June 2005 Archives

We have been asking the Government to clarify exactly what it means by the terms "fingerprint biometrics" with respect to the proposed compulsory National Biometric Identity Card / centralised Database scheme. Instead of publishing a full technical architecture of what exactly they intend to create, which would have no adverse impact on any commercial procurement process, they just keep dribbling out crumbs of information, apparently as an afterthought:

House of Commons Written Answers 28th June 2005 (pt 18)

"Mr. Austin Mitchell: To ask the Secretary of State for the Home Department how many digits he expects to be printed on identity cards; and what information he has collated on the number of digits required on passports and identity cards by other countries. [6164]

28 Jun 2005 : Column 1452W

Andy Burnham: No fingerprints will be printed on the face of the identity card. Biometric information, including under current plans 10 fingerprints, will be held securely on the National Identity Register. Some of the fingerprint data could be held in an encrypted form on the card chip. All the Schengen states will be required to use biometrics in passports under Council Regulation 2252/2004. Fingerprint biometrics (rather than just fingerprints) will be introduced within three years of adoption. Non-Schengen states may choose to follow the requirements, although they would not be bound by the timetable. Other EU member states which issue identity cards are considering introducing biometrics to increase security and some, for example Greece, Italy, Portugal and Spain, already collect one of more fingerprints as part of their national identity card schemes. Among non-EU states, Hong Kong and the Philippines currently include fingerprint information on their identity card schemes."


Does

"Biometric information, including under current plans 10 fingerprints, will be held securely on the National Identity Register. Some of the fingerprint data could be held in an encrypted form on the card chip"

mean that the full fingerprint image scans are going to be stored on the National Identity Register, rather than any biometric secure hashes or template minutiae (an encoding of the ridges and intersections of the fingerprint pattern) i.e. the most useful data to both police investigators and to identity thieves will be stored centrally and have to be sent securely over the network infrastructure ?

There is no assurance that any of the fingerpint data will be held on the central National Identity Register in "encrypted form".

What does Andy Burnham mean about "some of the fingerprint data" with respect to the actual ID Card itself ? Does this means template minutiae of all ten digits or does it mean full digital scan images of, say, two fingers ?

We find it hard to believe that the Smart Cards being considerd for the ID Card scheme will have enough tamper resistant memory capacity to store the raw fingerprint image scans.

It is certain, that the ICAO standard Biometric passport chips (64 Kilobytes of memory in total) will not have enough tamper resistant memory space.

The current National Automated Fingerprint Identification System (NAFIS) for Criminal Records also uses 10 fingerprints and both palm prints (if you have them all) so you can see just how skewed the ID card scheme is towards treating us all as criminals, rather than as innocent citizens, and how far removed the system is from being an individual citiizen centric, purely identification card, and instead is really tool for mass surveillance by the state.

We fully support Dr. Brian Gladman's analysis of past abuses of the fingerprint system by the Police, and his fears for similar abuses of the ID card scheme.

[UPDATE: see comment below]

If four fingerprints are what the National Physical Laboratory / BT study suggested were needed for reasonably accurate identity verification purposes, and if even the US-VISIT system only uses two fingerprints for border control purposes, than surely the taking and indefinate storage of ten fingerprints of millions of innocent people must be considered to be disproportionate under the Data Protection Act ?

The NuLabour Home Secretary Charles Clarke seems to expect us to believe his statement during the Second Reading debate that

"I argue that the ID card system is in fact a bulwark against the surveillance or Big Brother society, and not a further contribution to it."

Is it terrorists, serious organised criminal, illegal immigrants, benefit fraudsters or "identity thieves" (the presumed statutory targets of the Identity Cards Bill) who are setting up multi-billion pound technological mass surveillance infrastructures to spy on everyone in the UK, or is it the NuLabour Government which is planning to do so ?

It looks as if you have until midnight tonight, 30th June 2005, to start any ongoing peaceful protests or demonstrations in and around Parliament Square in London, if you want to try to take advantage of what could be a potential legal loophole in the Serious Organised Crime and Police Act 2005

It would be ironic if the controversial lone "peace camp" protestor Brian Haw was the only person actually still allowed to protest without prior permission and arbitrary restrictions under the Act, even though the "Demonstrations in the vicinity of parliament" provisions were obviously aimed at him personally, the politicians backed off from creating a personal Bill of Attainder naming him specifically.

The argument hinges on whether the wording of the Act only deals with demonstrations starting after the 1st of July, and not retrospectively with ones that have already

Even if Brian Haw can take advantage of this possible legal loophole, the requirement for prior permission and the powers to enforce arbitrary restrictions on any peaceful demonstration by even a single person wearing a "Political" T-shirt, or badge or carrying campaign literature is an affront to democracy, and does not even have the excuse of "climate of fear" anti-terrorism measures.

It appears that the Bristol branch of Indymedia the independent / alternative news network, has fallen foul of heavy handed Police authorities in search of an elusive, and probably non-existant IP address of an otherwise anonymous author of a posting on their news bulletin board / forum - no different in principle from a web blog or discussion forum with open comments.

It appears that the British Transport Police have seized an Indymedia server machine from the home of a volunteer, who has also been arrested, allegedly due to a "news" article which implies that the anonymous author was involved in some criminal damage to some railway freight traffic. Presumably they were after an IP address of the "anonymous" poster, which, if the server was set up as Indymedia usually claim, would not have been keeping a log file of this information.

This should be a case for a Regulation of Investigatory Powers request to the server's Internet Service Provider, and should not have lead to the arrest of a member of an alternative media volunteer/journalist.

Indymedia were targeted last October by a international muli-lateral jurisdictional nightmare , which ended up with two of their servers hosted by Rackspace, near Heathrow being seized on the orders of the FBI, acting on still mysterious Italian or Swiss authorities, without consulting the local United Kingdom police authorities, who had legal jurisdiction.

Identity Cards Bill 2nd reading Ayes:314 Noes:283

|

The Second Reading of the controversial Identity Cards Bill has been passed by 314 votes to 283.

The Government is, yet again tabling a "Programme Motion" i.e. a "guillotine" on debate in the Committee Stage. This will limit debate until the 19th July, so yet again, the Identity Cards Bill is being rushed through Parliament without proper debate for something so complicated.

This time, there will not even be a Home Affairs Select Committee or a Public Accounts Committee which has been convened in time for them to examine the detailed costs of the plan.

So much for the democratic process in the House of Commons.

It is impossible to believe that all of those who voted for this Bill have actually bothered to read the full text, let alone to understand its deeper implications.

Yesterday's Prime Minister's Monthly Press Conference had several questions on ID Cards, which Tony Blair answered in a very misleading, or perhaps, self deluded manner.

PM holds monthly press conference
27 June 2005

Prime Minister's opening statement:

The London School of Economics has now published The Identity Project: an assessment of the UK Identity Cards Bill and its implications

There are simply no reputable academics or IT security experts, or legal experts or even commercial companies selling biometric security or database technology who will publicly support the Government's proposed Identity Cards Bill without reservations.

"From a security perspective, the approach to identity verification outlined in the Identity Cards Bill is substantially – perhaps fatally – flawed. In consequence, the National Identity Register may itself pose a far larger risk to the safety and security of UK citizens than any of the problems that it is intended to address."

Then there are the literaly billions of pounds of cost underestimates that have been glossed over by the Government in the vain hope that we would not notice that their sums simply do not add up properly.

If any Member of Parliament votes for the proposed Identity Cards Bill, which gets its Second Reading in the House of Commons tomorrow, after reading this comprehensive and well researched report, then it will be clear that they are incompetent, or that they have been corrupted, and are not fit for office.

Unfortunately, many of them will not bother to read, let alone understand, the full text of the actual Bill upon which they are voting, let alone a detailed analysis of its weaknesses and alternative proposals.

To download the executive summary, see http://is.lse.ac.uk/idcard/identitysummary.pdf

To download the full report (approx 300 pages), see http://is.lse.ac.uk/idcard/identityreport.pdf

The NO2ID Campaign needs your support in lobbying Members of Parliament. You can also sign their online pledge

The weekend media coverage of the Government's controversial ID Card / Database scheme seems to have touched a raw nerve within the NuLabour propaganda machine, especially the slightly inaccurate report in the Independent on Sunday about the "selling of ID card information"

The Sunday newspapers are, the weekend before the Second Reading of the Identity Cards Bill 2005 in the House of Commons on Tuesday, finally starting to acknowledge that the lack of detailed cost estimates and the blind faith in complicated, untested, multiple biometric technologies should have been enough to scupper this ill conceived and repressive Bill in the first place.

Nothing much has changed in the speed and the relative accuracy of the several biometric technologies or the potential implementation factors and costs costs in the last 3 or so years. Only now, with the imminent publication of the London School of Economics report on Monday morning, are the so called "quality" Sunday newspapers starting to acknowledge the huge problems that the NuLabour Government's scheme has faced all along.

Some idea of how misleading the Regulatory Impact Assessment of the costs of the Identity Cards Bill, can be seen from another recent RIA, published in support of the new
Immigration, Asylum and Nationality Bill.

The estimated cost of installing Iris Scan Biometric Passport Readers in the 47 main airports and ports, is an average of £21,000 (derived from a guesstimate of £1 million for 47 airports and ports) for the computer network cabling, and £3,000 - £5,000 per reader plus one PC per biometric passport reader (approx. £1,000) i.e. at least £27,000 for the first biometric passport reader at any one location.

The plan is to initially only have a single biometric passport reader and a single biometric visa reader per airport or port, which will obviously require only a relatively small additional cabling infrastructure cost per additional reader.

This totally contradicts the wishful thinking guesstimate for the cost of an ID Card biometric reader in the Identity Cards Bill 2005 updated Regulatory Impact Assessment, published on 27th May 29005:

"(ii) a card/biometric reader with on-line access to the verification service. Organisations will be expected to fund the costs of card readers. The current working assumption is that the cost of card readers would fall within a range of £250-£750 depending on their level of sophistication and performance – for example whether they are able to check a biometric as well as the card in high risk, high value transactions where the card holder is present. Integrated with other security and verification requirements, this cost could fall substantially over the years ahead. No allowance in these estimates has been made for reductions in cost due to volume discounts, however the use of a common standardised technical interface for the online verification system will encourage a competitive market for card and biometric readers to develop, which can be expected to bring costs down over time."

This figure obviously ignores the cabling and computer infrastructure and integration costs which will be faced by the thousands of other Government department office locations, private sector employers, financial institutions or the National Health Service, which the Home Office seems to think will just magically integrate with the National Identity Register, for free.

These costs of will also have to also include Bank Automatic Teller machine or Public Phone Kiosk style tamperproof / vandalproof armouring, which it may well be possible to omit in a high security, constantly monitored environment like an airport or port Passport Control hall, but not elsewhere.

This armouring could easily cost £5,000 per reader alone.

ID Card biometric readers will be even more expensive and complicated because they are planned to make use of multiple biometrics indicators - iris scans, fingerprint / multiple fingerprint scans and facial recognition. There are no Commercial Off The Shelf products which do all this, and since no other country is proposing to use the same system, there will be no global market economy of scale.

The cost over, say 10 years, the time it is going to take to get the ID card schem running, will of course be much more, as it is likley that a couple of "technology refreshes" will needed to keep the computer and network hardware up to date over a 10 year time period.

Not The Big Brother Awards

|

As previously mentioned, the 2005 UK Big Brother Awards are postponed until July, i.e. after the Second Reading of the Identity Cards Bill in the House of Commons on Tuesday 28th June.

Nevertheless, all sorts of interesting people turned up for a drink and a chat anyway.

The eagerly anticipated London School of Economics Identity Project report does seem to be nearly complete.

It appears to be a substantial report, judging by what we could glean from a sneaky bit of "shoulder surfing", The Preface has been written by Richard Thomas, the Information Commissioner who is legally responsible for enforcing both the Data Protection Act 1998 and the Freedom of Information Act 2000. This is unprecedented, and can only add to the seriousness with which this LSE Identity Project report must be taken by politicians and civil servants, given its critque of the Government's Identity Card / Centralised biometric database scheme.

We are getting reports that the UK Mobile phone network O2 has launched a flawed new service called O2 Call Alert which sends you an SMS message telling you which number has tried to call you when your phone has been switched off or is out of signal range.

In theory

"If you miss a call, callers will hear a message telling them that their number will be sent to you via text message to let you know they called. If callers withhold their number you won't be sent a text and they'll be told to call again later"

Except, of course, that currently, a text message is sent, regardless of whether or not the phone calling you is set to withhold its Caller ID.

Seeemingly this errant behavior applies to witheld numbers from UK landlines as well as other UK mobile networks.

Does this privacy destroying "feature" also apply to unwanted SMS text message spam ? N.B. a lot of such SMS spam is sent from overseas networks, which means that there is usually no Caller ID.

Are landline or other mobile callers to O2 mobile phones being charged for these missed call text alerts, even when they should not be ?

"Callers to an O2CallAlert user will be charged as per their standard tariff rate for a mobile terminated call, unless their number is withheld (when they will not be charged for the call)."

It appears that this year's UK Big Brother Awards are now POSTPONED until some time in July, presumably as a result of the Identity Cards Bill Second Reading debate on June 28th, and the London School of Economics alternative ID scheme report due to be published before then.

(The party is still on, apparently, just without the actual awards !)

The BUPA Seven whistleblowers

|

Whistleblowers The BUPA Seven are still waiting for justice, after losing their jobs after reporting physical violence and inappropriate use of medication on elderly care home residents.

Why has the Employment Tribunal system and the Public Interest Disclosure Act 1998 failed them so badly ?

Andrew Gilligan's "Gilligan on Monday" column in the Evening Standard seems to take weeks or months to appear in their online archives e.g. his article back in March about the saga documented by the Yorkshire Ranter blog regarding Viktor Bout, the illegal gun running airline operator, is now online, but was not for at least a couple of weeks after publication.

Today's two page article is illustrated by a large burning ID Card colour photo from the NO2ID demonstration outside the David Blunkett / IPPR event last November,

[captioned: "Burning issue: to try to stifle protests over their plans for identity cards, Tony Blair and Charles Clarke (pictured below) have relied on statistics that seem to bear little relation to reality],

another colour photo of Charles Clarke looking mean and shifty, and a black and white still from the Alistair McGowan Capital One credit card "identity theft" scaremongering ad campaign. Capital One have been spamming potential customers with junk mail for years, so one has to be sceptical about their attitude to data privacy and security.

Debunking the "£1.3 billion a year identity theft figure " has been done before, by the Law Society and even by Spy Blog:

"Identity Fraud" does NOT "cost the UK £1.3 billion a year"

However, Andrew Gilligan has the resources to get quotes and comments from most of the industries or departments which contributed guesstimates to the Cabinet Office document " Identity Fraud - a study" published in July 2002 (241kb .pdf file) which the Home Office has been shamelessly hyping ever since, without commissioning any updated guesses or actual quantitative research themselves in the intervening period.

It is important that this article is more widely read outside of London, before the Second Reading of the Identity cards Bill on the 28th of this month i.e. in just over a week:

"Evening Standard, Monday 20th June 2005, page 16 & 17
Gilligan on Monday

Revealed: how Blair is playing the fear card

Thanks to a Government campaign and an over-the-top TV advert, we are being led to believe that we are all at the mercy of identity-theft fraudsters. But the £1.3 billion figures for Britain's 'fastest-growing crime' just don't add up.

For those of you who like us, seem to read, and try to understand lots of highly technical documents, try the Class 1 Generation 2 UHF Air Interface Protocol Standard Version 1.0.9 (.pdf)

"This EPCglobal Board Ratified standard defines the physical and logical requirements for a passive-backscatter, Interrogator-talks-first (ITF), radio-frequency identification (RFID) system operating in the 860 MHz - 960 MHz frequency range. The system comprises Interrogators, also known as Readers, and Tags, also known as Labels."

This is the standard around which all the big electronics companies are producing their new RFID tag products, with promises of better, faster, more simultaneous tag reads per second, greater range etc.

Points of interest to Privacy / Security campaigners:

  • No Encryption of the data between the Tag and the Reader, apart from a 16 bit pseudo random number handshake which tries to hide the transmission of Password or Kill Codes. All the rest of the transmissions are in clear plaintext.
    "These commands use one-time-pad based link cover-coding to obscure the word being transmitted, as follows:
    Step 1. The Interrogator issues a Req_RN, to which the Tag responds by backscattering a new RN16. The Interrogator then generates a 16-bit ciphertext string comprising a bit-wise EXOR of the 16-bit word to be transmitted with this new RN16, both MSB first, and issues the command with this ciphertext string as a parameter.
    Step 2. The Tag decrypts the received ciphertext string by performing a bit-wise EXOR of the received 16-bit ciphertext string with the original RN16.
    An Interrogator shall not use handle for cover-coding purposes.
    An Interrogator shall not re-use an RN16 for cover-coding. If an Interrogator reissues a command that contained cover-coded data, then the Interrogator shall reissue the command unchanged. If the Interrogator changes the data, then it shall first issue a Req_RN to obtain a new RN16 and shall use this new RN16 for cover-coding. To reduce security risks, this specification recommends that (1) Tags use unique kill passwords, and (2) memory writes be performed in a secure location."

  • 32 bit Password (in two 16 bit chunks) - no "3 bad passwords and you are locked out" - brute force Password attacks are feasible - watch out for the theft of high value or restricted items (e.g. military weapons) by being electroncally "re-labelled" remotely, invisibly and undetectably.

  • 32 bit Kill Code (in two 16 bit chunks) - The specification suggests, but does not demand, that each RFID tag should have an individual Kill code. Since this implies a lookup to a central or distributed database, with all the logistical network problems that implies, many companies will be tempted to use a common Password and/or a common Kill Code on whole batches or product lines, increasing the risk of a remote, radio based, Denial of Service attack even through the walls of a warehouse or a sealed transport container.

  • Better collision avoidance in multiple reader situations - implies lots of possible deliberate Denial of Service attacks on the readers, or spoofing attacks on the stock control systems which the readers feed into.

  • Just like WiFi etc. - no authentication of the Reader by the RFID tag - lots of possible Man-In-the-Middle attacks, and there is no way for, say, item level Tesco RFID tags which have not been "killed" at the supermarket checkout till, to only be read by genuine Tesco operated readers, and not also by, say, Marks & Spencer ones, or ones operated by a malicious third party.

Obviously, based on past experience, the actual product implementations of this standard, may have other privacy or security issues, in addition to those listed above.

Please let us know if we are wrong in our interpretation of this standard.

UPDATE: (April 2008) There are now some more updated standards available online at:

>http://www.epcglobalinc.org/standards/

UPDATE: It appears that this year's Big Brother Awards are now POSTPONED

Another year, another annual Big Brother Awards ceremony, the seventh, this Thursday 23rd June 2005.

Starting at around 7.15pm, the Quad (downstairs student bar), London School of Economics, Houghton Street, London.

This year's nominations include some of our "least favourites" like the UK Passport Service biometric passport "policy laundering", Alistair Darling's Road Charging / Electronic Tagging proposals etc.

The event will be, as usual, an opportunity to meet some of the key UK privacy/security campaigners face to face.

Whistleblower James Cameron to face charges ?

|

James Cameron could face criminal charges, according to the Sunday Times.

"A DIPLOMAT who exposed visa scams allowing thousands of illegal east European immigrants into Britain is facing the prospect of charges."

The Crown Prosecution Service (CPS) plans to charge James Cameron, the former British consul in Romania, with “facilitating immigration fraud”, a leaked government memo has shown"

"The tribunal was due to be heard last week. But in an e-mail to the tribunal, Peter Bennett, an official at the Treasury Solicitor’s Department, said the CPS wanted the case adjourned “so as to avoid the risk of prejudice to the prosecution”.

The e-mail said the CPS had “intended that Cameron would be charged with facilitation of immigration fraud in June 2005”. However, it said prosecutors “had decided to put off charging until evidence gathering was completed later this summer”. The CPS said a final decision on whether to press charges had not been made."

The treatnment of James Cameron, the former British Consul in Bucharest whose whistleblowing helped to lead to the resignation of Home Office Immigration Minister Beverly Hughes.

The admitted "witch hunt" by the Foreign Office against Cameron contrasts sharply with the re-instatement of Beverly Hughes and David Blunkett as Ministers, despite them both having had to resign in disgrace from the Home Office over Immigration scandals.

Wed, 29th Jun 2005 — Even Bigger Brother, No2ID Public Meeting

In stark contrast to the government's failure to openly discuss their proposals, No2ID will be holding a public meeting to discuss the contents and implications of the UK Identity Card Bill.

Taking place at the Old Cinema of the University of Westminster on June 29th, speakers will include:

Rt Hon Tony Benn
Dominic Grieve QC, MP
Alistair Carmichael MP
George Galloway MP, and
Director of Liberty, Shami Chakrabarti;

Mark Littlewood (of No2ID) will be in the Chair

Discussions will pick up on the poorly publicised and less understood parts of the Identity Cards Bill that form the heart of the government's proposals: the National Identity Register, a vast database of over 60 million people's personal information and biometrics, and the audit trail that will record when and where any check is made on the Register, effectively building up a profile of a persons daily activity.

The meeting is free and open to all. However, space is limited. Register, and confirm your place with this form

No2ID welcomes anyone regardless of their previous knowledge or understanding of the issues, and especially urges those who are undecided or interested in knowing more to come along.

Date: 29th June 2005

Time: 7:00pm

Venue:

University of Westminster
Old Cinema
309 Regent's Street
London

Location Map

Nearest Tube: Oxford Circus (4mins away)
Underground Car Park - Cavendish Square

There is also another meeting scheduled at the same time, not too far away in Fitzroy Square, - Organising Opposition to New Restrictions on Protest around Parliament". it is likely that some people will want to attend both meetings

Tony McNulty is claiming in a Written Answer, that only 21 members of the public and no organisations have sent a letter or an email to the Home Office complaining about the Civil Liberties aspects of the new Identity Cards Bill.
N.B. nobody seems to have written to praise its impact on Civil Liberties.

Wednesday, 15 June 2005
Home Department
Identity Cards

Sadiq Khan (Tooting, Lab)

To ask the Secretary of State for the Home Department what recent representations he has received on the likely impact of identity cards on civil liberties; and what response he has made.

Tony McNulty (Minister of State, Home Office)

Since the publication of the Identity Cards Bill on 25 May 2005, 21 representations have been received from members of the public. No representations have been received from any organisations or official bodies. The representations took the form of both letters and e-mails, and they expressed concern that the Identity Card Scheme would infringe civil liberties.

The Government believe that the Identity Cards Scheme will support civil liberties and human rights. The scheme will be bound by legislation such as the Data Protection Act, Human Rights Act and the Disability Discrimination Act. The Identity Cards Bill also contains a number of important safeguards such as setting limitations on the information that may be held by the scheme and its use. Only Parliament would be able to change the statutory purposes of the Register or the type of information which could be held and only via primary legislation."

After years of ignoring constructive advice and criticism about their Identity Cards / Database scheme, is the Home Office actually willing to listen now ?

We cannot let the Home Office claim that there is no Civil Liberties problem, simply because nobody has successfully managed to penetrate the bureaucratic red tape and isolation from the public, and has therfore failed to contact them about it.

You know what to do - express your concerns via a letter or email to:

Tony McNulty MP
Minister of State for Immigration, Citizenship and Nationality
c/o Direct Communications Unit
Home Office
2 Marsham Street
London SW1P 4DF

FaxL 020 7035 4745
Email: public.enquiries@homeoffice.gsi.gov.uk

The Home Office contacts page also has a drop down selection option for "Identity Cards" on its web page response form.

If you do happen to agree with McNulty's statement that "The Government believe that the Identity Cards Scheme will support civil liberties and human rights."
perhaps you could explain exactly how this will be achieved, by commenting here or via email.

Transport for London seem to be testing some more advanced Automatic Number Plate Recognition cameras, controversially ahead of the actual decision to proceed with the proposed westward extension of the London Congestion Charge zone.

Thanks to the C.N.U.T. - Congestion charge Nefarious Underhand Tax for drawing this Evening Standard article to our attention:

Trials for super-spy cameras By David Williams Motoring Editor, Evening Standard 17 June 2005

Secret trials of cameras for the extension to the congestion charge zone are under way.

Powerful new digital cameras are being tested at two sites.

They can read thousands of number plates in minutes

Officials say the trials are vital to ensure that if the westward extension is approved by Mayor Ken Livingstone, the new cameras are ready to go.

But critics say the scale of the trials suggest the extension is poised to proceed despite widespread opposition.

Critics question why the trials are going ahead when the decision on extending the zone will not be made until September.

They say the earliest it can be rolled out to Kensington and Chelsea is 2007 - by which time the technology could be dated.

One Transport for London (TfL) insider said: "The extension-might not have been approved but it looks as though it is going to go ahead. These are heavy-duty trials. It seems it is being steamrollered through."

[see photos below]

We did warn back in April, that the Serious Organised Crime and Police Act had some controversial clauses, back when it was being whipped through the end of the last Parliament, in the undemocratic, political back room deal "wash up" process, without adequate debate.

The controversial Designated Area around Parliament Square has now been revealed, despite an obvious attempt to "bury the news" by the Government.

No doubt inspired by the NO2ID Pledge, which has clocked up over 3200 pledge signers in only 4 days, Robin Grant from perfect.co.uk has also set up an online Pledge:

""I will apply for authorisation to demonstrate in the vicinity of Parliament every day for a month from 1st August 2005 but only if 50 other responsible citizens will too."

— Robin Grant, responsible citizen

Deadline: 31st July 2005.
3 people have signed up, 47 more needed "

The Western Mail has a report about a Drug Testing being demonstrated to Members of the Welsh Assembly, and catching out the two main Assembly Member proponents of the £40,000 Ion Track narcotics detection machine with "false positives" for THC/cannabis.

The BBC quotes Sir Ian Blair, the Commissioner of the Metropolitan Police Service on ID Cards and Biometric Technology.

"ID technology 'must be foolproof'
Last Updated: Wednesday, 15 June, 2005, 13:37 GMT 14:37 UK

Technology behind the government's controversial identity card scheme must be "almost foolproof", the UK's most senior police officer has warned.

The cards could tackle terror only if biometric indicators like irises and fingerprints were recognised almost perfectly, Sir Ian Blair said.

Is it ever right to impose a blanket ban on the use of the Internet, even during legal proceedings or as a legal punishment ?

We have commented before on the stupidity and counterproductiveness of Internet Bans or Restrictions on Mobile Phones with respect to the alleged "terrorist suspects" currently being restricted, without trial, under Control Orders issued by the Home Secretary (who did not even bother to read each one that he "signed") under the controversial Prevention of Terrorism Act 2005

Gary McKinnon, who is accused of "hacking" into over 90 US military systems, is facing extradition to the US, and is currently frree on £5000 bail to appear before an extradition hearing on July 27th.

The bail condition imposed, of not being allowed to apply for a Passport or travel document (as if the UK Passport Service would be likely to have processed a normal application in so short a time) is not unusual, in that it is meant to help ensure that Gary appears at the hearing.

The fact that he has been free for over two and a half years since his initial arrest and release without charge in November 2002, and has not tried to evade justice makes this an unlikely risk.

However, more controversially, Gary McKinnon seems to have been banned from using "any computer connnected to the internet". Again, this seems to be rather pointless - if he had been going to do anything malicious via the internet, he has had two and a half years in order to do it. Since he is not being charged with any other Computer Misuse Act offences, presumably, there is little risk.

MSNBC/Associated Press/Reuters report:

"District Judge Christopher Pratt set several conditions for the $9,200 bail, including that McKinnon be barred from applying for any travel documents and from using any computer equipment that gives access to the Internet."

If this wording is accurate, then this has far reaching implications.

Does that ban also extend to mobile and fixed line telephones, since these days, they all fall under "any computer equipment that gives access to the Internet" ?

There may be some merit in a partial internet ban, forbidding him to contact US Military systems, but that is not easy to do, sometimes , like "Joshua" in the film "Wargames", they sometimes try to contact you, or at least, lots of bored US Military employees surfing the world wide web do so.

However, given that Gary McKinnon is not facing any criminal charges her in the UK, he must be presumed to be innocent until proven guilty, and any kind of restriction on his legal use of the internet before he has been convicted of anything, is simply a punishment without trial and a pre-judgement of the case, when no actual prima facie evidence against him has been presented or cross examined.

It could be argued that such a blanket ban, especially for an IT worker, is a disproportionate arbitrary punishment, and a restriction of Gary's freedom of expression and freedom to work.

If he is forbidden from contacting his legal advisors via the internet , or by telephone, then his his right to a fair trial under Article 6 of the European Convention on Human Rights, has been breached. It is not an "equality of arms" for the defence to be restricted in the use of the internet, during the preparation for the case, when the prosecution is not similarly restricted.

Does anyone have any qualified legal opinions on this ?

Google seem to be intent on destroying their $78 billion dollar market capitalisation by blocking innocent users or customers from their search engine. Have you noticed this stupid Google captcha page recently ? Captchas, which require you to visually decode some distorted images of a password and type them into a form before proceeding, are a huge annoyance to partially sighted people and they do not address the fundamental problems of spam or malware etc.

400_virus_Google_Captcha_403.jpg - stupid Google captcha

"A computer virus or spyware application is sending us automated requests, and it appears that your computer or network has been infected."

No our "computer or network" is not infected, and we resent this "guilt by association".

The way that Google has implemented this captcha block is also extremely annoying, given that on several occaisions, having typed the password in correctly, another captcha screen is presented, and then yet another one !

Google seem to be blacklisting by the IP address of our ISP's proxy server, and doing so inconsistently and erratically. Possibly they are confused by the load balancing either at our ISP or on their own systems.

If we re-configure a web browser not to use the proxy server, then our PC's IP Address does not trigger this stupid captcha block.

This is not an anonymous proxy server so it does forward our IP address in the HTTP_VIA or HTTP_X_FORWARDED_FOR headers, which, one would have thought Google would be checking against their blacklist, but apparently not.

The NO2ID "I will refuse to register for an ID Card" pledge seems to be going well with over 500 people signed up already today.

A feature which is not obvious until you actually get onto the pledgebank website is that you can also sign the pledge via a mobile phone SMS message short code.

Text pledge refuse to 60022

(standard rate SMS charges)

You can also print out some posters and flyers publicising the NO2ID pledge.

NO2ID are launching an online Pledge:

"I will refuse to register for an ID card and donate £10 to a legal defence fund but only if 10,000 other people will also make this same pledge."

Only 9,992 to go 8-)

Will the politicians listen to us before the (delayed ?) Second Reading of the controversial Identity Cards Bill ?

Tony McNulty has now joined the list of NuLabour Home Office Ministers who have been brainwashed not to think and not to ask common sense questions about the Parliamentary Answers that they put their names to.

Here is yet another example of a failure to ask even an obvious and basic question like "Where is the evidence that at least one-third of terrorist suspects make use of false United Kingdom identities ?"

Identity Cards

Mr. Jim Cunningham: To ask the Secretary of State for the Home Department what assessment he has made of the contribution identity cards may make to the prevention of terrorist attacks on the UK. [1269]

Mr. McNulty: Dialogue has been ongoing with the security services in relation to the effectiveness of the proposed identity card. The security services have said that an ID card will help in tackling terrorism. The Security Service have stated that a card scheme would disrupt the use of false identities by terrorist organisations, for example in money laundering and organised crime. We know that at least one-third of terrorist suspects make use of false identities. An ID card will reduce the opportunity for those facilitating terrorist and organised criminals to operate using multiple identities. The scheme would also be a useful tool in helping to monitor and disrupt the support activities of terrorist networks.

Even a perfect UK Identity Card scheme would only have a mininmal effect on terrorist suspects (or do the Home Office "figures" also include plain ordinary organised criminals who are not actually terrorists ?), over two thirds of whom happily use their own real identities anyway.

Is McNulty claiming that British identities are the most faked identities used by terrorists and criminals , all over the world ? If so, then the UK Passport Service must be one of the most corrupt and must be inflitrated by terrorist sympathisers and criminals. If so, then the Ministers in charge ui.e. Tony McNulty and Charles Clarke should resign.

In fact, according to the Metropolitan Police Operation Maxim, it appears that over 93% of documents seized from organised human trafficers etc., are falsely obtained or forged foreign documents which will not be affected by any UK ID card / database scheme.

Metropolitan Police Operation Maxim and false foreign Identity Documents

Gary McKinnon is finally facing an extradition hearing to the USA at Bow Street Magistrates Court today.

Gary McKinnon was indicted by the US authorities in November 2002 (.pdf) for allegedly gaining unauthorised access to over 90 US Military computer systems, including some at the the supposedly competent National Security Agency, the US Army, the US Airforce and the US Navy, where a e-mail system was allegedly damaged. Further minor breaches of NASA and some private sector and low security local government computers are also alleged.

As with the case of Babar Ahmad, also a British IT worker, there are a number of questions that should be asked about this attempt to extradite someone to the USA:

  • Why has the legal process taken so long from November 2002, when Gary McKinnon was first arrested, and a US Grand Jury produced an indictment, for the Extradition proceedings take the next step ? Could the US Presidential election campaign have had anything to do with this delay ? Were the proceedings delayed to prevent embarrassing accounts of US Military incompetence under the watch of President Bush from surfacing in court ?

  • Given that all the alleged offences took place from a home computer located in London in the United Kingdom, and that they are serious enough to attract the maximum penalties under the UK Computer Misuse Act 1990, why is Gary McKinnon not being tried here in the UK ?

  • Exactly as has been argued in the Babar Ahmad case, given the xenophobic paranoia of the US authorities, what written assurance is there that Gary McKinnon, once in the power of the US Authorities, will not be handed over to a Military Tribunal, especially, as unlike Babar Ahmad, he is accused of "attacks" directly on actual US Military systems.

  • We have been informed that Gary McKinnon was not only "looking for evidence of X-Files type UFO conspiracies", but also investigating the alleged activities of the US Military training of Third World secret police and military personnel in torture and interrogation techniques at the notorious School of the Americas/ Western Hemisphere Institute for Security Cooperation. In the light of this, what written assurance is there that Gary McKinnon will not be declared a "enemy combatant" and sent to the Guantanamo Bay concentration camp or subjected to "extraordinary rendition" i.e. outsourced torture in a compliant police state allied country, possibly at the hands of School of the Americas trainees ?

  • Given the extraordinary lapses in computer security which an allegation of unauthorised access to sensitive military systems on this scale implies, why have no senior US Military personnel been court martialled ?

Where are the extraditions and prosecutions of all the foreigners, including citizens of the United States of America, who are attacking the United Kingdom's computer systems ? There have been none to date.


UPDATE: we have launched Yet Another Blog to cover this particular Gary McKinnon extradition case, as we have talked to several people who are thinking "there but for the Grace of God..."

The Free Gary McKinnon blog is at http://FreeGary.org.uk

It may not influence the decision of the Home Secretary, but the issues are worthy of more public discussion which could lead off at a slight tangent to the main topics discussed here.

Richard Allan, the former Liberal Democrat MP makes the point on his blog that the reported delay by Geoff Hoon , the Leader of the House, in appointing Select Committees means that

"For example, the Home Secretary should be tested on the new estimates for the cost of ID cards by the Home Affairs Select Committee but this may not happen for months now."

So the Identity Cards Bill could easily be through the Commons or even on the Statute Book before the Home Affairs Select Committee gets to question Charles Clarke or Andy Burnham about the details.

The LSE Identity Project Alternative Blueprint for a National Identification System is now available for public consultation and feeback.

This should certainly help to spark some actual detailed debate on the issues regarding the NuLabour Government's Identity Card Bill plan.

It is astonishing that the Government has not published a similar step by step explanation of exactly how their scheme might work in practice.

The London School of Economics' document is pretty high level. An equivalent document from the Government about their scheme would not compromise any commercial confidentiality or the security of the system.

It is, in fact, the sort of level of detail and high level systems architectural design, which we assume is contained in the secret Office for Government Commerce pre-Stage Zero and Stage Zero Gateway Reviews of the Home Office's Identity Cards Programme. We have unsucessfully tried to have these published, in the public interest, through a Freedom of Information Act request

The Sunday Telegraph has an article about the forthcoming London School of Economics counter proposal to the Government's Identity Card scheme. Along with other interested parties, we will await the publlication of this with interest, as it does not involve a centralised database.

However one reported aspect could do with a bit more thought, namely

"In the LSE's model, individuals will have to provide only a few details, but their application forms would have to be endorsed by three referees - a doctor, lawyer, teacher or police officer for example - who have known the applicant for a long time.

Crucially, the referees will have to include a professional identity detail - such as a doctor's or JP's registration number or police number - to deter fraudulent applications and hold them accountable."



See David Blunkett is an Arse for similar worries.

This is similar to what the Passport Office, as was, used to require for counter signatories on a Passport Application Form and/or the backs of Passport photos.

This lead to a dishonest trade in "official" signatures by "professionals" who would sign the forms, for a fee, pretending that they have known the applicant personally for at least 2 years, when in reality they hardly know the applicant at all.

Have you ever actually met your Bank Manager face to face, and if you have is he/she the same person you met two or more years ago ?

However, now under the UK Passport Service, a much wider range of people can apparently do this:

Several Sunday newspapers have picked up on The Independent on Sunday's interview with Alistair Darling, the Secretary of State for Transport, who is again hyping up his plan revealed last July for "satellite tracking road tolls" over the whole country.

Yet again a NuLabour Minister is grasping at unproven technology as a magic fix for social problems.

See our comments on this plan when it was revealed last July: "Alistair Darling's satellite tracking road toll plans - another Big Brother surveillance system"

The Road Pricing Feasibility Study is available on the Department of Transport's website.

Where are the privacy safeguards with this plan ? Where is the consultation with the people ? Where are the alternative plans and solutions to traffic congestion ?

The media has only ever reported this plan from a transport or environmental viewpoint, and not from the very obvious dangers to privacy and civil liberties of the vast majority of law abiding motorists.

Nobody can be trusted with such a powerful mass surveillance infrastructure.

The Germans have had huge difficulties with their lorries only, motorways only, toll scheme using a combination of GPS and roadside radio beacons.

The London Congestion Charge shows the incompetence of the privatised back end payment and enforcement operators - over a million unpaid penalty tickets for a tiny area of central London !

GPS signals certainly do not cover all of the road network, there are lots of "black spots" where the direct view to 4 satellites is blocked by buildings or trees.

The media have also consistently given the misleading impression that the "satellite tracking" somehow involves sending a signal up to a satellite in orbit, when the only signals are beamed down from orbit. The GPS satellite knows nothing of your GPS receiver's actual position.

Any "offline" In-Car-Unit which decrements the amount of pre-paid road toll according to GPS signals will:

  1. be defrauded by simple devices which re-broadcast much stronger spoof GPS location signals, pretending to be stationary or in a low charge zone. These are much simpler devices than the ones people already pay money for to get pirate satellite or cable TV programs, so a new black market will be created.

  2. be vulnerable to rogue transmitters sending out spoofing signals which fool the In-Car-Unit into assuming that it is in a high toll charge zone - how are most people ever going to be able to dispute such false toll charges ?

Any "online" combined GPS/Mobile phone type In-Car-Unit is directly equivalent to the technology of Electronic Tagging of Criminals, which does seem to be the attitude of the Government to the public.

Farid Hilali, the Moroccan facing the first European Arrest warrant extradition in the UK to Spain, has today lost his extradition hearing at Bow Street Magistrates Court, according to the Press Association report in The Scotsman.

District Judge Timothy Workman (who also heard the new "rapid" extradition to the USA hearings involving Babar Ahmad)

"added that Hilali had the right to appeal to High Court against his decision within seven days."

Farid Hilali is accused of somehow being part of Al-Quaeda in Spain, before the September 11th 2001 attacks, and was not involved in the Madrid railway bombings (he was being held in Belmarsh at the time).

It would appear that yet again, the UK extradition court did not ask any questions about the alleged eveidence against Farid Hilali, only the points of extradition lae about possible torture or the lack of a fair trial.

According to the flimsy reports abouut this case, there have to be some doubts that the Spanish authorities have identified the right man, soley on the basis of an alleged electronic "voice analysis" of a mobile phone conversation. How they obtained suitable voice samples from a prisoner being held in Belmarsh high security prison is unclear.

If Farid Hilali was a member or associate of AL-Quaeda, he was ahrdly a linchpin of the organisation, and we do not support any extremist views he may have. However, the legal precedent that this case sets is a chilling one, it cannot be justice, if people can be arbitarily arrested and extradirted to face serious charges in another European Union country , simply on some alleged "voice analysis", by a secret police agency (Unidad Central de Informacion Exterior - UCIE) of a foreign state (Spain) of a mobile phone conversation, which in itself contained no overt threats, and which it has not been established was to or from a mobile phone actually in the suspects's possession. All of this relates to an alleged terrorist plot in a third country, the USA, which has not brought any evidence or even accusations against Fatrid Hilali with respect to the September 11th 2001 attacks.

Doesn't anyone suspect that justice is not being seen to be done properly and fairly in this case ?

About this blog

This United Kingdom based blog attempts to draw public attention to, and comments on, some of the current trends in ever cheaper and more widespread surveillance technology being deployed to satisfy the rapacious demand by state and corporate bureaucracies and criminals for your private details, and the technological ignorance of our politicians and civil servants who frame our legal systems.

The hope is that you the readers, will help to insist that strong safeguards for the privacy of the individual are implemented, especially in these times of increased alert over possible terrorist or criminal activity. If the systems which should help to protect us can be easily abused to supress our freedoms, then the terrorists will have won.

We know that there are decent, honest, trustworthy individual politicians, civil servants, law enforcement, intelligence agency personnel and broadcast, print and internet journalists etc., who often feel powerless or trapped in the system. They need the assistance of external, detailed, informed, public scrutiny to help them to resist deliberate or unthinking policies, which erode our freedoms and liberties.

Email & PGP Contact

Please feel free to email your views about this blog, or news about the issues it tries to comment on.

blog@spy[dot]org[dot]uk

Our PGP public encryption key is available for those correspondents who wish to send us news or information in confidence, and also for those of you who value your privacy, even if you have got nothing to hide.

We wiil use this verifiable public key (the ID is available on several keyservers, twitter etc.) to establish initial contact with whistleblowers and other confidential sources, but will then try to establish other secure, anonymous communications channels, as appropriate.

Current PGP Key ID: 0x1DBD6A9F0FACAD30 which will expire on 29th August 2021.

pgp-now.gif
You can download a free copy of the PGP encryption software from www.pgpi.org
(available for most of the common computer operating systems, and also in various Open Source versions like GPG)

We look forward to the day when UK Government Legislation, Press Releases and Emails etc. are Digitally Signed so that we can be assured that they are not fakes. Trusting that the digitally signed content makes any sense, is another matter entirely.

Hints and Tips for Whistleblowers and Political Dissidents

Please take the appropriate precautions if you are planning to blow the whistle on shadowy and powerful people in Government or commerce, and their dubious policies. The mainstream media and bloggers also need to take simple precautions to help preserve the anonymity of their sources e.g. see Spy Blog's Hints and Tips for Whistleblowers - or use this easier to remember link: http://ht4w.co.uk

BlogSafer - wiki with multilingual guides to anonymous blogging

Digital Security & Privacy for Human Rights Defenders manual, by Irish NGO Frontline Defenders.

Everyone’s Guide to By-Passing Internet Censorship for Citizens Worldwide (.pdf - 31 pages), by the Citizenlab at the University of Toronto.

Handbook for Bloggers and Cyber-Dissidents - March 2008 version - (2.2 Mb - 80 pages .pdf) by Reporters Without Borders

Reporters Guide to Covering the Beijing Olympics by Human Rights Watch.

A Practical Security Handbook for Activists and Campaigns (v 2.6) (.doc - 62 pages), by experienced UK direct action political activists

Anonymous Blogging with Wordpress & Tor - useful step by step guide with software configuration screenshots by Ethan Zuckerman at Global Voices Advocacy. (updated March 10th 2009 with the latest Tor / Vidalia bundle details)

Links

Watching Them, Watching Us

London 2600

Our UK Freedom of Information Act request tracking blog

WikiLeak.org - ethical and technical discussion about the WikiLeaks.org project for anonymous mass leaking of documents etc.

Privacy and Security

Privacy International
United Kingdom Privacy Profile (2011)

Cryptome - censored or leaked government documents etc.

Identity Project report by the London School of Economics
Surveillance & Society the fully peer-reviewed transdisciplinary online surveillance studies journal

Statewatch - monitoring the state and civil liberties in the European Union

The Policy Laundering Project - attempts by Governments to pretend their repressive surveillance systems, have to be introduced to comply with international agreements, which they themselves have pushed for in the first place

International Campaign Against Mass Surveillance

ARCH Action Rights for Children in Education - worried about the planned Children's Bill Database, Connexions Card, fingerprinting of children, CCTV spy cameras in schools etc.

Foundation for Information Policy Research
UK Crypto - UK Cryptography Policy Discussion Group email list

Technical Advisory Board on internet and telecomms interception under RIPA

European Digital Rights

Open Rights Group - a UK version of the Electronic Frontier Foundation, a clearinghouse to raise digital rights and civil liberties issues with the media and to influence Governments.

Digital Rights Ireland - legal case against mandatory EU Comms Data Retention etc.

Blindside - "What’s going to go wrong in our e-enabled world? " blog and wiki and Quarterly Report will supposedly be read by the Cabinet Office Central Sponsor for Information Assurance. Whether the rest of the Government bureaucracy and the Politicians actually listen to the CSIA, is another matter.

Biometrics in schools - 'A concerned parent who doesn't want her children to live in "1984" type society.'

Human Rights

Liberty Human Rights campaigners

British Institute of Human Rights
Amnesty International
Justice

Prevent Genocide International

asboconcern - campaign for reform of Anti-Social Behavior Orders

Front Line Defenders - Irish charity - Defenders of Human Rights Defenders

Internet Censorship

OpenNet Initiative - researches and measures the extent of actual state level censorship of the internet. Features a blocked web URL checker and censorship map.

Committee to Protect Bloggers - "devoted to the protection of bloggers worldwide with a focus on highlighting the plight of bloggers threatened and imprisoned by their government."

Reporters without Borders internet section - news of internet related censorship and repression of journalists, bloggers and dissidents etc.

Judicial Links

British and Irish Legal Information Institute - publishes the full text of major case Judgments

Her Majesty's Courts Service - publishes forthcoming High Court etc. cases (but only in the next few days !)

House of Lords - The Law Lords are currently the supreme court in the UK - will be moved to the new Supreme Court in October 2009.

Information Tribunal - deals with appeals under FOIA, DPA both for and against the Information Commissioner

Investigatory Powers Tribunal - deals with complaints about interception and snooping under RIPA - has almost never ruled in favour of a complainant.

Parliamentary Opposition

The incompetent yet authoritarian Labour party have not apologised for their time in Government. They are still not providing any proper Opposition to the current Conservative - Liberal Democrat coalition government, on any freedom or civil liberties or privacy or surveillance issues.

UK Government

Home Office - "Not fit for purpose. It is inadequate in terms of its scope, it is inadequate in terms of its information technology, leadership, management systems and processes" - Home Secretary John Reid. 23rd May 2006. Not quite the fount of all evil legislation in the UK, but close.

No. 10 Downing Street Prime Minister's Official Spindoctors

Public Bills before Parliament

United Kingdom Parliament
Home Affairs Committee of the House of Commons.

House of Commons "Question Book"

UK Statute Law Database - is the official revised edition of the primary legislation of the United Kingdom made available online, but it is not yet up to date.

FaxYourMP - identify and then fax your Member of Parliament
WriteToThem - identify and then contact your Local Councillors, members of devolved assemblies, Member of Parliament, Members of the European Parliament etc.
They Work For You - House of Commons Hansard made more accessible ? UK Members of the European Parliament

Read The Bills Act - USA proposal to force politicians to actually read the legislation that they are voting for, something which is badly needed in the UK Parliament.

Bichard Inquiry delving into criminal records and "soft intelligence" policies highlighted by the Soham murders. (taken offline by the Home Office)

ACPO - Association of Chief Police Officers - England, Wales and Northern Ireland
ACPOS Association of Chief Police Officers in Scotland

Online Media

Boing Boing

Need To Know [now defunct]

The Register

NewsNow Encryption and Security aggregate news feed
KableNet - UK Government IT project news
PublicTechnology.net - UK eGovernment and public sector IT news
eGov Monitor

Ideal Government - debate about UK eGovernment

NIR and ID cards

Stand - email and fax campaign on ID Cards etc. [Now defunct]. The people who supported stand.org.uk have gone on to set up other online tools like WriteToThem.com. The Government's contemptuous dismissal of over 5,000 individual responses via the stand.org website to the Home Office public consultation on Entitlement Cards is one of the factors which later led directly to the formation of the the NO2ID Campaign who have been marshalling cross party opposition to Labour's dreadful National Identity Register compulsory centralised national biometric database and ID Card plans, at the expense of simpler, cheaper, less repressive, more effective, nore secure and more privacy friendly alternative identity schemes.

NO2ID - opposition to the Home Office's Compulsory Biometric ID Card
NO2ID bulletin board discussion forum

Home Office Identity Cards website
No compulsory national Identity Cards (ID Cards) BBC iCan campaign site
UK ID Cards blog
NO2ID press clippings blog
CASNIC - Campaign to STOP the National Identity Card.
Defy-ID active meetings and protests in Glasgow
www.idcards-uk.info - New Alliance's ID Cards page
irefuse.org - total rejection of any UK ID Card

International Civil Aviation Organisation - Machine Readable Travel Documents standards for Biometric Passports etc.
Anti National ID Japan - controversial and insecure Jukinet National ID registry in Japan
UK Biometrics Working Group run by CESG/GCHQ experts etc. the UK Government on Biometrics issues feasability
Citizen Information Project feasability study population register plans by the Treasury and Office of National Statistics

CommentOnThis.com - comments and links to each paragraph of the Home Office's "Strategic Action Plan for the National Identity Scheme".

De-Materialised ID - "The voluntary alternative to material ID cards, A Proposal by David Moss of Business Consultancy Services Ltd (BCSL)" - well researched analysis of the current Home Office scheme, and a potentially viable alternative.

Surveillance Infrastructures

National Roads Telecommunications Services project - infrastruture for various mass surveillance systems, CCTV, ANPR, PMMR imaging etc.

CameraWatch - independent UK CCTV industry lobby group - like us, they also want more regulation of CCTV surveillance systems.

Every Step You Take a documentary about CCTV surveillance in the Uk by Austrian film maker Nino Leitner.

Transport for London an attempt at a technological panopticon - London Congestion Charge, London Low-Emission Zone, Automatic Number Plate Recognition cameras, tens of thousands of CCTV cameras on buses, thousands of CCTV cameras on London Underground, realtime road traffic CCTV, Iyster smart cards - all handed over to the Metropolitan Police for "national security" purposes, in real time, in bulk, without any public accountibility, for secret data mining, exempt from even the usual weak protections of the Data Protection Act 1998.

RFID Links

RFID tag privacy concerns - our own original article updated with photos

NoTags - campaign against individual item RFID tags
Position Statement on the Use of RFID on Consumer Products has been endorsed by a large number of privacy and human rights organisations.
RFID Privacy Happenings at MIT
Surpriv: RFID Surveillance and Privacy
RFID Scanner blog
RFID Gazette
The Sorting Door Project

RFIDBuzz.com blog - where we sometimes crosspost RFID articles

Genetic Links

DNA Profiles - analysis by Paul Nutteing
GeneWatch UK monitors genetic privacy and other issues
Postnote February 2006 Number 258 - National DNA Database (.pdf) - Parliamentary Office of Science and Technology

The National DNA Database Annual Report 2004/5 (.pdf) - published by the NDNAD Board and ACPO.

Eeclaim Your DNA from Britain's National DNA Database - model letters and advice on how to have your DNA samples and profiles removed from the National DNA Database,in spite of all of the nureacratic obstacles which try to prevent this, even if you are innocent.

Miscellanous Links

Michael Field - Pacific Island news - no longer a paradise
freetotravel.org - John Gilmore versus USA internal flight passports and passenger profiling etc.

The BUPA Seven - whistleblowers badly let down by the system.

Tax Credit Overpayment - the near suicidal despair inflicted on poor, vulnerable people by the then Chancellor Gordon Brown's disasterous Inland Revenue IT system.

Fassit UK - resources and help for those abused by the Social Services Childrens Care bureaucracy

Former Spies

MI6 v Tomlinson - Richard Tomlinson - still being harassed by his former employer MI6

Martin Ingram, Welcome To The Dark Side - former British Army Intelligence operative in Northern Ireland.

Operation Billiards - Mitrokhin or Oshchenko ? Michael John Smith - seeking to overturn his Official Secrets Act conviction in the GEC case.

The Dirty Secrets of MI5 & MI6 - Tony Holland, Michael John Smith and John Symond - stories and chronologies.

Naked Spygirl - Olivia Frank

Blog Links

e-nsecure.net blog - Comments on IT security and Privacy or the lack thereof.
Rat's Blog -The Reverend Rat writes about London street life and technology
Duncan Drury - wired adventures in Tanzania & London
Dr. K's blog - Hacker, Author, Musician, Philosopher

David Mery - falsely arrested on the London Tube - you could be next.

James Hammerton
White Rose - a thorn in the side of Big Brother
Big Blunkett
Into The Machine - formerly "David Blunkett is an Arse" by Charlie Williams and Scribe
infinite ideas machine - Phil Booth
Louise Ferguson - City of Bits
Chris Lightfoot
Oblomovka - Danny O'Brien

Liberty Central

dropsafe - Alec Muffett
The Identity Corner - Stefan Brands
Kim Cameron - Microsoft's Identity Architect
Schneier on Security - Bruce Schneier
Politics of Privacy Blog - Andreas Busch
solarider blog

Richard Allan - former Liberal Democrat MP for Sheffield Hallam
Boris Johnson Conservative MP for Henley
Craig Murray - former UK Ambassador to Uzbekistan, "outsourced torture" whistleblower

Howard Rheingold - SmartMobs
Global Guerrillas - John Robb
Roland Piquepaille's Technology Trends

Vmyths - debunking computer security hype

Nick Leaton - Random Ramblings
The Periscope - Companion weblog to Euro-correspondent.com journalist network.
The Practical Nomad Blog Edward Hasbrouck on Privacy and Travel
Policeman's Blog
World Weary Detective

Martin Stabe
Longrider
B2fxxx - Ray Corrigan
Matt Sellers
Grits for Breakfast - Scott Henson in Texas
The Green Ribbon - Tom Griffin
Guido Fawkes blog - Parliamentary plots, rumours and conspiracy.
The Last Ditch - Tom Paine
Murky.org
The (e)State of Tim - Tim Hicks
Ilkley Against CCTV
Tim Worstall
Bill's Comment Page - Bill Cameron
The Society of Qualified Archivists
The Streeb-Greebling Diaries - Bob Mottram

Your Right To Know - Heather Brooke - Freedom off Information campaigning journalist

Ministry of Truth _ Unity's V for Vendetta styled blog.

Bloggerheads - Tim Ireland

W. David Stephenson blogs on homeland security et al.
EUrophobia - Nosemonkey

Blogzilla - Ian Brown

BlairWatch - Chronicling the demise of the New Labour Project

dreamfish - Robert Longstaff

Informaticopia - Rod Ward

War-on-Freedom

The Musings of Harry

Chicken Yoghurt - Justin McKeating

The Red Tape Chronicles - Bob Sullivan MSNBC

Campaign Against the Legislative and Regulatory Reform Bill

Stop the Legislative and Regulatory Reform Bill

Rob Wilton's esoterica

panGloss - Innovation, Technology and the Law

Arch Rights - Action on Rights for Children blog

Database Masterclass - frequently asked questions and answers about the several centralised national databases of children in the UK.

Shaphan

Moving On

Steve Moxon blog - former Home Office whistleblower and author.

Al-Muhajabah's Sundries - anglophile blog

Architectures of Control in Design - Dan Lockton

rabenhorst - Kai Billen (mostly in German)

Nearly Perfect Privacy - Tiffany and Morpheus

Iain Dale's Diary - a popular Conservative political blog

Brit Watch - Public Surveillance in the UK - Web - Email - Databases - CCTV - Telephony - RFID - Banking - DNA

BLOGDIAL

MySecured.com - smart mobile phone forensics, information security, computer security and digital forensics by a couple of Australian researchers

Ralph Bendrath

Financial Cryptography - Ian Grigg et al.

UK Liberty - A blog on issues relating to liberty in the UK

Big Brother State - "a small act of resistance" to the "sustained and systematic attack on our personal freedom, privacy and legal system"

HosReport - "Crisis. Conspiraciones. Enigmas. Conflictos. Espionaje." - Carlos Eduardo Hos (in Spanish)

"Give 'em hell Pike!" - Frank Fisher

Corruption-free Anguilla - Good Governance and Corruption in Public Office Issues in the British Overseas Territory of Anguilla in the West Indies - Don Mitchell CBE QC

geeklawyer - intellectual property, civil liberties and the legal system

PJC Journal - I am not a number, I am a free Man - The Prisoner

Charlie's Diary - Charlie Stross

The Caucus House - blog of the Chicago International Model United Nations

Famous for 15 Megapixels

Postman Patel

The 4th Bomb: Tavistock Sq Daniel's 7:7 Revelations - Daniel Obachike

OurKingdom - part of OpenDemocracy - " will discuss Britain’s nations, institutions, constitution, administration, liberties, justice, peoples and media and their principles, identity and character"

Beau Bo D'Or blog by an increasingly famous digital political cartoonist.

Between Both Worlds - "Thoughts & Ideas that Reflect the Concerns of Our Conscious Evolution" - Kingsley Dennis

Bloggerheads: The Alisher Usmanov Affair - the rich Uzbek businessman and his shyster lawyers Schillings really made a huge counterproductive error in trying to censor the blogs of Tim Ireland, of all people.

Matt Wardman political blog analysis

Henry Porter on Liberty - a leading mainstream media commentator and opinion former who is doing more than most to help preserve our freedom and liberty.

HMRC is shite - "dedicated to the taxpayers of Britain, and the employees of the HMRC, who have to endure the monumental shambles that is Her Majesty's Revenue and Customs (HMRC)."

Head of Legal - Carl Gardner a former legal advisor to the Government

The Landed Underclass - Voice of the Banana Republic of Great Britain

Henrik Alexandersson - Swedish blogger threatened with censorship by the Försvarets Radioanstalt (FRA), the Swedish National Defence Radio Establishement, their equivalent of the UK GCHQ or the US NSA.

World's First Fascist Democracy - blog with link to a Google map - "This map is an attempt to take a UK wide, geographical view, of both the public and the personal effect of State sponsored fear and distrust as seen through the twisted technological lens of petty officials and would be bureaucrats nationwide."

Blogoir - Charles Crawford - former UK Ambassodor to Poland etc.

No CCTV - The Campaign against CCTV

Barcode Nation - keeping two eyes on the database state.

Lords of the Blog - group blog by half a dozen or so Peers sitting in the House of Lords.

notes from the ubiquitous surveillance society - blog by Dr. David Murakami Wood, editor of the online academic journal Surveillance and Society

Justin Wylie's political blog

Panopticon blog - by Timothy Pitt-Payne and Anya Proops. Timothy Pitt-Payne is probably the leading legal expert on the UK's Freedom of Information Act law, often appearing on behlaf of the Information Commissioner's Office at the Information Tribunal.

Armed and Dangerous - Sex, software, politics, and firearms. Life’s simple pleasures… - by Open Source Software advocate Eric S. Raymond.

Georgetown Security Law Brief - group blog by the Georgetown Law Center on National Security and the Law , at Georgtown University, Washington D.C, USA.

Big Brother Watch - well connected with the mainstream media, this is a campaign blog by the TaxPayersAlliance, which thankfully does not seem to have spawned Yet Another Campaign Organisation as many Civil Liberties groups had feared.

Spy on Moseley - "Sparkbrook, Springfield, Washwood Heath and Bordesley Green. An MI5 Intelligence-gathering operation to spy on Muslim communities in Birmingham is taking liberties in every sense" - about 150 ANPR CCTV cameras funded by Home Office via the secretive Terrorism and Allied Matters (TAM) section of ACPO.

FitWatch blog - keeps an eye on the activities of some of the controversial Police Forward Intelligence Teams, who supposedly only target "known troublemakers" for photo and video surveillance, at otherwise legal, peaceful protests and demonstrations.

Other Links

Spam Huntress - The Norwegian Spam Huntress - Ann Elisabeth

Fuel Crisis Blog - Petrol over £1 per litre ! Protest !
Mayor of London Blog
London Olympics 2012 - NO !!!!

Cool Britannia

NuLabour

Free Gary McKinnon - UK citizen facing extradition to the USA for "hacking" over 90 US Military computer systems.

Parliament Protest - information and discussion on peaceful resistance to the arbitrary curtailment of freedom of assembly and freedom of speech, in the excessive Serious Organised Crime and Police Act 2005 Designated Area around Parliament Square in London.

Brian Burnell's British / US nuclear weapons history at http://nuclear-weapons.info

Syndicate this site (XML):

Follow Spy Blog on Twitter

For those of you who find it convenient, there is now a Twitter feed to alert you to new Spy Blog postings.

https://twitter.com/SpyBlog

Please bear in mind the many recent, serious security vulnerabilities which have compromised the Twitter infrastructure and many user accounts, and Twitter's inevitable plans to make money out of you somehow, probably by selling your Communications Traffic Data to commercial and government interests.

https://twitter.com/SpyBlog (same window)

Recent Comments

  • wtwu: NetIDMe seems to be in process of being wound up read more
  • wtwu: The House of Lords have approved the Regulations, without a read more
  • wtwu: Data Retention and Investigatory Powers Bill Government Note on the read more
  • wtwu: The former Customs Officer and the others involved in dealing read more
  • wtwu: BBC reports the password was $ur4ht4ub4h8 http://www.bbc.co.uk/news/uk-25745989 When Hussain was read more
  • wtwu: "only" an extra 4 months in prison for failing to read more
  • wtwu: Although not confirmed as part of the Wilson Doctrine per read more
  • wtwu: For now (just before Christmas 2013) it appears that the read more
  • wtwu: As expected, the ISC did not give the intelligence agency read more
  • wtwu: N.B. the Intelligence & Security Committee is now legally consituted read more

Categories

Monthly Archives

August 2019

Sun Mon Tue Wed Thu Fri Sat
        1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30 31

UK Legislation

The United Kingdom suffers from tens of thousands of pages of complicated criminal laws, and thousands of new, often unenforceable criminal offences, which have been created as a "Pretend to be Seen to Be Doing Something" response to tabloid media hype and hysteria, and political social engineering dogmas. These overbroad, catch-all laws, which remove the scope for any judicial appeals process, have been rubber stamped, often without being read, let alone properly understood, by Members of Parliament.

The text of many of these Acts of Parliament are now online, but it is still too difficult for most people, including the police and criminal justice system, to work out the cumulative effect of all the amendments, even for the most serious offences involving national security or terrorism or serious crime.

Many MPs do not seem to bother to even to actually read the details of the legislation which they vote to inflict on us.

UK Legislation Links

UK Statute Law Database - is the official revised edition of the primary legislation of the United Kingdom made available online, but it is not yet up to date.

UK Commissioners

UK Commissioners some of whom are meant to protect your privacy and investigate abuses by the bureaucrats.

UK Intelligence Agencies

Intelligence and Security Committee - the supposedly independent Parliamentary watchdog which issues an annual, heavily censored Report every year or so. Currently chaired by the Conservative Sir Malcolm Rifkind. Why should either the intelligence agencies or the public trust this committee, when the untrustworthy ex-Labour Minister Hazel Blears is a member ?

Anti-terrorism hotline - links removed in protest at the Climate of Fear propaganda posters

MI5 Security Service
MI5 Security Service - links to encrypted reporting form removed in protest at the Climate of Fear propaganda posters

syf_logo_120.gif Secure Your Ferliliser logo
Secure Your Fertiliser - advice on ammonium nitrate and urea fertiliser security

cpni_logo_150.gif Centre for the Protection of National Infrastructure
Centre for the Protection of National Infrastructure - "CPNI provides expert advice to the critical national infrastructure on physical, personnel and information security, to protect against terrorism and other threats."

SIS MI6 careers_logo_sis.gif
Secret Intelligence Service (MI6) recruitment.

gchq_logo.gif
Government Communications Headquarters GCHQ

logo-nca.gif
National Crime Agency - the replacement for the Serious Organised Crime Agency

da_notice_system_150.gif
Defence Advisory (DA) Notice system - voluntary self censorship by the established UK press and broadcast media regarding defence and intelligence topics via the Defence, Press and Broadcasting Advisory Committee.

Foreign Spies / Intelliegence Agencies in the UK

It is not just the UK government which tries to snoop on British companies, organisations and individuals, the rest of the world is constantly trying to do the same, regardless of the mixed efforts of our own UK Intelligence Agencies who are paid to supposedly protect us from them.

For no good reason, the Foreign and Commonwealth Office only keeps the current version of the London Diplomatic List of accredited Diplomats (including some Foreign Intelligence Agency operatives) online.

Presumably every mainstream media organisation, intelligence agency, serious organised crime or terrorist gang keeps historical copies, so here are some older versions of the London Diplomatic List, for the benefit of web search engine queries, for those people who do not want their visits to appear in the FCO web server logfiles or those whose censored internet feeds block access to UK Government websites.

Campaign Button Links

Watching Them, Watching Us - UK Public CCTV Surveillance Regulation Campaign
UK Public CCTV Surveillance Regulation Campaign

NO2ID Campaign - cross party opposition to the NuLabour Compulsory Biometric ID Card
NO2ID Campaign - cross party opposition to the NuLabour Compulsory Biometric ID Card and National Identity Register centralised database.

Gary McKinnon is facing extradition to the USA under the controversial Extradition Act 2003, without any prima facie evidence or charges brought against him in a UK court. Try him here in the UK, under UK law.
Gary McKinnon is facing extradition to the USA under the controversial Extradition Act 2003, without any prima facie evidence or charges brought against him in a UK court. Try him here in the UK, under UK law.

FreeFarid_150.jpg
FreeFarid.com - Kafkaesque extradition of Farid Hilali under the European Arrest Warrant to Spain

Peaceful resistance to the curtailment of our rights to Free Assembly and Free Speech in the SOCPA Designated Area around Parliament Square and beyond
Parliament Protest blog - resistance to the Designated Area restricting peaceful demonstrations or lobbying in the vicinity of Parliament.

Petition to the European Commission and European Parliament against their vague Data Retention plans
Data Retention is No Solution - Petition to the European Commission and European Parliament against their vague Data Retention plans.

Save Parliament: Legislative and Regulatory Reform Bill (and other issues)
Save Parliament - Legislative and Regulatory Reform Bill (and other issues)

Open_Rights_Group.png
Open Rights Group

The Big Opt Out Campaign - opt out of having your NHS Care Record medical records and personal details stored insecurely on a massive national centralised database.

Tor - the onion routing network
Tor - the onion routing network - "Tor aims to defend against traffic analysis, a form of network surveillance that threatens personal anonymity and privacy, confidential business activities and relationships, and state security. Communications are bounced around a distributed network of servers called onion routers, protecting you from websites that build profiles of your interests, local eavesdroppers that read your data or learn what sites you visit, and even the onion routers themselves."

Tor - the onion routing network
Anonymous Blogging with Wordpress and Tor - useful Guide published by Global Voices Advocacy with step by step software configuration screenshots (updated March 10th 2009).

irrepressible_banner_03.gif
Amnesty International's irrepressible.info campaign

anoniblog_150.png
BlogSafer - wiki with multilingual guides to anonymous blogging

ngoiab_150.png
NGO in a box - Security Edition privacy and security software tools

homeofficewatch_150.jpg
Home Office Watch blog, "a single repository of all the shambolic errors and mistakes made by the British Home Office compiled from Parliamentary Questions, news reports, and tip-offs by the Liberal Democrat Home Affairs team."

rsf_logo_150.gif
Reporters Without Borders - Reporters Sans Frontières - campaign for journalists 'and bloggers' freedom in repressive countries and war zones.

committee_to_protect_bloggers_150.gif
Committee to Protect Bloggers - "devoted to the protection of bloggers worldwide with a focus on highlighting the plight of bloggers threatened and imprisoned by their government."

Icelanders_are_NOT_Terrorists_logo_150.jpg
Icelanders are NOT terrorists ! - despite Gordon Brown and Alistair Darling's use of anti-terrorism legislation to seize the assets of Icelandic banks.

nocctv.gif
No CCTV - The Campaign Against CCTV

phnat-logo-black-on-white_150.jpg

I'm a Photographer Not a Terrorist !

power2010_132.png

Power 2010 cross party, political reform campaign

Cracking_the_Black_Box_black_150.jpg

Cracking the Black Box - "aims to expose technology that is being used in inappropriate ways. We hope to bring together the insights of experts and whistleblowers to shine a light into the dark recesses of systems that are responsible for causing many of the privacy problems faced by millions of people."

surveillance_72.jpg

Open Rights Group - Petition against the renewal of the Interception Modernisation Programme

wblogocrop_150.jpg

WhistleblowersUK.org - Fighting for justice for whistleblowers