privacy – Page 4

Further details on the new UK government’s Civil Liberties agenda

The UK full coalition agreement between the Conservatives and Liberal Democrat parties has just been published. It includes a section on civil liberties which is much more than we could have hoped for and which makes no mention of rolling back the Human Rights Act or the more ludicrous fringe Conservative demands… In full it is as follows:

“The parties agree to implement a full programme of measures to reverse the substantial erosion of civil liberties under the Labour government and roll back state intrusion.

This will include:

• A freedom or great repeal bill;

• The scrapping of the ID card scheme, the national identity register, the next generation of biometric passports and the Contact Point database;

• Outlawing the fingerprinting of children at school without parental permission;

• The extension of the scope of the Freedom of Information Act to provide greater transparency;

• Adopting the protections of the Scottish model for the DNA database;

• The protection of historic freedoms through the defence of trial by jury;

• The restoration of rights to non-violent protest;

• The review of libel laws to protect freedom of speech;

• Safeguards against the misuse of anti-terrorism legislation;

• Further regulation of CCTV;

• Ending of storage of internet and email records without good reason;

• A new mechanism to prevent the proliferation of unnecessary new criminal offences.”

All of these points are excellent. They lack detail of course, and the devil is always in the detail, and I would have liked to have seen a little more on what would be included in the ‘great repeal’ given that later it only talks about ‘safeguards’ against the abuse of anti-terrorism laws, but really this is as good as anyone could have hoped for, even, though they may not admit it, many of the more socially-liberal Labour Party supporters. The reform of libel laws and commitment to transparency is equally as welcome as the rolling back or regulation of surveillance, and this seems to extend into other parts of the agreement for the reform of government and elections. I hope the eventual full programme will also include some rationalisation of the crazy landscape of multiple ‘commissions’ to regulate different aspects of state-citizen information relations, in favour of an expanded and more powerful Information Commissioner’s Office, but we will see. However, this is a great start (and I never, ever, thought I would be saying that about a Conservative government…).

Google vs. Privacy Commissioners Round 1

Google and a group of Information and Privacy Commissioners have been having an interesting set-to over the last couple of days. First, a group including Canada’s Privacy Commissioner and the UK’s Information Commissioner sent a letter to Google expressing concern about their inadequate privacy policies, especially with regard to new developments like Buzz, Google’s new answer to Facebook.

Then Google put up a post on its blog, unveiling a new tool with maps out various governments requests for censorship of Google’s internet services. Interestingly, it framed this by reference to Article 19 of the Universal Declaration on Human Rights.

So now we have two sets of bodies referring to different ‘human rights’ as the basis for their politics. Of course they are not incompatible. Google is right to highlight state intervention in consensual information-sharing as a threat, but equally the Privacy Commissioners are right to pull up Google for lax privacy-protection practices. The problem with Google is that it thinks it is at the leading edge of a revolution in openness and transparency (which not coincidentally will lead to most people storing their information in Google’s ‘cloud’), and the problem with the Privacy Commissioners is that they are not yet adapting fast-enough to the multiple and changing configurations of personal privacy and openness that are now emerging as they have to work with quite outdated data-protection laws.

This won’t be the end, but let’s hope it doesn’t get messy…

UK Government to Increase Postal Surveillance

For a long time now, the Royal Mail has been a service that prided itself on confidentiality. Historian, David Vincent, noted in his 1998 book, The Culture of Secrecy in Britain 1832-1998, that one of the first major scandals over surveillance in the modern era was the 1844 scandal when an Italian exile, Joseph Mazzini, who was resident in London, discovered that the British government were secretly opening his mail. The prompted discussion in the House of Commons and outrage that such low ‘foreign’ practices were taking place in Britain.

In reality, of course the mail of targets of intelligence services is opened and read regularly, but in law in the UK, if mail is going to be opened – and this can only be done by HM Revenue & Customs (HMRC) – the recipient has to be notified and present when it is done. Indeed, it’s been one of the characteristic complaints about many different states’ recent attempts to extend so-called ‘lawful access’ provisions to electronic mail and Internet sites by requiring ISPs to retain traffic data and provide it to the state upon request, that this goes far beyond what has ever been done with mail, except in totalitarian societies like the former East Germany, whose Stasi were notorious for opening letters either secretly or in many cases, quite openly.

So, the UK has now, it seems, decided to redress the balance. It will not of course, hold back on the lawful access provisions regarding electronic communications in the Telecommunications Bill. No, of course not. Instead, according to the Guardian this weekend, it is planning what they had probably hoped would be a quiet little amendment to the Postal Services Act, removing any requirement to notify people when their mail is to be opened. I am sure there will be the usual ‘safeguards’ and ‘codes of conduct’, in other words, the voluntary provisions which hae characterised recent British government’s pathetic and limited attempts to provide for privacy and other civil rights. But essentially, this is the end of any generalised assumption of confidentiality of the mail in Britain. It runs contrary to the European Convention on Human Rights (and therefore the UK Human Rights Act too). Every time you think there is no way the government could get any more repressive and get away with it, they do – will it be different this time?

German Constitutional Court shoots down new ‘Lawful Access’ Provisions

Germany’s Constitutional Court is one of the few such national institutions that has been brave enough to interpret the right to privacy as actually meaning something that might outweight the state’s desire to know. According to the BBC, in a really strong decision, it has just ruled that a 2008 law, requiring all telecommunications traffic data to be stored for 6 months, violated privacy rights of citizens and should be struck out. Germany had already threatened to veto the European Union’s Telecommunications Directive 2006/24/EC (which came into force last year), a move which prompted the Council of Minister to take the unethical and devious step of redefining the Directive as belonging to the ‘commercial’ field (which requires only majority vote) as opposed to being a matter of ‘security’ (in which there has to be unanimity). We will now see what is the reaction of the German government to their own law being declared unconstitutional, and indeed, what international reverberations this have – the USA will certainly not like this.

(Thanks to ‘Unkraut’ for the pointer)

What now for the UK’s anti-terrorism laws?

On the 12th of January, the European Court of Human Rights (ECHR) ruled in the case of Gillan and Quinton v. the United Kingdom, that UK police powers to randomly stop and search people under Sections 44-47 of The Terrorism Act (2000) were unlawful. This is the third recent ruling by the ECHR against the current direction of the UK’s security policies (after the ruling in S. and Marper v. the UK, against the police retaining DNA profiles and fingerprints from people not convicted of any offence). It also follows the furore over the London Metropolitan Police’s interpretation of Sections 43, 44 and 58s of The Terrorism Act in relation to public photography.* The case was brought by two people, Pennie Quinton a journalist who was on her way to cover a demonstration against an arms fair in London in September 2003,, and Kevin Gillan, who was cycling past.

Section 44 allows the police to stop and search anyone on the basis of a ‘reasonable suspicion’ that they may be in posssession of information or items that may be useful in committing an act of terrorism. The case in the ECHR was on several principles, most of which were rejected, but most importantly the Court found that arbitrary stop and search dis violate Article 8 of the European Convention, on the right to privacy. This was because “the use of the coercive powers conferred by the legislation to require an individual to submit to a detailed search of his person, his clothing and his personal belongings amounts to a clear interference with the right to respect for private life”.

Furthermore the UK government once again argued, as it did equally unsuccessfully in the case of Peck v. UK back in 2003, that Article 8 did not apply as there was no right privacy in public places. This argument, the Court not only rejected but actually argued that the publicness of the stop and search made the violation of privacy worse:

“Although the search is undertaken in a public place, this does not mean that Article 8 is inapplicable. Indeed, in the Court’s view, the public nature of the search may, in certain cases, compound the seriousness of the interference because of an element of humiliation and embarrassment. Items such as bags, wallets, notebooks and diaries may, moreover, contain personal information which the owner may feel uncomfortable about having exposed to the view of his companions or the wider public.”

This was a well-thought out ruling which made the arguments pretty clear. However the response of the UK government, as in the DNA case, leaves a lot to be desired. In fact, it has basically said, “make me”! The government intends to ignore the ruling in everyday practice, as it did with Peck, and will continue to allow police to carry out such searches whilst it appeals the case. This also means that there will be no disciplinary action against any officer who follows this policy, despite its now being unlawful.

*This of course is by no means over either, and there will be a mass photography action, “I’m a Photographer Not a Terrorist!”, on January 23rd at 12 Noon, Trafalgar Square in London.

Olympic surveillance legacies

David Loukidelis, the Information and Privacy Commissioner of British Columbia, speaking today at The Surveillance Games workshop, has made it quite clear that his office does not want the Winter Games to leave a legacy of securitization in the city or indeed, fear (as the Assistant Federal Privacy Commissioner, Chantal Bernier, put it), in the consciousness of its residents. In particular he argued that the 600 (yes, 600) cameras that are being installed at the Olympic venues and beyond should not be allowed to remain after the games. I hope that his office is able to deliver on this view, but I doubt that it will. As Kevin Haggerty and Phil Boyle have noted, security architecture is now an actual deliverable of the Olympics, and as many other researchers have shown, such architecture, including in particular CCTV but also adjusted local or national laws on the thematic and spatial limits of protest and freedom of expression (which, as Michael Vonn of the BCCLA and Chris Shaw, a leading anti-games activist, are describing at this very moment in the conference, are themselves often illegal and unconstitutional) tends not only to persist but to act as a kind of Trojan Horse for an expanded surveillance. And as Vonn’s group has also shown – the city is building a permanent CCTV control centre as part of the security architecture for the Games, and you don’t do that for cameras that are going to be removed.

RIPA to be limited

The UK Home Office is finally publishing plans to reform the Regulation of Investigatory Powers Act (RIPA) which defined in law the surveillance powers open to hundreds of government bodies. You can see what I have previously said about the consultation here. The consultation on RIPA actually had 7 major questions. The Home Office has now responded to all the opinions offered during the consultation. In more detail, this is what was said:

1. Taking into account the reasons for requiring the use of covert investigatory techniques under RIPA set out for each public authority, should any of them nevertheless be removed from the RIPA framework?

Response: basically, none should be removed. Although the Home Office noted that many respondents had objections, they didn’t feel they added up. Indeed this section also seems to include extensions of the powers (or clarifications that act effectively as extensions) for example the ability of the Child Maintenance and Enforcement Commission (the replacement for the Child Support Agency), to have access to telecommunications data to investigate fathers required to pay child support. These extensions may be warranted or not, but they show the tendency for what Gary Marx long ago called ‘surveillance creep’ to occur – the saving of telecommunications data has increased since RIPA was proposed and now RIPA will be used to allow new agencies access to this data.

They also note that they will not be returning any of these investigatory functions to the police. This is interesting because later they use the reason of non-interference in law-enforcement for denying elected councillors detailed oversight. So this confirms a trend to less and less accountable law enforcement.

2. If any public authorities should be removed from the RIPA framework, what, if any, alternative tools should they be given to enable them to do their jobs?

Response: given the previous response, it is not surprising that no real change is proposed here. The Home Office in fact insists that more emphasis should be placed on overt surveillance by local authorities (like CCTV) in order to reduce the need to resort to RIPA’s covert surveillance!

3. What more should we do to reduce bureaucracy for the police so they can use RIPA more easily to protect the public against criminals?

This wasn’t a question that I ever noticed critics of RIPA asking. Some agencies seem to have objected to the amount of paperwork around RIPA and The Home Office “agrees that it is in no-one’s interests for documentation to be unnecessarily time-consuming” and they, for once, insist on a proper auditable trail that can help protect privacy. They say in any case, applications are already down massively.

There is an interesting note that suggests the increasing use of RIPA for counter-terrorism activities which is left rather open – “the Government is facilitating the work of police collaborative units, such as the regional counter-terrorist units… This means officers seeking to use techniques under RIPA will be able to apply to authorising officers in different forces, where the Chief Officers have made a collaboration agreement that permits this”, in other words that RIPA might be used for massive, blanket undercover surveillance operations. Now that certain wasn’t what the government has recently claimed it was intended for – although of course, as anyone with any kind of memory will recall, it was exactly the justification used for passing it.

4. Should the rank at which local authorities authorise the use of covert investigatory techniques be raised to senior executive?

Response: The media reports thus far have focused on the plan to limit the authorisation of such practices to council chief executives and directors – a recommendation made by the House of Lords Constitution Committee – what the Home Office actually recommends is to restrict the decision to a rather wider set: ‘Director, Head of Service, Service Manager or equivalent’. So, no junior officers any more, which is good, but not necessarily senior managers only. They also recommend having a compliance officer designated, which is good if they genuinely work on active and ethical compliance rather than thinking of excuses in retrospect.

5. Should elected councillors be given a role in overseeing the way local authorities use covert investigatory techniques?

Response: yes they should, but it should be ‘strategic’ and limited to once a year setting of policy and strategy with quarterly oversight meetings. They argue, as I mentioned earlier, that non-interference in law-enforcement is a good reason for keeping elected officials away from the details… Councillors in the UK have been increasingly hamstrung in the way that they can oversee their supposed bureaucracy, even to the point where they have been fined and suspended for criticising their own officers. Some real control would be welcome (after all, that is what the purpose of local democracy should be).

6. Are the Government’s other proposed changes in the Consolidating Orders appropriate?

Response: the Home Office basically rejected all the respondents’ comments on the proposals.

7. Do the revised Codes of Practice provide sufficient clarity on when it is necessary and proportionate to use techniques regulated in RIPA?

Response: the codes of practice will be made clearer. No more guidance will be given. The Guardian says that the proposals will ‘ban’ the use of RIPA for ‘minor matters’ but I can’t really see that they do this, and the points of such codes is usually to avoid recourse to the law by encouraging a voluntary self-regulation; it is how CCTV is largely – and incredibly ineffectively – regulated in the UK too.

Lies, Damned Lies and CCTV Statistics…

Earlier today, I reported on reports that claimed that 96% of US citizens support video surveillance. Now, thanks to Vicki Contavespi, and the people at BRS Labs who commissioned the survey from Harris Interactive, I have the raw figures. And, unsurprisingly enough, whilst they aren’t ‘lies’, they don’t quite show what the headlines suggested – just as my headline, a quote often attributed of course to Disraeli, is also an overstatement of the case at hand. This is a very interesting survey. There were quite a few questions asked, and I don’t have time to go through all of them here now, but I will just deal with the question of ‘support’ for video surveillance and break it down just a little more.

First of all, the main questions on the acceptability of video surveillance (and other surveillance techniques) are couched in an particular way that is common in market research. The lead question is “How strongly do you agree or disagree with each of the following statements?” There is then a list of statements, which each have four options: strongly agree, somewhat agree, somewhat disagree, and strongly disagree. There is no ‘neutral / don’t care / no opinion’ option, which might have taken out many of those in the ‘somewhat’ categories on either side. The headline figures used then, of course, elide the ‘strongly’ and ‘somewhat’ figures.

For video surveillance, there are two main statements, firstly, “The federal government should be able to utilize video surveillance as long as my personal privacy is not invaded”, and secondly, “Local law enforcement should be able to use surveillance cameras to monitor public places.” The first question already contains a bias, in that is specifies a situation of no privacy invasion. This effectively nullifies the most common objection to video surveillance, and especially for those for whom the Federal Government is a intrinsically suspicious entity. The second, interestingly, doesn’t have this proviso, but then ‘local law enforcement’ isn’t ‘the Feds’ and generally does not attract the same antipathy. But the lack of a qualifying statement might provide a better clue to US public attitudes on video surveillance overall. For the first statement, the ‘headline’ figure of agreement is 82% and the second is 78%. However this disguises the fact that ‘strong agreement’ is much more limited, 36 and 35% respectively. And if you add up the ‘somewhat agree’ and ‘somehat disagree’ figures, you get 57% and 58%, which indicates to me that the majority of US people don’t have strong opinions for or against CCTV. See – statistics are all about what you are looking for in them!

What is even more interesting is that the question was then asked: “Which of the following aspects of video surveillance cameras, if any, concern you?” You would think that, given the headline and press release, that the survey showed no real concerns about CCTV. But that really isn’t the case at all. In fact, 88% of respondents said they were concerned by at least one of the listed aspects of video surveillance. Now remember, you’ve only got 18% or 22% who said that they disagreed with CCTV in terms of the question posed above, so this means that even most of the people who supported CCTV to whatever degree of strength, had concerns and most had more than one concern. This is quite striking. The main concerns were “not knowing what will be done with the information that is gathered ” (66%), “The fact that recorded footage can be used to mistakenly incriminate me” (61%), “Not knowing the background of whoever may be watching” (60%), “Not knowing how often and where I might be watched” (50%) and “The fact that photographs can be taken of me without permission” (48%). The only one on which there was significant difference between men and women seems (and I haven’t done any statistical analysis of the difference) to be over the concern about how often and where people might be watched, about which women were more likely to be concerned than men. In fact, in the whole survey, there appear to be no real overt differences in response based on gender.

So where, you might well be asking, does this 96% support figure come from? I searched through the tables some distance for the 96% figure before I found it. It certainly doesn’t refer to generalised support, but comes in response to the following question: “Which of the following areas, if any, do you think should be monitored by video surveillance in an effort to help protect U.S. citizens?” A-ha! So we have a question that implies the use of video surveillance somewhere, and that it will be used specifically to help protect US citizens (none of those foreigners!). The question is clearly pushing the respondents towards a positive answer. But here too things are not quite what the headlines claimed. Certainly, 96% of respondents said that video surveillance should be used in some areas. However, it is only in “Airports” (92%), “Public transportation” (85%) and “Seaports” (82%) that there is an overwhelming vote of confidence (though quite why seaports are considered to be less at risk or would benefit less from video surveillance than airports, I am not quite sure – the ghosts of 9/11 hover, I suppose).

“Public schools/Universities” barely scrape a majority (53%), and one wonders what the figures would be if they split universities and schools (and indeed different levels of school). “Playgrounds” only hit 39% – not so much of the common British ‘think of the kiddies’ paranoia here perhaps – “Businesses” – where of course surveillance is actually more likely to be found than anywhere else! – doesn’t manage a third (32%) and “Local neighborhoods”, which is the only unequivocal ‘public space’ category is only on 22%. Why not parks? Why not city centre streets? It is of course these places where the real controversy and the real fire and debate over CCTV lies. And the indications from this survey are that the more personal, the more intimate, the more there is a sense of ‘community’, the less likely US citizens are to accept video surveillance, even if it is couched in the overly positive way it is here.

And there is a question whose answers demonstrate further the complexity here. And, ironically, the percentage of respondents who replied to the question “Which of the following, if any, do you think are currently the biggest threats to your personal privacy?” with one of more concerns was – you guessed it – 96%! The major concerns were actually mostly from private or criminal surveillance: “identity theft” (74%), “Internet security threats” (70%) and “Unknown individuals who handle my personal information” (60%). Only 33% were concerned about federal or local government, but this isn’t surprising when this category is headed, as it is in the survey, “Big Brother”! Who is going to admit to being scared of ‘Big Brother’? And if you are going to give a silly popular stereotype as a potential answer, then the other categories should be similarly labelled… And why wasn’t this 96% the lead-in for the media?

As I said, there is a lot more in here too, and despite its flaws, this is an interesting survey which has much to it than meets the eye if you just read the media reports.

More military robots…

A story in the Daily Mail shows two new military robot surveillance devices developed for the UK Ministry of Defence’s Defence and Equipment Support (DES) group. The first is a throwable rolling robot equipped with multiple sensors, which can be chucked like a hand-grenade and then operated by remote-control. The second is another Micro-(Unmanned) Aerial Vehicle (Micro-UAV or MAV), a tiny helicopter which carries a surveillance camera. There have been rolling surveillance robots around for a while now (like the Rotundus GroundBot from Sweden), but this toughened version seems to be unique. The helicopter MAV doesn’t seem to be particularly new, indeed it looks at least from the pictures, pretty similar to the one controversially bought by Staffordshire police in Britain – which is made by MicroDrones of Germany.

The proliferation of such devices in both military and civil use is pretty much unchecked and unnoticed by legislators at present. Media coverage seems to be limited to ‘hey, cool!’ and yes, they are pretty cool as pieces of technology, but being used in useful humanitarian contexts (for example, rolling robots getting pictures of a partially-collapsed building or MAVs flying over a disaster zone) is a whole lot different from warfare, which is a whole lot different again from civilian law enforcement, commercial espionage or simple voyeuristic purposes. As surveillance gets increasingly small, mobile and independent, we have a whole new set of problems for privacy, and despite the fact that we warned regulators about these problems back in 2006 in our Report on the Surveillance Society, little government thought seems to have been devoted to these and other new technologies of surveillance.

The use of robots in war is of course something else I have become very interested in, especially as these flying and rolling sensor-platforms are increasingly independent in their operation and, like the US Predator drones employed in Afghanistan and Pakistan or the MAARS battlefield robot made by Qinetiq / Foster-Miller, become weapons platforms too. This is an urgent but still largely unnoticed international human rights and arms control issue, and one which the new International Committee for Robotic Arms Control (in which I am now getting involved), will hopefully play a leading role in addressing.

MAARS (Modular Advanced Armed Robotic System) (Foster-Miller)

MicroDrones MAV surveillance system (MicroDrones)

Rotundus GroundBot rolling robot (Rotundus)

Manchester Airport trials virtual strip-search system

You would think after 4 years of trials at Heathrow, that British airports would now be able to work out whether or not they could and more importantly, should, use the various varieties of body scanners that are now available. However Manchester Airport is holding another trial starting from now at its Terminal 2. At least it will give a chance for the public to say what they think. The scans are remote – i.e.: the officer observing the images is not on the airport floor, which prevents the kind of scenario we mentioned in our Report on the Surveillance Society of lewd remarks directed at passengers. Personally, I am rather less concerned about this rather abstract view of my body being seen briefly as I pass through an airport than I am about my financial details and personal life being traded between private companies, or about being under constant video surveillance in ordinary public space in the city. However, the images, although ghostly, are detailed enough that genitals, deformities, medical implants and so on can be seen, and if this story is to be believed it would seem that there is no provision for women’s images to be seen by a women alone and men’s only by a man. This will make it entirely unacceptable to some people, in particular members of certain religious groups. But the scans are – at least, for now – voluntary, in that passengers can refuse and have a traditional pat-down search instead.

However, this technology won’t be staying in the airports for long. I reported back in July on stories that terahertz wave scanning could soon be made to fit into portable cameras. That raises a whole different set of social, political and ethical questions…

(Thanks to Simon Reilly for sending me the link)