/ Technology

The government’s net-snooping laws – a step too far?

13
Eye with globe image in pupil
Profile photo of Gus Hosein Gus Hosein Executive Director of Privacy International
Comments 13

The government’s due to announce new legislation that will allow the police to monitor all of our online communications. In this guest Conversation, Privacy International argues that this is a step too far.

At Privacy International HQ last week, we were receiving frantic calls from our advisors and colleagues across government, industry and human rights groups about rumours of new legislation in the UK being considered for the next Queen’s Speech.

The Home Office wants to establish new ways of spying on our communications and internet activities in order to prevent, detect, and investigate crime and terrorism.

‘Something must be done’

The idea of a ‘modern’ surveillance law was first floated by the Labour government in 2008. Their line of argument was as follows:

1. When BT ran all the networks and we all used landlines, the police could get access to who it was we were calling and when, and our location at the time..

2. When internet service providers and mobile phone companies came along, this allowed the police to access new forms of information held by these companies: who we were emailing and which websites we were visiting.

3. But the internet doesn’t work like way anymore: people use Gmail rather than BT internet addresses, and people chat on Facebook as much as by text. This data no longer resides in the UK, but on servers all over the world. So something must be done to make it accessible to the British government.

When in opposition, senior members of the current government clearly stated, when this policy was first floated in 2009, that this form of surveillance was unacceptable. Now the same old policy is emerging, accompanied by the same old arguments.

The government’s original idea was to store all this information in a central government database. The last government abandoned this as being ridiculously complex and an invasion of privacy.

So they instead proposed to install technology at every internet provider and phone company that will intercept all your communications to pull out information about who you’re emailing, who your friends are, and a multitude of other pieces of information.

The UK would be the first democratic country to install such a system, but there are at least three reasons why others have not moved in this direction.

1. Intercept everything

This system would require the interception of every communication in Britain. How can the government know that you’re browsing a social network, reading the news or emailing a friend?

They would have to require internet service providers (ISPs) to interfere with each and every bit of communication to see what you’re doing and then compel ISPs to record specific notes on each interaction, and then store this for up to two years.

The current law on communications interception requires that a) a person be suspected of a serious crime, and b) a warrant be signed by the Home Secretary. Now everyone’s communication will be intercepted, without a warrant or indeed any judicial or executive oversight.

However, the police will only be able to get hold of the actual content of your communications with a court order; but will continue to get lightly regulated access to communications data, like who you’re talking to, where, when, and who are your friends.

2. Low confidence to keep our data safe

This would be the first time we compelled companies to collect information on innocent people that they would not normally collect for the purpose of doing business. Yes, the police can access our financial records and even our medical records, but at least these records exist for good reason: the functioning of the banking and healthcare systems.

This time, the government is asking internet providers and mobile phone companies to actively spy on the entire population of the UK.

As the Leveson inquiry is demonstrating, once information is collected it can be abused by others – the precise degree of police complicity in the illegal access to information remains to be seen.

And with regards to hacking, it seems there is a new story every fortnight on how some large corporate database or other has been maliciously hacked. This information, once collected, can never be adequately secured, no matter how many promises are made.

3. It would be too costly

At a time when the public sector is being subjected to stringent cuts and police budgets are being slashed, the government wants to spend billions on a system that is diametrically opposed to the public interest.

Do you really want your money to be spent on a project that will partially align Britain with regimes that conduct warrantless mass surveillance abroad?

Which? Conversation provides guest spots to external contributors. This is from Gus Hosein of Privacy International – all opinions expressed here are their own, and not that of Which?

Comments
13
rich835 says:
3 April 2012

This is a difficult one.
Firstly, it would be a technological nightmare for ISP’s to implement this, I don’t see how they’re going to manage it wihout passing on the costs of such a system to their customers.

Personally, I have nothing to hide, so I don’t care if they want to record my activity. However, I would want to be sure that the system is monitoring me correctly and reporting the right things. I’m not sure that I would trust a system like this. For example, suppose I’m a reporter (which I’m not), but if I were, I might be investigating someone who I’m about to interview in order to prepare myself for the interview. In that scenario I could be be trawling search engines for all sorts of “dodgey” facts about the person. Would such searches show up on this system and then implicate me?
In the end, I suppose any flaws in the system like this, would eventually be ironed out.

On the other hand, I would be glad of such a system if a loved one went missing, and it helped the Police track down where they were. The benefits of the system in this situation would be priceless.
That possibility alone for me, gives the system a plus point for sure.

0
Vote up  |  Vote down   Reply    Report
Share   
Alistair says:
3 April 2012

Yes, all those terrorists will not be able to afford a postage stamp soon, so they will be e-mailing each other instead.

0
Vote up  |  Vote down   Reply    Report
Share   
Dean says:
3 April 2012

Why do they need these powers?

So they can say to News International that what they’re doing is legal?

Everyone has said all the snooping of recent times is wrong and the newspapers must be brought to justice. However, that has not happened, the government has either been told or coerced into just making their activities legal. We all know that the met/government/media are all bedfellows, this law will just give them the legal power to do all that they want.

Quite a precendent, clearly showing us that we do not live in a democracy

0
Vote up  |  Vote down   Reply    Report
Share   
jontycampbell says:
3 April 2012

For every way a govt can think of snooping on criminals, criminals find a way round it – criminals don’t use ‘flag’ words.

0
Vote up  |  Vote down   Reply    Report
Share   
nfh says:
3 April 2012

The government has clearly not considered the proposed legislation properly. It will be ineffective because those with something to hide already use methods that encrypt their communications. The general public who wish to protect the privacy of their legal activities will move towards greater privacy protection techniques such as encryption.
– Skype is a peer-to-peer technology that is encrypted at both ends by the client software. Calls cannot be monitored because they do not pass via a central server except for calls to conventional telephone numbers. The security services already know that terrorists switch to Skype when they require greater privacy.
– Many more people will start using Tor (“the onion router”) for totally anonymous web browsing. More UK volunteers will set up Tor exit nodes so that their own non-anonymous web traffic is indistinguishable from other users’ anonymous traffic.
– How will the ISPs monitor every web site visit? This will require interception of all port 80 traffic and implementation of transparent proxy servers. This will slow down web traffic significantly, as already happens via mobile 3G connections. Try bypassing your mobile network’s transparent proxy server and see how much faster it is.
– UK consumers with a wish to protect their privacy will use e-mail services hosted outside the UK. Although some popular services such as Gmail are hosted in the US, other jurisdictions closer to the UK such as Sweden and Germany enjoy much stronger privacy laws. If UK consumers switch to e-mail services hosted outside the UK, this will harm the many UK businesses who provide such services. The government should put the interests of UK businesses ahead of ineffective legislation to invade privacy.
– In order to protect their privacy, consumers will make greater use of e-mail encryption technology such as PGP with public and private keys.

0
Vote up  |  Vote down   Reply    Report
Share   
richard says:
3 April 2012

To me it is simple – When we are allowed to freely snoop on this so called “government” then they may have a point – but they refuse even when directed by the courts. Otherwise they are a hypocritical bunch of unscrupulous inept schoolboys with a built in U Turn mentality. They need removing from office – real social unrest is just around the corner. Social unrest is a sign of Tory mismanagement.

Anybody that wants to hide their e-mails will find a way,

0
Vote up  |  Vote down   Reply    Report
Share   
Nikki Whiteman says:
4 April 2012

Hi all, thought I’d post a quick update on this. The government has now said that these plans will be published in draft, rather than put in the next Queen’s speech. http://www.bbc.co.uk/news/uk-politics-17595209

Does this give you a different opinion on the proposals?

0
Vote up  |  Vote down   Reply    Report
Share   
Hide replies ∧
Gus says:
4 April 2012

This is an important development.

People are right to point out that there are significant technological challenges in doing what they propose. This is something that the LSE (and I) point out in 2009 and which are even more problematic today.

What’s important and essential is that we continue to have these discussions. I would never argue that these aren’t important powers for a government to have; but we need to discuss whether it is a good idea to implement it in the ways that they had foreseen. And there are many other forms of surveillance being done today that we need to identify and place under the rule of law, e.g. can the police hack your computers for good reasons? can they put malware on your mobile phone to capture your passwords? These are modern policy problems that need sophisticated public debate, not one based on Home Office rhetoric of ‘nothing to hide nothing to fear’, ‘paedophiles and terrorists’, or mere dumbing down of the policy by saying that it is ‘just about telephone records’.

I’m looking forward to this more informed conversation and public debate.

0
Vote up  |  Vote down   Reply    Report
Share   
richard says:
5 April 2012

Nikki

As far as I’m concerned – it is yet another example of this inept government’s inept administration and completely inept communication “skills” – I can’t remember one being so appallingly bad.

0
Vote up  |  Vote down   Reply    Report
Share   
Sophie Gilbert says:
4 April 2012

Agree with Gus wholeheartedly. This is material for several sophisticated discussions, where for example putting people into two black and white categories, paedophiles/terrorists versus nothing to hide/fear, is naive and simplistic and has no place.

And staying alert to this and other developments, past and present, here and elsewhere, in order to make comparisons and protest when necessary, is essential.

And what next, denunciation (which exists already, see benefit fraud), in what form, when?

0
Vote up  |  Vote down   Reply    Report
Share   
nfh says:
4 April 2012

I don’t believe in this “I’ve got nothing to hide” argument. Although terrorists and other criminals have something *illegal* to hide, plenty of innocent people do have something *legal* to hide. Those with something legal to hide should not have their privacy invaded, particularly when the legislation will fail in view of the many freely available encryption and anonymity tools.

0
Vote up  |  Vote down   Reply    Report
Share   
Ken Grahame says:
7 April 2012

As usual, we are all manipulated at every turn.
First, the standard ploy of all governments – make big shocking announcements that stir everybody up, before then appearing to back down a little, so all the gullible little people think they’ve won some kind of victory, when the only victory lies with the government, who then get exactly what they always intended to get.
Then, are people really so stupid to STILL keep falling for the old “terrorist threat” routine. For heaven’s sake, your LIBERTY is at stake here!
“Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety” (Ben Franklin)
Unfortunately the Liberal?? DEMOCRATS???? will continue to crawl along and vote in line with pretty much everything they ever opposed before the lure of power overcame them!

0
Vote up  |  Vote down   Reply    Report
Share   
Joe Norman says:
8 April 2012

This government proposal is simply wrong. It would undermine our democratic society and give government (and many others) control over our lives.
Bear in mind that every criminal, terrorist, paedophile… is also a human being who has other legitimate aspects to his or her life. It is quite likely that someone we communicate with will have a dark secret – and simple communication could be enough to implicate us.
It would bring in a nightmare society where everyone is assumed guilty unless they can prove they are innocent – but of course intercept information is too sensitive to be revealed in court so we could never find out what it was we were accused of.
Bear in mind also that every “exceptional power” given to the police to fight terrorism has sooner or later (usually sooner) ended up being used against people who embarrass the government of the day (democratic protesters, ramblers using public a footpath near a “sensitive installation”, protesting party members at a party conference…).

The government should allow intercept information to be used in court and ban the nightmare of “special trials” where the accused cannot be told of the evidence against him or her BEFORE seeking to extend its intercept powers. On the few occasions when this secrecy has been circumvented it has turned out that the problem was embarrassment for the powers-that-be rather than anything of material value to an enemy.

0
Vote up  |  Vote down   Reply    Report
Share   
 

Related discussions