Liberty News

A flagship database intended to protect every child in the country will be used by police to hunt for evidence of crime in a "shocking" extension of its original purpose, The Daily Telegraph has learned.

ContactPoint will include the names, ages and addresses of all 11 million under-18s in England as well as information on their parents, GPs, schools and support services such as social workers.

It has always been portrayed as a way for professionals to find out which other agencies are working with a particular child, to make their work easier and provide a better service for young people.

However, it has now emerged that police officers, council staff, head teachers, doctors and care workers will use the records to search for evidence of criminality and wrongdoing to help them launch prosecutions against those on the database - even long after they have reached adulthood.

The records will be updated until children turn 18 then kept in an archive for six years before being destroyed, meaning they can be accessed until a young person reaches 24. Those who have learning difficulties or who are in care will remain on the live system until they turn 25, so their archived records will be available into their 30s.

Little-noticed guidance published by the Government discloses that ContactPoint users can request administrators to give them archived data for a number of reasons, including for the prevention or detection of crime and for the prosecution of offenders.

ContactPoint will not include detailed case information on children, but will record if they have contact with a Youth Offending Team or sensitive services such as drug abuse workers, which critics say will mean it is obvious which young people have criminal records.

Baroness Miller, the Liberal Democrats' home affairs spokesman in the House of Lords, said: This is truly shocking. It's exactly the definition of a police state. The police will have the details of a whole generation for so-called crime prevention. It raises a lot of issues and we haven't had a debate in Parliament about it.

Phil Booth, national co-ordinator for the civil liberties campaign group No2ID, added: Parents should know that this is not for the protection of their children, it could be used to prosecute them. This is a serious step on from what little has been told to the public.

ContactPoint will be put into use by 17 councils in the North West in October and then rolled out across the country.

Update: Delayed

31st August 2008

Now, just weeks before its planned launch and days after the Telegraph disclosed concerns that it will be used to increase the criminalisation and surveillance of England's youth, ministers have announced that ContactPoint will not become operational until the New Year at the earliest.

The Department for Children, Schools and Families claimed that the new delay was not down to security or privacy fears, however, but simply because of "glitches" that had emerged during testing of the system, which is being built by the IT firm CapGemini.

Town hall snoopers are demanding access to people's bedrooms. Officials say they need to enter and inspect properties where a council tax discount is claimed.

Seven and a half million people are entitled to 25% off their annual bill because they live on their own.

The Conservatives warned that householders are being pressured into signing a declaration agreeing to an internal inspection of their homes in order to prove they really are single.
council tax

One form, produced by Thurrock Council in Essex, reads: To be completed and returned immediately if you wish to continue to claim single person discount... I authorise the Council or its agents to make enquiries to corroborate this claim. I will permit the Council or its agents to inspect the property on request... If you do not do so, we will have to cancel your discount and send you a revised bill for the increased amount.

Shadow local government secretary Eric Pickles said there was evidence that other councils were making similar demands. He said the move raised the prospect of town hall officials entering law-abiding people's homes looking for evidence of a 'hidden partner'.

Government guidance encourages councils to undertake 'spot check' internal inspections of properties, giving practical tips how to 'maximise their time spent on inspections'.

Pickles said: Day by day under Labour, the rights and liberties of law-abiding citizens are being undermined, with more and more state officials trying to enter and spy on people's homes.

It may be appropriate for local authorities to check that council tax discounts are not wrongly claimed. But it is wholly disproportionate to threaten higher council tax bills if residents do not allow state officials into their bedrooms. This is another worrying sign of function creep.

Google is pushing tools that facilitate sharing and communication by maintaining files on its own servers.

Tools such as Gmail, Google Calendar, Google Talk, Google Docs, for creating and working together on documents, spreadsheets and presentations and Google Sites: One-stop sharing for all types of team information, provide Google with transparency into users files an data.

But the initiative is running headlong into another new phenomenon of the information technology age: the unprecedented powers of security officials in the United States to conduct surveillance on communications.

Eighteen months ago, Lakehead University in Thunder Bay, Ontario, had an outdated computer system that was crashing daily and in desperate need of an overhaul. A new installation would have cost more than $1-million and taken months to implement. Google's service didn't cost the university a penny.

However the U.S. Patriot Act gives authorities the means to secretly view personal data held by U.S. organizations ie Google.

At Lakehead, the deal with Google sparked a backlash.  Professors say the Google deal broke terms of their collective agreement that guarantees members the right to private communications. The [university] did this on the cheap. By getting this free from Google, they gave away our rights, said Tom Puk, past president of Lakehead's faculty association, which filed a grievance against Lakehead administration that's still in arbitration.

Some other organizations are banning Google's innovative tools outright to avoid the prospect of U.S. spooks combing through their data. Security experts say many firms are only just starting to realize the risks they assume by embracing Web-based collaborative tools hosted by a U.S. company, a problem even more acute in Canada where federal privacy rules are at odds with U.S. security measures.

Darren Meister, associate professor of information systems at the Richard Ivey School of Business,said: If I were a business manager, I would want to be very careful about what kind of data I made accessible to U.S. law enforcement.

Using their new powers under the Patriot Act, U.S. intelligence officials can scan documents, pick out certain words and create profiles of the authors - a frightening challenge to academic freedom, Puk said. For instance, a Lakehead researcher with a Middle Eastern name, researching anthrax or nuclear energy, might find himself denied entry to the United States without ever knowing why: You would have no idea what they are up to with your information until, perhaps, it is too late. We don't want to be subject to laws of the Patriot Act.

Google's free Web tools are advertising-based and they automatically extract information from personal content to build a profile for advertisers. Lakehead professors also object to this feature, although Puk says Google has refrained from attaching ads until the grievance is settled.

Google claims it has a strong track record in regard to protecting customers' data. The firm cites a court case it fought in 2006 against attempts by the U.S. Justice Department to subpoena customer search records.

But the company will not discuss how often government agencies demand access to its customers' information or whether content on its new Web-based collaborative tools has been the subject of any reviews under the Patriot Act.

A powerful coalition of children’s charities is urging ministers to make it illegal for companies to trawl Facebook and other social networking websites for information on prospective recruits.

They say that employers and educational establishments are known to be browsing the internet looking for “digital dirt” on young people who have applied for positions.

The eight charities acted partly in response to a report in The Times that revealed one in five employers used the internet to check on candidates, and two thirds of those who did said that their decisions were influenced by what they found.

A senior tutor at Emmanuel College, Cambridge, had also said that he used Facebook to check up discreetly on applications for a college position.

The charities, including the NSPCC, the Children’s Society and NCH, said that the call for a new law is part of their wider concerns about online safety for children.

John Carr, secretary of the Children’s Charities’ Coalition on Internet Safety, who is coordinating the campaign, said that pictures or gossip up-loaded during the teenage years should not be used against a young person ten years later: When young people put up their personal profiles they are not thinking about job or university applications. Typically, they are simply talking to their mates. Employers or admissions tutors who delve into these places are being highly and inappropriately intrusive. It’s a bit like looking at someone’s diary.

A world where even a 14-year-old has to think twice before posting an adolescent poem suddenly looks very unappealing and increases the pressure on children and young people to conform to a set of tightly focused adult norms.

The children’s charities are seeking clarification on whether discrimination legislation could be used to stop companies from using social networking sites for recruitment purposes.

Margaret Moran, Labour MP for Luton South, is to lead the campaign in Parliament. She is discussing with Commons authorities the terms of a ten-minute rule Bill to tighten legislation. She has also written to James Purnell, the Work and Pensions Secretary, asking him to give his opinion on whether it is legitimate for employers to use information from social networking sites for recruitment.

Plans to fingerprint millions of passengers a year at Heathrow's new fifth terminal have been put on hold hours before it opens for business.

BAA, the airport operator, took the decision after being warned by the Government's Information Commissioner that the move could breach the Data Protection Act.

It has left BAA is facing huge embarrassment at a time when it was hoping that public attention would be fixed on the long-awaited £4.3 billion terminal when it handles its first passengers tomorrow.

The controversial scheme meant that, for the first time ever, travellers would be fingerprinted before being allowed to board a plane. It would have affected about four million domestic passengers a year who use the terminal, which will become the British Airways base at the airport.

A BAA spokesman said that it will hold further talks with both the Information Commissioner and the Border and Immigration Agency before deciding its next move.

For the time being instead of leaving a fingerprint before passing through security - which is verified at the departure gate - passengers will be photographed.

Although BAA is keen to press ahead with the plans, no date has been fixed for when it will be able to do so. The decision to fingerprint all domestic passengers at the terminal was triggered by the demands for heightened security by the Home Office. With domestic and international passengers sharing the departure lounge at the terminal, it was feared that this would make it possible to bypass border controls.

The scheme hit the buffers late last week when David Smith, the Deputy Information Commissioner, questioned its necessity. He said photographing – the option now being adopted – would be far less intrusive.

Even the Home Office, which had put pressure on BAA to tighten security, distanced itself from the move. This was despite officials previously demanding some form of biometric tests in addition to photographs – and having approved the fingerprint scheme during months of negotiations.

At the Digital Living Room conference, Gerard Kunkel, Comcast’s senior VP of user experience, told me the cable company is experimenting with different camera technologies built into devices so it can know who’s in your living room.

The idea being that if you turn on your cable box, it recognizes you and pulls up shows already in your profile or makes recommendations. If parents are watching TV with their children, for example, parental controls could appear to block certain content from appearing on the screen. Kunkel also said this type of monitoring is the “holy grail” because it could help serve up specifically tailored ads.

Kunkel said the system wouldn’t be based on facial recognition, so there wouldn’t be a picture of you on file (we hope). Instead, it would distinguish between different members of your household by recognizing body forms. He stressed that the system is still in the experimental phase, that there hasn’t been consumer testing, and that any rollout “must add value” to the viewing experience beyond serving ads.

I can’t trust Comcast with BitTorrent, so why should I trust them with my must-be-kept-secrets...

Phorm is a way to enable advertisers to meet web users' needs: no one gets hurt, right? Wrong. There's another reason this invasion of privacy is of such a concern and it is the potential effect of some worrying legislation that is currently being debated very quietly in the UK.

The proposed criminal justice and immigration bill contains a disturbing element within it: if passed and made into law, it will then be "an offence for a person to be in possession of an extreme pornographic image". It will be illegal to have in your possession certain pictures deemed "offensive" or "obscene" by the government. No, this is not 1984, surprisingly. According to this proposed bill, if you have in your possession hardcore BDSM sexual imagery you can be criminalised and potentially imprisoned for it.

So, let's say you're a man who gets off on being tied up and spanked. One day your girlfriend strips you naked, binds you and your genitalia tightly with some rope, hits you with a paddle, and perhaps you both have an orgasm or two. She also photographs you in situ. Let's then say that the next day you decide to upload those photos to a blog, so you can both look at them. Your girlfriend likes the pictures so much she decides she's going to download a couple to her computer so that she has permanent offline access to them and can enjoy them at her own leisure.

Guess what? If this law gets passed, you both would have just broken it, and risked a large fine, if not imprisonment, even though you were willing, mutually consensual participants, and your photos were for your own personal use. Both owning and downloading the pictures would be a criminal offence, and bar searching every home in the country, it'll surely be users' web history that allows others, whether it be ISPs, advertisers, or the government, to have access to what people are privately looking at and downloading from the web. While Phorm might look innocuous now, its use in the future may be more about gathering personal web viewing data, for legal purposes, rather than for targeted advertising and we should be challenging it now, for this reason.

Liberty has joined forces with the organisation Backlash in opposing the bill, not least because it breaches at least two aspects of the European convention on human rights. Given this, and the fact our private information is soon to be readily available to third parties courtesy of our ISPs, we should all be concerned about protecting the future privacy of our online use. Right now people have the chance to opt out - and by that I mean they have the choice to leave an ISP if it signs up to Phorm and join another one that will not be collecting data about its customers. But if we rest on our laurels and do not fight for online confidentiality, we may soon find that our right to privacy is eroded without our consent: once that is gone, it is unlikely we will ever win it back.

...Read full article

Update: Privacy Guardian

31st March

The boss of Phorm defended the embattled online advertising technology developer yesterday, offering to open the company up to outside scrutiny by a panel of independent web experts after the firm was blasted by privacy campaigners.

The challenge followed a 5% drop in Phorm shares as the Guardian declared it would not be signing up to the firm's advertising platform because of worries over the information the company had on internet users.

The Guardian's advertising manager, Simon Kilby, said: Our decision was in no small part down to the conversations we had internally about how this product sits with the values of our company.

The security services could be given access to footage from CCTV cameras that will allow them to spy on people across the country.

Home Office officials have had talks with the information watchdog to establish whether it is possible to make images available to track suspects.

Currently, the police and security services have to apply for permission to examine images taken from thousands of cameras across Britain.

A spokesman for the Information Commissioner's Office confirmed yesterday that the meeting had involved discussions about national security and the issue of cameras and traffic.

Civil liberties campaigners expressed concern that the move would expand Britain's "surveillance society".

Guy Herbert, the general secretary of the NO2ID campaign, said: I don't think anyone who is sensible would object to proper regulation of CCTV images by the security services or the police in a real inquiry. But the worry is that it might become a routine fishing investigation that produces two different effects: that everyone becomes a suspect and that it is not controlled.

In the current debate about the erosion of civil liberties, a stock claim aimed at dampening the ardour of their defenders is that "if you have nothing to hide you have nothing to fear".

The answer to this is - oh indeed? - nothing to fear from legislation that reduces civil liberties by extending the power of the state to detain, inspect, question, collect personal information, intercept communications, and deploy new and more instruments of surveillance and monitoring such as CCTV cameras and ID cards?

The assumption behind the "if you have nothing to hide" claim is that the authorities will always be benign, will always reliably identify and interfere with genuinely bad people only, will never find themselves engaging in "mission creep" with more and more uses to put their new powers and capabilities to, will not redefine crimes, and even various behaviours or views now regarded as acceptable, to extend the range of things for which people can be placed under suspicion - and so considerably on.

...Read the full article

To live in society at all, we have to keep a reservoir of private thoughts, which, whether wisely or unwisely, we share only with intimates. This sharing of private thoughts is called private life.

Until recently, the concept of private life was basic to civilisation. Its value could be measured by the thoroughness with which totalitarian states and religions always did their best to stamp it out. But now we have to face the possibility that the latest stage of civilisation might also be trying to stamp it out.

You can still keep your thoughts to yourself - nobody has yet invented a machine that can get into your head and broadcast what it finds - but if you try to communicate those private thoughts to anyone else you run an increasing risk that they will be communicated to everyone.

...Read the full article

BT has admitted that it secretly used customer data to test Phorm's advertising targeting technology last summer, and that it covered it up when customers and The Register raised questions over the suspicious redirects.

The national telecoms provider now faces legal action from customers who are angry their web traffic was compromised.

Stephen Mainwaring, a BT Business customer said he suffered sleepless nights after detecting the dodgy DNS requests, and said today: It is very likely that I and others will take legal action against BT for what they did last summer.

In a statement, BT said: We conducted a very small scale technical test of a prototype advertising platform on one exchange in June 2007. The test was specifically conducted to evaluate the functional and technical performance of the platform. Absolutely no personally identifiable information was processed, stored or disclosed during this trial.

Speaking to El Reg on Friday, Stephen said: If they wanted to run a trial, they should have asked. I would have told them I did not want to be part of it.

Stephen has already filed a complaint with the Information Commissioner's Office and is consulting on how to proceed through the courts with other BT subscribers who believe their connection was subject to illegal Phorm tests.

When The Register first asked BT about its relationship with Phorm in July 2007, when it was widely known as 121Media, a firm deeply involved in spyware. BT denied any testing and said customers whose DNS requests were being redirected must have a malware problem.

It wasn't until 14 February this year, when the deals between BT, Virgin Media and Carphone Warehouse to pimp customer web browsing were announced, that a cover-up was revealed.

BT's belated confession that it secretly used its customers' traffic to test the safety of ad targeting technology can only add to the distrust around Phorm.

As part of its admission that it lied over the 2007 trials, BT also said it will follow Carphone Warehouse's lead and develop an opt-out that does not involve cookies and means no data will be mirrored to a profiling server, even if it is ignored.

The Oyster card was introduced to London's public transport users purportedly to make their lives easier.

Now, British Intelligence services want some of the benefits by trawling through the travel data amassed by the card to spy on the 17 million Britons who use it.

An article from Boiled Frog from a Nation of Suspects states: Currently the security services can demand the Oyster records of specific individuals under investigation to establish where they have been, but cannot trawl the whole database. But supporters of calls for more sharing of data argue that apparently trivial snippets — like the journeys an individual makes around the capital — could become important pieces of the jigsaw when fitted into a pattern of other publicly held information on an individual's movements, habits, education and other personal details. That could lead, they argue, to the unmasking of otherwise undetected suspects.

More than 300 ministerial and electorate staffers have been ordered to fill in a 25-page form and attend an in-depth interview into their personal finances, drug habits and sexual history before gaining high-level security clearance.

Senior staff say they have been told the security form is designed to protect them from blackmail. But several have told The Sunday Telegraph they were affronted at the personal information they had been forced to divulge. Friends are also interviewed, and information about drug use and sexual history is cross-checked.

Special Minister of State and Cabinet Secretary John Faulkner admitted some ministerial staff had found the form intrusive but said the clearance was necessary for those who handled sensitive and classified material.

I'm ensuring the Government makes the obtaining of these security clearances a high priority, given the nature of the work and the sensitivity and classification of material that is handled. The higher level of clearance is more intrusive. There were too many staff who simply didn't have security clearance under the former government. I'm keen to ensure all staff have security clearance and that ministers are aware of that responsibility.

An Australian Federal Police source confirmed the security-clearance process requested personal details. In the interview process, they ask you about your sexual orientation and whether you've ever had a homosexual experience. They ask you how many sexual partners you've had, whether you've cheated on your wife and about your sexual habits.

Laws against unauthorised wiretaps should not be used to prevent ISPs providing targetted advertising services, provided ISPs users consent and the service has the highest respect for the users’ privacy, according to a Home Office memo released to the ukcrypto mailing list.

The memo analyses the legality of Phorm and similar services in detail, and concludes with a policy statement that:

The purpose of Chapter 1 of Part 1 of RIPA is not to inhibit legitimate business practice particularly in the telecommunications sector. Where advertising services meet those high standards, it would not be in the public interest to criminalise such services or for their provision to be interpreted as criminal conduct. The section 1 offence is not something that should inhibit the development and provision of legitimate business activity to provide targeted online advertising to the users of ISP services.

The memo’s legal analysis also provides comfort for Phorm in three key areas. It suggests that there are arguments that Phorm’s service might not constitute an interception under RIPA:

Where the provision of a targeted online advertising service involves the content of a communication passing through a filter for analysis and held for a nominal period before being irretrievably deleted - there is an argument that the content of a communication has not been made available to a person.

It suggests that even if Phorm’s services does constitute an interception, it might still be lawful provided the ISP user consents to it, as the required consent from a web site operator might be inferred from the fact that they’re publishing content on the public Internet

A question may also arise as to whether a targeted online advertising provider has reasonable grounds for believing the host or publisher of a web page consents to the interception for the purposes of section 3(1)(b). It may be argued that section 3(1)(b) is satisfied in such a case because the host or publisher who makes a web page available for download from a server impliedly consents to those pages being downloaded.

It also suggests that ISPs might be able to redefine their service from being “Internet access” to “Internet access with value-added targeted advertising", and by so doing take advantage of wiretap exemptions originally intended to protect routers and web proxies.

Regardless of the legal debate, it is highly significant that the government has decided that as a matter of public policy RIPA should not stand in the way of Phorm and similar services, provided user consent is obtained through the ISP’s Terms and Conditions of Service. This implies that even if the legal arguments remain contested, ISP prosecution is unlikely and the government might contemplate legislative reform to clarify the legal situation in favour of Phorm and their ISP partners.

FIPR Consider Phorm to be Illegal

See full article from The Register
See also Open Letter to the Information Commissioner

The Foundation for Information Policy Research (FIPR), a leading government advisory group on internet issues, has written to the Information Commissioner arguing that Phorm's ad targeting system is illegal.

In an open letter posted to the think tank's website today, the group echoes concerns voiced by London School of Economics professor Peter Sommer that Phorm's planned partnerships with BT, Virgin Media and Carphone Warehouse are illegal under the Regulation of Investigatory Powers Act 2000 (RIPA).

The letter, signed by FIPR's top lawyer Nicholas Bohm, states:

The explicit consent of a properly-informed user is necessary but not sufficient to make interception lawful.

The consent of those who host the web pages visited by a user is also required, since they communicate their pages to the user, as is the consent of those who send email to the user, since those who host web-based email services have no authority to consent to interception on their users' behalf.

Phorm claims that all sensitve data will not be profiled, but FIPR argues its "restricted sites" blacklist system will be ineffective because of the vast array of webmail and social networking sites web users now visit.

Bohm uses the letter to urge the Information Commissioner, Richard Thomas, to ignore the conclusions of the Home Office, which advised BT and the other ISPs that Phorm's technology is legal.

Earlier today web inventor Sir Tim Berners-Lee said he would personally not want his traffic to be profiled by Phorm, and called on BT, Virgin Media and Carphone Warehouse to make the "service" opt-in only.

He also raised concerns that what a person looked at online could be used for other purposes. He said: I want to know if I look up a whole lot of books about some form of cancer that that's not going to get to my insurance company and I'm going to find my insurance premium is going to go up by 5 per cent because they've figured I'm looking at those books.

A German art project could help the British avoid the oppressive proliferation of surveillance cameras in their country. The IRASC is simple, consisting of a circle of infra-red LEDs mounted on a headband. The infra red is invisible to The Man, but will cause CCTV cameras to flare out over the face of the wearer, obscuring his identity and making this the digital equivalent of a hooded sweatshirt.

This is not a production unit, but given that you'd only need a hat, a battery and a few LEDs, you could easily knock one up in the garage.

We the undersigned petition the Prime Minister to Stop ISP's from breaching customers privacy via advertising technologies.

We petition the Prime Minister to investigate the Phorm technology and if found to breach UK or European privacy laws then ban all ISP's from adopting it's use. Additionally the privacy laws should be reviewed to cover any future technologies such as Phorm

The UK's three largest ISP's, Virgin Media, BT and TalkTalk are all in talks with a view to introducing the Phorm technology. This would result in the browsing habits of the majority of the UK population being sold to a third party for advertising purposes. The opt out system for this technology is vague and unproven, even when opting out your every move on the Internet might be recorded. Surely this must be a breach of privacy laws, if not then the privacy laws need to be changed to cover such invasive technology.

Update: Result

4th March 2009. Closed with 21,403 signatures

Government response:

Thank you for the e-petition on internet advertising technologies and customer privacy.

As your petition states, some Internet Service Providers (ISPs) have been looking at the use of Phorm’s Webwise and Open Internet Exchange (OIX) products. However, the only use of the technology so far has been the trials conducted by BT.

Advertisers and ISPs need to ensure that they comply with all relevant data protection and privacy laws. It is also important that consumers’ privacy is protected and that they are given sufficient information and opportunity to make a clear and informed decision whether to participate in services such as Phorm.

The Government is committed to ensuring that people’s privacy is fully protected. Legislation is in place for this purpose and is enforced by the Information Commissioner’s Office (ICO). ICO looked at this technology, to ensure that any use of Phorm or similar technology is compatible with the relevant privacy legislation. ICO has published its view on Phorm [pdf] on its website

ICO is an independent body, and it would not be appropriate for the Government to second guess its decisions. However, ICO has been clear that it will be monitoring closely all progress on this issue, and in particular any future use of Phorm’s technology. They will ensure that any such future use is done in a lawful, appropriate and transparent manner, and that consumers’ rights are fully protected.

The essence of the Phorm scheme is straightforward. It will have equipment at ISPs that will track your activities on port 80 (used for the web).

BT, Virgin and Talk Talk have signed up to try the technology.

With each site you visit it will capture the URL (and, for a search engine, the search terms too) plus enough of the header data from the page to "categorise" it into one of a number of areas. Your IP address is not captured, but a cookie with a unique number is set on your browser when you start using it, which persists into the future.

The data about what websites you tend to visit is then categorised to generate a profile. When you then visit a page whose adverts are sourced from the Open internet Exchange (oix.net) - set up by Phorm - your browser will see adverts targeted to your profile. (Adult, gambling, political, drugs and smoking-related adverts are not allowed.) Your browsing history is not retained; instead the profile for the cookie is refined as it "sees" more of your browsing. Sites that join OIX are told they will get a better per-click payment than with other services.

News of the deal has leaked out ahead of the service's launch. BT says it will begin trialling soon with "a few thousand" customers, though the Guardian has learnt that BT and Phorm tested the service in secret last summer; at least one customer noticed and began worrying that his machine had been infected by a Trojan. BT's support centre had not been told, but later said there was "an issue" affecting "a small number of users". BT denied any involvement with Phorm at the time. The lack of candour has now aroused the ire of many who have learnt about it, who see this as a matter of trust - and are not convinced that ISPs are earning that trust.

...Read full article

Millions of British airline passengers face mandatory fingerprinting before being allowed to board domestic flights when Heathrow’s Terminal 5 opens later this month. For the first time at any airport, the biometric checks will apply to all domestic passengers leaving the terminal, which will handle all British Airways flights to and from Heathrow.

The controversial security measure is also set to be introduced at Gatwick, Manchester and Heathrow’s Terminal 1, and many airline industry insiders believe fingerprinting could become universal at all UK airports within a few years.

All four million domestic passengers who will pass through Terminal 5 annually after it opens on March 27 will have four fingerprints taken, as well as being photographed, when they check in.

To ensure the passenger boarding the aircraft is the same person, the fingerprinting process will be repeated just before they board the aircraft and the photograph will be compared with their face.

BAA, the company which owns Heathrow, insists the biometric information will be destroyed after 24 hours and will not be passed on to the police. It says the move is necessary to prevent criminals, terrorists and illegal immigrants trying to bypass border controls. The company said the move had been necessitated by the design of Terminal 5, where international and domestic passengers share the same lounges and public areas after they have checked in.

Without the biometric checks, the company says, potential criminals and illegal immigrants arriving on international flights or in transit to another country could bypass border controls by swapping boarding passes with a domestic passenger who has already checked in.

They could then board the domestic flight, where proof of identity is not currently required, fly on to another UK airport and leave without having to go through passport control.

Most other airports avoid the problem by keeping international and domestic passengers separate at all times, but the mixed lounges exist at Gatwick, Manchester and Heathrow’s Terminal 1.

Civil liberties campaigners have raised concerns about the possibility of security agencies trying to access the treasure trove of personal data in the future.

There are also fears that fingerprinting will add to the infamous "Heathrow hassle" which has led to some business travellers holding meetings in other countries because they want to avoid the sprawling, scruffy airport at any cost.

Dr Gus Hosein, of the London School of Economics, an expert on the impact on technology on civil liberties, is one of the scheme’s strongest critics. He said: There is no other country in the world that requires passengers travelling on internal flights to be fingerprinted. BAA says the fingerprint data will be destroyed, but the records of who has travelled within the country will not be, and it will provide a rich source of data for the police and intelligence agencies.

Simon Davies, of campaign group Privacy International, suggested the photograph alone would be a perfectly adequate - and much cheaper - way of identifying passengers.

Two things are striking as you read through the oral evidence presented to the Joint Committee on Human Rights. The first is the measured calm of the majority of your witnesses and, indeed, of the majority of the committee, in the face of the most serious attack on personal freedom and privacy ever mounted during peacetime in this country. British democracy is on the brink of being changed beyond recognition, yet nothing seems to disturb the equanimity of your proceedings. Even allowing for the well-mannered traditions of parliamentary committees, the lack of urgency and of a sense of crisis seems remarkable.

The second point that occurs to an outsider unfamiliar with parliamentary routines is that this campaign against Britain's historic rights and freedoms began at almost the precise moment the European Human Rights Convention was incorporated into British law as the Human Rights Act (HRA) in 1998. In other words, the HRA, a Bill of Rights by any other name, has allowed the executive and Civil Service to roll back individual liberty and privacy and has done almost nothing to defend the British public from the accumulation of centralised power.

Let me make it clear that the HRA has brought many benefits, for instance in the questioning of rape victims, treatment of old people and ensuring that foreign prisoners who may be tortured in their countries are not deported. But despite its many advantages, the reality is that the HRA does not work effectively as a Bill of Rights and cannot guarantee the civil liberties necessary for a free society, a point perhaps tacitly admitted by the appearance of Gordon Brown's green paper last summer.

The shocking loss of rights in Britain is now being noticed with bafflement abroad by people who do not understand this turn of events in one of the oldest democracies in the world. On a book tour last month in France, I was repeatedly asked by journalists: 'Why in Britain? Why are there no demonstrations?'

...Read full article

Germany's highest court has ruled that spying on personal computers violates privacy, but governments across Europe are under pressure to help their security services fight terrorism and organised crime.

Here, BBC reporters give a snapshot of the extent of surveillance across Europe.

• The threat of terrorism has forced the German government to take stricter measures:
  Paul Kirby on Germany
• Privacy campaigners say the UK has some of the world's leading surveillance systems:
  Dominic Casciani on the UK
• On the whole, the French are not big fans of surveillance equipment:
  Emma Jane Kirby on France
• Italians are among the most spied upon people in the world, says the Max Planck Institute: David Willey on Italy
• Greece has such strong constitutional protection against state sponsored spying: Malcolm Brabant on Greece
• CCTV monitoring, while extensive in other parts of Europe, is not widespread: Julian Isherwood on Denmark

Read full article

Disproportionate policing was the name of the game in Westminster on Saturday, where hundreds if not thousands of police were on duty over the area in an obvious attempt to avoid a repeat of the January Freedom to Protest debacle.

Despite the gravity of the issue, only a small group of demonstrators turned up, and at the start of the event they were outnumbered by the media - and were only a minute fraction of the police presence. A few arrived later, and some went home quickly, but at the peak numbers were still under 50.

A senior officer came over at the start and issued a warning that serious action would be taken if any demonstration in the SOCPA designated area were attempted, handing out copies of the usual notice. A demonstrator took notes and the Forward Intelligence Team (FIT) photographer photographed and filmed everything that moved.

A small group of demonstrators decided to set off for Parliament Square, walking quietly along the pavement. One young man who managed to evade the police (but not several press photographers) was stopped and searched by police opposite Downing St, who forced him to remove his balaclava. The most suspicious things found on him were a National Express ticket and a strong Newcastle accent.

Later in the day a small group of the Freedom to Protest demonstrators walked down Whitehall and through Parliament Square, and a short protest was held. Followed by a police van and the FIT photographer and minder they then made their way to a pub on the Horseferry Road, causing a little consternation among police around the Home Office as they passed close by. But the demonstrators went into the pub and police and press went home.

Germany's highest court has restricted the right of the security services to spy on the computers of suspected criminals and terrorists.

Under the technique, software sent in an email enables the authorities to spy on a suspect's computer hard drive.

The case - which began last year - was brought after the western state of North Rhine-Westphalia allowed officials to begin using the technique.

The Federal Constitutional Court in Karlsruhe said cyber spying violated individuals' right to privacy and could be used only in exceptional cases. Court President Hans-Juergen Papier said that using such software contravened rights enshrined in Germany's constitution, adding that the decision would serve as a precedent across the country. The ruling emphasised that cyber spying by the authorities would have to receive the permission of a judge.

The German government has described cyber spying as a vital tool in fighting terrorism. Interior Minister Wolfgang Schauble welcomed the possibility of using the strategy and said it would be considered as part of plans to change the law: The court's decision must be carefully analysed and will be accounted for as the legislation is modified.

Judicial approval is already required in Germany for a suspect's telephone to be tapped, and the interior ministry had been expecting the court to make a similar requirement for spying on computers.

During the case, Germany's independent privacy commissioner Peter Schaar argued that the measure would be a further alarming step towards ever more sweeping surveillance

Passengers travelling between EU countries or taking domestic flights would have to hand over a mass of personal information, including their mobile phone numbers and credit card details, as part of a new package of security measures being demanded by the British government. The data would be stored for 13 years and used to "profile" suspects.

Brussels officials are already considering controversial anti-terror plans that would collect up to 19 pieces of information on every air passenger entering or leaving the EU. Under a controversial agreement reached last summer with the US department of homeland security, the EU already supplies the same information [19 pieces] to Washington for all passengers flying between Europe and the US.

But Britain wants the system extended to sea and rail travel, to be applied to domestic flights and those between EU countries.

According to a questionnaire circulated to all EU capitals by the European commission, the UK is the only country of 27 EU member states that wants the system used for "more general public policy purposes" besides fighting terrorism and organised crime.

The so-called passenger name record system, proposed by the commission and supported by most EU governments, has been denounced by civil libertarians and data protection officials as draconian and probably ineffective.

The scheme would work through national agencies collecting and processing the passenger data and then sharing it with other EU states. Britain also wants to be able to exchange the information with third parties outside the EU.

Officials in Brussels and in European capitals admit the proposed system represents a massive intrusion into European civil liberties, but insist it is a necessary part of a battery of new electronic surveillance measures being mooted in the interests of European security.

The Liberal Democrat MEP Sarah Ludford said: Where is this going to stop? There's no mature discussion of risk. As soon as you question something like this, you're soft on terrorism in the UK and in the EU.

Britain is pushing for a more comprehensive system based on the experience of a UK pilot scheme that has been running for the past three years. Officials say Operation Semaphore, monitoring flights from Pakistan and the Middle East, has been highly successful and has resulted in hundreds of arrests.

The scheme has seen one in every 2,200 passengers warranting further investigation, with a tenth of those "being of interest". British officials say rapists, drug smugglers and child traffickers have been arrested and want the EU scheme to cover all fugitives from crown court justice.

Following the convictions of Steve Wright for the murder of five women in Ipswich and of Mark Dixie for the murder of Sally Anne Bowman it was inevitable that one or two MPs would seek to defy the obscurity of their careers with public calls for a full compulsory DNA collection from every living soul in Britain.

Martin Salter for Labour said a mandatory database was a logical extension of biometric passports, and a Tory foot soldier, Philip Davies, declared that he was not averse to a national database if it would help police clear up crime. With that kind of mental process it is astonishing that this pair can dress themselves in the morning let alone find their way to Parliament.

The point which must be evident to anyone who looks at the Wright and Dixie convictions for more than a few minutes is that both men had form. In Wright's case, DNA had been collected and retained by police because of a conviction for theft. In the case of Dixie, DNA was removed after his part in a pub brawl and quickly matched with the sample he left on the body of his victim. If his previous sexual offences had been committed during the operation of the database he would have been found more quickly.

But does this support the argument for a mandatory database? Clearly not, because the damage done to the liberty and privacy of 60 million people would be out of proportion to any gain, to say nothing of the administrative nightmare of collecting everyone's DNA and the flaws already in the system, which are obscured by the police and the Home Office.

...Read full article

For years now, ISPs have been searching for alternative revenue streams to avoid just being "dumb pipes."

A few years ago, they picked up on the fact that they have a tremendous amount of data about what you do online. A bunch of ISPs then started selling your clickstream data to companies that could do something useful with it (though, those ISPs probably neglected to tell you they were doing this).

Late last year, we heard about a company that was trying to work with ISPs to make use of that data themselves to insert their own ads based on your surfing history -- and now we've got the first report of some big ISPs moving into this realm.

Over in the UK three big ISPs, BT, Carphone Warehouse and Virgin Media have announced plans to use your clickstream data to insert relevant ads as you surf through a new startup called Phorm.

While Phorm claims that it keeps your data private by tracking individual users with an assigned number only, that's hardly assuring. After all, remember that both AOL and Netflix have released similar anonymized data where identifying info was replaced with an assigned number... and it didn't take long for both sets of data to be de-anonymized.

While it's no surprise that ISPs would want to get into the advertising business it's going to freak some people out (and potentially cause some serious privacy problems).

All the more reason to figure out how encrypt your traffic and hide your activities from your ISP.

Entry Denied! It says here that you were caught taking a drag on a spliff behind the bike sheds

All 14-year-old children in England will have their personal details and exam results placed on an electronic database for life.

Colleges and prospective employers will be able to access students' records online to check on their qualifications. Under the terms of the scheme all children will keep their individual number throughout their adult lives. The database will include details of exclusions and expulsions.

The introduction of the unique learner number (ULN)  will be seen as the latest step in the Government's efforts to computerise personal records.

Last night teachers' leaders, parents' organisations, opposition MPs and human rights campaigners questioned whether this Big Brother approach was necessary and said that it could compromise the personal security of millions of teenagers.

The new database — which will store a “tamper-proof CV” — will be known as MIAP (managing Information Across Partners). To be registered on the new database every 14-year-old will be issued with a unique learner number. Unlike the current unique pupil number now given to children in school but destroyed when they leave, the ULN will be used by government agencies to track individuals until they retire. Ultimately, it will create a numbered database for every citizen aged 14-plus in the UK.

The MIAP is part of a push for more government departments to share information on ordinary citizens with each other.

Margaret Morrisey, of the National Association of Parent Teacher Associations, said that plans for MIAP, which will be compulsory for all 14-year-olds throughout the UK, would fill parents with horror: I suspect there will not be more than two parents in the land who would have faith in the Government that this information will be secure.

Original plans for MIAP drawn up by the Government in 2003 suggested that the database could be linked to identity cards, raising the prospect that once pupils were in the system they might be forced into accepting an ID card.

Young drivers are to be FORCED to get ID cards when they apply for their first licences.

The People has seen sensational leaked Home Office documents revealing the secret plan.

It says newdrivers and those applying for fresh passports will be “coerced” into getting the controversial identity cards.

PM Gordon Brown has always said the scheme will be voluntary unless Parliament decides otherwise.

Shadow Home Secretary David Davis stormed: “This is an outrageous plan. The Government has seen their ID card proposals stagger from shambles to shambles: Now they plan to use coercion in a desperate attempt to bolster a failed policy.

Civil rights group Liberty said: This memo confirms that compulsion is the ultimate ambition of this scheme.And it can be achieved by stealth even without the need for further parliamentary debate.

The secret document from the Identity and Passport Service is headed: Options analysis - outcome.

It says: Various forms of coercion, such as designation of the application process for identity documents issued by UK ministers (eg passports) are an option to stimulate applications in a manageable way.

There are advantages to designation of documents associated with particular target groups, eg young people who may be applying for their first driving licence. The report says: universal compulsion should not be used unless absolutely necessary because of the ID controversy.

Successfully bugging Islamic terrorists ranks among the key weapons to defeat those secretly campaigning to destroy Britain's liberal civilisation.

Ever since suicide bombers caused 52 deaths on the London Underground in 2005, we have reluctantly accepted further encroachments on our liberties as a necessary evil.

Last week's prosecutions in Birmingham against extremists plotting to behead a Muslim soldier, as part of a campaign to wreck Britain's racial harmony, were possible only because listening devices had been planted inside the terrorists' homes.

The intelligence officers who masterminded that delicate operation deserve high praise.

But accolades turn rapidly to admonition when the line between intrusion to defend our civilisation and intolerable denial of our liberties is crossed.

That is why the news that MI5, the domestic intelligence service, and Scotland Yard had apparently mounted an eavesdropping operation against Sadiq Khan, a Muslim MP and government whip, is so alarming.

In defending British society, our guardians' vigilance appears to threaten the destruction of the very values we seek to protect.

...Read the full article

Attorney General Andrew M. Cuomo and state lawmakers, with the backing of the social networking sites MySpace and Facebook, are pushing a bill that would ban sex offenders' use of the sites.

The law would require all registered sex offenders to submit any e-mail addresses and other Internet identifiers, such as screen names used for instant messaging, to the State Division of Criminal Justice Services within 10 days of their creation, as with their home addresses.

Offenders who fail to do so would be violating their parole or probation, Cuomo said.

Under the bill, Level 3 sex offenders, whom the state considers the most dangerous and most likely to commit another sex crime, and sex offenders who used the Internet to commit sex crimes or who committed crimes against minors would be barred from social networking sites. Such offenders would also be barred from communicating online with children.

Lower-level sex offenders and sex offenders who did not use the Internet in their crimes would not be barred from the sites under the bill. MySpace and Facebook said, however, they would bar them anyway.

The bill also would allow the state to share the e-mail addresses with sites like Facebook and MySpace. Officials with both companies have agreed to check their databases against the lists provided by the state. If the addresses match, the companies said that they would terminate the users' accounts and alert the authorities. When setting up accounts with the sites, users must submit valid e-mail addresses.

When it was passed into law, the Regulation of Investigatory Powers Act (2000) sounded a pretty innocuous piece of legislation. But in truth it represented a significant victory for the busybody state over our ancient liberties.

Labour claimed it was responding to demands from civil liberties campaigners for more control over state snooping. But it soon became clear that the legislation which Jack Straw, then Home Secretary, was introducing would have the opposite effect, massively expanding the ability of the public sector to pry into our private lives.

The Act, which has been quietly amended several times (each time handing more powers to the public sector), now gives an unprecedented range of state agencies the right to listen to our phone conversations, tap our emails and open our post. In the last nine months of 2006, 960 new applications for the right to peer into the private lives of Britons were made every day.

It is a level of Government surveillance that would make even the Stasi, the former East German secret police renowned as the world's most effective intelligence agency, proud.

There are three different types of surveillance:

• Interception of Communications - listening in while people are on the phone, or watching what we do on the internet - is the most difficult to justify.
  
  But the grounds for interception are so wide as to allow most requests to be approved. As well as the more predictable excuse of national security, they include safeguarding the economic well-being of the UK. The police, the security services and Customs can all use this technique but they need authorisation from the Home Secretary herself or, in urgent cases, get temporary permission from one of her senior officials.
   
• Surveillance - old-fashioned spying. The list of possible justifications for this is absurdly long - including to prevent and detect crime or prevent disorder, public safety, public health, to assess or collect any tax, duty, levy or other charge payable to a government department. Just about any of us could be under surveillance using one of this list.
  
  Most worryingly, a long list of government agencies - including 474 councils - can put us under the spotlight. Senior officials in each one can simply give the go-ahead and apply for a rubber stamp to be given later by the Interception Commissioner.
  
  This Commissioner, former judge Sir Paul Kennedy, with a team of five inspectors, is supposed to check to make sure that all the bugging and spying waived through by the Home Secretary or others has been justified. His report this week identifies more than 1,000 cases over nine months where he found that the rules had been broken.
   
• Access to communications data. This type of surveillance is the most common and includes discovering the identities of who we phone and which internet sites we visit. This information is even easier for public authorities to obtain with relatively junior officials able to authorise it.
  
  Later, as in the case of surveillance, justification for needing this information is considered by overworked bureaucrats accountable to the Interception Commissioner.
  
  But by the time his staff gets round to looking at the paperwork, the trading standards officers down at the town hall, for example, may have been peering at your phone and internet records for more than a year.
  
  There is a tribunal to which you can complain, but since virtually no one under surveillance will know they are being watched, the tribunal isn't busy and has virtually never found in favour of a complainant.

How did the Government get away with this? Well, the Lords did make a fuss at the time. Tory peer Lord Northesk said it sanctioned mass domestic surveillance measures.

The Government appeared to be forced into a climbdown. The Regulation of Investigatory Powers Act (RIPA) initially only covered the nine most crucial law enforcement agencies (police, the taxman, the intelligence agencies etc).

But this merely delayed the stealthy march of Big Brother. In 2004, the number of groups with the right to poke in our lives expanded to 792; the laws to allow this had been slipped quietly through the Commons by David Blunkett.

As usual, Whitehall got its way by waiting for the fuss to die down. Incidentally, the only group with an exemption from being bugged are MPs themselves.

But the Act didn't merely extend the rights of bureaucrats to check on us, it also forced the larger internet service providers to build into their systems the technological capability to cater for all this snooping.

In practice, the result was that "black boxes" were installed in all main ISPs, copying all the information available to them straight to the security services. Then, when MI5 or the police obtain an authorisation for surveillance, they merely tap into the black box. In return, the internet companies have been able to recoup some of their costs from the taxpayer.

While writing this article, I made several phone calls and looked at a number of sources on the internet. If anyone in Whitehall can think of a plausible reason why this article threatens the economic security of Britain, or any of the myriad excuses detailed above, they will be able this morning to see who I spoke to and where I went on the net, to conduct my research. Surely, that can't be right?

Hidden microphones mounted on CCTV cameras which can eavesdrop on private conversations in the street are set to be outlawed.

Richard Thomas, the Information Commissioner, believes that the cameras are a serious breach of civil liberties. Thomas will launch a new code of practice and declare that no organisation should be able to monitor or store private conversations, claiming that such activities are "highly intrusive".

Whitehall sources said last night that he has the strong backing of ministers. The ruling is also likely to be hailed by civil liberties campaigners.

A spokesman for Thomas said that the use of cameras to record voices would be allowed only in "extremely special circumstances" such as the detection of crime.

Some councils, including Westminster in London, began testing the new cameras last year and more are reported to be keen on using them in the run-up to the 2012 London Olympics. Many are fitted with microphones which can "bug" conversations up to 100 yards away.

Residents can now keep tabs on people given ASBOs by looking them up on the internet.

ASBO in your neighbourhood has been launched by the BurySafe partnership on its website at www.burysafe.org, which includes maps of exclusion zones.

Officers want the public's help in ensuring that these people, who have been given an ASBO (anti-social behaviour order) in the last six months or are believed to be breaching conditions of the order, do not continue to cause problems in Bury.

Tony Holt, head of community safety, was instrumental in pushing the idea forward.

I understand that it may cause some controversy, but let us be clear about the reason these people have been given these orders, he said.

National Intelligence Director Mike McConnell is drawing up plans for cyberspace spying that would make the current debate on warrantless wiretaps look like a "walk in the park," according to an interview published in the New Yorker.

McConnell is developing a Cyber-Security Policy, still in the draft stage, which will closely police Internet activity.

Ed Giorgio, who is working with McConnell on the plan, said that would mean giving the government the authority to examine the content of any e-mail, file transfer or Web search. Google has records that could help in a cyber-investigation, he said: We have a saying in this business: ‘Privacy and security are a zero-sum game.'

The infrastructure to tap into Americans' email and web search history may already be in place. In November, a former technician at AT&T alleged that the telecom forwarded virtually all of its Internet traffic into a secret room" to facilitate government spying.

Whistleblower Mark Klein said that a copy of all Internet traffic passing over AT&T lines was copied into a locked room at the company's San Francisco office -- to which only employees with National Security Agency clearance had access -- via a cable splitting device.

According to Klein, that information included Internet activity about Americans: We're talking about domestic traffic as well as international traffic. Previous Bush administration claims that only international communications were being intercepted aren't accurate, he added.

Senior British police officials are talking to the FBI about an international database to hunt for major criminals and terrorists.

The US-initiated programme, "Server in the Sky", would take cooperation between the police forces way beyond the current faxing of fingerprints across the Atlantic. Allies in the "war against terror" - the US, UK, Australia, Canada and New Zealand - have formed a working group, the International Information Consortium, to plan their strategy.

Biometric measurements, irises or palm prints as well as fingerprints, and other personal information are likely to be exchanged across the network.

The plan will make groups anxious to safeguard personal privacy question how much access to UK databases is granted to foreign law enforcement agencies. There will also be concern over security, particularly after embarrassing data losses within the UK, and accuracy: in one case, an arrest for a terror offence by US investigators used what turned out to be misidentified fingerprint matches.

Britain's National Policing Improvement Agency (NPIA) has been the lead body for the FBI project because it is responsible for IDENT1, the UK database holding 7m sets of fingerprints and other biometric details used by police forces to search for matches from scenes of crimes. Many of the prints are either from a person with no criminal record, or have yet to be matched to a named individual.

IDENT1 was built by the computer technology arm of the US defence company Northrop Grumman. In future it is expected to hold palm prints, facial images and video sequences. A company spokeswoman confirmed that Northrop Grumman had spoken to the FBI about Server in the Sky.

In London, the NPIA confirmed it was aware of Server in the Sky but said it was "too early to comment on what our active participation might be".

A similar proposal has emerged from the EU for closer security cooperation between the security services and police forces of member states, including allowing countries to search each other's databases. Under what is known as the Prum treaty, there are plans to open up access to DNA profiles, fingerprints and vehicle registration numbers.

Ministers are planning to implant "machine-readable" microchips under the skin of thousands of offenders as part of an expansion of the electronic tagging scheme.

Amid concerns about the security of existing tagging systems and prison overcrowding, the Ministry of Justice is investigating the use of satellite and radio-wave technology to monitor criminals.

But, instead of being contained in bracelets worn around the ankle, the tiny chips would be surgically inserted under the skin of offenders in the community, to help enforce home curfews. The radio frequency identification (RFID) tags, as long as two grains of rice, are able to carry scanable personal information about individuals, including their identities, address and offending record.

The tags, labelled "spychips" by privacy campaigners, are already used around the world to keep track of dogs, cats, cattle and airport luggage, but there is no record of the technology being used to monitor offenders in the community. The chips are also being considered as a method of helping to keep order within prisons.

A senior Ministry of Justice official last night confirmed that the department hoped to go even further, by extending the geographical range of the internal chips through a link-up with satellite-tracking similar to the system used to trace stolen vehicles. All the options are on the table, and this is one we would like to pursue, the source added.

The move is in line with a proposal from Ken Jones, the president of the Association of Chief Police Officers (Acpo), that electronic chips should be surgically implanted into convicted paedophiles and sex offenders in order to track them more easily. Global Positioning System (GPS) technology is seen as the favoured method of monitoring such offenders to prevent them going near "forbidden" zones such as primary schools.

More than 17,000 individuals, including criminals and suspects released on bail, are subject to electronic monitoring at any one time, under curfews requiring them to stay at home up to 12 hours a day. But official figures reveal that almost 2,000 offenders a year escape monitoring by tampering with ankle tags or tearing them off.

The tags, injected into the back of the arm with a hypodermic needle, consist of a toughened glass capsule holding a computer chip, a copper antenna and a "capacitor" that transmits data stored on the chip when prompted by an electromagnetic reader.

But details of the dramatic option for tightening controls over Britain's criminals provoked an angry response from probation officers and civil-rights groups. Shami Chakrabarti, director of Liberty, said: If the Home Office doesn't understand why implanting a chip in someone is worse than an ankle bracelet, they don't need a human-rights lawyer; they need a common-sense bypass.

Harry Fletcher, assistant general secretary of the National Association of Probation Officers, said the proposal would not make his members' lives easier and would degrade their clients. He added: This is the sort of daft idea that comes up from the department every now and then, but tagging people in the same way we tag our pets cannot be the way ahead. Treating people like pieces of meat does not seem to represent an improvement in the system to me.

The US market leader VeriChip Corp, whose parent company has been selling radio tags for animals for more than a decade, has sold 7,000 RFID microchips worldwide, of which about 2,000 have been implanted in humans.

Consumer privacy expert Liz McIntyre said that one company plans deeper implants that could vibrate, electroshock the implantee, broadcast a message, or serve as a microphone to transmit conversations: Some folks might foolishly discount all of these downsides and futuristic nightmares since the tagging is proposed for criminals like rapists and murderers. The rest of us could be next.

The US-based Electronic Privacy Information Center and the UK-based Privacy International have undertaken what has now become the most comprehensive survey of global privacy ever published. The Privacy & Human Rights Report surveys developments in 70 countries, assessing the state of surveillance and privacy protection.

More than 200 experts from around the world have provided materials and commentary. The participants range from eminent privacy scholars to high-level officials charged with safeguarding constitutional freedoms in their countries. Academics, human rights advocates, journalists and researchers provided reports, insight, documents and advice.

The intention behind this project is two-fold. First, we hope to recognize countries in which privacy protection and respect for privacy is nurtured. This is done in the hope that others can learn from their example. Second we intend to identify countries in which governments and privacy regulators have failed to create a healthy privacy environment. The aim is not to humiliate the worst ranking nations, but to demonstrate that it is possible to maintain a healthy respect for privacy within a secure and fully functional democracy.

Summary of key findings

• The 2007 rankings indicate an overall worsening of privacy protection across the world, reflecting an increase in surveillance and a declining performance of privacy safeguards.
   
• Concern over immigration and border control dominated the world agenda in 2007. Countries have moved swiftly to implement database, identity and fingerprinting systems, often without regard to the privacy implications for their own citizens
   
• The 2007 rankings show an increasing trend amongst governments to archive data on the geographic, communications and financial records of all their citizens and residents. This trend leads to the conclusion that all citizens, regardless of legal status, are under suspicion.
   
• The privacy trends have been fuelled by the emergence of a profitable surveillance industry dominated by global IT companies and the creation of numerous international treaties that frequently operate outside judicial or democratic processes.
   
• Despite political shifts in the US Congress, surveillance initiatives in the US continue to expand, affecting visitors and citizens alike.
   
• Surveillance initiatives initiated by Brussels have caused a substantial decline in privacy across Europe, eroding protections even in those countries that have shown a traditionally high regard for privacy.
   
• The privacy performance of older democracies in Europe is generally failing, while the performance of newer democracies is becoming generally stronger.
   
• The lowest ranking countries in the survey continue to be Malaysia, Russia and China. The highest-ranking countries in 2007 are Greece, Romania and Canada.
   
• The 2006 leader, Germany, slipped significantly in the 2007 rankings, dropping from 1st to 7th place behind Portugal and Slovenia.
   
• In terms of statutory protections and privacy enforcement, the US is the worst ranking country in the democratic world. In terms of overall privacy protection the United States has performed very poorly, being out-ranked by both India and the Philippines and falling into the "black" category, denoting endemic surveillance.
   
• The worst ranking EU country is the United Kingdom, which again fell into the "black" category along with Russia and Singapore. However for the first time Scotland has been given its own ranking score and performed significantly better than England & Wales.
   
• Argentina scored higher than 18 of the 27 EU countries.
   
• Australia ranks higher than Slovakia but lower than South Africa and New Zealand.

It's like having a personal Private Investigator for a fraction of the price! (About £169 on eBay)

• Concerned if your teenager is driving recklessly or wondering about where they are going?
• Suspect your spouse or boyfriend/girlfriend of infidelity?
• Wondering if your employees are using your vehicles for personal use?

If you answered yes to any of these questions, then you need the LandAirSea Tracking Key.

The Tracking Key is a small, pocket sized device that receives signals from the twenty-four Department of Defense satellites orbiting the earth. The internal computer accurately determines the location of the device within 2.5 meters and records this data every second.

With this data and the included LandAirSea Tracking software, you can accurately determine where a person traveled, how fast they drove, where they stopped and for how long. The recorded data from the Tracking Key can be displayed over a street map, satellite images or in a text report.

The Tracking Key is powered by just 2 AAA batteries and can be placed inside, outside and even underneath the vehicle. The strong magnet mounts allows for instant mounting. The Tracking Key is also waterproof so you do not have to worry about the elements.

Simply put, the Tracking key is an extremely affordable GPS vehicle tracking system that records driving information. Think of it as a video recorder for vehicle travel activity.

The UK government has published guidelines for the application of a law that makes it illegal to create or distribute so-called "hacking tools".

The controversial measure is among amendments to the Computer Misuse Act included in the Police and Justice Act 2006. However, the ban along with measures to increase the maximum penalty for hacking offences to ten years and make denial of service offences clearly illegal, are still not in force and probably won't be until May 2008.

Provisions to ban the development, ownership and distribution of so-called "hacker tools" draw sharp criticism from industry. Critics point out that many of these tools are used by system administrators and security consultants quite legitimately to probe for vulnerabilities in corporate systems.

The distinctions between, for example, a password cracker and a password recovery tool, or a utility designed to run denial of service attacks and one designed to stress-test a network, are subtle. The problem is that anything from nmap through wireshark to perl can be used for both legitimate and illicit purposes, in much the same way that a hammer can be used for putting up shelving or breaking into a car.

Following industry lobbying the government has come through with guidelines that address some, but not all, of these concerns about "dual-use" tools. The guidelines establish that to successfully prosecute the author of a tool it needs to be shown that they intended it to be used to commit computer crime. But the Home Office, despite lobbying, refused to withdraw the distribution offence. This leaves the door open to prosecute people who distribute a tool, such as nmap, that's subsequently abused by hackers.

Police have accused the government of attempting to ban 10,000 officers from marching through Westminster in a mass protest over their pay award. The demonstration would be the force's biggest since 1919.

Relations between the Home Office and the force have fallen to a new low, with the Police Federation of England and Wales, the body that represents 124,000 rank-and-file officers, claiming the government is 'interfering behind the scenes' over plans for the march to Parliament on 23 January.

The high-profile demonstration, intended to highlight the force's anger over its recent below-inflation, 1.9% pay rise, is threatening to become a major political flashpoint in the new year. The police claim their preferred route for their march is set to be banned under archaic 'sessional orders', laws drawn up in the early 19th century to combat large-scale radical protests that threatened a disturbance of the peace.

The orders are renewed by Parliament each year and invoked by the Metropolitan Police if the force believes a protest will prevent MPs from going about their daily business. Critics of the orders claim they are a heavy-handed response designed to stifle peaceful protest.

Last night the federation claimed that parliamentary officials were in talks with the Met with a view to banning the march outside Parliament and said the government had no intention of lifting the orders so that the protest could go ahead. There appears to be some behind-the-scenes government interference, said Alan Gordon, vice-chairman of the federation. There is pressure being brought on the Metropolitan Police to either postpone the march altogether or to reroute it in such a way that it will disappear into side streets where it will be out of the public gaze.