Thursday, November 26, 2009
News: SWIFT Update
The draft plan is significantly different from the resolution issued by the European Parliament on the issue. 'Terrorism' is left undefined, requirements for judicial oversight are nowhere to be seen and the restriction of access to the specific issue of 'terrorism financing' is loosened to "prevention, investigation, detection, or prosecution of terrorism or terrorist financing". Ralf Bendrath has a round up of all these issues and many more.
If a decision is not reached by November 30th, then, as the Lisbon Treaty kicks in on December the 1st, the European Parliament may have much more say in the process (and it is likely to take another 6 months). Germany and Austria are reported to be under pressure to drop their opposition.
News: IMP Still Budgetted for 2016 Release
The Register reveals that the £2Bn remains in the Home Office's financial plans, scheduled for completion in 2016.
News: Facial Recognition Technology to be used at Cardiff Airport
The article refers to the embarassing revelations last year that facial recognition technology in use at Manchester airport was unable to distinguish between pictures of Wynona Ryder and Osama Bin Laden. This happened because the machines initially gave far too many false negatives, and in reponse staff turned the settings so low they effectively 'switched them off'.
Wednesday, November 18, 2009
News: Biometrics to be Used to Identify 'Outsiders' in Afghanistan
Brigadier James Cowan, the new commander of British forces in Afghanistan, gave an interview to the Sunday Times in which he emphasised the importance of reassuring the local population of UK and US ability to provide security.
For the brigadier it is all about challenging the Taliban’s rule of fear: “What you have to do is create communities where people wish to be separate from the enemy because they have the confidence to be separate from them.”
Cowan’s staff have embarked on a huge exercise known as “human terrain mapping”. It involves not only delineating tribal boundaries, but also family networks, land ownership and all the possible grievances that can be exploited by the Taliban.
News: UK T-Mobile Staff Sold Private Data
News: Swiss take Google Street View to Court
Thür's patience has now run out, and his office said in a statement: "In its written response on 14 October 2009, Google for the most part declined to comply with the requests. For these reasons, the FDPIC has decided to take the matter further and to take legal action before the Federal Administrative Court."
AFP notes that Google has insisted it's "absolutely convinced that Swiss View is legal in Switzerland."
News: New Datamining System to Detect 'Deviations' on the High Seas
The idea is that the Office of Naval Intelligence will deploy PANDA at its National Maritime Intelligence Centre in Maryland, where the new tech will be able to monitor tracking information covering much of the watery globe.
As well as information fed in by US warships, monitoring stations, patrol aircraft and so on, the US intelligence community is also known to make extensive use of radar spy satellites able to scan vast swathes of ocean from orbit and pick out any ships.
News: New Policy on UK DNA Retention
The national DNA database is already the largest in the world, with the profiles of 4.5 million people already recorded. They include 850,000 DNA profiles of people who have never been charged with or convicted of a crime. The need to find a new regime follows a landmark ruling in the S and Marper case by the European court of human rights, which ruled that the Home Office's current regime of "blanket and indefinite" retention of innocent people's DNA was illegal.
News: ICO to Fine Companies £500,000 For Serious Data Breaches
1) Deliberate or reckless
2) Of a sort that is likely to cause substantial damage or distress
The post makes two criticisms: first, the proposed cap of £500,000, as large as it might seem, compares less favourably with other regulator's powers to fine up to 10% of an organisations turnover. Second, as the government ultimately pays for many of the organisations in question, imposing large fines may have 'a slightly unreal quality to it'.
Comment: Murderer Requests Wikipedia Anonymity
Some have pointed out that the identity of the actor's killer is a matter of public record, and so some might want to claim that placing this information on Wikipedia makes no difference to the individual's privacy. I find that unconvincing - clearly wikipedia has more prominence than a court record. Where the issue is the criminal's ability to get on with day to day life I'm sure the appearance of the information on Wikipedia makes a material difference.
Surely some information which is interesting and publicly verifiable ought not to appear on Wikipedia because of its intrusiveness. For example, I imagine the past romantic relationships of public figures could be established on at least some occasions, but unless it reveals something of legitimate interest to the public (such as a politician caught in a possible conflict of interest) such material should not be published. Likewise public figures' children, except where they are notable in their own right (as a child actor, say), should basically be left alone. (I assume this is the present policy - Obama's children do not have pages, despite the vast amount of press coverage of their first day of school, their new puppy etc.)
So where does this murderer fit in? As far as I have seen, nobody has argued for any legitimate public interest in the killer's identity - nothing hangs on who did it, it isn't necessary to any understanding of why the actor died, say. As such, I can't see any need for the information to appear in the article.
News: Murderer Requests Wikipedia Anonymity
Under German law, as 15 years have elapsed, he has returned to having the status of any other private citizen and, it is argued, is entitled to anonymity in order to facilitate 'reintegration into society'.
Comment: What's Worse?
Clearly this data is incredibly sensitive, and there are good reasons to want to restrict anyone's access to it. But, were such information to be stored, what would be worse? The idea of a centrally held database tends to make for bigger headlines, calling to mind, as it does, the vision of faceless government bureaucrats poring over our intimate secrets.
And the risk of government officials abusing such private information is indeed one of the reasons one would want to restrict access. But it's only one of the reasons. Surely another is the risk of any sort of public disclosure of this information. It is intrusive for anybody I haven't chosen to do so to view information about who I telephone or what websites I visit. But this information tends to be of much more interest to our neighbours, friends and work colleagues and of virtually zero interest to government. In deciding which is worse, one of the matters I think we should consider is which arrangement makes it less likely for some data breach to result in unauthorised access to my data.
Some will point to the many cases where various levels of government have proven hopelessly careless with our information (to the point of accidentally releasing vetting records with details of debt, extra marital affairs, drug use and use of prostitutes). But I don't think we can simplify this to a case of 'private sector good, public sector bad': some of the most notorious cases of releasing private information have been the fault of businesses - just think of the AOL scandal when records of people's searches were released, to remain posted in the internet to this very day. Private companies have a commercial interest in avoiding such scandals, to be sure, but is that any safer than trusting it to government?
Comment: UK Gov Plans Shelved
I think the Register has this one right. The post makes three points:
1) Next years general election (probably to take place in May) makes this a bad time to bring forward legislation that might provoke negative headlines. (Henry Porter has a nice point about the timing as well: with all the recent column inches covering the 20th anniversary of the Berlin Wall coming down, proposing big increases in surveillance invites comparisons with the Stasi all too easily).
2) Internet Service Providers, whose cooperation is needed for the scheme, are currently resistent. Before proceeding, government has to convince them of its merits and feasibility.
3) The players who want this (GCHQ, SOCA, ACPO, the Security Service, the Child Exploitation and Online Protection Agency and the Met) are not going away anytime soon:
Note that GCHQ and friends will still be around after the next election, as will their demands for IMP.
Ever the political pragmatists, the Tories know this well, and the section of shadow justice minister Dominic Grieve's recent speech on reversing the rise of the surveillance state was notably soft on IMP.
He said a Conservative government would submit the proposals to the Information Commissioner's Office to assess their impact on privacy. The ICO has already said it believes the case for mass surveillance of the internet has not been made.
News: UK Gov Plans to Snoop on Internet and Mobile Use Shelved
The Home Office ditched plans earlier this year for a central database tracking all phone, text, email and internet use. Instead ministers want internet service providers and phone companies to store this data for access by police and security services. The data includes who contacts whom, when, where and how – but not the content of what was said or written.
The Home Office summary of the responses to its consultation published shows that the internet and phone industry want assurances that they will be compensated for the costs involved and also fear technical problems.
Monday, November 16, 2009
Inadequate Information Sharing Again Cited as Key Problem
Monday, November 9, 2009
News: Resolution on International Privacy Standards Adopted
Friday, November 6, 2009
News: UK Local Authority use of RIPA to be Restricted
• raise the rank of the authorising officer to at least director level;
• give elected councillors a role in overseeing how local authorities use covert investigatory techniques;
• require voters' communications with MPs on constituency business to be treated as confidential information, and therefore subject to authorisation by a higher rank of officer;
• treat covert surveillance of legal consultations as "intrusive" rather than "directed" surveillance, meaning it can be carried out only by very few public authorities.
• clarify the test of necessity and proportionality so that powers will not be used to investigate dog fouling or people putting bins out a day early;
News: More than 1 in 10 in UK on DNA Database
News: Companies Clumsily Disclosing your Info may be Forced to go Public
Supporters of such schemes say that the fear of public recriminations for data loss will improve companies' performances, while opponents fear that if every breach is revealed the public will become desensitised to the issue of data loss.
News: Romanian Constitutional Court Strikes Down Data Retention Directive
CCR has accepted the motion for law's unconstitutionality through decision 1258/2009, based on the breach of article 28 of the Romanian Constitution, which stipulates the secrecy of correspondence. Other articles invoked were articles 25, 26 and 30 which deal with freedom of movement, privacy and freedom of expression respectively.
Wednesday, November 4, 2009
Conference News: Madrid Global Privacy Conference & Declaration
Another highlight was an emphatic speech by Stavros Lambrinidis, Vice President of the EU Parliament, declaring that the growing scope of surveillance within the western world is incompatible with democratic society and urging everyone not to simply allow the expanding creep of the level of surveillance to continue unchecked. There is a danger that the ultimate surveillance society will not emerge under a totalitarian regime, he claimed, but rather with citizens’ unreflected “consent.” You can have a look at what else was discussed by calling up the conference agenda here.
One special guest not listed on the program was a representative of Un barrio feliz – a grass-roots movement which has sprung up in opposition to plans to install a system of video surveillance cameras in Madrid’s Lavapiés district. You can view the movement’s blog in Spanish here. One major complaint was that the police have not been forthcoming concerning the plan and the underlying reasons for it. We heard that the local police have cited different grounds for installing camera systems in other neighborhoods (in one case – pick-pocketing, in another – prostitution), and that cameras were needed in Lavapiés because unsavory characters inhabited or frequented the area. The speaker from Un barrio feliz, however, reported that crime statistics indicate that criminal incidents have been decreasing in Lavapiés, making the police’s explanation all the more baffling. Lambrinidis picked up on these examples in his speech to question whether many of the methods of surveillance that have been proposed or implemented could be deemed necessary, proportional, and appropriate in a legal sense.