I Have Nothing to Fear...

...But then again I don't live in the UK

Lets just hope that the initial usages are to expose the marital infidelities of ministers and senior police officers.

From The Independent
 
Britain is to become the first country in the world where the movements of all vehicles on the roads are recorded. A new national surveillance system will hold the records for at least two years.

Using a network of cameras that can automatically read every passing number plate, the plan is to build a huge database of vehicle movements so that the police and security services can analyse any journey a driver has made over several years.

The network will incorporate thousands of existing CCTV cameras which are being converted to read number plates automatically night and day to provide 24/7 coverage of all motorways and main roads, as well as towns, cities, ports and petrol-station forecourts.

By next March a central database installed alongside the Police National Computer in Hendon, north London, will store the details of 35 million number-plate "reads" per day. These will include time, date and precise location, with camera sites monitored by global positioning satellites.

Already there are plans to extend the database by increasing the storage period to five years and by linking thousands of additional cameras so that details of up to 100 million number plates can be fed each day into the central databank.

Senior police officers have described the surveillance network as possibly the biggest advance in the technology of crime detection and prevention since the introduction of DNA fingerprinting.

But others concerned about civil liberties will be worried that the movements of millions of law-abiding people will soon be routinely recorded and kept on a central computer database for years.

The new national data centre of vehicle movements will form the basis of a sophisticated surveillance tool that lies at the heart of an operation designed to drive criminals off the road.

The scheme is being orchestrated by the Association of Chief Police Officers (Acpo) and has the full backing of ministers who have sanctioned the spending of £24m this year on equipment.

More than 50 local authorities have signed agreements to allow the police to convert thousands of existing traffic cameras so they can read number plates automatically. The data will then be transmitted to Hendon via a secure police communications network.

Chief constables are also on the verge of brokering agreements with the Highways Agency, supermarkets and petrol station owners to incorporate their own CCTV cameras into the network. In addition to cross-checking each number plate against stolen and suspect vehicles held on the Police National Computer, the national data centre will also check whether each vehicle is lawfully licensed, insured and has a valid MoT test certificate.
 

Frank Whiteley, Chief Constable of Hertfordshire and chairman of the Acpo steering committee on automatic number plate recognition (ANPR) said: What the data centre should be able to tell you is where a vehicle was in the past and where it is now, whether it was or wasn't at a particular location, and the routes taken to and from those crime scenes. Particularly important are associated vehicles, Whiteley said.

The term "associated vehicles" means analysing convoys of cars, vans or trucks to see who is driving alongside a vehicle that is already known to be of interest to the police. Criminals, for instance, will drive somewhere in a lawful vehicle, steal a car and then drive back in convoy to commit further crimes "You're not necessarily interested in the stolen vehicle. You're interested in what's moving with the stolen vehicle," Whiteley explained.

The security services will use it for purposes that I frankly don't have access to. It's part of public protection. If the security services did not have access to this, we'd be negligent.

From The Register

The European Parliament has approved proposals on data retention that would compel telecom firms to keep customer email logs, details of internet usage and phone call records for between six months to two years.

The plan - designed to assist law enforcement leaves it up to individual governments to decide how long service providers will be obliged to keep data.

Police and intelligence agencies would have access to call records (including data on lost calls), location information and internet logs without getting access to the content of the information communicated. MEPs decided to drop provisions to make it mandatory for member states to reimburse telecom companies for additional costs incurred in servicing law enforcement requests.

The EU directive on data retention passed by 378 votes in favour to 197 against and 30 abstentions during its first reading on Wednesday. The measures were put forward by Britain after the 7 July bomb attacks on London.

A spokesman for the UK Internet Service Providers' Association (ISPA) said it remained to be seen how the directive will be implemented into UK law. Voluntary co-operation already exists between ISPs and UK law enforcement agencies over requests for communications data but implementation of the directive would change this from a voluntary arrangement into a mandatory code of practice. We are concerned that ISPs may have to foot the bill for mandatory data retention. ISPs are not law enforcement agencies so they should not have to pay for it all, he said.

The amounts involved are not small. ISPA cites estimates from one large UK-based ISP that it would cost £26m a year to set up data retention kit on its systems and £9m a year in running costs to service law enforcement requests.

MEPs agree with the need to retain data for the detection, investigation and prosecution of crime, but only for "specified forms" of serious criminal offences (terrorism and organised crime), and not for the mere "prevention" of all kinds of crime.

Dai Davis, a consultant lawyer at Nabarro Nathanson, said the European Parliament had fudged important issues such as how long records should be kept and who would end up footing the bill for data retention.

Safeguards (including independent oversight) have been put in place by MEPs to make sure data retention requests can't be used to trawl through databases and need to be sanctioned on a case by case basis. But Davis said that it was unclear if checks and balances established in the directive provide adequate safeguards against abuse.

From OfcomWatch

The latest European agreement an communications data retention is worrying those at European Digital Rights. They have identified some very worrisome snippets lurking in the small print

And in particular, they write:

The Directive requires more invasive laws. Once adopted, this Directive will prove not to be the ultimate solution against serious crimes. There will be calls for additional draconian measures including:

-the prior identification of all those who communicate, thus requiring ID cards at cybercafes, public telephone booths, wireless hotspots, and identification of all pre-paid clients;

- the banning of all international communications services such as webmail (e.g. Hotmail and Gmail) and blocking the use of non-EU internet service providers and advanced corporate services.

From the Daily Mail

EU justice and interior ministers have agreed on plans binding telecommunications companies to retain phone call and e-mail logs for a minimum of six months for use in investigations into terrorism and other serious crimes.

It is an essential tool for law enforcement and against criminality, and that's why it's so important," said British Home Secretary Charles Clarke, who chaired the meeting. He said the majority deal among the 25 EU nations allowed governments to decide how long telecoms companies in their nations should retain the data, as long as it was between six and 24 months.

We have agreed to a system which gives flexibility to member states who want to go further, Clarke told a news conference. He said the ministers agreed to a review procedure that could increase the amount of material collected. Clarke said terrorist groups, drug dealers and people-trafficking gangs would better be targeted under the new rules. If you can discover what the network is, who they communicate with, how they operate, you can begin to make the connections, and that can make a very big difference. Clarke said he was optimistic the European Parliament would adopt the bill later this month - meaning it could come into force next year.

The Republic of Ireland and Italy had led opposition to the plan during the two day ministers' meeting. They argued setting up new EU legislation would contradict national laws that already go further.

However, at the end of the talks, only Poland, the Republic of Ireland, Slovenia and Slovakia remained opposed, not enough to block the measure.

Makes it a bit scary that the Government will be in charge of an awful lot more personal data once they set up the Nation ID database,  Clearly customers of Co-op, Kwik Save and Aldi may be best advised to shop elsewhere

From the Daily Mail

Extortionist car park operators, who are entirely unregulated, purchase the names and addresses of motorists who they wish to track down - and can then send them threatening letters to demand massive fines for alleged 'overstays'.

The revelations raise serious questions about the way personal information held by the Government is sold commercially. They will also provoke fears about the possible abuse of Tony Blair's identity card scheme, which will create a powerful database of details about everyone in Britain.

The Government's Driver and Vehicle Licensing Agency last night admitted it hands out drivers' details at £2.50 a time when provided with car registration numbers. All drivers are legally required to give the DVLA their up-to-date address, although few know this information can be sold on.

Private car park companies, however, have the right to obtain this information under obscure regulations introduced three years ago and waved through the Commons with no debate.

The Mail on Sunday investigation found one company - used by the Co-op, Kwik Save and Aldi to manage store car parks - exploits the data to send threatening letters to motorists demanding fines of up to £170. This is three times the fine local authorities typically charge motorists who fail to 'pay and display'.

Creative Car Park Management - which uses a variety of front companies to conceal its true identity and earnings - uses cameras at the entrances and exits to their sites to photograph the number plates of drivers who they allege linger beyond the 'free parking' limit. Using the information sold by the Government, the firm sends out bills - sometimes weeks later - telling motorists they will be taken to court if they fail to pay.

The secretive company even threatens to send bailiffs to drivers' homes to recover money they claim to be owed. Many motorists, fearing the firm is working alongside the DVLA, may feel they have no choice but to pay up.

The firm has been the subject of a series of complaints from drivers. Liberal Democrat MP Norman Baker has been championing the cause of shoppers caught by Creative Car Park Management in the village of Polegate in his Lewes, East Sussex, constituency.

Baker said: A private company should not be allowed to obtain information about private individuals from the State. When people provide information to the Government, they do not do so on the basis that someone is going to make a profit from it. A huge number of mistakes have been made by the company here in Lewes, all of which appear to be in their favour. It is supposed to be free parking, but a number of my constituents have received very large bills. £170 would be an extortionate amount to charge in Central London, let alone rural Sussex.

Motoring organisations claim there has been a boom in this form of 'ticket-less' parking fine, which has caught thousands by surprise. Since no tickets are placed on the windscreen, drivers can incur several fines before they even realise they have done anything wrong.

The DVLA said 157 private parking companies regularly apply to it for information on 'vehicle keepers'. The DVLA insisted that the right of parking companies to access their database predates the 2002 regulations. However, a spokesman was unable to say exactly when the DVLA began its current practice of routinely selling data.

But Edmund King, of the RAC Foundation, said: The DVLA is behaving irresponsibly by passing on sensitive information to the wrong sort of people.

Paul Watters, head of roads policy at the AA Motoring Trust, said: These companies can charge fines at what ever level they want - using personal information about motorists obtained from the Government. And there is no one monitoring what is happening.

The Mail on Sunday began investigating Creative Car Park Management after being alerted to a flurry of complaints from motorists who felt they had been treated unfairly. With its fashionable name and glossy website, it appears to be a conventionally run business. It certainly gives that impression to the dozens of well-known companies which use its services.

CCPM says it monitors about 150 car parks all over Britain on behalf of retail and property companies. But its founder and owner, Gary Wayne, goes to extraordinary lengths to hide his identity.  CCPM's structure is concealed by 'shell' companies and anonymous nominee directors who play no part in the firm's management or day-today operations - a tactic that will be outlawed under the Companies Act, due to come into force in 2007.

Its registered address turns out to be an accommodation address in Mayfair where Wayne pays £320 a year to rent a mailbox. In fact, the 35-year-old businessman runs CCPM from his four-bedroom, £400,000 home in Mill Hill, North London. After initially claiming to be only a spokesman for the company, he eventually admitted to being its founder and sole operator. He said he had always operated within the law and provided a valuable-service in preventing commuters and long-term parkers from abusing parking regulations on privately-owned land.

Asked why he was so keen to conceal his identity, Wayne said car parking was a 'sensitive issue' and added: We wish to protect the identity and security of the senior administration of the company. Inquiries by this newspaper, however, suggest that the group's 'senior administration' consists of just one man - Gary Wayne.

Wayne's customers use him because of the convenient, no fuss service he offers. Companies such as CCPM charge their clients nothing, deriving their income from the high fines they levy on car owners.

It may come as some surprise that in the era of the Data Protection Act - the law designed to restrict access to personal details kept on databases - that the DVLA is able to sell on information about drivers. However, the provision in the 2002 Road Vehicles Regulations giving car park companies the right to find out about 'vehicle keepers' overrides any earlier restrictions in the Data Protection Act.

The revelation will fuel growing concerns about the use of information held by Government departments. Ministers are planning a massive database of personal information about every adult in the UK as part of the planned ID card scheme. Ministers insist access to the data will be carefully regulated - and not sold on to private companies. However, the revelations about the way the DVLA database is exploited commercially raises fears that the much larger ID card computer could be 'raided' in a similar way.

Gareth Crossman, director of policy for civil rights group Liberty, said: I have no doubt that once the register of personal information is in place, the number of people with access to it will increase hugely.

Yet more information no doubt to be linked in to the ID database. Burglars will have a field day when they can do a computer search for large properties with a large garden and only an old lady living there. The Inland Revenue will probably find it well useful in checking your home against your declared income.

From The Telegraph

Whitehall documents reveal that they will be allowed to "obtain factual information from internal inspections" as part of the enormous exercise to revalue 22 million properties in England.

Caroline Spelman, the Tories' local government spokesman, said: "Labour's council tax revaluation will mean an army of nosey clipboard inspectors invading people's homes, including their bedrooms.

She said a "Big Brother" database would include new inspection codes that would allow the Valuation Office Agency, an arm of the Inland Revenue, to check which properties had been inspected and the degree to which an internal or external inspection had been recorded.

The Valuation Office Agency sought the advice of the office of the Surveillance Commissioner on entering homes. The commissioner replied that inspectors taking photographs of properties would not contravene the Regulation of Investigatory Powers Act or the Human Rights Act, even though those laws were intended to protect citizens' privacy.

Conservatives are tabling amendments to the Council Tax Bill to try to remove the powers of the Valuation Office Agency to enter homes.

Spelman said that new "value significance codes" had been expanded in January this year to cover 66 property features, including balconies, proximity to a golf course, conservation areas, gated estates, large garden, large patio, roof terrace, sea views and views of hills or lakes. The Tories say the codes will push many homes into a higher tax bracket.

The Office of the Deputy Prime Minister said it was "ridiculous" to suggest that each of the 22 million properties would be visited. There will not be armies of people sticking cameras through your window, a spokesman said. The only time a valuer will go out [to see a property] is if you have a peculiar property. It may be - and this will be on only a very few occasions - that you receive a letter asking for a visit.

From The Scotsman

The government's case for identity cards has been dealt a serious blow on the day of a crucial Commons vote after the software giant Microsoft warned that the proposals could generate "massive identity fraud" on a scale as yet unseen.

In an article for The Scotsman today, Jerry Fishenden, the national technology officer for Microsoft, says the proposal to place "biometrics" - or personal identifiers such as fingerprints - on a central database could perpetuate the very problem the system was intended to prevent. He says ministers should not be building systems that allow hackers to mine information so easily.

Fishenden says that, as no computer system is ever 100 per cent secure, putting a comprehensive set of personal data in one place produces a honeypot effect - a highly attractive and richly rewarding target for criminals.

Ministers propose putting 13 personal identifiers, such as iris scans, fingerprints and facial imprints, on to a central database, along with personal details such as names and addresses. But the technology expert warns that holding these details in one place "is something that no technologist would ever recommend" and could leave individuals helpless if their details were compromised.

Unlike other forms of information, such as credit card details, if core biometric details such as your fingerprints are compromised, it is not going to be possible to provide you with new ones, Fishenden says. Using the same "identifiers" every time the ID card is presented is a highly risky technical design and could inadvertently broadcast personal information to fraudsters or private companies. Having to produce this much information for every service is "unnecessary" as systems could be designed to ensure that only the relevant data is revealed each time.

Would you be happy if online auction sites, casinos or car rental company employees are given the same identity information that provides you with access to your medical records?  Fishenden writes.

From the Daily Mail

Home Secretary Charles Clarke is set to accept diluted EU anti-terror plans after losing a clash of wills with the European Commission and Euro-MPs.

His bid to use Britain's EU presidency to push for the toughest-possible to track terrorist activities through email and mobile phone data has come up against protests that the move breaches civil liberties.

The most Mr Clarke can expect is progress towards a deal to force Internet and telecoms companies to retain phone email traffic data for a maximum of one year.

FBI to get veto power over PC software?

From CNET News

The Federal Communications Commission thinks you have the right to use software on your computer only if the FBI approves.

No, really. In an obscure "policy" document released around 9 p.m. ET last Friday, the FCC announced this remarkable decision.

According to the three-page document, to preserve the openness that characterizes today's Internet, consumers are entitled to run applications and use services of their choice, subject to the needs of law enforcement. Read the last seven words again.

The FCC didn't offer much in the way of clarification. But the clearest reading of the pronouncement is that some unelected bureaucrats at the commission have decreed that Americans don't have the right to use software such as Skype or PGPfone if it doesn't support mandatory backdoors for wiretapping. (That interpretation was confirmed by an FCC spokesman on Monday, who asked not to be identified by name. Also, the announcement came at the same time as the FCC posted its wiretapping rules for Internet telephony.)

Nowhere does the commission say how it jibes this official pronouncement with, say, the First Amendment's right to speak freely, not to mention the limited powers granted the federal government by the U.S. Constitution.

What's also worth noting is that the FCC's pronunciamento almost tracks the language of the 1996 Telecommunications Act. Almost.

But where federal law states that it is the policy of the United States to preserve a free market for Internet services "unfettered by federal or state regulation," the bureaucrats have adroitly interpreted that to mean precisely the opposite of Congress said. Ain't that clever?

Control Freakery is Compulsory to Labour

From The Scotsman

Biggest British firms could make ID cards compulsory for staff. The card could become a prerequisite to being hired by many of Britain's biggest employers, in a move that would undermine the supposedly voluntary nature of the controversial scheme.

Thirty of Britain's largest companies are in talks with the government about making the possession of ID cards - likely to cost at least £100 each - a central part of their employment practices.

The vast government-run database supporting the ID card system could also be tied into companies' payroll and benefits networks. Serving employees could also face identity checks against the information stored on the register.

The outcome of the discussions between the Home Office and companies including the Royal Bank of Scotland, HBOS and Tesco, could severely curtail the options for people who choose not to have a card when they are introduced on a voluntary basis in 2008.

Under pressure from his Liberal Democrat coalition partners, Jack McConnell, the Scottish First Minister, has agreed that an ID card will not be required to access public services in Scotland, as it will be in England. That has led to speculation that take-up of the cards will be lower north of the Border.

The cards' potentially pivotal role in employment decisions is emerging as the Home Office searches for possible uses for the card in the hope of encouraging voluntary applications, and to justify the huge cost of the ID scheme.

Independent estimates have put the cost of an ID card at up to £300, although the Home Office has signalled the price will be capped at about £100. The final bill to the taxpayer will be at least £8 billion.

On the government's timetable, the legislation will be passed later this year, and the first voluntary cards will be issued in 2008. Over the following five years, ministers would assess the case for making the card compulsory, based on how many people had chosen to take them up. Opponents of the plan claim that "voluntary" period is a sham and that ministers have already determined that the cards will ultimately become compulsory.

The Home Office confirmed that a "consultation group" of 35 major employers are involved in talks to discuss benefits relating to payroll and human resource management for the private sector. David Lacey, the Royal Mail executive who chairs the Private Sector User Group, told The Scotsman that major employers are "enthusiastic" about ID cards.

Many of the firms in the group - which also includes British Airways, BP, Lloyds TSB and Shell - see the cards as a means of accelerating their assessment of job applicants, and cutting the costs involved in such screening.

The Royal Mail, for instance, currently takes about six weeks to check job applicants' criminal records and immigration status. With an ID card, Lacey estimates, that could be cut to 72 hours. It saves us money, and it's better for the person applying for the job as well, he said.

From The Guardian

Britain's top police officer was accused last night of paving the way for "Judge Dredd law" by proposing that officers should be allowed to by-pass the courts and confiscate driving licences, seize vehicles and issue anti-social behaviour orders on the spot.

The Metropolitan Police Commissioner Sir Ian Blair said "modernisation" of the force should be carried forward by introducing "an escalator of powers" for the dispensing of instant justice: One idea is to have some police officers - paid more and with more powers - to impose an interim anti-social behaviour order, for instance, or suspend a driving licence.

However, Shami Chakrabarti, the director of the human rights group Liberty, said Sir Ian was behaving like Judge Dredd, the post-apocalyptic comic book law enforcer whose catchphrase is "I am the law". She added: This is more like summary justice which has no place in a democracy. He's supposed to be the Met Commissioner, not Judge Dredd. Sir Ian should concentrate on the difficult job of running the Metropolitan Police rather than working on political speeches arguing for ever more draconian laws.

But Sir Ian, addressing the annual conference of the Police Superintendents' Association, said it was unsatisfactory that a disqualified driver could be arrested and released, and immediately get back in a car. In such cases, officers should be able to seize the offender's vehicles.

He conceded that such powers should be dispensed with care and without turning the place into a police state, which would be unfortunate. I don't want to see this as a massive widening of powers. It is to deal with some very specific issues.

However, colleagues were not convinced. Rick Naylor, the president of the association, said: We police with consent and part of that is because the public see us as being approachable. If the public fear us more because of increased powers that approachability will be damaged.

From The Guardian

Tesco is quietly building a profile of you, along with every individual in the country - a map of personality, travel habits, shopping preferences and even how charitable and eco-friendly you are. A subsidiary of the supermarket chain has set up a database, called Crucible, that is collating detailed information on every household in the UK, whether they choose to shop at the retailer or not.

The company refuses to reveal the information it holds, yet Tesco is selling access to this database to other big consumer groups, such as Sky, Orange and Gillette. It contains details of every consumer in the UK at their home address across a range of demographic, socio-economic and lifestyle characteristics, says the marketing blurb of dunnhumby, the Tesco subsidiary in question. It has added intelligent profiling and targeting to its data through a software system called Zodiac. This profiling can rank your enthusiasm for promotions, your brand loyalty, whether you are a "creature of habit" and when you prefer to shop. As the blurb puts it: The list is endless if you know what you are looking for.

This publicity material was, until recently, available on the website of dunnhumby, but now appears less forthcoming. Attempts by a number of Guardian reporters to retrieve their own personal information under the Data Protection Act led to a four month battle; the request was ultimately denied so the Guardian has appealed to the Information Commissioner. Tesco has provided some personal data held by Clubcard, the loyalty scheme that monitors members' shopping and which has been credited with fuelling the supermarket group's astronomical growth in the past decade.

But as far as Crucible is concerned, the company admits it has put great effort into designing our services so information is classed in a way that circumvents disclosure provisions in the Data Protection Act. Clues about the content of dunnhumby's database have appeared in the company's marketing literature. Crucible, it says, is a "massive pool" of consumer data. In the perfect world, we would know everything we need to know about consumers. We would have a complete picture: attitudes, behaviour, lifestyle. In reality, we never know as much as we would like. But Crucible, it suggests, has got much further than rival systems by pooling data from several sources and then using the vast Clubcard data pool to profile customers.

Together, Crucible and Zodiac can generate a map of how an individual thinks, works and, more importantly, shops. The map classifies consumers across 10 categories: wealth, promotions, travel, charities, green, time poor, credit, living style, creature of habit and adventurous.

How does Tesco get the information? Clubcard is used to target promotions at particular cardholders. But Crucible is separate and Tesco insists that while loyalty scheme data is used by Crucible it does so anonymously rather than a house-by-house, name-by-name basis.

Dunnhumby's chairman, Clive Humby, offers a few more clues. Companies such as Experian, Claritas and Equifax have databases on individuals and Crucible collects from them all. Any questionnaire you may have completed, any reader offers you responded to, are bought to build up a picture of attitudes and habits. Crucible also trawls the electoral roll, collecting names, ages and housing information. It uses data from the Land Registry, Office for National Statistics and other bodies to generate a profile of the area you live in. Zodiac is employed to provide a more detailed profile.

Unless you haven't quite told your boss or partner the whole truth about where you are going

From The Telegraph

Black boxes in cars to help police discover the causes of accidents are being considered by ministers, it was announced yesterday.

They are also thinking of introducing financial incentives for those willing to install devices that keep vehicles within the speed limit.

The proposals, regarded by ministers as being at an embryonic stage, are based on a report produced by the Motorists' Forum at the request of Alistair Darling, the Transport Secretary. They formed part of a wide-ranging package unveiled by Stephen Ladyman, the roads minister, who gave it a cautious endorsement. Describing Britain's roads as among the safest in the world, Ladyman said the Government would be "aggressive" in trying to further reduce fatalities.

Whitehall believes it can build on technology which is already in use. Many cars have computers providing information to garages about how they have been driven. Norwich Union has offered motorists pay-as-you-drive insurance based on data collected by a black box it installs in the car.

Similar technology is being used on a far wider scale in the United Arab Emirates, which plans to install black boxes in 700,000 official cars. These tell the driver when the speed limit is being broken. If a warning is ignored, it tips off the nearest police patrol car by text message and alerts a control centre, which issues a speeding ticket.

Black boxes would be used to help police understand why an accident happened by providing information on how the car was driven in the moments before a collision. Ladyman said extensive consultation would be needed before legislation gave police access to these data.

Technology to prevent cars exceeding the speed limit has been developed by researchers at Leeds University.
Companies such as Siemens believe "intelligent speed adaptation technology" could appeal to motorists with several points on their licence who want to avoid a ban. It is based on marrying satellite navigation technology and speed limiters commonly fitted to lorries and coaches.

With the Government keen to encourage rather than coerce motorists, one option would be for drivers to be given an incentive to buy safer cars through the tax or - if it is introduced - road-pricing system. Incentives are already in place for fuel-efficient vehicles. Even without government intervention, ministers hope the insurance industry would provide incentives for drivers willing to buy safer cars.

They could stitch up anyone. Just find a long forgotten encrypted file on a computer, ask for the (forgotten) key and bang them up for 10 years.

Many messaging encryption services are based on session keys where they key is deleted after use to decode the message. The encrypted message may still exist on GCHQ message traces but no amount of 10 year threats can re-create a deleted key.

From The Guardian

Electronic checks that could identify terrorist suspects before they board a plane to Britain may be rushed in amid heightened concerns over port security in the wake of the suicide bombings.

The 'e-borders' scheme - under which passengers' details will automatically be scanned against police, intelligence and immigration watchlists before they reach the boarding gate - is not due to be introduced until 2008. However, ministers are investigating whether the programme, which also keeps an electronic record of people leaving Britain, can be speeded up because of its potential usefulness as a weapon against terrorism.

Speculation that an al-Qaeda mastermind had arrived via the Suffolk port of Felixstowe not long before the 7 July bombings has concentrated attention on port security. Although the Felixstowe incident turned out to be a case of mistaken identity, there are particular concerns that small seaports and airports, viewed as the lowest priority for introducing e-borders, are now being targeted by immigration offenders and criminals.

One government source said e-borders was now considered 'crucial' to the fight against terrorism and waiting until 2008 was too long. There are concerns, however, that speeding up its introduction would leave too little time to iron out any glitches in its computer system.

The system would also provide an automatic list of those who have overstayed visas - making it easier to find and deport illegal immigrants.

The move comes as Home Office ministers review their long-term responses to terrorism. Sir Ian Blair, Commissioner of the Metropolitan Police, will this week propose a 10-year mandatory minimum sentence for anyone refusing to provide police with details of how to access encrypted information on their computers.

Dozens of computers have been seized in the UK and Italy in the wake of the recent bombings. At present, police can hold suspects for a maximum of 14 days under terrorism legislation, often insufficient time to break into whatever information their computers may contain.

'A lot of the stuff that we have on computers is encrypted, and for that reason I am interested in creating an offence of refusing to reveal an encryption key,' Blair said. 'It has to be punishable by a term of at least 10 years.'

However, the civil rights group Liberty says the proposals are 'like suggesting that the police should be able to steam open your mail after you've put it in the post box'.

The Association of Chief Police Officers has called for new offences to tackle use of the internet, such as blocking terrorist websites. However, senior officers believe the threat is sometimes overplayed, arguing much online information is unreliable. If I was in the business of making highly volatile explosives, I would not be relying on the internet as my only source of information,' one detective said. 'It is more important to go after the preachers of hatred who stand on street corners and stir up trouble.

It seems a very expensive way to check if people are downloading spanking films

From The Scotsman

Charles Clarke, the Home Secretary, failed to win European Union backing for a plan to retain phone and e-mail data to help combat terrorism. Clarke's hopes of an agreement at a summit in Newcastle were dashed as EU members, including Germany, stood by their objections on civil rights grounds, and telecoms companies warned that such a scheme would saddle them with enormous costs.

In the wake of the London terrorist attacks, Clarke wants to use the UK's presidency of the EU - which runs until January - to agree a common rule obliging telecoms firms to retain communications data for possible use by the security services in tracking suspected terrorists.

Clarke had convened the meeting of EU justice and home affairs ministers in the hope of overcoming other countries' doubts. But despite insisting that an agreement is still possible, Clarke appeared to make little headway towards that end.

As well as long-held concerns over state surveillance, some EU ministers raised doubts about who would pay for the technology involved in storing the communications data. Industry will take the position that this is something the state must pay for, said Brigitte Zypries, the German justice minister.

And the European Telecommunications Network Operators' Association, which represents most of the EU's phone and internet firms, yesterday delivered a warning that the total cost of the plan could easily exceed £100 million a year. We think it's a rather unsophisticated approach to a complex problem, said Michael Bartholomew, the head of the lobbying group. The implications of this total package are very considerable, and it seems to me that we're talking about hundreds of millions of euros on a pan- European basis.

After the meeting broke up without an agreement, Clarke insisted that neither civil liberties nor costs should stand in the way of his plan: We don't think either of those issues are justified, though we understand them.

The Home Office has set aside £6 million to compensate firms for additional costs, and has already signed at least one contract with a mobile phone firm.

Presumably for the new facial recognition surveillance technology that the UK is so keen on.

From Pattaya Today

The British embassy in Thailand has announced a tightening of the regulations for the two identical photographs when UK nationals apply for a new passport. They must have been taken in the last month, be exactly 45 mm x 35 mm in size, printed on plain, white photo quality paper (not embossed or watermarked), produced against an off-white, cream or light grey background and show you with a closed mouth and a neutral expression. The full details can be found on the embassy’s website www.brithishembassy.gov.uk/Thailand

Labour must be in drooling of this idea. Not only do they get the congestion charge, they also: reduce tax seepage due to accidentally exaggerated business mileage claims; they can issue far more speeding tickets for impossibly rapid journeys, they can halve police numbers as it will be easy to round up the usual suspects of cars in the vicinity of the time of a crime. They will even get increased profits tax from divorce lawyers as business trips to Darlington are found to be pleasure trips to Brighton.

From the BBC

Drivers could pay up to £1.34 a mile in "pay-as-you go" road charges under new government plans. The transport secretary said the charges, aimed at cutting congestion, would replace road tax and petrol duty. Alistair Darling said change was needed if the UK was to avoid the possibility of "LA-style gridlock" within 20 years.

Every vehicle would have a black box to allow a satellite system to track their journey, with prices starting from as little as 2p per mile in rural areas. We have got to do everything we can during the course of this parliament to decide whether or not we go with road pricing. Darling said.

If public reaction is favourable, a pilot scheme planned for the Leeds area could be rolled out nationwide within the next 10 years.

From Silicon

The European parliament could reject proposals next week for laws to retain the data of telephone and internet service providers (ISPs) for three years.

Legal and civil liberties committees in Strasbourg have already slammed the proposals after German Free Democrat MEP Alexander Alvaro published a report urging EU countries to veto the recommendations.

The proposals were put forward by France, Ireland, Sweden and the UK to aid in the prevention, investigation and prosecution of terrorist acts.

In the report, Alvaro wrote: There are sizeable doubts concerning the choice of legal basis and the proportionality of the measures. It is also possible that the proposal contravenes Article 8 of the European Convention on Human Rights... Should the Council's proposal unexpectedly obtain a majority, the requirement for a review of the measures in the form of an evaluation after three years in force should be incorporated into the text, so that the actual effectiveness of the measures can be established and the act of data retention justified.

Under the initiative, ISPs and phone service providers would be forced to retain data between 12 and 36 months. This would include details of time and dates as well as the location of communications, although the content of communications may not be retained. The laws would govern how companies operate SMS, telephone (including voice over IP) and internet services.

The European parliament will debate the matter on Tuesday.

We clearly need better education for our children. It needs to be drummed into children from the age of two that they must be aware of the corrupting influences and dangers in society. They must be taught that when approached by predatory and interfering social workers that they must unhesitatingly kick them in the bollocks and tell them to fuck off.

From The Guardian

New guidelines obliging professionals to pry into the sex lives of teenagers will do more harm than good. The latest example of this preoccupation with monitoring children is the newly published Working With Sexually Active Young People Under the Age of 18 - A Pan-London Protocol. This circuitously titled set of guidelines extends surveillance into the most intimate aspects of a teenager's life - and is likely to be rolled out nationally. It requires all professionals in contact with young people to do risk assessments on "any person under 18 they know who is, or is likely to be, sexually active", a term defined so broadly in the Sexual Offences Act 2003 that there will be few teenagers who are exempt. The risk assessment should be very detailed, covering physical and emotional health and education, and safeguarding needs in the context of the sexual relationship. The assessment should include, as standard, a police check on the partner; details of that child or adult will then be stored on the police computer. If someone is considered to need protection, he or she should be referred to social services or the police, who will devise a protection plan.

The protocol stems from the Bichard inquiry into the Soham murders, and comes with the emotive appeal that anything that prevents another tragedy is justified. But it is very hard to see how it will prevent abuse or murder and very easy to see how it will cause harm.

Any screening service needs to have an accurate way of telling which people are at risk, but in this case professionals are given the confusing task of deciding whether the behaviour of the sexual partner amounts to "grooming for sexual exploitation", as opposed to normal seduction.

Police and social workers are expected to create protection plans, but quite how they will protect a 17-year-old girl from a relationship she wants to maintain is left a mystery.

Finally, any screening service should not cause undue harm, but this protocol will cause harm in both direct and indirect ways. The risk assessment is likely to be offensive and distressing to many teenagers since it requires intimate details of their relationship. There is no mention of obtaining their consent; if they disagree with the professional concern, this is seen as another risk factor.

It will also be a major deterrent to teenagers who would like advice or help with sexual relationships but, as we know well, want confidentiality. They may now find themselves subjected to detailed questioning, as well as having their confidences broken and partners' names put on a police computer.

Teenagers are at some risk from sexual predators, but the stranger who uses force to abuse is relatively rare. Most abuse is carried out by relatives or friends who have a relationship with the victim. We would help teenagers more by providing advice when asked and with the confidentiality they prize. This would allow open discussion of the complexities of sexual relationships, helping them make sense of their experiences, recognise exploitation and receive the support needed to protect themselves.

Teenagers at present are causing considerable anxiety to adults, but these preoccupations tell us more about adult anxieties than teenage needs. Professionals are anxious to avoid blame, and detailed procedures offer a form of security to them. But in the complex area of developing happy sexual relationships, they do not offer security to teenagers. Faced with adults who offer help in ways that either demonise or infantilise them, teenagers with a normal range of concerns about sexual relationships are likely to shun all professionals as unhelpful. What they need is a positive message about sex as a natural and enjoyable part of a relationship. They need to learn from experience and they will probably have some miserable or embarrassing times. They might well then appreciate confidential support from an adult as they develop self-confidence and the maturity to know what they want or don't want from relationships.

Professional surveillance is a weak defence against sexual predators. The safest teenager is the one with the confidence to say no.

From CNET News

Australia's most populous state, New South Wales, moved on Wednesday to outlaw employers from snooping on workers' private e-mails as part of anti-spying legislation aimed at stopping bosses from covertly observing employees.

In an Australian first, the New South Wales state government introduced surveillance legislation to outlaw unauthorized spying on employees using technologies including e-mail, video cameras and tracking devices. We don't tolerate employers unlawfully placing cameras in change rooms and toilets, Attorney General Bob Debus said in a statement. Likewise we should not tolerate unscrupulous employers snooping into the private e-mails of workers.

Australia has national privacy laws but they do not cover e-mail monitoring. The legislation is expected to be passed by next week, the minister's spokesman said. Penalties would include a fine of 5,500 Australian dollars ($4,278) for individuals, or for each director of a corporation.

Trade unions welcomed the move as a victory against "big brother" monitoring by employers, which they said has been on the rise. The e-mail is the modern version of the telephone and I think that most employees would reasonably say that their phones shouldn't be tapped at work automatically, and I think that should apply to the Internet," said Bill Shorten, secretary of the Australian Workers Union.

Westminster Council are Listening

From The Telegraph

Westminster council is planning to attach 24-hour surveillance microphones to its lamp posts in a move that raises the spectre of George Orwell's Big Brother on Britain's streets.

The first microphones, which are linked wirelessly to Westminster council's headquarters, are designed to monitor rowdy bars and nightclubs in central London. They will also be installed in housing estates in an attempt to stop nuisance neighbours.

Shameful Westminster council said the microphones, which will be installed next to existing wireless CCTV cameras, would not be used to snoop, BUT... would allow its inspectors to take prompt action against anti-social behaviour.

Steve Harrison, its assistant director of community protection, said the microphones would first be tested in Soho. The devices would be programmed to trigger an automatic alert if noise levels get too high. By the time someone rings us up to tell us about a noise problem and we have decided whether to visit, that event could be lost to us. This is about trying to instantly capture an image and audio that goes with it to let us know what's going on. Then we can almost in real time make that assessment of whether to go out.

Recordings could also be used in evidence at a licensing committee or magistrates' court, he said. Within a few months, microphones will also be put in at least two housing estates to monitor communal areas, the council said.

The microphones will be housed in 3ft-long boxes attached to lamp posts. A foam cover and spike to deter pigeons will protrude from the casing, Harrison said.

Has anybody ever come across the idea of a screen saver that continually and randomly spiders the web emulating a perpetual surfer. It would have the following advantages:

• It would generate an awful lot of data for Big Brother to store, especially for always on Broadband
• Big Brother would not be able to determine which sites you actually viewing from all the dross recorded
• It may make an interesting screen saver in its own right

Thanks to alan who suggests Web Collage

From The Register

The European Council has quietly proposed pan-European data retention laws that will require communications service providers to keep all user data for a minimum of a year, and possibly indefinitely.

The draft framework will apply to data generated by an exhaustive list of comms architectures and protocols: phone, text, MMS, email, Voice over IP, and Web communications among them.

It has been rather hastily published in line with the European Council declaration that followed the bombings in Madrid. In this declaration, the Council said it would bring forward the debate around data retention. The fact that this document surfaced so quickly suggests, some say, that it has been floating around for some time.

The draft is very broad in its scope, and very loose in its definitions, which may sound familiar. The stated aim is not to store content, just the data generated by the flow of traffic, and its associated user information. However, as Joe McNamee of lobbying group Political Intelligence points out, at no point does this draft specify exactly what constitutes content, and what constitutes traffic data.

Consider article 2.3, part(c). This states that service providers will be required to retain FTP logs. Are these content, or traffic data? This question needs to be resolved, especially as (in article 2.4) the draft makes the provision that it will cover all future communications technologies too.

It is also noticeably imprecise about how long the information must be kept for: article 4.1 provides a time bracket of between 12 and 36 months, but goes on to say that it may be kept for longer if the member state feel it is necessary.

Draconian, you might think. Bound to get the civil libertarians up in arms? But wait: 4.2 contains the get-out clause. It says that any member state can derogate from 4.1 (i.e. ditch it), should they feel it is unacceptable. Sometime the most effective thing you can do, politically, is not be rigid, McNamee says. This clause is very clever. It gives a perfect counter-argument to any criticism without actually backing down: the Council can always argue that it is not forcing the legislation on any of its member states, even though it is extremely unlikely that any will actually take advantage of the option.

In the covering letter, the writers explain that although this kind of retention of data may constitute an interference in the private life of an individual, this doesn't violate European law, provided the interference is appropriate and strictly proportionate.

But what of those innocent citizens whose digital movements will be tracked? Everything you do online must be recorded: that means that FTP logs about images you download, even in a spam email, are kept on a database somewhere. If I was Joe Public, I don't think that would make me feel very secure, McNamee concludes.

A worrying trend to ram peoples arms up behind their back and then make them sign a contract. Such contracts should at least be considered morally worthless both by the bullied individual and the community.

From The Telegraph

New tenants on a housing estate are being required to sign a legally-binding contract not to swear in public. The move is aimed at curbing anti-social behaviour that has plagued the Hollingdean estate in Brighton for years.

New council or housing association tenants will have to sign the agreement, which also outlaws loud music, fly tipping and careless driving. Persistent rule-breakers face losing their homes.

Faye Cooper, the estate's safety co-ordinator who has helped negotiate the agreement with housing associations, the city council and police, said: There are 10 housing associations and the council providing accommodation on this estate, so we wanted everyone to be following the same rules. We want to help people who are causing problems to change their behaviour before we need to enforce the rules but there is now a legal back-up if we need it. The estate has its fair share of harassment, noise, fly tipping and groups of young people who aren't necessarily bad but aren't behaving properly. All these things can create a bad atmosphere, which is what we want to tackle."

I think that the US job will be an awful lot easier when they require Europeans to get visas from inaccessible embassies. Only the terrorists will be arsed to make the effort to go.

From The Register

The US Transportation Security Administration (TSA) is behind schedule in developing a new anti-terrorist database system called Secure Flight.

After confronting the obvious defects in the old pre-9/11 CAPPS (computer-assisted passenger pre-screening system), which allowed 19 violent terrorists to board flights on a single morning, the TSA set out to develop CAPPS-2, supposedly an improvement. When that project failed to result in a working system, TSA announced that it would re-work the entire scheme.

Proposed improvements included letting the government, rather than airlines, administer the system, so that secret counter-terrorist intelligence could be used, and merging airline passenger data with commercial data such as that stored by privacy invasion outfits like ChoicePoint.

TSA got off to a strong start, successfully changing the system's name, for example, but has since fallen behind on lower-priority modifications, such as establishing privacy standards, and basically making it work.

Congress established ten milestones that Secure Flight must pass before its intended roll-out in August. Of these, nine remain to be satisfied. So the chance that this scheme will actually be implemented in August is very slim, especially when one considers the extraordinary capacities that it is expected to have.

According to a report, the required system capabilities are: Comparison of data contained in the passenger's reservation (PNR) with information contained in government watch lists; Matching information in the PNR to CAPPS I rules to identify individuals who should be subject to additional security screening; Checking PNR data against commercial databases to assist in confirming the passenger's identity; Matching PNR data against lists of international fugitives and government 'wanted lists' to identify known criminals; Using algorithms developed through intelligence modeling to identify previously unknown terrorists; Maintaining a list of individuals, who have been previously cleared under credentialing programs, to minimize the volume of passengers that must be prescreened; Providing the capability to create a temporary watch list based on information extracted from current intelligence reports, such as blocks of stolen passports."

It is sure to be full of bad data that will repeatedly flag and inconvenience the wrong travellers. (The existing CAPPS system didn't stop the 9/11 hijackers, although it did catch US Senator Edward Kennedy and former singer Cat Stevens, for example.)

So it comes as no surprise that TSA should have fallen behind in developing a system intended to do the impossible. The only odd thing here is the fact that the law enforcement establishment, the public, and Congress foolishly persist in believing that "information technology" is the answer to real-world security problems.

From the Toronto Star

Currently, no legislation governs the implanting of technology in the human body and, according to the European Group on Ethics in Science and New Technologies (EGE), an advisor to the EC, it's a situation that needs to be addressed.

The European Commission this week adopted an opinion on the ethical aspects of ICT implants in the human body, declaring they should only be given to those in need rather than those who wish to enhance their faculties. Efforts should be made to make sure that such ICT implants are not used to create a two-class society. Access to ICT implants for enhancement should only be for the purpose of bringing children or adults into the 'normal' range for the population... A second permissible purpose would be to improve health prospects, such as enhancing the immune system to be resistant to HIV, for example."

What, however, is not acceptable is using such implants to track individuals or to discover data about them. ICT implants due to their network capability could be misused in several ways for all kinds of social surveillance or manipulation... In some cases, the implantation of microchips with the potential for individual and social forms of control is already taking place. The EGE stresses the importance that not only the individual has the right to protect his or her own personal data but that society should take care that online and surveillance systems, where they are permitted, should not become systems of untenable restriction.

The EC, however, believes that using implants as surveillance tools is acceptable, as long as government has legislated for it first. The EGE insists that surveillance applications of ICT implants may only be permitted if the legislator considers that there is an urgent and justified necessity in a democratic society and that there are no less intrusive methods.

The EGE also recommends that an independent adjudicator be appointed to monitor rulings in such cases.