Feeds

UK cops must justify using new mobile interception tech

Plods' purchase means they don't need telcos' help anymore

High performance access to file storage

The Metropolitan Police Service (MPS) has bought technology that will allow it to intercept and shut off communications without the help of telecoms companies, according to media reports.

The MPS has acquired a surveillance system that enables data sent over a communications network to be intercepted within an area approximately 10km2 (6.2 square miles), allowing mobile phone users' movements to be tracked "in real time", the Guardian has reported. The system is mobile and can be operated wirelessly and could be used to shut off communications to devices, the newspaper said in its report.

The system was developed by Datong, the Guardian said. Datong is a company that creates systems that "provide the means for the military, law enforcement, security agencies and special forces to gather early intelligence in order to identify and anticipate threat and illegal activity before it can be deployed," according to Datong's website.

Police and other law enforcement bodies have the power to intercept communications under the Regulation of Investigatory Powers Act (RIPA) subject to approval by the Home Secretary.

Marc Dautlich, data protection law expert at Pinsent Masons, the law firm behind Out-Law.com, said that the police have to justify its use of surveillance technology in accordance with human rights laws.

Under the Human Rights Act, individuals are guaranteed the right to privacy surrounding their communications other than if a public authority, such as the police, believe it necessary to interfere with that right "in the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of the rights and freedoms of others".

“What RIPA does is provide a statutory basis to intercept the content of communications and certain ‘traffic data’ associated with them, such as details of the sender and receiver and the time of the communication,” Dautlich said.

“The regime is underpinned by the Human Rights Act, under which individuals have the right to respect for their private and family life, their home and their correspondence (which includes things like phone calls).

"This is a qualified right, meaning that it must be weighed against competing interests, in this case of public safety, the prevention of disorder or crime and potentially also national security. Therefore, any time law enforcement bodies such as the police want to access such communication information proportionality needs to be considered. In a fast moving situation, such as the threat of public riots, assessing these trade offs can clearly be a complex activity, but the principles of proportionality and necessity are clear and must inform any planned use of interception or surveillance measures," Dautlich said.

Under RIPA, the Home Secretary has to assess whether the request to intercept communications is necessary and proportionate in order to protect the UK's national security interests, prevent and detect terrorism and serious crime or to safeguard the UK's economic well-being.

Under the Act, the Home Secretary must consider certain factors relating to the necessity and proportionality of any interception before authorising it, including "whether the information which it is thought necessary to obtain under the warrant could reasonably be obtained by other means".

The Act can be used by law enforcement agencies to force telecoms companies to hand over customers' details in order to tap phone, internet or email communications to protect the UK's national security interests, prevent and detect terrorism and serious crime or to safeguard the UK's economic well-being.

Telecoms companies have a duty under RIPA to hand over communications data it has or could obtain about customers when asked to do so by police unless "it is not reasonably practicable" to do so. The Home Secretary can ask the courts to issue an injunction "or any other appropriate relief" against telecoms firms that fail to comply with their duty under RIPA. The type of injunction that courts can issue is not defined by RIPA.

An exception within the UK's data protection laws also allows police to force organisations to hand over personal data belonging to customers if it is for the purposes of preventing or detecting crime. The laws also prevent organisations telling individuals that they have handed over their personal data if telling them would jeopardise the prevention or detection of crime.

The Data Protection Act sets out lawful grounds for organisations to process personal data, such as consent. It is also unlawful to process the data without having legitimate grounds for collecting and using it and using it in a way that causes unwarranted intrusion on their privacy and may adversely affect individuals.

Dautlich said that if the police determine it is necessary and proportionate to intercept communications on a public telecommunication system then, very broadly, the most pertinent way would be to obtain a warrant from the Home Secretary authorising them to do so.

The MPS said it would not comment on the "specific technology and tactics" it uses as part of its surveillance operations.

"The MPS may employ surveillance technology as part of our continuing efforts to ensure the safety of Londoners and detect criminality," the MPS said in a statement.

"It can be a vital and highly effective investigative tool. Although we do not discuss specific technology or tactics, we can re-assure those who live and work in London that any activity we undertake is in compliance with legislation and codes of practice," it said.

Copyright © 2011, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

High performance access to file storage

More from The Register

next story
A black box for your SUITCASE: Now your lost luggage can phone home – quite literally
Breakfast in London, lunch in NYC, and your clothes in Peru
Broadband Secretary of SHEEP sensationally quits Cabinet
Maria Miller finally resigns over expenses row
Skype pimps pro-level broadcast service
Playing Cat and Mouse with the media
Beat it, freetards! Dyn to shut down no-cost dynamic DNS next month
... but don't worry, charter members, you're still in 'for life'
Like Google, Comcast might roll its own mobile voice network
Says anything's possible if regulators approve merger with Time Warner
EE dismisses DATA-BURNING glitch with Orange Mail app
Bug quietly slurps PAYG credit - yet EE denies it exists
Turnbull leaves Australia's broadband blackspots in the dark
New Statement of Expectations to NBN Co offers get-out clauses for blackspot builds
Facebook claims 100 MEEELLION active users in India
Who needs China when you've got the next billion in your sights?
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
HP ArcSight ESM solution helps Finansbank
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.