UK: Home Office plans new surveillance measures

By EDRi · April 11, 2012

This article is also available in:
Deutsch: [UK: Innenministerium plant neue Überwachungsmaßnahmen | https://www.unwatched.org/EDRigram_10.7_UK_Innenministerium_plant_neue_Ueberwachungsmassnahmen]

The Communication Capabilities Development Programme (CCDP) proposed by
UK coalition, meant to extend the police’s access to individuals’ email
and social media traffic data, is facing strong criticism from the
opposition and civil liberties campaigners.

CCDP is likely to be part of Queen’s speech on 9 May and relies on ISPs
to gather the information and allow government intelligence operatives
to scrutinise it. “It is vital that police and security services are
able to obtain communications data in certain circumstances to
investigate serious crime and terrorism and to protect the public,” said
the Home Office spokesman.

An attempt to introduce a similar system has been previously made by the
Labour Party but was dropped in 2009 after concerns regarding the
feasibility of such a project had been raised by ISPs and mobile phone
operators.

Civil liberties campaigners have strongly criticised the new plan
because of the risk that it could breach the privacy of individuals.
Also Mr.David Davis, the former Conservative shadow home secretary,
considers it unnecessary and likely to generate high public resentment.
Davis believes the provisions of RIPA (the Regulation of Investigatory
Powers Act) are already “too loose”, therefore more than enough. “It’s
going to cause enormous resentment. Already thousands of people on the
web are objecting to it. It was dropped by the last government … if it
was so important, they should have kept going last time,” added Davis.

“We need to take action to maintain the continued availability of
communications data as technology changes. Communications data includes
time, duration and dialling numbers of a phone call, or an email
address. It does not include the content of any phone call or email and
it is not the intention of government to make changes to the existing
legal basis for the interception of communications,” stated the Home
Office spokesmen.

But Davis also drew the attention over the fact that the argument of the
government that CCDP does not imply access to the content of
communications was false as, in the case of the Internet, a web address
was content.

According to Privacy International, what the new proposal is seeking is
to require that Google, Facebook and other providers grant government
agencies the same type of access to data that Communication Service
Providers provide. This would place new regulatory burdens upon them and
could set a dangerous precedent for other governments. A second aspect
is that of the installation of black boxes with ISPs, to monitor and
store all communications data, which will bring serious safety concerns.

Moreover, these black boxes, in order to access the communications
data, must intercept all communications streams which are considered as
“content” by law and this is in contradiction with the government
statements. The boxes may have to reconstruct your browsing session in
order to identify your email addressees.

EDRi-member Open Rights Group also raised another important issue – the
fact that government would logically have to break encryption to read
the communications data it wants to access as, especially with the
government reading the traffic, the sites will be very keen to encrypt
the information. For businesses and commerce encryption is a vital tool.

A spokesperson for the Commission commented on 5 April 2012 that UK
Government’s plans to monitor emails would potentially be incompatible
with the right to privacy of UK citizens.

In 2011, the Commission referred the UK to the European Court of Justice
(ECJ) because the privacy of Internet users in the country was not being
adequately protected, leading to amendments to RIPA which now
states that it is generally only legal to intrude on private
communications if you have a warrant or the consent of both the sender
and recipient of information.

Plans for greater email and web monitoring powers spark privacy fears
(2.04.2012)
http://www.guardian.co.uk/world/2012/apr/02/email-web-monitoring-powers-privacy

FAQ: The Communications Capabilities Development Programme (3.04.2012)
https://www.privacyinternational.org/blog/faq-the-communications-capabilities-development-programme

UK net super-snooping clashes with Euro privacy law – expert
Real-time surveillance won’t wash with Brussels says lawyer (4.04.2012)
http://www.theregister.co.uk/2012/04/04/uk_snoop_law_europe_privacy/

Surveillance plans: key questions (3.04.2012)
http://www.openrightsgroup.org/blog/2012/surveillance-plans-key-questions

EDRi-gram: UK: Home Office spy plan (29.02.2012)
http://www.edri.org/edrigram/number10.4/uk-home-office-spy-pla