Recently in Civil Liberties Category


@benatipsosmori Ben Page, Chief Exec of Ipsos MORI, market research and opinion polling company is denying this front page Sunday Times story and second illistrated article, but " he would say that, wouldn't he"

The Sunday Times claims that Ipsos Mori were offering to sell snoopers charter style personal data to the Metropolitan Police Service obtained commercially from mobile phone network EE.

They appear to have tested their scheme in secret, last summer, without any indivual, informed consent from the EE customers being snooped on.

They appear to be offering not just Communications Data such as might be proportionately obtained by the Metropolitan Police, which is supposed to proportionate and restricted to suspects in actual criminal or national security investigations, but also bulk trawling of the personal data if millions of innocent people.

They also appear to be offering extra "profile" data e.g. age and gender, which is not part of Communications Data.

The Sunday Times
12 May 2013

page 1

Secrets of 27m mobile phones offered to police

Richard Kerbai and Jon Ungoed-Thomas

THE data of 27 m mobile phone users has been offered for sale to the Metropolitan police, private companies and other bodies, enabling them to track users' movements.
Ipsos Mori, one of Britain's biggest research firms, has been caught offering text and call records for sale.

The company has claimed in meetings that every movement by users can be tracked to within 100 metres. This weekend the Met, which has been in talks with Ipsos Mori about paying for some of the controversial data, shelved any deal after being contacted by The Sunday Times.

Documents to promote the data reveal that it includes "gender, age, postcode, websites visited, time of day text is sent [and] location of customer when call is made".
They state that people's mobile phone use and location can be tracked in real time with records of movements, calls and texts also available for the previous six months.

Why only the last 6 months of data ?

Why is EE not selling the Communications Data from 6 months to a year old, which they are legally obliged to keep, regardless of any business use under the The Data Retention (EC Directive) Regulations 2009 Regulation 5, which specifies 12 months ?

A commercial partnership with Ipsos Mori or other companies would give them the "business use case" to retain such data indefinitely if they wished (and paid for the storage systems)

The data, obtained by Ipsos Mori in an exclusive deal with EB, Britain's biggest phone operator, goes beyond anything that the police can get without an application order under the Regulation of Invetigatory Powers Act 2000.

Experts said that it offered a similar level of data access as the government's proposed "snoopers' charter", which

Continued on page 2

page 2

Police ditch snooper deal

Continued from page 1

ministers shelved after an outcry over privacy invasion.

Police forces, councils, big businesses and Google are among potential clients for the data. Bernard Hogan-Howe, the police commissioner, is understood to have met representatives from Ipsos Mori on March 22 to discuss the data.

Another meeting was held last Thursday at Scotland Yard and was attended by Mark Rowley, the assistant commissioner in charge of public order and major events for the force.

Who from Ipsos Mori and / or EE attended these meetings with these very senior Metropolitan Police officers ?

However, within hours of being contacted by The Sunday Times the Met said it was abandoning the proposal, even though sources said officers had been enthusiastic about the potential for tracking users of pay-as-you- go phones.

They are also understood to have been interested in overlaying the EE data with home addresses and personal details of possible suspects.

Yet another reason for investigative journalists (or police or intelligence agency investigators) and their confidential sources (whether whistleblowers or informants) to keep the anonymous mobile phones switched off at or near home or usual work places, so that they are not linked with identifiable ones, simply through plotting where thety have been switched on, regardless of any voice or SMS text or internet data calls made.

Ben Page, chief executive of Ipsos Mori, admitted in a tweet last month that the deal between Ipsos Mori and EE might sound "creepy", but said it had safeguards to protect anonymity.

Documents circulated to the Met and seen by The Sunday Times, however, show the data offers clients:

* Gender, age and postcode of users as well as friendship networks, plus calling circles, customer interests (eg sport, film, news) and activity at work or at home

"Gender, age and postcode of users" is data which the Police cannot normally see from Communications Data for prepaid mobile phones.

* Calls data, including time of day call is made, number called, duration of call and customer location to a 100-metre radius

* Data on texts, including time of day it is sent and location of customer

* Mobile web and app usage, including domain name of sites visited, session length, duration on site, previous and next sites visited and amount of data uploaded and downloaded during session

Data on "App usage" is not part of Communications Data under RIPA, but is the sort of thing that the Home Office was fishing for with the Draft Communications Data Bill.

* Customer location, which is determined by Call records or mobile phone ID, to an approximate accuracy of 100 metres, and profiles of customers, potentially including spending patterns.

" profiles of customers, potentially including spending patterns" is data which the Police cannot see from Communications Data for any sort of phones.

Page initially said Ipsos Mori had access to individual data, although it would not pass this to police. He later said the firm could get only aggregate, anonymised data. He said: "This is purely trying to look at mass movement in aggregate."

Page admitted some of the information was similar to the data proposed to be stored under the Communications Data Bill. EE said it had authorised data to be released only in an aggregated, anonymised form to protect its customers. Details would be released only for groups of 50 people or more.

This claim about "aggregate" data "anonymity" is nonsense.

If a snooper e.g. the Metropolitan Police has access to other databases which can be cross referenced, this will, in many cases then allow the EE / Ipsos Mori supplied datasets to be de-anonymised.

Switch on and you become a goldmine, page 14

Inside, on page 14, there are some more details and a graphical illustration.

https://p10.secure.hostingprod.com/@spyblog.org.uk/ssl/spyblog/images/SundayTimes14May2013_IpsosMori_EE_snooping_450.jpg
(credited to Joel Goodman / Peter Alvey)

page 14

Switch on and you become a goldmine

Market researchers snooping on mobile phones tried to sell personal data to police to track criminals and protestors

Richard Kerbaj and Jon Ungogd-Thomas

LAST summer, as shoppers streamed out of a Tube station in Oxford Street in central London, they were put under discreet electronic surveillance.

As they emerged into daylight and pulled out their smartphones, the websites they visited were being monitored en masse.

The surveillance was part of a trial by Ipsos Mori, the pollster and opinion research company, to snoop on the habits of millions of EE phone customers. They could monitor how many of the phone users checked their Facebook accounts, or the website of their favourite shop.

Ipsos Mori was delighted with the results. In a deal with EE --"Britain's biggest mobile phone company, formed in 2010 from a merger between Orange and T-Mobile -- the polling firm had purchased the exclusive use of the phone data and the test run in central London had shown its potential.

In a tweet last month, Ben Page, chief executive of Ipsos Mori, admitted the EE geolocation deal mightsound "creepy" to customers, but insisted it was based on anonymised data with "safeguards on all sides".

What safeguards exactly, for the EE customers who had not given their prior, informed consent ?

It was certainly; dramatic project: Ipsos Mori had found a way to unlock the intimate secrets of the modern mobile phone and was sitting on a potential goldmine.
Initially, the company considered uses of the data for private sector clients and sporting events. It looked at the It looked at the websites Olympic spectators checked on their mobile phones and the phone habits of concert goers and shoppers.

Visitors to shopping centres, such as the Metrocentre in Newcastle upon Tyne and Bluewater in Kent, were monitored and the details of the websites they visited on their phones quietly harvested.

The movements of phone users were also tracked. An Ipsos Mori document stated: "We can understand not only where people are going, but what have been doing before, during and after they visited these various locations.

So these secret data snooping /matching trials were conducted without the prior, informed consent of the mobile phone customers ?

Will the Information Commissioner and the Interception of Communications Commissioner and OfComm investigate as they should ?

There was, however, another potentially lucrative application: crime detection. Bernard Hogan-Howe, the police commissioner, is understood to have met representatives from Ipsos Mori on March 23 to discuss the possabilities available to the Metropolitan police, using the EE data.

In public, Ipsos Mori insists all data it obtains is aggregated and protects customer privacy. In private, it claims it could get access to the data from individual phones. The documents circulated to the Met stated that the gender, age and postcodes of users was available, as well as friendship networks, time of calls, mobile web usage and customer location within 100 metres.

The police were understandably interested. Theresa May, the Home Secretary, last year failed to push though the Communications Data Bill, nicknamed "the snoopers' charter". Its terms would have required internet service providers to store for a year all details on online communications in the UK.

The bill stalled after a joint committee of peers and MPs found that it paid "insufficient attention to the duty to respect the right to privacy" and went too far in providing access to communications data.

The talks over the EE data appeared to offer another way of tracking people's phones and web usage. Another meeting to discuss the data was held last Thursday at Scotland Yard's headquarters, attended by Mark Rowley, the assistant commissioner in charge of public order and major evénts.

One of the proposals was for possible live tracking of events that would allow officers to monitor groups through their phones. If there was an incident, data on the subsequent movements of those at the scene could be harvested.

Officers were told they would be able to monitor protesters at demonstrations, to see where they had come from, where they were going and their phone usage during the event. The Met was also interested in getting a map of all pay-as-you-go phones, which could then be overlaid with the home addresses of "people of interest".

There were clearly concerns about data protection. One option considered by Ipsos Mori was to circulate a survey to EE users offering incentives in return for more information about themselves. They would then be asked for permission to share their data with third parties, which could include the Met.

Would they really have made it explicitly clear that your data is being sold to the Police, or would they just have used weasel words like "commercial partners" ?

In the event, the deal was scuppered after details of the talks were leaked to The Sunday Times.

The whistleblower seems likely to be from the Metropolitan Police despite the #Leveson clampdwown on contacts with the press or perhaps from Ipsos Mori.

If the EE spokesman is to to be believed, it is less likely that the leak came from the mobile phone network operator EE.

A spokesman for the Met admitted there had been an initial discussion, but "the [Met] has made no offer to purchase data from Ipsos Mori nor has any intention of doing so".

No intention now that the story is public, but why then were there at least two meetings with at the level of Commissioner of Police for the Metropolis and Assistant Commissioner to discuss, such this supposed non-starter of a scheme ?

Will the Mayor of London investigate the Metropolitan Police's complicity in this scandal ?

EE said it had not even been aware of the Met talks. When told the documents seen by
The Sunday Times indicated that customers would be tagged with reference numbers, postcodes and could be tracked to within 100 yards, an EE spokesman said: "This is not coming from us and it is the first I have heard of it. We are not providing this type of data."

EE said it would provide anonymised data only in groups of 50 people or more. There was, however, some confusion last week at Ipsos Mori about the exact data to which they had access.

Page initially told The Sunday Times that Ipsos Mori could obtain data on individual phones. However, he later said it would gather only aggregate data. This confusion exposes one of the biggest problems of personal data: the lack of transparency about exactly what is held on individuals, to Whom it is being sold and how it is being used.
Ipsos Mori is to launch its tie-up with EE this month. The huge database offers vast potential for market research.

The firms will, however, now face questions about the talks with police over the use of the data and scale of the information it is offering to other potential clients. The Information Commissioner's Office said last week there were specific rules concerning telephone data and the sale of any data "must be done in compliance with the Data Protection Act".

Page said The Sunday Times had raised legitimate questions about the sale of data. "We may have to decide policing is not something we are going to do on this," he said. -

Nick Pickles, director of privacy and civil liberties campaign group Big Brother Watch, said: "Customers are kept in the dark about how much information is collected, how long it is stored and how it can be used and the law needs urgently strengthening to give consumers proper control."

Do any other market research companies have similar "exclusive deals" with the other main mobile phone networks Vodafone, 3, O2 or with their Virtual Mobile Phone Operators partners like Tesco or Virgin ?

Any new Communications Data Bill must include Criminal Penalties for abuse of Communications Data (there are none under the current Regulation of investigatory Powers Act 2000)

See the Digital Surveillance report reccommendations published by the Open Rights Group:

  1. Hold an overarching review, potentially through a Royal Commission, to properly study surveillance in the digital age.
  2. Judicial oversight of requests for intrusive communications data, in particular for all traffic data requests.
  3. Choose 'data preservation' rather than blanket data retention. Include quick response and emergency processes, and means to intelligently and accountably identify targets.
  4. Create a unified Surveillance Commissioner capable of carrying out a strong, independent audit with "multi-skilled investigators including human rights and computer experts."
  5. Reject vague proposals, such as those in the draft Communications Data Bill, for automated, pervasive analytics tools designed to trawl through and across datasets.
  6. Provide stringent penalties for misuse of either powers or data.
  7. Individuals should be notified by default of a decision authorising the request for their communications data.
  8. Invest in law enforcement's capacity to use and analyse the data already available to them.
  9. Lift the ban on the use of intercept evidence in court.
  10. Use the International Principles on Communications Surveillance and Human Rights developed by Privacy International and other groups as a template for future laws.

This summer, the Australian government passed the contoversial Cybercrime Legislation Amendment Bill 2011 into law. This introduces some modest (by UK standards) mandatory Data Retention powers.

If only we had something so restricted in the United Kingdom instead of the Orwellian policies championed by Charles Farr, the Labour appartachik at the Home Office who has somehow been allowed to continue to peddle his repressive policies to the Conservative / Liberal Democrat Coalition Government.

Nevertheless, some enlightened Australian activists piclked up on some tweets by @Asher_Wolf, in Melbourne and the #CryptoParty Twitter hashtag was born.

This now worldwide meme is essentially about provoking the technologically able minority to spread some of their knowledge and experience about basic Cryptographic and Anonymity enhancing tools such as Pretty Good Privacy (PGP / GPG ) and TrueCrypt encryption software, Tor anonymity cloud proxies and the Off-the-Record (OTR) add ons to internet chat software, not just amongst their friends and peers, but to less experienced, less technical users, such as investigative journalists, whistleblowers and political activists, who may actually need to use them much more urgently, even in this supposed Western liberal democracy here in the United Kingdom

This has led to CryptoParty events springing up spontaneously in Australia, USA and mainland Europe and even in Cairo Egypt, with plans / interest in Asia etc.

Notable by their absence, perhaps due to language difficulties or local repression are any planned CryptoParties in say, Moscow or Beijing, even though the pro Putin Kremlin funded RT.com is one of the few major international news outlets to have picked up on the meme. - Ain't no party like a cryptoparty: privacy goes viral .

The first CryptoParty has already happened in the UK, in Cardiff on Saturday 22nd September 2012, with expressions of interest in Manchester, Sheffield and Swansea.

CryptoParty London

CryptoParty London. with about 100 people already registered to attend is set for next Saturday 29th September 2012, starting at 6pm..

The Temporary Autonomous Zone (TAZ) where this is due to happen is actually "in the belly of the beast" kindly hosted for free by Google Campus in London.

Google Campus: Ground Floor
4-5 Bonhill Street
London EC2A 4BX

(between Old Street and Moorgate Tube stations, just off the City Road)

(free) Registration for CryptoParty London is via Eventbrite

Please register and come along if you are an investigative journalist or blogger or elected politician with whistleblowers, confidential sources or consituents' private business to protect or if you simply want to protect your sensitive data from criminals.

CryptoParty London is not commercially or politically aligned with any company or faction[ and everyone is welcome.

Obviously Google is both one of the potential commercial snoopers on people's privacy and communications, but say, an offshore https://gmail.com email accoujnt and its Chrome browser, with SSL website pinning, could also cause big technical problems for Charles Farr's evil Draft Communications Data Bill plans.

Hopefully the process of exposing techies (who know how to download, verify, configure and use such software tools, but who often have very little to actually hide when using them) to real world computer literate but much less technical journalists and political campaigners (who lack the technical knowledge, but who really should be protecting their communications and confidential contacts) will spur the improvement of the the often jargon filled and unfriendly User Interfaces which Cryptographic software such as PGP or GPG have currently avaialble.

Normal people should not have to make impossible choices about Cryptographic alogrithms or Hash functions.

Neither should they be forced to switch from their familair Windows or Macintosh or Android or Apple IOS smartphone environments, to install Linux etc. simply to communicate confidentially and relatively anonymously.

As you may have guessed by now, Spy Blog is heavily involved in the London CryptoParty and will be trying to spread some knowledge and experience about practical, common sense Anonymity techniques and perhaps an overview of UK Surveillance legislation threats, leaving the topics of PGP, TrueCrypt, OTR and Tor to other able experts.

It is impossible to properly debate the forthcoming Draft Communications Data Bill, without having an appreciation or firsthand knowledge of such widely available software tools and techniques, which will render it a huge waste of public money and simply an infringement on the civil iberties of millions of innocent people, for little or no appreciable gain against spies, terrorists or serious organised criminals.

Will this CryptoParty meme spawn a new generation of CypherPunks, who will influence the all too often technologically inept Whitehall civil servants and politicians, in a positive way ?

The Conservative / Liberal Democrat coalition have produced a seriously flawed attempt to reform England's appalling ""Libel tourism" law.

Defamation Bill 2012

Clause 6 on peer reviewed scientific papers is welcome, as is Clause 8 on Single Publication.

However Clause 5 Operators of websites is a direct attack on this Spy Blog blog website, on our Twitter feed and on any discussion forum where we and our anonymous or pseudo-anonymous commentators choose to exercise our rights of free speech.

Operators of websites

(1) This section applies where an action for defamation is brought against the
operator of a website in respect of a statement posted on the website.

(2) It is a defence for the operator to show that it was not the operator who posted
the statement on the website.

(3) The defence is defeated if the claimant shows that--
(a) it was not possible for the claimant to identify the person who posted
the statement,

In most cases Spy Blog cannot "identify the person" who posts a Comment on this blog, so the Claimant will automatically have defeated the defence in Clause 5 (2)

This clause 5) (3) (a) must be removed from the final legislation.

(b) the claimant gave the operator a notice of complaint in relation to the
statement, and
(c) the operator failed to respond to the notice of complaint in accordance
with any provision
contained in regulations.

(4) A notice of complaint is a notice which--
(a) specifies the complainant's name,
(b) sets out the statement concerned and explains why it is defamatory of
the complainant,
(c) specifies where on the website the statement was posted, and
(d) contains such other information as may be specified in regulations.

(5) Regulations may--

(a) make provision as to the action required to be taken by an operator of
a website in response to a notice of complaint (which may in particular
include action relating to the identity or contact details of the person
who posted the statement
and action relating to its removal);
(b) make provision specifying a time limit for the taking of any such action;
(c) make provision conferring on the court a discretion to treat action taken
after the expiry of a time limit as having been taken before the expiry;
(d) make any other provision for the purposes of this section.

(6) Regulations under this section--

(a) may make different provision for different circumstances;
(b) are to be made by statutory instrument.

(7) A statutory instrument containing regulations under this section is subject to
annulment in pursuance of a resolution of either House of Parliament.

(8) In this section "regulations" means regulations made by the Secretary of State.

Note that the web site operator's defence fails, if even one single provision of the as yet undefined Regulations is not complied with, to the letter.

Note the plan to force web site operators to hand over "other details" i.e. hidden email registration details and IP addresses etc. of "anonymous" commentors.

Why not spell out exactly what these Regulations are now, on the face of the Bill ?

Why should these be left to Statutory Instruments ? Such Secondary legislation is never debated properly, and it cannot be amended even slightly, only passed or rejected, almost always by a handful of whipped MPs or Peers, rather than by the full House of Commons or House of Lords.

The biggest threat to website operators is not legal action in Court, but the threat of huge legal costs, regardless of whether they win or lose in court.

Where is the protection for website operators / ISPs from rapacious shyster lawyers and their rich clients, who legally harass them with threatening letters or emails, without ever coming to court ?

Note that this Bill also abolishes the Reynolds Defence and also abolishes the common law defence of justification.

Could someone explain exactly what the nonsensical Clause 10 means ?

1) A court does not have jurisdiction to hear and determine an action for defamation brought against a person who was not the author, editor or publisher of the statement complained of unless the court is satisfied that it is not reasonably practicable for an action to be brought against the author, editor or publisher.

So the Court does have jurisdiction if it is "not reasonably practicable for an action to be brought against..." - therefore no Court case ?

But it does not have jurisdiction if it is is "reasonably practical..." - therefore no Court case ???

Who, apart from the "author, editor or publisher" is this Clause 10 meant to cover ? Everyone else in the universe ?

Last weekend there were some suspiciously timed Distributed Denial of Service attack against the Home Office website (offline for about 12 hours until Sunday morning) and to a lesser extent the Ministry of Justice and the Prime Minister's Number 10 Downing Street (about an hour's disruption each, on and off) .

None of these websites are vital to the running of the country, especially not on a Saturday evening on a Bank Holiday weekend, when nobody is visiting them, but they are symbolic targets.

The organisers of this supposed "hactivism" were some self appointed faction under the hydra headed #Anonymous twitter hive mind.

See the Twitter hashtag #OpTrialAtHome

The "justification" they claimed was to somehow "support" the controversial Extradition cases of Gary McKinnon, Richard O'Dwyer and Chris Tappin, something which they have not achieved..

Nevertheless these people declared the event a success and then, on the Sunday, they threatened to do the same to the GCHQ website , starting at 8pm GMT on Saturday 14th April 2012.

This "news" has been reported by IT trade publications and picke dup by the national newspapers and broadcast media, especially following the arrests of a couple of teenagers in the West midlands, who may be the vaguely associated with the #teampoison attacks on the Metropolitan Police Anti-terrorism hotline.
(misreported by the "hackers" and far too many other online "news" sources as somehow being MI6 the Secret intelligence Service, who have nothing to do with any public hotlines whatsoever)

As with MI5 and the MI6/SIS websites, only http://www.gchq.gov.uk is valid, not http://gchq.gov.uk on its own

A few hours before the announced attack time, the default GCHQ web page started to be re-directed down a level to:

http://www.gchq.gov.uk/Pages/homepage.aspx

At about 19:40 BST i.e. 18:40 GMT British Telecom , on whose servers this public website appears to be running, put a temporary 302 redirect to e.g.

http://213.121.151.40/TPpRO/c3aba573/43de84c1/www.gchq.gov.uk/

instead of the previous IP address of http://195.171.165.115 which was advertised ahead of time on a Twitter Twitpic graphic:

gchq_ddos_graphic.jpg

http://twitpic.com/97d6yn

Note the ambiguous slogan: "Fight Online Privacy" - are the anonymous organisers / manipulators behind this DDoS attack actually on the same side as GCHQ - both of them appear to be fighting against your right to online privacy.

Note also the inevitable confusion - many of the "script kiddies" and gullible journalists will not have read the announcement properly and will assume that 8 PM British Summer Time is somehow the same as 8pm Greenwich Mean Time. (9pm BST)

Much more seriously, the published comment on this web page is actively encouraging the "hactivists" to download a scritpt kiddy "point and click" Denial of Service attack tool called "High Orbit Ion Cannon" - hence the "pew pew pew - fire your Laz0rs" instructions to the exploited cult followers.

There are no warnings whatsover about the fact that participating in this DDoS attack or even just downloading the HOIC tool is a criminal offence in the UK, with up to ten years and two year in prison respectively.

See the control freak Labour government's amendments to the Computer Misuse Act 1990 which came into force in October 2008 and which claims worldwide legal jurisdiction:

The timing of these DDoS attacks appears to have been deliberately (or utterly incompetently) chosen to minimise any political impact on the Government or civil servants i.e. on a Saturday evening when nobody in the Government department concerned is likely to have anyone ringing up to complain that their website is unavailable, and well past the print run deadlines for the Sunday newspapers.

If people want to protest by accessing a Government website, then they should be able to, but they must also be made aware of the risks of legal prosecution and potential punishments.

The fact that the organisers of these attacks have not done so, smells of Entrapment by Agents Provocateurs, perhaps like the notorious #Sabu, who are under the control of an intelligence or law enforcement agency and who are actually helping to jusify the repressive Communications Capabalities Development Programme being promoted by the securocrats in Whitehall to the bumbling Coalition politicians.
.

20:05 BST - the GCHQ website seems to be running smoothly


Nick Pickles of BigBrotherWatch has done a good job of analysis of the letter signed by Home Secretary Theresa May and Justice Secretary Kenneth Clarke, sent via the Tory Whips to Conservative MPs, regarding the Communications Capability Development Programme enhanced snooping plans.

Minister's letter fails to answer key questions

The text of the letter is published by the ConservativeHome blog:

http://conservativehome.blogs.com/files/mayclarkeletter.pdf (.pdf)

It really is shocking how little detailed grasp of the technological and social impact Government Ministers and MPs seem to have.

The Special Political Advisors / spin doctors who draughted this letter seem to have deliberately omitted key features of the both the Communications Data Development Programme and of the Green Paper on Justice in this briefing letter to MPs.

HOUSE OF COMMONS

4 April 2012

Dear Colleague

There has been a lot of press coverage in recent days about two of our key policies to maximise public protection: on communications data capability and the Justice and Security Green Paper. We are committed to maintaining national security and protecting the public in the face of changing circumstances whilst continuing to honour our commitment to protect civil liberties.

1. Communications data capability

The need to act

Communications data - information such as who called whom and at what time - is vital to law enforcement, especially when dealing with organised crime gangs, paedophile rings and terrorist groups. It has played a role in every major Security Service counter-terrorism operation and in 95 per cent of all serious organised crime investigations. Communications data can and is regularly used by the Crown Prosecution Service as evidence in court.

But communications technology is changing fast, and criminals and terrorists are increasingly moving away from landline and mobile telephones to communications on the internet, including voice over internet services, like Skype, and instant messaging services. Data from these technologies is not as accessible as data from older communications systems which means the police and Security Service are finding it increasingly hard to investigate very serious criminality and terrorism. We estimate that we are now only able to access some 75% of the total communications data generated in this country, compared with 90% in 2006. Given the pace of technological change, the rate of degradation could increase, making our future capability very uncertain.

We estimate that we are now only able to access some 75% of the total communications data generated in this country, compared with 90% in 2006.

Politicians may be easily fooled by statistics, but we are not.

Theresa May and the Home Office need to publish the actual evidence and assumptions on which they have based these figures.

One place where these figures should have been available from, but they are not, is from the censored Annual Report of the Interception of Communications Commissioner.

That is why, in the Government's Strategic Defence and Security Review, published in 2010, we said we would "introduce a programme to preserve the ability of the security, intelligence and law enforcement agencies to obtain data and to intercept communications within the appropriate legal framework."

We therefore propose to require internet companies to collect and store certain additional information, like who an individual has contacted and when, which they may not collect at present. The information will show the context - but not the content - of communications. So we will have for internet-based communications what we already have for mobile and landline telephone calls.

It is simply not technologically possible to obtain the "certain additional information, like who an individual has contacted and when" from social networking websites like Facebook or Twitter, without Intercepting the Content of these web based services

Safeguarding civil liberties

When we published the Defence and Security Review, we also made clear that we would "put in place the necessary regulations and safeguards to ensure that our response to this technology is compatible with the Government's approach to information storage and civil liberties." In seeking to ensure our law enforcement agencies continue to retain capabilities to protect us from harm, civil liberties will be respected and protected.

The data will be stored by the industry to enhanced standards which we shall set and which will be overseen by the Information Commissioner. The data will be available only to designated senior officers, on a case-by-case basis, authorised under the Regulation of Investigatory Powers Act (RIPA), and the process will be overseen by the Interception of Communications Commissioner. It will be available only if it is necessary and proportionate to a criminal investigation.

If sufficiently "juicy" or "newsworthy", such material has been handed over for free or sold to politically favoured media journalists or sold corruptly to private investigators / information traders , many of whom are former police or intelligence agency employees.

It is also sent, without any effective safeguards whatsoever, to foreign governments.

The majority of the data will be retrospective not real time (an exception might be the tracking of a communications device during a terrorist operation or kidnapping) and will be used as part of an investigation to identify key facts, including as evidence in courts.The police and other agencies will have no new powers or capabilities to intercept and read emails or telephone calls and existing arrangements for interception will not be changed. We envisage no increase in the amount of interception as a result of this legislation.

So what ? The new proposals have nothing to do with the existing system of email and phone interception.

The new proposals will try to extend this existing flawed RIPA regime to social media like FaceBook and Twitter, to Voice over IP telephony, video conferencing and chat like Skype orthe various Instant Messaging protocols, to search engine searches like Google and to Peer to Peer filesharing like Bittorrent

The impression being given is that this snooping will only be available for terrorism or serious crime investigations, but the exisiting RIPA allows Communications Data to be grabbed for much less serious alleged crimes as well.

Differences with Labour's proposals

Despite what has been claimed by some, this is very different to the scheme proposed by the last government. They wanted to build a Big Brother database with all communications data held in one place by government. Under our proposals, there will be no government database and the data recorded will be strictly limited and regulated and will be destroyed after a year.

The data will not be stored by the police or government but by communications service providers who already store some of this data for their own business purposes and under the EU Data Retention Directive. They will be paid by government for this service. But the costs incurred are a fraction of those we would face if we had to try to find an alternative way of developing the very significant evidence that this data provides us; indeed there is no like-for-like alternative.

Labour's original proposals were for a centralised database, which they then changed to a distributed database held by the Communications Service Providers, after their Intercept Modernisation Programme had been ridiculed by everyone who was expected to make it work in practice.

The Conservative / Liberal Democrat Government's vague plans for Communications Data Development programme sound identical in practice to those discredited Labour fantasies.

We have already made changes to limit who can access communications, and how they can access it, and we intend to make further changes in future. Local authorities will now have to get a magistrate's approval to see communications data and they will not be permitted to see more than simple data, such as subscriber to a mobile phone.

There are some clauses in the so called Protection of Freedoms Bill, which is still not on the statute books, over a year after it was introduced.

It is therefore a lie to claim that they have "already" done anything or that "Local authorities will now have to get a magistrate's approval" - these legal powers have not yet been been passed into law, let alone commenced !

We intend to ensure that all departments who can get access to any data will only be able to do so under one legal framework, set out in RIPA.

The previous Labour government lied about doing this as well.

Instead they let the arrogant Department for Social Security / Department for Work and Pensions abuse their "legacy" powers i.e. Section 109B of the Social Security Administration Act 1992 (as amended by the Social Security Fraud Act 2001) passed after RIPA, to grab Communications Data for free, without having to pay the nominal processing fee of around £15 to £25 pounds for a targeted Name and Address Subscriber request form British Telecom etc. and without having to undergo any RIPA training or to submit to even the cursory RIPA Interception of Communications Commissioner oversight scheme.

The importance of forcing junior bureaucrats to actually get their bosses and accounts departments to sanction the auditable expenditure of public money, when they make such Communications Data snooping requests cannot be overemphasised. It is effectively the only mechanism which prevents excessive demands for "all Communications Data" in a certain geographic area or during a certain time period from being demanded, over and over again by inexperienced or lazy or corrupt investigators.

As soon as data is slurped "in bulk, in real time" into secret, unaccountable databases for "data mining", then the risks of corruption, abuse and false positives ruining the lives of innocent people, at great expense, without actually catching any more criminals as a result, increases dramatically.

Access to communications data will be overseen by the Interception of Communications Commissioner. So this is not, as some have tried to suggest, a transfer of power from the judiciary to the state.

There is currently no judicial involvement at all (the secretive Interception of Communications Commissioner and the Intelligence Services Commissioner are both retired senior Judges, but they do not approve or decline any Interception warrants (rubber stamped by a Secretary of State or an anonymous senior civil servant)

The police and Security Service will not be able to intercept the content of calls and emails, except as now when it is necessary and proportionate as part of an investigation relating to serious crime or national security, and only when they have obtained a warrant signed by a Secretary of State.

A balanced approach

For the first time in more than a decade, we have a government that respects civil liberties.

The previous Labour control freak government used to claim that they also "respected civil liberties", but they literally used Orwellian newspeak to redefine the meaning of such words.

It is up to the Coalition government to prove through action, not just words, that they are really different from their Labour predecessors.

We have abolished ID cards, cut back government databases and limited pre-charge detention. But we must not allow the internet to become an unpoliced space, with criminals
free to go about their business with abandon.

The Government's Strategic Defence and Security Review - in which we announced our intention to update communications data capability in October 2010 - can be found here.

Green Paper on Justice and Security

The Government also faces a problem with challenges to executive decisions, for example when it refuses British citizenship or excludes from the UK an individual believed to be involved in activities which threaten national security. These decisions are made on the basis of sensitive intelligence. In judicial reviews of such decisions, again, there is no statutory basis for closed material procedures to be available to the court. This means the Government is unable to fight the case and may have to allow British citizenship to an individual believed to be engaged in terrorism-related activity, for example, because the courts have no secure forum to handle the appeal process.

How many times has such a refusal of British citizenship ever happened ?

There is no problem if there is some actual prima facie hard evidence, of actual terrorist activity against British interests.

If all there is is "intelligence" consisting of unfounded rumours, gossip, anonymous denunciations, false positive identifications etc. then this should rightly be ignored by a Court , just like Hearsay "evidence" for exactly the same common sense reasons.

The recent MI5 investigation into Ekaterina Zatuliveter, showed how incompetent and superficial such "investigations" can be.

That case also shows that there already is a "secure forum to handle the appeal process" "national security" and Immigration and British citizenship executive decisions - the Special Immigrations Appeals Commission (SIAC)

Our proposals

These examples illustrate the compelling case for changing the current rules so that these sorts of cases can be properly heard in a Closed Material Proceeding (CMP) by a judge, where a judgment can be reached on the basis of all

The circumstances in which a CMP would be triggered would be exceptional and rare. They will not apply at all to criminal proceedings and would only apply in compensation cases, or other civil cases based on highly sensitive intelligence material.

The proposals in the Green paper also attempt to "nobble" the Inquests into deaths caused by the Police or by UK or Foreign Military forces, especially by USA "friendly fire".

The Daily Mail is claiming today, via some anonymous Whitehall briefing, that this aspect of the Green Paper, which is not mentioned in this letter, may perhaps be dropped:

Climbdown on secret inquests: Victory for the Mail's open justice campaign

Alongside these proposals to extend judicial scrutiny over Government actions, we also want to give Parliament greater powers of scrutiny by increasing the status, remit and powers of the Intelligence and Security Committee. One option in the Green Paper is for the ISC to be made a statutory Committee of Parliament, to allow it to hold public evidence essions and to give it the power to require information from the security and intelligence agencies.

Spy Blog has been following the inadequate scrutiny provided by the Intelligence and Security Committee for years.

The overall effect is that the Security Service will be more accountable to Parliament and to the courts than at present and that more sensitive evidence will be considered by courts than is possible now.

The Green Paper can be found here.

https://update.cabinetoffice.gov.uk/sites/default/files/resources/green-paper_1.pdf (.pdf)

Further information

We will listen to those who have made suggestions as we develop our plans. If you require any more information, please do get in touch with our PPSs Edward Timpson MP and Ben Wallace MP.

Theresa May Kenneth Clarke

Where is the important topic of Intercept as Evidence for use by either the prosecution or defence in Court (currently forbidden by the Regulation of Investigatory Powers Act 2000 section 17 exclusion of matters from legal proceedings), which is entirely relevant to both the CCDP and CMP proposals ?

BBC Radio 4: Secret Britain

| | Comments (1)

The BBC Radio 4 documentary series Secret Britain should be of interest to Spy Blog readers.

The first programme in the series was broadcast last Tuesday 16th August 2011, but it still available (for now) online via the BBC iPlayer

One Hundred Years of Secrecy

Presented by veteran investigative journalist Peter Hennessey, with sound bites from
retired heads of intelligence agencies, Whitehall mandarins, politicians and the occasional whistleblower.

The programme "celebrates" the 100th anniversary of the notorious Official Secrets Act 1911, which , amidst mainstream media inspired hysteria and collective Must Be Seen To Be Doing Something panic amongst the politicians, after a foreign security crisis.

The influence of this overbroad "catch all" Act and the way in which it was sneaked through Parliament in a rush, without proper debate or scrutiny set the tone for almost all subsequent "security" legislation to date.

The supposedly more narrowly targeted Official Secrets Act 1989 also commands little public confidence,has led to some dubious prosecutions yet it has not prevented "leaks" from the Whitehall and national security / counter-terrorism bureaucracy. It therefore needs urgent reform

The most interesting quotation in the broadcast was from Sir Stephen Lander, the retired Director General of MI5 the Security Service (who was also later in charge of the Serious Organised Crime Agency).

His comment on the Security Service Act 1989,

SSL: "I think, fundamentally, it was a wonderful thing to have done for the Service. It was the most important thing that happened in my time. MI5 getting legislation for the Service.

Apart from anything else, it made us so much more operationally aggressive, and more confident.

PH: Because you had "cover" ?

SSl: Yep, We were "proper".

And it was a beautiful piece of draughting, at something, you know, "there shall continue to be a Security Service" without having previously acknowledged that it had previously existed in law - hah hah - a beautiful piece of draughting.

Sir John Scarlett, the former Chief of the Secret Intelligence Service MI6 was also complimentary about the Intelligence Services Act 1994, which put MI6 and GCHQ on a statutory legal footing.

However he is utterly wrong to claim that

The 1994 Act, allowed, a very large amount of information, to be made available for public discussion and in the public domain, about, the work, of the Service, the role it plays in Government, the way it's structured, quite a bit, in effect, about its resources, about it's preoccupations, its targets, and that process of releasing information into the public domain, began in 1994.

And now there is a vast amount of information available through, Parliamentary reports, Commission reports, and now, in recent years, through the websites,o the Services, and so on.

[...]

For all the ups and downs over the years, it's worked as least as well as we could have expected, and I would say, broadly better.

Regular Spy Blog readers will have noticed just how uninformative and secretive the censored Intelligence and Security Committee and various Commissioners' Reports have been over the years. The websites of the intelligence services are not very informative either - probably the best is that of MI5

Obviously tactical, operational security details of particular ongoing operations and investigations should remain secret. This radio programme illustrates with a couple of examples, the corrosive effect of self authorised "national security" secrecy, with criminal penalties with which to threaten whistleblowers, but without any counterbalancing criminal penalties for use against officials and politicians who abuse the privilege of such secrecy, simply to hide or cover up their political embarrassment or their managerial or technological incompetence or the whiff of corruption or treason,

The next programme in the series is:

D for Discretion: Can the Modern Media Keep a Secret?

This forthcoming programme looks as if it will talk about the increasingly irrelevant DA-Notice System of voluntary self censorship by the mainstream media.

The "Defence Advisory Notice System" - as it is now called - is supposed to be entirely voluntary. In reality, though, it's very rare for any of the mainstream media organisations to ignore the committee's requests. But how does this work in the age of Wikileaks and citizen journalism? This programme looks at the challenges to the system posed by social media websites. What happens if members of the public try to reveal government secrets on Twitter - in a similar way to this year's row about super-injunctions? And how do newspapers like The Guardian square their Wikileaks collaborations with their own editorial guidelines on national security issues?

Broadcast times:

Tue 23 Aug 2011 09:00 BBC Radio 4

Tue 23 Aug 2011 21:30 BBC Radio 4

and then online via iPlayer for a while.

Several Civil Liberties and Human Rights organisations have, rightly, criticised the Detainee Inquiry for its lack of power to compel evidence from witnesses and its excessive secrecy, so they are therefore boycotting it,

e.g. The Guardian reports: Torture inquiry boycotted by human rights groups over lack of openness

The chairman, the Rt. Hon. Sir Peter Gibson, is the former Intelligence Services Commissioner, whose office was set up under the Regulation of Investigatory Powers Act 2000, whose censored Annual Reports never gave any details of anything, never criticised the Intelligence Agencies at all and consequently never inspired any public confidence that there was any effective independent scrutiny of the activities of intelligence agencies.

Rt_Hon_Sir_Peter_Gibson_450.jpg

To be fair to Sir Peter and his predecessors, their role as Intelligence Services Commissioners are bound strictly by the Regulation of Investigatory Powers Act 2000 section 59 Intelligence Services Commissioner i.e. they are not allowed to attempt to scrutinise anything other than Part II Surveillance and covert human intelligence sources and Part III Investigation of electronic data protected by encryption etc. i.e. they have never been allowed to scrutinise any wider intelligence agency investigations or projects or policies.


However, unless Sir Peter Gibson takes immediate steps to demonstrate real independence from the intelligence agencies, Whitehall and Downing Street, his Detainee inquiry will be dismissed as a coverup and whitewash, even before it has really got going.

No explicit protection for whistleblowers

The identities of any potential or actual whistleblowers from within the intelligence agencies, who might contradict the official media line, will be of intense interest to the agencies involved and also to their UK peers and foreign rivals.

The fact that The Guardian seems to have been given access to British government's secret interrogation policy. This document was supposedly very secret, so there has been some sort of a leak to The Guardian newspaper.

If this is genuine, then it reveals a deliberate policy of covering up the the intelligence agencies' and the former Labour government's collaboration with torturers, whilst taking care not to dirty their hands themselves.

It is extremely unlikely that any of the prisoners who were tortured were ever classified by the intelligence agencies as Covert Human Intelligence Sources, so we will be amazed if Sir Peter admits that he was are of or had read the document published by The Guardian whilst he was the RIPA Intelligence Services Commissioner.

The Detainee Inquiry Protocols (.pdf) highlight the lack of any protection or immunity for individual whistleblowers from within the intelligence services.

Private Evidence Sessions

33. The Inquiry recognises that the operational details of the security and intelligence agencies will need to be considered in private due to national and personal security concerns. All evidence from current or former members of the security and intelligence agencies, below the level of Head, will be heard in private. The private evidence sessions of current or former crown servants, civil servants or Ministers may be attended by authorised representatives of the relevant departments, unless the witness has requested otherwise and the Inquiry accedes to that request.

Without an explicit, up front, guarantee that the Detainee Inquiry will not betray the fact of their existence or their actual identities, to the intelligence agencies, whilst they decide whether or not to grant them anonymity, why should any whistleblowers from within the intelligence agencies ever come forward to give evidence to the Inquiry ?

34. Other individuals wanting to give evidence in private will have their requests considered on a case by case basis by the Inquiry with reference to the following points:

(a) would the matters on which the witness will give evidence, if revealed in public, meet the criteria in Paragraph 1 of Annex A

(b) is there any genuine or sufficient reason (such as health or personal security concerns) why a witness would have difficulty appearing or being entirely frank in public? The Inquiry will consider sympathetically any request to give evidence in private from a witness who believes that he/she has suffered trauma in the course of his/her detention, or otherwise as a result of the matters about which he or she is to give
evidence.

(c) would giving evidence in private ensure the witness‟s welfare, security or
freedom to speak frankly, for example in the case of junior staff who may wish to give evidence that runs counter to that of others?

(d) the extent to which a witness‟s concerns could be addressed by other protective measures short of hearing the evidence in a private session.

They have thought of "the case of junior staff who may wish to give evidence that runs counter to that of others", but they have not provided any immunity or whistleblower anonymity protection at all.

At the very least they should demand and publish, written undertakings from the heads of each of the intelligence agencies and from the Cabinet Office and the Prime Minister, guaranteeing that any such junior official whistleblowers will be protected from their colleagues and senior managers.

If the Detainee Inquiry does somehow manage to preserve the anonymity of any intelligence agency whistleblower sources, there must be a clear "don't ask, don't tell" policy for when intelligence agency staff next undergo their periodic Developed Vetting security clearance interviews - they should never be asked whether they contacted the Detainee Inquiry or not.

The letter from PM David Cameron to Sir Peter Gibson mentions some vague promises about protections for whistleblowers, but these appear to be really more aimed at giving immunity to the named senior witnesses from the Intelligence agencies, rather than to
any anonymous whistleblowers or potential whistleblowers.

http://download.cabinetoffice.gov.uk/intelligence/pm-letter-gibson.pdf

The Cabinet Secretary and the heads of the intelligence services will require staff in their departments and agencies to cooperate fully with the inquiry and expect them to cooperate with the Inquiry's requests for oral evidence. The Attorney General has agreed to provide an undertaking that evidence given by witnesses may not be used against them in criminal proceedings, whether their evidence is given in public, private or both (other than in proceedings where he or she is charged with giving false evidence or conspiring to do so in the course of this Inquiry). The Cabinet Secretary and heads of the intelligence services will set out analogous undertakings to staff in respect of disciplinary proceedings based on their evidence, whether public or private.

This is dated 6th July 2010 i.e. over a year ago, but if these undertakings really exist, they have not been made public, as they should have been.

No protection from Communications Data snooping etc.

The Intelligence Agencies must be explicitly forbidden from treating the Detainee Inquiry and any potential whistleblowers who may be thinking of giving evidence, as targets for the powerful surveillance methods which they use routinely.

Knowing what we do about Communications Data Retention and Analysis abuses, there should be clear, public, written instructions from the heads of each of the intelligence agencies and from the Cabinet Office and the Prime Minister preventing these techniques from being used on the members of the Detainee Inquiry or their staff, their website, email addresses, landline or mobile phone and to postal mail etc.

This prohibition also needs to apply to the private phones, emails, social networking etc. of the families and friends of people associated with the Detainee Inquiry.

This public prohibition must also apply to any potential or actual witnesses who attempt to contact the Detainee Inquiry.

There must be no Communications Data snooping or Communications Interception authorised under the Regulation of Investigatory Powers Act 2000 and that no intrusive surveillance e.g. the planting of electronic bugging or tracking devices or cameras etc. will be subcontracted out to any Police units, under the Police Act 1997 part III.

There must be no attempts to recruit or coerce any Confidential Human Intelligence Sources amongst the Detainee Inquiry members and staff, or any or their sub-contractors or service providers (e.g. their website design or email hosting companies) , neither directly, nor from amongst their families and friends.

The Intelligence Agencies should also be forbidden from using their access to unregulated databases such as the ACPO National Automatic Number Plate Recognition Database or the London Congestion Charge monitoring vehicle journeys or the London Oyster Card monitoring Tube and Bus journeys etc. , or the e-borders access to Passenger Name Records from the airline and ferry industries, or CCTV footage in general, which they will be tempted to use to try to track down possible face to face meetings or document dead drops between Detainee Inquiry staff and potential or actual whistleblowers.

The Intelligence Agencies should be expressly forbidden from asking their colleagues and contacts in friendly foreign intelligence agencies e.g. in the USA, or in UK Police Forces, or private sector companies, to carry out any of these activities against the Detainee Inquiry or potential or actual whistleblowers, on their behalf.

These instructions need to be made public, so that staff at the Communications Service providers (telephone, mobile phone, internet and postal) are aware of them as well and can question or refuse even apparently "national security" requests for Communications Data or for Electronic Communications or Postal Intercepts.

GCHQ and MI5 should be given the budget and the explicit task of protecting the Detainee Inquiry from attempts to snoop on it by private military contractors, private investigators, foreign intelligence agencies, journalists and amateur hacktivists etc.

The current website Contact pages: http://www.detaineeinquiry.org.uk/contact/ provide no security or anonymity mechanisms to protect the identities of potential whistleblowers, either from foreign intelligence agencies, serious organised crime gangs, terrorists groups or from the UK intelligence Agencies, the UK Police, the press and media or from amateur or professional computer hacker wannabees.

At the very least they should publish a Public PGP Encryption Key and be properly trained in how to use it in conjunction with their published email addresses.

A Digital Certificate to encrypt a web submission form and a whistleblower submission workflow acknowledgement mechanism might also help with the credibility of the Inquiry.
see Leak Directory< wiki (backup site) for examples.



Annual report of the Chief Surveillance Commissioner to the Prime Minister and to Scottish Ministers for 2010-2011 (.pdf)

The Chief Surveillance Commissioner, the Rt. Hon. Sir Christopher Rose writes:

Chief Surveillance Commissioner

2.4 I was invited to oversee the removal of 'covert' cameras around specific areas of Birmingham. I have confirmed in writing that no cameras installed specifically for covert use were capable of use before the decision to remove them. All camera equipment has been removed and, by the time this report is published, I will have confirmed that all related 'street furniture' has been removed.

See Spy Blog: Project Champion Review - CCTV and ANPR mass surveillance ghettos in Birmingham

2.5 Towards the end of the year, significant media reporting relating to the activity of an undercover officer authorised to conduct activity against domestic extremism resulted in a number of investigations by Her Majesty's Chief Inspector of Constabulary, SOCA and the IPCC. At the time of this report's preparation these investigations continue. I am monitoring all investigations to ensure consistent and accurate interpretation of legislation. I am reassured by the involvement and publication of the terms of reference of an objective External Reference Group in relation to HMCIC's investigation.

Will any of the senior Police officers and bureaucrats and politicians, who were responsible for the various undercover police spies and agent provocateurs
who have been caught infiltrating the various "environmental" protest groups ever be named and shamed or punished ?

What are their links to the state and private sector powerful vested interests ?

OSC guidance

3.4 I explained in paragraphs 3.6 to 3.8 of my last report that my Commissioners from time to time publish guidance; the latest was published in September 2010. If I continue to find that this document is not readily available to those who need it, or is not promoted by national associations, I may make it publicly available on my website. I have resisted this temptation so far because:

3.4.1 my small office does not have the capacity to answer the inevitable influx of requests for clarification that this would invite;

Surveillance is big business, affecting millions of people in the UK.

The taxpaying public has a right to demand the publication of this document and for clarifications to be answered promptly and fully.

3.4.2 law enforcement agencies in particular are concerned that tactics might be unnecessarily revealed;

3.4.3 it is not a comprehensive document which covers every eventuality and it might be misconstrued or misused; and

That sounds like bureaucratic backside covering.

Publish the guidance anyway.

How can it be misconstrued and misused any more than the Acts of Parliament
and the Codes of Practice upon which it is based ?

If these are not crystal clear then they must be amended.

3.4.4 it is not my remit to provide free legal advice, though I proffer guidance to public authorities which I have a responsibility to review, in order to raise standards and promote consistency.

Public Authorities should make this guidance available to everybody. Why should it be kept secret ?

Time for a Freedom of Information Act request to , say, the Metropolitan Police Service , for a copy of this Guidance.

Why are the RIPA Commissioners still excluded from the list of Public Bodies, even though they absolutely meet and exceed the conditions for such a listing under the FOIA section Schedule 1 ?

3.8 The procedural changes proposed in the Protection of Freedoms Bill involving magistrates in the authorisation process for local authorities and a higher threshold for authorised covert activity will not reduce the frequency or nature of my inspections even if the number of authorisations is reduced. My inspections will continue to focus on the training, knowledge and competence of local authority officials involved in the identification of activity which may be covert and which, if it is, should be authorised under the legislation in a clear and principled way.

So there is not going to be any reduction in Surveillance by public authorities as a result of the proposed Protection of Freedoms Bill ?

3.10 I have commented in previous reports that there appears to be an over-reliance on the capacity of the OSC to examine authorisations. I remain concerned that my limited capacity is misappreciated. Public authorities, particularly law enforcement agencies, should not be lulled into a false sense of confidence if at trial lawyers do not scrutinise relevant documents. Lack of challenge does not imply compliant authorisation. I mentioned last year (paragraph 5.19) that there is an expectation of authorisation. I add this year that authorisations should be of a quality to withstand examination at trial however rarely such scrutiny may occur.

Is this an oblique, soviet style hint, that there are some illegal cases involving authorisations which will not stand up to proper scrutiny ?

3.11 I have considered carefully, but resisted, a few requests to increase the duration between inspections. My inspection capability is limited. The sample of documents which can be examined is small and the inspection can only be regarded as a 'snapshot in time'; it is not an indicator of trends. Often key personnel change in the period between inspections. I recognise the inconvenience of an inspection (especially for law enforcement agencies) but less frequent inspections would not provide the effective oversight which Parliament requires of me.

Which snooping organisations are moaning about the current, totally inadequate level of inspections ?

"the effective oversight which Parliament requires of me."

is a misnomer - it does not actually represent properly transparent and effective oversight, which the public has a right to demand.

3.12 I have still not been given the power to inspect local authorities in Northern Ireland. I am concerned that these authorities have never been inspected.

That is a scandal which should have been rectified years ago.

3.14 I invited representation from the Association of Chief Police Officers Automated Number Plate Reading Working Group to one of the meetings in order better to understand its concerns regarding specific guidance on that topic. It is my intention to provide further guidance, if necessary, before this report is published.

Automated Number Plate Reading (ANPR) is a whole area of mass surveillance which the current and previous Surveillance Commissioner have ineffectively criticised.

No doubt the Chief Surveillance Commissioner will not actually investigate any actual or potential abuses of ANPR, only issue secret Guidance to the snoopers as per paragraph 3.4 above. He may even abrogate this responsibility and leave it to the new RIPA style Surveillance Camera Commissioner, proposed in the Protection of Freedoms Bill, to deal with.

OSC website

3.18 I have not had the capacity to improve my website. The Cabinet Office has recently decided that all government related websites, including those of Non Departmental Public Bodies such as mine, will migrate to a corporate process. It is essential that I remain independent and be seen to be independent.

At least the OSC actually has a website, unlike the other two RIPA Commissioners.

Neither the Chief Surveillance Commissioner nor the other two RIPA Commissioners
will ever be "seen to be independent" whilst they reports only to Ministers rather than to Parliament and the public directly. and whilst they weasel out of compliance with the Freedom of Information Act.

3.25 In order to achieve a reduced budget for the financial year 2011 - 2012 I have reluctantly reduced my capacity by one Inspector and the Secretary post and downgraded a further post. My capacity has always been limited and I wrote to the Home Secretary to explain the impact of reducing my budget by £140K. I recognise the severity of the country's financial situation but a reduction of nine percent has serious operational repercussions in a tiny organisation. I am only able to work within this tight limit by reducing inspectorate and secretarial staff.

How about the Home Office reducing the amount of Surveillance it funds by 10 per cent ?

4.2 Statistics for directed surveillance and the use of CHIS have been supplied by all law enforcement agencies. I am pleased to report that all other public authorities have responded to my request for this statistical information, so this year's figures are again based on a one hundred per cent return.

4.3 It is important that these statistics are not misconstrued. Reports relating to local authority use of covert surveillance have been misleading and often inaccurate. I have identified no systemic attempts to misuse legislation. There are, occasionally and inevitably, misjudgments but these are rarely the result of abuse of power.

[...]

Misjudgments about proportionality etc. in the exercise of such powerful and dangerous legislation are an abuse of power, the only question is whether such inevitable human lapses within an inhuman system of surveillance bureaucracy, should be punished or not.

Given the secrecy which surrounds such surveillance, there is no effective system of public apology and financial compensation for the victims of such misjudgments - the Courts are only available to the rich and are useless for the protection of privacy.

The Surveillance Commissioner should "name and shame" the culprits in this Report, which is his only sanction, pathetically weak though that is.

Section 49 - encryption

4.11 During the period to which this report relates, NTAC granted 26 approvals from 30 applications. Permission was not sought in eight cases after NTAC approval. From the remainder, 17 had permission granted by a Circuit Judge, of which 12 have so far been served. Four were complied with and two were not; the remainder were still being processed. Five people were charged with an offence, of whom it was decided not to prosecute two. So far there has been one conviction with other cases still to be decided.

4.12 The conviction related to the possession of indecent images of children. Other offences include: domestic extremism, insider dealing, fraud, evasion of excise duty, drug trafficking and drug possession with intent to supply.

Not the complete absence of the words "terrorism" or "national security".

NTAC = National technical Assistance Centre, which has lurked somewhere under the GCHQ empire since 2006.

4.13 These statistics are provided by NTAC which is able to be accurate regarding the number of approvals it has granted. But it is reliant on those processing notices to keep it informed regarding progress. It appears that there has been delay in serving some notices after approval has been granted (hence the difference between the number approved and the number served). Notices, once approved, should be served without delay.

Delays by the legalistic surveillance bureaucracy ? Who could have imagined that, apart from, say Franz Kafka.

Legislation

5.4 At the time of writing, the Protection of Freedoms Bill is at the Committee stage.

[...]

it is not apparent why local authorities should be treated differently from other public authorities

Agreed

[...]

The higher threshold in the proposed legislation will reduce the number of cases in which local authorities have the protection of RIPA when conducting covert surveillance; it will not prevent the use of those tactics in cases where the threshold is not reached but where it may be necessary and proportionate to obtain evidence covertly and there will be no RIPA audit trail. Part I of RIPA makes unauthorised interception unlawful. In contrast, Part II makes authorised surveillance lawful but does not make unauthorised surveillance unlawful.

[...]

Why should the minority users of RIPA surveillance powers i.e. Local Authorities have to be authorised by Magistrates, when the vast bulk of request by the Police and Intelligence Agencies and other Government Departments e.g. DWP, HMRC etc. will
continue to be self authorised ? They should all have independent judicial warrant oversight of every application, before (or in emergencies, immediately after) the privacy intrusion happens, not just a RIPA Commissioner audit of a sample of requests every year or two.

5.11 We have evidence that some public authorities are purchasing highly intrusive technical capability without properly considering the legislative implications of its use. For instance, a single digital camera is capable of coverage equivalent to or greater than a larger number of analogue cameras; but the reduction in the number of cameras does not reduce privacy concerns. We have seen noise monitoring equipment that is capable of 'permanent' monitoring even though it has not been activated to store a recording in an easily interpreted form and I am not convinced that data is irretrievable. For this reason, my Commissioners have provided guidance that authorising officers should avoid accepting loose terminology and understand the capability of the equipment. Corporately, public authorities should ensure that equipment which is more capable than can be justified should not easily be procured.

Vaguely hoping that the purchasing of intrusive technology will somehow not happen is foolish - e.g. digital cameras are cheaper than analogue ones these days.

There should be detailed consideration of the technological capabilities being used or potentially abused, by those who supposedly, independently, scrutinise the proportionality of each application for covert surveillance.

The Rt. Hon. Sir Christopher Rose makes this interesting legal point regarding Covert Human Intelligence Sources (CHIS):

Availability of powers

5.15 Many public authorities which are not law enforcement agencies prefer not to use CHIS. Their reasoning usually reflects a laudable desire to use less intrusive methods or a belief that they are ill-prepared to manage them compliantly. The desire is good practice and the belief is often accurate. However, the ease with which statutory criteria are met is often misjudged; a person, irrespective of motive, may be a CHIS if he uses a personal or other relationship to pass information to a public authority in a manner that is covert in relation to the person to whom the information refers. This may not be of significant concern if the reporting is occasional or when the information attracts no action or when it has been volunteered. It should be a concern if the individual reports information on which action is likely to be taken or if the information is likely to be retained for later analysis. Public authorities may not ignore this because they do not wish to use CHIS. In many cases, public authorities wish to retain the power but make no effort to prepare properly for the eventuality. In other cases, the public authority has decided that it no longer requires the capability, without recognising that it is dealing with persons who should be authorised as a CHIS. I have no power to insist on proper training or retention of powers. I can only draw the risk to the attention of the relevant authority. But I take this opportunity to remind public authorities that the threshold set by Parliament is low and that there is significant risk in reliance on a person within the statutory definition of a CHIS who is not authorised.

The Conservative - Liberal Democrat coalition government has published a new website with a few more details of their plans:

http://programmeforgovernment.hmg.gov.uk/

However, when we clicked on the Civil Liberties link,

http://programmeforgovernment.hmg.gov.uk/civil-liberties/

we got a rather ironic "Error establishing a database connection":


PoG_error_establishing_a_database_connection_450.jpg

Is this simply because too many people were trying to access this link, or
are the Government website people trying to hint at something ?

A document is also available to download: The Coalition: a Programme for Government [PDF 476Kb, 36 pages] from the Cabinet Office website.

The BBC reports: Full Text: Conservative-Lib Dem deal, which looks promising:

Here is the full text of the coalition agreement reached by the Conservatives and the Liberal Democrats:

This document sets out agreements reached between the Conservatives and Liberal Democrats on a range of issues. These are the issues that needed to be resolved between us in order for us to work together as a strong and stable government. It will be followed in due course by a final Coalition Agreement, covering the full range of policy and including foreign, defence and domestic policy issues not covered in this document.

[...]

10. Civil liberties

The parties agree to implement a full programme of measures to reverse the substantial erosion of civil liberties under the Labour Government and roll back state intrusion.

This will include:

  • A Freedom or Great Repeal Bill.

  • The scrapping of ID card scheme, the National Identity register, the next generation of biometric passports and the Contact Point Database.

  • Outlawing the finger-printing of children at school without parental permission.

  • The extension of the scope of the Freedom of Information Act to provide greater transparency.

  • Adopting the protections of the Scottish model for the DNA database.

  • The protection of historic freedoms through the defence of trial by jury.

  • The restoration of rights to non-violent protest.

  • The review of libel laws to protect freedom of speech.

  • Safeguards against the misuse of anti-terrorism legislation.

  • Further regulation of CCTV.

  • Ending of storage of internet and email records without good reason.

  • A new mechanism to prevent the proliferation of unnecessary new criminal offences.

If Parliament had done its job of proper of detailed legislative scrutiny and the previous Labour politicians and their apparatchiki had not been so Orwellian in thought, yet so incompetent with anything to do with technology, none of this section on Civil Liberties would be needed.

Obviously Spy Blog will analyse the specific details and the actual implementation of these plans, when they emerge, but this section of the coalition agreement, seems to be very good news for the normal, innocent, law abiding people of the United Kingdom.

To ensure that the political pressure is kept up on these Conservative and Liberal Democrat politicians, for whom coalition is a new concept and is one which may not last until 2015, we urge readers of Spy Blog to continue to support cross party campaigns and organisations such as

with your voluntary time and with financial donations.

All of these organisations and campaigns are still needed, given the technological developments and political challenges of the 21st Century.

About this blog

This United Kingdom based blog attempts to draw public attention to, and comments on, some of the current trends in ever cheaper and more widespread surveillance technology being deployed to satisfy the rapacious demand by state and corporate bureaucracies and criminals for your private details, and the technological ignorance of our politicians and civil servants who frame our legal systems.

The hope is that you the readers, will help to insist that strong safeguards for the privacy of the individual are implemented, especially in these times of increased alert over possible terrorist or criminal activity. If the systems which should help to protect us can be easily abused to supress our freedoms, then the terrorists will have won.

We know that there are decent, honest, trustworthy individual politicians, civil servants, law enforcement, intelligence agency personnel and broadcast, print and internet journalists etc., who often feel powerless or trapped in the system. They need the assistance of external, detailed, informed, public scrutiny to help them to resist deliberate or unthinking policies, which erode our freedoms and liberties.

Email & PGP Contact

Please feel free to email your views about this blog, or news about the issues it tries to comment on.

blog@spy[dot]org[dot]uk

Our PGP public encryption key is available for those correspondents who wish to send us news or information in confidence, and also for those of you who value your privacy, even if you have got nothing to hide.

Current PGP Key ID: 0xA165A29480CFAA4C which will expire on 6th September 2014.

pgp-now.gif
You can download a free copy of the PGP encryption software from www.pgpi.org
(available for most of the common computer operating systems, and also in various Open Source versions like GPG)

We look forward to the day when UK Government Legislation, Press Releases and Emails etc. are Digitally Signed so that we can be assured that they are not fakes. Trusting that the digitally signed content makes any sense, is another matter entirely.

Hints and Tips for Whistleblowers and Political Dissidents

Please take the appropriate precautions if you are planning to blow the whistle on shadowy and powerful people in Government or commerce, and their dubious policies. The mainstream media and bloggers also need to take simple precautions to help preserve the anonymity of their sources e.g. see Spy Blog's Hints and Tips for Whistleblowers - or use this easier to remember link: http://ht4w.co.uk

BlogSafer - wiki with multilingual guides to anonymous blogging

Digital Security & Privacy for Human Rights Defenders manual, by Irish NGO Frontline Defenders.

Everyone’s Guide to By-Passing Internet Censorship for Citizens Worldwide (.pdf - 31 pages), by the Citizenlab at the University of Toronto.

Handbook for Bloggers and Cyber-Dissidents - March 2008 version - (2.2 Mb - 80 pages .pdf) by Reporters Without Borders

Reporters Guide to Covering the Beijing Olympics by Human Rights Watch.

A Practical Security Handbook for Activists and Campaigns (v 2.6) (.doc - 62 pages), by experienced UK direct action political activists

Anonymous Blogging with Wordpress & Tor - useful step by step guide with software configuration screenshots by Ethan Zuckerman at Global Voices Advocacy. (updated March 10th 2009 with the latest Tor / Vidalia bundle details)

Links

Watching Them, Watching Us

London 2600

Our UK Freedom of Information Act request tracking blog

WikiLeak.org - ethical and technical discussion about the WikiLeaks.org project for anonymous mass leaking of documents etc.

Privacy and Security

Privacy International
United Kingdom Privacy Profile (2011)

Cryptome - censored or leaked government documents etc.

Identity Project report by the London School of Economics
Surveillance & Society the fully peer-reviewed transdisciplinary online surveillance studies journal

Statewatch - monitoring the state and civil liberties in the European Union

The Policy Laundering Project - attempts by Governments to pretend their repressive surveillance systems, have to be introduced to comply with international agreements, which they themselves have pushed for in the first place

International Campaign Against Mass Surveillance

ARCH Action Rights for Children in Education - worried about the planned Children's Bill Database, Connexions Card, fingerprinting of children, CCTV spy cameras in schools etc.

Foundation for Information Policy Research
UK Crypto - UK Cryptography Policy Discussion Group email list

Technical Advisory Board on internet and telecomms interception under RIPA

European Digital Rights

Open Rights Group - a UK version of the Electronic Frontier Foundation, a clearinghouse to raise digital rights and civil liberties issues with the media and to influence Governments.

Digital Rights Ireland - legal case against mandatory EU Comms Data Retention etc.

Blindside - "What’s going to go wrong in our e-enabled world? " blog and wiki and Quarterly Report will supposedly be read by the Cabinet Office Central Sponsor for Information Assurance. Whether the rest of the Government bureaucracy and the Politicians actually listen to the CSIA, is another matter.

Biometrics in schools - 'A concerned parent who doesn't want her children to live in "1984" type society.'

Human Rights

Liberty Human Rights campaigners

British Institute of Human Rights
Amnesty International
Justice

Prevent Genocide International

asboconcern - campaign for reform of Anti-Social Behavior Orders

Front Line Defenders - Irish charity - Defenders of Human Rights Defenders

Internet Censorship

OpenNet Initiative - researches and measures the extent of actual state level censorship of the internet. Features a blocked web URL checker and censorship map.

Committee to Protect Bloggers - "devoted to the protection of bloggers worldwide with a focus on highlighting the plight of bloggers threatened and imprisoned by their government."

Reporters without Borders internet section - news of internet related censorship and repression of journalists, bloggers and dissidents etc.

Judicial Links

British and Irish Legal Information Institute - publishes the full text of major case Judgments

Her Majesty's Courts Service - publishes forthcoming High Court etc. cases (but only in the next few days !)

House of Lords - The Law Lords are currently the supreme court in the UK - will be moved to the new Supreme Court in October 2009.

Information Tribunal - deals with appeals under FOIA, DPA both for and against the Information Commissioner

Investigatory Powers Tribunal - deals with complaints about interception and snooping under RIPA - has almost never ruled in favour of a complainant.

Parliamentary Opposition

The incompetent yet authoritarian Labour party have not apologised for their time in Government. They are still not providing any proper Opposition to the current Conservative - Liberal Democrat coalition government, on any freedom or civil liberties or privacy or surveillance issues.

UK Government

Home Office - "Not fit for purpose. It is inadequate in terms of its scope, it is inadequate in terms of its information technology, leadership, management systems and processes" - Home Secretary John Reid. 23rd May 2006. Not quite the fount of all evil legislation in the UK, but close.

No. 10 Downing Street Prime Minister's Official Spindoctors

Public Bills before Parliament

United Kingdom Parliament
Home Affairs Committee of the House of Commons.

House of Commons "Question Book"

UK Statute Law Database - is the official revised edition of the primary legislation of the United Kingdom made available online, but it is not yet up to date.

FaxYourMP - identify and then fax your Member of Parliament
WriteToThem - identify and then contact your Local Councillors, members of devolved assemblies, Member of Parliament, Members of the European Parliament etc.
They Work For You - House of Commons Hansard made more accessible ? UK Members of the European Parliament

Read The Bills Act - USA proposal to force politicians to actually read the legislation that they are voting for, something which is badly needed in the UK Parliament.

Bichard Inquiry delving into criminal records and "soft intelligence" policies highlighted by the Soham murders. (taken offline by the Home Office)

ACPO - Association of Chief Police Officers - England, Wales and Northern Ireland
ACPOS Association of Chief Police Officers in Scotland

Online Media

Boing Boing

Need To Know [now defunct]

The Register

NewsNow Encryption and Security aggregate news feed
KableNet - UK Government IT project news
PublicTechnology.net - UK eGovernment and public sector IT news
eGov Monitor

Ideal Government - debate about UK eGovernment

NIR and ID cards

Stand - email and fax campaign on ID Cards etc. [Now defunct]. The people who supported stand.org.uk have gone on to set up other online tools like WriteToThem.com. The Government's contemptuous dismissal of over 5,000 individual responses via the stand.org website to the Home Office public consultation on Entitlement Cards is one of the factors which later led directly to the formation of the the NO2ID Campaign who have been marshalling cross party opposition to Labour's dreadful National Identity Register compulsory centralised national biometric database and ID Card plans, at the expense of simpler, cheaper, less repressive, more effective, nore secure and more privacy friendly alternative identity schemes.

NO2ID - opposition to the Home Office's Compulsory Biometric ID Card
NO2ID bulletin board discussion forum

Home Office Identity Cards website
No compulsory national Identity Cards (ID Cards) BBC iCan campaign site
UK ID Cards blog
NO2ID press clippings blog
CASNIC - Campaign to STOP the National Identity Card.
Defy-ID active meetings and protests in Glasgow
www.idcards-uk.info - New Alliance's ID Cards page
irefuse.org - total rejection of any UK ID Card

International Civil Aviation Organisation - Machine Readable Travel Documents standards for Biometric Passports etc.
Anti National ID Japan - controversial and insecure Jukinet National ID registry in Japan
UK Biometrics Working Group run by CESG/GCHQ experts etc. the UK Government on Biometrics issues feasability
Citizen Information Project feasability study population register plans by the Treasury and Office of National Statistics

CommentOnThis.com - comments and links to each paragraph of the Home Office's "Strategic Action Plan for the National Identity Scheme".

De-Materialised ID - "The voluntary alternative to material ID cards, A Proposal by David Moss of Business Consultancy Services Ltd (BCSL)" - well researched analysis of the current Home Office scheme, and a potentially viable alternative.

Surveillance Infrastructures

National Roads Telecommunications Services project - infrastruture for various mass surveillance systems, CCTV, ANPR, PMMR imaging etc.

CameraWatch - independent UK CCTV industry lobby group - like us, they also want more regulation of CCTV surveillance systems.

Every Step You Take a documentary about CCTV surveillance in the Uk by Austrian film maker Nino Leitner.

Transport for London an attempt at a technological panopticon - London Congestion Charge, London Low-Emission Zone, Automatic Number Plate Recognition cameras, tens of thousands of CCTV cameras on buses, thousands of CCTV cameras on London Underground, realtime road traffic CCTV, Iyster smart cards - all handed over to the Metropolitan Police for "national security" purposes, in real time, in bulk, without any public accountibility, for secret data mining, exempt from even the usual weak protections of the Data Protection Act 1998.

RFID Links

RFID tag privacy concerns - our own original article updated with photos

NoTags - campaign against individual item RFID tags
Position Statement on the Use of RFID on Consumer Products has been endorsed by a large number of privacy and human rights organisations.
RFID Privacy Happenings at MIT
Surpriv: RFID Surveillance and Privacy
RFID Scanner blog
RFID Gazette
The Sorting Door Project

RFIDBuzz.com blog - where we sometimes crosspost RFID articles

Genetic Links

DNA Profiles - analysis by Paul Nutteing
GeneWatch UK monitors genetic privacy and other issues
Postnote February 2006 Number 258 - National DNA Database (.pdf) - Parliamentary Office of Science and Technology

The National DNA Database Annual Report 2004/5 (.pdf) - published by the NDNAD Board and ACPO.

Eeclaim Your DNA from Britain's National DNA Database - model letters and advice on how to have your DNA samples and profiles removed from the National DNA Database,in spite of all of the nureacratic obstacles which try to prevent this, even if you are innocent.

Miscellanous Links

Michael Field - Pacific Island news - no longer a paradise
freetotravel.org - John Gilmore versus USA internal flight passports and passenger profiling etc.

The BUPA Seven - whistleblowers badly let down by the system.

Tax Credit Overpayment - the near suicidal despair inflicted on poor, vulnerable people by the then Chancellor Gordon Brown's disasterous Inland Revenue IT system.

Fassit UK - resources and help for those abused by the Social Services Childrens Care bureaucracy

Former Spies

MI6 v Tomlinson - Richard Tomlinson - still being harassed by his former employer MI6

Martin Ingram, Welcome To The Dark Side - former British Army Intelligence operative in Northern Ireland.

Operation Billiards - Mitrokhin or Oshchenko ? Michael John Smith - seeking to overturn his Official Secrets Act conviction in the GEC case.

The Dirty Secrets of MI5 & MI6 - Tony Holland, Michael John Smith and John Symond - stories and chronologies.

Naked Spygirl - Olivia Frank

Blog Links

e-nsecure.net blog - Comments on IT security and Privacy or the lack thereof.
Rat's Blog -The Reverend Rat writes about London street life and technology
Duncan Drury - wired adventures in Tanzania & London
Dr. K's blog - Hacker, Author, Musician, Philosopher

David Mery - falsely arrested on the London Tube - you could be next.

James Hammerton
White Rose - a thorn in the side of Big Brother
Big Blunkett
Into The Machine - formerly "David Blunkett is an Arse" by Charlie Williams and Scribe
infinite ideas machine - Phil Booth
Louise Ferguson - City of Bits
Chris Lightfoot
Oblomovka - Danny O'Brien

Liberty Central

dropsafe - Alec Muffett
The Identity Corner - Stefan Brands
Kim Cameron - Microsoft's Identity Architect
Schneier on Security - Bruce Schneier
Politics of Privacy Blog - Andreas Busch
solarider blog

Richard Allan - former Liberal Democrat MP for Sheffield Hallam
Boris Johnson Conservative MP for Henley
Craig Murray - former UK Ambassador to Uzbekistan, "outsourced torture" whistleblower

Howard Rheingold - SmartMobs
Global Guerrillas - John Robb
Roland Piquepaille's Technology Trends

Vmyths - debunking computer security hype

Nick Leaton - Random Ramblings
The Periscope - Companion weblog to Euro-correspondent.com journalist network.
The Practical Nomad Blog Edward Hasbrouck on Privacy and Travel
Policeman's Blog
World Weary Detective

Martin Stabe
Longrider
B2fxxx - Ray Corrigan
Matt Sellers
Grits for Breakfast - Scott Henson in Texas
The Green Ribbon - Tom Griffin
Guido Fawkes blog - Parliamentary plots, rumours and conspiracy.
The Last Ditch - Tom Paine
Murky.org
The (e)State of Tim - Tim Hicks
Ilkley Against CCTV
Tim Worstall
Bill's Comment Page - Bill Cameron
The Society of Qualified Archivists
The Streeb-Greebling Diaries - Bob Mottram

Your Right To Know - Heather Brooke - Freedom off Information campaigning journalist

Ministry of Truth _ Unity's V for Vendetta styled blog.

Bloggerheads - Tim Ireland

W. David Stephenson blogs on homeland security et al.
EUrophobia - Nosemonkey

Blogzilla - Ian Brown

BlairWatch - Chronicling the demise of the New Labour Project

dreamfish - Robert Longstaff

Informaticopia - Rod Ward

War-on-Freedom

The Musings of Harry

Chicken Yoghurt - Justin McKeating

The Red Tape Chronicles - Bob Sullivan MSNBC

Campaign Against the Legislative and Regulatory Reform Bill

Stop the Legislative and Regulatory Reform Bill

Rob Wilton's esoterica

panGloss - Innovation, Technology and the Law

Arch Rights - Action on Rights for Children blog

Database Masterclass - frequently asked questions and answers about the several centralised national databases of children in the UK.

Shaphan

Moving On

Steve Moxon blog - former Home Office whistleblower and author.

Al-Muhajabah's Sundries - anglophile blog

Architectures of Control in Design - Dan Lockton

rabenhorst - Kai Billen (mostly in German)

Nearly Perfect Privacy - Tiffany and Morpheus

Iain Dale's Diary - a popular Conservative political blog

Brit Watch - Public Surveillance in the UK - Web - Email - Databases - CCTV - Telephony - RFID - Banking - DNA

BLOGDIAL

MySecured.com - smart mobile phone forensics, information security, computer security and digital forensics by a couple of Australian researchers

Ralph Bendrath

Financial Cryptography - Ian Grigg et al.

UK Liberty - A blog on issues relating to liberty in the UK

Big Brother State - "a small act of resistance" to the "sustained and systematic attack on our personal freedom, privacy and legal system"

HosReport - "Crisis. Conspiraciones. Enigmas. Conflictos. Espionaje." - Carlos Eduardo Hos (in Spanish)

"Give 'em hell Pike!" - Frank Fisher

Corruption-free Anguilla - Good Governance and Corruption in Public Office Issues in the British Overseas Territory of Anguilla in the West Indies - Don Mitchell CBE QC

geeklawyer - intellectual property, civil liberties and the legal system

PJC Journal - I am not a number, I am a free Man - The Prisoner

Charlie's Diary - Charlie Stross

The Caucus House - blog of the Chicago International Model United Nations

Famous for 15 Megapixels

Postman Patel

The 4th Bomb: Tavistock Sq Daniel's 7:7 Revelations - Daniel Obachike

OurKingdom - part of OpenDemocracy - " will discuss Britain’s nations, institutions, constitution, administration, liberties, justice, peoples and media and their principles, identity and character"

Beau Bo D'Or blog by an increasingly famous digital political cartoonist.

Between Both Worlds - "Thoughts & Ideas that Reflect the Concerns of Our Conscious Evolution" - Kingsley Dennis

Bloggerheads: The Alisher Usmanov Affair - the rich Uzbek businessman and his shyster lawyers Schillings really made a huge counterproductive error in trying to censor the blogs of Tim Ireland, of all people.

Matt Wardman political blog analysis

Henry Porter on Liberty - a leading mainstream media commentator and opinion former who is doing more than most to help preserve our freedom and liberty.

HMRC is shite - "dedicated to the taxpayers of Britain, and the employees of the HMRC, who have to endure the monumental shambles that is Her Majesty's Revenue and Customs (HMRC)."

Head of Legal - Carl Gardner a former legal advisor to the Government

The Landed Underclass - Voice of the Banana Republic of Great Britain

Henrik Alexandersson - Swedish blogger threatened with censorship by the Försvarets Radioanstalt (FRA), the Swedish National Defence Radio Establishement, their equivalent of the UK GCHQ or the US NSA.

World's First Fascist Democracy - blog with link to a Google map - "This map is an attempt to take a UK wide, geographical view, of both the public and the personal effect of State sponsored fear and distrust as seen through the twisted technological lens of petty officials and would be bureaucrats nationwide."

Blogoir - Charles Crawford - former UK Ambassodor to Poland etc.

No CCTV - The Campaign against CCTV

Barcode Nation - keeping two eyes on the database state.

Lords of the Blog - group blog by half a dozen or so Peers sitting in the House of Lords.

notes from the ubiquitous surveillance society - blog by Dr. David Murakami Wood, editor of the online academic journal Surveillance and Society

Justin Wylie's political blog

Panopticon blog - by Timothy Pitt-Payne and Anya Proops. Timothy Pitt-Payne is probably the leading legal expert on the UK's Freedom of Information Act law, often appearing on behlaf of the Information Commissioner's Office at the Information Tribunal.

Armed and Dangerous - Sex, software, politics, and firearms. Life’s simple pleasures… - by Open Source Software advocate Eric S. Raymond.

Georgetown Security Law Brief - group blog by the Georgetown Law Center on National Security and the Law , at Georgtown University, Washington D.C, USA.

Big Brother Watch - well connected with the mainstream media, this is a campaign blog by the TaxPayersAlliance, which thankfully does not seem to have spawned Yet Another Campaign Organisation as many Civil Liberties groups had feared.

Spy on Moseley - "Sparkbrook, Springfield, Washwood Heath and Bordesley Green. An MI5 Intelligence-gathering operation to spy on Muslim communities in Birmingham is taking liberties in every sense" - about 150 ANPR CCTV cameras funded by Home Office via the secretive Terrorism and Allied Matters (TAM) section of ACPO.

FitWatch blog - keeps an eye on the activities of some of the controversial Police Forward Intelligence Teams, who supposedly only target "known troublemakers" for photo and video surveillance, at otherwise legal, peaceful protests and demonstrations.

Other Links

Spam Huntress - The Norwegian Spam Huntress - Ann Elisabeth

Fuel Crisis Blog - Petrol over £1 per litre ! Protest !
Mayor of London Blog
London Olympics 2012 - NO !!!!

Cool Britannia

NuLabour

Free Gary McKinnon - UK citizen facing extradition to the USA for "hacking" over 90 US Military computer systems.

Parliament Protest - information and discussion on peaceful resistance to the arbitrary curtailment of freedom of assembly and freedom of speech, in the excessive Serious Organised Crime and Police Act 2005 Designated Area around Parliament Square in London.

Brian Burnell's British / US nuclear weapons history at http://nuclear-weapons.info

Syndicate this site (XML):

Follow Spy Blog on Twitter

For those of you who find it convenient, there is now a Twitter feed to alert you to new Spy Blog postings.

https://twitter.com/SpyBlog

Please bear in mind the many recent, serious security vulnerabilities which have compromised the Twitter infrastructure and many user accounts, and Twitter's inevitable plans to make money out of you somehow, probably by selling your Communications Traffic Data to commercial and government interests.

https://twitter.com/SpyBlog (same window)

Recent Comments

  • wtwu: BBC reports the password was $ur4ht4ub4h8 http://www.bbc.co.uk/news/uk-25745989 When Hussain was read more
  • wtwu: "only" an extra 4 months in prison for failing to read more
  • wtwu: Although not confirmed as part of the Wilson Doctrine per read more
  • wtwu: For now (just before Christmas 2013) it appears that the read more
  • wtwu: As expected, the ISC did not give the intelligence agency read more
  • wtwu: N.B. the Intelligence & Security Committee is now legally consituted read more
  • wtwu: "GCHQ accused of monitoring privileged emails between lawyers and clients read more
  • wtwu: Mon, 11 Feb 2013 14:44:32 +0100 Dear [name] I've read more
  • anon: The FSB and Russian TV news has named the alleged read more
  • wtwu: The FSB have now released some recordings / translated selected read more

Categories

Monthly Archives

April 2014

Sun Mon Tue Wed Thu Fri Sat
    1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30      

UK Legislation

The United Kingdom suffers from tens of thousands of pages of complicated criminal laws, and thousands of new, often unenforceable criminal offences, which have been created as a "Pretend to be Seen to Be Doing Something" response to tabloid media hype and hysteria, and political social engineering dogmas. These overbroad, catch-all laws, which remove the scope for any judicial appeals process, have been rubber stamped, often without being read, let alone properly understood, by Members of Parliament.

The text of many of these Acts of Parliament are now online, but it is still too difficult for most people, including the police and criminal justice system, to work out the cumulative effect of all the amendments, even for the most serious offences involving national security or terrorism or serious crime.

Many MPs do not seem to bother to even to actually read the details of the legislation which they vote to inflict on us.

UK Legislation Links

UK Statute Law Database - is the official revised edition of the primary legislation of the United Kingdom made available online, but it is not yet up to date.

UK Commissioners

UK Commissioners some of whom are meant to protect your privacy and investigate abuses by the bureaucrats.

UK Intelligence Agencies

Intelligence and Security Committee - the supposedly independent Parliamentary watchdog which issues an annual, heavily censored Report every year or so. Currently chaired by the Conservative Sir Malcolm Rifkind. Why should either the intelligence agencies or the public trust this committee, when the untrustworthy ex-Labour Minister Hazel Blears is a member ?

Anti-terrorism hotline - links removed in protest at the Climate of Fear propaganda posters

MI5 Security Service
MI5 Security Service - links to encrypted reporting form removed in protest at the Climate of Fear propaganda posters

syf_logo_120.gif Secure Your Ferliliser logo
Secure Your Fertiliser - advice on ammonium nitrate and urea fertiliser security

cpni_logo_150.gif Centre for the Protection of National Infrastructure
Centre for the Protection of National Infrastructure - "CPNI provides expert advice to the critical national infrastructure on physical, personnel and information security, to protect against terrorism and other threats."

SIS MI6 careers_logo_sis.gif
Secret Intelligence Service (MI6) recruitment.

gchq_logo.gif
Government Communications Headquarters GCHQ

careers_logo_sis.gif
Serious Organised Crime Agency - have cut themselves off from direct contact with the public and businesses - no phone - no email

da_notice_system_150.gif
Defence Advisory (DA) Notice system - voluntary self censorship by the established UK press and broadcast media regarding defence and intelligence topics via the Defence, Press and Broadcasting Advisory Committee.

Foreign Spies / Intelliegence Agencies in the UK

It is not just the UK government which tries to snoop on British companies, organisations and individuals, the rest of the world is constantly trying to do the same, regardless of the mixed efforts of our own UK Intelligence Agencies who are paid to supposedly protect us from them.

For no good reason, the Foreign and Commonwealth Office only keeps the current version of the London Diplomatic List of accredited Diplomats (including some Foreign Intelligence Agency operatives) online.

Presumably every mainstream media organisation, intelligence agency, serious organised crime or terrorist gang keeps historical copies, so here are some older versions of the London Diplomatic List, for the benefit of web search engine queries, for those people who do not want their visits to appear in the FCO web server logfiles or those whose censored internet feeds block access to UK Government websites.

Campaign Button Links

Watching Them, Watching Us - UK Public CCTV Surveillance Regulation Campaign
UK Public CCTV Surveillance Regulation Campaign

NO2ID Campaign - cross party opposition to the NuLabour Compulsory Biometric ID Card
NO2ID Campaign - cross party opposition to the NuLabour Compulsory Biometric ID Card and National Identity Register centralised database.

Gary McKinnon is facing extradition to the USA under the controversial Extradition Act 2003, without any prima facie evidence or charges brought against him in a UK court. Try him here in the UK, under UK law.
Gary McKinnon is facing extradition to the USA under the controversial Extradition Act 2003, without any prima facie evidence or charges brought against him in a UK court. Try him here in the UK, under UK law.

FreeFarid_150.jpg
FreeFarid.com - Kafkaesque extradition of Farid Hilali under the European Arrest Warrant to Spain

Peaceful resistance to the curtailment of our rights to Free Assembly and Free Speech in the SOCPA Designated Area around Parliament Square and beyond
Parliament Protest blog - resistance to the Designated Area restricting peaceful demonstrations or lobbying in the vicinity of Parliament.

Petition to the European Commission and European Parliament against their vague Data Retention plans
Data Retention is No Solution - Petition to the European Commission and European Parliament against their vague Data Retention plans.

Save Parliament: Legislative and Regulatory Reform Bill (and other issues)
Save Parliament - Legislative and Regulatory Reform Bill (and other issues)

Open_Rights_Group.png
Open Rights Group

The Big Opt Out Campaign - opt out of having your NHS Care Record medical records and personal details stored insecurely on a massive national centralised database.

Tor - the onion routing network
Tor - the onion routing network - "Tor aims to defend against traffic analysis, a form of network surveillance that threatens personal anonymity and privacy, confidential business activities and relationships, and state security. Communications are bounced around a distributed network of servers called onion routers, protecting you from websites that build profiles of your interests, local eavesdroppers that read your data or learn what sites you visit, and even the onion routers themselves."

Tor - the onion routing network
Anonymous Blogging with Wordpress and Tor - useful Guide published by Global Voices Advocacy with step by step software configuration screenshots (updated March 10th 2009).

irrepressible_banner_03.gif
Amnesty International's irrepressible.info campaign

anoniblog_150.png
BlogSafer - wiki with multilingual guides to anonymous blogging

ngoiab_150.png
NGO in a box - Security Edition privacy and security software tools

homeofficewatch_150.jpg
Home Office Watch blog, "a single repository of all the shambolic errors and mistakes made by the British Home Office compiled from Parliamentary Questions, news reports, and tip-offs by the Liberal Democrat Home Affairs team."

rsf_logo_150.gif
Reporters Without Borders - Reporters Sans Frontières - campaign for journalists 'and bloggers' freedom in repressive countries and war zones.

committee_to_protect_bloggers_150.gif
Committee to Protect Bloggers - "devoted to the protection of bloggers worldwide with a focus on highlighting the plight of bloggers threatened and imprisoned by their government."

Icelanders_are_NOT_Terrorists_logo_150.jpg
Icelanders are NOT terrorists ! - despite Gordon Brown and Alistair Darling's use of anti-terrorism legislation to seize the assets of Icelandic banks.

nocctv.gif
No CCTV - The Campaign Against CCTV

phnat-logo-black-on-white_150.jpg

I'm a Photographer Not a Terrorist !

power2010_132.png

Power 2010 cross party, political reform campaign

Cracking_the_Black_Box_black_150.jpg

Cracking the Black Box - "aims to expose technology that is being used in inappropriate ways. We hope to bring together the insights of experts and whistleblowers to shine a light into the dark recesses of systems that are responsible for causing many of the privacy problems faced by millions of people."

surveillance_72.jpg

Open Rights Group - Petition against the renewal of the Interception Modernisation Programme

wblogocrop_150.jpg

WhistleblowersUK.org - Fighting for justice for whistleblowers