--- X-Sender: lse/daviess/s.g.davies@private Message-Id: <p0600200cbbccd5cfa594@[82.35.56.95]> Date: Tue, 4 Nov 2003 04:08:49 +0000 To: s.g.davies@private From: Simon Davies <s.g.davies@private> Subject: Grave security dangers in new "Snooper's Charter" PRIVACY INTERNATIONAL MEDIA RELEASE SECURITY FEARS OVER THE NEW UK "SNOOPER'S CHARTER" Personal details of millions of UK citizens will be available to Russian and Balkan authorities EMBARGOED UNTIL 11 PM, TUESDAY 4th NOVEMBER, 2003 Privacy International will today warn a House of Lords conference that government proposals to stockpile details of all phone and Internet usage of the entire UK population will create grave dangers for privacy and security. A number of Orders (Statutory Instruments) currently being considered by Parliament will establish a regime for the warehousing for at least a year of every phone call and email sent and received by every UK consumer. This sensitive information, together with account and financial data, will eventually be available on request to investigation authorities in countries such as Estonia, Serbia, Russia and Croatia. The data will in time also be available to most European countries. The potential for overseas countries to access this information comes about through a range of international treaties. The most notable of these is the recent Council of Europe (CoE) Cybercrime Convention, which allows for "minimum standard" mutual law enforcement assistance between nations http://conventions.coe.int/Treaty/EN/WhatYouWant.asp?NT=185 . 37 countries have so far signed the treaty, including Armenia, Greece, Lithuania and Turkey http://conventions.coe.int/Treaty/EN/searchsig.asp?NT=185&CM=&DF= Albania, Estonia and Croatia have already ratified the treaty, thus bringing it into legal force. The UK has signed the treaty, but no date has yet been set for its ratification into law. Russia has been arguing in the G8 for a data retention regime. If successful, it too would have access to UK data under the mutual assistance treaties. The low standard of evidence or authentication demanded for these transfers creates exceptional dangers to many ethnic and other groups in the UK. The conditions for sharing this information are such that the transfer does not have to involve dual-criminality. In the G8, the CoE, and under other mutual legal assistance agreements, there are no requirements for dual criminality. In fact the CoE convention on cybercrime dissuades governments from allowing for dual criminality before data is required to be shared. There are grounds for refusal, but they are limited. During the negotiations on the CoE convention on cybercrime, U.S. industry opposed international co-operation on the grounds that U.S. service providers would end up having to respond to requests for customer data from foreign governments more so than any other country's industry. After the United States, with its advanced telecommunications service industry, the United Kingdom is the likely candidate to receive the highest number of such requests from any country that has a mutual legal assistance treaty with us. Current procedures in the UK do not require dual-criminality when responding to requests from other countries. In fact, sometimes only very basic information is required to inform the UK officials of the purpose of the data to be transferred. According to current policy, the United Kingdom can receive a request for help from an overseas criminal court or tribunal, an overseas prosecutor, or any other overseas authority that appears to have the function of making requests for help in criminal cases. Dual criminality is not required, and requests are 'rarely declined' [y]. Governed under the Criminal Justice (International Co-operation Act 1990, the Regulation of Investigatory Powers Act under Part I, Chapter I section 5 allows, under a mutual assistance agreement, the disclosure of interception and communications data. This data may also be used for intelligence purposes. The passage of the current orders and the implementation of data retention would make data regarding UK citizens available to governments around the world with little oversight or control. This data will be made available without regard to dual-criminality, and it may in turn be kept by foreign governments as they see fit. Countries such as the U.S. that do not have data retention schemes will benefit from the vast store of information available on UK citizens even when similar stores are not available on their own citizens. Privacy International's Director, Simon Davies, warned "The governments plan to stockpile this massive amount of sensitive information poses a risk to a great many people. The proposals should be abandoned immediately". "The proposals are ill considered, unnecessary and unlawful" he added. _________________ _____________ Notes to editors: - The government's proposals will be debated at a meeting (Wednesday) in the House of Lords, organised by Privacy International and the Foundation for Information Policy Research, and sponsored by Lord Phillips (LD) and the Earl of Erroll (C-B) - A series of regulations (Statutory Instruments) recently laid before the Parliament intends to create a legal basis for comprehensive surveillance of communications. The regulations will allow an extensive list of public authorities access to records of individuals' telephone and Internet usage (under the Regulation of Investigatory Powers Act). This "communications data" -- phone numbers and e-mail addresses contacted, web sites visited, locations of mobile phones, etc. - will be available to government without any judicial oversight. Not only does government want access to this information, but it also intends to oblige companies to keep personal data just in case it may be useful (provisions of the Anti Terrorism, Crime & Security Act). - [y] Reference: The Home Office, Seeking assistance in criminal matters from the United Kingdom, Guidelines for judicial and prosecuting authorities (Second Edition), by the Judicial Co-operation Unit, Organised and International Crime Directorate. - Simon Davies of Privacy International can be reached for comment on 07958 466 552 (from the UK) or on (+44) 7958 466 552 (from outside the UK). Email simon@private - Privacy International (PI) www.privacyinternational.org is a human rights group formed in 1990 as a watchdog on surveillance by governments and corporations. PI is based in London, and has an office in Washington, D.C. Together with members in 40 countries, PI has conducted campaigns throughout the world on issues ranging from wiretapping and national security activities, to ID cards, video surveillance, data matching, police information systems, and medical privacy, and works with a wide range of parliamentary and inter-governmental organisations such as the European Parliament, the House of Lords and UNESCO. - At 3:50 +0000 2/11/03, Chris Summers-NEWS wrote: >Dear Simon, > >Unfortunately I am on night shifts at the moment so I will be asleep >during the day on Wednesday and won't be able to attend but I am >forwarding this email to our Technology Correspondent, Mark Ward, and our >Politics staff in the hope that one of them can come along. > >All the best, >Chris Summers >-----Original Message----- >From: Simon Davies [mailto:s.g.davies@private] >Sent: 02 November 2003 02:39 >To: Chris Summers-NEWS >Subject: Re: Secret Britain Q&A > >Hi Chris, > >As you know, Parliament is currently considering the revised "Snooper's >Charter", comprising five new Statutory Instruments. These regs, if >approved, will establish a voluntary code for communications data >retention, extend a sunset clause that will give the government the power >to establish a mandatory framework for retention, and bring a wide range >of government agencies under the Regulation of Investigatory Powers Act. > >Privacy International and the Foundation for Information Policy Research >have been working closely with the Lords on this issue. We have convened a >meeting this Wednesday at the House of Lord's to scrutinise the >regulations and to debate whether they should be accepted or rejected. The >meeting is being sponsored jointly by Liberal Democrat, Conservative and >Cross-Bench peers. > >There is widespread concern amongst Lords about the government proposals. >The Joint Human Rights Committee of the Parliament at its meeting last >week did not approve them as human rights compliant, and instead referred >a number of legal issues to the government for a response. Lords are >concerned about the creation of universal communications surveillance, and >they are generally unhappy with the proposed oversight of the scheme. > >I was wondering whether you would like to join us for the fireworks! This >will be a crucial meeting, and we expect a substantial attendance of Lords >and MP's. The regs will most likely be debated in the Lord's on November >13th, so this will possibly be the only occasion to debate the proposals >before they come before the Chamber. > >The meeting will take place on Wednesday 5th November, between 2 and 4 PM >in Committee Room 5. Please let me know whether you would like to join us. > >Best wishes > >Simon > > > >BBCi at http://www.bbc.co.uk/ > >This e-mail (and any attachments) is confidential and may contain >personal views which are not the views of the BBC unless specifically >stated. >If you have received it in error, please delete it from your system. >Do not use, copy or disclose the information in any way nor act in >reliance on it and notify the sender immediately. Please note that the >BBC monitors e-mails sent or received. >Further communication will signify your consent to this. _______________________________________________ Politech mailing list Archived at http://www.politechbot.com/ Moderated by Declan McCullagh (http://www.mccullagh.org/)
This archive was generated by hypermail 2b30 : Tue Nov 04 2003 - 06:03:53 PST