Emergency Data Retention Laws
July 10, 2014
by Alex Hovden
This morning there was breaking news that the Government would be introducing an emergency bill to give powers to police and intelligence authorities that would enable them to continue to access phone and internet records. To the layman, anything involving “emergency” or “data” or “laws” (or a combination) can be alarming. What are they looking for? Are they spying? What …
This morning there was breaking news that the Government would be introducing an emergency bill to give powers to police and intelligence authorities that would enable them to continue to access phone and internet records.
To the layman, anything involving “emergency” or “data” or “laws” (or a combination) can be alarming. What are they looking for? Are they spying? What aren’t they telling us? Why do they need to do this?
As you’d probably expect from a Web Science department, there has been some discussion about this move and its implications. We are in the very fortunate position to have Huw Fryer, a PhD student in Web Science with a law degree, in our midst who can offer us the legal perspective on the situation.
So here goes nothing…
The first thing to note about the bill is that it offers a continuation of an EU directive. The directive made it obligatory for telephone and internet companies to retain data for at least 1 year, and gave law enforcement authorities powers to look at that data. Now I must clarify what I mean by “data”. I mean things like numbers called, times, durations etc. In other words, not content (unless a warrant from the Home Secretary has been obtained). This kind of information could be useful in missing person cases, to track movements based on when calls were made, and to who etc.
The problem is that this directive was struck down by the European Court of Justice (CJEU) in April on the grounds that it breached privacy rights. The case specifics can be found by clicking here.
Since then there have been lawsuits lodged by various human rights organisations (including and particularly by the Open Rights Group) against companies that continue to retain the data. Indeed the Open Rights Group have even provided a statement and briefing notes of points that they believe to be important (click here).
This creates a headache for the Government. The fact is that without this directive, there is no way of them legally acquiring the data. Their only option (assuming that they still want that power) is to create a bill that will essentially continue on from the directive – the illegal directive…
The headache intensifies when they remember the Edward Snowden situation and they remember the accusations of spying that came about after that, the hot political mess that it has left behind in the US, and also the lack of trust in the intelligence agencies over there (and also to a certain extent, here in the UK too).
On top of all this, just to turn the headache into a migraine, there’s a General Election next year. MPs have got one eye on that and are trying to win over voters. A bill along these lines is almost certain to be hugely unpopular amongst the public.
Let me put it this way, I am very VERY glad not to be David Cameron right now…
So to hopefully avoid the full wrath of the public, the Government have added in a few “it’s not so bad” clauses… for example, they have added in a sunset clause so the powers will terminate at the end of 2016, in a move that is intended to encourage the next Parliament to have a proper debate on this matter. Additionally there is a provision for a wider review of the powers needed by the Government, to occur during the next Parliament.
My question with all this is, why “the next Parliament”? Why not now? Why are they trying to put it off exactly? The answer to that question seems to be “We need powers urgently to prevent terrorism!”.
Ah yes, that old tactic – put terrorism in front of anything to make it appear defensible. I am not saying that terrorism is not a serious threat, but it is very convenient how many things the Government do in the name of terrorism.
Our friend Huw adds this into the conversation…
The issue here is the fact that the Government are once again prepared to rush through legislation without time for proper analysis and debate. This occurred with the Digital Economy Act just prior to the election in 2010, and problems and arguments remain in attempting to implement it. As a precedent, re-legislating a law deemed to amount to a disproportionate interference with the fundamental right of privacy isn’t great, although in this particular case it is not so serious.
The link in that quotation takes you to an article from The Guardian which explains exactly what happened in that instance.
So the question that you may be asking now is, “What can we do to stop this??” The answer unfortunately appears to be very little. If it goes the way of the Digital Economy Act, very few MPs will show up to the vote, and the party whips will step up and ensure that it gets through in the next 7 days or so.
However if/when the debate kicks off again in the future, I would urge you to take an active part in that discussion. Use social media, do what you have to. Privacy is a fundamental right and striking the balance between privacy and security is not an easy task. If as many people and organisations as possible play a part in that debate then we will be in a very good position to strike that balance.
That is… if it actually happens. I await 2016 with great interest.
Happy PRIVATE surfing!
AH – @WheelsOnFire92