government to bring in new law allowing them to monitor every citizen's email, text and computer useage

[JustHecate]

here

PLEASE tell me this is an april fool's gag, yes?

ratherordinary - we think she definitely should but I doubt she will.

I have nothing to hide but like many people I just don't think our DNA (like fingerprints) shoudl not be routinely gathered and stored forever.

We might as well be chipped and tagged from birth at this rate.

Even worse is the creation of so called 'meta' databases - where data starts being linked together from all sorts of public and private databases so a profile can be built up of anyone. To get through and function in modern life we all have to hand over data to all sorts of organisations.

Imagine if that was all linked together including your location at all times of day by monitoring the loctaion of your mobile phone. We are really only a few steps away from this level of intrusion into our lives.

We let this happen little by little and we didnt notice - its the classic 'boiling frog' issue.

Yes, and I am concerned - very concerned - about human error. Not everything kept will be properly checked etc.

And also lots of these measures are being introduced on the basis of the need to fight terrorism, for which there is no answer, and potentially no limit on the extent of curtailment of civil liberties.

Will it actually help much? I'd have thought that all serious criminals will simply use untraceable laptops and petty ones internet cafes, and all will use PAYG mobiles paid for with cash and no ID.

What does it mean for people in positions of responsibility who are outspoken on anonymous internet forums (like MN possibly)? I'm not talking about anything outrageous such as encouraging racial hatred, etc., but more innocuous but still potentially offensive stuff. Could it result in people who work for local government or any other state organisation being struck off? This doesn't affect me but I can see a lot of people suddenly having to cut short their online activities if it does.

sunshine Nothing is untraceable, everything leaves a digital fingerprint which can be traced. PAYG mobiles are amazingly unanonymous!

What is being proposed here was first proposed by Labour in 2006, but dropped because of strength opposition from the Conservatives and Liberal Democrats. (Leading Shami Chakrabati to comment yesterday that "it doesn't matter who you vote for, you always get the Government").

They are not proposing that the Government will start listening in to the content of any electronic communication without a warrant (current situation, controlled by RIPA). This is about the data surrounding calls and texts - and email/SKYPE-type calls - showing who called whom and when (essentially the billing data which is already collected by companies).

I think such data can already be accessed under a RIPA warrant; this looks as if it is removing the requirement for the warrant, rather than establishing any new form of capability or surveillance.

Hang on, AlpinePony ... you suggest PAYG mobiles not being "unanonymous" but there are thousands available for sale via say Ebay or Gumtree, and s/h in a handful of shops in most towns.

What's to stop me catching a train to (some town with an Asda) and buying a couple of Asda SIM packs (50p, or free with a 5 quid top-up voucher) with cash, then going into a 'dog and bone' store, Cash Converters, CES or whatever, and again buying some (unlocked) phone with cash.

I catch my train back home, after testing each SIM with the phone...

If I met 'friends' in some station on the way home (say Birmingham New Street), then the only bits of information about the SIMs that are known are
a) that I bought them (if CCTV records go back for months and someone can identify which checkout they were put through)
b) that they were used ("connected to the network") at (place with an Asda)
c) the phone numbers (and SIM numbers, perhaps)

Once my friends have gone off in different directions from Birmingham with these phones, there's almost nothing to connect me to them, or the SIMs/phones they are used in, conversations made via the phone numbers, back to me... I could be completely unaware of any future use once handed over... So if I paid with cash, it would be near impossible to identify me, or the holders of the phones, let alone what those people do via chatter using the phones, in advance of some attack on a location, and even if the number(s) in use came to be known afterwards, determining who was using the phones is still difficult in the extreme.

I chose Asda because you don't have to register the SIM, there are thousands of stores where they can be obtained, and a person can change number as often as they wish, at very low cost.

The problem is not with the SIM, but the handset itself.

Your scenario is perfectly "anonymous", the problem lies in the fact that most people don't want to bung the SIM in to the anonymous Nokia 5110, they want to use their iPhone... The handset sends the code back to the mothership and voila, nailed.

There's a lot of knickers getting twisted here. alpinepony is a voice of reason.

The press have totally misrepresented what this law will mean (and the govt have completely cocked up presenting it to them)

The UK has one of the most stringent processes in place re privacy controls compared to the US for example.

There are always bad apples who may try to exploit the system however what they are putting in place, to. My understanding, is the modern day equivalent of steaming open letters that baddies are using to communicate with each other.

I'm not losing any sleep over it, far bigger issues out there.

"the modern day equivalent of steaming open letters that baddies are using to communicate with each other."

No, that level of interception is still protected, but the collection of who you communicate with via Twitter, Facebook, e-mail, etc, is almost like having some 'bug' on your person noting each and every contact you have with others.

When I visited Leningrad in the late 70s, there were few public "bars" but kiosks sold beer to the public. You queued up, they had a limited number of glasses, and when someone finished their drink, their glass was washed and the next customer served. It was, I understood at the time, to limit the opportunity for 'meetings' as there was nowhere to sit and discuss any matter, let alone "plot".

If (as has been stated on radio) the intention is to bring the existing methods of monitoring "up to date" then this will become another costly Government IT project "white elephant" and will have to be abandoned in due course, as having failed.

I use a number of web-based services for sending e-mail. I have potentially millions of e-mail addresses (dozens of domains, each can have millions of different unique mail addresses). To determine who I send (or collect) e-mail to/from would require monitoring of large quantities of data, to see which packets coming through my connections (I have three ISP connections at present, 4 last month).

It would be a significant cost (for the electricity and systems) to my ISPs to sift through GB of data to capture web pages from Google Mail and others, which might be in the middle of significant other data (eg output from LoveFilm) and if I was actually wanting to do something without being snooped on, I'd make my connection completely encrypted through one of the many VPN services. So UK ISPs could only see hundreds of MB of data but not be able to decide which items were me watching a film and which was me sending a text [via the web] or chatting [on Skype] or using e-mail.

The internet was designed with flexibility in mind, and for nearly any type of monitoring, there will be technical "solutions" that make that monitoring difficult or impossible.

However worthy the idea, the implementation will fail, and at a time when funds for social services, education, etc, are being "managed" this is a ridiculous waste of time, energy, and money, if it goes ahead, as it is doomed.

PoppadumPreach - while I appreciate there are more important things to worry about, you shouldn't shrug and ignore this as it amounts to a massive waste of tax payer money, that would be better spent elsewhere. (I'd say the same about Trident and various other projects, but such comments are often unwelcome!)

I think there has now been a U turn done on this. Or at least an L turn with it being parked in pre-legislative scrutiny.

I will remain open minded about this until I see the details of what is actually proposed.

Both Conservatives & Lib Dems have always been more concerned with privacy issues than Labour so hopefully this is just a badly handled press announcement on a rather stupid day!

I don't mind records being handed over upon a court order or if there are stringent safeguards in place. But I do not support the notion at all that everything can be recorded and then the security services can trawl through whatever they like to look for evidence without any permission from anyone.

I know some will say "I've nothing to hide" but that's besides the point. When I talk on the phone to my friends, I've nothing to hide. But I still dont like the idea that someone can listen on my conversation for no valid reason or suspicion at all.

I'm sure they've actually been doing this for years, uncaring of whether it was legal or not. How would you know?

Of course there's always the chance they're doing this illegally but then that if detected then someone will be held accountable.

To quote a friend of mine earlier (who may have nicked it from another facebook user).

These snooping laws are genius. To stop terrorists who want to destroy the freedoms we enjoy, we simply destroy the freedoms we enjoy.

niceguy2 wrote "When I talk on the phone to my friends, I've nothing to hide. But I still dont like the idea that someone can listen on my conversation for no valid reason or suspicion at all."

AFAIK, the proposal is not to make that type of 'eavesdropping' any easier - it presumably comes under the RIP Act from some time back and requires approval from Home Secretary, but it would mean the logging of incoming and outgoing calls, texts, and other electronic messages (comments on Twitter, FaceBook, IMs, e-mail), potentially being built into a long-term database.

10 years on, if someone who was a friend, acquaintance, or even dialled a wrong number and reached you, was then suspected of being a terrorist, activist, part of a gang, or decided to vote for the opposition to the dictatorship, then those records would show you were "involved" without immediately providing any of the messages which may have passed between you.

Suspicion of "involvement" would be enough to mount full surveillance on you. - your details would be listed with a few hundred others as "known contacts of suspect Joe Bloggs" (!)

The worry for the Home Secretary might be the cost of monitoring, but "the Security Services know what they are doing" is normally an overpowering argument for any such measures being implemented, so would sign on the dotted line in the interests "of the nation".

I'm writing in an over-dramatic way, of course, for effect, but if every 'contact' is logged, then over time one may (unfortunately) have contact with people who end up committing fraud (within political office, local government, the police, etc) or do dodgy deals (the MD of the glazing firm, etc, etc) and by implication, one might fall "under suspicion" without having any knowledge (and perhaps been out of contact for months or years).

Not sure who came up with GCHQ but I thought they were responsible for international communications monitoring (while MI5 (?) or MI6, and Special Branch etc watch over citizens of the UK).

Networkguy - does the home sec really have to give permission for phonetapping under RIPA? Last year councils were found to be using it to spy on people applying for school places for their kids, or to 'investigate' dog fouling and fly-tipping.

I suspect this may be a mix of the usual government (of whichever party happens to be in power) thinking it'd be jolly handy if they had everyone under surveillance at all times and lack of understanding of IT. Do they realise how massive the task would be, and how expensive, and how much harder it would be to find the terrorist needle in the data haystack?

I thought they were using the RIP Act (not phone tapping, but surveillance vby CCTV, staff in cars, etc). I'm still fairly sure that it has to go to a high level so no magistrate or even High Court judge has the authority, precisely because we value freedom and phone tapping is so intrusive.

Of course, at the other end of the scale, it seems someone as (relatively) low as a Police Inspector is able to agree someone going undercover, to infiltrate a group, and gather evidence !

Re lack of understanding of the task, I agree with you.

Most Government IT projects over the 30+ years I've been in IT have been poorly specified by men in suits at Whitehall, not knowing the real tasks that could benefit from IT, so they agree a price, it takes longer (usually) to get what the Whitehall spec says, and then there are 1001 changes, further extending the timescale to a 'useful' solution, if achieved, and running way over budget. It's what the NAO repeatedly says - IT projects are badly handled.

In this case, if they could identify all the e-mail, and could wipe out spammers and scammers (phishing for card numbers) worldwide, it would be money well spent ! :)

yyy, look at the NHS electronic patient record - which has now been abandoned in large part. Complete disaster from start to finish despite anyone who knew the first thing about it repeatedly warning the Dept of Health. Absolutely shit protection for confidentiality (staff were leaving smart cards in the terminals because guess what, people in A&E are busy) billions and billions over budget...

Never trust government with massive IT projects and never trust them with civil liberties - whoever happens to be in power they have a habit of screwing with both. The price of freedom is constant vigilance and all that.

RIPA includes within it who can authorise the necessary warrants, and the Home Secretary can delegate authority (eg to police officers of specified seniority).

All the data they are after in these new proposals are already being collected by service providers (it's the stuff from which bills are drawn up), and it is already possible for the government to access it from companies.

These measures seem to make it possible to get that data (but not message content) without a warrant, and to make it more explicit that web-based communications are covered.

Meditrina - surely the point is that billing does not include information about who you emailed. It's not like a phone bill where it lists all the calls made - my ISP doesn't give I toss who I contacted, their bills are flat rate no matter how many emails I send.

And the Government wants companies to keep data for ever - not merely until they've used it for whatever commercial purpose it is actually obtained for. The Data Protection Act is very clear that data may only be gathered for the purpose stated. I don't see why the Government should be able to ride roughshod over this just in order to generate headlines about how tough they are on terrorists.

The bill you get doesn't include all the info that the company holds.

I've no idea how long records are kept at present. How long is it?

Meditrina - we keep everything "live" for a year, and 7 years in long-term storage - EU law I believe.

Although the thread was about personal communications becoming more easily monitored, *> Here