Archive for the ‘Snoopers Charter’ Category

Read more inau.htm at MelonFarmers.co.uk

protecting the age of innocence Protecting the age of innocence

Report of the inquiry into age verification for online wagering and online pornography

House of Representatives Standing Committee on Social Policy and Legal Affairs

Executive SUmmary

The Committee’s inquiry considered the potential role for online age verification in protecting children and young people in Australia from exposure to online wagering and online pornography.

Evidence to the inquiry revealed widespread and genuine concern among the community about the serious impacts on the welfare of children and young people associated with exposure to certain online content, particularly pornography.

The Committee heard that young people are increasingly accessing or being exposed to pornography on the internet, and that this is associated with a range of harms to young people’s health, education, relationships, and wellbeing. Similarly, the Committee heard about the potential for exposure to online wagering at a young age to lead to problem gambling later in life.

Online age verification is not a new concept. However, the Committee heard that as governments have sought to strengthen age restrictions on online content, the technology for online age verification has become more sophisticated, and there are now a range of age-verification services available which seek to balance effectiveness and ease-of-use with privacy, safety, and security.

In considering these issues, the Committee was concerned to see that, in so much as possible, age restrictions that apply in the physical world are also applied in the online world.

The Committee recognised that age verification is not a silver bullet, and that protecting children and young people from online harms requires government, industry, and the community to work together across a range of fronts. However, the Committee also concluded that age verification can create a significant barrier to prevent young people—and particularly young children—from exposure to harmful online content.

The Committee’s recommendations therefore seek to support the implementation of online age verification in Australia.

The Committee recommended that the Digital Transformation Agency lead the development of standards for online age verification. These standards will help to ensure that online age verification is accurate and effective, and that the process for legitimate consumers is easy, safe, and secure.

The Committee also recommended that the Digital Transformation Agency develop an age-verification exchange to support a competitive ecosystem for third-party age verification in Australia.

In relation to pornography, the Committee recommended that the eSafety Commissioner lead the development of a roadmap for the implementation of a regime of mandatory age verification for online pornographic material, and that this be part of a broader, holistic approach to address the risks and harms associated with online pornography.

In relation to wagering, the Committee recommended that the Australian Government implement a regime of mandatory age verification, alongside the existing identity verification requirements. The Committee also recommended the development of educational resources for parents, and consideration of options for restricting access to loot boxes in video games, including though the use of age verification.

The Committee hopes that together these recommendations will contribute to a safer online environment for children and young people.

Lastly, the Committee acknowledges the strong public interest in the inquiry and expresses its appreciation to the individuals and organisations that shared their views with the Committee.

Read more gcnews.htm at MelonFarmers.co.uk

European court buildings The European Court of Human Rights (ECtHR) has found that the UK’s mass surveillance programmes, revealed by NSA whistleblower Edward Snowden, did not meet the quality of law requirement and were incapable of keeping the interference to what is necessary in a democratic society.

The landmark judgment marks the Court’s first ruling on UK mass surveillance programmes revealed by Mr Snowden. The case was started in 2013 by campaign groups Big Brother Watch, English PEN, Open Rights Group and computer science expert Dr Constanze Kurz following Mr Snowden’s revelation of GCHQ mass spying.

Documents provided by Mr Snowden revealed that the UK intelligence agency GCHQ were conducting population-scale interception, capturing the communications of millions of innocent people. The mass spying programmes included TEMPORA, a bulk data store of all internet traffic; KARMA POLICE, a catalogue including a web browsing profile for every visible user on the internet; and BLACK HOLE, a repository of over 1 trillion events including internet histories, email and instant messenger records, search engine queries and social media activity.

The applicants argued that the mass interception programmes infringed UK citizens’ rights to privacy protected by Article 8 of the European Convention on Human Rights as the population-level surveillance was effectively indiscriminate, without basic safeguards and oversight, and lacked a sufficient legal basis in the Regulation of Investigatory Powers Act (RIPA).

In its judgment, the ECtHR acknowledged that bulk interception is by definition untargeted ; that there was a lack of oversight of the entire selection process, and that safeguards were not sufficiently robust to provide adequate guarantees against abuse.

In particular, the Court noted concern that the intelligence services can search and examine “related communications data” apparently without restriction — data that identifies senders and recipients of communications, their location, email headers, web browsing information, IP addresses, and more. The Court expressed concern that such unrestricted snooping could be capable of painting an intimate picture of a person through the mapping of social networks, location tracking, Internet browsing tracking, mapping of communication patterns, and insight into who a person interacted with.

The Court acknowledged the importance of applying safeguards to a surveillance regime, stating:

In view of the risk that a system of secret surveillance set up to protect national security may undermine or even destroy democracy under the cloak of defending it, the Court must be satisfied that there are adequate and effective guarantees against abuse.’

The Government passed the Investigatory Powers Act (IPA) in November 2016, replacing the contested RIPA powers and controversially putting mass surveillance powers on a statutory footing.

However, today’s judgment that indiscriminate spying breaches rights protected by the ECHR is likely to provoke serious questions as to the lawfulness of bulk powers in the IPA.

Jim Killock, Executive Director of Open Rights Group said:

Viewers of the BBC drama, the Bodyguard, may be shocked to know that the UK actually has the most extreme surveillance powers in a democracy. Since we brought this case in 2013, the UK has actually increased its powers to indiscriminately surveil our communications whether or not we are suspected of any criminal activity.

In light of today’s judgment, it is even clearer that these powers do not meet the criteria for proportionate surveillance and that the UK Government is continuing to breach our right to privacy.

Silkie Carlo, director of Big Brother Watch said:

This landmark judgment confirming that the UK’s mass spying breached fundamental rights vindicates Mr Snowden’s courageous whistleblowing and the tireless work of Big Brother Watch and others in our pursuit for justice.

Under the guise of counter-terrorism, the UK has adopted the most authoritarian surveillance regime of any Western state, corroding democracy itself and the rights of the British public. This judgment is a vital step towards protecting millions of law-abiding citizens from unjustified intrusion. However, since the new Investigatory Powers Act arguably poses an ever greater threat to civil liberties, our work is far from over.

Antonia Byatt, director of English PEN said:

This judgment confirms that the British government’s surveillance practices have violated not only our right to privacy, but our right to freedom of expression too. Excessive surveillance discourages whistle-blowing and discourages investigative journalism. The government must now take action to guarantee our freedom to write and to read freely online.

Dr Constanze Kurz, computer scientist, internet activist and spokeswoman of the German Chaos Computer Club said:

What is at stake is the future of mass surveillance of European citizens, not only by UK secret services. The lack of accountability is not acceptable when the GCHQ penetrates Europe’s communication data with their mass surveillance techniques. We all have to demand now that our human rights and more respect of the privacy of millions of Europeans will be acknowledged by the UK government and also by all European countries.

Dan Carey of Deighton Pierce Glynn, the solicitor representing the applicants, stated as follows:

The Court has put down a marker that the UK government does not have a free hand with the public’s communications and that in several key respects the UK’s laws and surveillance practices have failed. In particular, there needs to be much greater control over the search terms that the government is using to sift our communications. The pressure of this litigation has already contributed to some reforms in the UK and this judgment will require the UK government to look again at its practices in this most critical of areas.

Read more gcnews.htm at MelonFarmers.co.uk

Old BaileyHigh Court judges have given the UK government six months to revise parts of its Investigatory Powers Act. The government has been given a deadline of 1 November this year to make the changes to its Snooper’s Charter.Rules governing the British surveillance system must be changed quickly because they are incompatible with European laws, said the judges.

The court decision came out of legal action by human rights group Liberty. It started its legal challenge to the Act saying clauses that allow personal data to be gathered and scrutinised violated citizens’ basic rights to privacy.

The court did not agree that the Investigatory Powers Act called for a general and indiscriminate retention of data on individuals, as Liberty claimed. However in late 2017, government ministers accepted that its Act did not align with European law which only allows data to be gathered and accessed for the purposes of tackling serious crime. By contrast, the UK law would see the data gathered and held for more mundane purposes and without significant oversight.

One proposed change to tackle the problems was to create an Office for Communications Data Authorisations that would oversee requests to data from police and other organisations.

The government said it planned to revise the law by April 2019 but Friday’s ruling means it now has only six months to complete the task.

Martha Spurrier, director of Liberty, said the powers to grab data in the Act put sensitive information at huge risk.

Javier Ruiz, policy director at the Open Rights Group which campaigns on digital issues, said:

We are disappointed the court decided to narrowly focus on access to records but did not challenge the general and indiscriminate retention of communications data.

Read more gcnews.htm at MelonFarmers.co.uk

Home Offie logoSenior police officers are to lose the power to self-authorise access to personal phone and web browsing records under a series of late changes to the snooper’s charter law proposed by ministers in an attempt to comply with a European court ruling on Britain’s mass surveillance powers.A Home Office consultation paper published on Thursday also makes clear that the 250,000 requests each year for access to personal communications data by the police and other public bodies will in future excluded for investigations into minor crimes that carry a prison sentence of less than six months.

But the government says the 2016 European court of justice (ECJ) ruling in a case brought by Labour’s deputy leader, Tom Watson , initially with David Davis, now the Brexit secretary, does not apply to the retention or acquisition of personal phone, email, web history or other communications data by national security organisations such as GCHQ, MI6 or MI5, claiming that national security is outside the scope of EU law.

The Open Rights Group has been campaigning hard on issues of liberty and privacy and writes:

See  article from openrightsgroup.org

open rights group 2016 logo This is major victory for ORG, although one with dangers. The government has conceded that independent authorisation is necessary for communications data requests, but refused to budge on retained data and is pushing ahead with the Request Filter, to enable rapid interrogation and analysis of the stored communications data.

Adding independent authorisation for communications data requests will make the police more effective, as corruption and abuse will be harder. It will improve operational effectiveness, even if less data is used during investigations and trust in the police should improve.

Nevertheless the government has disregarded many key elements of the judgment

  • It isn’t going to reduce the amount of data retained

  • It won’t notify people whose data is used during investigations

  • It won’t keep data within the EU, instead it will continue to transfer it, presumably specifically to the USA

  • The Home Office has opted for a six month sentence definition of serious crime rather than the Lords’ definition of crimes capable of sentences of at least one year.

These are clear evasions and abrogations of the judgment. The mission of the Home Office is to uphold the rule of law. By failing to do what the courts tell them, the Home Office is undermining the very essence of the rule of law.

If the Home Office won’t do what the highest courts tell it to do, why should anybody else? By picking and choosing the laws they are willing to care about, they are playing with fire.

There was one final surprise. The Code of Practice covers the operation of the Request Filter . Yet again we are told that this police search engine is a privacy safeguard. We will now run through the code in fine detail to see if any such safeguards are there. On a first glance, there are not.

If the Home Office genuinely believe the Request Filter is a benign tool, they must rewrite this section to make abundantly clear that it is not a mini version of X-Keyscore (the NSA / GCHQ’S tool to trawl their databases of people linked to their email and web visits) and does not operate as a facility to link and search the vast quantities of retained and collected communications data.

Read more gcnews.htm at MelonFarmers.co.uk

European court buildingsOn Tuesday 7 November, three joined cases brought by civil liberties and human rights organisations challenging UK Government surveillance will be heard in the Grand Chamber of the European Court of Human Rights (ECtHR).

Big Brother Watch and Others v UK will be heard alongside 10 Human Rights Organisations and Others v UK and the Bureau of Investigative Journalism and Alice Ross v UK, four years after the initial application to the ECtHR.

Big Brother Watch, English PEN, Open Rights Group and Dr Constanze Kurz made their application to the Court in 2013 following Edward Snowden’s revelations that UK intelligence agencies were running a mass surveillance and bulk communications interception programme, TEMPORA, as well as receiving data from similar US programmes, PRISM and UPSTREAM, interfering with UK citizens’ right to privacy.

The case questions the legality of the indiscriminate surveillance of UK citizens and the bulk collection of their personal information and communications by UK intelligence agencies under the Regulation of Investigatory Powers Act (RIPA). The UK surveillance regime under RIPA was untargeted, meaning that UK citizens’ personal communications and information was collected at random without any element of suspicion or evidence of wrongdoing, and this regime was effective indefinitely.

The surveillance regime is being challenged on the grounds that there was no sufficient legal basis, no accountability, and no adequate oversight of these programmes, and as a result infringed UK citizens’ Article 8 right to a private life.

In 2014, the Bureau of Investigative Journalism made an application to the ECtHR, followed by 10 Human Rights Organisations and others in 2015 after they received a judgment from the UK Investigatory Powers Tribunal. All three cases were joined together, and the Court exceptionally decided that there would be a hearing.

The result of these three cases has the potential to impact the current UK surveillance regime under the Investigatory Powers Act. This legal framework has already been strongly criticized by the Court of Justice of the European Union in Watson . A favourable judgment in this case will finally push the UK Government to constrain these wide-ranging surveillance powers, implement greater judicial control and introduce greater protection such as notifying citizens that they have been put under surveillance.

Daniel Carey of Deighton Pierce Glynn, solicitor for Big Brother Watch, Open Rights Group, English PEN and Constanze Kurz, said:

Historically, it has required a ruling from this Court before improvements in domestic law in this area are made. Edward Snowden broke that cycle by setting in motion last year’s Investigatory Power Act, but my clients are asking the Court to limit bulk interception powers in a much more meaningful way and to require significant improvements in how such intrusive powers are controlled and reported.

Griff Ferris, Researcher at Big Brother Watch, said:

This case raises long-standing issues relating to the UK Government’s unwarranted intrusion into people’s private lives, giving the intelligence agencies free reign to indiscriminately intercept and monitor people’s private communications without evidence or suspicion.

UK citizens who are not suspected of any wrongdoing should be able to live their lives in both the physical and the digital world safely and securely without such Government intrusion.

If the Court finds that the UK Government infringed UK citizens’ right to privacy, this should put further pressure on the Government to implement measures to ensure that its current surveillance regime doesn’t make the same mistakes.

Antonia Byatt, Interim Director of English PEN, said:

More than four years since Edward Snowden’s revelations and nearly one year since the Investigatory Powers Act was passed, this is a landmark hearing that seeks to safeguard our privacy and our right to freedom of expression.

The UK now has the most repressive surveillance legislation of any western democracy, this is a vital opportunity to challenge the unprecedented erosion of our private lives and liberty to communicate.

Jim Killock, Executive Director of Open Rights Group, said:

Mass surveillance must end. Our democratic values are threatened by the fact of pervasive, constant state surveillance. This case gives the court the opportunity to rein it back, and to show the British Government that there are clear limits. Hoovering everything up and failing to explain what you are doing is not acceptable.

Read more gcnews.htm at MelonFarmers.co.uk

arms of the british governmentjpg logoAmong the many unpleasant things in the Investigatory Powers Act that was officially signed into law this week, one that has not gained as much attention is the apparent ability for the UK government to undermine encryption and demand surveillance backdoors.As the bill was passing through Parliament, several organizations noted their alarm at section 217 which obliged ISPs, telcos and other communications providers to let the government know in advance of any new products and services being deployed and allow the government to demand technical changes to software and systems.

Communications Service Providers (CSP) subject to a technical capacity notice must notify the Government of new products and services in advance of their launch, in order to allow consideration of whether it is necessary and proportionate to require the CSP to provide a technical capability on the new service.

As per the final wording of the law, comms providers on the receiving end of a technical capacity notice will be obliged to do various things on demand for government snoops — such as disclosing details of any system upgrades and removing electronic protection on encrypted communications.

Read more UK Parliament Watch at MelonFarmers.co.uk

House of Commons logo The UK government has introduced an amendment to the Investigatory Powers Bill currently going through Parliament, to make ensure that data retention orders cannot require ISPs to collect and retain third party data. The Home Office had previously said that they didn’t need powers to force ISPs to collect third party data, but until now refused to provide guarantees in law.Third party data is defined as communications data (sender, receiver, date, time etc) for messages sent within a website as opposed to messages sent by more direct methods such as email. It is obviously a bit tricky for ISPs to try and decode what is going on within websites as messaging data formats are generally proprietary, and in the general case, simply not de-cypherable by ISPs.

The Government will therefore snoop on messages sent, for example via Facebook, by demanding the communication details from Facebook themselves.

Read more UK Government Watch at MelonFarmers.co.uk

the haystack video The Haystack is a new documentary , released today by Scenes of Reason , bringing together leading lights for and against the UK’s Investigatory Powers Bill. This unprecedented piece of legislation, which is now under parliamentary scrutiny, seeks to affirm and expand the surveillance remit of UK security services and other departments, including new powers for the police to access internet connection records — a database of the public’s online activity over the previous 12 months.

The film provides an excellent roundup of arguments on both sides of the tortuous surveillance debate, including Conservative MP Johnny Mercer echoing the well-worn refrain, if you have nothing to hide, you have nothing to fear. Jim Killock of the Open Rights Group , speaking at the film’s launch, quipped that Mr Mercer might feel a bit different if it were the left-wing government of Jeremy Corbyn and John McDonnell wielding these powers. Indeed, as far-right parties attract support around Europe and the world, the likelihood increases of tremendous state surveillance becoming the plaything of ever more abusive regimes.

The immense capabilities contained within the bill are unpalatable in the hands of any authority — they are all too easily harnessed to undermine perfectly reasonable political opposition and judicial work. By way of example, the film outlines one such case where the current UK government improperly gained access to privileged details of a court case against it. In this light, the bill seems an intolerable threat to democracy and free expression.

Voices of concern from the security community , such as Sir David Omand, ex-GCHQ chief, explain that precautions against terrorism require more spying. Others reject this, noting that security services have failed to act on intelligence when they do have it — spending enormous sums on digital surveillance only reduces their efficacy in the realm of traditional detective work. Moreover, those costs, to be borne by government and industry, are excessive at a time of cuts to other public services designed to protect us from more conventional enemies, such as disease.

The debate is winding — this film helps straighten things out.

Watch the whole documentary here .

Read more UK Parliament Watch at MelonFarmers.co.uk

House of Commons logo Tuesday saw the first debate of the Investigatory Powers Bill in the House of Commons.The debate raised some useful arguments, but many speeches avoided the key point: that the Bill would bring in a huge, unparalleled extension of surveillance powers that had never been debated by MPs before.

The Open Rights Group, ORG, will be proposing amendments to change the Bill. It’s unfit for purpose at the moment, permitting and extending mass surveillance. We’re particularly concerned about the lack of discussion of the filter which turns retained data into a massive searchable police database of your location, phone and Internet data. We’ve delved into the significant new powers for the police below.

Open Rights Group logo The debate on the Investigatory Powers Bill has focused a lot on the new extension to police powers, and the collection of Internet Connection Records to keep a log of everyone’s web browsing. Critics like myself worry about the ability this creates to see into everyone’s most intimate thoughts and feelings; while proponents are prone to say that the police will never have time to look at irrelevant material about innocent people.

However, the really novel and threatening part of this proposal isn’t being given anywhere near the level of attention needed.

The truly groundbreaking proposal is the filter , which could be seen as a government Google search to trawl your call records, Internet and location data. The filter is clearly named so that it sounds helpful, perhaps boring or else maybe something that filters down information so that it is privacy friendly. It is anything but. It is so intrusive and worrying, I would rather you think of the Filter as the PHILTRE: the Police Held Internet Lets Them Read Everything.

Remember when these proposals started, back in the late 2000s, under the last Labour government? Maybe not, but that’s how long Home Office officials have been trying to make this happen. Their original plan was to build a single database that would store everything they could find about who you email, message and what you read?, and where you are, as logged by your mobile phone. Place all that information in a single searchable database and the dangers become obvious. So obvious that the Conservative opposition was up in arms.

How on earth would you stop abuse, if all this information was placed into a single database? Surely, it would lead to fishing trips, or police searches to find lists of all the environmental protesters, trades unionists or libertarians, and to identify who it is that seem to be their leaders? How would you stop the police from producing pre-arrest lists of miscreants before demonstrations, or from deciding to infiltrate certain public meetings? Indeed, who would be able to resist using the database from working out who was at the location of relatively petty offenses, perhaps of littering or vandalism, or calculating who had been speeding by examining everyone’s mobile phone location data.

So the current government does not want try to hoard everyone’s data into a single database. Instead, they’ve come up with the PHILTRE, which can query lots of smaller, separate databases held by each private company. As this PHILTRE can be applied to separate data stores, all at once, we are in effect back with a proposal for a single government database and all the same problems — but in a way that government can claim that it is not a single government database .

But as long as the data can be queried and sorted in parallel, it becomes immensely powerful and just as intrusive. For instance, for a journalist to protect against revealing a whistleblower, they would need to avoid not just phoning them, but meeting them while both were carrying their mobiles and creating matching location logs. All of the profiling and fishing expeditions are just as easily achievable.

Most worrying is the authorisation process. Police, agencies and tax authorities will continue to authorise their own access of our personal data, just as they do today with phone call records — there’s not a judge anywhere near the day to day use of this search facility.

The Home Office is selling this Google-style search through the population’s mind as a privacy enhancement. Only the relevant search results will be returned. Masses of irrelevant information about other people will not have to be given to officers. They give the example of mobile phone mast data — where the filter could cut the required information down to just that about the person you need to know about.

This might sometimes be true. But two things make me suspect this is a highly partial story. For one thing, the search engine can tell you about the kinds of things it thinks it might tell you — perhaps social graphs, location histories, dodgy website visits, organisations supported — before you ask it. This is to educate and help police get the right information. It is also an invitation to make increasing use of the tool. If it is limited in its purpose, this seems an unnecessary step.

Secondly, there are no limits to what results the search engine might be asked to produce. Nothing for instance, says that only a single person or place can be searched against, so that only one person’s contacts might be returned, or just the people at a single crime scene. Thus the prospect of fishing trips is given no legislative limit. The only serious limit is that this information might be kept for no longer than 12 months.

For years privacy campaigners have been trying to explain how your web history and location data can be dangerous tools for personal and whole population surveillance. Now it seems the UK government wants to engage in a whole population experiment to show us what it really means. Parliament, the courts, but most of all, you, can help stop them.

Read more UK Government Watch at MelonFarmers.co.uk

letter writing The UK’s investigatory powers bill receives its second reading on Tuesday. At present the draft law fails to meet international standards for surveillance powers. It requires significant revisions to do so.

First, a law that gives public authorities generalised access to electronic communications contents compromises the essence of the fundamental right to privacy and may be illegal. The investigatory powers bill does this with its bulk interception warrants and bulk equipment interference warrants .

Second, international standards require that interception authorisations identify a specific target — a person or premises — for surveillance. The investigatory powers bill also fails this standard because it allows targeted interception warrants to apply to groups or persons, organisations, or premises.

Third, those who authorise interceptions should be able to verify a reasonable suspicion on the basis of a factual case. The investigatory powers bill does not mention reasonable suspicion — or even suspects — and there is no need to demonstrate criminal involvement or a threat to national security.

These are international standards found in judgments of the European court of justice and the European court of human rights, and in the recent opinion of the UN special rapporteur for the right to privacy. At present the bill fails to meet these standards — the law is unfit for purpose. The stories you need to read, in one handy email Read more

If the law is not fit for purpose, unnecessary and expensive litigation will follow, and further reform will be required. We urge members of the Commons and the Lords to ensure that the future investigatory powers legislation meets these international standards. Such a law could lead the world.

Paul Ridge, Jaani Riordan, Patrick Roche, Deborah Russo, Adam Sandell, Joseph Savirimuthu, Anton Schutz, Dr Kirsteen Shields, Bethany Shiner, Gus Silverman, Natasha Simonsen, Martha Spurrier, Alison Stanley, Angela Stevens, Dr Sujitha Subramanian, Samantha Taylor, Gwawr Thomas, Anna Thwaites, Chris Topping, Dr Maria Tzanou, Anthony Vaughan, Dr Asma Vranaki, John Wadham, Adam Wagner, Amos Waldman, Liam Walker, Tony Ward, Camille Warren, Sue Willman, Dr Maggie Wykes, Adrienne Yong, Dr Alison Young, Dr Hakeem O Yusuf, Dr Aldo Zammit Borda, Dr Reuven Ziegler, Dr Stephen J Murdoch University College London, Helen Mowatt, Imran Khan, Kemi Spector, Dr Gavin W Anderson University of Glasgow, Colin Murray Newcastle University, Aidan O’Donnell University of Strathclyde, Professor Daniel Wilsher City University, Mikhil Karnik, Conor McCormick Queen’s University Belfast, Professor Valsamis Mitsilegas Queen Mary University of London, Graeme Hall, Christopher McCorkindale University of Strathclyde,