e-petitions for the House of Commons by 2010 ?
The Procedure Committee of the House of Commons has now published their Report about the possibility of introducing an e-petitions to the House of Commons, perhaps by 2010, based mostly on the on the experience of the No. 10 Downing Street e-petitions to the Prime Minister and the Scottish Parliament e-petitions systems.
See: Select Committee on Procedure First Report on e-petitions printed 19 March 2008.
The report details the incredibly wasteful and archaic current written petitions system, involving the collection of unauthenticated signatures, the printing out of the petition and a Member of Parliament standing up and presenting it (whilst virtually all the other MPs flee the Chamber of the House of Commons), and then the placing of the Petition in a Bag behind the the Speaker's Chair.
This has got to change, as many other legislatures have better paper and electronic systems than this around the world.
The Committee seems to be supporting a more complicated scheme than the Number 10 Downing Street e-petitions system, which will, inevitably mean that fewer people choose to make use of it.
Although the Committee recognises that with Written Petitions nobody actually bothers to check the validity of signatures and addresses, they are insisting on at least name, email address (for a sign up web link confirmation email), street address and post code for this proposed system.
However since this would be via a web server interface, such a system would also , inevitably also collect other Communications Traffic Data e.g. web browser type, and IP address information as well.
The Committee claims, correctly that this is personal data under the Data Protection Act, but they persist in claiming that the House of Commons could somehow be forced to reveal such personal data under a Freedom of Information Act request, which, something which smacks more of the MPs' Expenses scandals, than of any real concern for the privacy of members of the public.
95. The House should, however, be aware that it may not be able to guarantee absolute protection for this personal information. Firstly it is possible, although in our view unlikely, that in certain circumstances its release could be required in response to a freedom of information request. The provisions of the Data Protection Act and the Freedom of Information Act relate to each other in complex and sometimes uncertain ways. We believe that the House authorities should argue against any disclosure under the Freedom of Information Act, particularly since such a disclosure might risk discouraging participation in e-petitioning. But the ultimate decision on disclosure would be for the Information Commissioner or the Information Tribunal.
It is welcome that although they insist on a Constituency Member of Parliament becoming the Facilitator of a new e-petition, in the first place, that they recognise that there should be the ability to nominate another MP if a Constituency MP refuses to support the Petition or cannot be seen to be doing so e.g. the Speaker or Deputy Speakers or Government Ministers.
More worrying is their claim that
96. Secondly, there is the possibility that the House could be required to release the information under other legislation. The Regulatory and Investigatory Powers Act, for example, allows certain public authorities (including the police, Revenue and Customs and the intelligence agencies) to acquire 'communications data' where that is 'necessary' in the interests of national security or public safety or for the prevention or detection of crime. It is difficult to foresee circumstances in which such powers might be used in respect of information relating to e-petitions, but the House should be aware of the possibility.
It is not "difficult to foresee circumstances in which such powers might be used in respect of information relating to e-petitions", given the propensity for "national security" function creep and what are now openlly acknowledged to be using or contemplating the use of "Rich Picture" or "Data Matching" or "Data Warehousing" or" simply "Data Trawling" and "Fishing Expeditions".
The names, addresses, email addresses and IP addresses etc. of e-petitioners and of the people who sign e-petitions on controversial subjects such as: foreign wars, national independence, abortion, animal experiments, religious extremism, expansion of transport infrastructure at the expense of local residents etc.. all of which could attract a minority of terrorist or near terrorist fanatics, might well be of interest to snoopers of various sorts, both in the UK Government, and in the private sector and overseas.
None of this information should be made available to anyone, and it should be protected by Parliamentary Privilege, and subject to the "Wilson Doctrine".
If this proposed system goes ahead, it should be welcomed as an opportunity for the seemingly remote and irrelevant Members of Parliament to be seen to be actually listening to the concerns of the public, thereby strengthening our democracy.
Comments
Legally or not the information will become available to government and anyone initiating or signing a petition hostile to government policy will be recorded as an enemy of that government. Given the petty vindictiveness of the present regime it is highly likely that one will then become a target for reprisals.
Posted by: The Laughing Cavalier | April 11, 2008 10:00 AM
As the former Liberal Democrat MP Richard Allan (now working for Cisco) said in his evidence to this Committee, there will inevitably be attempts to "game" any e-petitions system, and to push it to its limits. Therefore some sort of registration is needed to prevent duplicate signatures and outright fakes created by malicious scripts or programmes.
The extra Communications Traffic Data automatically potentially gathered by a web server, and its associated firewalls, load balancers and other bits of hidden internet infrastructure, over and above whatever actual personal data is actually asked for in the e-petition submission and signature web forms, will not be important or interesting for the vast majority of e-petitions or users of the system.
However, when, not if, someone tries or succeeds in submitting an e-petition on a controversial topic, which might threaten the vested interests of those in power, then there will be a temptation to pretend that, somehow, "national security" etc. is involved and to snoop and trawl and fish through the data and log files.
This could end up like the Security Service MI5 website update notification email subscriptions scandal.
The House of Commons should pass legislation making it a criminal offence, with penalty of imprisonment of at least 2 years, making it a potentially extraditable offence, for anybody to snoop or trawl through this on this e-petitions data at all.
The e-petitions system should also make use of standard SSL/TLS encryption, as used for e-commerce and internet banking transactions, from the outset, and not as an afterthought.
Given the increasing numbers of mobile phones, these should also be capable of being used to sign such an e-petition, provided that the Communications Traffic Data (including Location Based Services) is protected from snooping.
Posted by: wtwu | April 11, 2008 11:15 AM