

Emergency phone and internet data storage law to be brought in - RobAley
http://m.bbc.co.uk/news/uk-politics-28237108

======
MatthewWilkes
For me, this is the worst bit:

    
    
        4 Extra-territoriality in Part 1 of RIPA
        
        (1) Part 1 of the Regulation of Investigatory Powers Act 2000
            (communications) is amended as follows.
        
        (2) In section 11 (implementation of interception warrants), after 
            subsection (2) insert –
            - (2A) A copy of a warrant may be served under subsection (2) on a person 
                   outside the United Kingdom (and may relate to conduct outside the 
                   United Kingdom).
        (3) In subsection (4) of that section, after "that person" insert 
            "(whether or not the person is in the United Kingdom)".
        (5) In subsection (8) of that section, after "enforceable" insert 
            "(including in the case of a person outside the United Kingdom)".
        (6) In section 12 (maintenance of interception capability), after subsection
            (3) insert –
            - (3A) An obligation may be imposed in accordance with an order under 
                   this section on, and a notice under subsection (2) given to, 
                   persons outside the United Kingdom (and may be so imposed or 
                   given in relation to conduct outside the United Kingdom).
    

I did some snipping to get rid of admin stuff, but those terms extend the
authority of the UK home secretary to give him jurisdiction on ordering
wiretapping outside of the UK. Section 11 of RIPA is about wiretaps, section
12 is about ensuring the ability to have wiretaps.

If this passes, the following will be law in the UK:

    
    
        (4) Where a copy of an interception warrant has been served by or on behalf 
            of the person to whom it is addressed on—
            (a) a person who provides a postal service,
            (b) a person who provides a public telecommunications service, or
            (c) a person not falling within paragraph (b) who has control of the 
                whole or any part of a telecommunication system located wholly or 
                partly in the United Kingdom,it shall (subject to subsection (5)) 
                be the duty of that person (whether or not the person is in the 
                United Kingdom) to take all such steps for giving effect to the 
                warrant as are notified to him by or on behalf of the person to 
                whom the warrant is addressed.
        (8) A person’s duty under subsection (4) to take steps for giving effect to 
            a warrant shall be enforceable (including in the case of a person 
            outside the United Kingdom) by civil proceedings by the Secretary of 
            State for an injunction, or for specific performance of a statutory duty
            under section 45 of the Court of Session Act 1988, or for any other 
            appropriate relief.
    

To put it plainly, this act, if it passes, will allow the UK to seek civil
redress against companies that have no link to the United Kingdom if they
refuse to spy on their users, so long as they can argue that some part of the
communications system is in the UK. To me, that reads like it will be valid if
there are users in the UK.

~~~
masklinn
> To me, that reads like it will be valid if there are users in the UK.

There's even better: applying it if the company's packets ever transit through
the UK (since that means "[some] part of a telecommunication system partly in
the United Kingdom").

And IIRC it just happens that most of the backbone capacity between US and EU
goes through the UK.

~~~
MatthewWilkes
Yeah, there's a clever trick hidden in there. You can be liable if you control
part of a system that is partially located in the UK. It doesn't actually say
you have to control the part located in the UK.

------
omh
If you're in the UK then you should contact your MP about this to let them
know what you think. And you need to do it now - the vote is on Monday.
Perhaps if they realise what people think about this they might reconsider.

Contacting your MP is easy using
[https://www.writetothem.com/](https://www.writetothem.com/) or the dedicated
anti-DRIP page at ORG [https://www.openrightsgroup.org/campaigns/no-emergency-
stop-...](https://www.openrightsgroup.org/campaigns/no-emergency-stop-the-
data-retention-stitch-up)

~~~
GotAnyMegadeth
I never know what tone to take with writing letters to MPs. I don't want to
waste a load of time on polite and subtly persuasive when they might be more
influenced by the generic "angry voter". Equally, if I received some angry
voter letter, I'd be inclined to vote against them just because I don't like
angry people.

This time I think I went too angry, because last time I think I was too
polite:

Dear MP,

I sincerely hope you will be voting against the ridiculous "Emergency phone
and internet data storage law" on Monday. Blanket surveillance of millions of
innocent civilians is short sighted, reckless and dangerous. I am well aware
that the excuse is to prevent terrorism, but is there any evidence at all that
it will be key in terrorism prevention? We seem to be doing a pretty good job
of preventing terrorism already, and any extra (possibly non existent) benefit
this may bring is certainly not worth the MASSIVE loss of liberty of the
people.

I am disgusted and horrified that so many intelligent people in Westminster
are so short sighted to think that surveillance, with is horrific brutal
history, is going to "work this time".

Yours sincerely,

Me

~~~
philbarr
Here's mine:

Dear MP,

I hope you will be voting against the emergency legislation being forced
through parliament on Monday to make phone and internet companies log all
information.

As a software professional with over a decade's experience in the industry, I
can tell you that logging all such data in this manner is not just an obvious
abuse of UK citizen's rights, and most likely of citizens of other countries -
it is also dangerous in it's own right.

Specific questions need to be answered before any kind of mass storage of
information such as this can take place. Things such as:

\- which "named" people will be responsible for collating this data at which
companies?

\- where will this data be stored?

\- what are the security arrangements around this?

\- what are the repercussions for breaches of security?

... to name a few.

Do not just assume that these questions have all been answered by the
appropriate "techy", it is YOUR responsiblity to ask these questions and vote
against any policy that does not provide appropriate answers. I quote the
following examples of cases where proper consideration was not taken. These
are from my personal experiences:

\- finding my National Insurance number and name in an "anonymised" freely
available government dataset. And the NI of a friend.

\- working at a large blue chip company that required me to be escorted in and
out of the server room and taken to a specific server, only for the person
doing the escorting to get bored and prop the door open with some wood and
say, "don't tell anyone".

\- being given elevated priviledges to a network simply to "get something
done". (This one happens more than you'd think).

\- being asked for information for a security check by the Police only for the
email to include private information such as the requester's ID code.

Yours sincerely,

Phil Barr.

~~~
vixin
' it is also dangerous in its own right.'

~~~
philbarr
Correct. And dammit, I hate making simple punctuation or grammatical mistakes.

------
ajb
This bill[1] is of direct interest to non-UK people, because it 'clarifies'
that the requests to intercept or for communications metadata are enforceable
on companies outside the UK, and on ""internet based services, such as
webmail" [2, paras 27,71].

(Disclaimer: I'm not a lawyer)

[1]
[https://www.gov.uk/government/uploads/system/uploads/attachm...](https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/328939/draft-
drip-bill.pdf) [2]
[https://www.gov.uk/government/uploads/system/uploads/attachm...](https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/328940/draft-
drip-notes.pdf)

------
dan_bk
Giving a speech to the House of Commons today, the UK Home Secretary, Theresa
May, made it clear that, in her view, the powers in the new legislation are
still inadequate — saying they “will not tackle the wider problem of declining
communications data capability” – bringing back the specter of a more wide-
ranging ‘Snoopers’ Charter’ being introduced by a future Tory government.

In other words: They're just warming up.

------
sparkie
> Which will only last until 2016.

If there's anything I've learned in life, it's that there's nothing more
permanent than temporary laws.

~~~
junto
Exactly. UK Anti terrorism legislation has almost always been "emergency" that
was extended and solidified.

[http://www.theguardian.com/commentisfree/libertycentral/2009...](http://www.theguardian.com/commentisfree/libertycentral/2009/jan/22/explainer-
terrorism-legislation)

------
michaelt
Look forward to the argument "this bill just lets the security services keep
doing what they're already doing" when this bill has to be renewed after the
sunset date.

------
tonylemesmer
Even during an interview on BBC Radio 4 on Wednesday evening a government
minister slipped in that the government need to keep an eye on catching
paedophiles and serious organised crime. So this clearly isn't just for an
immediate terrorist threat, they're just going through all the legislation
that's been going a bit stale and rushing it through whilst the opinion polls
don't really matter and all under false pretences or half truths.

~~~
revelation
It's not even for paedophiles or serious organised crime either. As with all
other new police capabilities, 90% of this will be used for the drug war and
the remainder is split between a bunch of lowlevel crimes such as theft or
harassment .

There is data from Austrias data retention laws here:

[http://www.parlament.gv.at/PAKT/VHG/XXV/AB/AB_01179/imfname_...](http://www.parlament.gv.at/PAKT/VHG/XXV/AB/AB_01179/imfname_353625.pdf)

Summing up, in 2013, data was used for investigations concercing the following
offenses:

\- theft (35%) \- drugs (18%) \- robbery (16%) \- stalking (14%) \- fraud
(12%) \- threats (5%)

~~~
pbhjpbhj
So, is your contention that because data was only used to catch regular
criminals - drug dealers, robbers, stalkers, fraudsters and the like - that we
should find that a bad thing.

It's just _prima facie_ it sounds quite good to me that criminals who might
not have otherwise been convicted or discovered in their actions can now be
so. All at the cost of the police knowing what my ISP [and GCHQ] knows about
me already.

~~~
revelation
I really don't care to have this conversation right now. It's been discussed
over and over, and the feigned ignorance is insulting.

The point here is that if you are going to use this to catch petty criminals,
you have to market it as such to the public. Instead, we have politicians
conjuring up the image of imminent terrorist attacks and national security. It
is a simple lie.

~~~
pbhjpbhj
Don't start a conversation and then say you don't want to talk about it, just
don't join in.

I'm not now expecting an answer but your second para sounds like you only have
a problem with the fact that the use of the data isn't explicitly laid out in
advance. Even if it's set up to combat terrorism and other crimes being
noticed are a side-effect; you'd be happy as long as it's mentioned that other
crimes discovered will also be prosecuted?

Your comment sold such police powers well, I'd imagine most of the electorate
reading that using this technology has and will continue to catch the
perpetrators of the crimes you list would find it positive. Other than
expanding the people that know inane trivia about me I find it hard to see
what liberties are really given up.

~~~
tonylemesmer
Problem is, the law is being rushed in without checking or debate because of
the stated purpose, however it would benefit from a debate if it being used
for other purposes. That's the lie.

------
DanBC
As I understand it this law (passed or not) makes no difference to GCHQ who
are probably collecting as much of this data as they can; and have exemptions
written into existing laws; and etc etc.

~~~
omh
Yes, this is separate from whatever GCHQ are doing.

GCHQ are (I assume) intercepting data out in the wild wherever they can then
storing and analysing that themselves. This is apparently covered under other
laws, but certainly isn't affected by this.

This law, and the one it's replacing, is about obligations on phone companies
and ISPs to retain traffic data themselves. This data can then be used by the
police and other agencies when they need it. I wouldn't be surprised if GCHQ
had access to this but I doubt that it makes a big difference to their
capabilities. I'd expect that they can do far more than this regardless.

~~~
pjc50
Parallel construction, I suppose: use the GCHQ records to select a target,
then pull the ISP's copy of the data into court.

~~~
AlyssaRowan
Mmm... no, I don't actually think GCHQ trust the Plods anywhere _near_ that
much (i.e. they are not cleared for relevant SCI; usually not even TS, just C
or S!). If they do (and they might, these are just my impressions) I'd be
quite surprised.

The NSA definitely work closely, frequently and directly with the FBI, DEA,
CIA, and many other US Government agencies, especially since 9/11 and all that
"fusion center" business. We know that. They're quite proud about it.

But the old boys from Cheltenham are _very conservative indeed_ , and though
they work frequently with The Security Service (MI5) and the Secret
Intelligence Service (MI6), I think they rely on the intelligence agencies to
do liaison with any law enforcement (notably MI5 with certain branches of the
Metropolitan Police) and that only happens in _pretty rare_ cases, nearly all
of which are espionage-related or terrorism cases that I'm aware of (drugs are
considered a Police problem, not an MI5 problem - we have no DEA analogue).

It's nowhere near as _connected_ as you have over there, and that's for
cultural/service-rivalry reasons as well as operational (budgetary? They're
not as flush with cash as NSA are) and trust ones.

The Police and their powers under RIPA are more often on their own with that
kind of thing. That's why the Government is pushing the whole emergency data
retention thing - those powers are more frequently used by law enforcement
(but RIPA doesn't really affect GCHQ at all).

I don't think the new "National Crime Agency" has actually changed that setup
much, if at all; GCHQ seem to hold them in low regard. Old boys versus new
pups, and all that.

------
bellerocky
I'm always a fan of "emergency powers" that infringe on the public's rights
because they are "necessary" for "public safety". I'm sure the expiration time
and a powerless oversight board will make all the difference, especially if
you put a bunch of people on it that totally agree that the government have
access to all things. No way this could ever lead to abuse. This is how the
star power game is played[1].

[1]
[https://en.wikipedia.org/wiki/StarPower_(game)](https://en.wikipedia.org/wiki/StarPower_\(game\))

------
furyg3
> Prime Minister David Cameron and his Lib Dem Deputy Prime Minister Nick
> Clegg will tell a special cabinet meeting on Thursday that emergency
> legislation is necessary to keep the country safe.

Safe from what, exactly?

~~~
DanBC
"paedophile MPs?"

(From Franke Boyle, but I can't find the tweet at the moment.)

> Frankie Boyle @frankieboyle Jul 10

> Oddly, a government that lost 114 files on child abuse thinks it's important
> to keep a note of every time you post a funny cat video online

> Frankie Boyle @frankieboyle Jul 10

> About time we had a new electronic surveillance law to uncover exactly no
> terrorists and 158 million texts about fucking

~~~
JonnieCache
How do these people not understand that when they say "we lost the files" the
public hears "we definitely did it, and we're probably still doing it."

The tory party is now surely the baby-raping party in the minds of everyone
who read about that investigation and the "lost" files.

TBF not much change there.

~~~
northernmonkey
The truth of course it that lots of MPs _do_ understand how people interpret
this kind of thing. Truth is, most MPs are intelligent, reasonable people.
Sadly they are often judged for the actions of the few reprehensible MPs that
more often than not make it to the front benches.

------
k-mcgrady
I read that the EU ruled a similar EU wide law unlawful recently. Can they not
do the same here? I always thought that although the UK can make it's own laws
it couldn't override EU rulings.

~~~
MatthewWilkes
That's why this law is being brought in. It's not an overnight thing to
invalidate a law, if they change it slightly they get another period of doing
evil until they're ordered to stop again.

~~~
omh
It may be slightly more clever than that. David Allen Green suggests[1] that
this moves the legislation so that it is directly implemented by UK law rather
than as a result of an EU law.

This means that the current court ruling wouldn't apply and that it would be
almost impossible to mount a similar court challenge in future.

[1] Non-reg link:
[http://www.google.co.uk/url?sa=t&source=web&url=http://blogs...](http://www.google.co.uk/url?sa=t&source=web&url=http://blogs.ft.com/david-
allen-green/2014/07/11/drip-drip-drip-the-emergency-surveillance-law-erodes-
our-civil-liberties/)

~~~
AlyssaRowan
He's not to my reading saying it would be 'almost impossible' to mount a
similar challenge in the future.

The "DRIP Bill" (thanks, that's a great term) is fairly obviously taking the
piss with the ECJ ruling, considering it contains a big slice of the
"Snoopers' Charter" and is going in _exactly_ the wrong direction.

It would, however, require a _new_ legal challenge to the Supreme Court or the
ECJ/ECHR to fight this, and they probably think that will take somewhat longer
than 2 years, 2 years during which they get more retention, after which
they'll probably either renew it or change it a bit again, probably for the
worse because some of the Tories like Theresa May and Cameron don't even think
_this_ went far enough (wtf?!), and reset the clock _again_... maybe I'm being
cynical, but I think my cynicism is well-earned here.

Gah.

------
nateabele
> _" [E]mergency legislation is necessary to keep the country safe"_

After the number of times US and UK spy agencies have been caught red-handed,
do people really still buy this? Because that'd be the saddest part of all.

~~~
pjc50
People still buy the Daily Mail, that's what matters.

[http://www.dailymail.co.uk/home/index.html](http://www.dailymail.co.uk/home/index.html)
: at time of writing this comment, I can't find any mention of this story on
the front page at all.

Also, to be fair, if you're an average white guy who doesn't get involved in
politics, you're not likely to have surveillance used against you. It's a
police state _in potential_ , a "fleet in being" that has not put to sea.

~~~
switch007
[http://www.dailymail.co.uk/news/article-2687112/Emergency-
sp...](http://www.dailymail.co.uk/news/article-2687112/Emergency-spy-laws-
monitor-calls-web-use-needed-safe-Cameron-claims.html) EDIT: ah, no, not on
the front page..

The comments are better than I expected, to be honest.

------
antr
Looks like status quo as this is the response I got from Sky regarding data
retention a couple of week ago:
[https://news.ycombinator.com/item?id=7970165](https://news.ycombinator.com/item?id=7970165)

~~~
pjc50
It's not, really. The question as to whether something is legal if the EU says
it isn't but the UK says it is is not entirely clear even given _Factortame_.

The law itself contains a signifigant expansion of the powers, in particular
imposing legal obligations on non-UK persons and also allowing the Secretary
of State to write new regulations and statutory instruments.

[http://blogs.ft.com/david-allen-green/2014/07/11/drip-
drip-d...](http://blogs.ft.com/david-allen-green/2014/07/11/drip-drip-drip-
the-emergency-surveillance-law-erodes-our-civil-liberties/)

~~~
antr
Many thanks for the explanation. Now I understand the concern.

------
coldcode
The country where 1984 was written seems determined to make it factual
history. Once a government decides it's fine and dandy to spy on its own (and
others) it's unlikely to ever go backwards.

------
easytiger
Which Billis this? Is this the Communications Data Bill that has been around
for a while? I can't see anything in hansard remotely related to this.

~~~
mnem
There's a draft uploaded at
[https://www.gov.uk/government/uploads/system/uploads/attachm...](https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/328939/draft-
drip-bill.pdf)

~~~
easytiger
Thanks, got it.

