Blogs

RSS FeedBlogs
RSS FeedSubscribe to this blog
About Author
Simon Phipps

With a focus on open source and digital rights, Simon is a director of the UK's Open Rights Group and president of the Open Source Initiative. He is also managing director of UK consulting firm Meshed Insights Ltd.

Snoopers Charter Report Summary

A non-partisan, well-informed cross-Parliamentary committee has found the draft Communications Data Bill is so badly - almost abusively - drafted that it must not be allowed to proceed without substantial revision. Here's my summary.

Article comments

Technically-aware people throughout the UK should be thankful that the non-partisan Joint Select Committee of the houses of Lords and Commons investigating the draft Communications Data Bill have asked almost all the right questions and found it seriously wanting. It's overkill, creates dangerous unsupervised powers and was created without proper consultation.

In their report, published at midnight, they make it clear that a Bill to adjust the monitoring of communications by law enforcement and (counter-)espionage organisations can be justified. But the draft offered to Parliament by Charles Farr on behalf of MI6, GCHQ and other agencies -- and supported with considerably less enthusiasm by the police and others -- is almost derisively inappropriate. They note it's almost unchanged for what was submitted - and dismissed - under Labour. 

Here's my own rapid digest of highlights of the (substantial) document. The report found:

  • that Farr and the Home Office had failed to adequately consult with either the companies who would have to implement the Bill or with civil society organisations, while substantially stretching the truth claiming to have done so;
  • that the way the draft Bill empowers the Home Secretary to vary the scope and purpose of the powers created by the bill, without oversight or review, verges on the rule-by-decree powers of an autocrat;
  • that the Home Office actually knows what specific new powers are operationally necessary but has instead opted for this immense power-grab to save the inconvenience of political scrutiny next time they want more powers;
  • that the definition of "communications data" is just lifted unthinkingly from the Regulation of Investigatory Powers Act (RIPA) without regard for the way the nature of online communications has changed in the decade since it became law, resulting a dangerously vague and over-broad definition;
  • that the mechanisms for accessing the data collected - the so-called Review Filter - are defined too loosely to safeguard the public;
  • that the costs associated with implementation of the bill - close to the £2bn that has just been cut from the Home Office budget - are almost certainly a seriously under-estimate, especially if the cost of disposal of the collected data is allowed for;
  • that access to the data seems too freely available;
  • that the public do not trust the bill as a result of these and other issues.

Far from being the partisan showdown moral-panic-meisters of tabloids like The Sun would have us believe, the report is full of constructive proposals for how to make the draft bill fit for purpose. These include:

  • requiring consultation to take place with experts from both service providers and civil society to adequately define "Communications Data" so it doesn't "accidentally" include content as well as meta-data
  • requiring consultation with service providers over true costs, together with inclusion of a meaningful budget
  • defining a transparent yet lightweight mechanism for new technologies and needs to be included in the scope of the Bill by the Home Secretary without primary legislation, so the rule-by-decree is eliminated

For my tastes, their recommendation overlooked things. While they mention data mining, they fail to observe that with such a large body of data, the content of messages, no matter how well defined separately from "communications data", can probably still be deduced heuristically. I would have preferred them to have requested the addition of intent-based controls, along the lines of "'communications data' can only be analysed to deduce information which would otherwise be considered 'content' with a warrant".

Given the track record of the Home Office for actively scorning both service providers and civil society bodies, I would also have liked to see a statement along the lines of "no consultation, no Bill". But I'm pleasantly surprised by the level tone, the depth of insight and the non-partisan voice of the report.

The unthinking voices of moral panic will inevitably bay for blood in the name of catching of the paedophiles and terrorists. They will do so, conveniently, at a time when they are trying to have us minimise another, justified moral panic over the same unthinking tabloid voices scorn for the rights and privacy of individuals as they stomp over ordinary lives in pursuit if the next juicy story. But the non-partisan Joint Committee -- who published the report unanimously -- was right to find the Bill wanting and Theresa May's Home Office must heed their thoughtful recommendations or should expect the scorn of technical minds across the UK.

Follow Simon as @webmink on Twitter and Identi.Ca and also on Google+

Enhanced by Zemanta

Share:

Comments

Send to a friend

Email this article to a friend or colleague:


PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.


We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

ComputerworldUK Knowledge Vault

ComputerworldUK
Share
x
Open