Awkward. Investigatory Powers Act could prove hurdle to UK-EU Privacy Shield following Brexit UK surveillance laws could be an obstacle to the creation of a US-Europe Privacy Shield-style arrangement post-Brexit. The issue came up during testimony by Sir Julian King, EU Commissioner for the Security Union, at a Home Affairs select committee hearing on Tuesday. Once Brexit happens, the UK will have to set up something …
easily fixed, suspend the Investigatory Powers Act until after EU negotiations completed, bring it back in a form that meets international norms and that is acceptable to all of the UK's key partners, and remind the Home Office mandarins that if they don't like that, they are free to resign, as are the MPs that back their indiscriminate snooping.
Orwell's 1984 is supposed to a warning, not an aspiration.
Orwell's 1984 is supposed to a warning, not an aspiration.
Sadly in Whitehall it is a "Dummies Guide".
I've not checked, but I suspect that the EU requirements apply to their citizens data, not that of the processing country. So all the knob-ends of the Home Office have to do it tweak the act so that it is only UK citizens privacy that the British government is shitting on, and job done.
As for resigning if they don't like limits on their Stasi-esque spying, the chances of the lard-arse bank bench gravy-train'ers resigning is almost as remote as that of the talent free fat cats of the Civil Service doing likewise. Look at the disgusting makeweights on most New Year's Honours lists, and you'll see that there are no rewards for serving democracy, only rewards for being a useless time-serving bureaucrat, or a friend of whichever bunch of tossers is in power that year.
I suspect that the EU requirements apply to their citizens data, not that of the processing country.
Yes, of course. (Only the US reserves the right to pass laws that apply to citizens of other countries, in their own countries.)
So all the knob-ends of the Home Office have to do it tweak the act so that it is only UK citizens privacy that the British government is shitting on, and job done.
No, job not done. Job barely begun. Writing a Bill saying "...EU citizens' PII are exempt from all the provisions of the IPA" and getting it passed by Parliament is the easy bit. Implementing it is where the fun would start. Think about it. Imagine you're an ISP. How do you know what nationality your customers are? How do you segregate their traffic so that EU citizens' data isn't routed to the BigBrotherBox in that unmarked rack tucked away at the back corner of their DC suite? How'd you make sure you're not enabling bad hombres to circumvent surveillance by pretending to be EU citizens? And, finally, how do you survive the firehose of hate from the Sun, Mail, Express, Torygraph etc, the first time a terrorist attack is carried out by an EU citizen?
<cite>How do you know what nationality your customers are? How do you segregate their traffic so that EU citizens' data isn't routed to the BigBrotherBox in that unmarked rack tucked away at the back corner of their DC suite?</cite>
That's "got to be easy", since lots of people in the intel community are already supposedly doing it. The key parts seem to be that you offer an oversight entity which is ineffectual and/or a system of legal redress that starts with "reasonable suspicion" which cannot be obtained legally.
"Think about it. Imagine you're an ISP. How do you know what nationality your customers are"
On a mobile network its easy, you can identify the IMSI and therefore the Country/Network code and flag roamers. On the fixed network its virtually impossible to segregate by non UK nationals on residential connections, you can get the authentication information and correlate it with the end user address, but beyond the homehub/access point anyone can connect and you cant identify who it is (at the scale needed anyway)
As for resigning if they don't like limits on their Stasi-esque spying,...
My sister-in-law grew up in the DDR under the Stasi. You should go and research your offensively absurd hyperbole before you embarrass yourself like that. Whatever you think of the IPA and the UK state's fondness for mass surveillance, it is NOTHING like life under the Stasi.
Whatever you think of the IPA and the UK state's fondness for mass surveillance, it is NOTHING like life under the Stasi.
You are right, it is nothing like life under the Stasi -- today. No one is suggesting that life here is currently like life in the DDR.
However, the powers and capabilities in the Snoopers Charter are a Stasi wet dream. I went round a Stasi museum in Germany and I was horrified at what they managed to achieve with a fraction of the powers the Home Office have grabbed. And there are no effective restrictions or controls on the abuse of these powers.
After last year, I have no confidence that my fellow voters are not stupid enough end up with a government led by a "strongman" (maybe as a result of a coalition of aggressively authoritarian parties such as the Tories and Labour) who is not afraid to abuse those powers "for the good of the country". If we look back at the serious abuse that occurred in the 1970s (arrests of protesters, tapping of journalists, undercover police in families, monitoring of legitimate political and trade union activities) even under a supposedly freedom-loving government, how hard is it to imagine a DDR-like society being imposed "for our own good"?
You are right, it is nothing like life under the Stasi -- today. No one is suggesting that life here is currently like life in the DDR.
Actually, if you cast your eyes back up the thread (or just read the quotation at the top of my post) you'll notice that's exactly what the post I responded to was saying.
And if you seriously think the UK is on course for anything within a million miles of teh DDR or other Warsaw Pact countries' systems, you either know not what you say (in which case, please do go and read up on what daily life was like) , or you need to see a doctor.
No need to reading up on how things were on this side of the iron curtain. The dangers were more direct and physical -- as was the surveillance. Media were state-controlled, and propaganda and other bullshit pervasive. Generally, the powers were owners of ‘the truth’ (remember when the truth mattered?) and quite openly tried to recast everything to conform to it.
This is not going to happen in the UK -- not because of UK, but because we are half a century later now. The means of control over the society do not matter, what matters is the level of control.
Well, obviously your British customers have to give you their national identity number when they sign up (and also specify whether they want porn). If they fail to do that, they're guilty of identity theft and probably tax evasion and money laundering charges thrown in.
Then your non-British customers are easily sorted out.
" tweak the act so that it is only UK citizens privacy that the British government is shitting on, and job done"
They would face the same problem the US does in ensuring they don't spy on their own citizens. Both gather data indiscriminately so there's no way they can effectively discriminate. It's a matter of how long they can keep up the pretence that they're not doing that. The US manage it by not bothering to answer Congress' questions. Not answering questions when you need to provide a (hopefully verifiable) satisfactory answer to get something you want is going to be trickier.
allow me to introduce you to what was said: "bring it back in a form that meets international norms and that is acceptable to all of the UK's key partners". No mention of bringing it back in a form that suits just the EU.
What May should do, of course, is scrap the whole thing, unless she can convince the majority of informed individuals (no MPs, home office civil servants, or Daily Fail / tabloid "readers" need apply) that the positive side of indiscriminate surveillance will definitely outweigh the negative ...
"If May was forced to suspend IPA to keep the EU happy she would undoubtedly have to resign as PM."
I wouldn't look at it quite like that. I rather think the reason she wanted to leave* was because she wanted to be outside the scope of EU legislation. I doubt she'd resign. She might, however, explode, a spectacle we'd all look forward to.
*I never believed that almost invisible pre-referendum Remain stance.
"Home Office mandarins"
These guys aren't the problem here.
The problem is the security services asking for (as it's their right to do) more powers upon more powers. I'd never ever criticise them for wanting that because every power they get the more capable they are and that's fine for them to ask.
It's parliament's job to educate itself and find the line between what they actually need and the rights of people not to be watched 24/7 - and then enforce that decision - and they have neither the will or the means to do that job. It's being farmed out to the European Court system and that's a bad place to be when we're about to lose that system.
It's okay to have the occasional terrorist attack and it's also okay to send special forces in/use drones/carpet bomb/use nuclear weapons (delete as appropriate) to reduce the external threat to ensure the country doesn't have to lose the freedoms that have been so hard won.
TLD;DR: Government needs to get better at dealing with the security services and stop using the EU as a backstop in lieu of competence.
Somebody particularly cynical might observe that when security services can be presumed to have the following technical ability:-
1) Show that you have visited any given web page.
2) Show records of who you have called, or who has called you.
3) Potentially have transcripts or recording of telephone calls via ECHELON.
4) Records of where you have been, if you've been holding a mobile phone at the time.
That a group of politicians (who are exceedingly concerned about their public image) might not be keen to take on an organisation with this data and are basically ok with letting them do whatever they want with the only opposition coming from people outside of the UK could be a total coincidence, or something we ought to be very worried about.
The UK have been spying on everyone since the concept of a paper based records was conceived.
I even caught them in the 90's spying and interfering with computer systems without a warrant, which is why section 56.4 of the snoopers charter exists. Every state controlled database is used to monitor you, beit your school reports, nhs records, "anonymous" std clinic visits, tax records, telephone records, DVLA, GCHQ has to gain access to each and every computer system not only here in the UK but in the world. The spooks even try to hack your mind using psychological techniques & chemistry.
The first trick is to convince the population the UK military adheres to its own laws when you can never trust a country that operates in secret.
Put it like this, if you dont have the intelligence, how can you nip things in the bud before they get out of hand?
Now look at what countries suffer real acts of terrorism and which countries dont.
What countries like to suggest that members of the population, typically female, is spying on you.
Females are natural born liars as they dont have the physical capabilities like men to get them out of trouble. In the words of Rolf Harris, "can you guess what it is yet?".
GCHQ. Always listening to its customers!
"Who's "she"? the cat's mother?"
It was Stuart C. McDonald as it happens.
The committee transcript is linked below should anyone want to see the gory details.
http://data.parliament.uk/writtenevidence/committeeevidence.svc/evidencedocument/home-affairs-committee/eu-policing-and-security-issues/oral/48082.html
there are some nice lines such as "You used the expression “no indiscriminate mass collection of data”. According to the European Court of Justice Act, that is essentially what DRIPA was. It is almost certainly how it would regard the Investigatory Powers Act. That suggests that it would be impossible for anything to pass this adequacy assessment without changes to that legislation."
The committee transcript is linked below should anyone want to see the gory details.
I'd guess the discussion on the European Arrest Warrant will be pored over fairly carefully my more then one person in the Ecuadorian Embassy. If the UK ends up outside the EAW system will an outstanding warrant still have force?
"I'd guess the discussion on the European Arrest Warrant will be pored over fairly carefully my more then one person in the Ecuadorian Embassy. If the UK ends up outside the EAW system will an outstanding warrant still have force?"
Well, appart from that not being an issue for 2 and bit years at least, there's still matter of Assange absconding while on bail from the UK justice system. From a UK POV that's all that really matters.
"Home Office mandarins never resign . "
One can dream, though? Everyone can have a dream, right? (Or does the latest change bring dreams under IR35?)
Ok, so it's a fairly depressing dream - a hope that those who write the rules for the rest of us actually live by the same rules, cope with the swings and roundabouts like the rest of us .. not sit there insulated in their High Castles.
I wish people would google before making silly "everyone knows that... " claims. Ten seconds with Google:
* http://www.bbc.co.uk/news/uk-politics-19242114
* http://www.independent.co.uk/news/uk/politics/sir-ivan-rogers-eu-diplomat-resigns-from-civil-service-a7514681.html
* http://www.bbc.co.uk/news/uk-23537513
...and so on and so forth.
The real scandal is the revolving door and the utterly useless ACOBA board that rubberstamps any civil servant or minister who wants to leave for a private sector firm they were previously responsible for hiring, awarding contracts to, or regulating. Private Eye has been makign the running on that story which on past performance means it'll suddenly blow up into a "why weren't we told?!" scandal in 5-10 years time.
'Citizen' does not appear in GDPR; it is about "data subjects who are in the Union" or any processing done within the Union. Unlike the citizen's rights in the US, Europe including UK takes a starting point under human rather than citizen's rights. Knowing someone's citizenship(s) is not very easy (so hardly surprising NSA is having trouble answering a question). Long may it remain irrelevant for almost everything.
Since UK companies will want to provide services into the EU, it's hardly unreasonable for them to comply with the law where the customers are, so getting an agreement is clearly important, but it would seem rash to assume that the EU-US Privacy Shield will still be in its current form in two years. And there will presumably be the need for a UK-US agreement as well.
Actually - little-known fact - the same applies in the US. The law makes no distinction between citizens and non-citizens, except on the very narrow subject of who is allowed to enter the country, and who is allowed to vote in federal elections. The 14th Amendment is admirably clear on this: laws that discriminate on the basis of citizenship are unconstitutional.
US lawmakers hate this so much that they make every effort to obfuscate it. For instance, they fund the NSA on what amounts to the pinky-swear that "they won't use their powers against US citizens". And we've all seen what comes of that.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
