back to article Report: UK.gov wants to legislate on comms data BEFORE next election

The UK's Tory-led coalition government is reportedly pushing to bring in a new surveillance law forcing ISPs to retain subscriber data for 12 months ahead of next year's General Election. It's the latest in a series of attempts from the Theresa May-led Home Office to legislate on communications data, known colloquially as the …

  1. Quinnicus
    Big Brother

    Next Steps

    "We are carefully considering the European court of justice's judgment on data retention and are currently examining potential next steps."

    Meaning : We are working towards finding a loophole.

  2. Pen-y-gors

    "Providers have no reason to retain the data"

    Exactly, so if the government insist on the right to snoop, then they must bear ALL the costs of keeping data beyond the very limited time period that the ISPs may need it - and let's insist that it comes out of the Police budgets. How many front-line police are they willing to cut to get hold of this data?

    1. Chika

      Re: "Providers have no reason to retain the data"

      There's only one problem I can see with HMG bearing the cost of anything. They have no money of their own...

    2. Anonymous Coward
      Anonymous Coward

      Re: "Providers have no reason to retain the data"

      'Exactly, so if the government insist on the right to snoop, then they must bear ALL the costs of keeping data beyond the very limited time period that the ISPs may need it'

      So by extension, *we* must bear all the cost of allowing our glorious leaders to poke their noses in where it's not required or warranted.

      1. Anonymous Coward
        Anonymous Coward

        Re: "Providers have no reason to retain the data"

        Forgot the sarcasm tags. Sorry.

        1. Gordon 10
          Go

          Re: "Providers have no reason to retain the data"

          We already do though - but why not put it in the hands of those who can make informed decisions on how effective it will be in preventing a fighting crime. Letting the Rozzers decide if they want a data slurp vs more bobbies on the beat couldn't actually be any worse than the current scenario....could it?

      2. VinceH

        Re: "Providers have no reason to retain the data"

        "So by extension, *we* must bear all the cost of allowing our glorious leaders to poke their noses in where it's not required or warranted."

        That's how it'll be anyway if UK Gov gets its way.

        If *they* have to pay for it, you and I will actually be paying for it through increased taxation somewhere.

        If they don't, and the ISPs have to cover the costs, you and I will actually be paying for it through increased subscriptions.

        Heads, they win. Tails, we lose.

        1. Ted Treen
          Big Brother

          Re: "Providers have no reason to retain the data"

          Governments should be made to carry a Government Health Warning!

  3. Loyal Commenter Silver badge

    Communications data is now used in more than 90 per cent of serious and organised crime investigations and is vital in bringing serious criminals to justice and protecting the most vulnerable among us.

    I would hazard a guess that it is currently used in >90% of cases because it is currently being slurped up like a fat kid with a milkshake. Whether it provides information that is useful to the investigation is another question; one which the answer to is explicitly not stated. Probably because the truth of the matter is that actual targeted evidence gathering is likely to be much more useful in catching and convicting the perpetrators of serious crime.

    I have no problem with communications being monitored when there is a court warrant for a specific investigation. After all, this is a function that the police and security services are expected to perform. Wholesale monitoring of communications, and retention of everyone's private information is another, completely different, matter. It reeks of fishing expeditions, and should be something that governments have no hand in - it should be handled by the appropriate services (i.e. police and MI5) and overseen by the judiciary (not politicians), who are impartial, and not subject to such influences as the election cycle, party loyalty, and political donations.

    1. Paul Crawford Silver badge

      What is missing from such a statement is how old most of the useful data is. Do the police request data for 1 week before the reported/alleged criminal incident? 1 month? 3 months?

      I think other EU states have a 6 month retention period which I suspect is more than enough for most cases, as a judge can always request an on-going recording of data on any that is an on-going investigation.

      1. Brewster's Angle Grinder Silver badge
        Joke

        @Paul Crawford

        "But, but, but if the terrorists and paedophiles know the data is only retained for six months then they will plan their actions a year in advance and then wait till the data is deleted..."

      2. Anonymous Coward
        Anonymous Coward

        What is missing from such a statement is how old most of the useful data is. Do the police request data for 1 week before the reported/alleged criminal incident? 1 month? 3 months?

        There's more missing: what happens with data obtained in that way? If I were a lawyer I'd be worried that client confidential material would be handled by a junior policeman just fresh from training, but AFAIK that seems to be pretty much possible without any serious attempt at containment.

      3. Anonymous Coward
        Anonymous Coward

        I would think it's also about monitoring patterns of criminal behavior over time as well as gathering evidence for arrests and prosecutions. And of course all the subtle relationships between criminals and terrorists and would be criminals and terroists.

    2. plrndl

      "Communications data is now used in more than 90 per cent of serious and organised crime investigations..."

      because playing with a computer is much easier than getting off your arse and doing proper police work.

    3. Anonymous Coward
      Anonymous Coward

      I have no problem with communications being monitored when there is a court warrant for a specific investigation. After all, this is a function that the police and security services are expected to perform. Wholesale monitoring of communications, and retention of everyone's private information is another, completely different, matter. It reeks of fishing expeditions, and should be something that governments have no hand in - it should be handled by the appropriate services (i.e. police and MI5) and overseen by the judiciary (not politicians), who are impartial, and not subject to such influences as the election cycle, party loyalty, and political donations.

      I wish I could upvote this a million times. The problem is indeed not having the capability, but responsible use thereof. At the moment, abuse of such wide reaching powers have eroded trust in government and law enforcement to somewhere below zero. There is no way ANY government should be able to assign more powers to law enforcement until such time as they have proven they can be trusted with it.

  4. Vimes

    If all those GCHQ/NSA programs that we keep on hearing about really are legal then why the need for new laws? Don't they already do most of this anyway? (3 days for full content of communications and up to 30 for meta data if memory serves)

    Is this perhaps an implicit admission that some aspect of what they've been up to - whether publically known or not - is not quite as legal as they would have us believe?

    1. Tom 38

      No, because this isn't about GCHQ intercepts, which apparently are all legal (dubious: discuss), but instead about ordinary plod being able to request warrants to request the same sort of data from ISPs.

    2. Anonymous Coward
      Anonymous Coward

      @vimes

      This is more about legislating to keep the surveillance all legal and to stop the looming GCHQ court cases. Think about it, wherever it's

      Nu Liebour (Tony bLiar: Who needs civil liberties anyway?)

      CON-servatives (Cameron: Vote for me to get real change...)

      Lib-Lapdogs (Clegg: we'll end tuition fees...)

      you're screwed either way.

  5. Anonymous Coward
    Anonymous Coward

    "retain subscriber data for 12 months"

    "Communications data is now used in more than 90 per cent of serious and organised crime investigations"

    So which is it? the subscriber data (which to me is the details of the bill payer and the IPs associated to that account for specific times) or the communications data (which to me is the details of all the bits passed from and to the bill payers IP address).

    Option 1 is pretty much what is done at the moment, but they would then have to extend the time they keep records for, option 2 would require some sort of hollowed out volcano filled with the largest storage devices possible with several petabytes of bandwidth to cope with the amount of data going in and out of the place. (hollowed out volcano is not mandatory but is very high up on the "nice to have" feature list I am told by cam-morons advisers)

    1. Caesarius

      @AC: Definition of Comms Data

      I understood that Comms Data is only the "who contacted whom, when, how, and possibly email subject", not all the voice recording or email content.

      This affects the amount of data to store, obviously. And it affects how the data helps the police, obviously. It is not quite the Big Brother activity, where every thought is judged.

      I believe that a warrant is not required for Comms Data, which fact may raise a few eyebrows.

      Only if you get a warrant can you get all the elements of the specified communication, i.e. the police cannot intercept en masse, let alone store it for 5 minutes.

  6. Nick Ryan Silver badge

    "The retention of communications data is absolutely fundamental to ensure law enforcement have the powers they need to investigate crime, protect the public and ensure national security," May's department said. "We are carefully considering the European court of justice's judgment on data retention and are currently examining potential next steps."

    Translation: "We need to push forward May's dreams of a thought police state but don't be concerned, important people such as politicians and your favourite 'celebrities' will be excluded from monitoring. If you have done nothing wrong then you have nothing to hide. We will change what 'nothing wrong' means in the future. Muhahahaha. What? This thing is still recording? Turn it off immediately and delete that last bit, yes delete it from the Internet. Wait, your administrators say that it isn't possible? Fire them and hire some new administrators."

  7. Anonymous Coward
    Anonymous Coward

    "... and your favourite 'celebrities' will be excluded from monitoring"

    You're right, but then again, we trust our celebrities to be wholesome and no threat to anybody for a reason; they are the most amazing and trustworthy people in the world and are especially safe to perform in Children's TV, with children! Who can name one celebrity who could possibly have a nefarious past? No? I thought not. Celebrities are great, lovely and totally harmless....

    ... or maybe there's a reason celebrities won't be scanned? Have they got something to hide?

  8. bigtimehustler

    What Lord Wasserman seems to have forgotten is that this "post-Snowdon" fallout is the public not wanting this type of surveillance, that's why ISP's do not feel inclined to choose to do this. So he seems to think the solution is to change the law so that they have to keep it? What about listening to the public they represent and just giving up on storing it. But I guess that would be too simple wouldn't it and wouldn't keep enough people in jobs.

    1. LucreLout

      @bigtimhustler

      Sadly, I think the Snowden revelations bypassed much of the public. They either know and don't care, or don't care to know.

      I suspect the ISPs are simply pushing for a law change becuase they don't want the adverse publicity of implementing the storage and finding out that their competitors didn't.

  9. Britt Johnston
    Big Brother

    Think before you jump

    It would be better if there was a clear accepted concept of what is to be achieved, before proceeding to legislation. Otherwise the EU judges will take them apart again.

    Current concept:

    We accept that GCHQ has full coverage, because they are above the law.

    So we syphon everything to GCHQ (US Branch) within the first few days.

    They provide to police as needed, as long as it suits GCHQ and friends (filter out plants, etc).

    No duplication, no data loss, no ISP inconvenience, but not admissible as evidence.

    Amended concept

    We make data available to police as needed.

    They make it available to GCHQ and friends above the law (warn plants, etc) within the frozen period.

    After, they can still make it available to police as requested.

    No duplication, no data loss, no ISP inconvenience, frozen records admissible as evidence.

    Both concepts assume that the police and the secret services work well together, to avoid data gaps and save money.

  10. Ted Treen
    Big Brother

    Come back Wat Tyler; all is forgiven!

  11. Anonymous Coward
    Anonymous Coward

    Making it Pay

    The only option open to ISPs, is to sell the data to the Home Office, on the basis that the Home Office pays the ISP what it costs the ISP to collect it.

    This is private enterprise at work. - You want, you pay! You no pay, you no get.

    You're certainly not getting it for free!

    1. WonkoTheSane
      Facepalm

      Re: Making it Pay

      And who pays the Home Office so they can pay the ISPs I wonder?

      1. Anonymous Coward
        Anonymous Coward

        Re: Making it Pay

        Do you think that either the Home Office or the ISPs care about the answer to that question?

    2. Glostermeteor

      Re: Making it Pay

      Use an encrypted VPN and they will have no data to sell. I already use VPNs on all public wifi systems as there is already evidence that they pass on your data to third party advertisers.

      1. Anonymous Coward
        Anonymous Coward

        Re: Making it Pay

        I would push for legislation that required commercial grade VPNs to share their keys with the authorities. Use of a VPN that didn't conform would be outlawed. Only military and intelligence services should have access to such encrypted communications.

  12. John Smith 19 Gold badge
    Gimp

    8 Home Secretaries later and the curent sock puppet is spouting the same line.

    It's not the current face on the stick you need to look for.

    It's the gang of chimps "advising" her.

    It's highly amusing as the history of the EU DRD is that it was drafted by th Home Office following the Madrid bombing (and the Spanish wanted nothing to do with it even then).

    You can't keep a good data fetishist down.

    1. Anonymous Coward
      Anonymous Coward

      Re: 8 Home Secretaries later and the curent sock puppet is spouting the same line.

      Yes, the history of the Data-Retention-Directive also involves first bringing it to the EU agenda thru the agricultural & fisheries committee of Conseil/Consilium, but now ignoring this part of the 'democratic' process.

      The Austrian Supreme Court also struck down the DRD last week as being 'disproportionate' but haven't yet published their reasoning.

      UKUSA needs the DRD in order to remain Spectrum Dominant using the new technologies, pity is, it's purely for intel, as they never dare present intercept evidence in UK Courts, so currently 'plod' has nearly fuck-all benefit from DRD. At least in USA the NSA allow 'parallel construction'

  13. Anonymous Coward
    Anonymous Coward

    Location, Location, Location

    It's not just a plot device in a TV detective series, murder cases have used information about the location of an accused murderer, based on phone-tower connections.

    While I'd prefer that there wasn't record of my approximate location made available simply by virtue of the fact that I carry a mobile phone, I don't know anyone who either does without a phone entirely, or routinely turns off their phone to avoid leaving these digital breadcrumbs - in other words, we, as a society, seem to have accepted those breadcrumbs as part of the price for the convenience of using mobile phones.

    I don't know whether the phone companies have any technical use for that data after a couple of minutes, or hours, or even days, and if they don't, where we as a society find the balance between the potential benefit of solving serious crimes versus the abuse of power that such data can also enable. The problem for the Government is that more and more people are concerned about the potential for abuse of power, and are less convinced that the potential crime-solving capacity is worth it.

    1. Caesarius
      Terminator

      Re: Location, Location, Location

      Actually, we all know from The Bourne Ultimatum that turning off your mobile phone is a sure indication that you are up to no good.

      (Pamela Landy identifying Neil Daniels, if you'd like the reference)

    2. Matt Bryant Silver badge
      Boffin

      Re: AC Re: Location, Location, Location

      ".....I don't know whether the phone companies have any technical use for that data after a couple of minutes, or hours, or even days...." They have three possible reasons, one technical, one public safety and one crime related. The technical reason is for dealing with service SLAs and complaints, where the phone company may need to prove you were actually not actually in the good reception area you claimed you were in. The public safety is for tracking hikers and the like when they have wandered off and got lost, and knowing where they left the grid cuts down the search area. And the crime angle is for tracking stolen phones, especially in kidnapping cases.

  14. amanfromMars 1 Silver badge

    Who else realises the tossers are just into extracting the urine and are simply playing ....

    .... exceedingly badly, crap hands in the Great Game Schema of Internet Things?

    Do politicians and mickey mouse government officials actually think anyone with a titter of wit and modicum of future smarts will be at all bothered by any of their new self serving rules and regulations/laws, considering the abuse that they so evidently condone of them to further try to enrich and protect themselves from ...... well, I suppose that would be competition and/or opposition and alternate intelligence with better resources and/or sources whenever beta master blasters?

    FUD just doesn't make it with IT leading systems admin any way, any more.

    And what are mainstream media and media moguls doing, posting their nonsense in sound and vision for all to wonder at the idiocy which abounds?

    Get with the New AI ProgramMING, Boys and Girls, and make the Change to Beta Novel Pictures for Better Bigger Picture Shows.

    Raw Awe rather than Jaw Wars a la Lord Haw Haw clones/drones is an Enigmatic Solution which Questions all Answers and Provides Results for Proving as Fit for Future Better Great Game Purpose.

    You know it makes sense whenever you have Command and Control of IT and Media Messaging with Global Operating Devices.

    1. Anonymous Coward
      Anonymous Coward

      Re: Who else realises the tossers are just into extracting the urine and are simply playing ....

      Not to put too fine a point on it, our self-elected/self-selected elites think they are the sharpest tools in the toolshed despite thousands of contrary examples per annum, over the millinea of both written and oral recollections. So, yeah, we aren't supposed to notice the people behind the curtain.

      They will be completely clueless until lead off to slaughter.

  15. PaulR79

    Communications data

    "Communications data is now used in more than 90 per cent of serious and organised crime investigations and is vital in bringing serious criminals to justice and protecting the most vulnerable among us."

    I dare say that 100% of serious and organised crime uses the power of speech. BAN ALL SPEECH AND TEACHING OF IT! Actually perhaps it's better to allow it and just keep a record of all that speak either verbally or through sign language and any other means that exists or have not been thought of yet.

    1. Anonymous Coward
      Anonymous Coward

      Re: Communications data

      Actually, I think we need to ban cars as well. They are used in a high percentage of abductions, robberies and burglaries, and I think we should put serious effort in place to curb crime. Bugger and side effects, we need to stop crime and think of the children. Chauffeur driven vehicles are naturally exempt.

      If you don't agree with this measure you're clearly in cahoots with criminals and warrant investigation.

      /sarcasm

      Interesting how quickly these arguments turn into farce when you match them up with other facts...

    2. Anonymous Coward
      Anonymous Coward

      Re: Communications data

      No need to ban speech. It's not the ability to speak, but what is said that is the problem.

  16. Richard Neill

    Muddled thinking

    It seems to me that the opportunity to prevent "crimes/terrorism" by surveillance is itself a problem. It allows ministers to be complacent about the need to prevent these things happening. So if we could take away the illusion that we can fight crime by abandoning our privacy, I wonder whether politicians might actually address the root causes.

    Why not halve the police budget, and redeploy it into education and job-creation.

    Let's ditch the war on drugs, and suddenly we can de-resource customs, and remove much of the anti-money-laundering bureaucracy.

    Furthermore, if we can deprive our politicians of "magic bullet" solutions to terrorism, they might at last face up to the real causes (such as bad foreign policy, lack of human-rights in the middle-east, and lack of secular education).

    1. Will Godfrey Silver badge
      Thumb Up

      Re: Muddled thinking

      Right on the button, but joined up thinking is just too hard.

      Have one of these, as well as an upvote.

    2. Anonymous Coward
      Anonymous Coward

      Re: Muddled thinking

      There's got to be something wrong with that whole approach. No complexity, a decided lack of nuance. C'm'on, lend me a hand. What am I missing...?

    3. Anonymous Coward
      Anonymous Coward

      Re: Muddled thinking

      It seems to me that the opportunity to prevent "crimes/terrorism" by surveillance is itself a problem.

      Correct. It has been extensively proven that only focused surveillance (i.e. of entities already suspected of crime) has any preventive effect. Mass surveillance only helps to mop up after the deed has been done and secure convictions, but I have to hear as yet any evidence whatsoever that it has helped PREVENT a crime. As a matter of fact, this has already been proven by analysis of the impact of mass CCTV surveillance.

      Cynically, I would just observe that PREVENTING crime rarely brings good press and votes - a bit like Y2K, if it's done well it'll be silent. Arresting people after a big bang brings a lot more publicity...

    4. Anonymous Coward
      Anonymous Coward

      Re: Muddled thinking

      Um...but we can prevent crime by giving up privacy. If everyone watched everyone else, crime becomes quite difficult unless people collude to cover up in which case all involved are criminals until the ripple reaches someone not willing to be party to the crimes.

  17. Christoph

    We are a democracy

    We have the free right to choose how we are governed!

    We can choose between a party that is gong to bring in draconian laws, a party that is gong to bring in draconian laws, or a party that has no hope of getting in but will bring in those draconian laws anyway if they do.

    1. Anonymous Coward
      Anonymous Coward

      Re: We are a democracy

      "We are a democracy

      We have the free right to choose how we are governed!

      We can choose between a party that is gong to bring in draconian laws, a party that is gong to bring in draconian laws, or a party that has no hope of getting in but will bring in those draconian laws anyway if they do."

      You also have the choice of doing nothing and letting criminals and terrorists destroy the world around you.

  18. Glostermeteor

    VPNs....

    We'll just have to start using encrypted VPNs, just like they do in other countries with authoritarian regimes. As far as I am concerned, it has absolutely no democratic mandate so the people have every right to do everything they can to circumvent it.

    1. Anonymous Coward
      Anonymous Coward

      Re: VPNs....

      You mean those VPNs that typically use OpenSSL, a piece of software so full of holes that it might as well have been written by the NSA themselves? And let's not even get started on the security theatre that is PKI.

    2. Anonymous Coward
      Anonymous Coward

      Re: VPNs....

      "We'll just have to start using encrypted VPNs, just like they do in other countries with authoritarian regimes"

      First, go live in a country with a true authoritarian regime and you'll soon see how lucky the UK is.

      Second, do you really think commercial and open source VPNs are not already imperceptible by security services? Actually, no one cares about the security of the data in transit, it's the endpoints that are most relevant. A VPN doesn't hide who you're communicating with.

  19. Anonymous Coward
    Anonymous Coward

    Calm down

    There's a lot of misinformation about this so called snooper charter. This is the call information - who did what and when - not what was said or sent. And that principle applies to web access, and email.

    We have no privacy concerns about mobile call data that has call records and cell information, so what is the difference to monitoring a VoIP call with the calllers IP details or tracking an email - without actually looking at the contents or listening to the call. The call data is 80% use case to catch criminals, the first thing they do is pull their mobile phone records.

    The government already pays all operators to keep mobile or fixed call information, and this would be no different for data calls or emails.

    Then you get to web access, the proposal as I understand is to see which top level site you've visited, rather than keep your entire browsing history.

    Still carry on panicking

    1. Harry Stottle

      Re: "Calm Down"

      Ah, so this is what a Home Office Troll looks like

      "We have no privacy concerns (etc"

      Noone who understands data collection and data mining would make that statement.

      If you need to ask why it's a privacy threat, you're probably not going to understand the answer, although, if you stick around these parts long enough, you will begin to absorb the painful truth

      The wider social problem is that you are more representative of the "common herd" than the average Reg reader...

    2. Anonymous Coward
      Anonymous Coward

      Re: Calm down

      We have no privacy concerns about mobile call data that has call records and cell information

      Speak for yourself. The problem with meta data is that it is prone to misinterpretation because of its lack of context (the content).

      Meta data must be as protected as personal data. People look at meta data and tend to draw conclusions that are considered facts instead of probabilities, and that can lead to all sorts of problems. Personally, I think we should stop labelling information of that nature "meta" data, just call it data too - this distinction is more and more used to excuse obtaining it without due process (like the FBI now can in the US).

    3. Anonymous Coward
      Anonymous Coward

      Re: Calm down

      I agree. This is being blown out of all proportion.

      The lack of context around meta-data does not make meta-data useless. It simply means that meta-data can only be used in conjunction with other data to re-enforce other evidence. Also, we don't know how often there is a lack of context - for all we know, the other methods of intelligence gathering may well provide the context and the meta-data is used to fill in gaps. The more data the better the analysis and investigation.

      I have yet to see anyone explain why privacy is so vital to society. We are already in an age where we've given up most of our privacy, WILLINGLY, and yet the world has not come to an end. The argument I often hear is that the weak and vulnerable will be open to exploitation by greedy commercial entities if the data falls into the wrong hands. Well, lobby to legislate against bad corporate behavior on an exception by exception basis. As for all other privacy matters, who the hell really cares anymore? Most people's lives are now an open book because they themselves are publishing for all to read and view. And this trend will continue with each successive generation who will be more open about their private lives than the previous generation. Generation Y have little desire to remain private online. Generation X are now over the hill, and won't be around for too long.

  20. Anonymous Coward
    Thumb Up

    Knee jerk reaction

    As always there is the knee jerk reaction. Can anyone propose an alternative means to monitor internet activity of serious criminals and terrorists? If there is a cost, so be it, I don't mind paying my fair share.

    What people are really objecting to is someone else knowing about their dirty little online habits. Newsflash, the authorities don't care about your fetishes unless they involve minors.

    1. dogged

      Re: Knee jerk reaction

      > Can anyone propose an alternative means to monitor internet activity of serious criminals and terrorists?

      How about, and you realize I'm just wildly spitballing here, getting a fucking warrant?

  21. cupperty

    Time to ditch the mobile ...

    methinks

    1. Matt Bryant Silver badge
      Facepalm

      Re: cupperty Re: Time to ditch the mobile ...

      Surely, before ditching the mobe, you should make a comparison of the benefits of mobe usage as opposed to the possible risks of mobe usage? On the one hand, you have all the reasons you got a mobe in the first place - communicating with friends, being able to use the Internet on the move, etc. - against which you have to balance the tiny risk that you will do something that will make you of interest to the spooks. TBH, you are many, many more times more likely to be at risk from the black hats trying to own your mobe or steal your data/e-cash every day than from the spooks.

  22. cortland

    Prepare in advance

    Generate data on millions of randomly spelled names with compliant but imaginary telephone numbers and IP addresses, for communications to occur in the future.

    This probably violates six kinds of privacy laws.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like