Thursday, March 24, 2016

Evidence to Public Committee examining Investigatory Powers Bill

There seem to have been 38 submissions of written evidence to the Public Parliamentary Committee scrutinising the Investigatory Powers Bill. Almost all raise significant concerns about the Bill. My tuppence worth has been published by the committee, much of it said here before.

Contributions from Center for Democracy & Technology (IPB36)Kevin Cahill (IPB37), the Bar Council (IPB38)Internet Service Providers Association (ISPA) (IPB31)Annie Machon (IPB16)Adrian Kennard (IPB13)Dr Paul Bernal, the Muslim Council of BritainIT-Political Association of Denmark (IPB20)Big Brother WatchtechUK (IPB27) are particularly recommended. I suspect the submission from Apple, Facebook, Google, Microsoft, Twitter and Yahoo (IPB21) will receive the most publicity.

Copy below of my contribution focusing primarily on the disproportionate nature of indiscriminate bulk personal data collection and retention. Excuse the dodgy formatting - Microsoft Word, in which I was obliged to submit the evidence, doesn't play nicely with Google's Blogger.

Submission to Investigatory Powers Bill Committee, 23 March, 2016

My name is Ray Corrigan. I’m a Senior Lecturer in the Maths, Computing & Technology Faculty of The Open University, though I write to you in a personal capacity.

Summary

1.       The Investigatory Powers Bill Public Committee is being required to analyse the long and complex Draft Investigatory Powers Bill in an unreasonably short timescale.
2.       I will focus this submission on one issue – the disproportionate nature of bulk collection and retention of communications data proposed in the Bill

Bulk collection & retention of communications data: circles of suspicion

1.       There is a fundamental misunderstanding at large in Westminster – the idea that collecting and retaining bulk personal data is acceptable as long as most of the data is only “seen” by computers and not human beings; and it will only be looked at by persons with the requisite authority with the aid of the Investigatory Powers Bill “filter” if it is considered necessary.  This is a seriously flawed but widely accepted line that has been promoted by successive governments for some years.

2.       The logical extension of such an argument is that we should place multiple sophisticated electronic audio, video and data acquisition recording devices in every corner of every inhabited or potentially inhabited space; thereby assembling data mountains capable of being mined to extract detailed digital dossiers on the intimate personal lives of the entire population. They won’t be viewed by real people unless it becomes considered necessary.

3.       Indeed with computers and tablets in many rooms in many homes, consumer health and fitness monitoring devices, interactive Barbie dolls, fridges, cars and the internet of things lining up every conceivable physical object or service to be tagged with internet connectivity, we may not be too far away from such a world already.[1]

4.       In the past two years both the Court of Justice of the European Union[2] and the European Court of Human Rights[3] have repeatedly rejected bulk indiscriminate personal data collection, retention and dissemination as incompatible with international human rights obligations.

5.       In Zakharov v Russia (2015) the European Court of Human Rights said authorisation for surveillance of phone communications “must clearly identify a specific person … or a single set of premises” and “that a system of secret surveillance … may undermine or even destroy democracy under the cloak of defending it”.

6.       In Szabo & Vissy v Hungary (2016) the European Court of Human Rights ruled those authorising surveillance must “verify whether sufficient reasons for intercepting a specific individual’s communications exist in each case.”

7.       Targeted not bulk surveillance is required.

8.       Leaving aside the legal situation, it is reasonable to suggest the guilty forfeit their right to privacy in connection with their nefarious activities. Authorities are entitled, also, to collect and peruse the data of the suspicious. Those in the suspicious category may be innocent but if law enforcement and the security services have a justifiable cause to harbour suspicion, they have a duty to investigate such persons. In the approach of the Investigatory Powers Bill the data of the innocent gets swept up in all this too. But that's not a problem, the government assures us, since law enforcement and the security services are not interested in the innocent.
9.       What do these circles of suspicion look like, however, if we consider relative proportions of guilty v suspicious v innocent by throwing some hypothetical numbers at the problem? Since successive government spokespersons for the past 16 years have talked in terms of thousands of dangerous individuals here, let’s start with the hypothesis that there might be 6,000 dangerous people and 600,000 suspicious types resident in the UK, in a population of a little over 60 million. If that is anywhere close to the real numbers the relative areas of our guilty, suspicious and innocents' circles look like this (with the innocent circle drawn first and the suspicious and guilty circles thrown on top) –
10.    So the collection – and/or the forced industry collection and retention for perusal by government authorities through the Investigatory Powers Bill “filter” – of everyone's data, in bulk, for investigatory purposes, begins to look somewhat disproportionate. And it is not just industry that may be obliged to collect this data. Data retention and other powers demands may even be visited upon those running private and home networks. (And equipment interference warrants - targeted, thematic and bulk – may also be targeted at private/home networks but that’s a whole other discussion which I’d recommend talking to Graham Smith, partner at Bird & Bird LLP, about). If the numbers of guilty rise to 600,000 and the suspicious to 6 million the picture changes again -
11.    By playing around with the relative numbers we can get a picture of how big we think the guilty and suspicious circles have to get, before we consider it proportionate to justify the bulk data collection and retention powers in the Investigatory Powers Bill.

12.    Even in that third scenario where it was assumed there were 600,000 guilty and 6 million suspicious, it doesn't look reasonable that the remaining 54 million or so innocents get dragged into the digital net of suspicion.

13.    The bottom line is that we only start to get a real picture of what the Investigatory Powers Bill bulk data collection and retention powers mean when we get into the detail of how they will operate or are expected to operate in practice.

14.    Internet connection records (ICRs) are one specific area of interest here, though it is still not clear, from the Bill or government explanations or associated documents, what exactly ICRs will be in practice. Government, or industry and others on government’s behalf, should not be collecting, indiscriminately, for perusal and analysis, primarily electronic or otherwise, the reading, viewing and listening lists and other online activities of the entire population. Especially not those of tens of millions of innocents. It constitutes an unnecessary and disproportionate abuse of power.

15.    I will conclude by drawing your attention to clause 78 of the latest version of the Bill, in which “relevant communications data” appears to be a catch all to cover the collection of just about any data. May I commend to you Graham Smith’s pictorial representation of what this appears to mean available with an informative commentary at http://cyberleagle.blogspot.co.uk/2016/03/relevant-communications-data-revisited.html

16.    As an engineer, s78 looks, to me, like this –
17.    Indiscriminate bulk personal data collection and retention should be removed in all its forms from the Bill.



[1] Executive Office of the President President’s Council of Advisors on Science and Technology Report to the President, [May, 2014], Big Data and Privacy: A Technological Perspective
[2] Digital Rights Ireland (C-293/12 AND 594/12, 2014), Google Spain v Gonzales (C-131/12, 2014), Schrems (C-362/14, 2015)
[3] Zakharov v Russia (Application no. 47143/06, 2015), Szabo & Vissy v Hungary (Application no. 37138/14, 2016)


Monday, March 21, 2016

Investigatory Powers Bill 2nd Reading Part 2: Dominic Grieve

Though I did not agree with them in their entirety, the contributions of Conservative Dominic Grieve and the SNP's Joanna Cherry were amongst the few well-informed inputs to the debate on the day of the 2nd reading of the Investigatory Powers Bill in the House of Commons on 15 March 2016. Mr Grieve's speech began at 2.53pm.

He explained the Intelligence and Security Committee, which he chairs, is satisfied that the government are justified, in broad terms, in seeking the powers in the Bill, including the bulk powers. The ISC also welcome the government's attempts through the Bill to bring greater transparency to surveillance powers and are keen to get away from the incomprehensibility of the Regulation of Investigatory Powers Act 2000.

The nature of the work done by the intelligence services, he said, means many of their powers need to be taken on trust. His experience as chair of the ISC and as Attorney General is that the agencies consistently act to high ethical standards. Yet even supposing, which to best of his knowledge is the case, none of these powers had ever been misused, it does not mean there should be no safeguards to prevent such misuse. Times and regimes change and standards might slip.

The committee were appreciative of the government making an effort to address some of their concerns. Mr Grieve welcomed movement relating to legal professional privilege but suspected there is still some way to go with this. The ISC were "disappointed that the Bill does not include a clear statement on overarching privacy protections" and the protections that are in it are piecemeal and unlikely to reassure the public. It was a missed opportunity in relation to such reassurance and the chance to consolidate all legislation relating to investigatory powers operations in one place. The government are leaving some of these powers in other legislation which will not help with transparency.

One of the ISCs most pressing concerns was the lack of consistency on safeguards relating to authorisation procedures for the examination of communications data. The government response to this was that it would be too burdensome for senior officers if they make the processes consistent. The unspoken suggestion from government is that we can rely on the authorities not to misbehave.

The ISC were also seriously concerned about the authorisation process for bulk equipment interference. They have since accepted reassurance from the government that there will be consistency between the authorisation of bulk equipment interference and bulk interception. But in both cases they are withholding their stamp of approval until they see satisfactory detailed safeguards.

A third substantial concern of the ISC was the authorisation process around bulk personal datasets. The bulk of this data relates to innocent people.  There can be no substantive oversight of the mass intrusion into the lives of vast numbers of innocent people, if class based authorisations remain in the Bill. Ministers should authorise retention of personal datasets. The government rejected this idea as "too onerous" for ministers. The ISC responded that there was therefore an opportunity to expand the role of investigatory powers commissioners in this area. Class based authorisation must be removed from the Bill and it is not an excuse to say they're needed but too difficult to monitor with the requisite degree of care to avoid abuse.

There were a whole collection of other issues Mr Grieve did not have time, in his alloted 8 minutes, to put to the House but he did want to conclude with two further important ones. Firstly the ISC has not seen the full list of operational purposes underpinning the bulk powers in the IP Bill. This is absolutely fundamental and he hopes the committee will get to see this list before the Bill gets passed and becomes law. They had seen examples of operational purposes which appeared valid as far as they went.

The last concern he raised was that the ISC felt it would be appropriate if they were given the power to raise any concerns they might develop over the use of investigatory powers to the Investigatory Powers Tribunal.

Mr Grieve rounded off by saying the Bill was important and well-intentioned and he would support the government on the 2nd reading but that there were still improvements to be made to respect fundamental liberties.

The impression I came away with is that Mr Grieve is well intentioned, has a good grasp of the legal issues but not necessarily of the technology. A collection of briefings from a smart and articulate collection of techies might go a long way to helping. I'd suggest perhaps Ross Anderson, John Naughton, Richard Clayton and Ian Brown to begin with.

And if any Open University T171 alumni trip across this piece, there was a lovely animation in that course demonstrating the difference between circuit and packet switching that could prove very instructive for any MP struggling with the notion that there is a difference beween itemised phone bills and internet connection records. There's a pdf capture of the website here. The animations I'm interested in would have come at the end of Module 2 Section 2.7 of that version of the course. If anyone has portable versions of those animations or links to archived versions I'd appreciate a copy or pointer.