Feeds

Five bods wrongly cuffed thanks to bungled comms snooping in UK

Report: Web, phone data slurping cocked up nearly 1,000 times in a year

Top 5 reasons to deploy VMware with Tegile

UK cops and spook agencies wrongly fingered five people as criminals after seizing data about their communications, according to a new report.

The Interception of Communications Commissioner's latest dossier [PDF] gave examples of intelligence data used to seize drugs and firearms, stop illegal waste dumping and in one instance catch a con artist - but it also revealed that cock-ups had been made.

In most cases, the officers or agents involved realised their mistake and took no action on the data. However, five people were either wrongly detained or accused of crimes following requests for data about their internet activity (curiously referred to as "Internet Protocol or node name resolutions" in the report). In another error, police were sent to an address where they wrongly believed a child had threatened to harm him or herself.

According to the report, last year cops and spooks sent 570,135 demands for information about folks' texts, emails and other communications to telcos and ISPs. That collected data revealed who got the messages and calls, and where and when - the so-called metadata - rather than the content of said messages. But that information alone can be useful enough for savvy investigators trying to work out what was being discussed.

That number of requests also includes multiple demands made during the same investigation, so the number of people targeted "would be much smaller", the report pointed out.

A total of 3,372 lawful intercept warrants were issued, up 16 per cent on 2011, to actually listen in on the calls or read the messages.

The power to snoop on citizens' private communications is granted by the Regulation of Investigatory Powers Act (RIPA).

Former commissioner Sir Paul Kennedy, who served until the end of 2012, said that 55 breaches of the RIPA law were reported to his office, including seven errors where law enforcement agencies didn't have the authority to seize texts, voicemails and emails. However, he added that none of the mistakes were "malicious or deliberate".

"Each error involved some kind of human error or system related technical problem. In a large number of the 55 error cases, no intercept product was actually obtained and therefore there was no unjustified or unnecessary intrusion," he said.

"In the smaller number of cases where intercept product was wrongly obtained, I have been assured that any such product has been destroyed."

Nearly a thousand errors were made in communications metadata requests, with around 80 per cent being mistakes made by the authorities and another 20 per cent made by the communications service providers.

However, the snooping-on-the-snoopers commissioner said that comms data slurping was still a great way to catch would-be criminals and terrorists.

"Interception and communications data remain powerful techniques in the investigation of many kinds of crime and threats to national security," Sir Paul, who was succeeded at the start of this year by Sir Anthony May, wrote in his report.

"Many of the largest drug-trafficking, excise evasion, people-trafficking, counter-terrorism and wider national security, and serious crime investigative successes of the recent past have in some way involved the use of interception and/or communications data."

Most of the data requests were made by law agencies and spook centres, but 160 local councils across the UK made more than 2,500 of the requests for data to ID criminals for crimes such as dodging their taxes or selling fake goods.

The commission said that a number of measures had been put in place to stop mistakes happening again, including the sage advice to double check all details.

"I am satisfied with the measures put in place by these public authorities and communication service providers and hopefully this will prevent recurrence," the knight of the realm declared. ®

Remote control for virtualized desktops

More from The Register

next story
UK smart meters arrive in 2020. Hackers have ALREADY found a flaw
Energy summit bods warned of free energy bonanza
DRUPAL-OPCALYPSE! Devs say best assume your CMS is owned
SQLi hole was hit hard, fast, and before most admins knew it needed patching
Knock Knock tool makes a joke of Mac AV
Yes, we know Macs 'don't get viruses', but when they do this code'll spot 'em
Feds seek potential 'second Snowden' gov doc leaker – report
Hang on, Ed wasn't here when we compiled THIS document
Mozilla releases geolocating WiFi sniffer for Android
As if the civilians who never change access point passwords will ever opt out of this one
Why weasel words might not work for Whisper
CEO suspends editor but privacy questions remain
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
The Heartbleed Bug: how to protect your business with Symantec
What happens when the next Heartbleed (or worse) comes along, and what can you do to weather another chapter in an all-too-familiar string of debilitating attacks?