Feeds

Snoopers' charter rests in shallow grave - likely to rise again

The zombie eyes have it

Mobile application security vulnerability report

Analysis The coalition government may need to bring in legislation in the final year of Parliament before a General Election is called that would allow spooks and police to see - at a "given point in time" - if a suspect could be linked to a certain IP address.

In Wednesday's Queen's Speech, her Majesty made no mention of the Tory-led government's plans to introduce a communications data bill - colloquially dubbed a snoopers' charter.

Many senior LibDems, including the party's leader and deputy Prime Minister Nick Clegg, have trumpeted their rejection of Home Secretary Theresa May's proposed law as a big win for privacy activists who were opposed to the "suggestion of blanket retention of everyone’s data". However, a battle continues behind closed doors.

The Register understands that elements of May's bill remain on the table, if not yet on the government's legislative books.

Indeed, the Home Office spent the past five months completely rehashing its proposed law following a mauling from a select committee of MPs and peers in late 2012.

It's hard to believe that the work May's department has done on the redrafted bill to date will not - once again - appear before Parliament.

What is clear is that the plans have been pushed back. However, as noted in a briefing accompanying the Queen's Speech, the main thrust of May's rhetoric about catching criminals using the internet to apparently evade capture has survived. It says:

The government is committed to ensuring that law enforcement and intelligence agencies have the powers they need to protect the public and ensure national security.

These agencies use communications data – the who, when, where and how of a communication, but not its content – to investigate and prosecute serious crimes.

Communications data helps to keep the public safe: it is used by the police to investigate crimes, bring offenders to justice and to save lives. This is not about indiscriminately accessing internet data of innocent members of the public.

Those passages certainly sound an awful lot like the words used repeatedly by May to justify her snoopers' charter.

The Queen said during the opening of Parliament that her government was investigating "the problem of matching internet protocol addresses" and added that proposals would be submitted "to enable the protection of the public and the investigation of crime in cyberspace".

The briefing note expands on this statement. It says:

As the way in which we communicate changes, the data needed by the police is no longer always available. While they can, where necessary and proportionate to do so as part of a specific criminal investigation, identify who has made a telephone call (or sent an SMS text message), and when and where, they cannot always do the same for communications sent over the internet, such as email, internet telephony or instant messaging.

This is because communications service providers [CSP] do not retain all the relevant data.

When communicating over the internet, people are allocated an Internet Protocol (IP) address. However, these addresses are generally shared between a number of people.

In order to know who has actually sent an email or made a Skype call, the police need to know who used a certain IP address at a given point in time. Without this, if a suspect used the internet to communicate instead of making a phone call, it may not be possible for the police to identify them.

At this point the government, which has spent more than £400m on its communications capabilities development programme since 2010, has said it is in talks with the relevant CSPs about the specific "problem" the Home Office has encountered with IP addresses.

Legislation may be needed to resolve the issue, the government said on Wednesday.

May could, then, be hoping to slip a narrower version of her original bill into the 2014 Queen's Speech - the final one before a General Election will happen. In theory, legislation could be hurried through in the wash-up period to swiftly pass law as the end of the LibDem and Tory coalition partnership looms.

The government would need to seek support from the Labour opposition. Ed Miliband's party has indicated that it would legislate for surveillance of Brits' internet activity if it was elected. Indeed, Labour has form in this area having failed to bring in its doomed Interception Modernisation Programme.

For now, though, this is pure conjecture. In the meantime, the Home Office will be pressed to be more open with NGOs and CSPs about its plans to monitor which IP address belongs to whom - which in itself presents some interesting and arguably unworkable technical challenges. ®

Bridging the IT gap between rising business demands and ageing tools

More from The Register

next story
Adam Afriyie MP: Smart meters are NOT so smart
Mega-costly gas 'n' 'leccy totting-up tech not worth it - Tory MP
'Blow it up': Plods pop round for chat with Commonwealth Games tweeter
You'd better not be talking about the council's housing plans
Arrr: Freetard-bothering Digital Economy Act tied up, thrown in the hold
Ministry of Fun confirms: Yes, we're busy doing nothing
ONE EMAIL costs mining company $300 MEEELION
Environmental activist walks free after hoax sent share price over a cliff
Help yourself to anyone's photos FOR FREE, suggests UK.gov
Copyright law reforms will keep m'learned friends busy
Apple smacked with privacy sueball over Location Services
Class action launched on behalf of 100 million iPhone owners
Just TWO climate committee MPs contradict IPCC: The two with SCIENCE degrees
'Greenhouse effect is real, but as for the rest of it ...'
UK government officially adopts Open Document Format
Microsoft insurgency fails, earns snarky remark from UK digital services head
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Securing Web Applications Made Simple and Scalable
Learn how automated security testing can provide a simple and scalable way to protect your web applications.