Jack the RIPA: Blighty cops ignore law, retain innocents' comms data

Prime minister: Nothing to see here, go about your business

Build a business case: developing custom apps

British cops are abusing the right to snoop on communications data by holding information on innocent people for far too long, a report from the Commissioner for Interception has found.

Sir Anthony May, the commissioner, wanted to counteract the "general relatively uninformed fear" that shadowy government agencies were snooping into the private lives of individuals.

However, in his annual report (PDF), he confessed that cops, spooks and bureaucrats were gathering information on an industrial scale under powers granted by Section 57(1) of the Regulation of Investigatory Powers Act 2000 (RIPA).

Last year the number of interception warrants issued was down from 3372 to 2760 from the previous year, although communications data which is not relevant to an investigation is often stored for too long. This data is meant to be deleted more or less immediately.

"Related communications data are in some instances retained for a variety of longer periods," wrote Sir Anthony. "I have yet to satisfy myself fully that some of these periods are justified and in those cases I have required the agencies to shorten their retention periods or, if not, provide me with more persuasive reasons for keeping the material for the current periods."

During 2013, there were 2,760 interception warrants granted, which allow investigators to access the full contents of a target's communications. These warrants are issued in the interests of national security, during probes into serious crime or to protect British economic interests and allow target's communications to be monitored for up to six months.

There were 57 "interception errors" reported last year, with almost one in five (19 per cent) due to the incorrect address being targeted. 11 per cent of interception mistakes were due to investigators failing to get proper legal permission for surveillance, while five per cent were blamed on investigators snooping on the wrong phone number.

The most common reason for errors was put down to "inadequate discharge of sections 15/16 duties". This could happen when a foreign target entered the UK and investigators continued to spy on them or if malfunctioning systems continued to snoop on targets after an investigation had ceased.

During 2013 there were also 514,608 authorisations and notices for the collection of communications data, which Sir Anthony said "has the feel of being too many". The number excludes urgent oral requests which are made in times of emergency. During 2013 alone, 42,293 notices were given orally.

This data includes the "who, when and where" of communications, but not the content. It is made up of three parts: traffic data, which identifies the sender and recipient of any communications as well as the time; service use information, which is the sort of information contained on a phone bill, and subscriber information, which is the information a person hands over whenever they sign up with a communications service provider.

Three quarters (76.9 per cent) of the requests were filed with the intention of preventing crime, with 11.4 per cent made to protect national security.

Some 87.7 per cent of these notices were filed by law enforcement agencies, with just one per cent filed by local authorities and what the report termed "other" public bodies. Intelligence agencies made 11.5 per cent of the rest of the requests.

The report went on to admit that the numbers could be way off the mark because public authorities store statistics in different ways. For instance, one police force might file three applications for the interception of a specific phone number on the same form, while another force filed each request separately.

"In my view the unreliability and inadequacy of the statistical requirements is a significant problem which requires attention," Sir Anthony continued.

The commissioner reassured the innocent folk of Britain that spooks were not interested in tracking their every text message, email or phone calls.

"I am quite clear that any member of the public who does not associate with potential terrorists or serious criminals or individuals who are potentially involved in actions which could raise national security issues for the UK can be assured that none of the interception agencies which I inspect has the slightest interest in examining their emails, their phone or postal communications or their use of the internet, and they do not do so to any extent which could reasonably be regarded as significant," he wrote.

"The interception agencies do not engage in indiscriminate random mass intrusion by misusing their powers under RIPA 2000 Part I. It would be comprehensively unlawful if they did. I should be required to report it to the Prime Minister. I am personally confident from the work I have undertaken throughout 2013 and to date that no such report is required.

The commissioner insisted that RIPA was still relevant to the modern age, even though it was conceived before the September 11th 2001 attacks on the World Trade Centre and the widespread adoption of the internet as a primary method of communication.

Commenting on the report, Prime Minister David Cameron said: “The report makes clear the Commissioner’s view that RIPA is fit for purpose, despite advances in technology. He also finds that interception agencies undertake their roles conscientiously and effectively, and that public authorities do not engage in indiscriminate random mass intrusion.”

Yes, Prime Minister. ®

Gartner critical capabilities for enterprise endpoint backup

More from The Register

next story
True fact: 1 in 4 Brits are now TERRORISTS
YouGov poll reveals terrible truth about the enemy within
Hello, police, El Reg here. Are we a bunch of terrorists now?
Do Brits risk arrest for watching beheading video nasty? We asked the fuzz
Snowden on NSA's MonsterMind TERROR: It may trigger cyberwar
Plus: Syria's internet going down? That was a US cock-up
UK government accused of hiding TRUTH about Universal Credit fiasco
'Reset rating keeps secrets on one-dole-to-rule-them-all plan', say MPs
Caught red-handed: UK cops, PCSOs, specials behaving badly… on social media
No Mr Fuzz, don't ask a crime victim to be your pal on Facebook
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
NBN Co claims 96 mbps download speeds for FTTN trial
Umina trial also delivers 30 mbps uploads, but exact rig used not revealed
Don't even THINK about copyright violation, says Indian state
Pre-emptive arrest for pirates in Karnataka
prev story


Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
BYOD's dark side: Data protection
An endpoint data protection solution that adds value to the user and the organization so it can protect itself from data loss as well as leverage corporate data.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?