back to article UK snoop system had 1,000 COCKUPS - including 2 duff cuffs

Police, security services and other public bodies bungled nearly 1,000 requests for citizens' communications data in a year, a new report has revealed. Communication service providers (CSPs, which include ISPs and telcos) were also blamed for some of the cock-ups: the study for 2011 found that two people were wrongly arrested …

COMMENTS

This topic is closed for new posts.
Silver badge
Unhappy

Hate to say this

But I think thats actually quite a reasonable number of errors.

Gotta be better than most other civil service error rates.

Still doesnt justify the powers imo though. Just means we cant legitimately use the rate of errors against them.

6
20
Silver badge
Stop

Re: Hate to say this

I don't find it reasonable that two people were wrongly arrested and detained on the basis of such data - the fact that presumably, communications data was the only thing the police had against these people, and that it was used as a basis of an arrest is also worrying. Surely a sane investigation would have a body of evidence against a person?

30
3
Silver badge
Mushroom

Re: Hate to say this

If you consider these an acceptable number of errors, then you are part of the problem.

*I* don't. Especially in light of the eye-watering sums these systems are costing us.

Luckily neither of the two misidentified people was being trailled by the murderous incompetent goons of the anti-terrorit squad.

24
3
Silver badge

Re: Hate to say this

I wonder how hard it will be for those 2 people to get their DNA and profiles removed now. Plus if they want enhanced security clearance any time soon then they can forget that. Hopefully at interview they could present a letter from the chief but all being said and done I doubt it.

14
0

Re: Hate to say this

Unless of course, you are one of the two arrested. I wonder if their details have now been removed from the Police database? Their DNA destroyed samples destroyed, their fingerprint data removed. (Oh look, a flying pig, and a blue moon!)

Some years ago, a court in the North made a cockup and my home address was substituted for the address of a company that they then registered a CCJ against. When I found out, I spoke to them and the various solictors; each blamed the other. I then advised them that they had one hour to fix it or then I would sue the whole damn lot of them. The verdict was over turned the week after the decision was issued, but I still had my details on Dun & Bradstreet for 3 days (they removed it after I sent them a very sharp letter). However, this did not resolve the issue; it was almost 18 months later that I finally managed to get all of the relevant information corrected.

Trust me, it's funny when it happens to someone else, but it ain't no joke when it's your life that get turned upside down. No credit, calls every day from people trying to sell various "solutions" to debt problems, reams of crap about IVAs. I can't imagine how bad it would be for someone incorrectly arrested. Put on a no-fly list, local papers checking to see if you are a kiddy fiddler - it could very easily ruin your life.

25
0
Silver badge
Boffin

Re: Hate to say this

If you consider these an acceptable number of errors, then you are part of the problem. *I* don't.

Let me guess. You wouldn't consider 1 error in a million an acceptable error rate. Well, some of us have to live in the real world. Let's break the numbers down, shall we?

Total Requests: 494,078

Requests With Errors: 895

Errors That Led to False Arrest: 2

Request Failure Rate = 895/494,078 = 0.0018 = 0.18%

Request Success Rate = 99.82%

False Arrest Rate 1 (% of Errors) = 2/895 = 0.0022 = 0.22%

Mitigated Error Rate 1 (% of Errors) = 99.78%

False Arrest Rate 2 (% of Total) = 2/494,078 = 0.000004 = 0.0004%

Success or Mitigated Error Rate (% of Total) = 99.9996%

I would call this good, with room for improvement.

7
19
Anonymous Coward

Re: Hate to say this

Another ****ing muppet - you're not a civil service shrill are you ?

margins of error, are, of course, relative. You go on a flight with a 99.9996% chance of crashing. I'll stick with 99.99999%.

*I* start at 100% reliability, and question every deviation downwards.

*You* start at 99.9996% and cheer every move upwards.

If the outcome of a failure is ruining someones life, then 99.9996% is not acceptable.

19
5
Facepalm

Re: Hate to say this

The problem is that these are errors reported to the regulator by the requestors themselves.

So if we have a self regulation system highlighting nearly 900 errors how many didnt get reported?

Percentages are a great way of making things look good when the reality on the ground is very different, I doubt your view would be as welcoming if you found your enhanced CRB was showing you as mistakenly being investigated for something dubious.

17
0

Re: Hate to say this

Yes you could describe this as good; unless you are the poor bugger that has been detained, arrested, fingerprinted, charged, convicted, and butt-f***** to within an inch of his life in prison because of a mistake.

I wonder how you would feel if we still had the death penalty and you were the poor unfortunate soul that had done nothing wrong, but still ended up dancing the hemp fandango? But after all, it's only one in a million!

7
2
Unhappy

Re: Hate to say this

The error rate is pretty much what you'd expect it to be - it's futile to expect perfection when there's people writing down requests.

Whether the error rate is reasonable/acceptable does rather depend on what gets done with those intercepts which weren't erroneous - if they'd led to 400k convictions, then the odd misplaced arrest would be acceptable. As it is, it looks like the whole snooping system is fantastically overused by petty officialdom so that huge number of snooping requests will inevitably lead to a significant number of errors.

What I means is.. if the number of requests is high due to guidelines being ignored and not rigorously applied, this is not an acceptable error rate. If the only requests that went through were for criminal cases where the information was really needed, then the error rate would probably be acceptable (as actual numbers of errors would be very low indeed).

3
0
Anonymous Coward

Re: Hate to say this

Yes, yes statistics are lovely and can prove or disprove anything.

Having taken the time to read your post, can I ask you to indulge me and let us know if you'd be so relaxed about this if you personally were 50% (see I can do statistics too!) of the two guys who were falsely arrested?

Some things do need to be 100% correct and this is one of them.

3
2
Anonymous Coward

Re: Hate to say this

Two points:

1) It's a shill.

2) 5 nines reliability, the sort you get in a Mainframe or Tandem machine is 99.999%, not 99.99999%

1
0

Re: Hate to say this

>Another ****ing muppet - you're not a civil service shrill are you ?

Why are you getting antsy with the civil service when it was a private sector CSP that lead to the two false arrests?

It's "shill", BTW.

1
0
Silver badge
Facepalm

Re: Hate to say this

Gordon 10 and Steve Knox have demonstrated perfectly why the current reliance on numbers over effectiveness is one giant turd sandwich. How I wish we could turn back the clock so that the Thatcherite number-love could be avoided.

0
0
Meh

Re: Hate to say this

Lies, damn lies and.... oh well, you get the idea.

There was an interesting test a few years ago, during the years 1968-1971 in the UK they decided to stick with BST (GMT+1) with no change, because of the differing light there were more fatal road accidents during the morning (mainly schoolchildren), however in the evening the number of deaths decreased (but more so, again schoolchildren) - so overall lives were saved, parents of children who died in the morning were outraged (this is understandable) parents of children who were not killed didn't notice anything, society was better off, but at the expense of the children who died, statistically better, just different victims.

This looks similar, 2 false arrests is unacceptable, and no matter how much crime is prevented (or actual criminals caught), any errors are not "acceptable", society is potentially better off, lower initial crime is debateable (as often this merely moves crime elsewhere), but lower repeat crime is likely (forgetting the failings of the prison system for a moment), at the end of the day it's an emminently fruitless task unless you address the causes of crime (education and jobs).

0
0

Re: Hate to say this

Nothing can ever be 100%

0
0

This is your receipt for your husband... and this is my receipt for your receipt.

It's not my fault that Buttle's heart condition didn't appear on Tuttle's file!

21
0
Anonymous Coward

Re: This is your receipt for your husband... and this is my receipt for your receipt.

Exactly what I was going to write.

It is pretty sad how some of the negatives of sci-fi become reality.

2
0
Thumb Up

Re: This is your receipt for your husband... and this is my receipt for your receipt.

My immediate thoughts, you just beat me to it.

"Information Transit got the wrong man. I got the right man."

4
0

"dismissed accusations that local authority officials had abused their RIPA powers and said he wanted to "dispel the myths that we've been frivolous in the past"."

Nothing they say can dispel the fact that the powers that be have been frivolous to-date and are not fit to have these or any more powers.

8
0
FAIL

What I'd like to know is what action was taken against those councils that broke the law and obtained the information illegally? Did this person mentioned who held all three supervisory roles have his collar felt by the plod for breaking the law and if not WHY THE FUCK NOT? if they are going to be granted such far-reaching power to affect individuals, then there needs to be some serious accountability to back this up so that these bastards are FRIGHTENED to make a mistake so that they make damn sure that they get it right.

Saying "tsk tsk" isn't going to make these people to their sodding jobs properly!

23
0

But...

..Didn't they say if we have nothing to hide we have nothing to fear?

11
0
Black Helicopters

Re: But...

In their eyes we're all guilty of something. It's just a matter of time until they figure out what. And the more errors are made in gathering and delivering surveillance data, without oversight, the more likely they are to find something, valid or otherwise. If it turns out to be invalid they'll hunt for something else and just keep tracking us until they find something.

2
0
Anonymous Coward

Re: But...

We pretty much are all guilty of something, they just have to find out. I can think of a list as long as my arm, all petty, unless I'm mistaken, but many criminal.

I have curtains.

0
0
Anonymous Coward

Re: But...

They will also continue to make new laws under which a creative imagination can make pretty much anything a crime.

0
0
Silver badge
WTF?

"... it was the same unnamed CSP ..."

I hope that the two unfortunate people concerned (or their legal representatives) are able to find out the identities of the organisations concerned; so they can sue the arse off them.

7
0

"Unfortunately in two separate cases where a CSP disclosed the incorrect data, the mistakes were not realised and action was taken by the police forces on the data received," said Interception Communications Commissioner Sir Paul Kennedy, the report's author.

He continued: "Regrettably, these errors had very significant consequences for two members of the public who were wrongly detained / accused of crimes as a result of the errors." (my bold)

Presumably El Reg deliberately left off, for reasons of brevity, the bit where the officer went on to say "Their fingerprints and DNA records have been destroyed".

2
0
Silver badge
Flame

Sorry

if you think that having your fingerprints and DNA taken is the worst part about being arrested, then you really need a course in reality.

There have been many cases where people, wrongly accused of a particularly heinous crime (I really hope you don't need some examples) have had there lives ruined. Been forced to move house. Had marriages fail. Denied access to their children. Been unable to find a job. Resulting in more than one suicide.

How do you think your life would fare, if cops took your door down at 5am, dragged you in your underwear into a van, shouting at the top of their voices that you were being arrested on suspicion of sexual offences against a child ?

7
1
Silver badge

Re: Sorry

indeed. It didnt say how long they took to remedy the situation either. An Hour, day? A week? Month? Year? Lone parent so kids in care?

1
0

And these are the people we trust our freedom and liberty too. Wouldn't surprise me if the police was selling information on the side to other branches of government and corporations.

2
2
FAIL

What price freedom?

So what happened to these two men? Was it quickly resolved, or did the cops, in a show of force, go to their workplace to embarrass them, then keep them in the cells overnight, and refuse to accept they made a mistake? What compensation have these men received for their kidnapping and imprisonment?

Why weren't there safeguards in place so that the data returned by the CSP was checked against the request made to the CSP to ensure that the correct data was received and that no mistake was made at the CSP?

1
1
Silver badge
Flame

To be fair to the police

they can only act on what they are given. And it wouldn't really be a great advert, or morale booster, if they had to assume that every arrest *could* be wrong. Which means they were acting in "good faith".

If there's one thing we should have learned by now, it's that "good faith" excuses anything, and negates the need for recompense. Ask people whose doors have been kicked in wrongly by the police who then (lawfully) refuse to pay for repairs.

1
0
Anonymous Coward

Why weren't there safeguards?

Because as the report says, it seems in some cases the CSP *was* the requester.

0
0
Anonymous Coward

make it even?

Will the spooks who made the mistakes be locked up for a couple of days, waterboarded, have their DNA stored, & be humiliated in front of their neighbours, just to make things even?

2
1
ACx

Remember fellow Brits, we are guilty until proven innocent. You are a potential enemy of the state. Hand yourselves in now.

8
1
Big Brother

Wool - eyes

All this curtailing of Local Autnorities powers is a red herring. Not that I don't agree that they should be more tightly controlled but the big issue is using information from CSPs as the basis for decisions around arrestable offences (which local authorities don't deal with). CSPs have a wikipedia-like attitude to accuracy which isn't at all suited to informing such important decisions.

Big brother is watching you (or maybe someone with a similar name who looks a bit like you).

1
0
Gimp

Bloody hell...

...I thought a Communication Service Provider must be some kind of complex data aggregation facility a bit like a CRA - having looked it up on the Web I now know it's a glorified name for a telecoms company or ISP. Was I the only one who had to look it up?

What's the DPA spin on providing incorrect data of this kind about an individual or group?

0
0
(Written by Reg staff) Silver badge

Re: Bloody hell...

Hi - Yes, sorry, should have reminded new readers what a CSP is: it was on the todo list.

C.

0
0
Silver badge

Each error a ruined life.

The issue here is that each error, is potentially a ruined life. It's all very well to say everything can be sorted out, but there's always the 'no smoke without fire' mentality that ensures you will be tarnished forever. You can also rest assured that when dragged into the street, the police will be more than happy to shout what you're accused of, but when found to be in error, will they stand in your street and shout they messed up and actually your innocent? Of course not. It's like the media. They ruin people and then run a retraction on page 28 in the bottom right hand corner where nobody will see it.

The people responsible at all levels must have their own nads on the line to judge others. They must understand that any error will be reflected back on them and strong action taken. If they haven't got several sources saying the same thing, all checked to ensure its the right person etc.etc., they do not act. You simply cannot have enough checks and balances in place when dealing with this sort of thing. Anyone found to have made an error that resulted in someones life being ruined should be made to pay according to the magnitude of their mistake, and certainly to loosing their jobs.

This sort of surveillance also needs to be limited to the worst crimes. There is a dangerous trend at the moment to use this sort of thing for truly minor offences. Local councils should have no need of access to anything, as any requirement should be due to a criminal case investigated by the police.

4
1
Anonymous Coward

Why is the CSP...

..who are responsible for the cock up remaining "unnamed" ?? Why the fuck should they be allowed to slink off into the night and remain unaccountable to the public for their grotesque cock-up?

Anyway, I've said it before and I'll say it again.

Stega, TOR, SSL, VPN. Make them work for your data.

1
0
Linux

Error rates and the loss function

Were the people who were arrested adequately compensated? If the response of the authorities was "sorry, tough luck" then it doesn't matter if your error rate is only 0.000000001%, it's still to high. OTOH if for example the compensation covers total financial loss + £1m compensation, then a higher error rate would be acceptable, not withstanding the fact that a £1m penalty should be a big incentive not to make errors in the first place.

2
2
Anonymous Coward

Re: Error rates and the loss function

What on earth makes you think being wrongly arrested deserves any compensation at all ? The only way you could get compensation is if you could show the police should have known they in the wrong. Otherwise they are exempt on the grounds they acted in "good faith" (see upthread).

Bear in mind, unless there are *exceptional* circumstances, damages in the UK are restricted to proven monetary losses. And it's an established fact that a persons time is "free" (unless you are a solicitor).

The UK approach to state incompetence costing the state money has been to remove the liability, rather than improve the state.

1
0
Silver badge

Re: Error rates and the loss function

@AC - I think Admiral Duncan was putting the point about what *ought* to be the case, not what the current situation *is*. Many people think that the police need to be brought back into society, and have the same (if not higher) levels of responsibility in the event of fucking it up, instead of being immune - one of the first steps on the way to a police state.

0
0
Bronze badge
Black Helicopters

typo arrest

The UK home office works like a scene from Brazil (were the names Tuttle and Buttle?)

0
0
Anonymous Coward

I'm more curious about the fact that the powers that be spied on 494,078 citizens during the year...

2
0
Silver badge

Yes, me too - that's a huge number of requests. Fishing expedition rather than investigation, I fear.

0
0
Anonymous Coward

How far we've fallen

Amazing that the outrage in the public discourse is over mistakes made, rather than over the public being routinely spied on at all by purse-lipped paper shufflers in local councils. Giving curtain twitchers jobs at all is a bad idea; giving them jobs with power to snoop + pry is only ever going to end badly.

So much for the "freedom" bullshit we were routinely fed as the USP of Brand Democracy during the cold war.

3
0

This post has been deleted by a moderator

FAIL

Buttle/Tuttle

"the study for 2011 found that two people were wrongly arrested as a result of typos on information interceptions."

See title.

Braziiiiiiiil......

0
0
This topic is closed for new posts.

Forums