back to article Tories fear legal dodge over comms überdatabase

Laws mandating a massive central database of email, web browsing, telephone and social networking data may already have been passed without proper scrutiny by MPs, according to the Conservatives. The Home Office is due to publish its delayed consultation on the Interception Modernisation Programme (IMP) "shortly". In a Lords …

COMMENTS

This topic is closed for new posts.
  1. BoldMan
    Stop

    Time to cancel the Vodaphone contract then...

    oh hang on I'm with O2 anyway...

  2. Tim Schomer
    Black Helicopters

    Whose safeguards?

    "The safeguards we will want to put in place certainly will. And we may need legislation to test what a solution will look like."

    Are we talking safeguards to ensure the gov can't be sued when it looses everyones personal data (again) or safeguards so they can do what the hell they like with it including thinking up more ludicrous ways of taking more money out of our pockets under the guise of 'taxes for the good of the majority'

    And, why the hell would they need legislation BEFORE they even think about testing the concept? Sounds to me as if they're already committed to doing it regardless of what anyone else thinks or says.

  3. Anonymous Coward
    Paris Hilton

    Anti-Terror?

    I fail to see how this is ever going to deter terrorism via the internet.....

    If a terrorist group like Al-Queda or whatever want to share information they will just use public communicatioencryptions. OT/Pidgin-encryption

    The goverment wil push anything under anti-terror if it means that they can watch what you do.

    Remember the days of the CCTV. They said it was for "crime prevention"

    Did that ever work?

    Pais because she already knows what you do on the internet

  4. dephormation.org.uk
    Thumb Down

    £1bn for a prototype?

    How can the Home Office justify spending billions on IMP?

    The average number of deaths every year from terror is ~5 (roughly the same number of people die falling out of trees in the UK).

    No one has died on the UK mainland from terrorism since 2005. Apart from one terrorist who killed himself, and one terrorist who didn't even manage that.

    The threat of terrorism simply does not justify the cost or loss of privacy that the Security Services claim.

    Over the same four year period, around 3,200 people were killed by murders. 400,000 people died from smoking related causes. And perhaps 12,000 people died on the road.

    Murderers still don't get life. Smoking isn't banned. And cars aren't made from styrofoam.

    The only people we should fear are the UK Government and the Home Office.

  5. Maurice Shakeshaft
    Alert

    Crafty or what.....!

    "Oh no, trust us. We'll have proper scrutiny performed on EU legislation" - except were we can implement it with a Statutory Instrument and it suits us.

    What are our Civil Servants and politicians after??? We're not damned serfs to be measured, weighed and tagged - are we?

    Well, clearly, the answer is yes!

  6. John Smith Gold badge
    Thumb Down

    This consultation

    Seems to getting further away. The implementation of her Wackinesse's grand plan however does not.

  7. Anonymous Coward
    Anonymous Coward

    Can't See This Becoming Law

    As I think it will take too long to implement before the next general election.

  8. Someone

    Voluntary

    The Directive has very little to say on Internet use. The Statutory Instrument is an almost direct transposition of the Directive and so says little more. It covers access, email and VoIP. For all those people who leave their cable modem or ADSL modem/router permanently powered up, the concept of access time is meaningless. The Directive says nothing about the other myriad uses for the Internet, not even web browsing. In implementing the Directive, the Germans added sections 113a and 113b to their Telecommunications Act. Paragraph 8 of section 113a expressly forbids the retention of any information relating to web pages.

    For traffic data to be retained in the UK, it must be generated or processed by the service provider in the UK. I don’t believe that transmitting and processing have ever been considered to be synonymous. In transmitting the packets for a web-based email service in a foreign country when there is no web proxy involved, an ISP’s processing will only ever go as deep as the IP layer. Using DPI to pull out the email information would be going beyond traffic data and into content.

    It might be possible to move the IMP forward through the previous Voluntary Code of Practice that accompanies the Anti-terrorism, Crime & Security Act. Section 103(8) of that act allows the Secretary of State to revise the whole or any part of the Code. The communication providers would maintain their legal justification under the Act. The Data Protection and Human Rights Acts would be swerved with the usual invocation of national security and the detection and prevention of crime. Not that the Government is particularly constrained when its actions are in breach of those Acts.

    As the article notes, BT and Vodafone seem perfectly happy to go along with “voluntary”.

  9. Dave

    Government Information

    Is it just me, or do others have a natural inclination to provide the minimum possible information on any official form nowadays? We know they want to aggregate it all and then share it with everyone, so why make it easy for them?

  10. Anonymous Coward
    Anonymous Coward

    £1 billion? So she's done it then

    The EU Data retention directive requires ISPs and Telecoms companies keep the details of emails sent. It does not require anything from the government. It certainly does not require any mass surveillance equipment, or deep packet inspection. It specially requires that the data is only transferred from ISPs to Government in SPECIFIC cases, not a mass trawl.

    If she's spent £1 billion on ANY system in this area then she's outside the UK legal system.

    Labour has a majority, are they saying that she cannot even get a majority from her own party? If that is the case then they should eject them with a vote of no confidence. Look at it this way, if she cannot do it legally, cannot get Parliament to approve it, cannot get the backing of her party and is spending £1 billion on something she is not legally permitted to do ANYWAY, then how bad does she have to behave before you eject her?

    Can you explain to the voters why she's spending another £1 billion on a system when the Government can't even sell it's bonds and hence cannot raise money?

  11. bobbles31

    oh well....

    Never let a small thing like democracy get in the way of a good idea eh?

  12. night troll
    Paris Hilton

    It would be interesting..

    to know how many statutory instruments this lot have passed. We know they have passed thousand of laws since they have been in power, but just how much extra has been slipped in by the back door over the years?

    Just waiting for the SI that says we don't need a general election 'cause our uber masters know what is best for us.

    Paris 'cause we know what gets slipped in her back door.

  13. M Room
    Coat

    A Record of who contacts whom - interesting.

    I suppose this is one way for her to keep an eye on who her husband is contacting, even if it does cost the rest of us (the public) 1 Bn to do so. Perhaps it would have been cheaper just to pass the "accidental claim" for watching porn on TV.

    Mines the one with the ISP scrambler in the pocket.

  14. Codge
    Stop

    Hmmm.....

    @ dephormation

    Yes.

    @ someone

    Yes

    @ My unelected Prime minister / Home secretary

    NO!

    That is all.

  15. Anonymous Coward
    Anonymous Coward

    @Voluntary

    BT and Vodafone are opening themselves up to a whole nest of pain there. Their liability if she's gone and done something illegal could sink them. Companies and agencies really should not align themselves with extreme factions of the government. Even if it's temporarily in their interests to do so.

    I doubt Cameron has the balls to clean up this mess NuLabour have created either. I'd like to see Davis take a big axe to all this anti citizen crap she's pulled.

  16. John Smith Gold badge
    Thumb Down

    The EU Data Retenion Directive is *not* the IMP

    This is quite deliberate government spin.

    EU DRD. Requires Internet and other service providers to retain "Call records" for a period.

    IMP. Effectively on demand phone tapping of any land or mobile phone number.

    DRD does not *mandate* any central database but does state its for "National security" purposes only. IE it would be *more* limited than the current RIPA regime of nearly any official jobsworth. A fact this government may overlook.

    IMP is actual access to what's being said, and pressumably what's being sent. I doubt that would be allowed outside of the Police, Security and Intelligence services, Customs & Excise or the SOCA (I know C&E is now part of another dept, but I think you'll find they retain some specialist powers).

    We still do not have a a split out of the cost of the hardware for IMP versus the cost of the database, which I stress is *not* needed for IMP and will not support it.

    Incidently I wonder if the phone companies will bill the govt for the back bandwidth they will want. If the whole network is IP then in principle every tapped call represents bandwidth suppliers could be using for either better net access or

  17. kevin biswas
    Stop

    What am I missing here.....

    Surely this will only apply to UK isp's, so anyone using Gmail, Yahoo or Hotmail will be de-facto exempt from having their email life monitored anyway. You don't need to be a l33t haxor to open a hotmail account, if that is all it takes to avoid a moment of fame on 'worlds dumbest criminals'. As for gmail, it is all ssl-ed anyway (isnt-it ?) will the uk ISP's be expected to routinely break ssl ? And for anyone who seriously has something to hide (or who just naturally resents the intrusion) then there are more serious solutions too, pgp, tor, vpn, proxies etc etc. It seems to me that the only way for this to really work is to employ zillions of peta-peta flops to DPI and decrypt the f**K out every single byte and packet that passes through every router in the UK and then employ zillions more peta-peta flops of relational processing to see what falls out. And it still couldn't and wouldn't work against anyone with a bit of knowledge and determination. Surely there must be *someone* with some vague connection to government who knows *something* about IT who can call bullshit on all this ? mustn't there ? Or is it all theater to impress the muggles ? I am really puzzled by this whole thing.

  18. Anonymous Coward
    Anonymous Coward

    @dephormation

    "No one has died on the UK mainland from terrorism since 2005."

    Y2K was a damp squib too. *Because* of the investment put into it, as many people here are quick to point out.

  19. paulc
    Black Helicopters

    ISP provided email, so passe...

    everybody uses places like facebook, googlemail, yahoo et al... thank bleep googlemail provides a https connection... they would have to subpeona google to get my emails... as there's no plain text going over the wires of my ISP

    just wonder what excuses they'll use when they mandate all web cafes and other places that provide free wifi access have to keep records of access... after all, they pointed out China as being an oppressive state when China started requiring it...

    probably use the same old kiddieporn and terrorism excuses...

  20. David Pollard

    Are the Tories, Lib/Dems really so poorly informed?

    Over a year ago, BT apparently saw passive taps on internet traffic as an unremarkable feature (http://www.theregister.co.uk/2008/02/29/phorm_documents/). The spooks have had access to this sort of surveillance for quite some while.

    Vernon Croaker, in 2003, had explained away system creep in RIPA saying, "Clearly, if an assurance has been given you like to try and ensure that that assurance is maintained, but ... sometimes there are things that happen two, three, four, five, six years later ... despite the assurance that was made there is a need to change." It is thus clear that Labour's assurances are not to be taken as binding.

    Lord Bach's (non-) answer to Baroness Neville-Jones seems to imply that is is already too late to prevent the introduction of spook-style surveillance at a civilian level.

    Some of the Tories at least, and Lib/Dems, must have a fairly accurate idea of the increase in scope and implementation of communications surveillance. Presumably they want to be able, at some future stage, to say that they didn't.

  21. John Smith Gold badge

    @Night Troll

    " how many statutory instruments this lot have passed"

    You've missed the point. No statutory instruments have been passed.

    Essentially they are included as part of a Bill which, on Royal Assent, becomes an Act.

    However as clauses in a bill don't have to have much (if anything) to do with the alleged subject of the Bill (Justice & Coroners anyone) so the instrument might have very little to do with the Bill either.

    The theory is all the bits which are likely to change over time, need to be rolled out at a later date or are uncertain are enabled through an instrument. The Bill acts as a wrapper for this.

    However there seems no actual limit on what an instrument can enable a Minister to do, unless they are included in the Bill (and they don't get filleted before it becomes an Act).

    Enable her Wackiness to spend Parliament and institute direct Cabinet rule IE an elected dictatorship. No problem.

    This government does seem to have been very fond of this particular wheeze. How many Acts have clauses invoking SI's? How does that compare with previous govt's? Good questions.

  22. Anonymous Coward
    Anonymous Coward

    @It would be interesting..

    According to a very unscientific reading of OPSI's SI page, since January 1997 42,547 Statutory Instruments have been put before the House.

    Not all of them passed obviously but it gives you a flavour.

  23. John Smith Gold badge
    Boffin

    @Night Troll

    " how many statutory instruments this lot have passed"

    You've missed the point. No statutory instruments have been passed.

    Essentially they are included as part of a Bill which, on Royal Assent, becomes an Act.

    However as clauses in a bill don't have to have much (if anything) to do with the alleged subject of the Bill (Justice & Coroners anyone) so the instrument might have very little to do with the Bill either.

    The theory is all the bits which are likely to change over time, need to be rolled out at a later date or are uncertain are enabled through an instrument. The Bill acts as a wrapper for this.

    However there seems no actual limit on what an instrument can enable a Minister to do, unless they are included in the Bill (and they don't get filleted before it becomes an Act).

    Enable her Wackiness to spend Parliament and institute direct Cabinet rule IE an elected dictatorship. No problem, in principle.

    This government does seem to have been very fond of this particular wheeze. How many Acts have clauses invoking SI's? How does that compare with previous govt's? Good questions.

  24. Stephen Jenner
    Joke

    Banging on about Europe.

    There go the Tories again... Banging on about Europe... When is Cameron going to get control of his party?

  25. Anonymous Coward
    Unhappy

    Am I paranoid?

    Or is anyone else thinking "time of encrypt everything?"

    I wonder how much VPN to a country with a more enlightened regime (say, North Korea) and some PGP-like software would cost?

  26. Anonymous Coward
    Black Helicopters

    @ night troll

    We already have a law that means we don't need an election. It's aslo the one that can abolish Parliament. Check out the Legislative and Regulatory Reform Bill

    AC & helicopters, obviously.

  27. John Smith Gold badge
    Boffin

    Please note

    The EU Data Retention Directive is *not* the IMP

    This confusion is quite deliberate government spin.

    EU DRD. Requires Internet and other service providers to retain "Call records" for a period.

    It does not mandate *any* central database but does state information stored is for "National security" purposes only. IE it would be *more* limited than the current RIPA regime of nearly any official jobsworth. A fact this government may overlook.

    IMP. Effectively on demand phone tapping of any land or mobile phone number. It is actual access to what's being said, and presumably what's being sent. I doubt that would be allowed outside of the Police, Security and Intelligence services, Customs & Excise or the SOCA (I know C&E is now part of another dept, but I think you'll find they retain some specialist powers).

    We *still* do not have a a split out of the cost of the hardware for IMP versus the cost of the database, which I stress is *not* needed for IMP and will not support it.

    BTW I wonder if the phone companies will bill the govt for the back bandwidth they will want. If the whole network is IP then in principle every tapped call represents bandwidth suppliers could be using for either better net access or more calls. Possibly the only thing that what curb this surveillance happy goernment and its fellow travelling senior civil servants.

  28. Anonymous Coward
    Black Helicopters

    communications privacy

    You'd think that certain members of the cabinet would have more to fear.

    ...but if this database tracks all phone calls then Ms Smith can find out who blabbed to the press about the porn her hubby was trying to charge to the tax payer.

    ...and she can find out who it was that blabbed about her "2nd home" she was claiming for while staying with her sister.

    If Jacqui knew who blabbed then she could plot to send the culprits straight to the gulag. Telling the unwashed masses about the shortcomings of our MPs reduces our confidence in those MPs. This could be used by terrorists to bring down the government. We're lucky that they haven't yet used that logic to ban all criticism and indefinitley postpone all elections...

  29. TimNevins
    Gates Horns

    IMP

    IMP = Interception Modernisation Programme

    From Wikipedia "...The attendants of the devil are sometimes described as imps. They are usually described as lively and having small stature."

    Someone somewhere is having a laugh.

  30. Luther Blissett

    How to win the next general election (zanu labour only)

    As Bill ("Slick Willy") Clinton demonstrated in his second run, what you need to concentrate your party propaganda on is the swing voters and undecideds.

    As the Glenrothes bye-election demonstrated, if the above isn't doing the business - and the polls, pundits, and exit polls all pointed to an SNP victory - you can still win if you get the postal vote out.

    Of course you're not going to get the postal vote out - that's why they are postal votes. But, as Glenrothes demonstated, you can get the postal votes in, in surprising numbers. So surprising, it will seem unexpected. As Glenrothes also demonstrated, the solution to this is to "lose" the official record of who voted.

    So what's left? A few people talking. In which case knowing who is talking and what exactly they're saying would help nip ugly rumours in the bud, either by propaganda or ad hominem means.

    Jacqui ("5 Bellies") Smith has a slender majority, which might be expected to turn negative at the next election.

  31. Anonymous Coward
    Anonymous Coward

    Everything has gone slow

    that's the cost of the tap, it is going to cost the economy trillions, it is like being on a dialup.

  32. Anonymous Coward
    Black Helicopters

    Data Retention Directive

    Is a load of bollocks anyway ... it doesn't appear to apply to small ISP's / ESP's ... at least not mine as we've not had the requisite notice from the Secretary of State.

    AC for pretty obvious reasons!

  33. John Smith Gold badge
    Joke

    Jacqui ("5 Bellies") Smith

    As unappetising as an eighty year old pole dancer

  34. druck Silver badge
    Stop

    ISP's and backbone

    If the ISP's had any backbone, they'd retain the communications data for the mandated period, but insist on a court order for each individual customers data. No allowing trawling operations and no handing it over on mass for inclusion in a government unber-database.

    But what hope do we have of that when the major ISPs are eager to base their business on handing over every single packet of data which passes through their network to former spyware vendors and crooks.

This topic is closed for new posts.