Thursday, May 14, 2015

Open letter to Google on RTBF processes

I'm one of 80 signatories to an open letter to Google requesting more transparency from the company over how it processes so-called ‘right to be forgotten’ requests. The letter was drafted and coordinated by Julia Powles at Cambridge University and Ellen P. Goodman at Rutgers University School of Law.

Copy below.
"What We Seek
Aggregate data about how Google is responding to the >250,000 requests to delist links thought to contravene data protection from name search results. We should know if the anecdotal evidence of Google’s process is representative: What sort of information typically gets delisted (e.g., personal health) and what sort typically does not (e.g., about a public figure), in what proportions and in what countries?
Why It’s Important
Google and other search engines have been enlisted to make decisions about the proper balance between personal privacy and access to information. The vast majority of these decisions face no public scrutiny, though they shape public discourse. What’s more, the values at work in this process will/should inform information policy around the world. A fact-free debate about the RTBF is in no one’s interest.
Why Google
Google is not the only search engine, but no other private entity or Data Protection Authority has processed anywhere near the same number of requests (most have dealt with several hundred at most). Google has by far the best data on the kinds of requests being made, the most developed guidelines for handling them, and the most say in balancing informational privacy with access in search. We address this letter to Google, but the request goes out to all search engines subject to the ruling.

One year ago, the European Court of Justice, in Google Spain v AEPD and Mario Costeja Gonz├ílez, determined that Google and other search engines must respond to users’ requests under EU data protection law concerning search results on queries of their names. This has become known as the Right to Be Forgotten (RTBF) ruling. The undersigned have a range of views about the merits of the ruling. Some think it rightfully vindicates individual data protection/privacy interests. Others think it unduly burdens freedom of expression and information retrieval. Many think it depends on the facts.
We all believe that implementation of the ruling should be much more transparent for at least two reasons: (1) the public should be able to find out how digital platforms exercise their tremendous power over readily accessible information; and (2) implementation of the ruling will affect the future of the RTBF in Europe and elsewhere, and will more generally inform global efforts to accommodate privacy rights with other interests in data flows.
Google reports that it has received over 250,000 individual requests concerning one million URLs in the past year. It also reports that it has delisted from name search results just over 40% of the URLs that it has reviewed. In various venues, Google has shared some 40 examples of delisting requests granted and denied (including 22 examples on its website), and it has revealed the top sources of material requested to be delisted (amounting to less than 8% of total candidate URLs). Most of the examples surfaced more than six months ago, with minimal transparency since then. While Google’s decisions will seem reasonable enough to most, in the absence of real information about how representative these are, the arguments about the validity and application of the RTBF are impossible to evaluate with rigour.
Beyond anecdote, we know very little about what kind and quantity of information is being delisted from search results, what sources are being delisted and on what scale, what kinds of requests fail and in what proportion, and what are Google’s guidelines in striking the balance between individual privacy and freedom of expression interests.
The RTBF ruling addresses the delisting of links to personal information that is “inaccurate, inadequate, irrelevant, or excessive for the purposes of data processing,” and which holds no public interest. Both opponents and supporters of the RTBF are concerned about overreach. Because there is no formal involvement of original sources or public representatives in the decision-making process, there can be only incidental challenges to information that is delisted, and few safeguards for the public interest in information access. Data protection authorities seem content to rely on search engines’ application of the ruling’s balancing test, citing low appeal rates as evidence that the balance is being appropriately struck. Of course, this statistic reveals no such thing. So the sides do battle in a data vacuum, with little understanding of the facts — facts that could assist in developing reasonable solutions.
Peter Fleischer, Google Global Privacy Counsel, reportedly told the 5th European Data Protection Days on May 4 that, “Over time, we are building a rich program of jurisprudence on the [RTBF] decision.” (Bhatti, Bloomberg, May 6). It is a jurisprudence built in the dark. For example, Mr. Fleischer is quoted as saying that the RTBF is “about true and legal content online, not defamation.” This is an interpretation of the scope and meaning of the ruling that deserves much greater elaboration, substantiation, and discussion.
We are not the only ones who want more transparency. Google’s own Advisory Council on the RTBF in February 2015 recommended more transparency, as did the Article 29 Working Party in November 2014. Both recommended that data controllers should be as transparent as possible by providing anonymised and aggregated statistics as well as the process and criteria used in delisting decisions. The benefits of such transparency extend to those who request that links be delisted, those who might make such requests, those who produce content that is or might be delisted, and the wider public who might or do access such material. Beyond this, transparency eases the burden on search engines by helping to shape implementation guidelines and revealing aspects of the governing legal framework that require clarification.
Naturally, there is some tension between transparency and the very privacy protection that the RTBF is meant to advance. The revelations that Google has made so far show that there is a way to steer clear of disclosure dangers. Indeed, the aggregate information that we seek threatens privacy far less than the scrubbed anecdotes that Google has already released, or the notifications that it is giving to webmasters registered with Google webmaster tools. The requested data is divorced from individual circumstances and requests. Here is what we think, at a minimum, should be disclosed:
  1. Categories of RTBF requests/requesters that are excluded or presumptively excluded (e.g., alleged defamation, public figures) and how those categories are defined and assessed.
  2. Categories of RTBF requests/requesters that are accepted or presumptively accepted (e.g., health information, address or telephone number, intimate information, information older than a certain time) and how those categories are defined and assessed.
  3. Proportion of requests and successful delistings (in each case by % of requests and URLs) that concern categories including (taken from Google anecdotes): (a) victims of crime or tragedy; (b) health information; (c) address or telephone number; (d) intimate information or photos; (e) people incidentally mentioned in a news story; (f) information about subjects who are minors; (g) accusations for which the claimant was subsequently exonerated, acquitted, or not charged; and (h) political opinions no longer held.
  4. Breakdown of overall requests (by % of requests and URLs, each according to nation of origin) according to the WP29 Guidelines categories. To the extent that Google uses different categories, such as past crimes or sex life, a breakdown by those categories. Where requests fall into multiple categories, that complexity too can be reflected in the data.
  5. Reasons for denial of delisting (by % of requests and URLs, each according to nation of origin). Where a decision rests on multiple grounds, that complexity too can be reflected in the data.
  6. Reasons for grant of delisting (by % of requests and URLs, each according to nation of origin). As above, multi-factored decisions can be reflected in the data.
  7. Categories of public figures denied delisting (e.g., public official, entertainer), including whether a Wikipedia presence is being used as a general proxy for status as a public figure.
  8. Source (e.g., professional media, social media, official public records) of material for delisted URLs by % and nation of origin (with top 5–10 sources of URLs in each category).
  9. Proportion of overall requests and successful delistings (each by % of requests and URLs, and with respect to both, according to nation of origin) concerning information first made available by the requestor (and, if so, (a) whether the information was posted directly by the requestor or by a third party, and (b) whether it is still within the requestor’s control, such as on his/her own Facebook page).
  10. Proportion of requests (by % of requests and URLs) where the information is targeted to the requester’s own geographic location (e.g., a Spanish newspaper reporting on a Spanish person about a Spanish auction).
  11. Proportion of searches for delisted pages that actually involve the requester’s name (perhaps in the form of % of delisted URLs that garnered certain threshold percentages of traffic from name searches).
  12. Proportion of delistings (by % of requests and URLs, each according to nation of origin) for which the original publisher or the relevant data protection authority participated in the decision.
  13. Specification of (a) types of webmasters that are not notified by default (e.g., malicious porn sites); (b) proportion of delistings (by % of requests and URLs) where the webmaster additionally removes information or applies robots.txt at source; and (c) proportion of delistings (by % of requests and URLs) where the webmaster lodges an objection.
As of now, only about 1% of requesters denied delisting are appealing those decisions to national Data Protection Authorities. Webmasters are notified in more than a quarter of delisting cases (Bloomberg, May 6). They can appeal the decision to Google, and there is evidence that Google may revise its decision. In the remainder of cases, the entire process is silent and opaque, with very little public process or understanding of delisting.
The ruling effectively enlisted Google into partnership with European states in striking a balance between individual privacy and public discourse interests. The public deserves to know how the governing jurisprudence is developing. We hope that Google, and all search engines subject to the ruling, will open up."
Full list of signatories, who have the additional honour of riding high in the TechnoLlama approval ratings, available at the Guardian and medium.com.

Monday, May 11, 2015

VE Day, freedom, justice and technology policy


An edited version of the following piece is available at The Conversation.

On the 70th anniversary of VE Day, it became clear that 36.9% of those who turned out, in the UK general election the previous day, voted for the Conservative party. With the turnout being 66.1%, this means that 24.3% of those eligible to vote gave the Tories an unexpected slim majority of seats in Parliament.

What does this mean for technology policy over the next five years, now that the Tories have been joyfully unleashed from their Liberal Democrat coalition partners? Well the big technology issues will continue to be things like communications infrastructure, surveillance, big data, human rights, encryption, security and intellectual property.

Communications infrastructure
Any progressive modern government indulging in rhetoric about being world leaders in technology needs to invest their money where their mouths are. Forget petty little projects like HS2, forget austerity and pour gigantic pots of the green stuff into building broadband infrastructure to every single corner of this little island. I'm not talking about promising households "up to 2Mbps" or even "up to 20Mbps" but a neutral network that delivers speeds upwards of one terabit per second to every household by 2020.

If we harbour serious ambitions to be technology leaders, then give every member of the population access to technology and robust neutral high speed networks. Then get out of the way and watch the human, constructive, social, technological, economic, commercial magic in that technological playpen.

Surveillance
Sadly, much of what passes for technology policy is likely to continue to be driven by the Home Office. Home Secretary Theresa May's obsession with the thoroughly discredited Communications Data Bill aka Snoopers' charter, is a top priority. Though the BBC reports (from 07:50) that the Snoopers charter is being handed to Mrs May's best mate, Michael Gove, in his new Justice Secretary role.  Whichever of them takes it on (and Home Office & Justice ministry insiders still believe it is the Home Office's responsibility) the government mean to reinforce and expand information systems and laws facilitating mass surveillance.

No amount of explanations that mass surveillance is dangerous and doesn't work ever gets through to the largely technologically illiterate MPs in Parliament - proportionately few have any scientific or technology training or background. Government ministers tend to avoid understanding something, when their jobs, and future tilts at the Tory leadership depend, on them not understanding it.

Effective law enforcement and intelligence work is complex, messy and difficult. Unfortunately Home and Justice Secretaries, under the gaze of the 24/7 news media, don't have the luxury of managing complex, messy and difficult. They need clear, simple and immediate actions and apparent solutions. 

Mrs May is concerned to be perceived as tough on crime and terrorism, repeatedly declaring a determination to give the security services everything they need - a phrase which, unlike the approval rating it gets in the UK, sends a shiver of fear down the spines of most continental Europeans, whose countries have experienced histories of totalitarian governance. Law enforcement and security services need to use modern digital technologies intelligently in their work and through targeted data preservation regimes – not the mass surveillance regime they are currently operating – engage in technological surveillance of individuals about whom they have reasonable cause to harbour suspicion. That is not, however, the same as building and enabling the legal operation of an infrastructure of mass surveillance.

The Intelligence and Security Committee of Parliament recently reported that "bulk collection" of communications data is acceptable because most of the data is only ever "seen" by computers. By that measure Mrs May & Mr Gove should install a top of the range CCTV camera in every room in every building in the country. They'll only use the footage if it becomes necessary, you see.

Yet not once, in the 14 years since the dreadful 9/11 attacks, on either side of the Atlantic, have mass surveillance magic terrorist catching machines ever been publicly,* credibly and specifically shown to identify a terrorist suspect pre-emptively.

Big data
Successive UK governments for a long time have not had a great record at managing large tranches of electronic data. On the promise of major medical breakthroughs both partners in the previous coalition government bought into the notion of big data in healthcare. The Tories are keen on privatising the health service. Making medical data available on a wide scale to medical researchers and industry is considered a no brainer, in the newly populated corridors of power.

The now dismantled Nu Labour National Programme for IT in the NHS was arguably the largest ever government IT disaster. But the coalition were and now the new Conservative government are keen to press forward with privacy-destroying management of NHS information systems and the further centralisation of medical records, in the ill-conceived care.data programme.

Government can't lose by claiming they are spending more on the NHS, even if it is on information systems that won't work; and in practice cause untold havoc in the long term. 

There is a serious question about facilitating constructive, enlightening, ethical, socially useful research into healthcare big data whilst protecting medical confidentiality. But it should not be done by letting government circumvent human rights law guarantees to privacy. It needs to be governed by a set of principles such as those set out in the Nuffield Bioethics Council report on the ethical use of data.
  • treat people as individuals worthy of respect and not as industrial raw material - the principle of respect for persons
  • abide by all relevant laws including human rights laws - the principle of respect for established human rights
  • tell people what you are doing with their data and consult them properly and regularly - the principle of participation of those with morally relevant interests
  • account for what you've done with the data and tell people if things go wrong - the principle of accounting for decisions

Human Rights Act
It's a little sad that 70 years on from VE day that 24.3% of eligible voters of the great British public apparently support the abolition of the Human Rights Act. In an information age, information and, by proxy, technology policy becomes human rights policy. The new government want to replace the Human Rights Act with a proper British Bill of Rights for proper, deserving, British people and not be dictated to by those
unelected European judges. The Tories' proposals for the Bill of Rights suggest it would include all of the rights currently protected by the European Convention on Human Rights (and, therefore, the Human Rights Act) but judicial protection would be denied to those rights judged to be “trivial”. Just as a matter of interest, which of -
  • Obligation to respect Human Rights
  • Right to life
  • Prohibition of torture
  • Prohibition of slavery and forced labour
  • Right to liberty and security
  • Right to a fair trial
  • No punishment without law
  • Right to respect for private and family life
  • Freedom of thought, conscience and religion
  • Freedom of expression
  • Freedom of assembly and association
  • Right to an effective remedy
  • Prohibition of discrimination
  • Prohibition of abuse of rights
- would you consider trivial? If you'd like a lesson on what any of these mean in practice may I recommend a couple of minutes at day at the recently launched Rights Info site. Pay particular attention to the human rights myths section - every one of these myths has been trotted out by the mainstream media and governing politicians of varying flavours in the past ten years. Theresa May featured the pet cat story at her Tory conference speech in 2011. Michael Gove has apparently been given charge of the Bill of Rights job.

Plans to ban encryption
Much mockery has been poured by the tech community on David Cameron's plans and the FBI's desire to ban encryption and provide mandatory back doors to government. Basically it won't work as a crime/terrorism prevention measure. And it definitely would not be cost effective. Banning Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL) would be very costly. It would lead to further mass data silos, useless for preventing nefarious actors engaging in attacks.

Think of it as every householder delivering copies of their door keys to the local police station, just in case the police would like to search any house without breaking the door down. No self-respecting crime syndicate is going to systematically break into multiple houses when they can break into the police station first to get all the keys; or encourage or coerce an insider to provide them with copies of the keys.

The rest
I could go on – there are a host of really important technology related issues to play out in the next 5 years, including: 
  • Web blocking & age verification – think of the children and the poor copyright conglomerates
  • Counter Terrorism & Security Act 2015 "prevent" duties – about to spawn a veritable bureaucratic industry
  • EU data protection measures promised by the end 2015 – that’ll be fun
  • Intellectual property – a complex black hole that determines control of information
- but you, dear reader, have already been inordinately patient. 

So I will close with a question.

70 years on from VE day, given the surveillance society we have built since the turn of the century and intend to expand and reinforce over the next 5 years, can we really be seen to be honouring the sacrifice of those who died to win our freedoms and a lasting peace, founded on justice and good will; or, as John Naughton so eloquently puts it, does our  indolence constitute “a shocking case study of what complacent ignorance can do to a democracy”?

* Updated for clarification to add the word "publicly".

Tuesday, May 05, 2015

Ancilla Tilia dreams about talking to her granddaughter in the future

A gentle but powerful reminder from Ancilla Tilia that we don't appreciate freedom until it's gone and in the meantime refuse to notice it drip drip dripping away.


Ironically, given the subject matter, the video cuts out half way through demanding a full name and email address. Put in a dummy name and email to get it to continue.

Friday, April 17, 2015

Another response on surveillance from a prospective MP

I've now had a response from Lib Dem general election candidate, Layla Moran, to my Don't Spy on Us email.
"Dear Ray,


Thank you for emailing me about my and the Liberal Democrat stance on surveillance. 

As you are probably aware, the Liberal Democrats are, and always have been, fierce supporters of civil liberties. For many years we have worked hard to protect the fundamental freedoms of UK citizens from the State.

In this parliament Lib Dem Leader Nick Clegg stopped the Tories from introducing the so-called “Snooper’s Charter”. This would have kept a record of the web browsing history of every man, woman and child in this country. Nick Clegg felt that this was a worrying idea, and I am delighted he blocked these proposals.

We need a mature debate in this country about how to best tackle crime and protect privacy in the internet age. Our security and intelligence services must have the right tools to fight crime and terrorism, but this should never come at the expense of civil liberties. The idea of sacrificing freedom for the sake of security is a false choice.

That’s why Nick Clegg called for a radical revamp of the oversight of the intelligence services last year. Nick argued that there needs to be greater transparency and third party oversight in this area, to make sure that we are striking the right balance between privacy and security. Our intelligence services keep the country safe every day, so it is important that the public has trust in them too.

Liberal Democrats have a great record in government on civil liberties. We have scrapped the previous Labour Government’s disastrous ID card scheme and have legislated for a Privacy and Civil Liberties Board to be established too. The Privacy and Civil Liberties Board would be able to review UK terrorism legislation in the future, and it would look at whether we are properly addressing concerns about liberty.

The Intelligence and Security Committee (ISC) is the body in Parliament that is responsible for looking at how our intelligence and security services are working. In government the Liberal Democrats have made the ISC a Committee of Parliament, given it more powers, and expanded its remit too. These reforms are an important step in the right direction, and we are committed to going further.

The Liberal Democrats want to introduce a “Digital Bill of Rights” after the 2015 election to give people more power over their data too. This will protect us against blanket surveillance without affecting our ability to tackle emerging threats or target criminals. Our online behaviour should be treated with the same respect as our offline behaviour, and that is why I am glad that my party supports a “Digital Bill of Rights”.

The internet has revolutionised the way that we learn things, share new ideas and communicate with people we know. Our intelligence and security services must always keep up with technological change, but we need a reasonable level of oversight to protect the privacy of UK citizens.

Thank you again for contacting me about this important matter.

Best wishes,

Layla"
It reads largely as a cut and paste from a party briefing. My further response below including a request that she commit to work to have innocent people's details removed from the domestic extremist database.
"Layla,


Thanks for your prompt response.

Though the Lib Dems did reportedly block the discredited Communications Data Bill (aka snoopers’ charter) your party’s record in government in this area is not exactly pristine. To name but one example, the ill-informed, unscrutinised and hasty rushing through of the Data Retention and Regulatory Powers Act (DRIPA) in the summer of 2014 was fully supported by the Lib Dems. Now I’m not sure whether you have ever read DRIPA – most Lib Dem, Labour and Tory MPs who voted for it did not read it before voting it through, in a rushed almost unprecedented abuse of parliamentary process and there is little evidence to suggest that they have actually done so since – but it’s quite short (only 8 sections) and I would recommend you do. It’s available at http://www.legislation.gov.uk/ukpga/2014/27/contents/enacted. Not only did DRIPA re-introduce and expand the data retention practices that the European Court of Justice had, just months previously in the Digital Rights Ireland and Seitlinger case, declared so heinous that they should never have existed, it extended the territorial reach of UK surveillance law to cover the entire world. Additionally DRIPA essentially declares anyone with any gadget connected to the internet is now fair game for surveillance.

Another legacy of Lib Dem coalition government is the destructive Chapter 1 “prevent” duty of the Counter Terrorism and Security Act 2015, imposing an ill-defined duty on public servants, including educators, to report people in danger of “being drawn into terrorism”, an ill-defined transgression. Further provisions of this nominal counter terrorism regulation – the 7th major anti-terrorism act in the past 14 years – include section 21 “Retention of relevant internet data” obligations on communications service providers, including mobile phone operators, to retain communications data, the definition of which has been expanded to include “internet protocol address, or other identifier, belongs to the sender or recipient of a communication (whether or not a person)”.  This imposes vast expensive operational burdens on the industry just in case the data may be useful to the government in the future. This kind of approach was ruled to be an abuse of the legal process in English law as far back as 1765 in the case of Entick v Carrington. The precise details of what specific data will be retained under the Act, how this will be done, by whom, under what conditions and other operational issues relating to making such data available to government is to be worked out in secret between the government and the service providers.

I’m aware of the change in status of the ISC. Unfortunately the publication of their recent report on privacy and security does little to inspire confidence that they can provide the requisite degree of scrutiny of government surveillance practices. In particular the repeated claim that the UK is not engaged in mass surveillance merely “bulk collection” of communications data defies credibility. It’s only computers that “see” the data, you see, not real people, mostly. So nothing to worry about. On which basis we could justify putting digital cameras running 24/7, networked to government surveillance systems, in every room in every household – it would not matter, you see, because most of the video footage captured would not be seen by real people.

The Privacy and Civil Liberties Board sounds positive in theory but the specifics of the coalition proposals in this area have been widely criticised by civil rights groups and the terrorism watchdog, David Anderson.

Whilst the Lib Dems nominal pre-election 2015 support for a Digital Bill of Rights is welcome, the promising promises that your party started with at the beginning of the term of the coalition government proved seriously elusive when it came to implementation. How can we be confident it won’t be the same story again if you find yourself in coalition with the Conservative or Labour parties?

The default deterministic construction and deployment of a regulatory and communications infrastructure of mass surveillance is one of the fundamental issues of the information age. This is not an abstract or merely of academic interest. It affects real people, in this constituency, who have found themselves on the government’s domestic extremism database, merely for protesting against the dumping of power station waste into local lakes. So on that note, one final practical question – will you commit to insuring the people who have been tagged by government as domestic extremists, for the appalling sin of trying to protect local lakes and landscapes, have their details removed from the domestic extremist database?

Regards,

Ray"

Eliciting prospective parliamentary candidates' positions on surveillance

The Don't Spy on Us coalition have put together a prospective parliamentary candidate enlightenment programme on mass surveillance. I used the form to email those touting for election in my area to ask where they stand on surveillance.  It is a marginal seat, usually going to Lib Dems or Tories.

Conservative, Nicola Blackwood, edged it by less than a couple of hundred votes in 2010 and I have a fair idea of her perspective, having semi-routinely corresponded with her on the matter, which is largely one of towing the Tory party line.

The Don't Spy on Us email is relatively short and simple.
"I am concerned about the current internet surveillance regime in the UK and would like to see my parliamentary candidates support these changes to the existing system:

1. to ensure that surveillance powers are targeted, necessary and proportionate
2. to increase judicial authorisation over surveillance
3. to improve oversight of the intelligence agencies

Please also read this briefing from the Don't Spy On Us coalition for parliamentary candidates.
https://www.dontspyonus.org.uk/assets/site/dontspyonus/files/PPC_DSOU_briefing.pdf

Yours sincerely

Ray Corrigan"
Interestingly, I had a response from the Labour candidate, Sally Copely, within 16 minutes. Unfortunately, it was non-committal and looks to have been partly cut and pasted from party briefings.
"Dear Mr Corrigan


Many thanks for your email.

I am also concerned by this, as security agencies are supposed to have only limited access to communications, with oversight by the courts. I do understand that there is an issue with growing numbers of terrorists communicating via the internet, rather than on the telephone, and that the authorities need to be able to keep up with changing technologies.  But while the police and security agencies need stronger powers, Labour believe these must be backed by stronger safeguards.

That is why we pushed for David Anderson’s independent review of the legal framework surrounding surveillance, which will complete just before the election. So we are committed to giving David Anderson the time and space to look at these issues and report back.  More should be here soon: Independent Reviewer of Terrorism Legislation «






















I've responded to her further.
"Thanks for the rapid response, Sally.


If you speak to ordinary police and intelligence officers they don’t want stronger powers or more money thrown at supposedly magic terrorist catching computer systems, managed through complex bureaucracies primarily designed to demonstrate management are meeting their targets. They need more appropriately trained and experienced people. The intelligence services currently have the power and capability to data mine the intimate details of the lives of anyone in entire population. They are completely swamped with gigantic quantities of electronic data. They simply don’t have the personnel to track everyone to that degree; not just ordinary people but known dangerous suspects, as we discovered when the close surveillance of Fusilier Lee Rigby’s killers was lifted shortly before the murder.

Yet the three dominant parties, as I understand it, are committed to continuing to cut the number of police officers. Labour and the Tories are committed to expanding mass surveillance powers e.g. through the implementation of the proposed and discredited Communications Data Bill. All three main parties supported the unscrutinised hasty scrambling of the Data Retention and Investigatory Powers Act (DRIPA) through Parliament just prior to MPs’ summer holidays in 2014. Not only did DRIPA re-introduce and expand the data retention practices that the European Court of Justice had, just months previously, declared so heinous that they should never have existed, it extended the territorial reach of UK surveillance law to cover the entire world. Additionally it essentially declares anyone with any gadget connected to the internet is now fair game for surveillance. DRIPA is quite short (only 8 sections) and actually well worth reading – most MPs still have not done so.

David Anderson’s review will be significant but I think you’ll find Mr Anderson is already on record as noting the importance of surveillance powers that are targeted, necessary and proportionate, improved oversight of the intelligence agencies and judicial authorisation of surveillance. I don’t believe it is unreasonable to ask the same commitment from prospective parliamentary candidates. I’m afraid I’ll need something stronger than the non-committal party line and a request to ‘pick me to avoid them’ treatise to consider voting for Labour. :-)

The default deterministic construction and deployment of a regulatory and communications infrastructure of mass surveillance is one of the fundamental issues of the information age. That all the main parties have sought to ignore it as an election issue is unfortunate but doesn’t make it any less important. I’d encourage you to consult your colleagues, Tom Watson and David Winnick, who are amongst the very few Labour MPs who have done any serious degree of thinking on these matters.

Regards,

Ray"