Feeds

Parliament to unleash barrage of criticism on Snoopers' Charter

Unseen spook Farr back again with plan to tap the UK net

Build a business case: developing custom apps

The joint parliamentary committee scrutinising the government’s Communications Data Bill - universally dubbed the “Snoopers' Charter” - is set to slate the draft law in its official report published tomorrow.

Most of the committee members felt the Home Office had failed to make a convincing case for the scale of requested powers required to monitor British citizens' activities online, The Register has learnt. Home Secretary Theresa May said the proposed surveillance law would "save lives" and help cops catch more paedophiles and terrorists.

But the committee's MPs and peers are likely to encourage the police and law enforcement agencies to work out a much simpler scheme that the public can trust. The message is likely to be “go back to the drawing board and come and talk to us when you have something fresh”. As regular Register readers will know, the surveillance plans now being re-examined have been touted to successive governments by the intelligence services for years with little change to any details other than the name.

The MPs are likely to offer fierce opposition to the proposals, which would allow the Home Office to wire network traffic probes into the public internet anywhere it chose, for this or any successor government to use for any purpose it chose.

The value for money of the £2bn scheme will also be criticised at a time when the police's technical crime-fighting resources are being severely scaled back.

The report will be another setback for the Home Secretary: in 2010 the former Director of Public Prosecutions Lord Macdonald was asked to review her plan to monitor citizens online. He previously called the project to mine the UK internet:

A paranoid fantasy which would destroy everything that makes living worthwhile. This database would be an unimaginable hellhouse of personal private information. It would be a complete readout of every citizen's life in the most intimate and demeaning detail.

Tomorrow the joint parliamentary committee investigating the draft law will be backed, unexpectedly, by a normally well housetrained government lap cat: the specially vetted parliamentary Intelligence and Security Committee, which works behind the veil of secrecy.

The two panels' highly critical reports will be an expected disappointment for the Home Office. They are the latest in a series of spectacular disasters for career spy Charles Farr, who three years ago had hoped to land the top job at the Secret Intelligence Service (MI6) and become “C”.

So close yet so Farr

For the third time, but for the first time in public and in plain view of netizens, his attempts to get Britain’s domestic internet completely tapped by GCHQ and the other intelligence agencies appears to have fallen apart.

As chair of the Olympic Security Board, Farr also oversaw this year’s G4S security fiasco in which he found out days before the 2012 Games began that his chosen security contractors had not trained the necessary security guards. Thousands of troops and police had to be drafted in to take their places.

For more than five years, Farr has been the secret hand behind the state’s electronic surveillance plan. Appointed by Gordon Brown in July 2007 as the first Director General of the Office for Security and Counter Terrorism and notionally as his National Security Adviser, Farr began by masterminding a strategy to mine private information. Within months, he had clawed £1bn from the Treasury for a new Interception Modernisation Programme (IMP), intended to give GCHQ spooks ISP-level access to all UK internet communications.

The GCHQ plan – known internally as “Mastering The Internet” (MTI) - was first and exclusively revealed by The Register in May 2009. Subsequent developments have confirmed the accuracy of El Reg’s scoop.

When the coalition government took over, Con-Lib ministers had to come to terms with the clear promises they had made to block new surveillance laws. Farr had to bide his time for a year. His Labour-era Interception Modernisation Program was rebranded as the safer-sounding “Communications Capability Development Program” (CCDP). Nothing else changed.

Farr made elementary blunders in successive appearances before MPs and peers this year, pointing up the exercise as a smokescreen to distract attention from the core purpose of the new laws - to help GCHQ and defence contractors Detica install their planned data mining network at all major UK ISPs.

He stumbled and stuttered when asked to explain how the government had come up with claimed savings of £5bn to offset the costs of the CCDP. He could not justify the expenditure at a time when austerity cuts have forced police budgets down 20 per cent and knocked back the work of police high-tech and e-crime units across the country.

At first, Farr refused to be seen or photographed, according to parliamentary sources, and repeatedly asked to give his evidence in secret and in private. This cut no ice with the scrutinising committee. His British TV debut can now be viewed on the UK Parliament website (audio only).

Claims of phone companies storing data come unstuck

Farr launched his evidence to the committee with a series of astonishing slip-ups, claiming that “Communications Service Providers (CSPs) no longer retain for their own business purposes communications data as we know it ... they do not generate it ... there is nothing to which they (the CSPs) can get access”.

Asked to “elaborate” by a committee member, Farr claimed that “in the old days” providers kept itemised phone bill records “on a call-by-call duration-by-duration destination-by-destination basis” but that now, as customers often “no longer pay per transaction, [but] pay per month or per year”, telcos “have much less interest in bits of data”.

“30 years ago, BT may have kept data because they needed it in order to bill people correctly,” he said.

Farr’s claim was inaccurate and historically impossible, as the electromechanical exchanges of the early 1980s could not and did not generate call data records. What is now called “itemised billing” did not generally exist for many years thereafter. Now, far from the authorities’ access to communications records being reduced - as the smokescreen story went - it has blossomed with the introduction of the Regulation of Investigatory Powers Act (RIPA) in 2000, and the Data Retention Directive of 2009.

Farr claimed – on the basis of a secret study the Home Office refused to allow the joint committee to see – that police and intelligence agencies can currently see 75 per cent of communications data, but that that would be magicked up to 85 per cent if parliament would pass his new law and approve a £2bn spend over the next ten years.

Even on this basis, Farr’s team admitted that one in six communications links would remain unseen. Nor would minor ISPs be targeted for compulsory interception using Deep Packet Inspection (DPI) systems, leaving plenty of dark cyberspaces where the customary internet spectres, paedophiles and terrorists could continue to operate unseen and unseeable. Quite how a plan with so many gaping holes could be a value-for-money UK security system was a concept that the government side struggled futilely to put forward.

85 per cent of exactly what would be harvested by the new system was never fully explained, but in a second session the officials confirmed that they were hoping to acquire access to encrypted webmail links, Skype VoIP calls and other private systems. They could not explain how they would defeat and thus destroy encrypted SSL (Secure Socket Layer) terminal-to-server protection used to thwart malicious attacks and interceptions. Nor could they explain clearly why it would not be better simply to ask Google, Microsoft and Skype to help UK law enforcement as they already do.

The obvious problem, the committee was told, was that Google and others have to comply with US privacy laws, and that they publish information about what customers’ data they hand over. These and similar providers said that they could only legally respond to justified and specific requests, as opposed to data mining trawls across all available data.

The government also prevented the heads of British intelligence from being examined by the MPs and peers as to the real reasons for the bill. The Home Office then landed a spectacular own goal when, days before the committee started work, MI5 chief Jonathan Evans was allowed to give a public lecture claiming that it would be “extraordinary and self-defeating if terrorists and criminals were able to adopt new technologies in order to facilitate their activities” and if parliament refused to give MI5 what it wanted.

The Home Office still banned him from explaining his case to Parliament.

Build a business case: developing custom apps

More from The Register

next story
Just TWO climate committee MPs contradict IPCC: The two with SCIENCE degrees
'Greenhouse effect is real, but as for the rest of it ...'
Adam Afriyie MP: Smart meters are NOT so smart
Mega-costly gas 'n' 'leccy totting-up tech not worth it - Tory MP
'Blow it up': Plods pop round for chat with Commonwealth Games tweeter
You'd better not be talking about the council's housing plans
Arrr: Freetard-bothering Digital Economy Act tied up, thrown in the hold
Ministry of Fun confirms: Yes, we're busy doing nothing
ONE EMAIL costs mining company $300 MEEELION
Environmental activist walks free after hoax sent share price over a cliff
Help yourself to anyone's photos FOR FREE, suggests UK.gov
Copyright law reforms will keep m'learned friends busy
Apple smacked with privacy sueball over Location Services
Class action launched on behalf of 100 million iPhone owners
UK government officially adopts Open Document Format
Microsoft insurgency fails, earns snarky remark from UK digital services head
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.