UK snoop charter: we're already getting all the data anyway
Home Office minister's bizarre confession
Last week's revelation that the UK government was planning sweeping extensions to RIPA (its snoop enablement legislation, the Regulation of Investigatory Powers Act) has provoked a furore and a mini-climb-down. Instead of attempting to give data seizure powers to every bureaucrat working for virtually every public body in the land today, the order will be put to parliament next Monday.
And at least we've had the grace to rough out some boundaries to who will have the power to access personal data, and in what circumstances. For example, only the chief executive of local councils will have this power, and they will only be able to obtain data which is genuinely relevant to a legitimate enquiry. Allegedly.
Thanks, though, to the reader who pointed us to to a failed exercise in counterspin engaged in by Home Office minister Bob Ainsworth on BBC Radio 4's World at One yesterday. Speaking to Nick Clarke Ainsworth blurted out that the various agencies being covered in the RIPA extension are already collecting data, and that anyway the government is doing "exactly what we said we were going to do."
The latter, incidentally, is a giant, outrageous, blatant, prkie/untruth. The government only managed to get RIPA through parliament in the first place by stressing that it would only be applied if it were a matter of security, and that its application would be restricted largely to the security services. In one sense the government is doing what it said it was going to do, but Ainsworth is actually talking about something quite different from the matter listeners would generally think he was talking about. But we'll get back to that.
Interviewer Clarke suggested that the extensions were clearly going to increase rather than decrease the amount of information the covered agencies could obtain, and Ainsworth answered, intriguingly: "No, it certainly isn't going to increase it... fundamental, that is the fundamental misunderstanding of what we are proposing."
Clarke speculated therefore that "the Food Standards Agency will be less able to get information about dodgy food dealers than it would before under this legislation?" And here's where the blurt about existing practices comes:
Ainsworth: "Allow me to say to you that there are people in the Food Standards Agency now who apply for, in what they think are appropriate circumstances, data about people's communications and they get it. They have no guidance. They are not told when they can and they can't do that and the purpose of the regulations that we're putting in is to say to them clearly 'You can only do that in these circumstances.'"
Ainsworth is here referring to the widespread and uncontrolled snooping already carried out by the British authorities, and alluding slightly to the matter that helped invent RIPA in the first place. European legislation to which the UK is signed up makes much of this illegal, therefore it is necessary to regulate it, which is what he meant earlier when he said the government was doing "exactly what we said we were going to do." Characteristically, we're not going to get a lid on all the snooping - oh no, we're going to make it legal and extend it to all forms of electronic communication while we're about it.
It gets more interesting. Clarke: "But under the current system, if any agency wishes to get hold of information about who emails are being sent to or from, and to the service providers to find out more about who's sending them, they have to go to the police or they have to go through the authorities, don't they?"
Ainsworth: "No. No they don't. That, I mean, that is one of the most fundamental misunderstandings of what we're proposing. It is happening now. For access to the actual detail of what the email or telephone conversation contains you are absolutely right and that's only given access when we are talking about serious crime or terrorism or things like that. But data, the data, is provided now on a regular voluntary basis and we leave those people to take those decisions themselves. Parliament has not given them an effective framework to decide when they should and when they shouldn't make such an application."
An elaboration of "provided now on a regular voluntary basis" would have been helpful, but sadly Bob does not provide one. However, given that the current legal position over "serious crime or terrorism" is relatively clear, the extension to bodies which surely cannot be concerned with such matters implies that Bob is confirming that they're given formal powers to demand whatever information they already get on this mysterious regular voluntary basis. If any ISPs would care to make a clean breast of it, incidentally, we're willing to listen. ®
Sponsored: The Nuts and Bolts of Ransomware in 2016