Friday, November 16, 2012

The Truth About Dishonesty

MIT's Dan Ariely talking about dishonesty, beautifully illustrated by RSA Animate:
 

Facebook data access experiment

On 30th November last year I deleted my Facebook account. The account and all the data associated with it were supposed to be purged within 14 days.

Nearly 12 months on I wanted to test that, so as an experiment I've signed up for Facebook again. I don't intend to use the account so please do not message me or send friend requests etc. as I won't be responding to them.  I've locked down the privacy and security settings in an effort to block Facebook from harassing people they think I know that I'm back but I don't have a lot of time, didn't go through all of them and this will be leaky.

Apologies in advance, therefore, if Facebook do hassle anyone about my (non) return.

The sign up process was tedious and, amazingly, Facebook eagerly invited me to become friends with a whole host of familiar names and faces. How did they know?!

So suspicion has already set in that what I remember as a promised data purge (I knew I should have checked/recorded the wording more closely at the time), on account deletion, was not as thorough as the warning that it might be implied. Looking at the current wording on the delete my account page it hints at data deletion but then again not really:
If you do not think you will use Facebook again and would like your account deleted, we can take care of this for you. Keep in mind that you will not be able to reactivate your account or retrieve any of the content or information you have added. If you would still like your account deleted, click "Delete My Account".
The data won't be retrievable by me and the capacity to reactivate the account won't be within my control but the fate of data generated by and about the deleting account holder is left unspecified.

In any case, now I'm a fully fledged Facebook devotee [sic] again, (though I don't necessarily have to be an account holder to do so), I can send them a subject access request which I have duly done, in the hope of finding out what deleted/ irretrievable/retained data they inadvertently or otherwise might have about me, since the cancellation of my original account:
Dear Sir/Madam,
I wish to make a data access request, under section 4 of the Data Protection Act 1988 as amended by the Data Protection (Amendment) Act 2003, for a copy of any information you keep about me, on computer or in manual form.
Thank you,
Ray Corrigan
Email: **@**
Birthdate: ** *** *****
Since Facebook's European headquarters is in Dublin I've made the request under the Irish data protection regulations and Facebook are obliged to respond within 40 days. If anything interesting emerges I'll report back.

In the meantime if you'd like to pursue Facebook's ongoing compliance with EU data protection regulations you can find the Irish Data Protection Commissioner's audit of the company here. Further details of how well Facebook are doing on the EU privacy front are available at Europe v Facebook and Ars Technica has a prominent profile in recent days of the student behind the site. Thanks to Eoin O'Dell for the link.

Update: Facebook's automated response has arrived:
"Hi,

Thank you for contacting us to make a data request. You can access your data on Facebook in several ways.  First, your account itself, including your timeline and activity log, contains the vast majority of your personal data.  Second, we have two tools that allow you to download your data. They are both available by going to your Account Settings. One tool provides the most common data users are seeking when they make data requests. The second tool, called “expanded archive”, contains additional data.  We will continue to add data to your expanded archive over the next few months.

Your expanded archive may include:

• Pending friend requests
• Your mobile telephone numbers
• Account status changes – if, for example, you deactivated and then reactivated your account • Birthday visibility • City and hometown info • Data cookie info – cookie used for security purposes • Events info • Family members (listed by you or your family) • IP addresses stored by Facebook • Spoken languages • Login info, including a list of the logins we have stored • Logout info, including a list of IP addresses we've stored, from which you’ve clicked Log Out • Poke info • Previous names • Relationship info

You may also use the main download your information tool, as well as your Wall or timeline and activity log to access your:

Comments on others' posts, photos
Posts on others' timelines or Walls
Others' posts on your timeline or Wall
Various apps’ activity
Open graph activity –listened to a song, read an article, and so on Status updates Likes Posts in groups Posts on pages Shared links, photos and other info Added friends

To learn more about specific types of personal data that Facebook uses and how you can access your own data, please read on.

Personal Data Processed by Facebook

To learn more about your data on Facebook, please read the Data Use Policy: https://www.facebook.com/about/privacy/
This policy describes:

• Categories of data being processed by Facebook • Personal data that Facebook receives from Facebook members • Sources of this info, if known • Reasons for processing this data • Recipients or categories of recipients to whom Facebook members’ personal data are or may be disclosed

Accessing Your Facebook Data – Active Account

To download your information or your expanded archive:

1. Click the V menu at the top right of any Facebook page.
2. Choose Account Settings.
3. Click "Download a copy of your Facebook data." To access the new categories of info, click “expanded archive.”

To check to see whether your credit card information is storied on Facebook, go to Account Settings > Payment Methods. From there, you may choose to change or delete stored credit card information.

Please note that you’ll be asked for your account password in order to start your download. Your downloaded file may contain sensitive information. You should keep your downloaded info secure and take precautions when storing, sending or uploading it.

You can also access personal data from your current timeline and activity log anytime. Just log into Facebook to edit this info. If you have trouble logging in to your account, please visit our Log In and Password help page:

https://www.facebook.com/help/?page=174

Accessing Your Personal Data – Without an Account

If you can’t access your account or don’t have an account, please follow the link below to complete a form and request your data:

https://www.facebook.com/help/contact_us.php?id=166828260073047

You may be required to provide additional information to authenticate your identity.

Thanks,
The Facebook Data Access Request Team"
This does not address the company's obligation under section 4 of the Irish Data Protection Act to provide me with the data they hold on me.  So I've contacted the Irish Data Protection Commissioner at 'info@dataprotection.ie' to complain.
"Data Access Request unsatisfactory response: Facebook Ireland Ltd.
FAO
Office of the Data Protection Commissioner.
Canal House,
Station Road
Portarlington ,
Co. Laois
Eire

Dear Sir/Madam,


I sent the initial request by email today, 16 November 2012.

I got an automated response by e-mail from the company, saying that I should use two tools to download “common data” and additional “expanded archive” data.  The company says they “will continue to add data to your expanded archive over the next few months”. By the company’s own automated admission, therefore, they have not provided me with full access to “any personal data” they hold about me.

These tools mentioned in the response are not sufficient to discharge Facebook’s obligation in law to provide me with access to “any personal data” the company holds and processes about me, in intelligible form.  Under section 4 (a)(iii) of the Data Protection Act,

an individual shall, if he or she so requests a data controller by notice in writing—

(iii) have communicated to him or her in intelligible form—

(I)  the information constituting any personal data of which that individual is the data subject, and

(II) any information known or available to the data controller as to the source of those data unless the communication of that information is contrary to the public interest,

and
                       
(iv) where the processing by automatic means of the data of which the individual is the data subject has constituted or is likely to constitute the sole basis for any decision significantly affecting him or her, be informed free of charge by the data controller of the logic involved in the processing,

I therefore ask you to take the necessary steps to make Facebook Ireland Ltd comply with my personal data access request and section 4 of the Irish Data Protection Act. I would appreciate your formal decision on this complaint as soon as possible.

Yours faithfully,

Ray Corrigan"

Thursday, November 15, 2012

B2fxxx turns ten today

B2fxxx is ten today.

I started posting here in November 2002, under a pseudonym, to provoke discussions amongst my internet law students about contemporary issues and cases that hadn't made it into the original course materials.

Day 1, 15th November, 2002, covered:
  • A movie executive believing movie piracy deserves as much attention as the war on terrorism; claiming the film making business would be dead within three years. 
  • Princeton professor, Ed Felten, suspending daily entries in his 'Fritz's Hit List', where he listed examples of the kind of things which would need copyright protection built in, if the then proposed Consumer Broadband Digital Television Protection Act (CBDTPA) ever became law in the US. It included digital dog collars, sat navs, cockpit voice recorders,a remote controlled fart machine, baby monitors, Barbie toys, robot dogs and many others.
  • UNESCO's then Information Society Division director Philippe QuĂ©au's worries about telecoms monopolies.
  • An American Library Association conference on the USA/PATRIOT Act
  • The risks ethical hackers could be exposed to in helping the FBI track down child abusers.
All of those generic issues are still live (not the CBDTA specifically, about which the EFF did a terrific parody song at the time, but it has been regularly resurrected and partly implemented in various forms in different jurisdictions and international instruments in the course of the ensuing decade).

The blog very quickly became too useful as a personal notebook and I dropped the pseudonym.

This is my 4504th post here with the peak years, quantitatively at least, being 2005, 2006 and 2007 which saw 934, 921, and 718 contributions respectively. Last year was down to 64.

The site has had a relatively small and eclectic readership with, if the Blogger and Sitemeter statistics are to be believed, visitors (or bots) from well over a hundred countries, today headed up by the US, followed by Norway and then the UK, Russia and Ukraine.

I've been largely focussed on digital rights and education, but have strayed into football and pretty much anything else that's piqued an interest. If you have dropped in, thank you and if you've come back thanks again. Hopefully you've found something useful, engaging or thought provoking, at least in the material I've pointed to.

In that spirit and particularly if you're a digital rights junkie, could I emphasise the importance again of the oral evidence given by Caspar Bowden and Duncan Campbell to the Joint Committee conducting pre-legislative scrutiny of the draft Communications Data Bill. Caspar Bowden's written evidence (pp73 - 92) is also essential reading, as is that of the Open Rights Group (pp358 -373), Peter Sommer (pp 433 - 449), the Information Commissioner (pp504 -511), Ross Anderson (516 - 518) and the Foundation for Information Policy Research ((pp146 - 151).

Some highights from Caspar Bowden's oral evidence to the committee on the 30th of October:
"Q1018
...
Caspar Bowden: ... I think the Committee should be clear that this proposal for ISPs to log websites visited is intrusive and, frankly, it lacks a legal basis. There is no basis for doing this currently, as I understand it, under UK laws or secondary legislation that has currently been enacted, nor is there any legal basis for doing this under the European data retention.
...
Q1024
Dr Huppert: So the IP data can be done without the legislation and the weblogging, you say, is very hard to do.
Caspar Bowden: I think it is legally hard and in terms of human rights it is hard, because if I understand your point correctly, it is about whether we take the premise of Clause 1: that there shall be blanket retention for everybody in the country of certain categories of data. That is still extremely problematic in human rights terms, so I would want to refocus the question on whether the fundamental methodology is collecting data about people about which there is reason to collect—whether there is some basis of suspicion, whether they are in vulnerable groups. To take a rough figure, it is about whether we are talking about 1% of the population, as opposed to recording data about 100% of the population. That seems to me the essential principle at stake.
...
Q1028
Mr Brown: Have any of you given any thought to what elements might be involved in post-legislative scrutiny arrangements were we to recommend such a thing?
Caspar Bowden: ...
I think that I would like to see a much closer connection between Parliament and the oversight and continuous review of any internet surveillance legislation. In particular, in my written evidence, I made reference to a recent European Parliament report that did a comparative analysis of different countries, how they have set up their oversight machinery and their relationship to Parliament. The UK did particularly poorly in that; the European report was very critical of, shall we say, too close links between the oversight role and the executive. That seems to me a syndrome that we indeed have.
...
Q1045
...
Caspar Bowden: ... I have referred to a problem in my written evidence that I call “schizoid jurisdiction”. This occurs when an international provider decides to respond, say, to a RIPA Part 1, Chapter 2 request or demand for communications data and they fulfil this through their local office and they give this to the local law enforcement agency, exactly as would occur with a domestic communications service provider. But when a data subject—an individual—makes a request to exercise their privacy or data protection rights, then the company will say, “Oh no, I am sorry. That data was transferred to the United States”, and now falls under something like the Safe Harbor Agreement where, in practice, the individual’s rights are much less.
...
Caspar Bowden: ... I think what we are asking is for law enforcement to look at their task progressively in a different way, which is instead of assuming that somehow there can be blanket recording of this data about the entire population, it is going to be more of a question of beginning, as it were, with the threads that are available and then developing an investigation. You would widen the circle of interest and cumulatively broaden the use of the powers of preservation until you were in a position to acquire the evidence and intelligence you need. This could be something of an upheaval for the way law enforcement has proceeded so far and I think this must be accepted, but honestly, we have to give data preservation a chance. We have to develop a credible regime with which law enforcement can live to try and make this work before we go to the stage of saying that somehow it is acceptable to perform this blanket preservation on everybody in the entire country.
I will offer, perhaps, a slightly dramatic example of how far we have come in 10 or 15 years. In communist Albania, the secret police, the Sigurimi, used to have a ritual where every year they would require every citizen to come and have a chat with their secret police. Each person would be required to co-operate in building what was called a “biografi”. This was, as it were, a personal dossier in which they would have to record all of their social relationships, social contacts and main meetings that had happened to them over the previous year. In terms of the way we live our lives now, particularly the way in which social relationships are expressed, through the internet, we are effectively allowing the Home Office to build a biography on everybody in the country on their pattern of social relationships and on the fabric of everyday life. It seems to me, just taking a step back, it is extraordinary that we have got to this situation at all and we are even contemplating it.
Q1048
Craig Whittaker: Mr Bowden, can you honestly believe for one minute, though, we are talking about an Albania situation here in the UK? We are not talking about building a profile. We are talking about securely storing information. The profile-building, if you will, will be in the access and the safeguards put in place to get that access. I think that is a little bit scaremongering, from that point of view.
Caspar Bowden: With respect, not. Look at the testimony of William Binney; I also referred to in my written evidence, and his video to a hacker conference in New York is available online. William Binney was a senior National Security Agency engineer who has now become a whistleblower, objecting to these types of practices conducted in the US. The technology that he, as a senior engineer, was building 10 years ago was in fact precisely an automated biography file; it was not merely a question of leaving this data passively in place. And there is a direct correspondence between the sort of machinery that he engineered 10 years ago and what is proposed in the filter. Of course, it depends exactly how the filter is going to be implemented and what lies behind the filter, but I do not think it is correct to
imagine that somehow these are, as it were, passive piles of data sitting around. Even if that was the case, there is certainly case law at the European Court of Human Rights to show that blanket retention of this kind of data, particularly if it is going to be used for pattern analysis and traffic analysis, is well beyond what the European Court has tolerated so far.
...
Q1061
Baroness Cohen of Pimlico: If we could get the subscriber data definition satisfactory, you would not feel that needed a magistrate. You would be happy with a SPOC doing that. I do not mean to put words in your mouth; I am trying to check.
Caspar Bowden: With other qualifications, that is broadly my position, because I think that represents something that is doable. That would have to be done, in my opinion, with a move towards a preservation methodology by law enforcement.
 Q1064
Stephen Mosley: We have heard diametrically opposed views on the filter. On the one hand, I know, Mr Bowden, you have described it as a “hyper-Orwellian menace”, while the Home Office would let us believe it is a way of protecting people’s privacy by eliminating people who they are not interested in. I guess it could be either, depending on how it is used, so the oversight and the control of the filter is going to be incredibly important. What kind of oversight do you think the filter should have to ensure the protection of people’s privacy?
Caspar Bowden: Perhaps it will not surprise the Committee to say that I do not think the filter should be built under any circumstances for domestic surveillance. It is understood that GCHQ have had these sorts of capabilities for many years for international communications, but I simply think that the kind of capabilities described in the filter are intrinsically incompatible with a modern democratic society—on the basis of blanket data retention, you understand. If we are talking about preservation of data about designated targets, where for each designated target there is a reason and a justification—even if that is a reasonable belief or a reasonable suspicion—that is still a far smaller 1% of data than one would be talking about on the basis of blanket retention. But for anything to do with the so-called filter—I would call it data mining—of particularly traffic data, which is so prejudicial to private and intimate life, I think safeguards and oversight are irrelevant. I just do not think it should be done in a democracy."
There is no doubt that targetted data preservation, on the basis of intelligence-informed reasonable suspicion, is far more useful from a security, intelligence and law enforcement perspective than blanket data retention. Mr Whittaker's umbrage at Caspar's comparison of UK proposals to the situation in Albania is one of the fundamental problems with trying to expose the dangers of this stuff. "How dare you compare us to despots" is the outraged response to a deeply informed, careful analysis, demonstrating the government are effectively proposing to build intimate digital profiles of the entire population. It becomes fingers in the ears, la la la, not listening time for some of the key characters who really have to understand what it is they are doing.

Some highlights from Duncan Campbell's evidence to the committee on 23rd October:
"Duncan Campbell: I found it difficult to hear the Home Office complaining of unfairness when what they are putting forward to Parliament and this Committee is something that has really been stewing around for at least 10 years, being pushed forward in various ways, and yet when the witnesses come here it seems that no one in the telcos knows what they plan to do or how they will implement it. I was also gravely concerned that Mr Farr in his evidence, and within almost his first interchange with Mr Ellis, completely misled the Committee about the situation with communications data. I put a note in to expound on this should it be necessary, but the statement that 30 years ago BT was collecting communications data, and the implication that they will now not be making that sort of information as available, is the exact opposite of the truth. So, he is extremely badly informed, and passing on poor information and misrepresenting the situation as it is seen now in terms of the amount of information that is available, which has been increasing. It has been increasing as devices become available and new forms of data, for example location and cell-site analysis, come into the system. So I see the Home Office as having mis-served itself very badly from the very title of the presentation of the Bill as remedying a gap. No, they are not. Perhaps proportionately there are things that could be done, areas that can be addressed, but they have left themselves wide open to this accusation of it being a snoopers’ charter.
I would not quite endorse that title yet, because what they are creating, if Parliament were to give them the powers in this form, would really be a universal surveillance engine attached to the mass or all of the British internet. Now, what you do with it, and whether it does become a universal snooping engine, is withheld from us, because none of the orders, none of the codes of practice, none of the facilitating instructions, some of which may come to Parliament, some which may remain classified, are before us. So, again, given the degree of obscurity, the surveillance engine could be the snoopers’ charter or it could be reined in.
I would just, finally, say that the important point of human rights, which seems to have been overlooked in the way the Bill was drafted, has been formed. It has been formulated for us by the European Court and really supports the apprehension that perhaps is seen as coming too stridently from some journalists. “The mere existence”—and I am quoting now from the judgment—“of legislation which allows a system for the secret monitoring of communications entails a threat of surveillance for all to whom the legislation may be applied. This threat necessarily strikes at freedom of communication between users,” which
is Henry’s point and I would absolutely and strongly endorse that for the special case of journalists seeking confidential sources and secure communications to them when those sources act and come in the public interest. The Court finally said the mere existence of legislation of this type is an interference with Article 8 rights irrespective of whether there were to be measures taken against an individual person. So that is a very powerful legislative Act, longstanding in the European jurisprudence, that really does go to help understand why epithets like “snoopers’ charter” have had widespread currency.
Q752
...
Duncan Campbell: ...What is it that my police colleagues would like to be bringing into court that they could get from communications data that they do not now get? There are relatively few things, given the richness of material from other sources, and if you take, for example, whether we can go to Skype, it has been laid out that there is a completely alternative route for going to Skype, so we do not need to worry about Skype in this context.
They have also eschewed looking at things that could be simply explained to Parliament and public. Way, way, back, 12 years ago, we were working on Chapter 2 of RIPA and soundings were taken, views were expressed, as to how you proportionately apply the surveillance of weblogs. Chapter 2 of RIPA does provide some powers, but it has never really been put into practice. Now, since the new provisions, excluding the additional filtering requirement, necessarily embrace all of that, that whole debate could have been laid out in the open. The Home Office could have briefed on it, they could have addressed the arguments that were put for both sides then, expressed a position, allowed Parliament to take its view and so on and so forth. So they have missed a lot of areas where, without needing to have recourse to national security considerations, they could have been open.
Q753
Lord Strasburger: I was going to ask you why you think the Home Office have got it so wrong.
Duncan Campbell: I think they have insulated themselves too much into a very small group that really only essentially talk to themselves and a few others, a few key engineers, and not sought to access even, perhaps, their own Ministers in getting an understanding of what might be required and what might be developed. They are operating in too small a world. I went myself to one of the Home Office briefings a couple of years ago when we were looking at the previous Bill and asked them to try to explain some simple points, and they struggled. They did not seem to know their brief and they did not seem to be very enthusiastic about learning their brief. It was very disappointing.
Q754
The Chairman: You said in your opening remarks, Mr Campbell, that there are areas that could be addressed. It would be helpful if you could elaborate on those for us, please.
Duncan Campbell: First of all, I referred to weblogs. Now, internet service providers do not routinely obtain a log of what happens when a user, any one of us, is using our browser. In fact, a very rich trail of information is generated, many entries per page, on your computer, and for a certain time it would also be held by the communications service provider. So a step that the Home Secretary could take is, by order, to have that data held. It would be huge; it would be difficult to process, but we all know what it is. It comes into the courts every day, because it is also found on suspects’ and defendants’ computers. So it is a kind of evidence that need attract no secrecy. The businesses do not want it because beyond, say, a few weeks to do an engineering study of whether your server is working, you absolutely do not want to store that kind of data. But there need be no secrecy about those kinds of records or how they might be filtered or how they might be used and, indeed, the previous debate on RIPA addressed that. I think Professor Anderson’s evidence also covered some points about that and probably Professor Sommer’s too.
Then there are those areas where the solutions cannot exist realistically. The Information Commissioner mentioned virtual private networks; I would agree with that. There is the problem of Tor. It is a problem from the point of view of UK law enforcement, but, although I did not put it in my CV, I go and work for the other side on occasions, in that respect, bringing the knowledge of what you can hide. I have done that quite specifically in support of the Syrian insurrection and people who are struggling to overthrow the Assad regime and, of course, they have high dependency on Tor, their lives are at risk and if this Government were to, by some method—and I think Tor would say it is impossible—make that not available to them, we would bring about a far greater deficit in human rights in other parts of the world.
You have things like Skype, which have set out a model that works if you address the mutual legal assistance treaty things, and I have seen products come into the courts from MLAT. It is effective; it is what you want; it is the communications data that is asked for. All of that is not being considered.
Q755
The Chairman: There are criticisms that MLAT is a bit slow.
Duncan Campbell: I have never seen MLAT work fast, but I think already comments have been made as to the way the Foreign Office could be encouraged to speed that up.
Q756
Lord Strasburger: You talk about the request filter. Is it the case, in your view, that the distributed database that this Bill foresees combined with the request filter is going to be any different from the centralised database that was proposed in previous legislation?
Duncan Campbell: It appears to be larger, notwithstanding that it is distributed. I say that because the centralised database would ingather the communication service providers’
records at the specified times and hold them nationally with, no doubt, automated access, and that is required to come into being by the first part of the Bill. So basically, you have the national database within the Bill anyway, save that it will be held, in this model, by the CSPs. You then layer onto that the DPI devices that will hang on the key points of the United Kingdom network and mine as yet unspecified classes of data, presumably into similar local databases, but they will, by their nature, have to be integrated nationally, and I think this was conceded by the Home Office witnesses. You are going to data match across things that you see in the content derived from different nodes on the internet with different companies in order to try to get a match to generate communications data. So, if that analysis is correct, this is the national database of the previous scheme plus the additional databases supporting the need to retrospectively look at, I would imagine, a year’s data taken from whatever the filtering system turned out to be. So, a bigger database.
Q757
Lord Strasburger: This is for Mr Campbell specifically. Back to the filter. We have had evidence querying whether the results from the filter will meet evidential standards. If you were working with defence counsel on a case that relied on filter results, how would you go about questioning the admissibility of evidence derived from the filter and the weight to be attached to it?
Duncan Campbell: Lord Strasburger, my expectation is that the courts would probably never get to see the kind of information passed out of the proposed request filter. I will explain why in a minute, but the obvious point that goes to is how useful this can really be for prosecutions. The evidence given specifically in Liberty v the United Kingdom was that we are not going to discuss filtering, it is too complicated, you will not understand it, it is all classified, and we are not going to reveal our methods. The main reason for doing that, I suspect, is that the driving problem—which they never quite admitted until they came here and said, “We are never going to get one in six communications”—is that they do not want people to figure out what it is that they cannot get, because, fairly obviously, the bad guys will navigate through that. So their clear position in Liberty v the United Kingdom was that they do not want to explain how filtering works and they are trying to protect not their strengths but their weaknesses.
...
Q758
Lord Strasburger: That was quite a long answer to a short question. Could I just try to distil that back and see if I have understood you correctly? You seem to be saying that, because the authorities are unwilling to disclose the mechanism behind the filter, it is not possible to validate the effectiveness of the filter and it is not possible, therefore, to put the evidence that falls out of it before the court in any meaningful way. Is that right?
Duncan Campbell: I believe they would not produce it in the first place, because they would foresee the issue of technical difficulties.
Q759
The Chairman: So whatever other use the Security Service or the police could make of a filter, using it is as evidence in court is unlikely to be one of its main functions.
Duncan Campbell: On the basis of as much information as we have as to how it would work, which is, of course, little, that is my view. ...
Duncan Campbell: ... It is fit, proper and necessary that interception of communications and processing of communications data be available as part of the armoury to combat all the things you have mentioned. That is not my problem with this Bill. My problem is that it is not fit for purpose. It has not been thought through and it is not going to work. Leaving aside human rights, we are required to test issues like proportionality and necessity, and, in this forum, we are also required to test value for money and technical efficacy...
Duncan Campbell: ...So once you have accepted... that there will always be the dark areas and that, therefore, the proper area for debate is fitness or proportionality, necessity—necessity given the other types of data that can be used in investigations—technical effectiveness—can it work—and cost efficiency. Then come all the human rights criteria—the fact that you do terrify people by creating powerful laws.
...
Duncan Campbell: In response to your question about senior officers signing on necessity and proportionality, that is necessary but it may not always be sufficient. I think, and some witnesses have put forward, that a much better scheme would be a multi-level surveillance authorisation, which, to some extent, already exists in terms of intrusive surveillance. That should be applied to the communications data schema, so that you have a signing off at higher levels or a warrant from sufficient authority, depending on the degree of intrusion involved. But these are the appropriate and necessary processes.
Just two minor points: although it was not required by law, the police sensibly adopted a scheme whereby assistant chief constables would be required to sign off on location data requests. They have dropped that now, but they saw the degree of intrusion necessary and they said, “A chief superintendant is not enough; we will go to ACPO rank.”
The other point I would make is that the European Court has required that the procedures for examining, using and storing gathered communications material should be in a form that is open to public scrutiny and knowledge, and along with authority that is an important part of the process.
...
Duncan Campbell: ...
I know there has been a well tested argument about bringing intercept data into the courts. I have seen it. I have worked on it when it comes from overseas jurisdictions, and it is very hard to understand the degree of resistance, except a sort of primal fear of letting the adversaries know that we cannot do some things. So you could really quite usefully do an overarching surveillance scheme with officers of different ranks, judges of different authorities, and a surveillance commission that would act as the check and balance on whether the wide remits on all fronts had been followed.
...
Duncan Campbell: ... Mr Brown’s point about the sensitivity of data and the risk it could leak would, in my view, flow largely from creating this database in advance or these databases that are required. Again, rather than the obscurantism of the Home Office approach, we can address this quite specifically in the case of weblogs. In my expert capacity, I have to sometimes look at weblogs that, when seized from computers, can sometimes go back years and years and, frankly, they terrify me. The intimacy with which you can see what somebody is doing, what somebody is thinking, you can infer when their attention has strayed from their partner to some other prospective sexual target—it is written there to be seen. Now, if that person is under that degree of surveillance, because their device has been seized by the police because of a suspicion, then you can at least see how that comes about, and the rest of the population can be reassured that is never going to come to pass unless officers do come through their door for whatever reason. If you move to what was envisaged under RIPA and which will be reconstructed here, then, at the very least, the big internet service providers are going to be asked to store that kind of data, although we have no clue as to the depth of knowledge, and that degree of intimacy. That means that, if anyone wants to go on a trawl, whether authorised or unauthorised, whether the purpose might be approved or not, they can trawl to see who has been accessing special clinics. They can trawl for who has been going to particular websites. They can trawl to draw up profiles and demographics just in the same way as Google does. Clearly, most or all of that would not be proportionate. How do you stop it? Do not do it in the first place. Stick to what you get on people’s computers.
...
Duncan Campbell: That is a concern with the filter. There is no detail, as ever. We start from ignorance, but it is, to my mind, inconceivable that the tasks anticipated for any filter could be done on data as it streams past. Therefore, what you are left with is the elephant in the room that surrounds this Bill, which is we must not call it a national database because that is what the last Government did. Therefore, database is avoided, but in fact database is essential.
I fear the Home Secretary has not been well served by her officials on this. One is not privy to what goes on, but the sense is, “Do not worry about this; it is all techie stuff you really do not need to know. Parliament does not need to bother its head. It is the big complex internet; we will sort it out.” Even if it was not this very sensitive and important area of legislation, what you look at with any knowledge of large public sector IT projects is massive expenditure, billions of pounds, on a future that is untested and on technology that seems incapable of being specified and that has not been described to the people whose equipment it will attach to. Let aside all of our other worries, the total gap in the information about how this will work means that there must be a very high probability that this will become yet the latest public sector, massive, cost-overrun IT boondoggle.
...
Duncan Campbell: I think this Bill is future-proof, but in the worst possible way. It is future-proof in the sense that the Home Secretary seeks to have the power to her and her successors, in the words of the Bill, to do anything they like once the universal surveillance engine is connected up to the entire national internet. So, for that reason, it is additionally terrifying.
The alternative would be to reset the mechanisms of surveillance and allow that there would need to be fluidity as new data sources came along. A surveillance commission, if that were to be recommended, with access to both human rights advocates and technical experts as well as senior judicial figures, could address that—and with as much transparency as possible, which is the opposite of where we are now. And it will not be Twitter that we will be talking about in six years’ time, it will be something completely new that no one has thought of now. So I do not think you can put in place a good future-proof Bill, but you could put in a transparent, thoughtful, representative system of reviewing how you adapt access to intercept and communications data as the technology changes."
What can I add except that this is incalculably important advice on and analysis of what is a really terrible bill.

The Open Rights Group, incidentally, are holding a joint event with Index on Censorship, on Saturday 24 November, 2pm - 6pm, at the Free Word Centre, Farringdon, London, to campaign against the Communications Data Bill. Author, activist, visiting senior lecturer and honorary graduate of the Open University, Cory Doctorow, is the headline speaker. Tickets are free and there will be other presentations by Liberty, Index, Big Brother Watch and FIPR plus workshops to explain the Bill.

Wednesday, November 14, 2012

Further evidence on the draft CDB

The House of Commons and House of Lords Joint Select Committee written evidence on the draft Communications Data Bill has now been updated to include submissions previously erroneously omitted, (including my own which now appears on pages 135 to 139 (origninally 580 to 584)* of the published evidence).

Additionally the (currently uncorrected) transcripts of the oral evidence of Keir Starmer, Duncan Campbell, Henry Porter and Caspar Bowden, Gus Husein and the Home Secretary, Theresa May, are now available.

Caspar Bowden's evidence, in particular, is essential reading.

* Now updated again and re-arranged in alphabetical order.

Tuesday, November 13, 2012

The MP, the outrage mob and Abu Qatada

A jury has decided that ex-MP Margaret Moran had committed 15 counts of false accounting and six counts of using a false instrument in relation to parliamentary expenses.

Interestingly, since the judge, defence and prosecution agreed that she was unfit to stand trial for mental health reasons, she can't be found guilty and sentenced to jail time.

No doubt a self-selecting proportion of the moral outrage mob, some of whom are currently in full flow over the release of Abu Qatada following the Special Immigration Appeals Commission (SIAC) decision yesterday that he can't be deported to Jordan, will say the Court is being soft on Ms Moran. There'll be accusations of faked illness and soft judges but this is probably more an example of the criminal justice system behaving appropriately and proportionately to the circumstances being assessed.

It's just a pity that the large numbers of people with mental health problems who have been sent to jail did not and do not get the consideration and treatment they need. As the Prison Reform Trust says, offering mental health and social care instead of custody would relieve pressure on prisons and could cut re offending rates.

The mob find it even harder to deal with the Abu Qatada case. WHY can't we GET RID OF the BAD MAN?!!!  Pick your choice of fall guys - the government, the judges, the courts, the EUROPEAN COURT, the HUMAN RIGHTS ACT, WHADABOUT MY HUMAN RIGHTS, the soft liberals, the list goes on. Someone on the radio this morning yelled he didn't care if Qatada got tortured - he deserved it.

Abu Qatada is on record as preaching hatred, supporting and inciting violence and has been alleged to have been directly involved in acts of terrorism. There are plenty of laws on the statute books in the UK that would enable him to be prosecuted and, most likely, convicted. The government chose instead to start the process of deporting him. It's taken years and he's still here, albeit he's spent most of that time in prison.

What are the latest reasons he cannot be sent away? The SIAC determined there were 2 key questions relating to whether evidence against Qatada obtained by torture would be used in his trial in Jordan.
"54.
The answers to two critical questions will determine whether there is a real risk that the impugned statements will be admitted probatively:
i)
Irrespective of the means by which they were obtained, are the impugned statements now admissible at all under Article 148.2 of the Code of Criminal Practice?
ii)
If they are, is there a real risk that they will be admitted even though there is a “real risk” that they have been obtained by torture? "
The angry mob really need to understand the Commission was not looking at whether Qatada was a bad guy but at whether Jordan would give him a fair trial, including avoiding the use of evidence obtained by torture.

The Commission take a look at the way the Jordanian justice system works, differing opinions on what might be allowable within the rules of the system, and whether the statements probably obtained by torture could be used in his trial (para 55 -  63).  They decide that none of the opposing professional opinions on whether the torture evidence statements could be used is definitive. The undeniable conclusion therefore must be that there is a real risk such statements could be admissible as evidence against Abu Qatada at his trial in Jordan:
"66.
Unless and until the Court of Cassation gives an authoritative ruling on the question, it must remain open. Both views are tenable... It is simply impossible for us to resolve these differences. Confronted with two tenable views of what Jordanian law provides, all that we can do is to return to the basic Strasbourg test: has the Secretary of State established that there is not a real risk that the impugned statements will be admitted probatively? To that question there can be only one answer: unless we can be confident that the court would not admit the impugned statements because they were tainted by the “real risk” of torture, the answer must be negative.
The Commission then goes on to look at whether alleged torture induced statements would be used in evidence, given there is a risk they could be admitted. They conclude that, even though Jordan's constitution was amended in 2011 to prohibit torture, people claiming they were tortured will still have the burden of proving that.
"72...It is likely to require a definitive ruling by the Court of Cassation or the newly established Constitutional Court... and place the burden of proof that the statements were not obtained by torture on the state prosecutor.
73. If the burden of proving that the impugned statements were obtained by torture is imposed on the appellant, it will be difficult to discharge. They were made over fourteen years and nearly twelve years ago respectively... The only means of eliminating a real risk that statements which may well have been obtained by torture will be admitted probatively at the appellant’s retrial would be for the burden of proving, to a high standard, that they were not, to be placed upon the prosecutor. Anything less gives rise to a real risk that they will be."
 They then conclude there remains a risk that Qatada will not get a fair trial in Jordan.
"Conclusion on the Article 6 issue
78.
The Secretary of State has not satisfied us that, on a retrial, there is no real risk that the impugned statements of Abu Hawsher and Al-Hamasher would be admitted probatively against the appellant. Until and unless a change is made to the Code of Criminal Procedure and/or authoritative rulings are made by the Court of Cassation or Constitutional Court which establish that statements made to a public prosecutor by accomplices who are no longer subject to criminal proceedings cannot be admitted probatively against a returning fugitive and/or that it is for the prosecutor to prove to a high standard that the statements were not procured by torture, that real risk will remain.
In spite of the angry radio phone-in caller's hopes that he will be tortured, the Commission also agree with the European Court of Human Rights (para 194 - 196) that there is little risk that Qatada will be tortured in Jordan, by agents of the state.
"Article 3
79.
In the light of our conclusions on the Article 6 issue, we can deal with the Article 3 issue more briefly than would otherwise have been required. SIAC has had to consider the history and circumstances of Jordan and the reliability of the assurances given by it to the United Kingdom in two judgments, handed down respectively on 26th February 2007 and 2nd November 2007 – Othman and VV. In both, SIAC concluded that the United Kingdom could safely accept solemn assurances given by the Jordanian state; and that those assurances removed the real risk that either appellant would suffer inhuman or degrading treatment at the hands of state agents in Jordan, for two fundamental reasons: the close and friendly relations which have existed at all levels in the governments of both countries for many decades; and the general coincidence of interests of the two countries in those aspects of international affairs which affect them both. The Strasbourg Court came to the same view for essentially the same reasons...
87.
We remain convinced that the government of Jordan can and will fulfil its assurances about the treatment of the appellant on return...Like the Strasbourg Court, we remain satisfied that those assurances provide, in their practical application, a sufficient guarantee that the appellant will be protected against the risk of ill-treatment by or at the behest of Jordanian state agents."
So, to summarise, we don't think he'll be tortured over there but his re-trial may be tainted by evidence obtained by torture. Where does this leave us?

Abu Qatada can smile on his release and the outrage mob can foam at their collective mouths and infer his evil satisfaction, but Ben Franklin was smarter than both them and me, and he reckoned "that it is better 100 guilty persons should escape than that one innocent person should suffer is a maxim that has been long and generally approved."

Why don't we just stick him on a plane and send him to Jordan anyway? The Italians only had to pay €15,000 each to people they wrongly deported to Libya and the Home Secretary could be a media heroine for a day or two. And as a cost benefit analysis, €15,000 or €20k or €50k or even €100k  is a lot cheaper than keeping him in jail and/or under constant surveillance and pursuing due process to get rid of him.

Well we live in a country where the government, by and large, respects the rule of law and the notion that it should apply to everyone, including the alleged bad guys. That's a good thing.

Alternately, it is possible the Home Secretary and other members of the government, in addition to wanting to protect the reputation of the UK, may be concerned about personal sanctions they might be subjected to, in the longer term, if they were to be complicit in ordering an illegal deportation.

Whatever the motivation, it is to the credit of the UK justice system that the Special Immigration Appeals Commission could continue to address this case through rational application of the rule of law, in spite of the pressures to facilitate Abu Qatada's deportation. The government will appeal the decision, as they should do, but if this man is to be deported it needs to be done by the book. Better still, if he is as dangerous and guilty as has been alleged, bring the evidence you have against him before a UK court and put him on trial here.