Investigatory Powers Bill

November 22, 2016

The UK government has passed the Investigatory Powers Bill. This, according to the Guardian, “legalises a whole range of tools for snooping and hacking by the security services unmatched by any other country in western Europe or even the US”.

In truth, it merely legalizes what the government has been doing for years anyway – just consider what Ed Snowden revealed about the USA (via the NSA)n and the UK (via GCHQ) and their nasty snooping.  Indeed, Snowden said in Laura Poitras’ documentary film Citizenfour that GCHQ were spying illegally far more than the villainous NSA!  (I advise everyone to see Citizenfour – it’s widely available on bittorrent, check the Pirate Bay Proxy List for available downloads).

The Guardian rightly describes this new law-in-waiting “extreme surveillance”.  Also noted that it passed “with barely a whimper” – which is, of course, due to the atmosphere of heightened tension over “terrorist plots” that has hung over us for 15 years, since the Twin Towers atrocity.

We all need to use encryption and to anonymize as much as possible.  But as the companies that carry the bulk of internet traffic are in either UK or USA, it doesn’t look good. But try to get into encryption anyway – for everything – it’s the technical equivalent of putting your email in an envelope.  Would you be comfortable writing all your correspondence on the back of postcards, knowing that just anyone can read it?

 

7


The draft “snooper’s charter” does not protect people’s privacy says Commons intelligence committee

February 9, 2016

The intelligence and security committee, set up by prime minister David Cameron to scrutinise new investigatory law, has said that home secretary Theresa May’s draft “snooper’s charter” bill “fails to cover all the intrusive spying powers of the security agencies and lacks clarity in its privacy protections.”

The unexpectedly critical intervention by the intelligence and security committee comes just days before a key scrutiny committee of MPs and peers is to deliver its verdict on the draft legislation aimed at regulating the surveillance powers of the security agencies.

Central to the committee’s complaint is the fact that privacy is an add-on to the bill, rather than being an integral backbone of the proposed legislation.

The ISC said in its report that it supported the government’s intention to provide greater transparency around the security services’ intrusive powers in the aftermath of the Edward Snowden mass surveillance disclosures.

“It is nevertheless disappointing that the draft bill does not cover all the agencies’ intrusive capabilities – as the committee recommended last year,” said Dominic Grieve, former Conservative attorney general and chair of the committee.

The committee had expected to find that privacy would form an integral part of the bill, around which the legislation would be built.  But instead it seems that privacy concerns are an afterthought, and the legislation is not at all transparent in this regard.

“Given the background to the draft bill and the public concern over the allegations made by Edward Snowden in 2013, it is surprising that the protection of people’s privacy – which is enshrined in other legislation – does not feature more prominently,” said the committee, which also proposed three amendments to the bill:

  • On “equipment interference” or computer hacking powers, the ISC said the bill only covered the use of these powers to gather intelligence and did not regulate their use for attack purposes.
  • On “bulk personal datasets” – data bought or obtained from other bodies – it said these included personal information about a large number of individuals that was sufficiently intrusive to require a specific warrant. The bill’s provision for “class bulk dataset warrants” should therefore be deleted.
  • On “communications data”, it said the government’s approach was inconsistent and confusing and clear safeguards needed to be set out on the face of the bill.

“We consider these changes necessary if the government is to bring forward legislation which provides the security and intelligence agencies with the investigatory powers they require, while protecting our privacy through robust safeguards and controls,” Dominic Grieve said.

I believe that any future legislation should ensure that proper warrants from judges are required before investigators can begin retrieving personal data.  There may be occasions when urgency demands authorization from the home secretary; but in general permission should be sought from a judge, not a politician; and there should be real evidence to prove that intrusion into privacy is needed.  This seems to me a no-brainer: just as the police need a warrant before they can search private premises, so investigators should need a warrant before rooting through an individual’s private data and communications.

It seems that the government wants enshrined in law the illegal powers the intelligence and security services were found to use thanks to NSA whistle-blower Edward Snowden’s revelations.  For instance, GCHQ, with its TEMPORA program, has been sifting through the private communications that pass through the underwater cables between Britain and the USA.  Such bulk collection of data should not be allowed.  If the security services believe that an individual is communicating data about unlawful plots, they should present a judge with their evidence and the judge can then decide if data collection is called for. The idea of allowing Theresa May to micro-manage cases is ludicrous: she is not in a position to make judgement calls of this nature while also carrying out her other duties.  The result of the proposed bill would be the home secretary signing off on cases she knows nothing about: basically giving the police and intelligence and security agencies a blank cheque.

Invasion of privacy is a serious matter, and a citizen’s right to privacy should be breached only if there is a good reason.  A judge would be better placed to make this call than a politician in London who has neither the time nor resources to check each case on its merits.  When agencies are given carte blanche to do whatever they want, history indicates that they go too far.  They need to be reigned in.

 

giffgaff1

CLICK ON STEWIE FOR AMAZING MOBILE DEALS!!

 


Tracking jihadis on Twitter

January 19, 2015

Interesting article in the Guardian, on how social media experts are tracking and identifying foreign fighters in Syria and Iraq. These analysts work for the International Centre for the Study of Radicalisation and Political Violence (ICSR), at King’s College London. The ICSR is “the first global initiative of its type” and is frequently contacted by counter-terrorism officers “hungry for information on the continuing flow of Britons to the ranks of Isis.”

The ICSR claims to have greater success in tracking fighters than any government-run organisation, even though its resources and its access to information is much more limited than those available to the likes of MI6 and the CIA. According to the article, Professor Peter Neumann, the leader of the team, says hat blanket surveillance is not effective unless you have the skills to decode the information acquired.

Neumann said that the centre had built an enviable repository of online data from open sources – tricks that the security services are keen to learn and replicate, although the ICSR refuses to hand over data to the intelligence agencies. He added that the databases were compiled using legal means, with no hacking of accounts or even the use of fake online profiles.

“We are using information that is openly accessible to anyone who wants to look. Over the years we’ve become quite clever, but none of what we’re doing involves hacking and obviously we do not have special powers granted to us by the authorities,” said Neumann, who advocates a more targeted approach to intelligence-gathering rather than reliance on mass surveillance techniques.

So the strategy employed by the NSA and GCHQ is less effective. They collect huge amounts of information but do’t know what to do with it. Whereas the ICSR’s more targeted approach yields much better quality intelligence. For example, Shiraz Maher, senior fellow at the centre, has a good grasp on what jihadis are like because he actually orchestrates conversations with fighters over Facebook and Twitter. He says “From an intelligence perspective, social media allows us to gauge their mood and gives opportunities to perhaps create or exploit dissent. Before social media you would have needed to have recruited spies.”

An example of this ability to gauge the mood of ISIS fighters and their supporters is provided by Melanie Smith, another ICSR research fellow. She told the Guardian There’s been some grumblings recently. Some of the British women have been complaining because it’s the depths of winter and there’s no electricity. The water’s been so cold they can’t do their washing and their kids are getting sick.” Obviously, knowledge of the enemy’s state of morale can be extremely useful when planning operations.

"Jihadi John", British ISIS fighter involved in the killings of Western hostages.  Photo from Wikipedia

“Jihadi John”, British ISIS fighter involved in the killings of Western hostages. Photo from Wikipedia

Professor Neumann says that if he had had a larger team 2 years ago, the ICSR would have been able to identify “Jihadi John”, the British ISIS fighter involved in the killings of several US and British hostages. As it is, the ICSR can only assert that the extremist is not Londoner Abdel-Majed Abdel Bary, as claimed by the media.

So the experts believe that the approach espoused by Western leaders such as David Cameron and his beloved snooper’s charter is wrong. What is needed is targeted intelligence gathering and surveillance of named individuals. And where will these names come from? Well, if the ICSR has been able to identify fighters using only information that is already in the public domain, imagine how much more they could do with warrants and access to restricted files. This could all be done within the current legal framework, with no need for snoopers’ charters and large-scale trawling of everyone’s communications.

Locations of visitors to this page


free web stat


‘We can intercept your Google and Facebook activity all we want, so screw you!’ says UK government

June 17, 2014

The British government has for the first time spelt out why it thinks it has the right to snoop on our Google, Facebook and other internet traffic all it wants.

Charles Farr, the Director General of the Office for Security and Counter Terrorism, has made a statement (available here) that claims according to UK law the security services only need to get warrants to snoop on communications from one UK party to another. Traffic to and from services like Google (which includes Gmail) and Facebook are classed as “external communications”, for which no warrants are required.

This is horrendous. The internet is a network of networks, many of which are in other countries. So a large amount of our online activity will be transferred via networks in the USA and other countries even if the activity is practically domestic. If you send an email via Gmail to another UK citizen, the government classes it as an “external communication”. The same will be true of activity on Facebook, Twitter, and a great many other services, even though your intention is to communicate or share with other UK residents. Tempora, the program run by the British snooping agency GCHQ, gathers data and metadata, then shares it with the NSA. This means that practically all our online activities are stored, and can be used in fishing expeditions, even though GCHQ or NSA do not suspect you of any potentially criminal activity. Tempora is a “buffer” which stores internet data for 3 days and metadata for 30 days. GCHQ’s computers sift through all this data, storing anything that is “of interest”, which means that online privacy really is nonexistent. Which is what many of us have assumed for ages (especially after Edward Snowden’s revelations), but now it’s official.

What really exasperates me is that major criminals and terrorists will be taking steps to avoid this already, for example by using a VPN (Virtual Private Network). The real victims of GCHQ’s activities are us ordinary joes who are not engaged in criminal conspiracies but who want privacy (like people who send letters in sealed envelopes rather than postcards). We could encrypt our communications; but how many of us want to do this? and I’ll bet Tempora looks out for encrypted traffic and logs it as suspect.

The law needs changing. But that’s not going to happen. Why would the government give up these powers? So, I’m going to use my VPN account when I go online, and I advise everyone else to do the same. Tempora’s alarms will be set off by my suspicious activity; but if everyone is doing it GCHQ’s systems will overload. I hope. Remember, GCHQ has supercomputers and massive storage facilities. Big Brother, man! 1984 man!

Locations of visitors to this page


free web stat


UK’s TEMPORA eavesdropping programme could be worse than USA’s PRISM

July 13, 2013

I don’t know what I’ve been doing for the past month, but it isn’t very effective. I thought I’d been keeping an eye on the Edward Snowden/PRISM situation, but I only just found out about GCHQ’s eavesdropping programme TEMPORA.

According to the Guardian newspaper, the UK eavesdropping service GCHQ’s ability to access the internet’s fibre-optic cables has made it “an intelligence superpower”.

TEMPORA stores the intercepted data for 3 days, and the meta-data for 30 days. The data includes actual recordings of phone calls, the contents of emails, Facebook activity, and anyone’s browsing history. That’s right: anyone’s data is collected and stored, not just terrorist suspects.

300 analysts from GCHQ and 250 from the NSA are sifting this data, in what must be the biggest fishing operation to date. TEMPORA was first trialled in 2008, and has been fully up and running since 2011. Lawyers for GCHQ said it would be impossible to list the total number of people targeted by Tempora because “this would be an infinite list which we couldn’t manage”.

We only know about this horrific violation of our privacy because NSA whistleblower Edward Snowden leaked documents about it. Snowden told the Guardian that illegal state-sponsored eavesdropping “is not just a US problem. The UK has a huge dog in this fight. They [GCHQ] are worse than the US.” The documents’ titles show how huge TEMPORA is: “Mastering the Internet” and “Global Telecoms Exploitation”. GCHQ are intercepting the communications of absolutely anyone, anywhere. The UK may be the leading member of the Five Eyes electronic eavesdropping alliance, comprising the US, UK, Canada, Australia and New Zealand.

So, I’ve been indignant that the USA might be violating my privacy with no legal reason or oversight – and now I’ve learnt that my own country is doing the same! Nasty spooks are getting their sticky hands on my personal business, the thought makes me shudder!

Oh, and no “It couldn’t happen here” bollocks. It’s happening now, it’s been happening for years, and it’ll keep happening until we force the nasty pigs to back off!

Locations of visitors to this page


free web stat


%d bloggers like this: