Monitoring and controlling Internet use

Ian Brown

Human rights in 21st century• “This is as much an issue of modernity as

liberty. We are trying to fight 21st century crime by 19th century means. It hasn't worked. It won't work.”

• “I think these civil liberties arguments are a bit outdated.” –Tony Blair (2006; 2005)

• “advance passenger information, airline bookings and other travel data, passport and biometric data, immigration, identity and border records, criminal records, and other governmental and private sector data, including financial and telephone and other communication records… and in some cases the ability to apply data mining and pattern recognition software to databases, might well be the key to effective pre-emption in future terrorist cases.” –Sir David Omand (2009) p.9

UK surveillance regime• Communications data stored under Data

Retention Regulations 2009…• …accessed using Regulation of Investigatory

Powers Act 2000 (504,073 accesses in 2008)• Interception authorised under RIPA (1712 in

2008):▫ “At one point, I did really think I was going mad. My

whole world was collapsing around me. I was under the most horrendous pressure. I was barely sleeping and yet I was being asked to sign government warrants in the middle of the night.” –David Blunkett MP

“Snooper’s charter”• The Department for Environment, Food

and Rural Affairs. • The Department of Health. • The Home Office. • The Department of Trade and Industry. • The Department for Transport, Local

Government and the Regions. • The Department for Work and Pensions. • The Department of Enterprise, Trade

and Investment for Northern Ireland. • Any local authority within the meaning

of section 1 of the Local Government Act 1999.

• Any fire authority as defined in the Local Government (Best Value) Performance Indicators Order 2000

• The Scottish Drug Enforcement Agency. • The Scottish Environment Protection

Agency. • The United Kingdom Atomic Energy

Authority Constabulary.

• A Universal Service Provider within the meaning of the Postal Services Act 2000

• A council constituted under section 2 of the Local Government etc. (Scotland) Act 1994.

• A district council within the meaning of the Local Government Act (Northern Ireland) 1972.

• The Common Services Agency of the Scottish Health Service.

• The Northern Ireland Central Services Agency for the Health and Social Services.

• The Environment Agency. • The Financial Services Authority. • The Food Standards Agency. • The Health and Safety Executive. • The Information Commissioner. • The Office of Fair Trading. • The Postal Services Commission.

Comms data requests/m people

Data: European Commission review of Data Retention Directive; IMF World Economic Outlook

Proportionality of retaining data•“[70%] of all data are use within 0-3 months

… and [85%] within 0-6 months” (EC review)•“The decision to retain communication data

for the purpose of combating serious crime is an unprecedented one with a historical dimension. It encroaches into the daily life of every citizen and may endanger the fundamental values and freedoms all European citizens enjoy and cherish.” –Article 29 WP Opinion 3/2006

Efficacy of data mining

•~5000 Americans surveilled over 4 years; led to <10 warrants per year

•“[T]here is not a consensus within the relevant scientific community nor on the committee regarding whether any behavioral surveillance … techniques are ready for use at all in the counterterrorist context" –US National Research Council (2008) p.4

Recent court decisions• Bulgarian Supreme Administrative Court blocked

remote Ministry of Interior access to data and security service access without a court order (11 Dec 2008)

• “the obligation to retain the data … as an exception or a derogation from the principle of personal data protection … empties, through its nature, length and application domain, the content of this principle” –Romanian Constitutional Court, 8 Oct 2009

• “such retention represents an especially grave intrusion… it can evoke a sense of being watched permanently” –German Constitutional Court, 2 Mar 2010

Trust us!• “Finding out other people’s secrets is going

to involve breaking everyday moral rules. So public trust in the essential reasonableness of UK police, security and intelligence agency activity will continue to be essential.” –David Omand (2009) p.9

• “I have been impressed by the quality, dedication and enthusiasm of the personnel carrying out this work” –Report of the Interception of Communications Commissioner for 2007 p.2

The Intelligence & Security Cttee• Established by Intelligence Services Act 1994• Lord Foulkes, Lords Hansard 30 Mar 2010:

▫“It has become very clear to us from the difficulties that we and our staff have experienced over the past 12 months that it is no longer appropriate for the committee to be based within the Cabinet Office”

▫“the Cabinet Office is currently obstructing the progress of our general investigator”

• Baroness Neville-Jones: “It needs to be able to do its work and duties effectively because, frankly, its public credibility is at stake.”

Surveillance: public opinion

Source: Eurobarometer #225 Data Protection in the EU, Feb. 2008 p.48

Conclusions•Targetted surveillance, properly overseen by courts and Parliament, is proportionate

•Mass surveillance is not•“Automated identification of terrorists through data mining (or any other known methodology) is neither feasible as an objective nor desirable as a goal of technology development efforts.” –US National Research Council (2008) p.4

References• US National Research Council (2008)

Protecting Individual Privacy in the Struggle Against Terrorists: A Framework for Program Assessment, National Academies Press

• I. Brown & D. Korff (2009) Terrorism and the Proportionality of Internet Surveillance, European Journal of Criminology, 6(2) pp.119-134

• D. Omand (2009) The National Security Strategy: Implications for the UK intelligence community, Institute for Public Policy Research