Liberty News

Google has been hit with a EUR100,000 fine from the independent French data privacy regulator, the National Commission for Information Freedom (CNIL)

The CNIL, the French version of UK's Ofcom, has confirmed that it fined Google for unfair collection (of data) under the law . The fine follows spot checks carried out by the CNIL on vehicles deployed by Google to capture and record data for its Street View service, which found that they had collected data other than photographs.

Privacy issues arose relating to the cars capturing data from unencrypted WiFi networks as they drove around, recording sensitive personal data such as user IDs, passwords, login details and more.

Back in May of 2010, the CNIL issued a warning to Google to cease collecting the data and told it to provide it with a copy of all the data collected. Google did hand the data over the CNIL, unlike its recent refusal to do so in the US. The CNIL was the first organisation in the world to analyse the data mistakenly collected by Google's mobile data snufflers and revealed that data as sensitive as peoples sexual orientation or health was recorded, as well as email addresses and passwords.

In the decision on 17 March, the CNIL noted that Google had vowed to stop the data collection but it found that Google had not refrained from using the data identifying access points Wi-Fi [of] individuals without their knowledge.

Like you, I have received my 2011 census form from the Office of National Statistics (ONS). The cover page prominently states, in bold, Your personal information is protected by law. Census information is kept confidential for 100 years .

However, under the heading Keeping census records confidential , the Census PIA states:

Other than for the purposes of conducting the census and in the circumstances set out in Section 39 of the Statistics and Registration Service Act 2007, it is unlawful for any member or employee of the UK Statistic Authority (which includes any member or employee of ONS) or any person who has received personal information directly or indirectly from the Authority, to disclosure such information .

However, Section 39(4) then states that the disclosure prohibition in section 39(1) does not apply to a disclosure which (take a deep breath):

a) is required or permitted by any enactment,

b) is required by a Community obligation,

c) is necessary for the purpose of enabling or assisting the Board to exercise any of its functions,

d) has already lawfully been made available to the public,

e) is made in pursuance of an order of a court,

f) is made for the purposes of a criminal investigation or criminal proceedings (whether or not in the United Kingdom),

g) is made, in the interests of national security, to an Intelligence Service,

h) is made with the consent of the person to whom it relates, or

i) is made to an approved researcher.

Section 39(4) therefore possesses all the hallmarks of New Labour's disdain for personal privacy. It is not a clause to protect confidentiality; it is a clause to remove that confidentiality.

...Read the full article

Andrew Swift points us to a new data retention law in France that goes way beyond your typical keep the log files data retention rule. Instead, it appears to require that ISPs and hosting companies retain all sorts of private information. Swift summarizes for us the information that needs to be retained (Google translation):

Information furnished when agreeing to a contract or opening an account, including first name, last name, business name, associated mailing addresses, and pseudonyms utilized, associated e-mail addresses and accounts, telephone numbers, and passwords as well as data permitting the verification or modification of the password.

These companies must also keep all user id's and passwords for any internet connection, the IP address of the terminal used to connect, the time and date of every connection, and...

Here's the kicker: for EVERY action of a user on the internet, these companies are now required to record the nature of the operation, whether it is writing an e-mail or downloading an image or video.

Not surprisingly, it appears that pretty much every online service provider is planning to challenge this decree in court.

The British Home Secretary lays parliamentary order as part of commitment to making counter-terrorism powers fairer and more effective.

Police will only be able to stop and search people without reasonable suspicion where it's considered necessary to prevent terrorism.

Previously, section 44 of the Terrorism Act 2000 allowed officers to search individuals even if they didn't have reasonable suspicion that the person was involved in terrorist activity.

But the coalition government looked again at this power as part of a wide ranging review of counter-terror laws.

That review concluded that some form of stop and search without reasonable suspicion was needed, but that it should only take place in exceptional circumstances.

The stop and search powers contained within the order are included in the Protection of Freedoms Bill and will be scrutinised as that progresses through parliament.

Long time protestor Brian Haw looks set to be removed by force from the pavement opposite Parliament. The High Court ruled in favour of the Mayor of London, Boris Johnson, who wants to have him evicted.

But he will not be forced out until Monday 28 March. He has until then to lodge an appeal against the ruling.

Haw has been camped on the roadside opposite Parliament almost continuously since 2001, in protest against the wars in Afghanistan and Iraq.

A High Court judge, Wyn Williams, has now ordered the removal of both Haw and his fellow activist, Barbara Tucker. Williams granted an injunction against them, which he described as proportionate .

The pavement around the Parliament Square belongs to Westminster Council. Westminster Council insist that camps outside Parliament are an eyesore . But civil liberties campaigners argue that allowing protests outside Parliament sends out a positive message to tourists about the right to free expression in Britain.

The Australian Sex Party, has strongly criticised the passing of the Telecommunications (Interception and Access) Amendment Act 2010 through the Senate, which gives sweeping new powers to ASIO of the kind that will be deployed against anti censorship groups like WikiLeaks.

The Act also enables the sharing of private information between all government departments with no independent monitoring and continues the increasingly unaccountable nature of ASIO, begun by John Howard a decade ago.

Spokesperson for Security, Law Enforcement and Privacy and Sex Party candidate in the upcoming NSW election, Andrew Patterson said that the legislation handed ASIO and other law enforcement agencies further unchecked powers to invade an individual's privacy and engage in activities which undermine basic rights:

The Labor government, with support from the Coalition, has passed this Act supposedly as a way to facilitate inter-governmental communication and enable networks to be protected; whereas, in classic Orwellian Newspeak, the Act allows all Federal and State government departments to access any information ASIO gathers, whether it pertains to actual crimes or not.

All forms of networks, from telecommunication networks to the public Internet are covered in the new Act. It allows call records, access history, phone numbers, IP address, email address, and any other form of identifiable number that an individual uses to be collected. Further, voice calls, text messages and data transmissions can be intercepted, meaning records of any phone call that an individual makes, or any website they visit can now be stored by ASIO and shared with all government departments. In fact, storage of such information is often not covered by the Privacy Act.

Patterson said that what made this development even more worrying was that ASIO could also share this information with the broader national security community . This ambiguous terminology means that the information can be shared worldwide and unchecked . Once ASIO shares this data with any foreign nation, all control over it will be lost .

Of course we don't inspect packets. We facilitate personalised internet experience

Ministers must do more to stop internet service providers (ISPs) snooping on private e-mails without consent, an ex-cyber security minister has said.

They are meant to ask permission first - but former Labour minister Lord West says it is too easy to flout the rules.

 The Labour peer, who raised the issue in the House of Lords, said he had ordered officials to start work on a crackdown when he was in government, but they had run out of time before the last election to make the necessary changes: This is something I think is important for the nation. Giving private companies the right to go and look into people's e-mails is something I find rather unhealthy. These companies want the right to go into people's e-mails and look for key words without anyone's permission.

Civil liberties campaigners say the use of Deep Packet Inspection software, which scans e-mails for key words and tracks web browsing habits, including sites and forums visited, is widespread in the UK - and consumers who object to it have little or no redress.

Jim Killock, executive director of the Open Rights Group, said: It's clear the police will ignore all but the most blatant abuses, and very few if any problems will ever get to court.

  Hazel Cunningham has been found guilty of UK Tax evasion and most of the evidence came from her Facebook photos.

The photos didn't add up to the tax returns she had filled in 2009. Investigators found numerous photos of multiple holidays in Turkey and photos of her lavish wedding in Barbados. Events that she shouldn't be able to afford on the government aid she was receiving.

Cunningham was receiving on average £ 170 per week from the UK government in benefits and tax relief. The court heard that Cunningham failed to notify the authorities of her maternity pay from her employer and she also claimed that she was a single mother when she was actually living with her husband.

She received a sentence of 120 days in prison after pleading guilty to four charges of making false statements and one failure to notify tax authorities of a change in circumstance. Additionally she was ordered to repay all the money she falsely claimed.

So remember to ensure that your Facebook photos match your tax returns because the taxman has gone social.

  Now the Home Office has destroyed its prototype ID database in a publicity stunt, the government is putting the finishing touches to plans that would put the real Identity Scheme databases at the heart of a powerful government data sharing system.

The Government Cloud (G-Cloud), an ambitious Cabinet Office scheme to share IT resources and data across the whole of government, is seeking to remove all technical and organisational barriers to public sector data sharing.

Reports published last week by the Cabinet Office describe how G-Cloud will exhume the data sharing systems that underpinned ID Cards, along with the fatal data security risks that went with them. The principles will be applied to all government data. The plans have been overseen by the same executives who oversaw the ID Scheme's data-sharing system, the ill-fated CISx.

The principle was established a year ago in the G-Cloud Vision, which was drafted by Martin Bellamy, the same civil servant who advised ministers to proceed with the CISx as one of two core components of the ID scheme.

Bellamy's Vision cited the CISx as an example of the sort of data sharing that would be possible within the G-Cloud. The CISx plan had involved turning the Department for Work and Pensions Customer Information System database (CIS), which contains personal details of everyone in the country, into a system that could be accessed across the whole government.

The Home Office said last week its minister Damian Green had destroyed Labour's ID database. But he only destroyed the temporary system the Home Office erected in a hurry so it could get ID cards on the streets before the 2010 election. It had still not proceeded with integrating the real ID databases because it was still trying to work out how to resolve their excruciating data security problems.

A database built to hold the fingerprints and personal details of millions of ID card holders has today been publicly destroyed.

Around 500 hard disk drives and 100 back up tapes containing the details of 15,000 early adopters have been magnetically wiped and shredded.

They will soon be incinerated in an environmentally friendly waste-for-energy process.

This signals an end to the National Identity Register which was built to hold the details of people who applied for an ID card.

The scheme was scrapped by the coalition government and the cards ceased to be valid legal documents on 22 January.

Home Office minister Damian Green helped shred the last of the hard disk drives at an Essex industrial site today.

Laying ID cards to rest demonstrates the government's commitment to scale back the power of the state and restore civil liberties, he said: This is about people having trust in the government to know when it is necessary and appropriate for the state to hold and use personal data, and it is about the government placing their trust in the common-sense and responsible attitude of people. This is just the first step in the process of restoring and maintaining our freedoms.'

A scheme for vetting people who work with children is to be scaled down.

The Daily Telegraph reports that following a review of the Vetting and Barring scheme, criminal record checks will only be carried out on those who have intensive contact with the young.

As a result, ministers agreed to vet adults only if they saw the same group of children or vulnerable people once a week or more, rather than once a month as originally proposed.

It is estimated that this will halve the number of people who will be vetted from the 9 to 11 million people previously caught up by the scheme.

At the same time, the government will announce that criminal record checks are to be sent to individuals first - before they go to potential employers - to allow them to challenge any mistakes.

Also minor offences will be removed from the checking process.

A Home Office spokesperson said an official announcement would be made shortly.

Internet companies are set to be barred from collecting information on people's use of the internet in a tightening of data privacy rules.

Ministers have started a review that will lead to restrictions on the practice of using people's internet habits to draw up individual profiles in order to target advertising at them, sources say.

The European Commission warned last year that it would take the UK to court unless it tightened up the law. It said such profiling did not appear to be covered by the Data Protection Act.

The review is also expected to strengthen people's rights to withdraw consent from having their personal data used. People could also be given the right to have data permanently deleted.

Brussels is also pressing for a body to be set up in the UK to monitor internet firms to ensure they comply with the law.

In order to neutralize Sweden's incoming implementation of the European Data Retention Directive, Bahnhof, the Swedish ISP and host of Wikileaks, will run all customer traffic through an encrypted VPN service.

Since not even Bahnhof will be able to see what its customers are doing, logging their encrypted traffic will be unrevealing.

In 2009, Sweden introduced the Intellectual Property Rights Enforcement Directive (IPRED). The legislation gave rights holders the authority to request the personal details of alleged copyright infringers. This prompted Jon Karlung, CEO of ISP Bahnhof, to announce that he would take measures to protect the privacy of his customers. Shortly after Bahnhof ceased logging customer activities and with no logging there was no data to store or hand over.

Now, in the face of Sweden's looming implementation of the European Data Retention Directive which will force them to store data, Bahnhof will go a step further to protect the anonymity and privacy of their customers. Soon, every Bahnhof customer will be given a free anonymizing service by default. In our case, we plan to let our traffic go through a VPN service, Bahnhof's Jon Karlung told SR.

An app has been launched to coordinate status, information, maps and messages for London protestors

The service, which went live with tie in with an organised student protest in London, runs in mobile web browsers and promises to display a wide range of information about the protest, including live updates about any trouble that might be brewing between the police and protesters along the route. Users can submit information about the current situation via Twitter, Google Latitude, Flickr, TwitPic and SMS.

For those without a web browser on their phone, Sukey will be tweeting out updates, which users can subscribe to using SMS alerts.

The name Sukey stems from the nursery rhyme Polly put the kettle on , in which a character called Sukey takes it off again .

As of 22nd January 2011 identity cards can no longer be used to prove identity or to travel in Europe.

The cards have been scrapped by the government under the Identity Documents Act.

Within days the National Identity Register - which was designed to hold the details of card holders - will be destroyed.

Immigration minister Damian Green said:

Laying ID cards to rest demonstrates the government's commitment to scale back the power of the state and restore civil liberties.

It is about the people having trust in the government to know when it is necessary and appropriate for the state to hold and use personal data, and it is about the government placing their trust in the common-sense and responsible attitude of the people.

The Identity and Passport Service (IPS) (new window) has written to all existing cardholders and informed international border agencies, travel operators and customers of the change in law.

Nick Clegg has made a speech touching on many liberty related threads mentioned on Melon Farmers.

He introduced government intentions:

This nation is built on a faith in fair play. On a historic hostility towards those who seek to impose their will on others. Innocent until proven guilty. Equal before the law. Each individual able to think and speak without fear of persecution.

So the Coalition Government is going to turn a page on the Labour years: resurrecting the liberties that have been lost; embarking on a mission to restore our great British freedoms.

We aren't wasting any time, and we are ambitious about what we want to achieve. In the next twelve months we want to undo the damage of thirteen years. 2011 will be the year we give people's freedom back.

We'll do it in three key ways.

1. by reversing the widespread, everyday assaults on liberty that swept across Britain during the Labour years.
2. by restoring the right balance of liberty and security in the measures taken to tackle terrorism – recognising we can and must have both.
3. by ending the practices of closed and secretive government; giving people the information and freedom they need to hold us and other institutions to account.

He outlined a timetable for the Freedom Bill and Repeals Bill

Our very first piece of legislation halted ID cards and scrapped the National Identity Register.

ContactPoint – the Government database containing the personal information of every child in England – has been switched off.

We set up Your Freedom, a website to gauge people's views on their liberties, and they flooded-in in their thousands. Views that are now directly shaping Government policy, like work we are doing on reforming the vetting procedures for volunteers and criminal records checks.

The Secretary of State for Justice now carefully scrutinises all proposals to create new offences to make sure that they are absolutely necessary. This Government won't criminalise behaviour lightly

In the coming weeks we will be publishing our review of counter-terrorism.

By next month we will be putting forward a freedom bill: legislation that will bring together a number of measures, for example to better regulate CCTV; to properly control the way councils use surveillance powers; to limit the powers of state inspectors to enter into your house; and to end the indefinite storage of innocent people's DNA.

We will also be publishing a draft defamation bill to enhance freedom of speech.

In September, the independent review of the UK's extradition arrangements we commissioned will report.

And Ken Clarke will continue to work on putting together a Repeals Bill to wipe unnecessary and obsolete laws and regulations from the statute book.

So at least the Repeals Bill still gets a mention and that the maybe there was a misunderstanding over its move to the Home Office.

Commentators didn't seem very impressed by Clegg's words about Control Orders. They seem likely to be resurrected as something else a little too similar to what they were before.

Offsite Comment: Nick Clegg's civil liberties speech strikes a welcome blow against libel tourism

See  article from  guardian.co.uk by Simon SIngh

Simon Singh, who recently had a run in with back quacks in the libel courts, was impressed by Clegg's speech. He wrote:

So, was Clegg's speech as momentous as the Lib Dem conference vote in 2009, or the Mass Lobby in March 2010, or Lord McNally's commitment in the summer? The simply answer has to be yes .

In just a few minutes, the deputy prime minister highlighted all the key areas of libel that need to be addressed, pointing out that:

We want public-spirited academics and journalists to be fearless in publishing legitimate research. Not least when it relates to medical care or public safety. The test of a free press is its capacity to unearth the truth, exposing charlatans and vested interests along the way. It is simply not right when academics and journalists are effectively bullied into silence by the prospect of costly legal battles with wealthy individuals and big businesses.

...Read the full article