Tuesday, 4 August 2009

Interception Modernisation Programme (IMP) - criticism by ISPs, ICO etc

More criticism for the UK government's Interception Modernisation Programme (IMP) - plans to modernise their ability to intercept citizens' communications, including electronic communications, which it's estimated will cost some £2 billion at least, not to mention the human rights implications.

This time the criticisms come from LINX, whose members comprise UK ISPs, in their response to the recently concluded Home Office consultation Protecting the public in a changing communications environment.

The headlines from the news reports summarise LINX's position:

See also the full LINX response (Word). Given LINX's membership, their views on the technical issues must be considered fairly authoritative to say the least.

Separately, whether related to the news of the LINX response or not, the UK Information Commissioner's Office (ICO) today issued a statement about the IMP - also critical about the plans for mass data interception and data retention on an unprecedented scale.

I say "whether related or not" as it's somewhat puzzling why the ICO waited until now to make their statement, which simply summarises the ICO's own detailed response to the consultation which they submitted on 15 July 2009.

Some extracts from the ICO's full response:

"This proposal represents a step change in the relationship between the citizen and the state… Evidence for this proposal must be available to demonstrate that such a step change is necessary and proportionate…

The Commissioner is concerned about the distinction being made between traffic data and content data of any communication..

The Information Commissioner accepts that communications data can be an important tool in tackling serious crime, preventing terrorism and protecting the public. However there are several reservations which mean the answer to this question cannot be an unqualified ‘yes’. Accepting the value of communications data does not necessarily mean support for the general use of interception technology covering the population as a whole.

One reservation is that just because certain communications data have proved useful in certain cases where a specific individual, or group of individuals, has been identified, it does not necessarily follow that the collection of the communications data of the entire population will be useful in any but a tiny minority of cases. The value of information gained through the interception of communications of specific, identified individuals does not in itself justify the general collection, processing and retention of communications information covering the population as a whole. The case has not yet been fully made out for routine collection and retention of further communications data covering the entire population..

..Is the best use currently being made of what is already available for the police and intelligence services? If the intention of Government is to ensure that this information is available when needed in specific cases, and therefore that communications data relating to individuals who are not suspects will not be routinely profiled, then it is more difficult to justify the mass retention of additional communications data covering the entire population.

While the value of accessing communications data as part of an ongoing investigation is not in doubt, it is harder to make a case for the collection of even more communications data on a population-wide scale “just in case”…

A second reservation is that the definitions in the conditions under which communications data can be accessed by a relevant public authority are often too widely drawn and can lead to misuses of the rights of access of public authorities to such information. There has been much public debate about the inappropriate use of powers under the Regulation of Investigatory Powers Act 2000, and this must not be allowed to happen under any new legislation brought before Parliament…"

For some other criticisms of the IMP plans see:

Americans too are also worried about similar issues - see New York Times report on US email surveillance and the mass intrusion into citizens' privacy.

©WH. This work is licensed under a Creative Commons Attribution Non-Commercial Share-Alike England 2.0 Licence. Please attribute to WH, Tech and Law, and link to the original blog post page. Moral rights asserted.