.Most astoundingly,thereisnorightofappealfromtheIPT.Section67 8 ofRIPAprovidesthatrulingsby theIPTarenotsubjecttoappealandcannotbequestionedinanycourt,unlesstheSecretaryofState ordersotherwise.Section67 9 providesthatitisthedutyoftheSecretaryofStatetomakesuch ordersinrelationtomostcategoriesofproceedingsandcomplaints,yetnosuchordershaveyetbeen made.Thisisbecausedespitemostofsection67beingbroughtintoforceinOctober2000,subsection 67 9 hasneverbeenbroughtintoforce.Thiseffectivelymeansthatinmostcasesinwhichaperson seekstoarguethatapublicauthorityhasusedunlawfulsurveillanceagainstthem,theyarerequired tobringproceedingsbeforetheIPT,whichmustholdproceedingsinsecret,maynotholdanoral hearing,willnotgiveproperreasonsforitsfindingsandfromwhichthereisnorightofappeal.This isarguablyabreachofArticle6oftheHRAitselfwhichrequiresafairandpublichearing,andthe rightunderArticle13oftheECHRtoaneffectiveremedy.Theseprovisionsshouldbeoverhauledasa matterofurgencyinordertoprovideanappropriatemechanismfortheindependentdetermination ofanycomplaintsregardingthelawfulnessadisclosure.Howcanthepublichaveanyconfidenceina

328RIPA,ss57and58. 329Offenceofknowinglyorrecklessly,withouttheconsentofthedatacontroller

a obtainingor disclosingpersonaldataortheinformationcontainedinpersonaldata,or b procuringthe disclosuretoanotherpersonoftheinformationcontainedinpersonaldata.Section60provides thatsuccessfulprosecutionswillresultinafine. 330SeeRule9oftheInvestigatoryPowersTribunalsRules2000,SI2665/2000. 331RIPA,s68 4 .

246

Draft Communications Data Bill

processwhichisheldinsecret,giveslittleornoreasonsforitsdecisionsandwhosejudgmentcannot bebroughtintoquestioninanycourtoflaw? Conclusion 77. TheGovernmentclaimstheseproposalswilldonothingmorethanmaintaincapability:in realitytheCoalitionisproposingmuchmore.Forthefirsttimeprivatecompanieswillbeinstructed tocollectinformationonbillionsofcommunicationsmadebytheircustomersfornootherreason thantheauthoritiesfuturedemandsforaccess.Thisamountstomass,blanket,monitoringofthe populationpaidforandfacilitatedbyGovernmentbutoutsourcedtotheprivatesector.Thiswould representafundamentalshiftinthenatureofoursocietyturninganationofcitizensintoanationof suspects. August2012

Draft Communications Data Bill

247

LINX
ExecutiveSummary 1. Having had detailed involvement in the development of communications data policy since before RIPAwas passed, and with a membership that providescrucial operational support for law enforcement needs in this area, LINX has nodoubtofthe value of communications dataforlegitimatelawenforcementpurposes. 2. Equally,wearefullyawareoftheimpactoftheuseofcommunicationsdataontheprivacyof the citizen. As the development of the information society results in the creation of ever largerandricherdatasets,andasanalysistoolsbecomeincreasinglysophisticated,theuse ofcommunicationsdatacanbecomeincreasinglyintrusive. 3. Wedonotthinkitourplacetosuggestanappropriatebalancebetweenthecitizensinterest in privacy and the interests of public authorities. We do, however, consider ourselves well placedtogiveindependentexpertadviceonthenatureofthedatasought,andthenatureof thetechnicalcapabilitiesthatcouldbeauthorisedbythepowerscontainedinthedraftBill. We are also well placed to comment on the potential technical impact for telecommunications operators if they have to change their network design priorities to accommodatedatagatheringrequirementorequipment. The draft Bill contemplates the collection of a large amount of personal communications data. Both the volume and range of data to be collected are unprecedented in the UK, and probablyintheworld. Thecollectionandprocessingofthirdparty communicationsdatabynetworkoperatorsis asubstantialextensionoftheirdutiesthatis,inouropinion,materiallydistinctfromexisting dataretentionrequirements,amountingtoacompletenovelty. In our analysis the filtering arrangements provided for in clauses 1416 are best understoodas a profilingengine which createsdetailed profileson all usersof electronic communicationssystemsandmakesthoseprofilesavailableforsophisticateddatamining. In our opinion this profiling engine amounts to an enormously powerful tool for public authorities. Its mere existence significantly implicates privacy rights, and its extensive use would represent a dramatic shift in the balance between personal privacy and the capabilitiesoftheStatetoinvestigateandanalysethecitizen. In our opinion, whether and to what extent such a shift is justified is a matter for Parliament.Wedonotexpressanopinion. We do believe that Parliament should take responsibility for making the basic value judgementastotheappropriatebalancebetweenpersonalprivacyandthepublicinterests oftheState. In its testimony to this committee the government placed great reliance on the general Human Rights Act requirement that public officials only use communications data in a manner that is proportionate; the draft Bill is itself quite empty of restrictions. We do not believe this lone prescription can bear the weight the government is placing on it without providing those officials more detailed rules and guidance in how it is to be applied.

4.

5.

6.

7.

8.

9. 10.

248

Draft Communications Data Bill

Developmentofandconfidencein,suchrulesandguidanceisinhibitedbythegovernments reticenceaboutdiscussinghowcommunicationsdatamightbeused. 11. Whilewerecognisethatcertaindetailsmustinevitablyremainhiddentoprotecttheefficacy ofinvestigationmethods,thegovernmentsresponsetothisproblemhasbeentopresenta draft Bill which is so broadly written as to amount to a general authorisation of empowerment.InourviewParliamentisbeinginvitedtoabdicateitsresponsibilitytosetthe basicstandardsbywhichwelive.ItwouldconferontheExecutiveaneffectivelyunfettered and wholly inappropriate discretion to determine the appropriate level and circumstances forintrusionintopersonalprivacybymeansofanalysisofcommunicationsdata. In our view any new legislation concerning covert investigation of communications data shouldcontainonitsface a. SufficientdetailconcerningthenatureofthedatatobecollectedforParliamentto make a meaningful and informed valuejudgement as to the fundamental balance betweenprivacyandinvestigativecapabilities,andtobeabletolegislatetoensure thatthisbalanceisapplied; A coherent framework for establishing when it is proportionate to access private information, and what use is made of it, that makes draws relevant distinctions according to the level of intrusion implied by different uses and different kinds of communicationsdata; Transparent, democratically accountable mechanisms for approving detailed rules onuseofdata,withinthebasicframework Credibleoversightmechanismstopreventanddiscovermisuse Effectiveanddissuasivesanctionsformisuse,bothbyindividualsandorganisations A realistic opportunity for remedy for those who have had their privacy infringed withoutjustification

12.

b.

c. d. e. f. 13. 14.

WedonotbelieveanyoftheseexpectationsareadequatelyaddressedinthedraftBill. Webelievethatourmembers,whoarecommercialentities,sharewithcitizensalegitimate expectationthatsuchimportantregulationoftheirbusinessenvironmentanddutiesshould besubjecttofulldemocraticscrutinyandapproval. While we strongly welcome the governments commitment to pay telecommunications operatorsthefinancialcoststheyincurincarryingouttheirobligationsunderthedraftBill, wedonotbelievethisemptiesourmembersofalegitimateinterestinthislegislation. a. Thechallengesimpliedbytheneedfortechnicaldevelopment,businessandsystems reengineering and operational maintenance of the systems contemplated by the draft Bill are enormous, and we anticipate incalculable and hence irrecoverable opportunitycostsaseffortandskillisdivertedfromcommercialendstosatisfying newlegalduties. Moreover, the draft Bill significantly implicates the intangible relationship of trust betweenacommunicationsoperatoranditscustomer.

15.

b. 16.

Wehavesignificantdoubtsaboutthetechnicalfeasibilityofmuchofwhatiscontemplated, butthegovernmenthasbeentooreticentaboutsharingitsactualexpectationsastohowfar itwouldtakethepowersgrantedundertheBillforustocommentindetail.

Draft Communications Data Bill

249

17. 18.

In particular, we question the technical feasibility of constructing the profiling engine, whichrepresentsanenormouslycomplexsystemsintegrationchallenge. We have serious concerns about the challenges involved in protecting the systems establishedunderthedraftBillandthedatatheygenerate.Thisisespeciallytrueinrespect oftheprofilingengine,whichappearsespeciallychallengingtoprotect.Ifthesecurityofthe profilingenginewereevercompromisedwebelieveitwouldconstituteasignificantthreat tonationalsecurity.

AboutLINX 19. LINX,theLondonInternetExchange,isamembershipassociationfornetworkoperatorsand serviceprovidersexchangingInternettraffic.Itispartofourcoremissiontorepresentour membersinterestsinmattersofpublicpolicy. 20. With more than 430 member organisations, including most major UK ISPs and most formerlyincumbentEuropeanoperators,webelievewehavehighlyinformedexpertiseand arewellplacedtoreflecttheviewsoftheISPindustryasawhole. 21. LINX has worked on behalf of its members on the development of policy for covert investigationofcommunications,includingcommunicationsdatasincebeforetheinception oftheRegulationofInvestigatoryPowersAct2000.Wehaveworkedincooperationwiththe Home Office and law enforcement representatives to develop primary and secondary legislation, Codes of Practice, building a partnership between the ISP industry and law enforcementinterests.ALINXemployeealsorepresentstheEuropeanInternetindustryon theEuropeanCommissionsExpertsGroupontheDataRetentionDirective. 22. We are committed to a regime for communications data retention and access that is both effectiveinmeetinglawenforcementneedsandalsorespectfulofthelegitimateinterestsof theInternetindustry,ourmembers,andofthegeneralpublic,thecustomersandendusers ofourmembers. Wehaveconsultedourmembershipbothinformally,duringthedevelopmentofthispolicy, and formally on drafts of this submission. This submission was finally approved by LINXs BoardofDirectors,whichiselectedbythemembership.Althoughwewouldneversaythat any submission by us is endorsed by every one ofour members in every last detail, we do believethatourpositionreflectsabroadconsensusofthenetworkoperatorcommunity.

23.

Introductoryremarks 24. We begin with some observations about the draft Bill, which will give some context to our answerstotheCommitteesspecificquestions. 25. Clause1ofthedraftBillprovidesaverybroadpowertorequiretheacquisition,collection andretentionofcommunicationsdata. a. The power would apply 332 to private networks and services, not only to public telecommunications service providers as is the case under the current Data RetentionRegulations 333.

332Weacknowledgethatthegovernmentislikelytoconcentrateinthefirstinstanceonpublic

telecomsproviders,butifParliamentgrantsadiscretionarypowerthenamuchwiderrangeof organisationscouldultimatelyberequiredtocollectcommunicationsdata.

250

Draft Communications Data Bill

b. c. d.

e.

f. 26.

ThepowerappearstoallowtheSecretaryofStatetorequirethatserviceproviders collectsubscriberdatathattheydonotcurrentlycollect. The government has stated its intention to access communications data under the Billfromtelecommunicationsoperatorsoverseas. Although the government has told us that their preference is to obtain communications data directly from the relevant service provider eg. the web site operator ,italsosaysthatwheretheserviceproviderisunableorunwillingtoco operate forexample,wheretheserviceproviderisaforeignentityandprohibited fromaffordingfullysatisfactorycooperationwithUKauthoritiesbyforeignlaw it intends to use clause 1 to require network operators to monitor the network and extractcommunicationsdatafromthestreamoftrafficbetweentheircustomerand thethirdpartyservice thirdpartycommunicationsdata . Thetypesofcommunicationsdataarenotlimitedandspecified,asundertheData RetentionDi