British Police Lose Phone & Web Search Powers

Uploaded on 2017-12-04 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-Law

Senior British police officers are to lose the power that allows them to self-authorise access to personal phones, and web browsing records under a series of late changes to the Investigatory Powers Act, or so called  'snooper’s charter' law, proposed by UK ministers in an attempt to comply with a European court ruling on Britain’s mass surveillance powers.
 
A Home Office consultation paper published on 30th November, also makes clear that the 250,000 requests each year for access to personal communications data by the police and other public bodies will in future be restricted to investigations into crimes that carry a prison sentence of at least six months.
 
But the government says the 2016 European court of justice (ECJ) ruling in a case brought by Labour’s deputy leader, Tom Watson, initially with David Davis, now the Brexit secretary, does not apply to the “retention or acquisition” of personal phone, email, web history or other communications data by national security organisations such as GCHQ, MI6 or MI5, “as national security is outside the scope of EU law”.
 
The new safeguards involve fresh amendments to the Investigatory Powers Act, described as the snooper’s charter, and follow the ECJ ruling, which said the “general and indiscriminate retention” of personal communications data “cannot be considered justified within a democratic society”. 
 
The European judges ruled that such mass harvesting of personal communications data could only be considered lawful if accompanied by strong safeguards including judicial or independent authorisation and only with the objective of fighting serious crime including terrorism. 
 
Davis, before withdrawing from the case when he became a minister, argued that the government’s approach to collecting communications and other personal digital data amounted to “treating the entire nation as suspects”.  However, Watson said the Home Office concessions were flawed and did not go far enough. “The current legislation fails to protect people’s fundamental rights or respect the rule of law. That’s what my legal challenge proved and I’m glad Amber Rudd is making significant concessions today. But I will be asking the court to go further, because today’s proposals from the Home Office are still flawed. “Ministers aren’t above the law – they don’t get to pick and choose which rights violations they address and they can’t haggle with the courts to avoid properly protecting people’s freedom. All of the fundamental safeguards demanded by the court must now be implemented.”
 
Communications data covers the who, where, when, how and with whom of a phone call, text, email or web page visit but does not cover the content of those exchanges, which is covered separately by interception laws that require ministerial authorisation.
 
The proposed safeguards, which are the subject of a seven-week consultation, include:
 
• Communications data requests to be authorised by a new body, the Office for Communications Data Authorisation, under the investigatory powers commissioner, Lord Justice Fulford. They are currently authorised by police officers, at the level of superintendent or inspector, and by senior officers in Border Force, the Department for Work and Pensions and HM Revenue & Customs.
• Restricting the use of communications data to investigations of serious crime but using an offence carrying a six-month prison sentence rather than the usual three-year threshold so that offences such as stalking and grooming are not excluded. In the case of internet connection records – tracking personal web browsing histories – the threshold remains at 12 months.
• Additional safeguards that must be taken into account before a “data retention order” can be issued to a phone or postal operator.
• The retention or acquisition of communications data will no longer be allowed for public health, tax collection or to regulate the financial markets.
• Mandatory guidance on the protection of retained data in line with European data protection standards.
 
The security minister, Ben Wallace, said communications data was used in the vast majority of serious and organised crime prosecutions and had been used in every major security services counter-terrorism investigation over the past decade and its importance could not be overstated. “For example, it is often the only way to identify paedophiles involved in online child abuse and can be used to identify where and when these horrendous crimes have taken place,” he said.
 
But Liberty, the UK human rights organisation, called the concessions “half-baked”. “This is window dressing for indiscriminate surveillance of the public, when ministers should be getting on with changing the law,” said Silkie Carlo, Liberty’s senior advocacy officer.“We warned the government from the start that the authoritarian surveillance powers in the Investigatory Powers Act were unlawful. It should be a source of deep embarrassment that, less than a year after it passed, ministers have had to launch a public consultation asking for help to make it comply with people’s basic rights.”
 
Guardian:
 
You Might Also Read:
 
Big Data And Policing:
 
UK Deal With EU On Post-Brexit Data Sharing:
 
UK Proposes Online Surveillance In Real-Time:
 
 
 
« NSA Employee Pleads Guilty To Stealing Classified Information
UK Drone ‘pilots’ Must Pass Safety Tests »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Mielabelo

Mielabelo

Belgian consulting firm providing services in the security and compliance of information systems and IT service management.

Falanx Cyber

Falanx Cyber

Falanx Cyber provides enterprise-class cyber security services and solutions. We deliver end-to-end cyber capabilities, either as specific engagements or as fully-managed services.

BMS Group

BMS Group

BMS is an independent, employee-owned specialist insurance broking group. Broking solutions include Cyber and Technology.

Information Network Security Agency (INSA) - Ethiopia

Information Network Security Agency (INSA) - Ethiopia

INSA's vision is to realize a globally competent National Cyber capability which plays a key role in protecting the national interests of Ethiopia.

Swiss CyberSecurity

Swiss CyberSecurity

Swiss CyberSecurity is a non-profit group based in Geneva, set up to provide information and as a forum for discussion of topics related to CyberSecurity.

CIO Dive

CIO Dive

CIO Dive provides news and analysis for IT executives in areas including IT strategy, cloud computing, cyber security, big data, AI, software, infrastructure, dev ops and more.

Ignyte Assurance Platform

Ignyte Assurance Platform

Ignyte Assurance Platform™ is a leader in collaborative security and integrated GRC solutions for global corporations in Healthcare, Defense, and Technology.

Cyber Defense Agency (CDA)

Cyber Defense Agency (CDA)

Cyber Defense Agency is a premier professional services firm specializing in cyber security, computer network defense, and information security.

Consortium for Information & Software Quality (CISQ)

Consortium for Information & Software Quality (CISQ)

The mission of CISQ is to develop international standards for software quality and to promote the development and sustainment of secure, reliable, and trustworthy software.

Sabat Group

Sabat Group

Sabat Group provide relationship-driven information security & cyber security recruiting services.

UK Cyber Security Council (UKCSC)

UK Cyber Security Council (UKCSC)

The role of The UK Cyber Security Council is to champion the cybersecurity profession across the UK, provide representation for the industry, accelerate awareness and promote excellence.

European Cyber Competence Network

European Cyber Competence Network

The purpose of the European Cyber Competence Network is to retain and develop the cybersecurity technological and industrial capacities of the EU necessary to secure its Digital Single Market.

Hyperproof

Hyperproof

Hyperproof is a cloud-based compliance operations software. Launch new programs immediately, collect evidence automatically, and manage a compliance program intelligently.

Quantum Star Technologies

Quantum Star Technologies

Quantum Star Technologies has developed Starpoint to be a next-next-generation solution to cyber security threats. Our mission is to secure the online world through our patented technology.

Gradient Cyber

Gradient Cyber

Gradient Cyber is a trusted cybersecurity partner specializing in small businesses and mid-market enterprises concerned about cybersecurity but lacking the staff to give it the attention it deserves.

Cytidel

Cytidel

Cytidel is a vulnerability and risk management platform that utilises threat and business intelligence to help IT Security teams.