Protecting information privacy by Charles Raab and Benjamin Goold, University of Edinburgh and University of British Columbia
First Special Report of Session 2003-04, published on February 9. 2004
The Press Complaints Commission is charged with enforcing the following Code of Practice which was framed by the newspaper and periodical industry and was ratified by the PCC in December 2011 to include changes taking effect from 1 January 2012.
Berka, Heindl, Höhne, Noll. Mediengesetz. Praxiskommentar.
Privacy campaigners have called for the lifting of restrictions on the use of existing police and security service powers to monitor the communications of terror suspects, as an alternative to the intrusive £1.8bn “snooper’s charter” legislation.
Privacy campaign group Big Brother Watch says police already have the ability under the Regulation of Investigatory Powers Act (Ripa) code to demand communications data – “who sent what to whom from where and when” – from internet and phone companies on terror and serious crime suspects. The powers are already widely used: 494,078 such requests were made by police and security services in 2011 alone.
But the existing Ripa code of practice means police can only ask the companies to hand over data for a period of up to 30 days and the requests are only valid for one month.
Campaigners say the power would be much more effective if they were able to track such data on terror suspects for an initial period of six months, possibly renewable for longer periods on the decision of a judge.
The move comes as the cabinet secretary, Sir Jeremy Heywood, is believed to be leading attempts to break the coalition logjam over Theresa May’s communications data bill, which was dropped from the Queen’s speech after outright opposition from Nick Clegg.
Heywood’s team is believed to be examining the scope of extending the existing Ripa regime to close the “capability gap” caused by rapidly changing technology, such as Skype and social media, that the home secretary says the communications data bill is needed to address.
The parliamentary scrutiny committee, which included a former cabinet secretary and was chaired by a Conservative ex-Home Office minister, concluded that the legislation, which proposes to track and store for 12 months everybody’s email, social media, internet and mobile use, amounted to overkill.
The MPs and peers said the proposed bill paid too little attention to the right to privacy, adding that ministers needed to curb their zeal to “future-proof” the legislation and instead needed to concentrate on getting the immediate necessities right. They also criticised its £1.8bn costing as “fanciful and misleading”.
May redrew the legislation and put forward proposals that she said would meet the scrutiny committee’s objections. But Clegg still vetoed the rewritten bill, saying it remained “disproportionate and unworkable”.
Emma Carr, deputy director of Big Brother Watch, said: “If someone is suspected of plotting atrocities, it is right they can be put under surveillance. The challenge is that clearly some surveillance requires a lot of manpower, while new technology offers the ability to monitor someone’s communications much more easily. The law already allows people’s houses to be bugged and people followed in the street, and if these powers cannot be applied to digital communications then that is a problem the communications data bill would not fix.”
She said that at present the authorities were hindered from collecting data about an individual for more than 30 days and were unable to use evidence obtained by intercepts in court. “These are serious restrictions that could be removed without a threat to civil liberties,” said Carr.
“So we are faced with a situation where the surveillance of suspected terrorists is not limited by legislation, but by the application of existing law and the resources available to the security services and police. These are issues of significant concern that the snooper’s charter would not have addressed, while diverting billions of pounds from focused surveillance to blanket monitoring of everyone’s internet use.”
The Home Office responded by saying the government was committed to ensuring that law enforcement and intelligence agencies had the powers they needed to protect the public and ensure national security.
“The government is continuing to look at ways of addressing this issue with communication service providers. This may involve legislation,” a spokesman added.
From the itemised records of the 90s through to the detailed records of our online behaviour, it is getting easier to track what we do. There is vastly more information now about our every movement than there ever has been.
Such information can be very useful to law enforcement agencies and other public bodies. There were494,078 requests for ‘communications data’ under the Regulation of Investigatory Powers Act in 2011.
Some of the information about our connected lives is not legally available to law enforcement. Much of it, for example information from social media or our web histories, can be incredibly intrusive. It can reveal intimate details, including where we have been, what we have done, what we believe and who we know.
Through mistakes or abuse, the use of such information can lead to anything from wrongful suspicion through to the settling of scores. Merely the knowledge that what we are doing or saying is being tracked can have a chilling effect.
Just because information is useful to law enforcement does not mean that the state, or law enforcement agencies, or public bodies should be able to order its collection or have access to it. Our privacy rights are essential to ensure that we do not give away the power to collect and use information too cheaply.
The Government’s recent proposals, in the form of the Communications Data Bill, are a manifestation of the temptation to grab data where it exists, and of a failure to consider alternatives to blanket collection and retention of data.
Communications surveillance is a useful exercise. But we ask only that it be placed under the rule of law to ensure the effective and accountable use of what are significant powers.
Combined, the articles in Open Rights Group’s Digital Surveillance report add up to a call for more targeted, more transparent and more accountable surveillance laws. The authors offer a number of useful recommendations for how to achieve this.
Angela Patrick examines the case for judicial oversight in Chapter 2. She notes that oversight is extremely important where surveillance or data access is kept secret from the person investigated.
Caspar Bowden recommends a policy of ‘data preservation’ rather than blanket data retention. He suggests this could include quick response and emergency processes, and means to intelligently and accountably identify targets. He recommends a unified Surveillance Commissioner capable of carrying out a strong, independent audit with “multi-skilled investigators including human rights and computer experts.”
Joss Wright recommends such audits be supported by stringent penalties for misuse of either powers or data, and for greater transparency. Simone Halink recommends building user notification into surveillance law, which would require “individuals to be notified by default of a decision authorising the request for their communications data by law enforcement.“ Delays would be appropriate in exceptional circumstances.
Rachel Robinson of Liberty recommends lifting the ban on the use of intercept evidence in court. Sam Smith of Privacy International recommends investing in law enforcement’s capacity to use and analyse the data already available to them.
Peter Sommer recommends a more overarching review, potentially through a Royal Commission, to properly study surveillance in the digital age.
There is no shortage of ideas that could help inform policy makers’ thinking on surveillance in the digital age. There are other useful resources too. In particular the Draft International Principles on Communications Surveillance and Human Rights, which was put together by a number of civil society groups, provides a “framework against which we can evaluate whether current or proposed surveillance laws and practices are consistent with human rights”.
This includes principles such as user notification, transparency and safeguards against illegitimate access. As Simone Halink points out in her contribution to chapter five, the government’s current proposals fall short when assessed against such principles.
In providing context and recommendations, the articles in this report offer a basis for a conversation about proportionate surveillance laws in the digital age. They are designed to help inform the ongoing policy debate sparked off by the Government’s draft Communications Data Bill and the subsequent inquiry by the Joint Committee.
In urging policy makers to consider these options, we are not picking sides or “putting politics before people’s lives”. We hope instead that the report makes policy makers aware of the many options available as they look to build privacy-friendly and effective surveillance law.
Some of the proposed changes to Europe’s data protection laws would strip citizens of their privacy rights, a coalition of international civil liberties organizations said Thursday.
The European Parliament is currently considering proposals from the European Commission for a complete overhaul of the E.U.’s data protection laws. The original laws date from 1995, the pre-Internet age, and are arguably in great need of an update.
However, the debate about how to update them has been intense. Creating one regulation to replace national data protection and privacy laws in the 27 E.U. countries obviously requires compromise, but many parliamentarians report never seeing lobbying on such a scale before. In an effort to reach some sort of consensus, more than 4,000 changes to the draft text have been proposed.
The civil liberties coalition, which includes Access, Bits of Freedom, EDRI, La Quadrature du Net and Privacy International, has set up a website, nakedcitizens.eu, to help concerned citizens contact their representatives in the Parliament.
The groups have also presented a report based on their analysis of the proposed amendments. “Among the thousands of amendments tabled are a large number that threaten to severely weaken privacy rights in the U.K.,” the report said. “These damaging amendments are largely the result of an unprecedented lobbying storm by big U.S. tech companies, the U.S. government and the advertising industry.
Some of the lobbying positions were published earlier this year at LobbyPlag.eu, a website that compares amendments put forward to the text submitted by lobbyists such as Amazon, eBay and the U.S. Chamber of Commerce.
One suggested amendment would alter the way Web companies could define “consent” to gather data, according to the coalition. Rather than “informed, specific and explicit” consent, companies could “assume consent has been given or to include consent language in hard to understand terms and conditions” the report said.
Another contentious issue is the right to be forgotten. Much of the concern is over the role of search engines. Privacy advocates want to see the burden of proof shifted from consumers justifying why data should be deleted to businesses having to prove why it should be kept.
“Without effective privacy protection, our personal lives are laid bare, to be used and abused by business and governments,” said Joe McNamee of European Digital Rights and spokesperson of the coalition.
The final committee vote in the Civil Liberties Committee of the European Parliament is due to occur on May 29. Once the committee has given its opinion, the proposal will be voted on by Parliament. Only then can it be signed by the member states.
Ireland, which currently holds presidency of the European Union, is keen to see the new law signed before the end of its term July 1.
When police carried out a routine stop-and-search of her boyfriend on the London Underground, Gemma Atkinson filmed the incident. She was detained, handcuffed and threatened with arrest. She launched a legal battle, which ended with the police settling the case in 2010. With the money from the settlement she funded the production of this animated film, which she says shows how her story and highlights police misuse of counterterrorism powers to restrict photography.