0

According to the UK government, new proposals within the Communications Data Bill are being put forward in order to prevent and detect crime as well as protect national security. The government argues that unless legislation is amended to reflect changes in technology, the ability of public authorities to counter criminal and terrorist activity will be undermined. According to Jonathan Bamford, the Assistant Information Commissioner in the UK, the proposed Bill sees us once again "sleepwalking into a surveillance society."

Bamford is not alone in this view, unsurprisingly so when you consider that the changes to the law would, in effect, usher in the potential to create a new national database containing details of every telephone call and every email sent in the UK along with information coverage individual Internet access usage.

As Jamie Cowper from PGP Corporation says "You've got to admire the government's gall in attempting to bring in yet another 'super-database' with public confidence still in tatters over recent lapses in data protection. Surely it would be more logical to initially focus on fixing the existing databases and proving their security before introducing new ones?"

Ah yes, he has a point there. This is, after all, the same government which 'lost' the confidential banking data of 25 million people just last year, the latest in a long catalogue of data disasters which prove, if nothing else, that the government really cannot be trusted with our private information.

Brian Spector, general manager of the Workshare content protection group, agrees that the plans are a positive step towards tackling terrorism and protecting its citizens but argues the government needs to prove its ability to keep data secure if these proposals are to achieve widespread support. "Since losing the details of over 25 million child benefit claimants last November, the government has failed to effectively address the issue of data security. In March this year the same government was criticised by a joint select committee for its poor track record with data leaks, and earlier this month it was revealed that 600 HMRC staff have been disciplined over data security. The UK government needs to proactively address the information security issue before opposition parties, civil rights groups and the general public have confidence in its ability to keep data safe."

As Editorial Director and Managing Analyst with IT Security Thing I am putting more than two decades of consulting experience into providing opinionated insight regarding the security threat landscape for IT security professionals. As an Editorial Fellow with Dennis Publishing, I bring more than two decades of writing experience across the technology industry into publications such as Alphr, IT Pro and (in good old fashioned print) PC Pro. I also write for SC Magazine UK and Infosecurity, as well as The Times and Sunday Times newspapers. Along the way I have been honoured with a Technology Journalist of the Year award, and three Information Security Journalist of the Year awards. Most humbling, though, was the Enigma Award for 'lifetime contribution to IT security journalism' bestowed on me in 2011.

5
Contributors
6
Replies
7
Views
9 Years
Discussion Span
Last Post by Cybulski
0

Nothing new there.
Under EU legislation ratified by the EC (and therefore under the EU "this is not a constitution" legally binding in all member states) ALL EU member nations will have to do that from next year.
And it's not just email either. It's also all phone calls, IM conversations, and all IP addresses visited and URIs retrieved.
Requirements to also store the actual content retrieved from those addresses and the actual conversations undertaken by telephone were dropped when it was made clear that the storage volume required would be impossible to provide.

The ONLY thing countries get to decide on their own is how long the information should be stored, as long as it is no less than 6 months.
Most countries seem to be adopting periods of at least a year.

0

and don't worry about the data getting out onto the street. There are no security requirements on it, any police investigator or prosecutor will be able to access anyone's data without a court order or search warrant so there's nothing to be kept secure.

0

Sometimes I'm actually grateful that I live in a developing country that's slow to embrace technology...very grateful. You first world chumps screw it up so bad.

0

Any real terrorist or other malignant is already gonna be using strong encryption to communicate anyway. Given that those in power probably know that already; this is an attempt to monitor decent, normal people, not 'criminals'. I along with many others will probably start to use encrypted means of communication for everything when this comes in, out of pure childish spite.

Any legislation with 'terrorism' in it panders to alarmists, and usually correlates with 'badly considered' and 'privacy infringing'.... It's like the 2008 equivalent of 'witch'.

0

The kleptocrats in Brussels have all read 1984 and found it a pretty good idea...
They've been working to implement EngSoc all over Europe for the last 40 years, and now they have the technology to make it work.
Of course in their vision for the world Airstrip One is part of Eurasia.

0

How is this possible technically? Every single mail server will archive emails and IMs..?

Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.