How To Safeguard Surveillance Laws

This letter was published in the London Evening Standard on January 12th, 2015:

I watch with alarm as, in the wake of the barbaric murders in France, politicians seek increased surveillance powers for the security services.

Surveillance is not always wrong; far from it, our democracy has long allowed accountable public servants to temporarily intrude on individuals they believe to be a threat.

My alarm arises for two reasons:

  • The powers requested in recent attempts at new law are open-ended and ill-defined. They lack meaningful oversight, transparency or accountability. They appear designed to permit the security services free rein in making their own rules and retrospectively justifying their actions.
  • The breadth of data gathered – far beyond the pursuit of individuals – creates a risk of future abuse, by both (inevitable) bad actors and people responding to future moral panic. Today’s justifications – where offered – make no accommodation for these risks.

Voters should listen respectfully but critically to the security services’ requests. Our representatives must ensure that each abridgement of our liberties is ring-fenced:

  • justified objectively using public data,
  • governed with impartial oversight, and
  • guarded by a sunset clause for both the powers and all their data by-products.

If the defence of free speech fatally abrades other liberties we are all diminished.

Yours faithfully

Simon Phipps

It Would Be Funny If It Weren’t True

Open Rights Group Maturing

In the space of a few weeks, the Open Rights Group (where I’m a volunteer director) has gone through a growth spurt, winning an award for campaigning work, launching an appeal for members to fund a legal advisor so it can engage in EFF-style direct interventions and winning the right to intervene in its first court case. I’ve written more today on ComputerWorldUK.


CDB: Not Dead Yet

tl;dr: This zombie bill no politician seems able to kill is a pandora’s box that will lead to a public panopticon.  

Since it’s still very much in play at the moment  I was invited to represent the Open Rights Group (together with Big Brother Watch) at a discussion of the pending Communications Data Bill (CDB) at the South-Central Liberal Democrat Regional Conference today.

My main point was that the Bill creates an unprecedented resource for the security services to “go fishing” in everyone’s private affairs. “Communications Data” means “everything that’s not the message” for every kind of internet use (e-mail, instant messaging, voice communication, streaming and so on), and collecting all of it from everyone in Britain on a rolling 12-month basis (with some information held indefinitely) offers a massive pool in which to use heuristics to pattern match answers to open questions.

Whatever boundaries may be placed on it now, it’s certain that its scope will creep once created, pushed one notch towards the public panopticon every time another panic-keyword-crisis occurs. Allowing CDB to proceed would be an enormous error and the thin end of a wedge that will permanently remove the assumption of privacy from all of us.

Here are the slides I used:

You can also find them at Speakerdeck; sadly, WordPress.Com doesn’t allow me to embed slides from that system, which I prefer. Let’s hope the Lib-Dems take this seriously and don’t treat it as another gaming chip like they did university fees…

Why The Communications Data Bill Should Concern You

I wrote today on ComputerWorldUK about the draft Communications Data Bill. As I explained at OggCamp (my slides are online) last weekend in Liverpool, it is yet another attempt by the Home Office to get the government of the day to legalise sweeping permanent surveillance powers that allow the automated aggregation of all the details of your online life. Well, all but the actual “payload” – the message bodies themselves in e-mail for example. But the other information surrounding your communications provides plenty of data to fill a “big data” tank and analyse heuristically to detect trends in who you communicate with, when, why, where from and how.

The legislation is modelled on (and absorbs) existing postal surveillance laws but to use those the police have to go to the sorting office and look at envelopes. The cost in time and effort to go there creates “friction” that means the power is not used all the time on all your mail. But CDB is “frictionless”, allowing automated gathering of all the meta-data of all your communications (not just e-mail) and making it available over the next 12 months for analysis.

CDB makes us all a suspect, all the time. Instead of being under surveillance when there is evidence of wrongdoing, you will be under surveillance by default, with a wide range of people able to “go fishing” for information to support accusations against you without your knowledge. No amount of “access controls” can make this sort of resource safe; once created, it can only grow in scope and use.

It’s now too late for you to offer the Joint Select Committee your input on the draft, but you can still join the Open Rights Group who are at the forefront of defending your digital rights in the UK.

☆ ORGCon, London

I spent the day yesterday at ORGCon with friends old and new, enjoying talks from a wide range of speakers including of course Cory Doctorow and Lawrence Lessig. There was a film crew recording all the talks; I’ll highlight some of them here over the next week or so. My tweets about the event might interest you too.

I’m also co-maintaining ORG’s page on Google+, which you’ll find has a steady stream of interesting links – well worth adding to a circle if you’re a G+ user.

If you wish you’d been able to go but couldn’t, you may be interested in another event ORG is arranging in London on April 3rd. Author Bill Patry will be discussing the ideas covered by his new book How To Fix Copyrighttickets are free to ORG members and a very reasonable £7.50 for others.

%d bloggers like this: