Thursday 21 October 2010

Securing communications records to fight terrorism

So there we have it. We now know a little more about what they were talking about when the representatives of the Conservative and Liberal Democratic parties met immediately after May’s General Election to discuss the basis on which a Coalition Government would operate. The Coalition Agreement contained a commitment to "end the storage of internet and email records without good reason", but at that time no-one I asked actually seemed to know what those words meant.

Well, we know a little bit more now.

According to the Police Oracle website, “MI5 has begged for a new database to help intercept terrorist emails, texts and calls - and its Internet Modernisation Programme will get £400million extra.”

Presumably, this is the same “programme” that was mentioned on page 44 of the “Strategic Defence & Security Review”, published earlier this week. That review identified areas in which the Government needs to adapt its strategy for countering international terrorism (CONTEST) in order that the approach was proportionate, fair and effective.

And what did the Review actually say? It said that it would:

“Introduce a programme to preserve the ability of the security, intelligence and law enforcement agencies to obtain communication data and to intercept communications within the appropriate legal framework. This programme is required to keep up with changing technology and to maintain capabilities that are vital to the work these agencies do to protect the public. Communications data provides evidence in court to secure convictions of those engaged in activities that cause serious harm. It has played a role in every major Security Service counter¬terrorism operation and in 95% of all serious organised crime investigations. We will legislate to put in place the necessary regulations and safeguards to ensure that our response to this technology challenge is compatible with the Government’s approach to information storage and civil liberties.”

I don’t see anything wrong with the introduction of legislation to put the necessary safeguards in place. After all, in the context of the current public inquest into the obscene terrorist events of July 2005 where, daily, new horrific details are broadcast to the nation, I would want to ensure that our spooks have everything they required at their fingertips to reduce the risk of similar scenarios occurring again. I would love to ensure that their technical and surveillance capabilities were at least as extensive as those enjoyed by the actors in the BBC TV series Spooks, who are currently saving the nation every Monday evening.

The trick, as ever, is trying to work out what else is allowed to be done with the communications records while they are being retained for the purposes of detecting and preventing terrorism and serious crime. While the records exist, is it also permissible to allow them to be used for the purposes of detecting and preventing frivolous crime?

Evidently we are happy for CCTV to be used to convict ladies who plop cats into wheelybins, although I doubt whether that was the original purpose of that particular CCTV surveillance system.

But how will the Government tweak our much loved RIPA to ensure that public authorities only use communications data for the purposes that we, the great unwashed, would all find acceptable? And, if the Government were to tweak RIPA to remove powers from certain public authorities, then how can we all be assured that those authorities would not be tempted to go behind the back of the Government and obtain that very same communications information by using other statutory powers that the Government had forgotten they had given them?

Let’s wait and see.

Perhaps, if they get any spare time together over the next few months, we should ask David Cameron and Nick Clegg to revise the original text of the Coalition Agreement. They may find it convenient to turn the commitment to "end the storage of internet and email records without good reason", into a commitment to "start the storage of internet and email records with a good reason".

No doubt, when many of the greatest and most distinguished of the International Data Protection community get together next week in Jerusalem for the 32nd International Conference of Data Protection & Privacy Commissioners, some participants will be talking about this. A few Data Protection Commissioners may even think it’s time for the Article 29 Working Party to write another opinion about it. But we all know their opinion. And we all know who’s ignoring their opinion. So, let's not expect them to spend too much of their time at the conference opining on it again.