IET and others have it right. Hasty legislation, improperly scrutinised, and even then scrutiny by the ignorant.
Oh, and Yvette - sod orf and get a proper education. Your husband might wish to do so too.
The UK government secured the backing of the country's main political parties today to rush an emergency Data Retention and Investigation Powers Bill (DRIP) through Parliament just seven days before MPs break for summer recess. It comes after communications providers and telcos who operate in Britain but have headquarters …
This legislation retains an existing capability for the police and security services in the absence of the EU directive.
Also in respect of liberal concerns there is an expansion of the oversight, more transparency and a decrease in the public bodies that can access this data.
As a piece of emergency legislation it does seem to be OK.
What's the emergency? And how does this legislation address this in any meaningful way? At best communications data can help clean up the mess after something has happened. It's unlikely to stop anything though.
The Data Retention Directive was itself pushed through Europe largely at the behest of the home office here during the UK's presidency of the EU, and that was in response to the 7/7 and Madrid bombings. If memory serves the coroner at the 7/7 inquest basically said that any additional data would have been useless with regards to preventing that particular atrocity given the way in which they communicated, so even the DRD failed to achieve any of it's aims.
And as far as oversight is concerned, following the US model isn't going to do us any good. This has been implemented over there is one form or another since 2004 and they still manage to get the NSA abusing their powers.
You might want to also take a look at section 1(3) through to section 1(7) of the proposed legislation. It would appear to give the secretary of state far too much power and leeway.
https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/328939/draft-drip-bill.pdf
The whole thing is looking a bit odd, but I'll concede the need for some legislation. I'm not lawyer enough to be sure whether RIPA provides any real protection for anyone. I don't have much confidence in the current government and their intentions. If there's a way to screw us, they'll use it.
But I do know you're missing one thing. This law will operate until 2016, and then it stops working. That's a good idea for this sort of emergency law. That doesn't mean we have to live with it until then. The next parliament could replace it before then, no legal problem at all. We need to watch they don't amend away the sunset clause, but whoever wins the election could start work on the long-term replacement as soon as they take over. And I hope we elect a government that is willing to listen to us, as well as the Americans.
but I'll concede the need for some legislation
Only if the aim is to allow the government to continue as before.
Incidentally RIPA has been in effect for 14 years now so they've had more than enough time and opportunities for reviewing it, but putting this to one side for a moment: if it takes up to 2 years to review RIPA properly then what's the bet that a law published and passed in less than a week with no real scrutiny will end up being badly executed and dangerous for all of us?
The government keep on shouting 'terrorist' but always seem to fail to actually provide anything that actually justifies what they want. Anybody that wants another example of this should look to the other side of the pond. The story put out started with dozens of plots being foiled by all their pet programs and projects - then that number started to mysteriously shrink rather suddenly.
Don't forget that Cameron is somebody who seems to think that the likes of NCIS:LA show why we need this. Taking him seriously is extremely difficult sometimes.
Would anybody care to bet on the likelihood of people in the UK being just as economical with the truth?
The new legislation doesn't even properly address the legal problems raised by the judgement (blanket as opposed to targeted surveillance for one thing). We could as country still end up in court at the European level thanks to this bill, sunset clause or no sunset clause.
This law will operate until 2016, and then it stops working.
So it might be one almighty cock up but we'll only have to live with it for 2 years so that's OK then? (assuming of course that they don't just pass another 'emergency' measure since the election would have already taken place by then and MPs minds will be elsewhere).
No type of 'emergency' legislation should ever become part of any (democratic) country's legal structure. If there's a state of permanent emergency that means the government, any government, has failed, completely and utterly. They are obviously incapable of 'leading' a country using the tools and resources already in place.
You know, the those tools and resources they promised to use so effectively if the people only believed in them and voted to put them in office. If they can't make things work within the bounds of 'non-emergency' legislation they are simply unfit for purpose.
All democracies put up with quite a bit of bullshit from their elected lawmakers, because there's the idea those elected know what they're doing. Otherwise not many people would have anything to do with the greasy, ethically deficient grundle scrapers that run for office. They sell themselves as beneficial for the nation because they understand the intricacies of the law and can get the most accomplished because of that self professed expertise.
But if they can't get their job done unless they change the rules there's simply no need for the public to fuck around with sleezeballs you wouldn't let within 1000m of your daughter, or livestock. It doesn't require any special skills to make up new rules that suit your purposes, anyone can do that. Since anyone can make up new rules, let's move to elect fun, hilarious people with interesting personalities. Get rid of the predatory used car salesmen and replace them with people who are at least entertaining.
"No type of 'emergency' legislation should ever become part of any (democratic) country's legal structure. If there's a state of permanent emergency that means the government, any government, has failed, completely and utterly. They are obviously incapable of 'leading' a country using the tools and resources already in place."
And yet that's exactly what happened with THE PATRIOT Act.
Somewhere I have the response my Congressional Representative at the time sent to me regarding my protestation of the PATRIOT Act. He agreed some of the measures were heavy handed, but extreme measures were needed to ward off terrorists. Besides, he said, the specific parts of the Act you don't approve of have sunset clauses and require Congress to reauthorize them or they automatically expire.
He says 'I will not be voting for an extension of the Act when the time to vote arrives'. Yeah, he voted for the extension. The Moosedick.
I have of course no idea how accurate this might be, but years ago I was told by a credible source that in the UK (notably, more so than in other Western European countries) the elected politicians are little more than figureheads without real power, with policy--strategic, not just day-to-day--being decided on by the Mandarins.
Personally, I don't see why we should wait until the revolution. We've got plenty of suitable walls already.
1. Is he referring to UK being the only "democratic" country in the world where there is a law allowing surveilance without a court order?
2. Is he referring to the UK being the only "democratic" country in the world where your village council can enact surveilance on you without a court order?
3. Is he referring to the UK being the only "democratic" country in the world where private companies such as the Royal Mail are allowed to enact surveilance on you without a court order?
In the USA - FISA may be a cangaroo court serving the needs of cangaroo legilsation, but it is a court none the less. Even in what are, supposedly - according to UK press, dictatorships like Russia you actually _HAVE_ to get a court order to do that. The only "democratic" country in the world where you do not need a court order is UK because of the "safeguards" in RIPA. Are these the safeguards he is referring to? Yes, I know, I should move along, these are not the safeguards I am looking for.
Uh....
What USA are you from?..
The one I am from just makes a blanket order to cover "Terror'ish't" suspects.
Your a suspect if your skin is too dark, if your skin is too light, if you speak another language, if you have ever flown to another country, used email, facebook, twitter, myspace, instant messaging apps, made phone calls.
I think what the UK is asking for is to retain METADATA (as the US would put it)... If you think that the government servers that store all of that data keeps it locked up until a specific court order appears then your a fool.
The only get-out-jail clause is when your accused of a crime and illegal evidence is used against you, you can have it thrown out plus whatever direct discover has happened because of it. If your up for "terrorism" charges then even illegal data can be used.
Hook me up with this "Democracy" your talking about, I have no knowledge of any existing on this planet.
2. Is he referring to the UK being the only "democratic" country in the world where your village council can enact surveilance on you without a court order?
The parish council? Are you sure about this?
3. Is he referring to the UK being the only "democratic" country in the world where private companies such as the Royal Mail are allowed to enact surveilance on you without a court order?
The Royal Mail being one of the organisations who won't have access under the emergency legislation.
> The parish council? Are you sure about this?
Can't answer for the other poster, but yes, that is correct. We touched upon the subject during my IT studies, and if you do a search on Google News or similar you shall be enlightened too.
Edited to say: you don't even need to arse yourself with the Google search. At least one poster below this gives more details.
"The politicos said that the country's current Regulation of Investigatory Powers Act 2000 (RIPA) already had the necessary safeguards in place to address the privacy flaws found in the European Union's Data Retention Directive."
Like the "safeguards" which allowed local councils all over the country to send out undercover jobsworths to spy upon and film people just to check if they were in the catchment area of schools to which they'd sought access for their kids, or to identify if their mutt had crapped on a verge?
Yes, dog mess is antisocial, but the glee with which these (generally unelected) arseholes rushed out to play at James Bond or Spooks shows how dangerous it is to give any more power to politicos.
You never know who'll end up (mis)using it. Misuse of power is as certain as death and taxes.
Which brings up an interesting question: how much time were the spooks and other civil servants involved in this allowed to draft it before making any of it public?
Anybody that wants to know how well sunset clauses work need only look at the US. The PATRIOT act has been around for ~13 years now.
@Vimes
You've hit on an issue a lot of people don't know much about. The 'think tank' approach to lawmaking has been extremely popular in the US and UK since the end of WWII. It's kind of like catalog shopping for laws.
It's not that those think tanks are at the center of a huge conspiracy. It's that they spend their time writing up policy and law proposals. The variety of nearly turn-key law proposals is stunning and exhaustively comprehensive. You tell them what your looking for and they give you a suitable, 99.9% complete, law proposal for anything you can imagine. It's all really fucked up.
Governmental figures under fire for allegedly covering up criminal activity in the 1980s, under further fire for appointing a clearly unsuitable person to head up the enquiry into said allegations - who would have guessed that there would be a "look over there - druggie-paedo-terrorists!!!" moment?
I still consider the politicians and civil "servants" in Westminster to be a bigger threat than any amount of drug dealers, paedophiles, or terrorists.
This is the same government that had Andrew Coulson appointed to head PR
http://www.nytimes.com/2014/07/05/world/europe/andy-coulson-to-be-sentenced-in-phone-hacking-case.html?_r=0
and Patrick Rock to define what we are allowed to browse on the Internet.
http://www.ndtv.com/article/world/david-cameron-s-advisor-quits-after-being-arrested-on-suspicion-of-child-porn-offences-490901
Though, giving it a second thought, it is not surprising to see them pushing such stuff. When your mind is corrupted, you tend to expect that everybody else is like you too. They should stop treating everyone as "one of them", most of us are "reasonably" normal you know.
So we were worried that Huawei gear contained back doors that slurped data to China.
Now we require that all foreign owned ISPs collect all the UK's data and store it where it will be subject to any secret intelligence courts which demand that is is handed over to that country's spooks.
> rush an emergency ... Bill through Parliament just seven days before MPs break for summer recess
Every support person's nightmare:
It's 10 to 5, Friday afternoon. You've filled in your timesheet and your expenses. You've closed the trouble-ticket system and then ... the phone rings.
"Hello, this is Fred from <your biggest customer> Inc. I wonder if you can help me. I've been trying to get this upgrade to work all week as we have to go live on Monday morning. I know I've left it a bit late but could you help me as I really need it working by Monday?"
As so it goes with legislation: if you're going to enact new laws, then give yourself time to work out all the bugs in it before you bugger off on holiday until October. And if this "emergency patch" is needed because your last attempt was found to be unlawful, all the more reason to make sure someone is there to fix your cock-up if this version suffers the same shortcomings.
But do they learn? Do they hell!
And regarding the five-o'clock call? The answer is the usual: "Sure, why don't you email me all the details, logs and config files and I'll see what I can do <click>" followed by the sound of running in the corridors.
It's worse than that, they've had since April to draw up the legislation (as that was when the European Court of Justice deemed it illegal), but they've only brought the legislation in now.
Also worth noting that the identity of the bill wasn't announced in any way, even to MPs until today. It was just marked "consideration of a Bill". If that hadn't been picked up on, and questions asked, would the government even have bothered to talk about it before Monday?
Clegg promised that "civil liberties would be properly considered" under the new law and claimed that Brits will "know more than ever before" about what access the police and spooks have to our online data.
They will do the bare minimum the ECJ requires them to in terms of civil liberties, or less when nobody's looking.
It's also doubtful that Brits seeking to "know more than ever before" will get anything other than the standard "Sorry, we can't discuss that for national security reasons" when querying cops or spooks about their activities.
We hear nothing concrete about the need to address the ruling when it's made, back in April, when there might have been time for a more considered approach.
And then, all of a sudden, we get two announcements of increases in airport security (first for US flights, then for others to unspecified legislation) and BAM! We really have to rush this security bill through in two days to protect us from terrorists.
Anyone would think they sat on it, until they knew the tension had been ratcheted up enough to make most people roll over and say "well, sure, if it keeps us safe, we'll ram it through in two days"
You think they have been sitting on their hands since April?
I expect the new law took them 5 minutes, but they waited to sneak it in at the last second so they would not have to deal with people saying this one is just as bad as the old unlawful law. They figure someone will come up with something to distract people by the time they get back.
It's interesting. The EU ruling has no more effect on UK legislation than the establishment of a new directive. UK law still has to be changed before it becomes law in the UK. What would have happened is that if someone had complained to the relevant EU court about the existing legislation, the UK government could have been fined. The UK law would still have to have been amended or repealed before the metadata could have been deleted.
If the ISPs had started deleting the metadata, they would have been in breach of the still extant UK legislation. They could have appealed any action in the EU court, but they still would technically have broken the existing UK law. There was no need to pass this emergency legislation, and it should have been properly discussed either earlier in this session of parliament, or at the beginning of the next.
There's some change in there that the government was desperate to enact that's not been spotted yet.
He was flanked by Deputy Prime Minister Nick Clegg, who repeatedly stressed that the proposed law was not a rehash of Home Secretary Theresa May's hated Communications Data Bill.
Thou protest too much
The EU's shredded Data Retention Directive may not have had the necessary safeguards in place, May said before adding that the ruling "did not take into account the strict domestic laws" already in place. "RIPA was designed to comply with human rights," she told MPs.
Oh, like lets just jail someone indefinitely for happening to forget a passphrase.
« May said before adding that the ruling "did not take into account the strict domestic laws" already in place. "RIPA was designed to comply with human rights," she told MPs. »
Soviet propaganda used to be equally laughably pathetic. Almost nobody believed it, but those in power were too disconnected from the public to realise, perhaps to even care.
I managed an on line transaction processing system. It had a problem with the billing system crashing and a patch was developed. It became available on Christmas Eve. Do I patch or wait for the billing to go to sleep. Tossed mental coin, system was patched at about 2:45 p.m. we all had a nice Christmas break, billing work system worked no breakdowns.
Sometimes you have the grasp the nettle.
Interesting to see how files from 30 years or more are now so important but phone records from a few months ago MUST NOT BE KEPT.
Do I detect a two face situation?
Interesting to see how files from 30 years or more are now so important but phone records from a few months ago MUST NOT BE KEPT.
The former tends to deal with governments acting in our name. Only the latter deals with what should normally be private communications. Trying to make the two sound like they're equivalent is ludicrous.
I can only agree this is the case between your ears.
Meanwhile back in the real world I can be pretty certain that no files I worked on 30 plus years ago are still around.
Who is the great I AM who says that the small number of files, (were they even proper files or simply pages?) really contained anything more than the ramblings of someone who today would be a web mutterer, socialist mouth piece or troll?
Tossed mental coin, system was patched at about 2:45 p.m. we all had a nice Christmas break, billing work system worked no breakdowns.
So you were lucky. If government has to act like that then they're doing it wrong. The judgement was announced two months ago. A more appropriate analogy would be getting the patch in October before tossing a coin and blindly hoping that the shit won't hit the fan when it gets applied on Christmas Eve.
Only in this case it wouldn't be luck - it would be plain old incompetence.
What were they doing during the last two months, especially when there were allegations of a zombie parliament, a lack of legislation and generally a surplus of spare time?
This allows the Government to require that an ISP keeps the email headers of every email everyone using their service has ever sent or received.
It could even require them to keep a record of every single website everyone on that ISP has every visited.
What possible legitimate purpose could that ever have?
If there are specific individuals under suspicion, fine - get a court order, require the ISP to log and retain specific data about specific individuals and provide it to the police etc.
But everything about everyone is simply stupid - the legal eagles who've revied the idea say it doesn't help, and who's going to pay for the multi-exabyte database?
Don't spend my taxes on paying a white elephant to cover me with dung. I don't swing that way.
Section 1 (2) says:
A retention notice may(a) relate to a particular operator or any description of operators,
(b) require the retention of all data or any description of data,
(c) specify the period or periods for which data is to be retained,
(d) contain other requirements, or restrictions, in relation to the retention of data,
(e) make different provision for different purposes,
(f) relate to data whether or not in existence at the time of the giving, or coming into force, of the notice.
So this quite literally allows the Secretary of State to require a communications provider to keep all "relevant" data, forever, for any purpose that RIPA has been used for.
This is one heck of a big power grab.
FYI, "relevant" data is defined in ss.2(3) as data in the Schedule to the The Data Retention (EC Directive) Regulations 2009, which is exactly the same data they could demand retention for before the ECtJ judgement - so now new classes of data. Let's not get overexcited about that.
I don't know why that was hidden away in ss.2(3), but a lot of people have missed it. The Bill does not permit the required retention of any new classes of data.
There are some real power grab issues, but that's not one of them.
However you are right about there not being a time limit on the retention of data under a ss.2(1) Notice - only a 12-month limit on data retained under some putative future Regulations to be made under ss.1(3) (which can't be implemented until after Parliament gets back anyway). A Notice, on the other hand, can require an ISP to retain data forever.
Nothing new, all the more reason to go with encryption at the packet layer now, rather than later, this has been in the works for years, they really cant treat the civilised population like they're the end product and sell off there details at a profit expecting privacy advocates to be happy about the astro-turfing, the mass marketing fraud, the conspiracy to defraud etc, etc, etc...
ISP's are welcome to retain it all - I hope they like trying to read data requests sent and recieved with SHA3 standards not old and broken SHA1 standards. They're Open standards endorsed under the General Public License - Not the we decide on the License and do what we like with the Data mentality.
Fallen foul of the GPL have we??? All I can say is Good - You had it coming!
Sorry to deviate from the main point of your post, but perhaps you (or anyone else) could explain what "description of operators" means? Is it just a fancy way of saying 'operator' in plural or does it refer to some joint venture formed by several operators meant, or perhaps something entirely different?
> I hate to say it, but its becoming very hard to vote no in September.
It's never been hard to vote "yes". :-) We may still get shafted, but at least there will be fewer of us involved--there will be a shorter power distance and therefore, more accountability.
Instead of listening to the propaganda from all those legacy States with a "separatist problem", how about browsing some demographic data on whichever subject you care about (per capita GDP, unemployment, per capita spending on education / health, ...) and see which countries come out on top. Then plot correlation against the size of their population. Dangerously simplistic and flawed, I know, but food for thought. ;-)
A 9 page document that took 3 months to draft.
I suggest anyone in the UK who can contacts their MP and makes their view known.
No. This does is not an emergency.
The only "threat" is to the Government as Liberty is going to court to see if the GCHQ intercepts are illegal.
The usual fear and panic merchants are out spreading the usual fear and panic.
"Blah blah.. Paedo terrorists are grooming your children..blah blah..mountains of drugs..blah blah.."
The best thing that could happen to England, Wales and NI would be if Scotland voted yes to independence in September. That could bring the whole corrupt edifice crashing down, and maybe we could build a democracy which actually works instead of the rotten shambolic thing we have now. On the other hand, the Westminster elites could also just throw in the towel and stop the cynical theatre.
Take the 9/11 terrorists. They didn't ever send any emails, merely edited a draft email and used a shared email account as a remote-accessible dead letter drop. This metadata retention law would not have caught them.
Consider the London bombers. They didn't send each other emails either; everything was face to face, word of mouth. Again, no luck.
Consider every would-be internet jihadi. They send shedloads of emails, rant away like nutters on Facebook, and generally talk a bloody good terrorist campaign, yet are about as likely to kick off World War 3 as the England team are to beat, well, pretty much any other football team in the universe.
NSA-style data trawls catch loudmouthed plonkers (of which there is no shortage), but miss actual terrorists (who are fortunately vanishingly rare). This entire law is basically security theatre at its shoddiest, most ineffectual depths.
In my view, data retention is the modern equivalent of putting a tail on someone: the tail can't hear what you say but they record everywhere you go, how long you spend there, who you talk to, which shop windows you look in, which buildings you enter. 64 million police tails. 24 hours a day.
One newspaper report said MI5 are expecting 500 returning jihadists from Syria. 500. Apparently that makes it proportional to tail 64 million people, 24 hours a day, because of 500 potential terrorists. Even if all of them managed to radicalise 100 other people, those 50,000 would be less than 0.1% of the population.
There is no way that jihadists (or even all terrorists) can be any sort of justification for blanket data retention.
Of course, the spooks and police know this. So what is the real reason? Apparently 10% of the population (6.5M) are trade union members -- maybe it is them who the government really want to track?
What worries me about all this retention, black boxes, meta-data mining and whatnot isn't so much the potential for individual abuse, suppression of democracy and invasion of privacy as much as we seem to be heading to a situation where the regime could prosecute (or at least publicly ruin, that does the job) someone purely on the basis of "computer says jihadi/paedo/boogeyman du jour".
What Cameron really means, is that the existing data slurping was illegal and this is a backside covering exercise and that we deliberately waited until now to push it through, as we know all our lazy MP's want to go on holiday rather than do their jobs and debate the new laws, so it will go through unopposed and our inept and useless Home Secretary gets all the snooping she and her minions can handle !
You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license.
The terms and conditions of the GPL must be made available to anybody receiving a copy of the work that has a GPL applied to it ("the licensee"). Any licensee who adheres to the terms and conditions is given permission to modify the work, as well as to copy and redistribute the work or any derivative version. The licensee is allowed to charge a fee for this service, or do this free of charge. This latter point distinguishes the GPL from software licenses that prohibit commercial redistribution.
In purely private (or internal) use —with no sales and no distribution— the software code may be modified and parts reused without requiring the source code to be released. For sales or distribution, the entire source code need to be made available to end users, including any code changes and additions— in that case, copyleft is applied to ensure that end users retain the freedoms defined above.
You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1.
You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License.
These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it.