Debate over how much data to keep
|
Where is the line to be drawn when it comes to protecting privacy and respected the law in the digital world, asks technology consultant Bill Thompson.
Last June the Home Secretary, David Blunkett, admitted that his department had made a mistake when they put forward plans to allow a wide range of public bodies to tap into details of who was sending e-mails to whom and which websites people were visiting.
Under the Regulation of Investigatory Powers Act 2000 (RIPA), he is entitled to decide who gets access to this sort of information, called communications data because it is supposed only to show who is talking to whom rather than reveal what was being said.
But when he suggested that everyone from government departments to local authorities should be able to ask for e-mail records without even having to apply to a court for a warrant, the resulting furore was enough to convince even this most bull-headed of politicians to think again.
Or rather, to tell his civil servants to come up with something that was more acceptable and likely to work.
Waiting for responses
Sadly, the history of government use of computers is littered with examples of the abuse of databases
|
Now we know what they have been doing for the past nine months, and we have got until 3 June to let them know what we think of their new plans.
Newsgroups, mailing lists, weblogs and discussion sites across the UK internet are already filled with abstruse debates about data retention categories, GSM session keys and the technical minutiae of monitoring in the digital world.
The Home Office can look forward to a large number of submissions from interested and occasionally well-informed groups and individuals.
There are in fact two consultations going on at the same time, and two separate laws being discussed.
Complicated arguments
Home Secretary wanted wider surveillance online
|
The first, RIPA, decides who gets to see what. The second, the Anti-Terrorism Crime and Security Act, decides what data should be stored and for how long, on the sensible basis that access is only possible if the information is actually there to be looked at.
So it specifies what communications data should be retained by telephone companies and internet service providers.
The arguments over retention are as messy and complicated as those about access.
Some of them are purely economic, since arranging to keep these records requires large databases and big servers.
Communications service providers are businesses, and having to pay up to store data just in case a police officer wants to track a suspect does not seem like a good idea to them.
But the real issues are political, not technical or economic, and the decision about storage has already been made: it is going to happen.
If we accept that, then how do we ensure that this information is only used correctly, by authorised people carrying out legitimate searches on a legally-sound basis?
Sadly, the history of government use of computers is littered with examples of the abuse of databases, from Inland Revenue staff looking at the tax records of famous people, through gangsters getting access to the Police National Computer, to policemen using the vehicle registration system to find the addresses of attractive women drivers.
Technological solutions
I imagine we will see a lot more people engaged in surveillance avoidance in future, if the current proposals become law
|
Wherever the state has assembled data about citizens, that data seems to have been abused, either by individuals within the system or by the secret service, military or police acting in what they claim to be the national interest.
It is therefore very hard indeed to feel comfortable when the Home Office asks us to trust it with details of all our e-mail exchanges, website visits and chat room meetings, even if those same databases could help locate terrorists or convict criminals.
There is some cause for optimism in the suggestion that abuse of the powers granted under the legislation could be made a criminal offence.
However being able to prosecute a customs officer who uses e-mail records to track an unfaithful partner is not the same as being able to stop MI6 trawling through people's web logs looking for interesting patterns.
Normally I do not agree with those who advocate technological solutions to what are essentially political problems.
When it comes to copyright and file-sharing, we need good laws rather than the latest version of Kazaa. But this one is different.
Anyone with the remotest concern for their personal privacy can encrypt their e-mails, although this does not hide the details of who you are talking to or stop the police getting a warrant demanding that you hand over your messages.
Surveillance avoidance
I see no reason to live my online life in a glass house, observed at every step
|
Other tools are available to protect privacy, and once the new laws are in place we can expect to see e-mail anonymisers, international web proxies which hide the address of the site you are looking at, and many other privacy services.
Their use is likely to increase substantially.
Avoiding taxes is perfectly legal - nobody is expected to pay tax which they do not properly owe - while tax evasion is both morally and legally unacceptable.
I imagine we will see a lot more people engaged in surveillance avoidance in future, if the current proposals become law.
Then we can let the Home Office have the laws they want but limit the amount of personal data they hold.
It may not be the outcome they desire, but I see no reason to live my online life in a glass house, observed at every step, just to satisfy the police's desire to be able to track my contacts should I fall under suspicion.
Disclaimer: The BBC may edit your comments and cannot guarantee that all emails will be published.
Bill Thompson is a regular commentator on the BBC World Service programme Go Digital.
~RS~q~RS~~RS~z~RS~26~RS~)
One-Minute World News
News services
E-mail this to a friend
Printable version
