Feeds

Govt ministers distance themselves from email spy plan

David Shayler, Lord Cope tell The Reg what they think

  • alert
  • submit to reddit

SANS - Survey on application security programs

Government ministers are distancing themselves from the Draconian surveillance measures proposed by NCIS deputy Roger Gaspar in a report to the Home Office.

The report, asking for all communications data in the UK to be stored for seven years in government-run data warehouses, was leaked to the Observer at the weekend and met with a furious reception.

Today in the FT, top ministers have made it clear in that special way they do without actually telling anyone, that the proposals are not something they will be considering at the moment. Why? Because civil rights folk will go mental and opposition MPs will use it to win political capital. And, oh yes, isn't there a general election coming up soon?

Not that the oppressive, undemocratic, abusive and illegal proposals are to be binned. If we're lucky enough to get Jack Straw as Home Secretary again, we may well see a watered-down version pop up in the Commons.

Last night, we were fortunate enough to be in the company of a good many experts and activists in this field and discussed the matter with them. There was general concern over the report. The fact that the proposals fit very neatly with the RIP Act - detailed logs of suspicious calls, obtained legally, could then be used as justification for invoking RIP legislation, thereby bypassing the safeguards - is enough for Caspar Bowden (Director, Foundation for Information Policy Research) to conclude that the security services had pre-planned this approach.

Roland Perry, CEO of the London Internet Exchange, Linx, surprised us by saying he had had a copy of the report for several months. He saw the report as a speculative effort by the National Criminal Intelligence Service and not to be taken too seriously, although he did admit that the leaked version appeared final in its make-up.

Some debate concerned the suggested cost of the programme. Storage is becoming cheaper and smaller, the report said. It then gave a figure of £20,000 to £25,000 for the annual cost to a Communications Service Provider of storing the data. Quite rightly, the report pointed out that the real cost of the system comes in retrieving the information. Then, basing its calculations on the DNA Database, it suddenly came up with the figure of £9 million a year to run the whole show, with a £3 million initial infrastructure investment. This was broadly seen as conservative.

Which brings us to Conservative peer Lord Cope of Berkeley, who was responsible for getting many of the amendments for the RIP Bill through. Naturally, the dapper gent would not be drawn, suffice to say he was "concerned" and would look at the issue very closely.

Ex MI5 spook David Shayler told us that everyone in the security services would have been "aware" of what the report contained months before publication, before telling us that Brian Clough would have been a great England manager but was held back by being too northern.

Some time was given to the fact that what the report requests already happens informally with BT. BT, for some reason, keeps billing records and logs for five years, whereas nearly all other telecoms companies delete them several months or so down the line, as the data costs more than its intrinsic value to store. The long storage period was seen as a classic example of BT's lack of business sense. BT is happy however - so we were reliably informed - to allow the security services full access to this data when requested.

All that aside, the report does give a valuable insight into NCIS' mind. It sees the issue as bringing the power for it to secure evidence for prosecution up to the level of its power to make a prosecution. Thanks to RIP though, it has managed to get a large, disparate group of people together to fight such proposals, all of which will be watching the progress of the report very carefully. ®

Related Link

The report in full on Cryptome

Related Stories

Police request right to spy on every UK phone call and email
Big Brother awards rock the LSE

3 Big data security analytics techniques

More from The Register

next story
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Audio fans, prepare yourself for the Second Coming ... of Blu-ray
High Fidelity Pure Audio – is this what your ears have been waiting for?
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Record labels sue Pandora over vintage song royalties
Companies want payout on recordings made before 1972
Ex–Apple CEO John Sculley: Ousting Steve Jobs 'was a mistake'
Twenty-nine years later, post-Pepsi exec has flat-forehead moment
Number crunching suggests Yahoo! US is worth less than nothing
China and Japan holdings worth more than entire company
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.