Data Protection Commissioner's briefing to Parliamentarians on RIP
"..questions the distinction made in the Bill between the requirements for gaining access to data contained within an intercepted communication and those for gaining access to other communications data such as traffic and billing information. Both sets of data provide insight into the private lives of individuals and should therefore be subject to equivalent controls and safeguards"
"...unlikely that individuals will be informed where the integrity of their private keys has been jeopardised and they may continue to use these keys without being aware that their security has been compromised. Third parties whose personal data forms part of any protected electronic information may also be unaware of the risks posed to their data"
"..judicial warrant should be the general standard for authorisation. Unlawful interception of communications, unlawful surveillance and unlawful access to encrypted data should all be subject to criminal penalty"
Standing Committee F concluded its scrutiny of the bill on 6th April. The bill will next be re-considered by House of Commons at Report Stage.
Meetings are open to the public and take place in Committee Room12 unless otherwise stated (you are advised to check with the latest Weekly Information Bulletin which appears on the HoC site on Monday morning). Links to Hansard proceedings updated as available.
- Amendments tabled
STAND have created gateway that enables a constituent to FAX a letter to their MP
Date of meeting Clauses reached 10:30 Tuesday 14 March as single HTML file Sittings motion 9:00 Thursday 16 March 2 2:30 Thursday 16 March 5 10:30 Tuesday 21 March 6 9:00 Thursday 23 March 11 10:30 Tuesday 28 March 12 4:30 Tuesday 28 March 12 - 21 8:00pm Tuesday 28 March 21-24 9:00 Thursday 30 March 25-45 (Part.II) 10:30 Tuesday 4 April as single HTML file 46 (Part.III) 4:30 Tuesday 4 April as single HTML file 47-52 (Part.III) 9:00 Thursday 6 April 53-end (Part.IV)
Edward O'Hara (Chair) L Knowsley South Ray Michie, Mrs. (Chair) LD Argyll and Bute Richard Allan LD Sheffield Hallam Alan Beith LD Berwick-Upon-Tweed Ian Cawsey L Brigg and Goole Paul Clark L Gillingham Charles Clarke L Norwich North Harry Cohen L Leyton and Wanstead Keith Darvill L Upminster Hilton Dawson L Lancaster & Wyre Jim Dobbin L Heywood & Middleton Oliver Heald C Hertfordshire North East Jane Kennedy L Liverpool Wavertree Peter Luff C Mid Worcestershire David Maclean C Penrith and The Border Margaret Moran L Luton South Gwyn Prosser L Dover David Ruffley C Bury St.Edmonds Helen Southworth L Warrington South Gerry Sutcliffe L Bradford South Ian Taylor C Esher and Walton Gareth Thomas L Harrow West
Richard Shepherd MP "I request the other place to examine the Bill rigorously. It has features that are unacceptable to our sense of freedom, liberty and the due processes that we have held to be important for many years."
David Maclean MP: "An innocent person...can be liable to a prison sentence of two years. He may have had no intention to commit a crime, but he can go to prison for two years. That is unjust and fundamentally wrong"
Harry Cohen MP: "An official could legitimately authorise collections of communications data and keep proper records only for them subsequently to be used for another purpose. If that is true, the relevant commissioner, who examined the authorisation process, would not know of such disclosures; nor would the telecommunications operator or the public. To put it bluntly, the whole authorisation process and all the protections afforded by chapter II could be reduced to a meaningless sham"
Simon Hughes MP: "Given that the test is only 50/50 in that it is a case of whether the person is believed or not, would it not be better at least to concede that someone must be found, not just on a balance of probabilities, but beyond any reasonable doubt, to be hiding the fact that they know the password, data or encryption mechanism?"
NEW: Select Committee on Delegated Powers and Deregulation Eighteenth Report on RIP Bill
Lord Cope (Conservative front-bench) : "the Bill has generated vociferous opposition from an extremely wide spread of commentators: from industry, human rights groups and the media....(and) has generated a huge amount of 'e-traffic', almost all hostile to one aspect or another"
Lord McNally (LibDem front-bench): "..the House has a responsibility not to be 'bounced' into accepting a pig in a poke. I give the Minister fair warning that he faces a thorough Committee stage"
Baroness Thornton: "Perhaps there is a case for having a new register--a register simply of those people who refuse to hand over their keys to decrypt and who are subsequently successfully prosecuted for that offence.... the fact that someone has been using strong encryption software and has deliberately refused to co-operate with a police investigation into what it is concealing is a material fact that many potential employers would like to know...Even though it would not in itself be grounds for refusing to offer someone a job, it would at least alert potential employers and cause them to ask questions." (for the avoidance of doubt, the selection of this quotation should not be taken to imply endorsement by FIPR)
Lord Lucas: "How will we prosecute someone for what may be an underlying offence if it is impossible to produce the evidence that there actually is an underlying offence? Again, we are moving into technical and difficult areas, but I think that the Bill's current wording is entirely unacceptable."
Baroness Harris of Richmond: " What will happen to the innocent defendant who will have to prove to the court that he is not lying about having lost or otherwise forgotten his key number? It appears that he can be punished as a criminal for failing to prove that he does not have the information. That is a crazy state of affairs.
It will cost £25 million to set up the GTAC monitoring centre, which may be obsolete fairly quickly because of the speed of technological advances. Would not that money be better spent developing the tools that the police could use for what is known in the trade as 'forensic hacking'?"
The Earl of Northesk: "...it will be lawful for any public authority to obtain this vast wealth of 'communications data' on anyone without a ministerial or judicial warrant. However inadvertently, the Bill sanctions mass domestic surveillance. I make the point in passing that measures such as this are without parallel anywhere outside, of all places, Zimbabwe. This, combined with the scope of the Bill in terms of its inferential endorsement of increasingly sophisticated analytical techniques such as data-mining, triangulation of data, 'friendship trees', 'traffic analysis' and so forth, has huge implications for the privacy of the individual. Just as significantly, it begs the question of the extent to which the Government understand the needs of the e-commerce industry in respect of trust and confidence.
The proposals (quoting FIPR) will enmesh us further in a culture of secrecy, which will corrode our democracy....A law which replaces the presumption of innocence with a medieval trial-by-ordeal is simply wrong, not a 'question of balance'."
Lord Bassam (Govt. front-bench): "The United States has proposed a package of new law enforcement measures to combat the encryption threat. I refer to the Cyberspace Electronic Security Act, whose provisions are very much along the lines of our own approach to the problems."
White House Fact Sheet: "CESA would...ensure that law enforcement maintains its ability to access decryption information stored with third parties...Law enforcement must inform a person whose key is obtained using court process...Individuals remain completely free to use -- or not to use -- the services of a recovery agent"
On the one hand Lord Bassam of Brighton: Although I think that few would argue that the fact that I visited an airline website is the equivalent of me dialling the airline booking service (!!) and that the data should be treated in the same way (!!!), what I do when I am on the airline website is clearly more private and equates perhaps more closely to the content of the communication
But on the other ...as we understand it, the term "interrogation of search engines" is a communication, and HTTP requests are also (!?) included in the term "communications data". I hope that clarifies the point. (??!!)
50A*Page 14, line 15, at end insert ("and that the Interception of Communications Commissioner considers will provide reliable and verifiable technical means of fulfilling his duties under Part IV")
Lord Bassam of Brighton: Amendment No. 50A aims to respond to concerns that some people have expressed relating to the practical difficulty for the interception commissioner in carrying out his duties in the face of what we would all agree are considerable technical complexities relating to interception systems... It would therefore seem sensible to include in the Bill provision for notices to specify or describe a requirement along the lines of the amendment. I trust that noble Lords will be patient with us while we consider how best to word it. We take the point made in the amendment and I can give an assurance and a commitment today that we shall give the issue careful consideration and return to it at Report stage.
Lord Cope of Berkeley: I view this as a most unsatisfactory debate, particularly from the parliamentary point of view. Parliament is being devalued. We are being asked to accept a lot of highly generalised assurances...The more the Minister said, the more it became clear that either the proposals are not being shared with us or, as I suspect, they are as yet unformed and loose. That is why there is this huge potential disparity in the cost which Parliament is being asked to take at face value... We have found out practically nothing in that regard. I am sure, therefore, that we shall return to this matter on Report. I beg leave to withdraw the amendment.
Lord Lawson of Blaby: At a later stage we shall discuss much more important elements of this worrying Bill... There is a real civil liberties problem inherent in the Bill
Lord Desai: My main concern is about the civil libertarian aspects of a blanket licence to intercept.
Baroness Thornton: We expect those who supply our food to provide safe food. It is reasonable to expect those who supply us with our Internet services to take some responsibility for providing a safe industry.
Lord Phillips of Sudbury: Before the Minister sits down, can he tell us whether the Government are accepting the recommendation of the Smith report that they should pay for the design and software development of the black boxes which will be crucial to this information gathering?
Lord Bassam of Brighton: In general terms we have accepted the findings of the Smith report. That level of detail is a matter which we shall consider throughout the process of bringing together the consultations and framing the secondary legislation. That is how we see things working out. In general, we accept the Smith report. It has provided us with useful background and will inform the way in which we proceed.
Are clickstreams "communications data" ?
Lord Bassam: It is becoming clear that the current definition is not adequate... I do not have a new definition of "communications data" to offer today
Lord Cope: ...It was not clear from what the Minister said whether websites that people consult and follow through--click streams, as they are sometimes known--are intended to be included in the new definition. We shall have to wait for Report stage to find out.
Is it lawful for black-boxes to spy on web browsing?
Lord Cope: ...I did not hear whether the Minister said that, in future, data would be obtainable without the knowledge of the ISP. The purpose of Amendments Nos. 74A and 75A is to try to make it unlawful to obtain data without the ISP knowing. Will the black boxes be able to obtain such communications data without the knowledge of the ISP?
Lord Bassam: ... It is not intended that a service provider's intercept capability will be used covertly by intercepting agencies...
Lord Cope of Berkeley: It certainly answers the point with regard to the Government's intention in the matter, but it does not quite answer the point as to whether it would be lawful under the wording in the Bill.
Third Marshalled List of Amendments as single HTML file with hotlinks from government amendments to...
Part.III of RIP Bill marked-up to show effect of government amendments (please notify email@example.com of any errors)
link to current text of the RIP Bill, also available with line numbers as .pdf file UPDATED with Lords' Ctte amendments (thanks to Jonathan Care)
Go to RIP Information Centre
Go to FIPR front page.
Go to FIPR Electronic Commerce Policy Information Centre.
Go to FIPR Interception of Communications Information Centre.
The Foundation for Information Policy Research is registered in England and Wales under the Companies Act 1985 as a private company limited by guarantee (No.3574631). Application for charitable status is in progress
Last Updated May 9, 2000.