Feeds

UK snoop charter: we're already getting all the data anyway

Home Office minister's bizarre confession

  • alert
  • submit to reddit

Internet Security Threat Report 2014

Last week's revelation that the UK government was planning sweeping extensions to RIPA (its snoop enablement legislation, the Regulation of Investigatory Powers Act) has provoked a furore and a mini-climb-down. Instead of attempting to give data seizure powers to every bureaucrat working for virtually every public body in the land today, the order will be put to parliament next Monday.

And at least we've had the grace to rough out some boundaries to who will have the power to access personal data, and in what circumstances. For example, only the chief executive of local councils will have this power, and they will only be able to obtain data which is genuinely relevant to a legitimate enquiry. Allegedly.

Thanks, though, to the reader who pointed us to to a failed exercise in counterspin engaged in by Home Office minister Bob Ainsworth on BBC Radio 4's World at One yesterday. Speaking to Nick Clarke Ainsworth blurted out that the various agencies being covered in the RIPA extension are already collecting data, and that anyway the government is doing "exactly what we said we were going to do."

The latter, incidentally, is a giant, outrageous, blatant, prkie/untruth. The government only managed to get RIPA through parliament in the first place by stressing that it would only be applied if it were a matter of security, and that its application would be restricted largely to the security services. In one sense the government is doing what it said it was going to do, but Ainsworth is actually talking about something quite different from the matter listeners would generally think he was talking about. But we'll get back to that.

Interviewer Clarke suggested that the extensions were clearly going to increase rather than decrease the amount of information the covered agencies could obtain, and Ainsworth answered, intriguingly: "No, it certainly isn't going to increase it... fundamental, that is the fundamental misunderstanding of what we are proposing."

Clarke speculated therefore that "the Food Standards Agency will be less able to get information about dodgy food dealers than it would before under this legislation?" And here's where the blurt about existing practices comes:

Ainsworth: "Allow me to say to you that there are people in the Food Standards Agency now who apply for, in what they think are appropriate circumstances, data about people's communications and they get it. They have no guidance. They are not told when they can and they can't do that and the purpose of the regulations that we're putting in is to say to them clearly 'You can only do that in these circumstances.'"

Ainsworth is here referring to the widespread and uncontrolled snooping already carried out by the British authorities, and alluding slightly to the matter that helped invent RIPA in the first place. European legislation to which the UK is signed up makes much of this illegal, therefore it is necessary to regulate it, which is what he meant earlier when he said the government was doing "exactly what we said we were going to do." Characteristically, we're not going to get a lid on all the snooping - oh no, we're going to make it legal and extend it to all forms of electronic communication while we're about it.

It gets more interesting. Clarke: "But under the current system, if any agency wishes to get hold of information about who emails are being sent to or from, and to the service providers to find out more about who's sending them, they have to go to the police or they have to go through the authorities, don't they?"

Ainsworth: "No. No they don't. That, I mean, that is one of the most fundamental misunderstandings of what we're proposing. It is happening now. For access to the actual detail of what the email or telephone conversation contains you are absolutely right and that's only given access when we are talking about serious crime or terrorism or things like that. But data, the data, is provided now on a regular voluntary basis and we leave those people to take those decisions themselves. Parliament has not given them an effective framework to decide when they should and when they shouldn't make such an application."

An elaboration of "provided now on a regular voluntary basis" would have been helpful, but sadly Bob does not provide one. However, given that the current legal position over "serious crime or terrorism" is relatively clear, the extension to bodies which surely cannot be concerned with such matters implies that Bob is confirming that they're given formal powers to demand whatever information they already get on this mysterious regular voluntary basis. If any ISPs would care to make a clean breast of it, incidentally, we're willing to listen. ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
NSA mass spying reform KILLED by US Senators
Democrats needed just TWO more votes to keep alive bill reining in some surveillance
Bada-Bing! Mozilla flips Firefox to YAHOO! for search
Microsoft system will be the default for browser in US until 2020
Google bags OBSCENELY LARGE Times Square ad space for New Year's
Choc Factory pays millions for whacking new digital screen
'Cleantech' a dirty word for VCs? RUBBISH!
They just think the current schemes are terrible
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.