Feeds

UK.gov plans 'consensus' on PAYG phone registry

Voda leads opposition to mobe registry plan

Combat fraud and increase customer satisfaction

The Home Office insisted today it had taken no decision on whether to force Britons to present photo ID when they buy a pay-as-you-go (PAYG) mobile phone.

However, it confirmed it does plan to "consult" on the issue in the hope of forcing building a "consensus", despite immediate opposition to the plan from the world's biggest mobile mobile operator outside China.

The Times reported at the weekend that anyone who buys a mobile telephone may in future be forced to register their identity. It said that phone buyers would have to present a passport or other official form of identification at the point of purchase.

The Home Office's exact position on this issue was given by a spokesperson today. He said: "The communications revolution has been rapid in this country and because of changes in technology the way in which we collect communications data needs to change too. If it does not we will lose this vital capability that we currently have and that we all take for granted in fighting and solving crime.

"Of course there is a balance between privacy and our liberty which is why we have said we will be consulting on this and seeking a political consensus. No decisions have been taken and we will be consulting in the New Year."

It's the same line on the forthcoming Communications Data Bill given in a speech by Jacqui Smith last week. In plain English, it's half justification for the new überdatabase, and half a slightly weasely way of pointing out that nothing is yet set in stone. It certainly does not rule out any cunning schemes being hatched in the squeaky clean non-smoky (since summer 2007) backrooms of the Home Office.

A Vodafone spokeswoman was more forthright. She said:

Vodafone does not support mandatory registration for its pre-pay customers and has not made any 'contingency plans' to start requiring registration for the purposes of a Government data collection scheme.

PAYG services hold an important role in terms of preventing a digital divide in communications. There is no need for a credit check and if customers do not have a permanent base, or a passport, they are not excluded from using these services.

The rationale for this move is one familiar to fans of Spooks. Your average terrorist villain is well aware that before indulging in any skullduggery, the correct procedure is to buy a PAYG mobile, pass it to your contact (in a plain brown envelope), who will then use it to make one phone call, before disposing of it in the nearest bin.

But requiring PAYG users to register their use of phones would not of course put a stop to that sort of thing, as would-be terrorists can always bring in phones from abroad or steal mobiles to order. Pointing out such loopholes could count as giving away info that could assist a terrorist, so we won't (See s.58 of the Terror Act 2000).

In fact, the government might argue that it is only following the model already adopted in countries as various as Norway, France, Russia, Spain and – allegedly – the USA. However, this ignores cultural differences and the fact that legislation designed to make us safer has a nasty habit of spawning ever more draconian measures to fill in the loopholes.

Two immediate flaws that spring to mind are the fact that to make such a scheme work, yet more pressure would be placed on all UK citizens to possess a passport or some other form of ID. And to stop criminals abusing the scheme people selling phones in shops would need to be security-vetted.

As for placing PAYG details on the überdatabase, it's consistent with plugging every last communications loophole. So, really, we should not be surprised if the government does eventually propose this measure.

For now can rest easy with the Home Office fervent declaration it "has no plans" – and trust that they won't suddenly discover such plans hidden in the back of a cupboard over the Christmas period. ®

SANS - Survey on application security programs

More from The Register

next story
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
Whoever you vote for, Google gets in
Report uncovers giant octopus squid of lobbying influence
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Alphadex fires back at British Gas with overcharging allegation
Brit colo outfit says it paid for 347KVA, has been charged for 1940KVA
Jack the RIPA: Blighty cops ignore law, retain innocents' comms data
Prime minister: Nothing to see here, go about your business
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.