Feeds

Surveillance response 'inadequate', say Lords

Upper house forced to do Government's job for them again

Secure remote control for conventional and virtual desktops

The Government's response to a Parliamentary report on the monitoring and legislation surrounding surveillance is "inadequate" and it has "paid insufficient attention" to the report's recommendations, a follow up report has said.

The House of Lords Select Committee on the Constitution produced a report earlier this year which made a series of recommendations on how the law and Government behaviour should change in order to protect citizens and their privacy as data gathering and surveillance becomes more pervasive.

The report said that there should be judicial oversight of surveillance, and that the increasing monitoring of citizens was breaking the bond of trust between the Government and the people.

The Government rejected most of the report's recommendations and claimed that its current and planned policies give an effective balance between personal privacy and state security.

The House of Lords Committee has hit back, saying that the Government's response fails to understand or address the scale of the problem.

"We regret that the Government have not agreed to a number of important recommendations which sought to assist the executive in promoting the responsible and proper use of data processing, including data sharing, together with other modes of surveillance," its response said. "The Government have paid insufficient attention to a number of fundamental points and criticisms made in the Report."

The Lords' analysis of the Government response accused it of seeming to agree with the Lords without outlining any effective action.

"The response reiterates the need to balance privacy with security and other objectives, and to ensure that the principles of necessity and proportionality are adhered to, without sufficiently indicating how this can be achieved," it said.

Much of the Government's response rested on its recommendation that Government departments use privacy impact assessments (PIA) to ensure that policies do not harm people's privacy. The Lords' analysis was scathing about how much good such reports could do.

"While we firmly support PIA, we note that it is almost entirely untried in the British public sector and is therefore not entrenched in the policy process," it said. "Versions of PIA differ in terms of the stringency of their requirements. In the light of this, any suggestion that PIA is a panacea for the issues that we raise must be treated with caution, in particular where further details of the nature of the PIA to be undertaken in each case, and how and by whom it will be evaluated, have not been provided."

The Lords called for privacy regulator the Information Commissioner's Office (ICO) to be allowed to inspect private sector bodies, as well as public sector ones, without their permission. The Government rejected that idea, saying that the Secretary of State could order such inspections. The Lords now say that the Government should make public when this has happened in the past to prove its efficacy.

"The Government state that it is possible for private and third-sector data controllers to be inspected (with notice) if the Secretary of State considers that they are exercising functions of a public nature or under contract to a public authority," the analysis said. "The Government should show when this has occurred. The Secretary of State's powers of intercession in the inspection process should be justified."

The Lords had also called on Government to create primary legislation outlining its surveillance and data processing regime. The Government rejected that call, and the Lords now say that such matters are too important to be left to the discretion of the administration.

"We are disappointed that the Government have not accepted our recommendation … for powers of surveillance and data processing to be set out in primary legislation. We do not believe that it is sufficient for 'basic principles' to be stated in primary legislation, with important details left to secondary legislation," it said.

The analysis of the Government's response to the report is available here.

Copyright © 2009, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Beginner's guide to SSL certificates

More from The Register

next story
Facebook pays INFINITELY MORE UK corp tax than in 2012
Thanks for the £3k, Zuck. Doh! you're IN CREDIT. Guess not
Facebook, Apple: LADIES! Why not FREEZE your EGGS? It's on the company!
No biological clockwatching when you work in Silicon Valley
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
Sysadmin with EBOLA? Gartner's issued advice to debug your biz
Start hoarding cleaning supplies, analyst firm says, and assume your team will scatter
YARR! Pirates walk the plank: DMCA magnets sink in Google results
Spaffing copyrighted stuff over the web? No search ranking for you
Don't bother telling people if you lose their data, say Euro bods
You read that right – with the proviso that it's encrypted
Apple SILENCES Bose, YANKS headphones from stores
The, er, Beats go on after noise-cancelling spat
prev story

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.