Draft Communications Data Bill

From Wikipedia, the free encyclopedia
  (Redirected from Communications Data Bill)
Jump to: navigation, search
Cory Doctorow talks at the Open Rights Group event ORGCon 2012 about the bill

The Draft Communications Data Bill (nicknamed the Snoopers' Charter or Snooper's Charter) is draft legislation proposed by Home Secretary Theresa May in the United Kingdom which would require Internet service providers and mobile phone companies to maintain records (but not the content) of each user's internet browsing activity (including social media), email correspondence, voice calls, internet gaming, and mobile phone messaging services and store the records for 12 months. Retention of email and telephone contact data for this time is already required. The anticipated cost is £1.8 billion. May expected the bill to be introduced in the 2012–13 legislative session, carried over to the following session, and enacted as law in 2014.[1] Since the Deputy Prime Minister Nick Clegg withdrew his support for this bill in April 2013, it now seems unlikely to become law based on the current draft.[2]

History[edit]

Intercept Modernisation[edit]

The powers and intent of the Bill were preceded by plans under the last Labour administration to improve access to communications traffic data, under the Interception Modernisation Programme. The plans did not become a firm legislative proposal and were strongly opposed by both Conservative and Liberal Democrat opposition parties.

The new coalition agreement in 2010 committed to ending the storing of email and Internet records "without good reason". The IMP was not entirely abandoned however, and the Home Office under the new coalition committed to examining the problem of access to communications data under the Communications Capabilities Development Programme.[3][4][5]

Queen's Speech[edit]

The government announced its intention to legislate in order to "maintain capability" of law enforcement access to communications traffic data in 2012.[6]

Joint Committee[edit]

As the result of public reaction to the proposed Bill and internal Liberal Democrat opposition to the Bill, Nick Clegg asked for the Bill to be referred to a Joint Committee to scrutinise the proposal. The Committee is expected to report in early December 2012.

Powers[edit]

The bill would amend the Regulation of Investigatory Powers Act 2000.

Data collection[edit]

The bill would create a wide ranging power to compel any 'communications service provider' to collect and retain additional information about their users. Current data retention obligations require ISPs to retain data collected for business purposes for longer than normal. Under the new bill, any organisation that interacts with users and produces or transmits electronic communications could be compelled to collect and retain information about them, even if it is entirely irrelevant to their business needs.

Deep Packet Inspection[edit]

One technique that may be used to collect user data could be Deep Packet Inspection.

According to Office for Security and Counter-Terrorism Charles Farr, formerly of MI6, so-called "black boxes" - DPI - probes are not the "central plank" of the 2012 Communications Data Bill. The boxes would be used when communications service providers refuse to submit data, but he anticipated that most would maintain data about users in unencrypted form from which contact information could readily be separated from content. This would circumvent SSL encryption during transmission. He said that the DPI boxes were already "used as a matter of course" by ISPs.[7] The Mastering the Internet system was described in 2009 by The Register and The Sunday Times as the replacement for scrapped plans for a single central database, involving thousands of DPI "black boxes" at ISPs in association with the GCHQ base in Cheltenham, funded out of a Single Intelligence Account budget of £1.6 bn, including a £200m contract with Lockheed Martin and a contract with BAE Systems Detica.[8] In 2008 the black box infrastructure was operated by Detica, which had been expected to win additional contracts for its proposed expansion in the Communications Data Bill 2008.[9]

Filtering arrangements[edit]

The bill creates arrangements to interrogate and match data from different data sources. The justification is that only relevant data would be returned, thus improving personal privacy. Additionally, police cite problems matching data from for instance different cell phone masts.

However, the bill has been said to provide the legislative basis for a "giant database" that would allow "quite complicated questions" about "communications behaviors and patterns" which could become a "honeypot for casual hackers, blackmailers, criminals large and small from around the world, and foreign states", as Lord Strasburger described it, as the bill was scrutinsed by the Joint Committee of MPs and peers.[1][10]

The BBC reported that the Home Office stressed that the bill was intended for targeted surveillance rather than "fishing expeditions", but quoted opponent Nick Pickles, director of Big Brother Watch: "The filtering provisions are so broadly worded and so poorly drafted that it could allow mining of all the data collected, without any requirement for personal information, which is the very definition of a fishing trip."

Open Rights Group campaigner Jim Killock told the BBC that officials 'would be able to build up a complex map of individuals' communications by examining records of "their mobile phone, their normal phone, their work email, their Facebook account and so on",' which 'could compromise journalistic sources, deter whistleblowers and increase the risk of personal details being hacked'.[11] The human rights organization Liberty also called for rejection of what is being called the "Snoopers' Charter".[12]

Changes to oversight[edit]

The bill would change the authorisations given to police officers under RIPA. Instead of individual data requests being granted by a senior officer, the senior officer would grant powers once a month to investigating officers to conduct data requests on a topic they were investigating.

Additional changes to the role of Interception of Communications Commissioner and Information Commissioner are argued to improve oversight to the current arrangements under RIPA.

Justification[edit]

The basic justification is that communications traffic data is needed for investigations into serious crime, but access is declining. The Home Office cites that they expect access to decline from about 80% to around 60% of traffic data over the next decade if no action is taken. They also state, however, that the quantity of traffic data available is expected to grow by around 1000% in the same decade.

May stated that police made urgent requests for communications data in 30,000 cases last year and between 25% and 40% of them had resulted in lives being saved. She said that "There is a limited scope for the data we want to have access to. We have been very clear about that at every stage. The police would have to make a clear case for requesting access to data when there was an investigation that required it.... The aim of this is to ensure our law enforcement agencies can carry on having access to the data they find so necessary operationally in terms of investigation, catching criminals and saving lives"[10]

Though the bill had been mentioned in the context of terrorism and child sexual abuse, the powers could be used against minor crimes such as fly tipping.[13]

Public reaction[edit]

A survey by YouGov, commissioned by Big Brother Watch, found that 71% of Britons "did not trust that the data will be kept secure", and half described the proposal as "bad value for the money" as opposed to 12% calling it "good value". At the RSA Conference Europe 2012, Wikipedia founder Jimmy Wales said the bill "will force many relatively small companies to hang on to data that they would not otherwise retain, which puts the data at risk".[14] Wales told MPs that Wikipedia would take action to hinder monitoring of users' interests by encrypting all communication to the UK by default if UK ISPs are mandated to track which pages on the site are visited.[15]

Speaking at the launch of the World Wide Web Foundation's Web Index Tim Berners-Lee (inventor of the World Wide Web) talking about the bill stated “In Britain, like in the US, there has been a series of Bills that would give government very strong powers to, for example, collect data. I am worried about that." He added “If the UK introduces draconian legislation that allows the Government to block websites or to snoop on people, which decreases privacy, in future indexes they may find themselves farther down the list”.[16]

See also[edit]

References[edit]

  1. ^ a b Alan Travis (2012-10-31). "MPs call communications data bill 'honeypot for hackers and criminals'". The Guardian. 
  2. ^ [1]
  3. ^ A u-turn on reversing the surveillance state
  4. ^ Strategic Defence and Security Review
  5. ^ Stewart Mitchell (February 20, 2012). "Anger over mass web surveillance plans". PC Pro. 
  6. ^ Queen's Speech 2012 at-a-glance: Bill-by-bill, 10 May 2012
  7. ^ Kelly Fiveash (2012-07-11). "Top spook: ISP black boxes NOT key to UK's web-snoop plan". The Register. 
  8. ^ Christopher Williams (2009-05-03). "Jacqui's secret plan to 'Master the Internet':'Climb down' on central database was 'a sideshow'". The Register. 
  9. ^ Christopher Williams (2008-10-08). "Spy chiefs plot £12bn IT spree for comms überdatabase:Black boxes to keep Black's firm in the black". The Register. 
  10. ^ a b Warwick Ashford (2012-11-01). "Parliamentary committee joins criticism of draft communications data bill". Computer Weekly. 
  11. ^ Brian Wheeler (2012-07-19). "Communications Data Bill creates 'a virtual giant database'". BBC. 
  12. ^ "Liberty urges government to reject Snoopers’ Charter". Pink News. 2012-11-08. 
  13. ^ Tom Whitehead (2012-11-21). "Use stronger snooping powers against fly tipping, watchdog urges". The Telegraph. 
  14. ^ Warwick Ashford. "Most UK citizens do not support draft Data Communications Bill, survey shows". Computer Weekly. 
  15. ^ Kate Solomon (2012-09-06). "Jimmy Wales promises to encrypt Wikipedia against snooping bill". Tech Radar. 
  16. ^ Lucy Kinder (2012-09-06). "Sir Tim Berners-Lee accuses government of 'draconian' internet snooping". The Telegraph. 

External links[edit]

  • Bill text including: Foreword by the Home Secretary, Introduction, Draft Communications Data Bill and Explanatory Notes (interleaved), European Convention on Human Rights (ECHR) Memorandum and Delegated Powers Memorandum.
  • Open Rights Group Wiki