Feeds

Spooks made 1,061 bugging errors in 2010

MI5 accidentally spied on 134 people they didn't mean to

5 things you didn’t know about cloud backup

MI5 wrongly collected subscriber data on 134 telephone numbers as a result of a software error, according to interception of communications commissioner Sir Paul Kennedy's annual report.

A spreadsheet formatting error caused the service to apply for data on the identity of telephone numbers ending in 000, rather than the actual last three digits. "The subscriber data acquired had no connection or relevance to any investigation or operation being undertaken by the Security Service," writes Kennedy.

He adds that the resulting material was destroyed, the formatting fault fixed and numbers are now checked manually before MI5 requests subscriber data from communications providers.

MI5 also acquired data on the histories of 927 internet protocol addresses without authorisation from a sufficiently senior officer, of GD3 rank or above. This was due to an "incorrect setting on the system used by the Security Service," according to Kennedy, although the requests themselves were necessary and proportionate. MI5 has corrected the setting on its systems.

Overall, Kennedy reported that public authorities submitted 552,550 requests for communications data during 2010, and the number is increasing by about 5 per cent a year. He could not give a precise reason for the growth, but said "it is indicative of the growth in communications technology", with "certain police forces" increasing their use.

Nearly two-thirds of requests for communications data – about communications rather than contents – were for subscriber data. This was usually part of an attempt to find the owner of a mobile phone. About a quarter of requests were for traffic data.

Sir Peter Gibson, the intelligence services commissioner, also published his annual report. Having been granted powers under the Identity Cards Act to monitor use of the National Identity Register by intelligence services, he reported that he is "not aware of any acquisition, storage and use made" by such organisations before the register was destroyed earlier this year.

He collected statistics on the number of warrants and authorisations issued to the security and intelligence agencies or armed forces, but these have only been included in a confidential annex. He defended the secrecy by saying publication would "assist those unfriendly to the UK were they able to know the extent of the work" of those agencies.

This article was originally published at Guardian Government Computing.

Guardian Government Computing is a business division of Guardian Professional, and covers the latest news and analysis of public sector technology. For updates on public sector IT, join the Government Computing Network here.

The essential guide to IT transformation

More from The Register

next story
GCHQ protesters stick it to British spooks ... by drinking urine
Activists told NOT to snap pics of staff at the concrete doughnut
Britain's housing crisis: What are we going to do about it?
Rent control: Better than bombs at destroying housing
What do you mean, I have to POST a PHYSICAL CHEQUE to get my gun licence?
Stop bitching about firearms fees - we need computerisation
Top beak: UK privacy law may be reconsidered because of social media
Rise of Twitter etc creates 'enormous challenges'
Redmond resists order to hand over overseas email
Court wanted peek as related to US investigation
Ex US cybersecurity czar guilty in child sex abuse website case
Health and Human Services IT security chief headed online to share vile images
NZ Justice Minister scalped as hacker leaks emails
Grab your popcorn: Subterfuge and slur disrupts election run up
prev story

Whitepapers

Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Advanced data protection for your virtualized environments
Find a natural fit for optimizing protection for the often resource-constrained data protection process found in virtual environments.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.