Feeds

Surveillance response 'inadequate', say Lords

Upper house forced to do Government's job for them again

Website security in corporate America

The Government's response to a Parliamentary report on the monitoring and legislation surrounding surveillance is "inadequate" and it has "paid insufficient attention" to the report's recommendations, a follow up report has said.

The House of Lords Select Committee on the Constitution produced a report earlier this year which made a series of recommendations on how the law and Government behaviour should change in order to protect citizens and their privacy as data gathering and surveillance becomes more pervasive.

The report said that there should be judicial oversight of surveillance, and that the increasing monitoring of citizens was breaking the bond of trust between the Government and the people.

The Government rejected most of the report's recommendations and claimed that its current and planned policies give an effective balance between personal privacy and state security.

The House of Lords Committee has hit back, saying that the Government's response fails to understand or address the scale of the problem.

"We regret that the Government have not agreed to a number of important recommendations which sought to assist the executive in promoting the responsible and proper use of data processing, including data sharing, together with other modes of surveillance," its response said. "The Government have paid insufficient attention to a number of fundamental points and criticisms made in the Report."

The Lords' analysis of the Government response accused it of seeming to agree with the Lords without outlining any effective action.

"The response reiterates the need to balance privacy with security and other objectives, and to ensure that the principles of necessity and proportionality are adhered to, without sufficiently indicating how this can be achieved," it said.

Much of the Government's response rested on its recommendation that Government departments use privacy impact assessments (PIA) to ensure that policies do not harm people's privacy. The Lords' analysis was scathing about how much good such reports could do.

"While we firmly support PIA, we note that it is almost entirely untried in the British public sector and is therefore not entrenched in the policy process," it said. "Versions of PIA differ in terms of the stringency of their requirements. In the light of this, any suggestion that PIA is a panacea for the issues that we raise must be treated with caution, in particular where further details of the nature of the PIA to be undertaken in each case, and how and by whom it will be evaluated, have not been provided."

The Lords called for privacy regulator the Information Commissioner's Office (ICO) to be allowed to inspect private sector bodies, as well as public sector ones, without their permission. The Government rejected that idea, saying that the Secretary of State could order such inspections. The Lords now say that the Government should make public when this has happened in the past to prove its efficacy.

"The Government state that it is possible for private and third-sector data controllers to be inspected (with notice) if the Secretary of State considers that they are exercising functions of a public nature or under contract to a public authority," the analysis said. "The Government should show when this has occurred. The Secretary of State's powers of intercession in the inspection process should be justified."

The Lords had also called on Government to create primary legislation outlining its surveillance and data processing regime. The Government rejected that call, and the Lords now say that such matters are too important to be left to the discretion of the administration.

"We are disappointed that the Government have not accepted our recommendation … for powers of surveillance and data processing to be set out in primary legislation. We do not believe that it is sufficient for 'basic principles' to be stated in primary legislation, with important details left to secondary legislation," it said.

The analysis of the Government's response to the report is available here.

Copyright © 2009, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Internet Security Threat Report 2014

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
JINGS! Microsoft Bing called Scots indyref RIGHT!
Redmond sporran metrics get one in the ten ring
Driving with an Apple Watch could land you with a £100 FINE
Bad news for tech-addicted fanbois behind the wheel
Murdoch to Europe: Inflict MORE PAIN on Google, please
'Platform for piracy' must be punished, or it'll kill us in FIVE YEARS
Bono: Apple will sort out monetising music where the labels failed
Remastered so hard it would be difficult or impossible to master it again
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Sony says year's losses will be FOUR TIMES DEEPER than thought
Losses of more than $2 BILLION loom over troubled Japanese corp
Radio hams can encrypt, in emergencies, says Ofcom
Consultation promises new spectrum and hints at relaxed licence conditions
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.