Feeds

UK cops must justify using new mobile interception tech

Plods' purchase means they don't need telcos' help anymore

Beginner's guide to SSL certificates

The Metropolitan Police Service (MPS) has bought technology that will allow it to intercept and shut off communications without the help of telecoms companies, according to media reports.

The MPS has acquired a surveillance system that enables data sent over a communications network to be intercepted within an area approximately 10km2 (6.2 square miles), allowing mobile phone users' movements to be tracked "in real time", the Guardian has reported. The system is mobile and can be operated wirelessly and could be used to shut off communications to devices, the newspaper said in its report.

The system was developed by Datong, the Guardian said. Datong is a company that creates systems that "provide the means for the military, law enforcement, security agencies and special forces to gather early intelligence in order to identify and anticipate threat and illegal activity before it can be deployed," according to Datong's website.

Police and other law enforcement bodies have the power to intercept communications under the Regulation of Investigatory Powers Act (RIPA) subject to approval by the Home Secretary.

Marc Dautlich, data protection law expert at Pinsent Masons, the law firm behind Out-Law.com, said that the police have to justify its use of surveillance technology in accordance with human rights laws.

Under the Human Rights Act, individuals are guaranteed the right to privacy surrounding their communications other than if a public authority, such as the police, believe it necessary to interfere with that right "in the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of the rights and freedoms of others".

“What RIPA does is provide a statutory basis to intercept the content of communications and certain ‘traffic data’ associated with them, such as details of the sender and receiver and the time of the communication,” Dautlich said.

“The regime is underpinned by the Human Rights Act, under which individuals have the right to respect for their private and family life, their home and their correspondence (which includes things like phone calls).

"This is a qualified right, meaning that it must be weighed against competing interests, in this case of public safety, the prevention of disorder or crime and potentially also national security. Therefore, any time law enforcement bodies such as the police want to access such communication information proportionality needs to be considered. In a fast moving situation, such as the threat of public riots, assessing these trade offs can clearly be a complex activity, but the principles of proportionality and necessity are clear and must inform any planned use of interception or surveillance measures," Dautlich said.

Under RIPA, the Home Secretary has to assess whether the request to intercept communications is necessary and proportionate in order to protect the UK's national security interests, prevent and detect terrorism and serious crime or to safeguard the UK's economic well-being.

Under the Act, the Home Secretary must consider certain factors relating to the necessity and proportionality of any interception before authorising it, including "whether the information which it is thought necessary to obtain under the warrant could reasonably be obtained by other means".

The Act can be used by law enforcement agencies to force telecoms companies to hand over customers' details in order to tap phone, internet or email communications to protect the UK's national security interests, prevent and detect terrorism and serious crime or to safeguard the UK's economic well-being.

Telecoms companies have a duty under RIPA to hand over communications data it has or could obtain about customers when asked to do so by police unless "it is not reasonably practicable" to do so. The Home Secretary can ask the courts to issue an injunction "or any other appropriate relief" against telecoms firms that fail to comply with their duty under RIPA. The type of injunction that courts can issue is not defined by RIPA.

An exception within the UK's data protection laws also allows police to force organisations to hand over personal data belonging to customers if it is for the purposes of preventing or detecting crime. The laws also prevent organisations telling individuals that they have handed over their personal data if telling them would jeopardise the prevention or detection of crime.

The Data Protection Act sets out lawful grounds for organisations to process personal data, such as consent. It is also unlawful to process the data without having legitimate grounds for collecting and using it and using it in a way that causes unwarranted intrusion on their privacy and may adversely affect individuals.

Dautlich said that if the police determine it is necessary and proportionate to intercept communications on a public telecommunication system then, very broadly, the most pertinent way would be to obtain a warrant from the Home Secretary authorising them to do so.

The MPS said it would not comment on the "specific technology and tactics" it uses as part of its surveillance operations.

"The MPS may employ surveillance technology as part of our continuing efforts to ensure the safety of Londoners and detect criminality," the MPS said in a statement.

"It can be a vital and highly effective investigative tool. Although we do not discuss specific technology or tactics, we can re-assure those who live and work in London that any activity we undertake is in compliance with legislation and codes of practice," it said.

Copyright © 2011, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Secure remote control for conventional and virtual desktops

More from The Register

next story
Same old iPad? NO. The new 'soft SIMs' are BIG NEWS
AppleSIM 'ware to allow quick switch of carriers
Brits: Google, can you scrape 60k pages from web, pleeease
Hey, c'mon Choc Factory, it's our 'right to be forgotten'
Of COURSE Stephen Elop's to blame for Nokia woes, says author
'Google did have some unique propositions for Nokia'
FCC, Google cast eye over millimetre wireless
The smaller the wave, the bigger 5G's chances of success
It's even GRIMMER up North after MEGA SKY BROADBAND OUTAGE
By 'eck! Eccles cake production thrown into jeopardy
Mobile coverage on trains really is pants
You thought it was just *insert your provider here*, but now we have numbers
Don't mess with Texas ('cos it's getting Google Fiber and you're not)
A bit late, but company says 1Gbps Austin network almost ready to compete with AT&T
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.