Internet surveillance in the UK Ian Brown. Signals intelligence Everybody’s at it: Echelon Frenchelon Multinationals “We steal secrets with espionage,

Slides:



Advertisements
Similar presentations
SURVEILLANCE: opportunities and pitfall David Matthias QC and Ryan Kohli.
Advertisements

Overview of the Regulation of Investigatory Powers Act 2000 Andrew Charlesworth University of Warwick 10 June 2002.
Engineering in business and the environment Lesson 5: Environmental legislation relating to noise and waste.
Data Protection & Human Rights. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.
Data Protection Billy Hawkes Data Protection Commissioner Irish Human Rights Commission 20 November 2010.
Introduction to basic principles of Regulation (EC) 45/2001 Sophie Louveaux María Verónica Pérez Asinari.
International Telecommunication Union HIPSSA Project Support for Harmonization of the ICT Policies in Sub-Sahara Africa, Meeting with the Namibia ICT Ministry.
Unit 3 Option 2 Stop and Search & Search of Premises
Supporting and Protecting Adults From Harm Community Planning Board 10 th November 2011 Wendy Hinnie.
CB-Scheme Workshop, Tel-Aviv, 29 June 2010 Standardization and Conformity Assessment in Israel from a Regulator’s Point of View Grisha Deitch Commissioner.
The Adult Support and Protection (Scotland) Act 2007 (“the Act”) Level 1.
Data Protection and Records Management
Higher Administration and IT Administrative Practices.
RIPA John Riddell Weightmans LLP 12 th February 2015.
Who 0wnz the Internet? Ian Brown Oxford Internet Institute Ian Brown Oxford Internet Institute.
Towards a Freedom of Information Law in Qatar Fahad bin Mohammed Al Attiya Executive Chairman, Qatar National Food Security Programme.
Freedom of Information – a brief guide David Evans.
Information Commissioner’s Office: data protection Judith Jones Senior Policy Officer Strategic Liaison – public security 16 November 2011.
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.
Data Protection & Human Rights. Data Protection: a Human Right Part of Right to Personal Privacy Personal Privacy : necessary in a Democratic Society.
Data Protection Overview
An overview of the Data Protection Act Legal framework The Data Protection Act 1998 came into force in March 2001, replacing the Data Protection.
1 OVERVIEW PRESENTATION FREEDOM OF INFORMATION (SCOTLAND) ACT 2002.
The Human Rights Act 1998 Mechanism Sections 1 and 2 of the HRA 1998.
Regulation of Personal Information Daniel Pettitt, Leon Sewell and Matthew Pallot.
PRIVACY. In pairs Work out a definition of the word PRIVACY that you think makes sense You’ve got about 7 minutes...
Sustainable Procurement and Community Benefits Getting ready for Procurement Reform in Scotland Jennifer Marshall.
Asbestos Legal requirements in Jersey Colin Myers Director of Health and Safety.
Human Rights: Civil Rights & Liberties Meryl Mohan Monica Thomas Sherine Rahimi Meryl Mohan Monica Thomas Sherine Rahimi.
EHRs and the European Union – current legislation and future directions. Dr Richard Fitton.
CLOUD AND SECURITY: A LEGISLATOR'S PERSPECTIVE 6/7/2013.
Amicus Legal Consultants THE DEPLOYMENT OF SPECIAL INVESTIGATIVE MEANS IN PROACTIVE ANTI-CORRUPTION INVESTIGATIONS.
Discussion of Campaign Finance Recommendations From the Final Report of the Task Force on Ethics & Campaign Finance Reform Presented by Thomas B. Drage,
The President’s Cabinet Who are they? How are they selected? What do they do?
Access to Public Information in Slovenia Nataša Pirc Musar, LL.B. Commissioner for Access to Public Information The Hague – 24 th -25 th November, 2004.
The European influence on privacy law and practice Nigel Waters, Pacific Privacy Consulting International Dimension of E-commerce and Cyberspace Regulation.
The Eighth Asian Bioethics Conference Biotechnology, Culture, and Human Values in Asia and Beyond Confidentiality and Genetic data: Ethical and Legal Rights.
Powers to stop and Search of Premises POLICE POWERS STOP & SEARCH and SEARCH OF PREMISES.
Privacy and the Civil Commitment Process Allyson K. Tysinger Assistant Attorney General June 4-5, 2008.
The Human Rights Act Mechanism
The Data Protection Act What Data is Held on Individuals? By institutions: –Criminal information, –Educational information; –Medical Information;
ISPA Internet Week Regulatory Session The Regulation of Interception of Communications (RIC) Bill 12 September 2002 Tracy Cohen.
Communications Data Consultations on access and a Code of Practice for voluntary retention Simon Watkin Home Office.
Tad and Terry Legal Issues in ILP. 28 CFR Part 23 The federal rule that governs or provides guidance for these issues. § 23.3 Applicability: These policy.
PROTECTION OF PERSONAL DATA. OECD GUIDELINES: BASIC PRINCIPLES OF NATIONAL APPLICATION Collection Limitation Principle There should be limits to the collection.
PRESENTATION TO SELECT COMMITTEE ON SECURITY AND CONSTITUTIONAL DEVELOPMENT  CONSIDERATION BY PARLIAMENT OF PROCLAMATIONS IN TERMS OF SECTION 26 OF THE.
Data protection and compliance in context 19 November 2007 Stewart Room Partner.
DG Information Society The EU and Data Retention Data Retention Meeting London, 14 May 2003 Philippe GERARD, DG Information Society The positions.
An Introduction to the Privacy Act Privacy Act 1993 Promotes and protects individual privacy Is concerned with the privacy of information about people.
Basic economic freedoms. 1. Free movement of goods The Community shall be based upon a customs union which shall cover all trade in goods and which shall.
Human Rights Act, Privacy in the context of auditing Phil Huggins Chief Technologist, IRM PLC
Product Recall Laws in China Xiangwen Liu Partner King & Wood PRC Lawyers.
Government Agencies. State Department 1789 French Revolution caused us to think about having an agency that deals with other countries Secretary of State.
GCSE ICT Data and you: The Data Protection Act. Loyalty cards Many companies use loyalty cards to encourage consumers to use their shops and services.
Workshop on Privacy of Public Figures and Freedom of Information - Skopje, 9-10 October 2012.
Can you share? Yes you can!! Angus Council Adult Protection Maureen H Falconer, Senior Policy Officer Information Commissioner’s Office.
Lecturer: Lina Vladimirovna Zhornyak, associated professor.
IPR Enforcement in the United Kingdom Kenny Wright Danish Patent and Trademark Office.
Privacy and ‘Big Data’: the European perspective Human Subjects’ Protections in the Digital Age: IRB, Privacy and Big Data Peter Elias, University of Warwick.
Understanding the Snooper‘s Charter
The activities of the state tax authorities
Surveillance around the world
THE NEW GENERAL DATA PROTECTION REGULATION: A EUROPEAN OR A GLOBAL STANDARD? Bart van der Sloot Senior Researcher Tilburg Institute for Law, Technology,
Data Protection: EU & International
PRESENTATION TO SELECT COMMITTEE ON SECURITY AND CONSTITUTIONAL DEVELOPMENT 9 FEBRUARY :00 -11:30 PROCLAMATIONS BY THE PRESIDENT UNDER SECTION 26.
Data protection issues in regulatory investigations
Data Protection & Freedom of Information- An Introduction
Data Protection & Human Rights
The Adult Support and Protection (Scotland) Act 2007
The UK Trade Remedies Regime: Review of Existing EU Trade Orders
Presentation transcript:

Internet surveillance in the UK Ian Brown

Signals intelligence Everybody’s at it: Echelon Frenchelon Multinationals “We steal secrets with espionage, with communications, with reconnaissance satellites” – James Woolsey

Content surveillance Comms intercepts authorised by Secretaries of State under RIPA Agencies 1466 in 2002; 6 per day for Blunkett

“Black boxes” s.12 Capabilities White vans

Lawful access CALEA ETSI IETF

Encryption Diffie, RSA PGP, munitions Key escrow EU export controls

Decryption powers S.49 notices from senior police, Customs etc. impose “disclosure requirements” that may usually be met by production of plaintext Keys may be demanded in special circumstances by chiefs of police, Customs commissioners, etc. Notices may prohibit “tipping-off” 2 and 5-year prison terms

Intelligence concerns “Law Enforcement is a protective shield for all the other governmental activities. You should use the right word - we're talking about foreign intelligence, that's what we're talking about - that's what all this is about. There is no question - that's what it is about. The Law enforcement is a smoke screen, because we all understand law enforcement, policemen, courts, this is something we see everyday in our life. And it's an important element, I'm not suggesting it's not relevant but it is a protective shield for what goes on behind that.” – David Herson, SOGIS

Anti-Terrorism, Crime and Security Act 2001 Introduced shortly after Sep. 11 th Contains provisions for data retention by Communications Service Providers Must be for purposes directly or indirectly related to national security

EU-related actions 2002/58/EC: “Member States may… adopt legislative measures providing for the retention of data for a limited period.” UK: “Nothing in these Regulations shall require a communications provider to do, or refrain from doing, anything (including the processing of data) if exemption from the requirement in question is required for the purpose of safeguarding national security.”

Codes of practice Home Office must first consult on voluntary code of practice Subscriber info, telephony data 12 months; SMS, data 6 months; Web activity 4 days Then mandatory code may be imposed Powers would have expired 13 Dec 2003 but were renewed Nov 2003

Real intentions? Most “business cases” given are well beyond current consultation timeframes Police continue to push for full URLs “There is great merit for having information about subscribers kept for five years and call information for two years” –John Abbot, NCIS

Regulation of Investigatory Powers Act 2000 “Communications data” obtained by self-authorised demand from police, Customs etc. Content requires warrant from government minister

Comms data access purposes in the interests of national security; for the purpose of preventing or detecting crime or of preventing disorder; in the interests of the economic well-being of the United Kingdom; in the interests of public safety; for the purpose of protecting public health; for the purpose of assessing or collecting any tax, duty, levy or other imposition, contribution or charge payable to a government department; for the purpose, in an emergency, of preventing death or injury or any damage to a person’s physical or mental health, or of mitigating any injury or damage to a person’s physical or mental health.

“Snooper’s charter” The Department for Environment, Food and Rural Affairs. The Department of Health. The Home Office. The Department of Trade and Industry. The Department for Transport, Local Government and the Regions. The Department for Work and Pensions. The Department of Enterprise, Trade and Investment for Northern Ireland. Any local authority within the meaning of section 1 of the Local Government Act Any fire authority as defined in the Local Government (Best Value) Performance Indicators Order 2000 The Scottish Drug Enforcement Agency. The Scottish Environment Protection Agency. The United Kingdom Atomic Energy Authority Constabulary. A Universal Service Provider within the meaning of the Postal Services Act 2000 A council constituted under section 2 of the Local Government etc. (Scotland) Act A district council within the meaning of the Local Government Act (Northern Ireland) The Common Services Agency of the Scottish Health Service. The Northern Ireland Central Services Agency for the Health and Social Services. The Environment Agency. The Financial Services Authority. The Food Standards Agency. The Health and Safety Executive. The Information Commissioner. The Office of Fair Trading. The Postal Services Commission.

Information Commissioner view “service providers are entitled to rely heavily on the fact that the Secretary of State and Parliament will have concluded that the retention of communications data for the periods specified in the Code is necessary in order to safeguard national security.” BUT “the proposed regime will lead directly to disclosures under section 22 RIPA which are inconsistent with Parliament's intention in passing ATCSA, and thus arguably unlawful under Article 8”

ISP response No “compelling case” for retention ISPA could not “recommend to members that they voluntarily comply with the proposed code of practice”

Parliamentary response “We can reach no other conclusion than to recommend that the Home Office immediately drop their plans to introduce a voluntary scheme for data retention under ATCS.” “We recommend very strongly that the Government do not… impose a mandatory data retention scheme.” “We recommend that the Home Office enter into a dialogue with the CSP industry to develop an appropriate data preservation scheme to meet the needs of Law Enforcement.”

Home Office response “The Home Office do not consider that the fact that data is held by a communication service provider under the Code of Practice for national security purposes, and not for any other reason, should prevent the police or other public authorities having access to that data when they can demonstrate a proportionate need for it.” “In order to be able to implement what they want, we will have to retain the data, so that it can be accessed to test out whether the intelligence services are right in believing that it is relevant in tackling terrorists. That is how stupid the Liberal Democrats are.” –David Blunkett, Hansard

Remaining questions Can ECHR articles 8 (privacy), 6 (fair trial) and data retention and access be reconciled? Will costs be acceptable?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.