Feeds

UK net super-snooping clashes with Euro privacy law - expert

Real-time surveillance won't wash with Brussels says lawyer

The essential guide to IT transformation

The personal information that must be stored on record about you

Telecoms firms are required to retain identifying details of phone calls and emails, such as the traffic and location, to help the police detect and investigate serious crimes, the Directive states. The details exclude the content of those communications.

Law enforcement bodies in the UK also already have the power to intercept individuals' communications in certain circumstances. RIPA enables law enforcement bodies to intercept communications by requiring telecoms providers to hand over certain information they hold.

Telecoms companies have a duty under RIPA to hand over communications data it has or could obtain about customers when asked to do so by police unless "it is not reasonably practicable" to do so. The Home Secretary can ask the courts to issue an injunction "or any other appropriate relief" against telecoms firms that fail to comply with their duty under RIPA. The type of injunction that courts can issue is not defined by RIPA.

However, first the law enforcement bodies must obtain the Home Secretary's authorisation to intercept the communications.

Under RIPA the Home Secretary has to assess whether the request to intercept communications is necessary and proportionate in order to protect the UK's national security interests, prevent and detect terrorism and serious crime or to safeguard the UK's economic well-being.

Under the Act the Home Secretary must consider certain factors relating to the necessity and proportionality of any interception before authorising it, including "whether the information which it is thought necessary to obtain under the warrant could reasonably be obtained by other means".

The Act can be used by law enforcement agencies to force telecoms companies to hand over customers' details in order to tap phone, internet or email communications.

Wynn said that ISPs and social media networks could face technological challenges in complying with real time access requests and that GCHQ would face "information overload" unless real time access was suitably focused.

"Whether it is feasible or not to access real time communications data without the content of those communications being disclosed depends on whether there is the technology available to deliver that information quickly – otherwise ISPs will struggle to comply through no fault of their own," Wynn said.

"Given the enormous number of transactions involved there is also the danger that GCHQ will suffer from information overload, trying to sift through millions of calls, emails, texts and web visits to find what they are looking for in real time, rather than analysing patterns in historic data instead.”

The Home Office said communications data was "vital" to law enforcement investigations into "serious crime and terrorism and to protect the public," according to a report by the Guardian.

"We need to take action to maintain the continued availability of communications data as technology changes. Communications data includes time, duration and dialling numbers of a phone call, or an email address. It does not include the content of any phone call or email and it is not the intention of government to make changes to the existing legal basis for the interception of communications," the Home Office spokesman said.

"As set out in the Strategic Defence and Security Review we will legislate as soon as parliamentary time allows to ensure that the use of communications data is compatible with the government's approach to civil liberties," the spokesman said, according to a report by the BBC.

Under the Human Rights Act individuals are guaranteed the right to privacy surrounding their communications other than if a public authority, such as the police, believe it necessary to interfere with that right "in the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of the rights and freedoms of others".

Copyright © 2012, Out-Law.com

Out-Law.com is part of international law firm Pinsent Masons.

The essential guide to IT transformation

More from The Register

next story
Super Cali signs a kill-switch, campaigners say it's atrocious
Remote-death button bad news for crooks, protesters – and great news for hackers?
UK government accused of hiding TRUTH about Universal Credit fiasco
'Reset rating keeps secrets on one-dole-to-rule-them-all plan', say MPs
Caught red-handed: UK cops, PCSOs, specials behaving badly… on social media
No Mr Fuzz, don't ask a crime victim to be your pal on Facebook
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
Ex US cybersecurity czar guilty in child sex abuse website case
Health and Human Services IT security chief headed online to share vile images
Don't even THINK about copyright violation, says Indian state
Pre-emptive arrest for pirates in Karnataka
The police are WRONG: Watching YouTube videos is NOT illegal
And our man Corfield is pretty bloody cross about it
Felony charges? Harsh! Alleged Anon hackers plead guilty to misdemeanours
US judge questions harsh sentence sought by prosecutors
prev story

Whitepapers

A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Maximize storage efficiency across the enterprise
The HP StoreOnce backup solution offers highly flexible, centrally managed, and highly efficient data protection for any enterprise.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.