Feeds

Spooks made 1,061 bugging errors in 2010

MI5 accidentally spied on 134 people they didn't mean to

Top three mobile application threats

MI5 wrongly collected subscriber data on 134 telephone numbers as a result of a software error, according to interception of communications commissioner Sir Paul Kennedy's annual report.

A spreadsheet formatting error caused the service to apply for data on the identity of telephone numbers ending in 000, rather than the actual last three digits. "The subscriber data acquired had no connection or relevance to any investigation or operation being undertaken by the Security Service," writes Kennedy.

He adds that the resulting material was destroyed, the formatting fault fixed and numbers are now checked manually before MI5 requests subscriber data from communications providers.

MI5 also acquired data on the histories of 927 internet protocol addresses without authorisation from a sufficiently senior officer, of GD3 rank or above. This was due to an "incorrect setting on the system used by the Security Service," according to Kennedy, although the requests themselves were necessary and proportionate. MI5 has corrected the setting on its systems.

Overall, Kennedy reported that public authorities submitted 552,550 requests for communications data during 2010, and the number is increasing by about 5 per cent a year. He could not give a precise reason for the growth, but said "it is indicative of the growth in communications technology", with "certain police forces" increasing their use.

Nearly two-thirds of requests for communications data – about communications rather than contents – were for subscriber data. This was usually part of an attempt to find the owner of a mobile phone. About a quarter of requests were for traffic data.

Sir Peter Gibson, the intelligence services commissioner, also published his annual report. Having been granted powers under the Identity Cards Act to monitor use of the National Identity Register by intelligence services, he reported that he is "not aware of any acquisition, storage and use made" by such organisations before the register was destroyed earlier this year.

He collected statistics on the number of warrants and authorisations issued to the security and intelligence agencies or armed forces, but these have only been included in a confidential annex. He defended the secrecy by saying publication would "assist those unfriendly to the UK were they able to know the extent of the work" of those agencies.

This article was originally published at Guardian Government Computing.

Guardian Government Computing is a business division of Guardian Professional, and covers the latest news and analysis of public sector technology. For updates on public sector IT, join the Government Computing Network here.

3 Big data security analytics techniques

More from The Register

next story
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Edward Snowden on his Putin TV appearance: 'Why all the criticism?'
Denies Q&A cameo was meant to slam US, big-up Russia
Banks slap Olympus with £160 MEEELLION lawsuit
Scandal hit camera maker just can't shake off its past
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.