Feeds

Surveillance response 'inadequate', say Lords

Upper house forced to do Government's job for them again

High performance access to file storage

The Government's response to a Parliamentary report on the monitoring and legislation surrounding surveillance is "inadequate" and it has "paid insufficient attention" to the report's recommendations, a follow up report has said.

The House of Lords Select Committee on the Constitution produced a report earlier this year which made a series of recommendations on how the law and Government behaviour should change in order to protect citizens and their privacy as data gathering and surveillance becomes more pervasive.

The report said that there should be judicial oversight of surveillance, and that the increasing monitoring of citizens was breaking the bond of trust between the Government and the people.

The Government rejected most of the report's recommendations and claimed that its current and planned policies give an effective balance between personal privacy and state security.

The House of Lords Committee has hit back, saying that the Government's response fails to understand or address the scale of the problem.

"We regret that the Government have not agreed to a number of important recommendations which sought to assist the executive in promoting the responsible and proper use of data processing, including data sharing, together with other modes of surveillance," its response said. "The Government have paid insufficient attention to a number of fundamental points and criticisms made in the Report."

The Lords' analysis of the Government response accused it of seeming to agree with the Lords without outlining any effective action.

"The response reiterates the need to balance privacy with security and other objectives, and to ensure that the principles of necessity and proportionality are adhered to, without sufficiently indicating how this can be achieved," it said.

Much of the Government's response rested on its recommendation that Government departments use privacy impact assessments (PIA) to ensure that policies do not harm people's privacy. The Lords' analysis was scathing about how much good such reports could do.

"While we firmly support PIA, we note that it is almost entirely untried in the British public sector and is therefore not entrenched in the policy process," it said. "Versions of PIA differ in terms of the stringency of their requirements. In the light of this, any suggestion that PIA is a panacea for the issues that we raise must be treated with caution, in particular where further details of the nature of the PIA to be undertaken in each case, and how and by whom it will be evaluated, have not been provided."

The Lords called for privacy regulator the Information Commissioner's Office (ICO) to be allowed to inspect private sector bodies, as well as public sector ones, without their permission. The Government rejected that idea, saying that the Secretary of State could order such inspections. The Lords now say that the Government should make public when this has happened in the past to prove its efficacy.

"The Government state that it is possible for private and third-sector data controllers to be inspected (with notice) if the Secretary of State considers that they are exercising functions of a public nature or under contract to a public authority," the analysis said. "The Government should show when this has occurred. The Secretary of State's powers of intercession in the inspection process should be justified."

The Lords had also called on Government to create primary legislation outlining its surveillance and data processing regime. The Government rejected that call, and the Lords now say that such matters are too important to be left to the discretion of the administration.

"We are disappointed that the Government have not accepted our recommendation … for powers of surveillance and data processing to be set out in primary legislation. We do not believe that it is sufficient for 'basic principles' to be stated in primary legislation, with important details left to secondary legislation," it said.

The analysis of the Government's response to the report is available here.

Copyright © 2009, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Combat fraud and increase customer satisfaction

More from The Register

next story
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Record labels sue Pandora over vintage song royalties
Companies want payout on recordings made before 1972
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
Edward Snowden on his Putin TV appearance: 'Why all the criticism?'
Denies Q&A cameo was meant to slam US, big-up Russia
Judge halts spread of zombie Nortel patents to Texas in Google trial
Epic Rockstar patent war to be waged in California
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
prev story

Whitepapers

SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.