Spy Blog - SpyBlog.org.uk

Of all the places in the United Kingdom, one would have expected that Her Majesty's Prisons could be kept free of illegal mobile phones.

It should be trivial for the mobile phone networks to detect any unauthorised mobile phones physically within Prisons and to alert the authorities automatically (after,no doubt, charging them a suitable Location Based Services fee). It should be technically easy to install radio triangulation equipment which spots and accurately locates a mobile phone within a Prison, as soon as it is switched on, even for a few seconds.

However, according to these figures published in Hansard, it appears that the Ministry of Justice (and the Home Office before them) are failing to prevent the smuggling of mobile phones into prisons.

They claim to have seized 3,473 mobile phones (or SIM cards) in the last year (October 2006 to September 2007)

This must also imply that there is a huge illegal drugs smuggling racket as well, and that it seems very likely that corrupt Prison Staff must be involved:

Dec 2007 : Column 1261W

[...]

Prisons: Mobile Phones

Lady Hermon: To ask the Secretary of State for Justice how many mobile telephones were seized in prisons in England and Wales in each of the last 12 months. [170463]

Maria Eagle: Prison establishments are required to send all seized mobile telephones to HMPS Security Group for interrogation. The following table contains the number of mobile phones (which includes handsets, handsets containing SIM cards, and individual SIM cards) seized and sent for interrogation in each month from 1 October 2006 to 30 September 2007.

5 Dec 2007 : Column 1262W

Month	Total number submitted for interrogation
October 2006	230
November 2006	249
December 2006	178
January 2007	310
February 2007	330
March 2007	240
April 2007	272
May 2007	400
June 2007	302
July 2007	334
August 2007	333
September 2007	295
Total	3,473

We would like to see some statistics on how long it takes for these illegal mobile phones to be detected and confiscated.

The figures for each individual Prison should be also be published.

A Further Thought:

Given that modern mobile phones can also include BlueTooth and/or WiFi,then the radio security defences of Prisons should also check these methods of sending messages. An extended range antenna and/or an illegal amplifier, in a vehicle in the car park or in neighbouring streets could well penetrate the walls of the Prison, without making use of the actual mobile phone network.

Cordless DECT phone handsets might also be illegally amplified to reach in and out of a Prison.

Posted by at 3:09 PM | Permalink | Comments (12)

The European Union's mandatory Communications Traffic Data Retention Directive is creeping towards implementation in the UK - see the Data Retention Is No Solution wiki for a European Union perspective of opposition to this Directive.

This dubious plan intends to force telecomms and internet companies keep billions of data records from logfiles and itemised billing systems etc., on all 450 million innocent citizens of the European Union for at least 12 months, even when, under the normal principles of Data Protection and good business practice, such records should have been destroyed.

[hat tip to Clive Feather via the UK Crypto email list]:

Consultation on the initial transposition of the European Directive (2006/24/EC) on the retention of communications data

This consultation paper invites views on the draft Regulations that we propose to use for the initial transposition of European Directive 2006/24/EC on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks and amending Directive 2002/58/EC.

We welcome comments on the draft Regulations - which concern only fixed line and mobile telephony - before we prepare the Regulations to be laid before Parliament for approval later this year.

The Consultation ends on 11 June 2007.

Download the consultation document:
Consultation on the initial transposition of the European Directive (2006/24/EC) on the retention of communications data (.pdf 2.4Mb 30 pages)

N.B. this document uses non-standard fonts, so you may have difficulty trying to copy and paste text from it

These proposed Regulations could be the opportunity not to renew the so called Voluntary Scheme of Communications Data Retention under the botched Anti-terrorism, Crime and Security Act 2001 Part 11 Retention of Communications Data, when its "sunset clause" runs out again this December 2007.

1.4 The date for transposition of the Directive is 15 September 2007, however the Government has made a declaration in accordance with Article 15(3) of the Directive that it will postpone its application to the retention of communications data relating to internet access, internet telephony and internet e-mail until no later than 15 March 2009.

Several other EU Governments are also delaying this aspect of the Directive as well., so the Regulations which are being proposed only deal with mobile phone and fixed landline PSTN telephony.

Posted by at 9:24 PM | Permalink | Comments (1)

The Register has an OutLaw article about the illegality of the FlexiSPY mobile phone snooping software within the legal jurisdiction of the United Kingdom.

They rightly point out that using this software on a UK mobile phone clearly constitutes "electronic interception", and, unless it is done by law enforcement or intelligence agencies under a warrant signed by the Home Secretary, it could attract a penalty of up to 2 years in prison., under the Regulation of Investigatory Powers Act 2000 (RIPA).

Regular readers of Spy Blog will recall that the jurisdiction claimed by the UK Government , under RIPA section 2 Meaning and location of "interception" etc.. covers the entire universe e.g.

"telecommunication system" means any system (including the apparatus comprised in it) which exists (whether wholly or partly in the United Kingdom or elsewhere) for the purpose of facilitating the transmission of communications by any means involving the use of electrical or electro-magnetic energy.

The quote from the Home Office spokesperson,

The Home Office confirmed that Vervata was not committing an offence under RIPA.

seems to whitewash the role of the the UK / Thailand based software developers Vervata, as it does not give the whole legal background. They do not seem to know even which laws the Home Office is supposed to be in charge of, let alone the rest of Government.

Since the FlexiSPY software secretly sends off its spy reports via the bugged mobile phone itself, using GPRS, it will (as stated by the manufacturers) attract a Data Call Charge as well.

This is better known as telephone fraud.

We therefore think that sections 125 and 126 of the Communications Act 2003 apply to both to the manufacturers of FlexiSPY, namely Verdata , and to any of their customers who purchase their software.

These sections attract a criminal penalty of up to 5 years in prison and / or a fine.

This law has already been used to sucessfully prosecute someone for abusing an "open" WiFi wireless network connected to the internet.

See

Section 125 Dishonestly obtaining electronic communications services

and Section 126 Possession or supply of apparatus etc. for contravening s. 125:

These sections are written in the usual NuLabour Government "infinite powers" style of legislation, including catch-all words like "anything" and "knows or believes" and "for a purpose connected with".

Note that mere "possession" is illegal, even if the FlexiSPY software is never installed or used.:

Continue reading "How illegal is FlexiSPY under RIPA 2000 and the Communications Act 2003 ?" »

Posted by at 3:27 PM | Permalink | Comments (4)

The two Public Consultations on aspects of the Regulation of Investigatory Powers Act 2000 being run by the Home Office formally close today, August 30th 2006.

The Home Office's Covert Investigation Policy Team will probably not reject submissions up until when they present these Draft Codes of Practice to Parliament sometime in the Autumn. [UPDATE no later than 13th September - see below]

If you do not feel like submitting a full response, or if you wish to submit an anonymous one, then please feel free to make use of our two mini-blogs which allow you to comment on each section of these Consultations and Codes of Practice:

Continue reading "RIPA Public Consultations formally close today" »

Posted by at 6:20 AM | Permalink | Comments (1)

On Monday, Spy Blog attended the Scrambling for Safety 8 conference, held at University College London, during which the public consultation on the Regulation of Investigatory Powers Act 2000 (RIPA) Part III on Government Access to Encryption Keys and the RIPA Part 1 Chapter II public consultation on Communications Traffic Data, were discussed by eminent experts, before an extremely well informed audience.

In the pub afterwards, Spy Blog managed to chat with Members of the House of Lords, academics, internet and telecomms experts, cryptographers, technical journalists, privacy and human rights campaigners, and Home Office civil servants and some fellow political bloggers. We missed out on talking with other interesting people such as members of the Police who deal with child porn investigations, and a RIPA Commissioner (?), and someone from the Financial Services Authority, all of whom will be affected by this proposed legislation.

Given the potential multi-billion pound impact of this legislation on the United Kingdom economy, on law and order, and on individual human rights, it is worth examinining in detail, exactly what is being proposed, since the consquences of getting the checks and balances wrong, will be immense.

The agenda and the slides from some of the talks are now online at the Foundation for Information Policy Research website

Continue reading "Scrambling for Safety 8 - meeting some interesting and influential people" »

Posted by at 8:46 AM | Permalink | Comments (2)

"Phone interception" is back in the attention span of the mainstream news media, thanks to an official complaint from Clarence House i.e. from Prince Charles' staff.

The BBC reports that three men, including the News of the World's Royal correspondent, have all been arrested this morning under Section 1 of the Regulation of Investigatory Powers Act 2000.

Despite the reporting on both the BBC and on Sky News (part of the same group who own the News of the World tabloid), this is not a serious crime, according to the current law:

(7) A person who is guilty of an offence under subsection (1) or (2) shall be liable- (a) on conviction on indictment, to imprisonment for a term not exceeding two years or to a fine, or to both;

(b) on summary conviction, to a fine not exceeding the statutory maximum.

According to Sky News, the complaints came back last December 2005, when 3 members of staff from complained about breaches of security of the Clarence House telephone system, "over a significant period of time", something which obviously has possible security implications for the safety of the Royal Family.

Sky News are now reporting that mobile phones are thought to be involved, and that other possible breaches of telephone privacy "at the homes of other public figures" are being investigated.

"An MP may have had their phone intercepted as well."

If true, this is far more serious than just a small scandal involving tape recordings or bugs or voice mail systems, physically located just within, say, Clarence House.

There are obvious comparisons to be made with the ongoing Vofafone mobile phone interception scandal in Greece.

The mention that a Member of Parliament may also have had his or her mobile phone intercepted means that the "Wilson Doctrine", must also be discussed.

Continue reading "Royal Household "phone interception" - 3 arrests, including the News of the World 's "Royal correspondent"" »

Posted by at 9:08 PM | Permalink | Comments (6)

Tor - the onion routing network

"Tor aims to defend against traffic analysis, a form of network surveillance that threatens personal anonymity and privacy, confidential business activities and relationships, and state security. Communications are bounced around a distributed network of servers called onion routers, protecting you from websites that build profiles of your interests, local eavesdroppers that read your data or learn what sites you visit, and even the onion routers themselves."

All this is interesting from a technological point of view, and as a practical tool to help defend your online privacy and anonymity from criminals, terrorists and police states.

However, despite "several hundred thousand" users of worldwide, the size and distrubution of the "Tor cloud" of volunteer donated Tor server bandwidth is worryingly small.

Today there are just over 300 servers in the "cloud", but major portions of the the worldwide internet are unsupported e.g. there appear to be more Tor servers in Communist China than in Japan and South Korea (with their huge numbers of internet users and available high speed bandwidth) combined.

Even more embarrassingly, the United Kingdom currently sports fewer than 30 Tor servers i.e. fewer than the city of Berlin in Germany does ! Obviously the "location" is based on the whois information pertaining to theregistered offices of the ISP, but there are plenty of other Tor servers in the rest of Germany.

Give something back to the internet community, and do something to protect your own privacy and freedom, as well as that of others, and run a Tor server.

You do not need to be a *nix guru in order to configure a Tor server: the new Vidalia (a type of onion) GUI front end configuration tool and network map display, makes things as easy as setting up , say, Internet Connection Sharing, on a Windows XP box.

Continue reading "More Tor servers in Berlin than the whole of the UK - donate some bandwidth and set up your own Tor server" »

Posted by at 3:44 PM | Permalink | Comments (4)

Scrambling for Safety 8 conference details:

We've finally sorted out the details of the eighth Scrambling for Safety meeting on the Home Office access to keys and communications data code of practice consultations.

It is being held from 2-5pm on Monday 14 August 2006, at the Gustave Tuck Lecture Theatre, South Wing, UCL, Gower St, London WC1
[campus map].

Street Map location.

The nearest Tube stations are Warren Street and Euston Square.

Admission is free but space is limited, so if you wish to attend please subscribe to the meeting mailing list.

Please e-mail sfs8@fipr.org with requests for any other information.

The agenda is as follows:

Continue reading "Scrambling for Safety 8 conference details" »

Posted by at 6:26 PM | Permalink | Comments (0)

Ian Brown writes:

We're just finalising the very last details before sending out a full announcement, but I thought lots of list members might be interested in the forthcoming Scrambling for Safety 8 meeting that FIPR and friends are holding next month. Simon Watkin, Caspar Bowden, Richard Clayton, Brian Gladman, Duncan Campbell, The Earl of Erroll, Ross Anderson, Lord Phillips of Sudbury and Simon Davies will all be speaking on the two current Home Office RIPA consultations (on government access to decryption keys and the code of practice for government access to phone/Internet usage data).

The (free) event will be held on Monday 14 August from 2-5pm at University College London (Gower Street, WC1).

Full event and registration details to come in the next few days. Hope lots of you can make it!

We have set up two mini-blogs, to help people to read and comment on each section of these two Public Consultations:

• Consultation on the Draft Code of Practice for the Investigation of Protected Electronic Information - Part III of the Regulation of Investigatory Powers Act 2000
  • see www.spy.org.uk/ripa3

• Consultation on the Revised Statutory Code for Acquisition and Disclosure of Communications Data - Chapter II of Part I of the Regulation of Investigatory Powers Act 2000
  
  • see www.spy.org.uk/ripa1

Continue reading "Scrambling for Safety 8 - Monday 14th August 2006" »

Posted by at 10:33 AM | Permalink | Comments (0)

We should have picked up on this earlier, but then so should lots of other people:

Consultation on the Revised Statutory Code for Acquisition and Disclosure of Communications Data - Chapter II of Part I of the Regulation of Investigatory Powers Act 2000

See the
Regulation of Investigatory Powers Act 2000 Part I Chapter II

The (.pdf) document:

Consultation paper, and Revised Statutory Code on the Acquisition and Disclosure of Communications Data (278K )

This current Home Office Public Consultation on Communications Traffic Data, has had even less media or blogger or privacy or security activists attention, than the one on RIPA Part III Encrypted Data and Encryption Keys

The (.pdf) document also uses non-standard fonts, which present a small technical barrier for many people who are simply trying to Copy and Paste portions of text to quote in their submissions to the Public Consultation, so feel free to use our HTML version if you prefer.

Our RIPA Part I Chapter II consultation blog:

http://www.spy.org.uk/ripa1/

As with the RIPA Part III consultation blog, if anybody does not feel up to writing a full submission, leave your comments on the relevant section, and we will summarise them in our formal response, again by the closing date of 30th August 2006.

Continue reading "Another RIPA consultation - Acquisition and Disclosure of Communications Traffic Data" »

Posted by at 6:42 PM | Permalink | Comments (2)

This Monday 19th June, the House of Lords is set to rubber stamp a couple of Draft Statutory Instruments relating to the Regulation of Investigatory Powers Act 2000

Former Appeal Court Judge Sir Charles Mantell has been appointed as a Surveillance Commissioner by the Prime Minister from 1st July 2006 until 30th June 2009. See the Office of Surveillance Commissioners website for details of what they do under RIPA etc.

The Draft Statutory Instruments:

Continue reading "RIPA news - more officals to be added to the list of authorised snoopers and Sir Charles Mantell appointed as a Surveillance Commissioner" »

Posted by at 4:50 PM | Permalink | Comments (3)

Sir Ian Blair , the Commissioner of the Metropolitan Police is reported by The Scotsman as having secretly recorded phone conversations with The Independent Police Complaints Commission over the Jean Charles de Menezes shooting, and with Lord Goldsmith, the Attorney General

Ironically this "confidential" conversation with the Attorney General:

"concerned the admissibility of wire tap evidence in court, but did not involve any particular case."

Given the spin and media leaks which the disgraced Home Secretary David Blunkett inflicted on Sir John Stevens, the predecessor of Sir Ian Blair, it is quite understandable that this most politically correct of NuLabour apparatchiki would, in classic police state style, feel the need to have an independent record of exactly what was, or was not said to his NuLabour political contacts.

Obviously there are several questions which spring to mind, but which we doubt that the journalists reporting the story will bother to ask:

Continue reading "Sir Ian Blair has secretly recorded a phone conversation with the Attorney General, about the admissability of phone intercept evidence in court" »

Posted by at 10:57 PM | Permalink | Comments (1) | TrackBacks (1)

There really is no excuse, in a democracy, for the Government not to answer general questions about the strategy and democratic safeguards, about any aspect of "security" policy, whilst obviously protecting current operations and methods, or the details of individual cases.

Yesterday, Dr. Vincent Cable, the Liberal Democrat MP for Twickenham, was again stonewalled by the Prime Minister regarding his series of perfectly reasonable questions regarding the "Wilson Doctrine."

All he got was an unsatisfactory "nothing further to add " Answer.

What is the Prime Minister hiding from us ?

Did the Home Secretary indirectly admit to the phone tapping of MPs in the latter half of 2005 ?

Remember that it is the constituents of Members of Parliament who are being potentially illegaly snooped on, not just the MPs themselves, under the murky limits of the "Wilson Doctrine".

Dr. Cable's Parliamentary Written Answer:

Continue reading "Prime Minister Tony Blair still refuses to answer questions about the "Wilson Doctrine"" »

Posted by at 7:49 AM | Permalink | Comments (0)

The scandal unfolding in Greece, reported by the Independent over the revelations that politicians mobile phones, including those of the Greek prime minister etc. had been intercepted by Vodafone, before and after the 2004 Olympic Games.

Is the Vodafone mobile phone network similarly vulnerable here in the United Kingdom ?

Some more details in this AFP report via Alan Mather e-government@large

Continue reading "Vodafone Greece "hacked" - is Vodafone UK safe ?" »

Posted by at 1:21 AM | Permalink | Comments (10) | TrackBacks (1)

The Deputy Prime Minister's department has managed to display astonishing ignorance about a subject which is one of its direct Ministerial responsibilities:

Written answers Monday, 23 January 2006

Deputy Prime Minister
Fire Service (Mobile Communications)

Bob Spink (Castle Point, Con): To ask the Deputy Prime Minister how many instances have been recorded of the fire service using mobile phone location data to effect a rescue operation. [43784]

Jim Fitzpatrick (Parliamentary Under-Secretary (London), Office of the Deputy Prime Minister) The information requested is not held centrally. The fire and rescue service is not responsible for tracking criminals.

N.B. this is a Written Answer, not an "off the cuff" oral one.

The Office of the Deputy Prime Minister is the Government department which sets the planning policies which affect the siting of Mobile Phone mast transmitters. The ODPM is also responsible for the planning applications for the TErrestrial Trunked RAdio (TETRA)
masts used for the Airwave encrypted radio service used by the Police, Ambulance, and Fire and Rescue services.

It is the physical locations of these masts, which are used by third party companies to offer Mobile Phone Location Based Services to consumers (which have their own potential privacy and security problems) and which can also be used to provide the approximate locations of 999 / 112 mobile phone calls to the Emergency services.

If the primary use of Location Based Services, so far as the ODPM is concerned, is for for the electronic tagging of criminals or the tracking of criminals via their mobile phones, what chance is there that they will not see the forthcoming eCall the pan-European in-vehicle emergency call system which is due to be fitted to all new vehicles in the European Union from 2009, as just another way of keeping the UK public under control ?

Posted by at 10:52 AM | Permalink | Comments (6)

Today's Prime Minister's Questions saw several Questions on topics which this blog has commented on - at last !

There was quite a long exchange with subsidiary questions, between David Cameron and Tony Blair on ID Cards.

The LSE Identity Project report came up again. The work of dozens of academic and industry experts was, yet again misleadingly characterised, by Tony Blair himself this time, as the work of a single man "the leading civil rights campaigner against ID Cards". Yes Simon Davies is involved, but not on his own !

Tony Blair fell back on the fallacious NuLabour "identity fraud" justification and on the alleged inevitability of the international biometric passport schemes, which are vastly different from what this Government is actually proposing,

Tony Blair managed to tar the Chancellor Gordon Brown with the brush of collective Cabinet responsibility for his ID Card scheme, by claiming that Gordon had "supplied the figures" for the still secret detailed cost estimates.

The political TV commentators / kremlinologists noted that, unusually, Gordon Brown was actually smiling during the ID Card and other questions.

Another Tory MP also asked about ID Cards and failed Government computer projects and Tony Blair claimed that fears about "civil liberties are completely misplaced".

The interim leader of the Liberal Democrats asked, as we commented on back in November, why the Information Management, Prioritisation, Analysis, Co-ordination and Tasking (IMPACT) computer system, recommended 18 months ago by the Bichard Inquiry for the sharing of "intelligence on sex offender" (actually far more than just this) amongst Police Forces, is now scheduled to be at least 3 years late.The Prime Minister did not have an answer, "off the cuff", and which he had to promise to write to Sir Menzies Campbell about it.

Labour MP David Winnick asked about the "leaked report" (?) about the tapping of MPs phones i.e. the review of "Wilson Doctrine" and very reasonably asked that there should be a debate about it.

Tony Blair claimed that it was not his idea, and seemed to deny that it was a direct result of the July bombings, and claimed that it was due to the representation made to him by the "Intercept Commissioner", which he is "obliged to consider" and vaguely promised to do so some time in the future.

Does this mean that our concerns over these technological "magic fix" policies are starting to be noticed by the major political parties ?

Posted by at 12:00 PM | Permalink | Comments (0)

When we read and responded to a posting on William Heath's Ideal Government blog - "Why we think the EU data retention measures are necessary and proportionate", we were sceptical that it had actually been posted by or on behalf of the Rt. Hon. Hazel Blears MP , the motorbike riding Minister of State for Policing, Security and Community Safety at the Home Office.

It does seem to be a genuine (if indirect) blog posting by a Home Office Minister !

See John Lettice's commentary on this published in The Register.

We made a couple of obvious points about the examples which she trotted out to supposedly justify the retention of communications traffic data, belonging to over 450 million innocent people, for two years or even longer.

Now it is your chance to comment on Data Retention, either at Ideal Government or at the Open Rights Group or here on Spy Blog.:

At least someone in the Home Office media spin kremlin will have to read your contributions to the debate.

Posted by at 6:22 PM | Permalink | Comments (0)

The vote on the final resolution(.pdf) was adopted by 378 votes in favour to 197 against, with 30 abstentions.

Since this document is structured according to the multinational European Parliament political groupings, mostly just by Surname, with no indication of UK Political Parties or Constituencies, we have tried to decode this vote to see which United Kingdom Members of Parliament cannot be trusted with our freedom and liberty, and should therfore be punished at the next election.

There seems to have been a backroom deal between the Party of the European Socialists (PES), which includes the UK Labour party, and the European People's Party (Christian Democrats) and European Democrats (EPP-ED) groups, which includes the UK Conservative party - the two largest groups in the European Parliament, who mostly voted for the Directive. Although the Liberal Democrats voted Against, their political grouping the Alliance of Liberals and Democrats for Europe (ALDE) was split.

Of the UK political parties, only the Conservatives were split, with 9 rebels voting Against.

Of the 78 United Kingdom Members of Parliament, only 66 of them voted on the Directive, with none of them actually recorded as abstaining.

35 UK MEPs voted Against:

10 Conservative
10 Liberal Democrats
1 Greens
1 Sinn Féin
8 UK Independence Party
1 Democratic Unionist Party
3 Independents
1 Scottish National Party

12 UK MEPs who Did Not Vote - presumably they were away from the Plenary session as they are not recorded as having abstained:

3 Conservative
2 Labour
2 Liberal Democrats
1 Greens
1 Plaid Cymru
1 Scottish National Party
2 UK Independence Party - N.B. both of these voted Against on the previous vote on the modified text i.e a full complement of UKIP MEPs voted

5 of these UK MEPs (2 Labour, 1 Conservative, 1 Liberal Democrat and 1 Green) were part of the European Parliament delegation to the World Trade Organisation talks in Hong Kong i.e. a reasonable excuse for absence.

31 UK MEPs voted For the directive, and should be punished via the ballot box accordingly.

13 Conservative
17 Labour
1 Ulster Unionist Party

Most people have little clue who their Members of the European Parliament are. You can find their contact details on the UK Office of the European Parliament website, which, astonishingly, provides no easy links to the voting record of any individual UK MEP. Alternatively you can use WriteToThem to let them know your opinion about how they voted on this fundamental reduction in our freedom and liberty, which will have no demonstrable effect on terrorists or serious criminals, but will cost the public more money for telecommunications and internet services, and make Europe less competitive in global markets.

Continue reading "Which UK Members of the European Parliament betrayed our liberties over the Data Retention Directive vote ?" »

Posted by at 9:02 PM | Permalink | Comments (0)

The European Parliament has passed the controversial Communications Traffic Data Retention directive.

Results of votes on Wednesday 14 December Data retention Directive of the European Parliament and of the Council on the retention of data processed in connection with the provision of public electronic communication services and amending Directive 2002/58/EC (A6-0365/2005) Rapporteur: Alexander Nuno Alvaro (ALDE, DE) Parliament adopted a package of compromise amendments after agreement had been reached with the Council. The amendments were approved by 387 votes in favour to 204 against with 29. The final resolution was adopted by 378 votes in favour to 197 against with 30 abstentions.

We await the full breakdown of exactly which of our Members of the European Parliament have betrayed the privacy and security of 450 million innocent European Union citizens, whilst adding unecessary costs to their telecommunications and internet providers, thereby making the EU less competitive in a world market, all for no demonstrable benefit in the fight against terrorism and serious crime.

None of the Communications Data Traffic used to identify the Madrid or London bombers was months or years old retained data on millions of innocent people - it was current and near real time data, focussed on suspects under investigation, which was of use to the law enforcement authorities, and it will always be so in the future.

Consulting with representatives of the telecomms and internet industries is not an adequate substitute for consulting with the wider European Union public at large on such fundamental privacy and security issues.

Posted by at 12:46 PM | Permalink | Comments (4) | TrackBacks (2)

Privacy International and many other civil and digital rights organsisations have published an Open Letter to the European Parliament on Data Retention

You can contact your United Kingdom Members of the European Parliament (remember you have more than one of the due to the party list system) via WriteToThem or their contact details can be found on the European Parliament UK Office website. Please lobby your Members of the European Parliament before the plenary session in Strasbourg starting on the 12th of December.

Continue reading "Open Letter to the European Parliament on Data Retention" »

Posted by at 4:26 PM | Permalink | Comments (0)

Statewatch have the text of a draft DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on the retention of data processed in connection with the provision of public electronic communication services and amending Directive 2002/58/EC (.pdf) which seems to have been agreed at the meeting in Brussels of the European Union Justice and Home Affairs ministers, chaired by the UK Home Secretary Charles Clarke.

According to Statewatch:

Press reports suggest that the European Commission will accept these changes to its draft Directive. To work though the European Parliament has to adopt exactly the same amendments at its plenary session 12-15 December - the deadline for amendments is 7 December

Remember to remind your Member of the European Parliament and your Member of the UK Parliament that voting against Data Retention will not hinder any investigation into terrorist or serious organised crime. The highly publicised case of the terrorist suspect who fled to Rome from London after the July 21st incidents, and who was tracked via the mobile phones he used, made no use whatsoever of any retained data, only current and near real time data.

The vague list of categories of innocent people's data which is planned to be retained for at least between 6 months and two years (or three years like the Irish Government is still pressing for) is extremely intrusive because of the fantasy that criminals will never lie about their names and addresses and because of Cell ID Location Based Data.

Given the usual policy laundering and "gold plating" of EU Directives, this Directive would provide the excuse to attack the current freedom in the United Kingdom for innocent consumers to purchase and use an unregistered pre-paid mobile telephone and/or SIM card. It will do nothing to stop criminals continuing to use "untracebale" mobile phones, and it ignores the reality of the increasing use of "alwats on" internet connections.

Continue reading "EU Council Data Retention 2nd December 2005" »

Posted by at 1:27 PM | Permalink | Comments (3)

An interesting week on the European Union Data Retention front. The EU Council, shamefully steered by the United Kingdom which currently holds the Presidency, seems to be trying sneak some controversial Communications Data Retention decisions.

Communications Data Retention is controversial because it involves storing vast amounts of data , priomarily that of innocent people, not just those people being specifically targetted in Police or Intelligence agency investigations.

The EU Commission came up with a different but still draconian and ill thought out version of the plan.

The European Parliament seems to have rejected this, but the over powerful EU Council may still try to sneak in their version during December.

The Open Rights Group alerted us to the lobbying of MEPs by some corporate vested inteests which are trying to extend the plans for permitting access to Retained Communications Data to investigations for any petty criminal offence. These companies are also lobbying for the minor civil offences such as illegal use of copyrighted material to be redfined as criminal offences.

The prospect of rich foreign media and entertainement companies being allowed to have access to the retained Communications Traffic Data of 450 million, mostly innocent citizens of the European Union, either dfirectly, or, at public taxpayers expense, through the policee authorities, is a repellant one, given these industries' tarnished record of false accusations against their own innocent customers and the exploitation of original music and other artists.

These backroom deals and procedural shenanigans caught the attention of Nosemonkey

Then the 58,000 signature EU wide Data Retention is No Solution petition was handed in to the European Parliaemnt.

Then as , Ian Brown The Blog of Doom reported, the European Parliament's civil liberties justice and home affairs committee (LIBE) has voted on an amended version of the EU Commissions draft directive.

EurActiv report of the Committee's complicated deliberations, does leave us wondering about what this supposedly leass authoritarian version of the Communications Data Retention directive would mean for us in the UK if it were adpoted, especially with regard to the Regulation of Investigatory powers Act 2000 Part 1, Chapter 2, Aquisition and Disclosure of Communications Data.

We are not sure that we completely agree with Ian Brown:

Continue reading "EU Data Retention plans implications for UK Regulation of Investigatory Powers Act" »

Posted by at 3:48 PM | Permalink | Comments (1)

The Report of the Interception Commissioner for 2004 (.pdf)
produced by the Rt. Hon. Sir Swinton Thomas is now available online.

Why it has taken until November for the Government to publish this latest annual report , submitted on 12th July 2005, is a mystery, especially since the previous annual report was published in the July of the year to which it refers.

How can this be as "as soon as practicable after the end of each calendar year" as the Act requires ?

This report touches on some of the issues we have been worried about in the Terrorism Bill 2005 which seeks to amend the Regulation of Investigatory Powers Act 2000.

As with all such reports, there is a secret annex which has not been made public.

Continue reading "Report of the Interception Commissioner for 2004 by the Rt.Hon. Sir Swinton Thomas is now available online" »

Posted by at 2:21 PM | Permalink | Comments (0) | TrackBacks (1)

The members of the Investigatory Powers Tribunal headed by
Lord Justice John Mummery and the Chief Surveillance Commissioner Sir Andrew Leggatt have been re-appointed under the Regulation of Investigatory Powers Act 2000

Continue reading "RIPA Commissioners re-appointed" »

Posted by at 1:52 PM | Permalink | Comments (0)

The low profile Interception of Communications Commissioner Sir Swinton Thomas is reported by the BBC to have published his annual report (several months later than last year) , as laid down by section 57 of the Regulation of Investigatory Powers Act 2000.

We will try to link to an online copy if it becomes available. As we have come to expect this report does not yet appear on the Home Office, the MI5 or the Official Documents websites.

From the media reports, it all seems to be much the same as same as last year's report, but with an admonition against allowing the use of intercept evidence in court.

Posted by at 2:31 PM | Permalink | Comments (0)

Today saw the verdicts on the long running court case in Madrid, where 24 suspected Al Quaeada terrorist cell members were on trial, for membership of a proscribed organisation, and some of them, on charges of helping in the September 11th 2001 attacks (not the March 2004 train bombings in Madrid, as most of these people were in custody by then).

Read the 447 page judgement (.pdf), obviously in Spanish.

Interestingly, the Spanish Judges rejected the "evidence" of mobile phone call conversations, as being "untrustworthy".

The BBC reports:

"But the judges dismissed evidence of recorded telephone calls used by the prosecution, saying they were misleading and often based on misunderstandings of the Arabic language."

Continue reading "Spanish Al Quaeda group court case - judges reject the telephone intercept evidence as "untrustworty"" »

Posted by at 1:24 PM | Permalink | Comments (4)

The road to hell is paved with good intentions. Who could object to reducing road traffic accident deaths and injuries ?

Why not introduce a European Union wide plan called eCall, the pan-European in-vehicle emergency call system, which would make use of the forthcoming E112 Emergency Services phone numbers, with added Global Positioning Satellite and/or Mobile Phone Location based data, to automatically call the emergemncy services with location information and other data like the license plate number, make and model of the vehicle etc. in the event of a car accident, even if the driver of the vehicle is unconscious, and establish a voice call with an emergency operator if they are not.

All well and good, however, the latest plan which has been announced:

The 2nd eSafety Communication BRINGING ECALL TO CITIZENS(.pdf) (available in other European Union languages}

Where are the safeguards to prevent abuse of the system, for the vast majority of the time when your vehicle has not been involved in an accident ? The reliance on mobile phone technology means that the devices will have to establish a handshake with the nearest base stations, tracking every vehicle, even if no emergency call is being made.

Continue reading "European Union eCall system in all new vehicles from 2009 - Privacy ? Security ?" »

Posted by at 12:57 PM | Permalink | Comments (3)

Our somewhat lengthy comments on Part 1 of the Home Office paper to the EU Parliament - "Liberty and Security - Striking the Right Balance" -
Retention of telecommunications traffic data:

Right from the start, this section of the paper attempts to blur and confuse exactly what "Data Retention" is, presumably in the hope that the Members of the European Parliament and the public will fail to understand the difference between legal Communications Data Traffic Analysis, of say, mobile phone itemised bills, which are currently available to the authorities, and the proposals to retain such data well beyond the time that they would normally have been deleted or anonymised, in accordance with the necessary principles of Data Protection, which are the law in most European Union countries.

Continue reading "Home Office paper "Liberty and Security - Striking the Right Balance" - Retention of telecommunications traffic data" »

Posted by at 10:46 AM | Permalink | Comments (2)

The Observer has, mysteriously, gained access to a Confidential letter from William Ehrman, the Director General (Defence & Intelligence) at the Foreign & Commonwealth Office. He was also the temporary Chairman of the Joint Intelligence Committee, and will soon be taking up his post as the United Kingdom's Ambassador to the People's Republic of China in Beijing (currently Sir Christopher Hurn).

"Revealed: MI6 plan to infiltrate extremists

Read the letter from the head of the intelligence arm of the Foreign Office here (pdf)

Read the memo from the FCO's Islamic issues adviser here (pdf)

Martin Bright, home affairs editor
Sunday September 4, 2005
The Observer

British intelligence officers planned a 'black propaganda' campaign against Islamic extremists, infiltrating their groups through the internet, documents leaked to The Observer reveal."

Continue reading "The Observer: leaked Foreign office memos "Hearts and Minds and Muslims"" »

Posted by at 3:06 PM | Permalink | Comments (9)

This online petition to the European Commission and the European Parliament is for those of you who feel, as we do, that Data Retention is not a solution to terrorism and crime!

Continue reading "Data Retention is not a solution to terrorism and crime! - petition to the European Commission and the European Parliament." »

Posted by at 10:11 PM | Permalink | Comments (1)

The BBC and other mainstream media are running stories with lots of details about how "Hussain Osman"/ "Isaac Hamdi", the alleged suicide bomb attacker at the Shepherds Bush Tube station, was arrested in Rome.

All of this shows how useful mobile phone communications and location based data can be in tracking down a fugitive who is either ignorant of the technology, or who is desparate enough to risk using it.

However, this also shows that the "hot pursuit" of terrorist suspect does not require the UK and EU government controversial proposals for manadatory Data Retention of phone and internet log files for years, not just those of actual suspects (or to be more precise, suspect phones and computers) but of the vast majority of innocent people's data for years after there is any legal commercial business requirement to do so e.g. to resolve billing disputes.

What will happen to all the mobile phone communications data records belonging to every other innocent mobile phone user who was in the Shepherds Bush area at the time of the attack, which have been trawled through by the authories ? How long will this data be retained for ?

Given the way in which modern database and criminal intelligence visualisation software works, will the reputations , or the police records, of innocent people or even of petty criminals, be smeared through "guilt by association" with a terrorist investigation ?

The British authorities seem to have issued a European Arrest Warrant to extradite the suspect from Italy. We hope that they really do have more than just a mobile phone data to link himm to the scene, e.g. DNA evidence from the failed rucksack bomb, especially as the CCTV images so far released by Scotland Yard do not match particularly well with the photo issued by the Italian authorities.

Continue reading "Mobile phone data helps to track a London bomb suspect to Rome - no case for Data Retention of phone and internet logfiles" »

Posted by at 2:28 PM | Permalink | Comments (1)

The Home Secretary Charles Clarke, like his other NuLabour ministerial collegue Chancellor of the Exchequer Gordon Brown, is busy trying to "be seen to be doing something", no matter how expensive or ineffective, at the European Union level, in response to the terrorist bombings in London on the 7th of July.

Apart from trying to impose mandatory fingerprinting on other European Union countries, even before he has done so to the United Kingdom, Charles Clarke is yet again policy laundering the long running Data Retention of communications data proposals.

Wasn't all this meant to have been sorted out by the leaders of the European Union after the Madrid bombs in March 2004 ?

Continue reading "Mandatory Data Retention of Communications Data via the EU yet again" »

Posted by at 12:01 PM | Permalink | Comments (2)

Atlantic Blue was the codename for an internatioanl civil defence / terrorist attack response exercise held in April in USA, Canada and the UK.

The Observer has published a misleading article about it, neglecting to mention that whilst in the USA and Canada there were real simulated exercises involving tens of thousands of emergency workers, hospital staff etc. none of this actually happened in the UK, it was all downgraded to a "command post exercise" run by the Metropolitan Police.

"United Kingdom Participation: ATLANTIC BLUE

The United Kingdom will be involved in TOPOFF 3 through exercise 'ATLANTIC BLUE', which will be played at command post exercise (CPX) level only. This will allow the United Kingdom to focus specifically on communication across international borders at a strategic level and test simultaneous responses to linked terrorist incidents in the United Kingdom, United States, and Canada."

When the biannual exercise was planned, no doubt the UK was going to actually participate fully, but the timing coincided with the week of the General Election announcemnet just before Prince Charles' Royal Wedding and the Pope's Funeral, so it seems to have been downgraded to a token gesture.

The biological warfare scenarios played out in New Jersey in the USA were, presumably what led Sir Ian Blair, the Commissioner of the Metropolitan Police, to witter on about the threats of "bubonic plague" during his controversial interview with Sir David Frost during the election campaign.

Continue reading "Atlantic Blue media spin" »

Posted by at 8:44 AM | Permalink | Comments (0)

Why does The Sunday Times keep on publishing "climate of fear" disinformation articles like this one ?

Is this an informed article by Michael Smith who broke the "Downing Street memos" story, or is it deliberate disinformation and distortion ?

"Michael Smith served for nine years in the British Army's Intelligence Corps as a latter-day codebreaker before going to work for the BBC Monitoring Service. He has written for a number of newspapers, including the Financial Times, the Sunday Times, and most recently the Daily Telegraph, where he is Defense Correspondent."

or is this a script for an episode of the popular fictional BBC MI5 spy drama series "Spooks" ?

"The Sunday Times July 10, 2005

Focus: Terror in London

The secret war on terror
Michael Smith

The MI5 surveillance team picks up its suspect as he leaves his parents’ house in an Asian-dominated area of one of Britain’s major cities. The watchers keep their distance unobtrusively as the target — we will call him Jamal — stops to speak to another young Asian.

The body language makes it clear that Jamal is in charge. The conversation is not aggressive, but nor are they merely chatting. It is clearly not a chance encounter, and it is taking place on a well chosen patch of waste ground where they cannot be overheard. The MI5 team holds off.

Jamal has no record of extremism. He has never been seen publicly to side with the angry young men who after Friday prayers rage against Britain’s involvement in the war in Iraq.

Jamal's family has been here for several generations. He is regarded by those who know him as fully assimilated into British society. He has what his mother rightly regards as "a respectable job" working in computers.

On the face of it his frequent trips to Pakistan are innocent visits to see his aunts and uncles. But intelligence obtained by MI6 from a *liaison service*, in this case the CIA, shows that Jamal spends most of his "holidays" in Pakistan in guesthouses in the tribal homelands, talking to known members of Al-Qaeda.

Jamal does not exist, but his profile and the way the intelligence services deal with him exemplify the war on terror."

Is the allegedly fictional "Jamal" meant to be the very real Babar Ahmad a British citizen, who worked in IT support at Imperial College in London, whose father is a retired Foreign Office civil servant and who is facing extraditon to the USA, accused of "terrorist fundraising" by running Islamic fundamentalist websites (free speech ?) with discussion forums, according to the USA, but not according to UK law ?

Continue reading "Sunday Times "climate of fear" article on alleged MI5 anti-terrorism methods" »

Posted by at 3:09 PM | Permalink | Comments (23)

We are getting reports that the UK Mobile phone network O2 has launched a flawed new service called O2 Call Alert which sends you an SMS message telling you which number has tried to call you when your phone has been switched off or is out of signal range.

In theory

"If you miss a call, callers will hear a message telling them that their number will be sent to you via text message to let you know they called. If callers withhold their number you won't be sent a text and they'll be told to call again later"

Except, of course, that currently, a text message is sent, regardless of whether or not the phone calling you is set to withhold its Caller ID.

Seeemingly this errant behavior applies to witheld numbers from UK landlines as well as other UK mobile networks.

Does this privacy destroying "feature" also apply to unwanted SMS text message spam ? N.B. a lot of such SMS spam is sent from overseas networks, which means that there is usually no Caller ID.

Are landline or other mobile callers to O2 mobile phones being charged for these missed call text alerts, even when they should not be ?

"Callers to an O2CallAlert user will be charged as per their standard tariff rate for a mobile terminated call, unless their number is withheld (when they will not be charged for the call)."

Posted by at 1:24 PM | Permalink | Comments (0)

A new resource website has been launched called The Policy Laundering Project, set up by Privacy International, Statewatch and the American Civil Liberties Union which

"will monitor and influence the increasingly common formation of civil liberties-sensitive security policies through international organizations. "

e.g.
Communications surveillance
Travel surveillance
Identity documents
Terrorist watch lists
Migration and border controls
Security cooperation
Financial surveillance

All of these policy areas are being partially justified on the often spurious grounds that new/expensive/repressive national policies are called for, because of international agreements or treaty obligations.

These calls by "international institutions" such as the European Union, or United Nations etc. are very often not from neutral, independent bodies, but are the result of Policy Laundering, which have been heavily lobbied or influenced by the very same national governments trying to implement those policies, and seeking the fig leaf of international justification.
e.g. the UK Government's spurious claims about the requirements for Biometric Identifiers in Passports and ID Cards.

Posted by at 12:26 PM | Permalink | Comments (0)

The House of Lords is now debating and voting on the Prevention of Terrorism Bill, which has come back from the House of Commons, which to their shame, removed all the substantive Amendments that the Lords had voted in e.g. the "sunset clause" and the "standard of proof" and the having the same judicial process for the "non-derogating" Control Orders as for the "derogating" ("House Arrest") ones. The Lords seem to have re-introduced some of these Amendments, and the Bill is due to be sent back to the Commons.

How long will this Parliamentary "ping pong" continue for ? Potentially this could go on untill midnight tonight, but what then ? Will further time be taken out of the Parliamentary timetable which could affect other controversial Bills such as the Identity Cards Bill or the repressive clauses in the Serious Organised Crime Agency and Police Bill (e.g. making all offences arrestable which means that your fingerprints and DNA will be taken for even the most trivial offences which you may be accused of, and which will be retained forever even if you are innocent ?

Since the Parliamentary website cannot seem to keep up with publishing all the detailed amendments online, so that the public can see exactly what is being voted on at any one time e.g. it is completely unclear if the Lords amendment to remove the power of the Secretary of State to create arbitarary "non-derogating" Control Orders which are not spelled out on the face of the Bill, has been removed, or reinstated.

We therefore have to guess, that none of the points we have raised earlier have been discussed e.g. the effect of Control Orders on Children or on Criminal Records.

We question the whole concept of the practical effectiveness of "non-derogating" Control Orders.

How are we meant to be any safer if a supposed terrorist suspect is prohibited from using his own mobile phone ? What is to stop him or her from using their friend's phone or a public call box ? In order to ensure compliance such an order, he or she would need to be under constant 24/7 surveillance, as would all his friends and the whole area in which he or she happens to be in at any particular time.

Surely such scarce surveillance resources are better devoted to lawfully authorised covert surveillance of suspects, for intelligence purposes to find their accomplices and any weapons, explosives, illegal money , documents etc ? What possible intelligence can be derived from even a "guilty" terrorist suspect who has been "tipped off" by the fact that they have been served with a Control Order ?

Peter Hain, the Leader of the Commons has been wittering on about how the Prevention of Terrorism Bill would somehow be a protection from "suicide terrorists". Any people that our security services have identified as being actively involved in such a plot should never be served with Control Orders at all.

They should either be under constant 24/7 covert surveillance up to the point that say, explosives evidence can be found, and then they should be prosecuted in the normal way. If there is any prospect of any immediate danger, than the use of deadly force by the Anti-Terrorist Police or SAS etc. may be justified.

The Prime Minister has also uttered a spurious warning that somehow the "sunset clause" would encourage terrorists because the "temporary" nature of the legislation would be seen a being "weak".

Why this should have any influence whatsover on the hate filled death cults who threaten us, is a mystery.

Even if the terrorists attempt an atrocity in the UK during the Election Campaign, we hope that the British electorate will not believe that any of the democratic political parties are "weak on terrorism".

Posted by at 12:35 PM | Permalink | Comments (0)

Farid Hilali appeared in court again today, according to Reuters.

His case is of general interest because he is the first person in the United Kingdom who faces being extradited , in this case to Spain, under the new , allegedly more speedy, European Arrest Warrant.

This European Arrest Warrant extradition procedure has certainly lasted longer than the three months which it is supposed to take, as the original request from the Spanish authorities was issued in April 2004. His next hearing has been adjourned until April 21st 2005.

The case is also notable in that it seems to be entirely reliant on mobile phone communications data and intercept evidence in an alleged terrorism case.

The "Westminster village" of politicians and journalists have hardly managed to understand these types of technological "intelligence" or "evidence", what will they make of the fact that Hilali is claiming that it is a case of mistaken identity, and that the Spanish authorities are somehow "magically" relying on some unknown, unchallenged "voice analysis/comparison" technology to claim that he is the person who uttered some innocent/code phrase during a phone conversation with a senior Al-Queada suspeect in Spain, before the September 11th 2001 attacks ?

How exactly did the Spanish authorities get hold of voice samples of Farid Hilali in order to compare with their intercepted phone call recordings ? Were his conversations in Belmarsh recorded and handed over tot the Spanish authorities ?

For those of you using a search engine to look up "Farid Hilali" , note the number of other websites which spread the disinformation that since Hilali is wanted by Spanish authorities on terrorism charges, therfore he must somwhow be connected with the Madrid bomb attacks of 11th March 2004. However, since he was arrested on immigration charges in September 2003, and has been in custody in Belmarsh high security prison ever since, one would have thought that he had a cast iron alibi for the Madrid attacks, which appear to have been planned in January / February 2004.

Posted by at 5:06 PM | Permalink | Comments (0)

Home Secretary Charles Clarke has published the very controversial Prevention of Terrorism Bill

If you read the Bill, you will be struck by its complexity, and the over broad general powers it tries to grab for the Executive branch of Government.

You will be struck by how many of the terrorist related activities written in to this Bill are already crimes under the draconian Terrorism Act 2000.

e.g. Clause 1, subsection 8:

"(8) For the purposes of this Act involvement in terrorism-related activity is any one or more of the following— (a) the commission, preparation or instigation of acts of terrorism;

(b) conduct which facilitates the commission, preparation or instigation of such acts, or which is intended to do so;

(c) conduct which gives encouragement to the commission, preparation or instigation of such acts, or which is intended to do so;

(d) conduct which gives support or assistance to individuals who are
known or believed to be involved in terrorism-related activity;

and for the purposes of this subsection it is immaterial whether the acts of terrorism in question are specific acts of terrorism or acts of terrorism generally."

c.f. the briefing by Liberty Human Rights (.pdf) published before the Bill was made public.

Continue reading "Prevention of Terrorism Bill - "Control Orders" - the terrorists are laughing at us" »

Posted by at 11:03 PM | Permalink | Comments (0)

Peter Hain, the Leader of the House of Commons has announced an astonishingly compressed time table for the passage of the Government's extremely controversial "Control Orders" legislation, the Prevention of Terrorism Bill.

The Bill is to be introduced tomorrow Tuesday 22nd February, the Second Reading debate will be on Wednesday 23rd February and it will finish its Committee and Report and Third Reading stages all in one day on Monday 28th February 2005 !

Given that the Home Office have had over 3 years to come up with more satisfactory legislation to replace the poorly drafted and rushed Anti-Terrorism Crime and Security Act 2001, it is totally unacceptable to destroy our civil liberties and freedoms, not just for foreign terrorist suspects, but potentially for any British citizen, by introducing "Control Orders" which are not imposed by the Judicial system on the basis of actual testable evidence, but on the whim of a politician, acting on possibly illegal and secret and very often wrong or misinterpreted "intelligence".

Who cares if the Home Secretary Charles Clarke or the Prime Minister Tony Blair are actually decent honest people with a conscience, and could, perhaps, be trusted not to abuse this power ? That is not the problem.

The problem is that this law will be on the statute books for use by future elected dictators, and could just as easily be turned against you and your family as against the alleged Islamic terrorists who are currently the targets for the Government's mismangement of the terrorist menace.

For those of us who are already worried about the extraordinary powers which the Government has given itself under the controversial Emergency powers section of the Civil Contingencies Act 2004, which is meant to have Emergency Regulations reviewd by Parliament after 7 days, the extreme rapidity and "rubber stamp" nature of this "Prevention of Terrorism Bill" passing through the Commons in under 6 days (including the weekend), with only 2 days of actual debate, gives rise to actual fear and dread.

This is not a whinge about some notional "airy fairy" civil liberties concept, this is not a question of "being soft on terrorism", this is about the fundamental core beliefs which most people have taken for granted in British society. To undermine these is to let the terrorists win by default !

Posted by at 8:53 PM | Permalink | Comments (1) | TrackBacks (1)

The Independent on Sunday reports that the "Control Orders" political deal between the leaders of the Labour Government and the main Opposition parties the Conservatives and the Liberal Democrats failed to materialise on Friday.

More backroom wheeling and dealing seems to be set for today, and, apparently the "Control Orders" legislation is due to be announced tomorrow Tuesday 22nd February.

Since it seems that this legislation is going to be rushed through Parliament before the 14th March, all our usual doubts and fears arise again, about the prospect of yet another example of the evil way in which the Home Office abuses the English language, to grab infinite powers for itself, in legislation which Members of Parliament fail to scrutinise effectively.

If a Judge is to be trusted to "review" a "Control Order" case after 7 days, why on earth can't the Judge examine the "evidence" before granting a "Control Order" in the first place ?

We ask the question again, why is the "Westminster village" of politicians and journalists so keen to "restrict access to the internet or mobile phones" for terrorist suspects or their families, friends and associates ? Since these technologies are easier and cheaper to keep under legal surveillance, they should be encouraged to make more use of them, rather than being legally restricted from accessing them.

How could such a ban possibly be enforced anyway, without also having restrictions on movement and free association which would need to be enforced with the use of very expensive, 24/7 multi man teams of covert surveillance operatives, for each terrorist suspect ?

There must be no powers in this "Control Orders" legislation which would permit "speculative data trawling" or mandatory "data retention" of large numbers of innocent people's internet and phone communications data records (itemised bills, mobile phone cell locations etc.) under the pretence of enforcing such "Control Orders" against a few terrorist suspects.

We have pointed out before that "electronic tagging", whilst suitable for very low risk prisoners and as part of bail conditions for minor offences, is just not a suitable option for any violent or sex offender criminals who are highly motivated to re-offend. The enforcement of "no go zones" by electronic tagging is largely science fiction, and is no less illegal under the Human Rights Act than any other form of detention without trial.

If the Belmarsh or Guantanamo Bay detainees really are hardened highly motivated terrorists, then why would an "electronic tag" prevent them from commiting an atrocity ?

We await tommorrow's "Control Orders" legislation with a growing sense of resentment and a feeling of betrayal by those in the "Westminster village".

Posted by at 10:31 AM | Permalink | Comments (4)

This afternoon should see the scheduled meeting between the Labour party Prime Minister Tony Blair, the Home Secretary Charles Clarke and the main Opposition party leaders Michael Howard of the Conservatives and Charles Kennedy of the Liberal Democrats, to cut some sort of political deal over the proposed "Control Orders".

Home Office Minister of Staet for Crime Reduction, Policing, Community Safety and Counter-Terrorism Hazel Blears was quoted as saying that these "Control Orders", which would apply to everyone, including British citizens, could be used against "animal rights" extremists or right wing political extremists.

Home Secretary Charles Clarke, in oral evidence to the Home Affairs Committee contradicted this, and was careful to use the weasel words "international terrorist threat around al-Qaeda and its related organisations" which in this context is code for "we know that these 'Control Orders' could and should apply to terrorism across the Northern Ireland and and Republic of Ireland international border, but we do not want to complicate things by mentioning this"

The media have been hyping up the term "house arrest", which Charles Clarke has been careful to not to use.

No doubt Michael Howard and Charles Kennedy will be pressing for "intercept evidence" to be made admissable in UK courts.

The Home Office will no doubt continue to reject this, mainly because it appears that it would not have solved the dilemma of the Belmarsh detainees, against whom there does not seem to be enough "intercept evidence" to make any difference. Presumably the "intelligence" against them is mostly of the informer or dubious "torture" confession variety.

Some of the people in Belmarsh and some of those facing extradition to the USA are accused of supplying money or supplies (not weapons) to rebel groups in Chechnya. The Home Office still has not proscribed any terrorist organisations in Chechnya - why not ? How can "Control Orders" be applied to sympathisers of groups which are not illegal in the UK ?

It seems astonishing that the "Westminister Village" of politicians and journalists are seriously talking about restricting the use of mobile phones or the internet for suspected terrorists or, their families and supporters.

Surely these technologies are far easier and cheaper to keep under surveillance than "house arrest" or even prison detention ? The authorities should be positively encouraging terrorist suspects or supporters to make use of these technologies, not the reverse.

It is unclear to what extent friends, families and co-religionist worshipers at Mosques etc. will be tainted by and affected by "Control Orders" against terrorist suspects.

Any of the "range of measures" under the as yet unspecified "Control Orders" must be clearly defined and must only be applied, on the basis of actual evidence, by the judicial system, not by the Home Secretary or any other politician.

If Charles Kennedy and Michael Howard are serious about human rights and the proper way to fight terrorism, then they must reject Tony Blair and Charles Clarke's "Control Orders" regime entirely, and not be fobbed off with any half measures like judicial review after the "Control orders" have ruined the lives of the people they have been applied to, their families, friends and associates.

If you want to see how easy it is for innocent people to get onto "intelligence" lists of alleged terrorists or terrorist sympathisers, have a look at the list of alleged IRA members published on Cryptome, which has included various controversial lawyers and politicians who are definately not actual members of the IRA.

Posted by at 10:37 AM | Permalink | Comments (2)

Home Secretary Charles Clarke has announced in Parliament that he is planning to introduce legislation which will break Article 6 of the European Convention on Human Rights, the right to a fair trial as enshrined in the Human Rights Act 2000 which will apply to everyone in the UK, not just foreign terrorist suspects:

"ARTICLE 6
RIGHT TO A FAIR TRIAL
1. In the determination of his civil rights and obligations or of any criminal charge against him, everyone is entitled to a fair and public hearing within a reasonable time by an independent and impartial tribunal established by law. Judgment shall be pronounced publicly but the press and public may be excluded from all or part of the trial in the interest of morals, public order or national security in a democratic society, where the interests of juveniles or the protection of the private life of the parties so require, or to the extent strictly necessary in the opinion of the court in special circumstances where publicity would prejudice the interests of justice.

2. Everyone charged with a criminal offence shall be presumed innocent until proved guilty according to law.

3. Everyone charged with a criminal offence has the following minimum rights:

(a) to be informed promptly, in a language which he understands and in detail, of the nature and cause of the accusation against him;
(b) to have adequate time and facilities for the preparation of his defence;
(c) to defend himself in person or through legal assistance of his own choosing or, if he has not sufficient means to pay for legal assistance, to be given it free when the interests of justice so require;
(d) to examine or have examined witnesses against him and to obtain the attendance and examination of witnesses on his behalf under the same conditions as witnesses against him;
(e) to have the free assistance of an interpreter if he cannot understand or speak the language used in court."

The plan seems to be to allow a "whole range" of measures under a regime of Control Orders which could include house arrest, electronic tagging, denial of telephony or internet access, denial of association with some as yet unspecified people etc., all without actully having to present any evidence to a court. The whole point of having to go through a legal court procedure is precisely so that politicians and faceless petty officials cannot impose ever changing Kafkaesque rules and regulations which cannot be challenged by the defendant.

The 60th Anniversary of the liberation of the Auschwitz extermination camp brings to mind the quotation from Pastor Martin Niemoller, who was locked up in the Dachau and Sachsenhausen concentration camps:

"First they came for the Jews
and I did not speak out, because I was not a Jew.
Then they came for the communists
and I did not speak out, because I was not a communist.
Then they came for the trade unionists
and I did not speak out, because I was not a trade unionist.
Then they came for me
and there was no one left to speak out for me."

How can this Labour Government introduce such a fundamental attack on the the principle of Habeas Corpus ? The end does not justify the means.

We oppose the use of electronic tagging which leads to the early release from prison of any Violent or Sexual offenders who are highly motivated or driven to break their bail conditions. The technology of Mobile Phones and Global Positioning Satellite units simply cannot produce foolproof "no-go zone" monitoring for such people. Terrorist suspects, must surely also come into this category, unless the plan is to extend this beyond actual suspects, to say, their friends, families and associates. This only succeeds in creating more active terrorists out of passive sympathisers, just like it did with Internment in Northern Ireland.

Fixed line phone based electronic tagging can be used for "house arrest", but how is that any more acceptable in a democracy when it is imposed at the whim of a politician, rather than by the legal system of courts, after due consideration of all the evidence ?

Continue reading "Charles Clarke announces "Control Orders" for British citizens; no change in the use of intercept evidence" »

Posted by at 1:18 PM | Permalink | Comments (0) | TrackBacks (2)

We have had a reply to our first Freedom of Information Act 2000 request to Ofcom, for a copy of the Mobile Phone Location Based Services Code of Practice, after only 8 working days.

Ofcom deny participating in drawing up this Code of Practice. Why was Ofcom, the Mobile Phone Industry regulator not involved in even any discussions about a Mobile Phone Industry Code of Practice covering such a sensitive and controversial issues like the privacy and safety of children.

We have been pointed to what seems to be a .pdf copy of this Code of Practice, however, we are not sure that this version was intended for publication, as it is not on the official website of any of the organisations involved in drawing it up.

Posted by at 7:15 PM | Permalink | Comments (0)

The techie end of the so called "blogosphere" is full of suggestions, following the Indian Ocean tsunami disaster along the lines of: "wouldn't it be a good idea if we set up an GSM Mobile phone Short Message Service (SMS) Disaster Warning Alert System ?"

e.g.
James Cascio at WorldChanging

Howard Rheingold at Smartmobs,

Julian Bond at Voidstar

Leaving aside the whole question of actually getting enough warning data and disseminating it at the international or governmental level, in time to evacuate thousands or millions of people, the discussion is touching upon the suggested use of SMS as a mechanism for distributing pre-disaster emergency alerts, in the hope that some lives could have been saved.

There are lots of problems with this whole concept - do not do it!

Some people have even set up such a system, in the aftermath of the disaster in Sri Lanka e.g. the Alert Retrieval Cache, which illustrates exactly how not to create such an SMS warning system by publishing people's private mobile phone numbers on the world wide web which can then be abused by spammers and other criminals.

The "filtering" of "too many test requests" is simply based on the +94 prefix for Sri Lanka, or the +66 prefix for Thailand, which can be easily forged in an SMS message. There can be no way for the operators of this "do it yourself" SMS warning system, since they are not actually telecomms operators, to get real Cell ID Location Based Data to verify the approximate physical locations of these handsets.

Continue reading "SMS disaster alert and warning systems - don't do it !" »

Posted by at 11:24 AM | Permalink | Comments (5) | TrackBacks (2)

A Civil Contingencies Act Consultation was announced last Thursday by Cabinet office Minister Ruth Kelly.

This is not where the infinite Henry VIII powers of the Civil Contingencies Act 2004 which the Government have grabbed for themselves, and, potentially, for future elected diictatorships,under Part 2 of the Act is tempered by publlic consultation, or at least "stakeholder" consuultation.

Unless the various "first responder" organisations have a reasonable ide of what the Emergency Regulations are likely to look like, they cannot plan for emergencies, so it makes sense that some sort of plans should made against various possible disaster scenarios, so that some sort of response can be mounted very rapidly.

Why this consultation process was not completed before the Act was passed is a mystery.

Nevertheless, there are some hugely important questions to be asked of your local authority, police, fire and emergency services, national health trusts etc. etc. with regard to just what planning if any they have done, and how much money , if aany, has been spent on Civil Defence.

There is also the question of exactly what private data and information about you e.g. medical records, internet and telecomms traffic data etc. the "first responders" and the "second responders" will be forced to share with other bodies, without your express permission, for "emergency planning" purposes.

Have a look at:

Consultation Document (.pdf)

Draft Regulations (.pdf)

More consultation documents etc. can be found at on the UK Resilience website

The 12 week consultation period closes on 3rd March 2005.

"A response can be submitted by letter or,
preferably, by e-mail:

Civil Contingencies Act Regulations and Guidance Consultation,
Second Floor,
10 Great George Street,
London,
SW1P 3AE

ccact@cabinet-office.x.gsi.gov.uk"

Posted by at 5:56 PM | Permalink | Comments (0)

The European Union Council of Ministers held its 2626th Council Meeting on Justice and Home Affairs in Brussels, on 2 December 2004.

The 24 page press release (.pdf) waffles about various general reports and plans e.g.

"EUROPEAN EVIDENCE WARRANT

We hope that UK and EU politicians will be reminded of the international jurisdictional and sovereignty issues highlighted by the Indymedia server seizure scandal this October.

EXCHANGE OF INFORMATION EXTRACTED FROM THE CRIMINAL RECORDS

LOST OR STOLEN PASSPORTS"

These Data Retention plans should be controversial, in that they now seem to be going even further than the draconian United Kingdom plans, which were not debated in Parliament , but which were smuggled in to the Part 11. Retention of Communications Data of the Anti-terrorism, Crime and Security Act 2001

The European Union Council of Ministers are planning to force communications service providers to retain data which they do not normally retain or process for billing purposes etc. , for all types of crime, not just terrorism.

This goes well beyond even the UK's unsuccessful attempts to get the communications industry to cooperate and pay for data retention of log files etc. for which they no longer have a commercial use for, and is in direct in contravention of the Principles of Data Protection.

Just to be clear, Data Retention means trawling through the private data of the innocent majority of people, rather than focussing on the data of suspects or criminals where there is some reasonable suspicion of criminal activity.

In addition to the police state mentality of these proposals, the "justice ministers" seem to be unwilling to actually pay from their own budgets, for the vast expense of creating new IT computer systems to log and retain data, which, in many cases do not exist at present, as there is no valid commercial reason for exisiting telecommunications and internet companies to do so.

As this meeting is composed only of civil servants and justice or police ministers, someone should try to educate them on the technical and commercial facts of life and the huge bureacracratic and financial cost implications of their ideas, before they inflict them on us.

"DATA RETENTION BY TELECOMMUNICATION SERVICE PROVIDERS

Continue reading "European Union Data Retention - even more draconian plans for flat rate services etc." »

Posted by at 11:54 AM | Permalink | Comments (4)

Transcript and comments about Home Secretary David Blunkett's interview on the Jonathan Dimbleby Programme, broadcast on ITV 13:15. Sunday 21st November 2004

This interview with Home Secretary David Blunkett flies several important political kites ahead of the Queen's Speech on Tuesday 23rd November 2004, and the anticipated General Election probably in May 2005.

Unfortunately, just as with the old Soviet Kremlin, due to the heavy spin and public relations techniques which are such a feature of the New Labour government, one has to try to understand the code words and jargon which the Home Secretary uses. It is often what he does not say which is as important as his latest speeche or interview.

The extremely controversial plans for Biometric Compulsory ID Cards and a Centralised Database, are bad enough, and are opposed by the umbrella group the NO2ID campaign.

As yet, the other measures, which in our view, and that of many others, from all politicial parties, is that the Home Secretary David Blunkett and the Prime Minister Tony Blair, are shifting the delicate balance between authoritarian police surveillance state, and our traditional liberties and freedoms, allegedly in the name of Security, but also, very obviously, simply to try to outflank the Conservative and Liberal Democrat opposition parties, in the run up to the General Election.

The programme also has an interview with Sir Stephen Lander, the former Director General of MI5 the Security Service, and now the Chair of the soon to be established Serious Organised Crime Agency, SOCA, which, judging from our web server statistics, is a popular search term.

We have transcribed and commented on, this ITV TV interview, which should really have been made available as a written statement to Parliament, and therefore be freely searchable via world wide web search engines.

There are four major sections of the interview:

1. Terrorism Hope or Fear
2. Compulsory Identity Cards and a Centralised Biometric Database
3. Anti-Social Behavior Orders ASBOs
4. Serious Organised Crime Agency SOCA and Wiretaps

The full transcript of the text of the interview, and our comments are rather too long for a Blog posting, so we have made a separate web page here

Various other news staories have been built by the rival media outlets , based on this interview e.g. John Lettice's piece in The Register

Posted by at 11:15 AM | Permalink | Comments (5)

The Home Secretary David Blunkett still seems to be dithering about the possible use of "intercept evidence" in terrorist trials, according to his remarks in Parliament on Monday 15th November 2004:

"Patrick Mercer (Newark) (Con): My right hon. and learned Friend the Member for Sleaford and North Hykeham (Mr. Hogg) has argued much more eloquently than I could that the holding of those individuals is not only wrong but unjust. Does the Secretary of State accept that every day that those men are detained, they act as a focus for further unrest? One way around that might be to adopt a more thoughtful approach towards evidence. Can he tell us when it will be possible to use intercept intelligence as evidence in court?

Mr. Blunkett: The hon. Gentleman has made an excellent case as to why he should never be the homeland security tsar for Britain, because discontent regarding the individuals who are held does not exist."

No discontent ? Perhaps the Home Secretary David Blunkett has not been "in touch" with the protests from the Muslim community in the UK

"If we released them and they continued to pose a risk and colluded on attacks in this country, the unrest at that moment in time would exceed anything that we have experienced here before. Of course, we are prepared to continue examining inceptors' evidence, and we are currently taking the advice of all the security and policing services. Once we have done so, we will make an announcement to the House, but we do not have a panacea for dealing with the problem, at the root of which is admissibility and the nature of the evidence, not the question of whether supporting intercept evidence has been provided."

He originally punted the idea of relaxing the Regulation of Investigatory Powers Act 2000 law which forbids the use of UK phone taps or email inccterceptions or snail mail postal interceptions as evidence in a British court, restricting such use to intelligence gathering operations, not from a sense of protecting our civil liberties, but more from a wish to prevent the methods and sources used by the security, intelligence and police authorities from being reveled in public. The notorious example of the USA authorities trumpeting of the interception Osama bin Laden's satellite phone, even publishing the actual phone number in open court, was a huge blunder.

However, presumably in order to wriggle out of the dilemma of his own making, caused by the detention without trial of some foreign born terrorist suspects in Belmarsh prison under Part 4 of the draconian Anti-terrorism, Crime and Security Act 2001 David Blunkett, apparently supported by both the Opposition Liberal Democrat and Conservative Home Affairs spokesmen, still seems to be thinking about the possible use of "intercept evidence" as a way of bringing these suspects to trial in the UK. This idea seems to have crytallised during his trip to India and Pakistan in February 2004, where he appeared to be announcing major changes to the legal system to the UK media, before bothering to inform Parliament of them.

David Blunkett has not initiated any discussions or consultations about the use of intercept intelligence against British citizens in extradition proceedings either to the USA under the Extradition Act 2003 or to the new European Arrest Warrant to another EU country. Why is foreign intercept intelligence permissable as evidence in a UK court, but UK intercept intelligence is not ? Or is it being allowed in extradition hearings only ? c.f. the cases of Farid Hilali, Babar Ahmad and the notorious Abu Hamza al Masri (who also now faces some different UK charges) which we have commented on.

Posted by at 10:50 AM | Permalink | Comments (0)

The Daily Telegraph reports that the privatefee paying school Sunnybank Preparatory School, Burnley, Lancashire, is webcasting classroom surveillance videos onto the Internet

"Pupils at Sunnybank Preparatory School, Burnley, are filmed in their classrooms from the moment they start school to the moment they leave.

Parents can monitor their children in class via a webcam

Their parents can monitor their progress at any time of the day by logging on to a secure internet site. The system shows the school in real time, but recordings of specific events, good or bad, can be retrieved and saved on CDs."

We look forward to reading the entry for

Sunnybank Preparatory School
171-173 Manchester Rd,
Burnley,
Lancashire
BB114HR

on the register of Data Controllers regulated under the Data Protection Act.
c.f. the Search Form for the Register of Data Controllers.

Currently this electronic surveillance system does not seem to be registered, when obviously it should be, given that it involves personal digital data about children.

Presumanbly the teachers and other staff working at the school have the appropriate Criminal Records Bureau checks and Department of Education List 99 blacklist checks,.

However, as we have asserted in the past with ChildLocate and other systems which track vulnerable children, these checks also need to be applied to all the IT staff at the system suppliers and the Internet Service Provider who may have root or systems administrator access to the allegedly "secure website" from which these pictures of young children are being webcast.

What provision to opt out of this surveillance system is there for parents who object to their children being under remote surveillance by other parents or other relatives, some of them outside of the UK ?

Is there an audit trail of who views what and when ?

Posted by at 5:36 PM | Permalink | Comments (0)

According to Saturday's report in The Guardian newspaper, there is now a Code of Practice regarding GSM Mobile Phone Location Based Services.

"The code of practice has been drawn up by the five British mobile networks in conjunction with the Home Office, police and children's charities. It also allows firms to sell services based on data that locates the position of a mobile user"

We have been worried about these, especially the ones aimed specifically at tracking Childrean or vulnerable adults e.g. old people with Alzheimer's disease etc. for over a year now.

Our worry, and that of children's charities is that these Mobile Phone tracking services are not very secure, and could be exploited by stalkers, kidnappers etc. c.f. our "Security and Child Safety concerns over the ChildLocate Mobile Phone Tracking Service"

Our fears remain, given a number of breaches of security that we are aware of at the companies qwhich run these services, and the inherent technical insecurity of Mobile Phone Short Message Service, which is not secure enough for minor financial transactions using a credit card, let alone secure enough to protect a vulnerable child or adult from evil people.

We are also sceptical about just how accurate these GSM Location Based Services are away from the major cities, where the density of Mobile Phone Cell transmitters can mean that, as was shown in the notorious Soham murders case, the Location revealed by a mobile phone can easily be misleadingly inaccurate by several kilometres, 8 kilometres (5 miles) in the Soham case, and potentialy up to 35 kilometres - a disaster for anybody conducting a search for a missing child.

We look forward to reading the Code of Practice, which does not yet seem to be available online, as we have several questions, e.g.

• Does the COP also apply to 3GPP phones as well as GSM ones ?
  
• What is the minimum frequency of SMS messages revealing that a particular phone is being tracked ?
  
• Are these reminder messages sent at fixed times or randomly ?
  
• Is the use of SSL/TLS session encryption for the web site mapping and SMS message sending side of the operations mandatory ?
  
• How frequent are Independent Security Audits of these tracking systems ?
  
• Have all the technical staff who have privilged access to the details and locations of children been checked as if they were employed in a school, via the Criminal Records Bureau ?
  
• What sanctions are there to enforce this Code of Practice ? Or is this just another toothless "Press Complaints Commission" type sop to the public ?

Email us or leave a comment here if you have access to a copy of the Code of Practice, which does not currently appear on the industry regulatory body Ofcom, or the Home Office or the Mobile Phone Network corporate websites.

Posted by at 12:17 PM | Permalink | Comments (41) | TrackBacks (2)

During the Cold War, every nuance uttered by the Soviet Politburo was analysed for what it "really" meant by pundits versed in the black arts of "Kremlinology". Similar techniques need to be applied to the utterances of Home Secretary David Blunkett i.e. "Blunkettology".or "HomeOfficeOlogy"

Home Secretary David Blunkett made a speech today to the Police Superintendents? Association Annual Conference in Warwick.

He mentioned Yet Another Initiative, the Policing Bureaucracy Gateway to attempt to counter the seemingly inevitable red tape and form filling which the Home Office and Police seem to be so fond of. He claimed that there were some 7,000 different forms in use by the 43 Police forces in England and Wales (there are actually more Police forces than this if you also count those in Scotland, the UK Atomic Energy Police, the Ministry of Defence Police, the British Transport Police etc.)

Will the Policing Bureaucracy Gateway simply send out more forms or questionnaires asking about the number and types of forms and questionnaires which each police officier or civil servant has to fill in ?

Presumably the use of the word "Gateway" in this context is Home Office NewSpeak derived from the Her Majesty's Treasury Office of Government Commerce Gateway Reviews ^TM of major projects. So "Gateway" is now meant to be misunderstood as an "OGC Gateway Review" style process, not to be confused with a legislative "Gateway" which is the legal authority for Government Departments to abuse our privacy by sharing otherwise private data between each other e.g. Inland Revenue tax data etc. brought in by the Anti-terrorism, Crime and Security Act 2001 etc. The results of such OGC Gateway Reviews are invariably kept secret from the public and even from Select Committees of Parliament.

This "Gateway" should not, of course, be confused with the Government Gateway which is an e-government registration and neutral transaction gateway/portal between different Government Departments, and with some of the General Public. N.B. the Compulsory Biometric ID Cards that David Blunkett is so keen on will not be sufficient for you to pay your taxes online etc. via this Government Gateway, since Biometrics cannot be trusted via the Internet, and the Home Office has failed to to understand the concept Digital Certificates, which are part of modern ID Card schemes in other countries e.g. Belgium or Sweden.

David Blunkett specifically mentioned the Regulation of Investigatory Powers Act 2000, as generating a lot of red tape, and implied that he would be making it easier to keep known criminals under surveillance, presumably by weakening the existing accountability and safeguards which exist under this horribly complicated legislation.

The complexities of RIPA are entirely the fault of the Home Office, under the direction of Jack Straw, David Blunkett's predecessor as Labour Home Secretary. Some of it is so complicated and unworkable, that for example, Part III, which deals with the forced seizure of encryption keys etc. still has not been brought into force 4 years after the legislation was passed into law.

Combined with David Blunkett's apparent approval of plans to use CCTV surveillance spy cameras to watch potential fox hunting routes in the countryside, and his ruminations about allowing the use of telephone intercepts etc. as evidence in court (something which the Home Office expressly forbad when it drafted the Regulation of Investigatory Powers Act). our guess is that RIPA is likely to be amended in this Parliamentary session.

Posted by at 1:14 PM | Permalink | Comments (3)

Abu Hamza al Masri, the controversial Muslim cleric has been "de-arrested" under the Terrorism Act 2000, according to a BBC report.

He is still in custody facing extradition to the USA, on charges mostly relating to alleged activities in Yemen.

This is now the second time that Abu Hamza has been arrested, questioned and "de-arrested" under the Terrorism Act, once regarding Yemen, and this time regarding his alleged activities in the UK.

Was this a desparate attempt by the UK authorities to pin something on this unpopular and misguided man, before a British court has to throw out the USA extradition request on the grounds of no admissable evidence, no jurisdiction, the possability of a death penalty, and the certainty of an unfair trial in the USA ?

If, despite the presumably round the clock surveillance of Abu Hamza, the UK authorities or the tabloid newspapers still have not found any real evidence against him, then his arrest looks to be even more of a mistake than it did initially.

All that the authorities have achieved is to give Abu Hamza a lot of free publicity that he would otherwise never have got, and to look like a martyr to his supporters, increasing the likelyhood that some of them will be tempted into becoming terrorists themselves.

Posted by at 3:38 AM | Permalink | Comments (0)

Ok, just for those nice people from a particular public sector organisation, who keep regularly searching Google for "Serious Organised Crime Agency" links, here is a slightly belated comment on the Home Office press release which announced the appointment of Sir Stephen Lander as the new Chair and of Bill Hughes (formerly Director General of the National Crime Squad) as the new Director General, effective from September 2004, even though SOCA will not be operational until 1st April 2006.

Sir Stephen, who retired as the Director General of the Security Service MI5 in 2002, has been a non-executive director of Northgate Information Solutions and a strategic advisor to the "internet security product" startup being set up by the IT consultancy Detica. Both of these companies have substantial IT consultancy and outsourcing contracts with the secret bits of the UK Government.

So who runs the National Crime Squad etc. for the next 18 months ? Will all the experienced officers and technical support staff from the National Crime Squad, from the National Criminal Intelligence Service and from the Her Majesty's Customs and Excise investigations departments etc. end up having to effectively re-apply for their old jobs, with all that implies for loss of morale and reduced operational efficiency, which is so common in large organisational mergers ?

Is the Home Office really capable of the change management and "business process re-engineering" needed, to do this smoothly, or will this be farmed out to the usual suspects amongst the Big Consultancies, a process which inevitably seems to add months to the decision making process about who will still have a job in the new Agency, and to a brain drain of the best people ?

Presumably the "serious organised criminals" will continue to operate in the meantime.

Nowhere have we seen any mention of any independent oversight and complaints procedure which can investigate worries and complaints about the new agency from members of the public.

Continue reading "Serious Organised Crime Agency appointments" »

Posted by at 5:53 PM | Permalink | Comments (21) | TrackBacks (1)

The full text of the US Government indictment against Babar Ahmad (.pdf), the British IT support person at Imperial College in London, who is in the process of being extradited to the USA, rather than being put on trial here in the UK, makes interesting reading.

It seems to show that Babar Ahmad paid for and administered the "Azzam Publications" website, hosted in the USA, which ran a bulletiin board discussion forum, in which alleged Islamic fundamentalists discussed support for the Taleban in Afghanistan and the groups fighting for the independence of Chechnya from Russia.

It is hard to see how any of this was illegal in the UK, or even the USA, back in the late 1990's, before September 11th 2001.

Neither the Taleban nor the particular group of Chechen rebels were proscribed terrorist organisations at the time. Even today, for some unfathomable reason or other, they are not on the list of proscribed terrorist groups published by the Home Office i.e. it is not illegal to support them with money for "humanitarian relief" or "charitable" purposes etc.

There is nothing in the indictment which alleges that the Azzam Publications website actually collected any money online through credit cards, PayPal etc. or that any that Babar Ahmad was actually sending any money to Chechnya or Afghanistan himself.

There may well have been illegal activities by the people who used the Azzam Publications website and email accounts e.g. someone actually in the USA (not Babar Ahmad himself) sending money to Afghanistan, which was under economic sanctions put in place by President Clinton in 1999.

It is clear from the indictment, that despite Babar Ahmad working in IT support, he did not hack in to US Navy systems to obtain a classified US Navy document, as some of the media hype has given the impression.

The "accurate", but rapidly out of date information, circa April 2001, in his possession about the composition of a "US Navy battle group" patrolling the Persian Gulf, and its continued vulnerability to attacks like that on the USS Cole, came, apparently, from some emails from an "enlisted serviceman" on a US Navy warship, the USS Benfold. The fate of this individual, is deliberately not made clear in the indictment. Is he now being held in Guantanamo Bay without trial or is he facing a proper court martial ? Was this all a false "intelligence" entrapment operation, or an amateur attempt to try to contact Islamic fundamentalists by a bored US Navy serviceman ?

If this "US Navy enlisted serviceman" is not available to be questioned in person as a witness in court, then any charges against Babar Ahmad regarding this alleged "Naval intelligence" must be unfair, since an email can be so easily faked, even one in which was allegedly sent from the actual USS Benfold itself, hardly the action of a trained spy or terrorist.

Why did the UK and USA authorities not simply continue to monitor the website and email traffic rather than arrest Babar Ahmad ? After all, this had already uncovered a security risk on active service aboard a US warship.

The interesting part of the indictment, from the point of view of those people like ourselves who value our privacy is the use of Pretty Good Privacy (PGP) encryption by Babar Ahmad.

It seems that a PGP private signing keyring and a public encryption keyring were recovered from Babar Ahmad's computers seized in his office at Imperial College.

The indictment tries to paint the use of a PGP keyring and digital signature with respect to the domain registration details for the Azzam Publications website as something sinister, when in fact it is a standard security feature used to prevent the hijacking of .com domain names by people who forge faxes , letterheads and emails, purporting to come from the true owners of a domain name.

There is no mention in the indictment of any actual PGP encrypted emails to and from Babar Ahmad.

There is mention of a PGP Disk volume, which seems to have been decrypted and deleted directories and files recovered, which were postings and pages which had been published on the Azzam Publications website using the website design and upload tool Dreamweaver i.e. they had already been made public to the whole internet.

There is no mention of whether or not Babar Ahmad supplied the PGP passphrase to decrypt the PGP Disk volume or if brute force or dictionary attack or other methods were used.

The legal situation regarding the seizure of encryption keys in the UK is still unsatisfactory, because, even though this area is addressed in Part III "Investigation of electronic data protected by encryption etc." of the Regulation of Investigatory Powers Act 2000, this part of the Act has still not yet been brought into force, nearly 4 years after it was passed into law.

Given that Babar Ahmad was arrested in December 2003 under the Terrorism Act, and was released without charge, is this extradition to the USA simply an exercise in "jurisdiction shopping" in order to convict a British citizen of activities which are not actually illegal in the United Kingdom ?

We do not support either the Taleban or Chechen rebels, but they do not really represent a military or terrorist threat to the United Kingdom, a view which seems to be borne out by the Home Office, which does not bother to list them as proscribed terrorist organisations.

Posted by at 11:36 AM | Permalink | Comments (8) | TrackBacks (1)

The weekend media have been adding to the detailed leaks, spin and hype surrounding the arrest in Pakistan of the alleged Al Queda "computer communications expert" Mohammed Naeem Noor Khan.

Unanswered questions:

Was Khan tortured into cooperating with the Pakistani authorities, bearing in mind that Pakistan is a military dictatorship ?

Was Khan in fact a double agent prior to his arrest ?

Will the UK be trying to extradite Khan from Pakistan ?

How can the Pakistani authorities be sure that by "persuading" Khan to continue to send emails to his alleged AL-Quaeda contacts, he was not in fact transmitting or omitting to transmit a duress code tipping them off that he was under arrest ?

Why were the details of Khan's arrest and apparent cooperation leaked to the media ? All that this has done, especially in relation to the alleged plot against Heathrow Airport, is to spread terror and fear. There does not seem to be any evidence of any attempts to procure actual weapons, explosives, airside security passes etc.

Why is an alleged "linchpin" of the Al Queda communications network actually involved in the physical reconnaissance of potential targets ? Is Al Queda really so short staffed ?

This all obviously seems to have panicked the UK authorities into a series of arrests of terrorist suspects, during the daytime, rather than at dawn. Allegedly 5 suspects have escaped the dragnet.

Perhaps the Pakistanic "intelligence leaks" were actually by Al Quaeda sympathisers, intending to tip off the rest of the organisation about the arrests?

Perhaps some bright spark thought that leaking this news would somehow magically "disrupt" current terrorist operations ?

Astonishingly, the Sunday Times is also claiming that the house which was raided in Willseden where the alleged key Al Queda operative in the UK was arrested, still contained two briefcases full of relevant documents, after the Police raided it.

"Suicide bomber files found in flat"

"Documents found inside a flat that was raided last week by police looking for terrorists show that two of the occupants had been trained by extremist Palestinian groups. They included a would-be suicide bomber who had fled to Britain.
The documents were found by Sunday Times reporters in two briefcases that had been left by police forensic teams which searched the house in Willesden Green, northwest London. Among the papers was a picture of a man dressed in military fatigues cradling an AK-47 assault rifle and letters written on notepaper headed ?Al Quds Brigade?, a Middle East terror group.

They included a copy of a statement sent to the Home Office by a failed asylum seeker claiming he had trained as a suicide bomber with the radical group Hamas"

Perhaps the importance of Khan is being deliberatly exaggerated, this is an election year in the USA and in the UK, after all.

The impression that the leaked reports to the media gives, is that the current Al Queda suspects in custody, actually seem to be quite inept when it comes to mobile phone communications and internet communications security, but will they always remain so in the future ?

Continue reading "Al Quaeda arrests in UK and Pakistan - more suspicious details leak" »

Posted by at 2:40 AM | Permalink | Comments (5) | TrackBacks (1)

Thanks again to the new MI5 website's What's New section which also brought our attention the publication last week of the of the annual Report of the Interception of Communications Commissioner for 2003 to the Prime Minister by the Rt.Hon Sir Swinton Thomas.

Some civil rights activists have doubted the very existance of Sir Swinton Thomas, who keeps a very low public profile, when part of his job should be to re-assure the public and to investigate their complaints of possible abuses. Hiding from the public, with well publicised methods of contacting him (unlike, for rxample the Information Commissioner or the Surveillance Commissioner, who have public websites and contact details)

Nevertheless there are some interesting points in his report e.g.

Continue reading "Report of the Interception of Communications Commissioner for 2003 - Sir Swinton Thomas" »

Posted by at 12:51 PM | Permalink | Comments (0)

Farid Hilali, who is the first person who is being extradited under the new European Arrest Warrant, actually appeared at Bow Street Magistrates Court yesterday,

This new extradition procedure should be under microscopic scrutiny by the media and others, since the reported "evidence" against Hilali seems to be vague and circumstantial, and some of it should be inadmissible under current laws.

According to various reports and Press Association reports

"Farid Hilali, 35, phoned Imad Eddin Barakat Yarkas, who is suspected of leading an al-Qaeda cell in Spain, a few weeks before the attacks on the US, said a prosecutor, James Lewis. He was speaking at Bow Street magistrates' court in London for the Spanish government in its effort to extradite Hilali from the UK.

Hilali allegedly spoke to Yarkas after the attacks of being "sick," code for under police surveillance, the prosecutor said. "

This is hardly smoking gun stuff, with no actual mention of anything illegal, or of a particular target. How can it actually be proven that the word "sick" did have the meaning attributed to it ?

"The arrest warrant claims Hilali is participating 'in a commando (group) that is being trained on aircrafts, a few days before the attacks of 11 September, 2001' and he directed al Qaida activities.

The court also heard of a wedding video seized in Germany, also implicating Hilali through his connection with Yarkas. "

A wedding video is unlikely to have recorded any actual illegal plotting. All that it might establish is that some people might have met each other. That is not evidence of a crime.

Judge Timothy Workman remanded the suspect in prison until a further hearing on July 29.

The extradition case is expected to be decided some time in September.

June until September does not seem to be a very "fast track" extradition procedure.

Questions which should be answered before this European Arrest Warrant Extradition is permitted:

Continue reading "Farid Hilali in court - unanswered questions" »

Posted by at 2:37 PM | Permalink | Comments (1)

Then the Lord said to Cain, 'Where is your brother Abel ?' Cain answered 'I do not know. Am I my brother's keeper ?' Genesis chapter 4, verse 9

Should your own personal DNA be used to try to prove guilt by association for a crime by one of your relatives, which occurs in a foreign country, and over which you have no control ?

Sould copies of emails on your computer (which are so trivially easy to edit or forge undetectably) be the only direct "evidence" against you, even though the intercepted content of emails , whilst allowed for intelligence purposes, is forbidden to be used as evidence in court under the incredibly convoluted sections 17 and 18 of the Regulation of Investigatory Powers Act 2000:

"no evidence shall be adduced, question asked, assertion or disclosure made or other thing done in, for the purposes of or in connection with any legal proceedings"

Consider the very strange case of the failed British suicide bomber Omar Khan Sharif, and the accusations against his family:

Continue reading "Are you your Brother's Keeper ? DNA and email guilt by association" »

Posted by at 6:42 PM | Permalink | Comments (0)

A new mobile phone service has been launched called SafetyText aimed at providing a delayed and/or cancellable SMS text message service for young people who are out on the town etc. but who do not want to notify their parents or "buddys" etc. unless they go missing.

The father of Lucie Blackman, the ex-airline stewardess who was murdered in Japan seems to be involved in this venture.

This "buddy list" technology has obvious dangers which the similar Location Based Services suppliers have been held back from exploiting in the UK through the secret Code of Conduct (email us if this is actually available to the public anywhere) which the Mobile Phone Networks seem to have agreed to.

Our worries about the service revolve around the "Personal Profile"

"Everyone who registers with SafetyText is asked to complete an optional private page, which is his or her Personal Profile. This page will contain lots of information about an individual, from their hair colour to where they hang out. They are also asked for information about contact details for their friends. You can also save a photo of yourself on the page. All this information would be available to police if you were reported missing. (NB this information held on a secure server and cannot be accessed by anyone). "

This personal profile database is a tempting target for stalkers and kidnappers - it needs the highest levels of protection available.

Where child safety is concerned, it is not enough for commercial services simply to claim that their systems are secure.

What assurance is there that the SafetyText "secure servers" are not vulnerable to SQL Injection attacks via their poorly designed web forms and database input validation scripts, like those which have been reported to us as having compromised the security of more than one of the Location Based Data service suppliers ?

There are similarities with the ChildLocate service when it was launched last September.

We criticised ChildLocate and its commercial rivals (many of which seem to be "white label" services which can be "re-branded" by various marketing companies, as can SafetyText) for not having registered under the Data Protection Act.

Search the Data Protection Register for

SafetyText Ltd
14 Belvedere Street
Ryde Isle of Wight PO33 2JW
GB
admin@safetytext.com
Company Registration Number 5116628

or even for their "white label" text message supplier SendMyText Ltd

SendMyTxt UK
CAD House
68 Windmill Road
Croydon Surrey CR0 2XE
GB
Tel +44 (0)870 141 7200
Fax +44 (0)870 141 7201
Email info@sendmytxt.co.uk

Any of these details by name, by post code etc. come up blank on the Data Protection Register search.

If these companies have registered, then they should at least be showing their temporary Data Protection registration refence number, like ChildLocate did once they had been prompted.

Any service aimed at child safety or parent reassurance should have sorted out their DPA registration before launching their service to the media and public.

We also criticised the Location Based Data service companies for giving no indication of whether or not the people with administrator access to their so called "secure servers" and infrastructure had passed even the minimal checks required for anyone with access to children through the Criminal Records Bureau

It is not good enough to claim that such checks are unecessary, it is fears and reassurance about child safety that they are using to market their services, so they should be seen to be taking every possible precaution, which they are failing to do.

Exactly the same criticisms can be made of SafetyText.

Posted by at 11:53 AM | Permalink | Comments (0)

It looks like Farid Hilali has now made his Bow Street Magistrate's court appearance by video link from Belmarsh prison, as did Abu Hamza.

Considering that all the "evidence" against them seems to be entirely electronic, it seems strange that they do not even get to be brought before a "real world" court in the UK (presumably they will face these once they are extradited).

The relevant legislation seems to be the Crime and Disorder Act 1998, section 57 together with the Prison Service Order 1030

Although there are rules for prison staff to move out of earshot, but not out of sight of the defendant and his legal team, during privileged conversations, the regulations do not seem to say that any video recording (with sound) actually has to be switched off as well. How can a defendent or lawyer actually tell if this is the case ?

Posted by at 11:52 PM | Permalink | Comments (0)

The Farid Hilali story in the Evening Standard which we commented on yesterday seems to have been based, without attribution, on a story in The Times (unless both stories are just verbatim parroting of a briefing or leak).

Several other "newspapers" have parroted this story, but one of the few which seems to have quoted The Times as the source, is, astonishingly, the communist Chinese Xinhua news agency.

"The Times, June 30, 2004

Voice analysis and detective work led police to believe that Shakur and Mr Hilali were the same person.

Who exactly conducted this "voice analysis" ? The Spanish or the UK authorities ?

The name "Shakur" appeared alongside Osama bin Laden and 33 others on an indictment in Spain last September for allegedly using the country as a base to plot September 11.

Mr Hilali was arrested by the Metropolitan Police last September. He was not charged but was discovered to be an illegal entrant and detained at Belmarsh prison.

If he has been in Belmarsh maximum security prison since September 2003, surely that gives Hilali an alibi for the Madrid bombings in March 2004 ?

He immediately claimed political asylum but his case has yet to be processed. Well-placed sources yesterday expressed doubt about any direct involvement in September 11 but suggested that his arrest was a significant development in the war against terrorism.

We are not a "well placed source" but our doubts about the actual threat posed by Farid Hilali are growing.

Baltasar Garzon the judge leading the Spanish investigation, said last autumn that he had been unable to establish Shakur's identity. But in April he made a new order saying that police had identified him as Mr Hilali, and calling for his extradition.

Baltasar Garzón is the Spanish judge who issued an extradition warrant for General Pinochet the dictator of Chile, which caused such a headache for then Home Secretary Jack Straw, by reminding everyone of Jack Straw's own left wing political activities in Chile when he was a student.

The Metropolitan Police formally arrested Mr Hilali on Monday and brought him before Bow Street Magistrates? Court, accused of ^participation in a terrorist organisation". He was sent back to Belmarsh for seven days. The fast-track extradition procedure, introduced on January 1, should take three months.

Judge Garzón alleges that the 9/11 plot was finalised in 2001 at a meeting between Mohammed Atta, the leading hijacker, and Ramzi Binalshibh, a suspected al-Qaeda leader. One train bomb suspect has been charged with helping to arrange the meeting. "

The detailed USA 9/11 Commission report does not mention any Spanish links with either Mohammed Atta or Ramzi Binalshibh, and it does not mention Farid Hilali either.

Why have no "journalists" asked questions such as:

• Is there really any proper evidence against Farid Hilali or is the UK court's interpretation of a European Arrest Warrant going to permit "fast track" extradition merely on on rumours and easily faked mobile phone "evidence" ?

• Where did the Spanish authorities get authenticated voice samples from Farid Hilali, with which to conduct "voice analysis" comparisons with the intercepted mobile phone call allegedly made by "Shakur" in August 2001 ?

• Were such recordings obtained by the UK authorities by bugging Hilali's legally privileged conversations with lawyers or with relatives or other inmates etc. inside Belmarsh prison ?

• Or are we to assume that the Spanish authoritiesare conducting illegal electronic surveillance within the United Kingdom ?

• Will the extradition hearing on July 5th actually bother to forensically examine the alleged Spanish "voice analysis" and the mobile phone intercept "evidence", something which should be illegal under the Regulation of Investigatory Powers Act ?
  

Posted by at 11:05 AM | Permalink | Comments (1)

The London Evening Standard reports that :

"Scotland Yard said in a statement: "Farad Halali has been arrested on suspicion of his involvement in a terrorist organisation.

"He appeared at Bow Street Magistrates' Court on 28 June on a European arrest warrant to Spain, alleging he committed terrorist offences." He was remanded in custody at Belmarsh Prison and will appear in court again on 5 July."

"Mr Hilali was arrested by the Met last September. He was not then charged, but detained at Belmarsh after it was found he was an illegal immigrant"

Presumably a search of his home and bank accounts etc. did not produce any evidence of terrorist activities back in September 2003.

N.B. Is that spelt "Halali" or "Hilali" ? Is this a confusion with Halal meat or simply a typographical mistake ? An inaccuracy of a single letter in your surname could be the difference between being arrested as a terrorist or not. Other media sources and the rest of the Evening Standard article call him Hilali.

This probable spelling mistake will now surface in various public and private search engines, and anybody with a similar name will probably find themselves being suspected of being related to a major terrorist suspect, and will be discriminated against, harassed and subjected to extra security checks, especially if travelling on an aeroplane.

However, the Evening Standard then alleges that pretty well the only evidence against him is based on mobile phone intercepts and on voice analysis, neither of which could possibly stand up in court if he were to be charged in an English court of law.

Regulation of Investigatory Powers Act 2001 specifically forbids the use of telephone intercepts as evidence in court, a situation which may or may not change after the Home Office consultation on the renewal or modification of anti-terrorist powers currently underway, but which cannot change the law before the Hilali case is considered.

"It is alleged Mr Hilali, from Morocco, is also known as Shakur - a man previously revealed to have telephoned the chief of al-Qaeda's Madrid cell shortly before the September 11 attacks."

Is the "chief of al-Qaeda's Madrid cell" meant to be Imadeddin Eddin Barakat Yarkas, (also spelled as "Imad Eddin" in some reports) also known as Abu Dahdah, who has been in Spanish custody since November 2001 ?

"In a tapped call on 27 August 2001, Shakur said he had "entered into the field of aviation"-and "cut the throat of an eagle". Three weeks earlier the agent had called to say: "I am preparing certain things which should please you."

He gave a warning that his phone was "hot", which suggested that he realised that the conversation could be tapped.

Who exactly is leaking this level of alleged detail and why ?

The calls are reported to have been made from New Cross or Peckham. "

i.e. a mobile phone rather than a landline, for which an exact address would be known

"Voice analysis and detective work, sources claim, led police to believe that Mr Hilali and Shakur are the same person"

The computerised data manipulation needed for voice analysis also makes it impossible to prove in court that the voice sample was not convincingly faked, using a current version of Voice Morphing technology, which even 5 years ago, was possible to do in near real time from a small sample of someone's voice.

Where is the evidence linking either Hilali or any of the Madrid bombing terrorist suspects in Spain or Morocco to the September 11th 2001 suicide hijackers in the USA ? They do not appear in the 20/20 hindsight social network analysis of the links between the plotters.

If these mobile phone interecepts have not lead to other evidence such as large financial transactions or access to weapons, then Farad Hilali (or Halali) can hardly be the dangerous terrorist mastermind which some people seem to be trying to claim in the media.

It would be a massive blow to our civil liberties if anybody can be extradited under a European Arrest Warrant on terrorist or other charges simply on mobile phone intercepts, which are illegal to use as evidence in a British court of law.

Posted by at 6:45 PM | Permalink | Comments (0)

Parliament's Intelligence and Security Committee has published their 2003-2004 annual report (.pdf)

This report is the fig leaf of what passes for Parliamentary oversight of the secret intellingence agencies in the UK, and only gives brief details about their activities and expenditures. Even these are censored in the report. Other democratic countries manage to provide the tax paying public with much more detail and insight, without compromising their national security.

Nevertheless, the report mentions things which will be of some interest to students of Government technology project cock ups.

If there is one thing that the UK Government is worse at than Information Technology Projects, it is probably large office complex projects. The new GCHQ "Doughnut building" is all very well, and a much needed replacement for the sub standard pre-fab accommodation which GCHQ has squatted in for so many years.

The report highlights the various scandals involving the lack of financial control and managerial leadership at GCHQ e.g. the auditors refused to sign off the accounts for 3 years in a row!, GCHQ can only find and account for 92% of the equipment assets which we have paid for, by means of the accounting trick of ignoring anything under ?10,000 value etc. - 8% of what must be billions of pounds worth of assests is a lot of public money which has been lost through incompetence or possible corruption.

It is no great surprise that the new Doughnut building is simply too small to hold all tthe GCHQ staff. The occupancy is alleged to be 115% , so the 1950's vintage pre-fabs remain in use, despite the fact that the site has been sold off to private sector developers, who will soon be within their rights to bulldoze these or else to milk the Government for massive financial compensation.

The Secret Service MI5 seems to have been concentrating too much on terrorism and has taken its focus off Russian and Chinese espionage.

The Secret Intelligence Service MI6 apparently managed to underspend its allocated budget, supposedly due the situation in Iraq and various unamed project delays They too seem to have withdrawn from intelligence activities in certain parts of the world - at a guess Latin America, although they claim to have been the only agency with some spare capacity to devote to some anti-Organised Crime activities, presumably drug smuggling (although obviously with no success in Afghanistan).

The report has this curious comment:

"135. We believe that this situation mainly derives from the history of cuts in the 1990s as part of the post-Cold War budget realignment, which put the Agencies on the defensive. When international terrorism began to spread in the mid 1990s, the Agencies felt that they could not ask for additional resources, not least because they were already being accused of inventing new tasks for themselves."

Surely this is an arguement for much more openness on the part of these Agencies, to demonstate their actual worth to the taxpayer ?

The Government does not seem to have properly reviewed the Critical National Infrastructure since 2002, this remains a concern for the Committee i.e. there has been no progress since their similar comments last year:

"We were also informed that the JIC had not assessed the threat to the CNI from electronic attack since 2002. Capabilities to attack the CNI exist, and, while both NISCC and CESG sought to reassure us that they were reducing the vulnerability of the CNI to technical attack, we were not convinced.

We recommend that the threat to the UK?s Critical National Infrastructure and vulnerability to electronic and other attacks should be examined by the JIC and considered by Ministers."

There also needs to be actual real money and resources spent on things as fundamental as an audit of what exactly contitutes the UK's Critical National Infrasturture - most of it is under the control of private sector companies, not the Government.

Increasingly these private sector companies are not the handful of former state monopoly companies whith which the civil service has been used to dealing with so cosily over the years, but are based overseas e.g. an attack on the Home Location Register computer of a mobile phone company in mainland Europe could easily compromise part of the UK's Mobile Phone Network.

" SCOPE

Continue reading "Intelligence and Security Committee report 2003-2004 - problems with SCOPE and no progress on Critical National Infrastructure protection." »

Posted by at 12:20 PM | Permalink | Comments (0)

Why is it that the we allow political and bureaucratic vested interests to attempt to "shoot the messenger" when a whistleblower exposes a scandal in government ?

We ask again, is the Shadow Home Secretary David Davis's email account under communications data content interception surveillance by the UK Government ?

According to the Sunday Times, which printed the stories from Steve Moxon and James Cameron which eventually lead to the resignation of Home Office Immigration Minister Beverely Hughes earlier this year:

"Sunday Times
June 13, 2004
Migrant leak diplomat ?framed?
David Leppard

A FOREIGN OFFICE diplomat who blew the whistle on an immigration scandal says he has been framed in a ?dirty tricks? campaign by the government.
James Cameron, the British consul in Romania, has been secretly recalled to London after being accused of ?criminal misconduct? by Whitehall investigators. Friends say he has been falsely accused of taking backhanders or obtaining sexual favours in exchange for granting visas.

However, Cameron has now been told the Foreign Office has called in Scotland Yard?s fraud squad about his alleged ?improper dealings? with a travel agency in Moldova."

Continue reading "Smear tactics against immigration scandal whistleblower James Cameron ?" »

Posted by at 2:59 AM | Permalink | Comments (0) | TrackBacks (1)

The Sun "newspaper" reports:

"Cops swoop on fan's txt

?Having this kind of surveillance is the price we have to pay in a modern society to protect us from terrorists.?

Does this mean that the Home Secretary David Blunkett has signed a certificate under the Regulation of Investigatory Powers Act 2000 permitting GCHQ to speculatively trawl the content of every SMS text messages sent within the United Kingdom ? If not, then this alleged interception is illegal.

Why did it take from "the end of April" when the SMS text message was sent until "the end of last week" i.e. May before Special Branch got around to investigating this affair ?

The Register reports that:

" Police maintain that Devine's message went astray. They say he actually sent it to a woman in Bristol by mistake and it was she who alerted police to the content."

Which is slightly more plausible, but still does not explain the time delay in bothering to investigate an alleged "terrorism" related activity.

A web search engine query for the actual lyrics of "Tommy Gun" by The Clash, shows that they do not match with the text of the alleged message quoted by The Sun and The Register above:

Continue reading "Are all UK SMS text messages being intercepted ?" »

Posted by at 2:01 PM | Permalink | Comments (2) | TrackBacks (1)

The hype about the arrest of Abu Hamza started off with The Sun.

The Sun is reported as actually having precipitated the 3am raid on Abu Hamza's home, by tipping off the police that they were going to publish their "story" about his imminent arrest, which they claim to have got from

"And The Sun learned last night from sources in Washington that the extradition process has been under way in secret for WEEKS."

The Sun article manages to claim, presumably for its own political agenda, that Abu Hamza is "Palestinian-born", rather than having been born in Egyptian.

They have been running a hate campaign against him so vitriolic, that, presumably, they have been trying to predjudice any jury trial which he might ever face in the UK.

"He faces deportation to America within weeks."

No, not even under the new "speedier" Extraditon Act 2003, the likelyhood is that no decision will be made on his extradition until 2005, as that is when the Special Immigration Tribunal appeal, under the Anti-terrorism, Crime and Security Act 2001 will be heard, about the already in train process of stripping his UK nationality from him.

The Extraditon Act unjustly applies retrospectively and is a disgraceful surrender of UK sovereignty by Home Secretary David Blunkett since US authorities no longer have to show reasonable evidence to a court in the USA to apply for extradition from the UK, they just need to make a statement claiming that there might be evidence. The reverse process i.e. extradition of someone in the USA back to the UK in such a manner is forbidden under the US Constitution.

Indictment United States v. Mustafa Kamel Mustafa
a/k/a Abu Hamza al-Masri

(Why do US legal indictments seem to be produced on a manual typewriter ?)

If you actually read what he has been indicted for in the USA, one can immediatly see that the main "evidence" against him for "conspiracy", rests on the use of phone call intercept and communications data "evidence" about his home phone in the UK and a satellite phone in Yemen.

It is not illegal to buy ?500 of satellite phone air time even nowadays. It may possibly be construed to be so under the Terrorism Act 2000, but this happened in 1998, before the Act was passed.

Abu Hamza has already been questioned by UK authorities about the 1998 Yemen kidnap affair in 1999, and no charges were brought, despite an extradition request from the Yemen authorities, and the fact that Abu Hamza's sons were peripherally involved in the incident, where the storming of the kidnappers' hideout by the Yemen authorities led to the deaths of 4 of the hostages.

Presumably the USA government thinks it can make use of this phone intercept evidence which,under the UK Regulation of Investigatory Powers Act 2000, is inadmissable in a UK court.

The USA indictment uses strange, nonsensical terminology, which does not correspond to any offence under UK law, such as "jihad training camp", Does this mean a hostile weapons training camp, or does "jihad" mean, as has been pointed out countless times, simply mean "struggle" i.e. a peaceful Koranic study camp ? No camp of any sort was actually set up.

They also use the phrase "facilitating violent jihad in Afghanistan" in the period up to the USA led invasion of Afghanistan in 2001. In what way was this illegal, given that the Taliban regime was only recognised by its neighbour Pakistan ?

When Abu Hamza lost his hands and eye in Afghanistan fighting the Soviet forces, was he "facilitating violent jihad in Afghanistan" ? If so, then so were many USA agents and allies.

How exactly is our security enhanced by extraditing Abu Hamza to the USA ? If he is to be extradited anywhere , it should be to the Yemen.

Better the devil you know and keep under surveillance. Abu Hamza on the streets of London, under close MI5 scrutiny must be more of an intelligence asset than having him locked away in the USA.

Why are the Government giving this fanatic the oxygen of publicity, and the chance to portray himself as a martyr ?

Posted by at 9:30 PM | Permalink | Comments (4)

The new head of MI6, John Scarlett, came to the public's attention during the Hutton Inquiry into the death of Dr. David Kelly, and seemed to exonerate the Prime Minister from blame over the ludicrous hype surrounding the Iraq Intelligence Dossier affair.

The Hutton Inquiry evidence published John Scarlett's then email addresses
"Scarlett John - ISS - [mailto:john.scarlett@cabinet-office.x.gsi.gov.uk]", and Scarlett John - ISS - john scarlett@cabinet-office.x.gsi.gov .uk.

Other email addresses were wholly or partially censored e.g. by blotting out the ".x.gsi.gov .uk" part of the address

GSI the Government Secure Intranet is allowed to handle Protectively Marked documents up to the low level of "Restricted". X.GSI is a subset of this which is equipped to handle Protectively Marked documents up to the medium level of "Secret". No Protectively Marked material should be sent through the Internet email gateways without extra CESG approved encryption.

Interestingly the people whose email addresses were revealed e.g. Alastair Campell, have now left jobs which they were doing at the time of the Hutton Inquiry - did the censors know or guess ahead of time ?

MI6 the Secret Intelligence Service (which supposedly concentrates on foreign intelligence gathering) does not have a public website or email address, which rather puts it behind the new MI5 Security Service website. This explains the role of MI5 and dispells a few public misconceptions, and now includes an SSL/TLS encrypted web form which might encourage more people to contact the organisation.

John Scarlett should take the opportunity of his new appointment to bring MI6 into the 21st century and onto the world wide web, since there is a need to re-establish public confidence in the UK's Intelligence Agencies.

Who takes over from John Scarlett as Chairman of the Joint Intelligence Committee ?

Posted by at 4:23 PM | Permalink | Comments (0)

Thanks to Statewatch for the news of a Draft European Union Directive on Data Retention (.pdf) proposed by France, Ireland, Sweden and the United Kingdom, which sheds some more light on what David Blunkett pushed for in terms of Data Retention at the EU Summit following the Madrid bombings in March.

The proposal to retain all telephone, mobile phone and internet etc. traffic data , itemised billing etc. (N.B. this includes the communications traffic data of the innocent majority of people, not just specifically of anyone actually under criminal investigation) for at least 12 months is in direct contrast to even the incomplete and ineffective
Anti-Terrorism Crime and Security Act Voluntary Data Retention Scheme which the UK Home Office produced after dithering for over 2 years in "consultation with industry" (but not, of course, in consultation with the general public).

This "Voluntary Scheme" for Data Retention was the subject of learned analysis and debate at Scrambling for Safety 7 conference.

"Article 4
Time periods for retention of data

2. A Member State may decide to derogate from paragraph 1 of this Article, with regard to data types covered by paragraph 2 of Article 2 in relation to the methods of communication identified in paragraph 3(b) and 3 (c) of Article 2, should the Member State not find acceptable, following national procedural or consultative processes, the retention periods set out in paragraph 1 of this Article. A Member State deciding to make use of this derogation at any time must give notice to the Council and to the Commission stating the alternative time scales being adopted for the data types affected. Any such derogation must be reviewed annually."

Are they really now planning to impose the massive cost and administatrative burden involved in say, keeping web proxy server log files for 12 months, when under the UK Voluntary Code of Practice Appendix A (.pdf), on practical and cost grounds, the plan is to keep them for only 4 days ?

Iis the UK Government going to have to derogate annually from an EU Framework Decision that is co-sponsored by the UK Government itself ?

To quote James Hammerton's response to an article in The Times:

"The problem Gove is forgetting here is that Blunkett has been attacking civil liberties so outrageously and relentlessly that no one trusts him, and the civil libertarians are continuously on the defensive against this that and the other attack Blunkett proposes. There is barely time to catch breath and take stock of one policy that attacks if not removes a civil liberty, before Blunkett throws up another, if not 10 more."

Posted by at 10:30 AM | Permalink | Comments (0)

Days after it had been spun and leaked to the mainstream media, the Home Office has finally published the One Step Ahead: A 21st Century Strategy to Defeat Organised Criminals White Paper consultation document.

We were hoping for clarification about the planned use of Intercepts, but all we got was this:

6.2.2 Evidential use of intercept material

Under the Regulation of Investigatory Forces Act 2000, the

Presumably the Home Office authors actually mean the controversial Regulation of Investigatory Powers Act 2000 (RIPA).

What, if anything, does this Freudian slip reveal about how they think about these issues ?

evidential use of intercept material in court proceedings is not permitted in the UK. This is unusual internationally. The prohibition on evidential use is currently subject to a Home Office led review, commissioned by the Prime Minister.

The Home Office led review is expected to conclude by June 2004. If Government were satisfied that adequate safeguards can be designed to prevent the disclosure of sensitive capabilities, and that the review had concluded that the benefits of this move would clearly outweigh the costs, then it would bring forward legislation to allow the evidential use of intercept material."

This White paper does not reveal any more actual detail about what the Government is proposing to do about the issues of electronic surveillance and its admissability in court, than the previous Consultation Document on Counter Terrorism Powers one does.

It is all very well to calll for input from interested parties and the public to these consultations, but to ask opponents of the political kites being flown to argue as Devil's Advocates against the entire spectrum of possible detailed policies which the Home Office might come up with, makes a mockery of the whole process.

These two consultation documents are even vaguer and more misleading than the notorious Entitlement Cards consultation document, which although full of technical, civil liberties and budget estimate faux pas at least gave a couple of possible options, and some brief information on practices in other countries.

There is not even this level of background detail in these so called consultation documents with respect to Electronic Surveillance.

If, as David Blunkett claims, there is an internal disagreement between various unnamed security agencies as to whether or not to try to make use of phone or email intercepts as evidence in court, and that he himself has changed his mind over the issue, why are the pros and cons not spelt out in this Consultation Whitepaper ?

The sort of things that should have been elaborated on in this White Paper include:

• What was the effect of the court trial in the USA which revealed that Osama bin Laden's satellite phone had been routinely intercepted, even revealing the actual phone number in public ?
• What is the current state of digital voice editing and voice morphing technology, which even 5 years ago could be used to make convincing fake recordings of short phrases or sentences, in real time, from as little as ten minutes of sampled speech.
• What possible forensic examinations of any alleged Intercept "evidence" would be required to prove that it had not been so edited or tampered with ?
• Is there a role for Digital Signatures and Digital Timestamps from an independent Government Public Key Infrastructure which would assist in the presentation of untampered Phone or Email Intercept evidsence in court ?
• What about encrypted voice or data communications and the obscure role of the National Technical Assistance Centre is actually up to without the legal basis of the enacment of RIPA part 3 powers it was intended to serve.
• What about Data Retention or Data Preservation , especially in the light of the vague talk about Communications Data Retention in the European Union Declaration on Combating Terrorism agreed last week.
• How much will these various options cost the taxpayer ?
• What financial and competitive burden will these measures place on the private sector telecommunications and internet industries ?

Is it worth bothering with making a formal contribution to either of these Consultations, given the way in which the Entitlement/ID Cards consultation was handled and spun by the Home Office ?

Posted by at 2:13 PM | Permalink | Comments (0)

The spin and disinformation surrounding the Tory party and press criticism of the Home Office Immigration Minister Beverley Hughes and her boss the Home Secretary David Blunkett, took another turn, yet again not in the House of Commons, but on the BBC Radio 4 Today programme.

Yesterday, the Conservative Shadow Home Secretary David Davis revealed, slightly against the conventions, through a point of order, that he had received an email from James Cameron, consul in the British Embassy in Bucharest in Romania, claiming that immigration applications which were thought to be dubious or which were backed up with forged documents were stilll being passed by the Home Office Immigration and Nationality Directorate back in the UK, despite the objections of local embassy staff in Romania and Bulgaria.

Both David Davis and David Blunkett appeared on the BBC Radio 4 Today programme just after 8am. David Davis answered the accusation made yesterday as to why he had not revealed the email to the Home Office on 8th March when he got it. He explained that the email had been anonymous, and that without proof he would be unwise to confront the Home Office with it. He claims that the consul phoned him last Wednesday evening (24th March) after he had been suspended by the Foreign & Commonwealth Office, and that the first opportunity to raise the issue had been yesterday (Monday 29th March) once the story had been checked.

The question was put then why was the consul suspended last week, before the allegations were made public and before David Davis surprised the Home Office with them yesterday.

David Blunkett said:

"I am familiar with Data and Data Retention and Data Access and I'm presuming, because I have no reason to believe otherwise, that they were aware of an email, but not necessarily its content. And , you know, we have debated this in the House, about how "content" and "traffic" as it is called, is a different thing".

He seemed be suggesting that this is what alerted the Foreign Office to the matter of "emailing willy nilly".

Previous media reports suggest that the email was sent from the consul's home rather than from the Embassy.

Does this imply that it is actually David Davis's email account which is under surveillance, rather than that of the embassy whistleblower ? This is an obvious point which the BBC interviewer missed.

David Blunkett claims he will inquire and get the answer to this by 12:30 when he is due to make a ststement in the House of Commons.

David Blunkett also a promised to set up a confidential hotline for whistleblowers within the Home Office so that people no longer have to go to the Shadow Home Secretary - why do these not already exist within every Government Department ?

Those of our readers in the Foreign & Commonwealth Office, the Home Office, GCHQ, NCIS etc. might just have rather a busy morning today.

Posted by at 9:08 AM | Permalink | Comments (0) | TrackBacks (1)

The Home Office has published a formal UK 12 week Consultation on the Proposed European Evidence Warrant

As usual, the powers being sought all seem to be one way, ranged against the personal liberty and privacy of the individual.

Where in this proposal are there any explicit safeguards regarding Data Protection or Data Retention ?

It seems that the proposal allows for, say, criminal record information to be passed to a foreign police force, almost certainly via the Schengen Information System etc. computer networks and stored there forever, despite any UK "weeding" or removal of spent petty convictions according to the Rehabilitation of Offenders Act.

Similarly, although the proposal does not allow for new DNA samples etc to be collected on behalf of a foreign police force, they will be granted access to any such existing DNA profiles, including those collected from totally innocent people currently being held on the UK National DNA Database.

Where are the safeguards and criminal penalties to protect us from foreign petty officials who abuse our UK personal data records, and vice versa ?

Posted by at 5:20 PM | Permalink | Comments (0)

So where exactly is the online version of the Home Office Whitepaper
"One Step Ahead: A 21st Century Strategy to Defeat Organised Criminals", some details of which were revealed to the weekend media (Sunday Telegraph this time) and the favoured BBC Radio 4 Today programme, ahead of the announcemnet by David Blunkett in the House of Commons this afternoon.

Could the Home Office really not have published the Whitepaper online at the same time as their Press Release 896, through which they presumably want to spin the story, without any detailed consideration by the media or the public.

Where are the detailed proposals about Communications Intercepts ? Certainly not in the Press Release.

Posted by at 5:01 PM | Permalink | Comments (0)

For most people, European Union legislation and Declarations by the Council of Ministers are an alternative to counting sheep when afflicted by insomnia, or are targets of tabloid media stories during the "silly season". Unfortunately, following the March 11th 2004 Madrid bombings, the EU seems to be about to implent some of the anti-terrorist measures which were proposed
in the aftermath of the attacks on 11th September 2001 in the USA.

This has serious implications for the personal liberty and privacy of the vast majority of innocent people in the European Union.

This is much more important than even the debates on the Euro currency.

Staewatch have published a paragraph by paragraph scoreboard analysis of the European Union's "Draft Declaration on Combating Terrorism 7486/4/04 REV 4" (.pdf) on post Madrid bombing anti-terrorist measures.

The Declaration and the amended Action Plan, the earlier version of which which we commented on previously is, apparently due to be rubber stamped at today's EU summit (25 - 26th March 2004 in Brussels), according to the article in the Guardian "EU set to agree sweeping counter-terror policies"

Staewatch's analysis claims that of the 57 proposals to be agreed today, that "27 of the proposals have little or nothing to do with tackling terrorism - they deal with crime in general and surveillance."

We agree with most of Statewatch's analysis, but, depressingly, we think that they have missed the significance of the inclusion of the word "DNA" into this draft - there is nothing in this Declaration which would prevent the wholesale sharing of DNA profiles or "forensic evidence" to every country in the EU.

This would not be of such a concern, except for the fact that in th UK, "DNA forensic evidence" is no longer restricted to criminals or convicts. Anybody who is arrested (even for motoring offences) and who is found innocent, or has the charges dropped, still has their DNA profiles kept forever on the National DNA Database (over 2 million profiles and growing). Astonishigly, even innocent people who have cooperated voluntarily to provide DNA samples to help catch a rapist or murderer, also have their DNA samples retained forever e.g. in the recent M25 serial rapist case, around 3500 people were sampled, and even though the culprit is now in jail, their samples are still being retained and are no longer destroyed as used to be the practice.

Just as with the notorious UK Anti-terrorism, Crime and Security Act 2001 and the Terrorism Act 2000, supposedly strictly anti-terrorist measures are going to be used for more general criminals and against political demonstrators.

"Priority should be given to the proposals under the retention of communication traffic data and exchange of information on convictions with a view to adoption by June 2005."

Given the UK Home Office's failure to agree the details of a workable scheme,or even one which is compliant with the European Convention on Human Rights, for the Retention of Communications Data after over 2 years of so called consultation with industry, and their spectacular failures with the Criminal Records Bureau IT systems, why should anybody believe that this is achievable, throughout the European Union by June 2005 ?

If these draconian anti-terrorist laws and Orwellian centralised databases are introduced to fight terrorism throughout the European Union, then the use of such measures must be restricted to proper anti-terrorist focussed investigations, and must not be used as a general surveillance tool against the public at large.

There must be criminal penalties available to prosecute those petty officials (anywhere in the European Union) who abuse these extraordinairy powers, and politicians must take polictical responsability for any dubious actions by their officials and agencies.

If the emergency services, armed forces and police forces are willing to risk their lives to counter terrorist attacks, then politicians should be willing to lay down their political careers if necessary, in order to enhance the trust of the public that the extraordinairy anti-terrorist measures are not being abused.

We must not build a high tech "rod for our own backs" by creating tools and institutions which although intended to counter terrorism today, could in the future be abused by a police state in some or all of the European Union.

This Declaration fails to address the existing deficiencies in the necessary checks and balsnces with the existing anti-terrorist laws and centralised databases, without which the necessary trust and cooperation from the public, especially from those minority communities who are being targeted as "supporters of terrorism" , should not be expected.

It is also significant, that this Declaration or Action Plan has no estimate of the cost to the EU taxpayers, even to the to the nearest billion euros, of these new anti-terrorist measures, either to set up these new institutions and centralised databases, or to continue running them in the future.

Posted by at 9:47 AM | Permalink | Comments (0)

The Madrid bombings seem to be prompting Europe wide anti-terrorist measures. Where is the scrutiny and oversight, and the mechanisms for correcting the inevitable mistakes on European wide "terrorist suspect" blacklists ?

EU GIVES GREEN LIGHT TO UK ANTI-TERRORISM PROPOSALS

"It is particularly gratifying for the UK that the specific points that we have put forward have been accepted."

David Blunkett was complaining that other European countries had not implemented the anti-terrorist measures promised in the aftermath of the September 11th 2001 attacks.

His own record on Communications Data Retention which was shoved into the Anti-terrorism Crime and Security Actrt 2001 with no debate, is hardly a shining example. The Home Office has still not come up with agreed, workable standards, after over 2 years.

Does this mean that sometime next week the Voluntary Communications Data Retention Scheme will become, by order, Mandatory and the model for the whole European Union ?

What about European Union access to my Retained Communications Data ?

Where are the European wide proposals and budgets for the regulation, minimum maintenance standards and data retention standards for Closed Circuit TV surveillance systems, which is an area of direct relevance to anti-terrorist operations ?

Posted by at 8:31 PM | Permalink | Comments (0)

The Independent on Sunday quotes the Spanish Interior Minister Angel Acebes:

"The dramatic announcement came six hours after Spanish police arrested five men ? three Moroccans and two Spaniards of Indian origin ? in connection with their investigation into Thursday's bombing which killed 200.

All the arrests were made "for presumed implication in the sale and falsification of the mobile phone and cards found in the bag that did not explode", the minister said. The detentions were the first tangible fruit of frenetic investigations into the tragedy, and point strongly to Islamist ? rather than Basque separatist ? radicals as being responsible, a development which could impact on today's general election in Spain."

It would not be suprising if the people arrested have nothing to do with the actual terrorist bombers, except through having sold them some mobile phones or Subscriber Identity Modules (SIM) cards.

The Moroccan suspects seem to have been running a mobile phone and television shop for the past 4 years.

How likely is it that Al-Quaeda would leave any clues from Mobile Phones after the "Operation Mont Blanc" Swisscom SIM affair ?

Other reports claim that bomb's detonation mechanism was triggered by a mobile phone (an all too common technique used in the Middle East or Latin America)

Some TV terrorism pundits speculated that if the trains had not been delayed by 2 minutes, the detonations would have taken place inside the railway station, possibly causing even more casualties, especially if the roof collapsed as well. c.f. the BBC's timeline and locations of the 10 explosions.

The El Mundo reports, briefly, that the Mobile Phone was a Trium model, with the language settings set to Spanish, and that it was the alarm function which was intended to be used to set off the explosion i.e. not a mobile phone call or SMS message per se.

"El tel馯no m󶩬 encontrado en la mochila de Vallecas, de tarjeta prepago y de la marca Trium, estaba programado para que su alarma sonara a una hora determinada y activar así ¥l explosivo. Ademᳬ la configuració® ¤e las opciones del aparato estaba en españ¯¬®"

Presumably, the mobile phone records, including which phone called which, at what time and from which Cell Location, of not just the 5 people arrested and the other two Spanish nationals of Indian origin who have been questioned but of virtually every mobile phone user in the Madrid area are being analysed by computer.

Are UK phone records calling to/from Spain, also being so analysed, in the spirit of "maximum cooperation" with the Spanish authorities ?

Posted by at 6:18 AM | Permalink | Comments (1)

The document published by the Home Office on Wednesday 25th February 2004
COUNTER-TERRORISM POWERS: Reconciling Security and Liberty in an Open Society (.pdf) is in 3 sections.

In reverse order: there is a table about some of the details about the people who are being held without trial under part 4 of the Anti-terrorism Crime and Security Act. 2001 (ATCSA)

There is the Government's response i.e. rejection, of most of the recommendations in the Newton Committee of Privy Councellors' report on the ATCSA.

The first part of the document is, apparently, what was promised by David Blunkett as result of his remarks made during his trip to India and Pakistan at the start of February.

The absence of any details in this "discussion document" about David Blunkett's reported ideas involving "lowering the burden of proof", the use of secret courts, and of the admission of phone/electronic communications intercepts as
evidence seems to prove the earlier comments on Radio 4 by Baroness Helena Kennedy QC that David Blunkett has been flying several political kites and domesday scenarios regarding civil liberties, in order to sneak in the measures that he was after in the first place.

Having yesterday denied that he was ever threatening to "lower the burden of proof", it seems, that judging by the debate in Parliament yesterday, he has succeeded in bamboozling his supporters and the opposition into thinking that the admission of phone intercepts into courts as evidence, could somehow be of use in resolving some of the unacceptable detention without trial cases.

If GCHQ submits "evidence" of an allegedly intercepted phone call from, say an alleged aide to Osama bin Laden, how on earth could the defence ever disprove this ?

We have already noted that current computer technology such as Voice Morphing, is quite capable of producing convincing fakes.

Following the various computer virus/worm epidemics which fake email addresses, even the most technophobic of judges must question the authenticity of any allegedly intercepted emails.

Given the appalling way in which the thousands of public responses to the Entitlement/ID Card consultation via the STAND website and the Privacy International voice mail system, were suppressed and misrepresented by the Home Office, is it even worth bothering to cooperate with this latest "public debate" inspired by David Blunkett's vague ideas and soundbites ?

Posted by at 6:32 PM | Permalink | Comments (0)

The Committee of Privy Counsellors set up to review the controversial Anti-Terrorism, Crime and Security Act 2001 have now published their review:

http://www.atcsact-review.org.uk

Download the Report (.pdf)

This contentious Act was passed in December 2001, as a response to the terrorist attacks of September 11th.

Instead of concentrating on specific Anti-Terrorist measures, the Act was rushed through Parliament, without the usual debate or scrutiny and contained a rag bag of controversial measures some of which had been previously rejected e.g. detention without trial, or some which were irrelevant as they are adequately covered by other laws e.g. it became a specific offence to detonate a nuclear weapon in the UK without permission.

The sneakiest aspect was the assertion that the extraordinary powers enacted for Anti-Terrrorism purposes could and would be used as part of general policing. This applies particularly to the Data Sharing provisions and especially to Part 11 Retention of Communications Data.

The Data Retention section was forced through "on the nod" without a single word of debate in the Commons when the Act was passed. It did spawn a Voluntary Scheme and Code of Practice for the Retention of Communications Data, for longer than would be needed for normal business purposes, and which would therefore be destroyed, or anonymised, to comply with the fundamental principles of the Data Protection Act.

In the 2 years since the passage of the Act, the Government has failed to agree with the Telephone or Internet industries about precisely what data is required to be retained and for how long, and how much of the extra cost involved in doing this, the Government is willing to pay for.

The vast majority of this Retained Communications Data will be that of entirely innocent people. The longer it is kept beyond when it is required for business purposes, the more likely that innocent people's privacy will be abused by faceless petty officials or by criminals. The surest safeguards are not to collect too much data in the first place, and to only keep it for the minimum time necessary, i.e. the fundamental and long established Principles of Data Protection enacted in the UK and in all civilised countries.

It is worth noting that the UK stands alone in contemplating such an Orwellian Big Brother Data Retention scheme, not even the United States sees the need for such an anti-terrorist measure.

We are very disappointed that the Committee chose to ignore (as did the Home Office during its Consultation on Data Retention) the fact that there is a whole category of data which would be of immense use in fighting terrorism, but which is currently unregulated and is very variable in quality and inconsistent in different parts of the country, namely Closed Circuit TeleVision (CCTV) Surveillance Camera Data.

We have been calling for the Regulation of CCTV Surveillance Cameras in the UK for several years now. The number of them deployed is almost literally without measure, but there are no legally enforcable minimum standards which they need to comply with.

Surely there should be a mandatory requirement to register CCTV Surveillance systems so that the authorities do not waste valuable time trying to hunt down possible CCTV systems during a post terrorist incident investigation ?

Surely the CCTV operators should retain video tapes or digital images for a common, standard period of time e.g. a week or a month ?

Why is the Regulation of CCTV Surveillance not considered to be part of the Anti-Terrorist measures of this Act ? Just because it was left out of the original Act, why should it not be considered and debated now ?

If the current informal, slapdash policy of Data Preservation of CCTV Surveillance Data is considered to be adequate for our national security, why should this principle not also apply to Communications Data ?

From the Home Secretary's response, it does not seem likely that he will take on board any of the Committee's recommendations, let alone our suggestions.

Posted by at 7:43 PM | Permalink | Comments (0)

The notorious murder case of two 10 year old schoolgirls in Soham, Cambridgeshire ended today. The role played by GSM Mobile Phone Cell Location Data in casting suspicion on the murderer Ian Huntley and of breaking the false albi given to him by his former girlfriend Maxine Carr, has been widely reported e.g.
BBC online news, Sky news, The Times

Maxine Carr's mobile phone was shown to have been calling from Grimsby when she claimed to have been with Ian Huntley in Soham on the night Holly Wells and Jessica Chapman went missing.

Jessica's prepaid Vodafone Nokia mobile phone was switched off or had run out of battery power at 18:46 BST on the Sunday when the girls disappeared, 16 minutes after their last sighting on a CCTV system at the local sports centre and only 31 minutes after she and Holly left the Wells house.

The time date stamp on the Sports Centre CCTV footage is reported as being wrong, and so the footage of the girls was initially missed by the investigators. This shows that the time date stamp "evidence" of CCTV footage needs to be scrutinised forensically, if it is to be used in a serious criminal trial, even more so it is used in a case where there is a chance that it could have been deliberately edited or tampered with.

This mobile phone connection was broken whilst it was connected to the mobile phone mast on Weirs Drove just to the west of Burwell, about 8 kilometres (5 miles) south of Soham, rather than the mast at the local Soham football field in Julius Martin Lane post code CB7 5EQ.

Apparently one of the few likely spots where the Burwell mast signal was strongest was right outside Huntley and Carr's house at 5 College Close post code CB7 5AA, about a kilometre from the Soham football field mast which lies to the north.

This sort of hotspot quirk of radio propagation illustrates why the proposed jamming of GSM mobile phones during President Bush's visit to London would have needed to have been hugely disruptive in order to be effective against mobile phone activated bombs - an area up to 70 kilometres in diameter would have had to be jammed.

It is obvious that in this case, a Mobile Phone Location service like ChildLocate MapAMobile, MapMinder etc would have been of no use at all in protecting the murdered girls. Indeed, even if a website or SMS based location search had been performed on one of the girls' mobile phones, had it actually been registered with such a service, it could easily have shown the location as being in Burwell, several miles away, rather than in Soham. Such false information would have sent any search parties to look in completely the wrong area during the critical minutes or hours after the children went missing.

Such Mobile Phone reception hotspots are liable to change with network traffic or weather conditions, and the detailed surveys covering the whole country are simply not available or up to date. It is also unclear if the last cell location to which a mobile phone has been connected, is even available at all, to the Location Data Service Resellers. We suspect that there would have been no such information available once the phone had been switched off.

Huntley's mobile phone records shown in court and on television showed that his T-Mobile phone (07986 015607) had received a call whilst it was connected to the Ely Water Tower South cell mast the next day. Ely is a nearby town, where it transpires that he changed all four tyres on his car. Why this Mobile Phone evidence was considered to be more important than the tyre garage records or witnesses is a mystery, but it fits in with the reporting of this topic.

The calls by the Mobile Phone expert witness David Bristowe to retain Mobile Phone Communications Data for 2 years or the controversial Home Office proposals under the Anti-terrorism, Crime and Security Act 2001 to retain this data for 12 months after the Mobile Phone company has no legitimate business use for them are hugely intrusive and wrong.

Huntley and Carr were arrested within just 2 weeks of the girls' murders, so Mobile Phone Communications Data Retention of everyone in the UK, or of only the people in Cambridgshire, or of just the inhabitants of the village of Soham, would not have helped with the investigation and would be completely disproportionate.

The Home Secretary has announced an independent inquiry into the failures of procedure which allowed Huntley to get employment as a school caretaker, despite 10 or so previous allegations of rape, indecent assault against children and under age sex.

However, instead the Grimsby police being blamed for obeying the Data Protection Act and deleting the unproven allegations against Huntley, the fact that Huntley was never convicted of the rape case in Grimsby or even the failure to attend court on a burglary charge which did come to court are what people should focus on.

No innocent politician, celebrity, police officer, teacher etc. would be employable if records of unproven sexual allegations were kept on police file indefinitely and passed on to future employers.

Maxine Carr, guilty of attempting to pervert the course of justice by providing Huntley with a false alibi, but obviously no Myra Hindley style accomplice, looks set to be released from prison and electronically tagged, although given the public hysteria, she might have to go into a witness protection scheme.

Posted by at 8:07 PM | Permalink | Comments (1)