https://www.mi5.gov.uk/careers/investigative-challenge-quiz.aspx

Spy Blog disagrees with several of the "correct" answers to this Quiz. If these really reflect the MI5 Security Service Intelligence Officer mindset, then there needs to be some retraining as soon as possible.

N.B. if you have gone to the MI5 website, or have arrived at this Spy Blog web page through, say, a Google web search or through Twitter or a blog RSS feed and you have not bothered to take any precautions to hide or fake your computer's IP address and web browser details, cookies etc. from foreign companies and governments, then you should have, in our view, already failed the MI5 Intelligence Officer recruitment procedure.

Discretion is vital. You should not discuss your application, other than with your partner or a close family member.

Unfortunately, we suspect that MI5 still does not take "cyber security" / privacy and anonymity as seriously as it should.

The Quiz need Adobe Flash to be installed on your computer to run and imposes an artificial time deadline,

You can examine the source material and the questions (with the "correct" scores for each option) at your leisure, at our Spy Blog answers - MI5 Investigative Challenge Intelligence Officer Quiz web page.

This fictional scenario involves some alleged foreign intelligence officers operating from their Embassy in London (see the Spy Blog London Diplomatic List archive). However, in real life, Counter-intelligence operations against foreign intelligence officers under "diplomatic cover" in London takes up only a small proportion of MI5's resources compared with Counter-Terrorism..

Their joint statement does not "clear" the officers and agencies concerned of any wrongdoing, which is the propaganda line being spun by say , the Daily Telegraph, it just says that the CPS feels that there is insufficient evidence for the likely prospect of a criminal conviction.

Joint statement by the Director of Public Prosecutions and the Metropolitan Police Service

12/01/2012

This is a joint statement by the Director of Public Prosecutions (DPP) and the Metropolitan Police Service (MPS) dealing with:

(a) the decisions of the CPS not to charge any named individuals in relation to the investigations in Operations Hinton and Iden;

(b) the setting up of an advisory panel for scoping other complaints about ill-treatment by detainees in similar circumstances; and

(c) the decision by the MPS whether to investigate two further cases where allegations of criminal wrongdoing are raised in relation to the alleged rendition of named individuals to Libya and the alleged ill-treatment of them in Libya.

[...]

All concerned have been mindful of the obligation that allegations such as those made in Operations Hinton and Iden must be investigated thoroughly and in accordance with Article 3 of the European Convention on Human Rights.

Article 3 of the European Convention on Human Rights is very short and all encompassing:

No one shall be subjected to torture or to inhuman or degrading treatment or punishment.

Operation Hinton involved the investigation of the alleged involvement of British officials in the ill-treatment and torture of Mr Binyam Mohamed when he was detained in Pakistan between about April and July 2002 and/or when he was detained elsewhere between about July 2002 and early 2004.

Mr Mohamed has never alleged that any member of either the Security Service or the Secret Intelligence Service was directly involved in the torture and ill-treatment he alleges. The investigation has therefore focused on whether there is sufficient evidence to provide a realistic prospect of convicting any member of either Service for offences of aiding and abetting torture, aiding and abetting war crimes and misconduct in public office.

[...]

However, the CPS has also concluded that there is insufficient evidence to prove to the standard required in a criminal court that any identifiable individual provided information to the US authorities about Mr Mohamed or supplied questions for the US authorities to put to Mr Mohamed, or was party to doing so, at a time when he or she knew or ought to have known that there was a real or serious risk that Mr Mohamed would be exposed to ill treatment amounting to torture.

"he or she knew or ought to have known that there was a real or serious risk"

The Crown Prosecution Service appear to be completely out of touch with reality, again.

Intelligence Agencies not only ought to have known exactly which countries and state agencies use torture, but they ought to know exactly where the torture chambers are located and the identities of the torturers and their superiors, because they should be hunting them down, instead of helping them.

If the Intelligence Agencies are claiming to be somehow ignorant of this, then MI5 or SiS officers and their superiors, should be charged with Misconduct in Public Office,
for "wilful neglect or misconduct", since everyone within the UK Intelligence Agencies is supposed to be aware that "torture" or "inhuman or degrading treatment or punishment" is utterly wrong.

Any investigation of the Libyan allegations , which Sir Peter Gibson's Detainee Inquiry had already promised to look into back in September 2011, are now in danger of being spun out for another 4 years by the Metropolitan Police Service and the Crown Prosecution Service.

Ploddingly and bureaucratically, they have announced that they have set up "an advisory panel" to decide whether they should investigate these claims or not. Why have they not already started to investigate before Christmas 2011 ?

Statement by the Inquiry, January 12, 2012

[...]

Following the advice of the joint advisory Crown Prosecution Service and Metropolitan Police Panel, the Metropolitan Police has decided that the allegations raised in the two specific cases concerning the alleged rendition of named individuals to Libya and the alleged ill-treatment of them in Libya are so serious that it is in the public interest for them to be investigated rather than at the conclusion of the Detainee Inquiry.

The Detainee Inquiry Panel will now carefully consider its next steps and the Chairman of the Panel, Sir Peter Gibson, will make an announcement in due course.

Surely it is possible for the Detainee Inquiry to proceed in parallel with any Police investigation ? If they wait for every investigation and court case to finish, before they get formally started, then they might as well all resign now.

Were these kidnappings of individuals and families, none of whom were terrorists who posed a threat to the UK and their "extraordinary rendition" into the hands of torturers in the USA, Afghanistan, Pakistan, Morocco, Jordan, Egypt or Libya etc.
sanctioned by Labour government Ministers under the Intelligence Services Act 1994, section 7 Authorisation of acts outside the British Islands ?

Will Tony Blair and his henchmen like Jack Straw and David Blunkett, try and divert responsibility for British complicity in torture by blaming their civil servant officials instead ?

The Conservative / Liberal Democrat coalition government's hands are not entirely clean either, given that only last year, they firstly accepted the defection of
Moussa Koussa from the Gadaffi regime in Libya and then let him go freely out of their custody. There are plenty of allegations around of his personal involvement in political assassinations, massacres and torture as head of the Libyan intelligence bureaucracy, whose abandoned offices have yielded prima facie evidence of such complicity.

It is now over 18 months since the Detainee Inquiry was set up and the promise Undertakings to protect witnesses or whistleblowers from prosecution and / or disciplinary action have still not been agreed or published

Spy Blog has raised with the Detainee Inquiry, the question of Communications data snooping, Interception of Communications and Intrusive Surveillance and recruitment of Confidential Human Intelligence Sources i.e. routine Intelligence Agencies powers and techniques, which could easily be aimed at members and staff of the Detainee Inquiry and their families and friends, by one or all of the intelligence Agencies, trying to identify potential or actual whistleblowers who may not be adhering to the official party line. The self justification for doing so will be on the nebulous grounds of "national security" - to determine if anyone willing to talk, even in secret, to the Detainee Inquiry about the deeds or misdeeds of their colleagues or superiors be trusted any more.

See the previous Spy Blog article: Reply from the Detainee Inquiry, regarding anonymity protection for whistleblowers, surveillance targeting against the Inquiry itself etc.

Were the Metropolitan Police and Crown Prosecution Service teams working on investigations Operation Hinton and Operation Iden targeted in this way ? Given the 4 years it took them to fail to find sufficient evidence and the number of people they were not allowed to interview, it may well be that the Intelligence Agencies were always one step ahead of the investigators, perhaps through the use of such surveillance techniques.

Will the Metropolitan Police investigation into the Libyan allegations, if it ever goes ahead, also be so targeted by the Intelligence Agencies ?

Remember that individual Police officers and investigation teams have, according to evidence given to the Leveson Inquiry, been targeted by News of the World and / or other journalists and private investigators, including the team investigating Downing Street complicity in the "cash for honours" scandal headed by the now politically disgraced Assistant Commissioner John Yates.

It is therefore not fanciful to assume that people within the UK Intelligence Agencies with these secret surveillance powers will use them, or will get their US or European sister intelligence agencies to do so on their behalf against such torture investigations, unless expressly and publicly forbidden to do so .

Any such ban must be public, so that the companies and staff working in telecommunications, internet and postal communications services can recognise illegal requests for Communications Data or the contents of communications and refuse to accede to them.

It is ironic that the person to whom complaints about such abuses of the Regulation of Investigatory Powers Act 2000 by the Intelligence Agencies, if they exist, is the Intelligence Services Commissioner, the post held by Rt. Hon. Sir Peter Gibson until he resigned it early in his tenure to devote himself to the Detainee Inquiry.

The current Intelligence Services Commissioner is Rt. Hon. Sir Mark Waller - see the previous Spy Blog article: Intelligence Services Commissioner, Rt. Hon. Sir Mark Waller appointed early, announced late

When reading this report, you could and should mentally replace the words "MPS" or "Metroplitan Police Service", with "Downing Street" or "Whitehall Department" and especially with "Home Office", "Cabinet Office", "Ministry of Defence MoD", "Security Service MI5", "Secret Intelligence Service MI6" or "GCHQ".

Almost all of Elizabeth Filkin's conclusions and reccomendations for improving the Metropolitan Police's duties of transparency and accountability to the public, whilst protecting the operational security of ongoing investigations and also protecting the personal details of innocent members of the public and junior staff etc., could and should be applied to these other powerful, privilged, yet increasingly untrusted, supposedly public institutions.

The Metroplitan Police Service has been practicing the black arts of media spin and manipulation and their public reputation has suffered as a result.

Favoured access:

3.2.1 Inequality of access

It is felt both internally and externally that the MPS has not given equal access to all parts of the media for a number of years and that certain special relationships have developed selectively.

The kind of off the record nature of it all is actually counter-productive, and if we really want to hold public institutions to account we have to do it in an open, transparent and proper way. But the way they operate is they have the kind of closed press briefings, drinks at the pub - it's a club. Journalists get too close to senior police officers, because you get far more stories if you're nice to them than if you're not. And the result is I think we are quite generally in this industry, too reluctant to write critical pieces, than we were previously.

A Journalist

Trading information and even betraying details about innocent members of the public, in order to about to divert media attention away from embarrasing stories about the MPS themselves:

3.1.2 Trading

I have also been given examples where inappropriate information has been provided to the media, to dilute or prevent the publication of other information which could be damaging to the MPS or senior individuals within it. Of course there can be proper and ethical negotiations with the media to prevent the obstruction of an investigation, harm to
members of the public or the MPS, or to ensure accuracy in reporting. However some negotiations have included unethical placing of material, or offering exclusive stories to the media to bury other information.

"So that if you get the Press Officer who says, well, if I give Reporter 'A' a particular story exclusively, then next week Reporter 'A' will do me a favour. And you've got a direct conflict now between what the public needs and what the Press Officer wants."

Nick Davies, Freelance Journalist

Lack of Transparency, even when there is no justifiable operational need for it:

4.4 TRANSPARENCY

According to some, MPS contact with the media has in the past been characterised by back door briefings through informal and unofficial channels. This view was also reached when MPS communications were the subject of some informal advice from the private sector in 2010. I understand that this offer of help from an outside expert on improving communications with the public was undermined by the threat of negative press coverage.

Some contact will involve trusting the media with confidential information. There will also be occasions when negotiation between the MPS and the media will be necessary to ensure accurate reporting. I am concerned that some may use these proper practices to justify a general lack of transparency both in terms of who has contact with the media and what information they provide. Problems like the trading of information or the apparent closeness of some relationships with the media fuel the perception that the business of dealing with the press is by its nature secretive.

"I think if you spend your whole career working on secretive investigations, and concealing information, things like that, which is really, really important, it just goes to your head somehow, sometimes, and you think that you kind of own this information, and you forget that you're there to serve the public."

A Journalist

[...]

In most circumstances police officers and staff providing information to the media should expect to be named. In some instances it may be appropriate for only their role or position to be published. It should always be the case that the information is attributed to the MPS.

The culture of secrecy and the use of "Anonymous briefings" attributed to "police sources" are as stupid and counterproductive as those attributed to "Whitehall sources"

"I phoned up and said 'I've got some questions here', it was almost as though you were asking for them to release something which is privileged information somehow, it's absolutely not. So I just try back channels now, trying other contacts in the Met, going round the back within the slightly kind of shadowy stuff that you have to do to get data, because the front door doesn't work."

A Journalist

It is clear both from speaking to journalists and politicians, and from media reports even during the time of my review, that use of the word 'police source' can mislead. Every time this phrase is used it implies a leak. I have been told that it is also used in situations where the information comes from a different but related organisation such as the MPA, or as a generic term to try and protect the real provenance of a source. It is also sometimes used where the information has been legitimately and formally supplied by the MPS press office. This is a damaging practice with the potential to create a perception that leaks from the MPS are more widespread than they are.

with this caption

Repin, left, was a regular on the party circuit

The obvious question is who are the other 3 people in the photo ?

It is not unreasonable to suppose that anybody who recognises them, will assume that they could be Russian spies or that they are the alleged British potential recruitment targets of Mikhail Repin.

If you save a copy of the image and look at the EXIF meta data with a tool like ExifTool this reveals:

Comment: Russian spy Mikhail Repin (far left) next to Gennady Vladimirov (yellow tie)..At Russian embassy BBQ 2010

Mr Gennady E. Vladimirov was still listed as a Counsellor, a more senior diplomatic rank than Mikhail Repin who was a 3rd Secretary, in the 30th June 2011 London Diplomatic List, but he is no longer listed in the 29th July 2011 London Diplomatic List

Whether that makes him a spy, or not, is unclear.

However, if you click on the Jason Lewis hyperlink, to see which other stories the award winning investigative journalist (who used to work for the Daily Mail / Mail on Sunday), has published recently, you will see this cropped version of the image just showing the face of Mikhail Repin as a smaller thumbnail image with links to the two versions of the story:

However the EXIF meta data for this image reveals:

CC_emb27_russia13.gif...Michael Repin (Russia), Gennady Vladimirov (Russia), Matt Boyles (BMW Park Lane) and Joey Zegerius (BMW Park Lane)

Matt Boyles describes himself on his LinkedIn profile as Sales Manager at BMW Park Lane

Joey Zegarius describes himself on his LinkedIn profile as Official Embassy and Security Car Specialist at BMW Group International & Specialist Sales Division

Were any BMW employees the targets of industrial espionage by the Russians ?

Did the Daily Telegraph nick the photo of Mikhail Repin from Embassy Magazine ?

The original of this photo appears to have been taken (without any acknowledgement by the Daily Telegraph) from the Court Circuit pages of Embassy Magazine:

Embassy Magazine 27 - Court Circular - Russian BBQ

The scene was set for a perfect summer BBQ - a warm evening, lush gardens of the Russian Ambassador's Kensington Palace Gardens residence, kebabs grilled on hot coals and ice-cold vodka cocktails. No wonder the Russian Ambassador's party is one of the favourite events of the summer!

Photo Credit: : PIERRE DE VILLIERS

The original photo image on the Embassy magazine website is called CC_emb27_russia13.gif which ties in exactly with the EXIF Meta Data on the cropped thumbnail image just of Mikhail Replin's face on the Daily Telegraph website.

This Embassy magazine web page also has a photo showing the attendance at the same BBQ event of the Liberal Democrat MP at Simon Hughes, who is also mentioned in the Daily Telegraph story.

Pierre de Villiers is the South African Director of Photography and Multimedia at Embassy Magazine

One of the Premier Partners of Embassy Magazine is, unsurprisingly, BMW International and Specialist Sales

This illustrates the potential threat to anonymity and privacy which even experienced mainstream media organisations like the Daily Telegraph pose, when handling digital images.

See the section on Photo Image Files in Spy Blog's

Technical Hints and Tips for protecting the anonymity of sources for
Whistleblowers, Investigative Journalists,
Campaign Activists and Political Bloggers etc.

http://ht4w.co.uk

Mr Mikhail V. Repin m 3rd Secretary

according to the Daily / Sunday Telegraph

Mikhail Repin: the perfect party guest who was Whitehall spy for the Russians

Russian spy Mikhail Repin was expelled from Britain after he was caught attempting to recruit politicians and senior Whitehall officials as agents.

By Jason Lewis, Investigations Editor

9:00PM GMT 10 Dec 2011

Young, good looking and articulate, he introduced as himself as "Michael" at events at Westminster think tanks and embassy receptions.

A slight accent betraying his foreign roots, the tall, suave, urbane young man mixed easily with politicians, businessmen and policy wonks on the Whitehall drinks party circuit.

But rather than being the fast-track civil servant, defence industry high flier or political adviser that many assumed he was, "Michael" was Mikhail Viktorovich Repin, Third Secretary in the Political Section at the Russian Embassy, and a spy.

Far removed for the caricature image of fictional Soviet agents, Repin had arrived in London in the wake of the murder of dissident former KGB officer Alexander Litvinenko, allegedly on the orders of the Kremlin, after several Russian diplomats had been expelled from Britain.

Within two years he himself had been kicked out of the country following "clear evidence" of spying.

[...]

Repin was part of the political directorate known as "Line PR" and answerable to the most senior spy at the embassy the "Rezident".

His job appears to have been to talent spot potential agents in the political world who were in a position to obtain useful information to give Russia a political or economic advantage.

He set about his task with enthusiasm, attempting to "cultivate" individuals who either currently or in future may be of value to the Russians and quickly came to the attention of MI5 "watchers", from the Security Service's A Branch, tasked with keep Russian diplomats under surveillance.

[...]

Repin left Britain in December 2010. A British diplomat was expelled from Moscow in the now customary tit-for-tat response.

Neither man was named. To do so would break an unspoken "gentlemen's agreement" between the intelligence services in both countries.

Repin's whereabouts are now unknown. His cover is blown and he is unlikely to be given another foreign posting.

There is a second version of the same story online which omits several details:

Russian spy targeted MPs and Whitehall officials

A Russian spy was expelled from Britain after he was caught attempting to recruit politicians and senior Whitehall officials as agents.

By Jason Lewis, Investigations Editor

9:00PM GMT 10 Dec 2011

Mikhail "Michael" Repin, an officer from the Russian foreign intelligence service, the SVR, was thrown out after a surveillance operation highlighted his activities.

Repin, who was officially a Third Secretary in the political section of the Embassy in Kensington Palace Gardens, also approached people with links to British security and defence companies.

[...]

For two years Repin was engaged in talent-spotting British citizens who might provide the Russians with useful intelligence or were connected with someone with access to sensitive information.

[...]

A brief statement from William Hague, the foreign secretary, last December said the Russian embassy in London had been asked to "withdraw a member of their staff from the UK".

The ultimatum was issued "in response to clear evidence of activities by the Russian intelligence services against UK interests," Hague said.

See also Spy Blog - London Diplomatic List archive - Mikhail V. Repin appears on the 6th December 2010 list, but not on the 20th January 2011 one.

Michael Repin was one of the replacements for the 8 Russian diplomats / spies expelled from the Russian Embassy in London in June 2008, after the failed British attempt to extradite or even question Andrei Lugovoi in connection with the astonishing radioactive Polonium murder of Alexander Litvinenko in London.

See Spy Blog analysis of the Russian Diplomats expelled in June 2008 after the Litvinenko Polonium murder

What was the ""clear evidence of spying" ?

Was it actually anything more than the normal Diplomatic cocktail / barbecue party circuit chatter or even attendance at military / intelligence / industrial complex think tank conferences or exhibitions etc ?

Given the weakness of even the secret the "intelligence" supplied by MI5 the Security Service against Ekatarina Zatuliveter in the recent spy deportation debacle, how can can they convince the British public that they should be trusted over Mikhail Repin either ?
Did the "surveillance operation" actually catch Repin making an illicit "recruitment" approach to anyone with access to any real National Security secrets ?

Was there any actual evidence of him operating a Dead Letter Drop or other illicit communications technique ?

By not immediately publishing the names of diplomats / spies expelled from London (regardless of whether they are Russians, Israelis, Iranians, Libyans etc.), the Foreign and Commonwealth Office is only trying to fool the British public, since the foreign press corps, and every other foreign Government, intelligence agency, serious organised criminal or terrorist gang already know such names.

They even try to refuse such information under Freedom of Information Act exemptions, although why these exemptions should be applied to foreigners who are not even in the European Union, is unclear.

See the Spy Blog FOIA request FCO diplomatic expulsions Polonium 210 murder affair category archive.

Has the Daily / Sunday Telegraph decided to break with the "voluntary" Defence Advisory Notice system of mainstream media self censorship ?

Will The Independent or the London Evening Standard newspapers keep silent about this story, given that their proprietor Alexander Lebedev is a former KGB diplomat / spy who was stationed at the Russian Embassy in London ?

Surely it is obvious now even to the most technologically illiterate politicians and Whitehall civil servants, that there is no effective regulation of Communications Data investigation systems.

Communications Data snooping by the Police etc can be a powerful investigative technique, but only when it is clear that it is not being abused.

Public confidence in the use of these techniques has been damaged by allegations (so far without much hard proof) that disreputable tabloid newspapers have been able to gain access to this highly intrusive, private information, which can only have come via corrupt police or intelligence agency or mobile phone network staff.

BBC reports that lawyers in civil cases before Mr Justice Vos have claimed:

http://www.bbc.co.uk/news/uk-15794225

18 November 2011 Last updated at 16:29

NoW hacking victims claim investigator tracked phones

A private investigator was involved in illegally tracking mobile phones, hacking victims have claimed.

Glenn Mulcaire, who was jailed for phone hacking for the News of the World, is linked to the so-called pinging of mobiles and computer hacking, a High Court civil case heard.

Pinging is tightly regulated and restricted to police, security services and a small selection of other bodies.

Mulcaire and News International have yet to respond to the claims in court.

[...]

The allegations were aired at a case management hearing in the civil cases for breach of privacy brought by hacking victims against News International, the owner of the now defunct NoW.

[...]

In July, the Metropolitan Police launched Operation Tuleta, alongside phone-hacking inquiry Operation Weeting, to probe allegations of computer hacking.

Operation Tuleta is examining breach of privacy claims received by police since January.

Sea also the previous Spy Blog article and comments back in July 2011:

NYT: NOTW bought mobile phone location data for $500 a time from corrupt police

N.B. under the Regulation of Investigatory Powers Act 2000, there are no criminal sanctions available against the Police or others who abuse Communications Data, of which Mobile Phone Location Data is a part, although there is a penalty of up to 2 years in prison for illegal Interception of the content of mobile phone voice or data communications, which is what the the News of the two News of the World employees were convicted of back in 2007.

The deliberate loopholes in this lax regime , brought in by the technologically inept yet authoritarian Labour government e.g. the totally ineffective and secretive Interception of Communications Commissioner, have not been tightened up by the dithering Conservative / Liberal Democrat Coalition government,

The proposals to slightly strengthen the roles of the Interception of Communications Commissioner and the Intelligence Services Commissioner and/ or the creation of an Intelligence Services Inspector General outlined in the recent Green Paper on Justice and Security , do not apply to "normal" Police cases.
.

Commission Regulation (EU) No 1141/2011 of 10 November 2011 amending Regulation (EC) No 272/2009 supplementing the common basic standards on civil aviation security as regards the use of security scanners at EU airports (.pdf)

5) The Commission has requested its Scientific Committee on Emerging and Newly Identified Health Risks (SCENIHR) to assess the possible effects of security scanners which use ionising radiation to human health Without prejudice to Council Directive 96/29/Euratom of 13 May 1996 laying down basic safety standards for the protection of the health of workers and the general public against the dangers arising from ionizing radiation (³) and of Directive 2006/95/EC of the European Parliament and of the Council of 12 December 2006 on the harmonisation of the laws of Member States relating to electrical equipment designed for use within certain voltage limits (⁴), at this stage, to safeguard citizens' health and safety, only security scanners which do not use ionising radiation are added to the list of allowed methods for passenger screening for aviation security purposes.

(³) OJ L 159, 29.6.1996, p. 1.
(⁴) OJ L 374, 27.12.2006, p. 10

ionizing / ionising

Watch out for sneaky lobbying by the Backscatter X-Ray imager manufacturers e.g. Rapiscan, to try to get their products added to the authorised list in the future.

(7) By laying down specific operational conditions on the use of security scanners and by providing passengers with the possibility to undergo alternative screening methods, this Regulation, together with the specific implementing rules adopted pursuant to Article 4(3) of Regulation (EC) No 300/2008, respects fundamental rights and observes the principles recognised in particular by the Charter of Fundamental Rights of the European Union, including respect for human dignity and for private and family life, the right to the protection of personal data, the rights of the child, the right to freedom of religion and the prohibition of discrimi­nation. This Regulation must be applied according to these rights and principles.

The appalling Manchester Airport scheme promoted by the Labour government under Gordon Brown (hatred for which does not dim with the passage of time), breaks both of these sections of the Regulation.

See Manchester Airport "child porn" Rapiscan X-ray scanner trial - why now, after all the other trials at airports or railway stations failed ?

It uses a forbidden (for now) ionising radiation Backscatter X-Ray imager and it disobeys the Charter of Fundamental Rights of the European Union by deliberately not permitting an alternative, e.g. pat down search, if passengers refuse to allow themselves or their children to be snooped on by these unnecessary imaging machines and then prevented from flying (regardless of how many security staff are standing around idly).

This Regulation shall enter into force on the 20th day following its publication in the Official Journal of the European Union
.
This Regulation shall be binding in its entirety and directly applicable in all Member States.

Done at Brussels, 10 November 2011.

The Publication of this body scanner regulation in The Official Journal of the European Union was on the 11th November 2011 (available online from the 15th November 2011)

Therefore this EU Regulations comes into force on Thursday 1st December 2011.

Watch out for Active and Passive Millimetre Wave radar scanners instead.

Remember that Millimetre Wave and TeraHertz scanners / imagers are prone to the effects of wet clothing e.g. during rain or snow.

According to

Dossier COM/2010/0311 Communication from the Commission to the European Parliament and the Council on the Use of Security Scanners at EU airports

53. Existing technical facilities allow blurring the face and/or parts of the body not needed for further analysis of the absence of prohibited articles. Equally, it is technically possible to produce instead of real images of the body only a mannequin or a stick figure, which does not reveal any real parts of the screened person's body, but only identifies the location for further search.

It seems that the EU Commission was hoping to ban the use of images entirely , but there seems to have been lobbying from manufacturers who have not yet converted their systems to use synthetic "stick figure" displays to show the approximate locations of suspicious objects,without betraying any actual "naked" human images.

Even if they fail to answer all of the sections to your satisfaction, such letters might prompt Members of Parliament and other elected representatives to improve the privacy and security of our correspondence with them.

Without an adequate assurance of such privacy and confidentiality, there really is no point in contacting a Member of Parliament,. especially if the issues you are trying to discuss with them actually involve potential snoopers such as government officials or the tabloid media etc.

You can also also send such letter to your other Elected Representatives e.g. your Local Councillors, Members of the European Parliament, Members of the Scottish Parliament, the Welsh Assembly, the Northern Irish Assembly or the London Assembly etc.

See http://www.writetothem.com/

Download:
Model_Letter_MP_Constituency_Correspondence_Data_Protection.rtf

Dear [Member of Parliament]

I am writing to you as one of your Constituents

There have been a couple of recent scandals, regarding the inept handling of Sensitive Personal Data included within supposedly privileged Constituency correspondence by two Government Ministers, Oliver Letwin (in St. James Park)

http://www.mirror.co.uk/news/politics/2011/10/14/oliver-letwin-caught-throwing-away-secret-papers-in-public-bins-115875-23487379/

and Vince Cable (at his Constituency office):

http://www.richmondandtwickenhamtimes.co.uk/news/vince_cable/9345785.EXCLUSIVE__Vince_Cable_s_office_puts_details_at_risk/

Please fill in this short survey, about the commonplace, very basic, Data Protection measures, which you need to be taking, in order to comply with the Data Protection Act 1998. These precautions are routinely taken even by small businesses and voluntary sector organisations, without the benefit of taxpayer funded office allowances.

Unless you can reassure your Constituents and the wider General Public, that you do actually pay more than lip service to the almost universal claim that MPs take the privacy of the privileged correspondence with their constituents "seriously", you will turn even more people off mainstream democratic politics and into the arms of extremists.

I would greatly appreciate some reassurance about your Data Protection arrangements for handling my Constituency Correspondence with you, my elected Member of Parliament.

Please fill out the applicable Questions below

Yours sincerely

[name]

[address]

Please mark the sections which apply to your and your staff's handling of Constituency Correspondence within the square brackets:

What is your Registration Number on the Register of Data Controllers under the Data Protection Act 1998: [................]

http://www.ico.gov.uk/ESDWebPages/search.asp

How many of your paid staff could have access to Constituency Correspondence ? [...]

How many unpaid volunteers or interns could have access to Constituency Correspondence ? [...]

Do you receive and / or store originals or copies of Constituency Correspondence at:

Constituency Office [...]

Main Private Home [...]

Second Private Home [...]

nth Private Home [...]

Ministerial Office [...]

Palace of Westminster Office [...]

Portcullis House Office [...]

Norman Shaw Buildings Office [...]

Other Offices [...]

On Public Transport [...]

In Cars [...]

Secure Disposal of Paper Printouts or Photocopies of electronic documents or emails or written or typed Constituency Correspondence:

Do you and your staff have access to a
Cross Cut paper shredder at each of your Constituency Correspondence handling locations ? [...]

How is the shredded paper disposed of ?

Do you use any Secure Shredding / Disposal service which collects

a) unshredded paper documents [...]

b) shredded paper documents [...]

c) floppy disk, CD, DVD, USB [...]

Are the plastic bags full of Confidential Waste collected from within the building ? [...]

Or are they left outside for collection ? [...]

Do you simply rely on the normal Local Council Refuse Collection i.e. left outside the building ? [...]

Do you rely on your staff to dispose of Confidential Waste away from your offices ? [...]

Computer Encryption

Do you protect Constituency Correspondence held electronically with :

Full Disk Encryption [...]

Encrypted Data Volumes or Folders [...]

PGP

Do you publish a PGP Public Encryption Key, for use by whistleblowers and confidential informants ? [...]

If so, what is its PGP ID: [................]

Electronic documents and email correspondence etc.

Do you or your staff access your Constituency Correspondence electronic mail through a Web Mail account e.g. gmail or hotmail or yahoo etc.? [...]

Do you use your Web Mail via an encrypted session i.e. https:// ? [...]

Does the Web Contact form on your constituency website operate via an encrypted session https:// session using a Digital Certificate ? [...]

Computers

Do you store Constituency Correspondence on:

Office file servers [...]

Desktop computers [...]

Laptop computers [...]

Netbooks [...]

Smart Phones [...]

Removable Computer Media

Do you store Constituency Correspondence on:

External USB disk drives [...]

USB flash memory sticks [...]

SD card or MMC etc. flash memory for digital cameras or mobile phones [...]

Floppy disk [...]

CD [...]

DVD [...]

Blue Ray [...]

Tape [...]

Virtual Private Networking

Do you or your staff have remote access from home etc. to your office computers ? [...]

Do you use dedicated encrypted Virtual Private Network software / hardware ? [...]

Do you make use of third party web based VPN or remote access services e.g. Logmein, GoToMyPC etc ? [...]

WiFi network

WiFi wireless networking is convenient, but it can allow people who are physically outside your premises to access your internal computer systems:

Do your Internet Routers also act as a WiFi Access Points? [...]

Is your WiFi network currently set to use Encryption ? [...]

Is the WiFi encryption AES Pre Shared Key / PSK2 (the only WiFi encryption option which cannot now be broken in near real time by hackers or snoopers)? [...]

Secure Disposal of old office / computer equipment

There is a temptation to be "green" and to attempt to recycle old electronic equipment, which sometimes should instead be physically destroyed, if it contains sensitive data:

Is any data on old computers securely deleted, before they are handed over for recycling or Waste Electrical and Electronic Equipment (WEEE) disposal ? [...]

Are heavy duty Scanner / Photocopier / Printers with internal hard disks securely wiped when they are disposed of or when they are replaced under leasing arrangements ? [...]

Are emails or SMS text messages, Diary entries and Address Book Contacts securely wiped from mobile phones, smart phones, or tablets, when these are replaced ? [...]

---

This is Privileged electronic correspondence between a Constituent and his Member of Parliament.

Interception of this electronic communication without a warrant signed by a Secretary of State is a criminal offence with a penalty of up to 2 years in prison, under the Regulation of Investigatory Powers Act 2000.

No such warrant can be granted because of the "Wilson Doctrine" ordered by then Prime Minister Harold Wilson, and re-affirmed by every Prime Minister since then c.f. Commons Hansard Oral Answers, 17th November 1966, Column 634

• Green Paper on Justice and Security (.pdf)

• Impact Assessment (.pdf)
  

Some Spy Blog observations on:

• Nobbling civil cases and inquests

• Still no proposals about Intercept As Evidence

• Intelligence and Security Committee

• Raising the public profile of a couple of the RIPA Commissioners

• Inspector General

• Spy Blog suggestions

• Respond to the Consultation
  

Nobbling civil cases and inquests

The first section seems to be about various proposed legalistic fiddles to the evidence procedures civil cases and Inquests.

They seem to be proposing to infect civil courts and inquests with the same wretched Special Advocate / Closed Material Procedures schemes which were introduced under Labour for the ineffective Special Immigrations Appeals Tribunal (SIAC) and the Proscribed Organisations Appeal Commission (which rarely does anything at all).

They also appear to be trying to nobble the use of Norwich Pharmacal orders (a rarely used legal precedent which allows a third party not directly involved in a civil case, to be ordered to hand over information or evidence which is pertinent). Such orders have recently been applied to cases tainted with "national security" or "intelligence" rather than actual evidence.

If you believe the Green Paper, this is to allow better, more accurate "justice" in cases cases which involve genuine "national security" secrets, which might otherwise have to be abandoned or settled out of court by the government to preserve "the public interest" in secrecy.

The increasingly hated and incompetent previous Labour government always cloaked its repressive legislative onslaught on our civil liberties and freedoms with Orwellian newspeak and the Coalition seems to be following suit.

Whilst there is a case for keeping genuine time limited tactical intelligence, or the specific details of still viable technological intelligence gathering techniques, or the identities of Covert Human Intelligence Sources secret, there is no trustworthy mechanism for limiting such secrecy only to such examples.

Far too often, the "national security" classification of documents or witness testimony is really about preventing embarrassment to politicians, mandarins and apparatchiki in Whitehall etc.e.g. the torture claims case of Binyam Mohamed and the inquest into the "Friendly Fire" deaths of UK military personnel caused by trigger happy US Air Force ground attack aircraft pilots in Afghanistan etc.

It is all about maintaining the fiction of the appearance of "The Control Principle"

We expect our intelligence partners to protect our material when we share it with them, and we must be able to deliver the same protection of their material.

Confidence built up over many years can all too quickly be undermined. That is why, if the trust of the UK's foreign 'liaison' partners is to be maintained, there should be no disclosure of the content or fact of the intelligence exchange with them without their consent. This is known as the Control Principle.

The United States government, for example, regularly betrays this Control Principle, either through incompetence, or when it suits them politically e.g.

• Leaving Diplomatic Cables involving the United Kingdom or our allies on vulnerable computer systems accessible by millions of low level US military personnel, bureaucrats and defence contractors, to then be published "for maximum impact" by the Wikileaks.org cult.

• Several UK anti-terrorism raids involving international plots, have had to be rushed too early, before the alleged plotters have actually got their hands on any explosives or weapons or money etc.because the US government crowed about them in public, thereby perhaps tipping off some of the suspects.
  

Is this Control Principle going to be applied to all of the secret MI6 correspondence recently retrieved by journalists and human rights activists from abandoned government offices in Libya ?

In the Binyam Mohamed case, which is what led directly to the still not yet properly running Detainee Inquiry on UK Government complicity in torture, the "intelligence material" details in dispute had already been made public in the USA, but the UK government persisted in wasting public money on legal appeals to pretend to be upholding the "Control Principle".

Still no proposals about Intercept As Evidence

A major failing of this Green Paper is the lack of anything about the policy of No Intercept As Evidence.

This is Yet Another Broken Promise by the Coalition government - both the Conservatives and the Liberal Democrats claimed that they would sort this out, when making thei increasingly worthless pre-election promises. The Labour party, is as usual, failing to hold the government to account, presumably because they dare not remind people of their own repressive mendacity.

Whitehall is still dithering about this after all these years, with the "Advisory Group of Privy Counsellors" chaired by Sir John Chilcot, not actively doing anything about it, as he is presumably busy giving the likes of Tony Blair etc. an easy time of it over at the still running Iraq Inquiry anyway. - see the previous Spy Blog article Intercept as Evidence Report - £2.5 million spent and still no workable "legal model"

Intelligence and Security Committee

The slightly more interesting section is on proposed reforms to the Intelligence and Security Committee and the Regulation of Investigatory Powers Act 2000 Commissioners - The Intelligence Services Commissioner and the Interception of Communications Commissioner

All of these suffer from a lack of public visibility amongst the general public and a vast amount of scepticism about their effectiveness amongst those of us who do actually bother to read their censored public reports.

Question: What changes to the ISC could best improve the effectiveness and credibility of the Committee in overseeing the Government's intelligence activities?

3.4 The Government recognises the criticisms that have been made about current oversight arrangements, particularly that they do not provide sufficient public reassurance that current scrutiny is effective.

The Government does not want the ISC to have even the weak powers of a Select Committee

3.18 A possible option would be to change the status of the ISC to that of a departmental select committee. Departmental select committees have a remit 'to examine the expenditure, administration and policy' of the relevant government department and associated public bodies. A Standing Order, which would need to be renewed each Parliament, could cover appropriate handling of sensitive material, accommodation, staffing and reporting. Creating a select committee would result in oversight being demonstrably undertaken by Parliament.

3.19 However, under such arrangements the Government would clearly have no veto on publication of sensitive material.

That is the whole point !

There would be a real risk that, with fewer safeguards in place than under the present arrangements, Agency Heads would find it hard to reconcile their statutory duty to protect information with their statutory duty to facilitate parliamentary oversight.

Contempt of Parliament and contempt for the general public.

Sharing of less sensitive information and a corresponding reduction in both the credibility and effectiveness of the oversight the committee provided could be the result.

For these reasons, the Government believes this option should not be taken forward.

How can this be less effective or less credible than the current milksop that is the Intelligence and Security Committee ?

3.23 As the ISC has developed its role it has, with the agreement of previous and current governments, taken evidence from bodies beyond the three Agencies which are a part of the wider intelligence community within government These include Defence Intelligence in the Ministry of Defence (MOD), the Office for Security and Counter-Terrorism in the Home Office and the central government intelligence machinery in the
Cabinet Office (including the Joint Intelligence Organisation). It has also, in its annual reports, made recommendations relating to those bodies. The ISC has proposed that this role should be formalised.

3.24 These bodies are part of larger departments (MOD, Cabinet Office and Home Office) which are overseen by the appropriate departmental select committee. However, where the work of these organisations relates directly to intelligence material, the relevant departmental select committees are not able to provide oversight. The Government proposes formally to recognise the wider role the ISC should play in overseeing the Government's intelligence activities by enabling it to take evidence from any department or body in the wider intelligence community about intelligence-related activity where to do so would help the ISC provides coherent intelligence oversight. This development would not affect the primary accountability of those bodies to the relevant departmental select committee of the House of Commons.

It is obvious that even Members of the Select Committee on Defence, like the Liberal Democrat MP Mike Hancock are not actually trusted with any secrets:

Why is Sir Stephen Lander (ex DG of MI5) involved in the SIAC deportation case of Katia Zatuliveter ?

However, what in the USA would be the criminal act of acting as an Unregistered Agent of a Foreign Government, is tolerated and encouraged by UK Ministers and top Civil Service mandarins, when it comes to commercial or political lobbyists as revealed in the Liam Fox / Adam Werrity scandal.

Accommodation, staffing and budget

3.31 We are considering possible changes to the ISC's staffing, accommodation and funding with a view to strengthening both the ISC's actual and symbolic connection to Parliament. The most tangible physical demonstration of independence, and a natural consequence of the ISC becoming a Committee of Parliament, would be to make
arrangements with the parliamentary authorities for the ISC to be accommodated in suitably secure premises on the parliamentary estate, rather than on the government estate. Similarly, its staff could have the status of parliamentary staff (rather than departmental civil servants based in the Cabinet Office), and its budget funded directly from parliamentary appropriation rather than the Cabinet Office's departmental budget.

3.32 The Government accepts that some of the proposals in this section, if implemented, would require a modest uplift in the Committee's current levels of resourcing. The ISC itself has made a case for an increase in its resourcing. Following decisions on next steps after this consultation, the Government - with the parliamentary authorities if the above plans are taken forward - proposes to review the level of resourcing that the ISC requires to support it in the discharge of its functions and the nature of the skills the Committee requires to have at its disposal.

How about an actual Investigative team with access to scientific forensic techniques for examining paper and computer documents ?

How about some forensic accountants who can "follow the money" any suspected trail of waste and corruption involving secret projects ?

How about proper secure and anonymous electronic and physical communications facilities, which the UK intelligence agencies are expressly forbidden from snooping on ?

How about a comprehensive intelligence agency whistleblower protection scheme backed up by criminal sanctions, to encourage internal whistleblowers who may have important allegations or evidence to bring forward to the ISC, without the fear of being detected or punished by their work colleagues or bosses.

See Spy Blog letter to the Detainee Inquiry re: lack of whistleblower anonymity protection and immunity from prosecution

Access to information

3.36 Under current legislation the ISC requests information from the Heads of the three Agencies who can, in theory, decline to disclose information if it is 'sensitive' (as defined by ISA - which could include information about sources or methods or relating to articular operations or which has been provided by foreign partners who do not consent to its onward disclosure). An Agency Head's refusal to disclose such information to the ISC can be overturned by the relevant Secretary of State on public interest grounds. In practice,

Agency Heads have rarely refused an ISC request for information.

The fact that they have actually done so repeatedly in the past, has been revealed in the public section of several of the ISC's censored Annual Reports.

The Government agrees with the ISC's proposal that the Committee should be given the power to require information from the intelligence Agencies. The Government also agrees with the ISC proposal that this should be subject only to a veto exercisable by the relevant Secretary of State, rather than by the Head of the individual Agency, as now.

About time too, although what actual difference the location of the exercise of such a veto will actually make in practice, remains to be seen.

Raising the public profile of a couple of the RIPA Commissioners

The Commissioners

The role of the Commissioners in intelligence oversight

3.39 Independent oversight of the Agencies is provided by the Intelligence Services Commissioner and the Interception of Communications Commissioner. The Commissioners are appointed by the Prime Minister for a (renewable) period of three years and must hold or have held high judicial office.

The Intelligence Services Commissioner's central function is to keep under review the issue of warrants by the Secretary of State, including those authorising intrusive surveillance (e.g. eavesdropping) and interference with property, in order to make sure that the Secretary of State's issue of the warrants was in compliance with legal requirements. The Interception of Communications Commissioner's central function is to keep under review the issue of warrants for the interception of communications. More details of the remits of the Commissioners can be found at Appendix G.

3.43 The Government proposes that the Commissioners' ability to discharge these types of duties is placed on a statutory footing, in order to ensure transparency, coherence and a clear basis of authority. This would need to be broad enough to cover current non-statutory duties and also a range of potential future duties. The Government proposes that this is done by adding a general responsibility for overseeing the effectiveness of operational policies to the statutory remit of the Intelligence Services Commissioner, who would maintain responsibility for monitoring compliance by the Agencies with the necessary legal requirements in the exercise of their intrusive powers. The specific areas on which the Commissioner focuses at any one time would need to be agreed, on an ongoing basis, with the appropriate Secretary of State.

3.44 The effectiveness and value of the Commissioners in providing assurance and challenge to Ministers is not in doubt.

Yes there is plenty of doubt !

They are highly respected former members of the judiciary whose experience and insight is invaluable in checking the necessity and proportionality of the use of the Agencies' intrusive powers. However, their low public profile means that they play a lesser role in providing assurance to the general public that the activities of the Agencies are at all times reasonable, proportionate, necessary and compliant with all legal obligations. A number of steps have been taken recently to increase the public profile of the Commissioners. The Commissioners' most recent annual reports have been revised to make them more readable and with the inclusion of more qualitative information of potential interest to readers. A new dedicated website for the Commissioners has been established and is expected to go-live around the time of publication of this Paper. These steps are important as they allow the Commissioners to explain to the public how their offices work, what they do and how they link into other elements of the oversight landscape. The Government considers that future appointments should bear in mind the importance of the public element of the Commissioner role.

This "new dedicated website for the Commissioners " got off to a typically inept start:

MI5 inspector's website shut down after security blunder

Inspector General

The Government have also floated the idea of an Inspector General, but their proposal in Appendix I is rather half hearted:

Question: Are more far-reaching intelligence oversight reform proposals preferable, for instance through the creation of an Inspector-General?

Appendix I
Possible model for an Inspector-General

1. An Inspector-General (IG) could oversee the powers and policies of the security and intelligence agencies and retrospectively review their operational activity. An IG for the Agencies could replace the Intelligence Services Commissioner and part of the remit of the Interception of Communications Commissioner.

2. An IG could be responsible for oversight of all the Agencies' covert investigation techniques, including the use of authorisations under the Intelligence Services Act 1994, and use by the Agencies of powers under the Regulation of Investigatory Powers Act 2000 (RIPA) Part I Chapter I (interception) and Chapter II (communications data), Part II (surveillance and CHIS) and Part III (encrypted data). It could also be responsible for oversight of requirements arising out of new government policies or legislation or the development of new practices. The IG could also provide legal advice and guidance to the Agencies on the use of their covert investigative techniques.

Doesn't the existing role of Intelligence Services Commissioner already do this ?

3. An IG could review the policies and procedures of the Agencies that relate to operational activities, including ethical matters. Ethical matters could be referred from, and reviewed, in close co-operation with the Staff Counsellor.

Who are these Staff Counsellors to which intelligence agency whistleblowers could complain to regarding, say, ethical concerns they have about intelligence operations involving torture or excessive snooping on innocent people ?

Rt. Hon. Sir John Chilcot "was Staff Counsellor to the Security and Intelligence Agencies (1999-2004) and the National Criminal Intelligence Service (2002-06). "

What a small, cosy world there seems to be amongst senior Whitehall mandarins and Judges, even after they retire.

If you were a whistleblower within these organisations today, would you trust

1. The personal integrity of such a former Whitehall mandarin or retired senior Judge - probably yes

2. His Operational Security technical computer, communications and "Moscow rules" style anti-surveillance tradecraft, to keep your identity secret from your work colleagues and managers and from other intelligence agencies - almost certainly not
   

4. An IG could have a retrospective review function that would include the ability to launch its own enquiries into past Agency operational activity. It could have a right to request intelligence, subject to Ministerial veto.

That would be a change from the current RIPA only remit of the intelligence Services Commissioner.

5. This would create two distinct oversight bodies: one focused on the Agencies, and one on all other public authorities with RIPA powers.

The risk of this approach is that oversight of interception would be split between two different bodies, possibly leading to different standards or approaches emerging. This would need to be managed and would not necessarily be straightforward.

Oversight of Interception is not as much of a problem as the lack of proper oversight of the vastly larger number of requests / demands for Communications Data, something which the existing Interception of Communications Commissioner fails to satisfy the demand for public accountability.

6. The IG could have a statutory duty to consult the Prime Minister on its annual work programme. It could produce an annual report for the Prime Minister, and publish reports on the outcome of the retrospective enquiries into Agency operational activity and reviews into operational policies. The IG could have a duty to develop an effective public profile for its work.

There must be clear, very effective methods for members of the public and for whistleblowers to contact the Inspector General , securely and anonymously, in the first instance, without the technical or legal risk of being snooped by the very intelligence agencies that they might be complaining about or about which they are providing evidence of wrongdoing or incompetence or corruption etc.

A single, censored, RIPA Commissioner or Intelligence Security Committee style Annual report to the Prime Minister absolutely will not inspire any public or even Parliamentary confidence whatsoever.

Any such reports should be made directly to Parliament, like the Information Commissioner.

7. An IG could be appointed by, and answerable to, the Prime Minister. The post could have some form of pre-appointment scrutiny by Parliament and/or could be advertised publicly. The role could be filled by a suitably experienced judge. If this was not a judicial appointment, the IG could be a senior civil servant but would need to be supported by a legal adviser with the appropriate legal and/or judicial experience. The IG could head up a team which would include a Secretariat and specialists with responsibility for aspects of the work of the IG (e.g. interception)

No! The post should be independent of the executive arm of government i.e. it should be an appointment by the Queen, just like a High Court Judge.

Spy Blog suggestions

Question: What combination of existing or reformed arrangements can best ensure credible, effective and flexible independent oversight of the activities of the intelligence community in order to meet the national security challenges of today and of the future?

Question: With the aim of achieving the right balance in the intelligence oversight system overall, what is the right emphasis between reform of parliamentary oversight and other independent oversight?

Question: What changes to the Commissioners' existing remit can best enhance the valuable role they play in intelligence oversight and ensure that their role will continue to be effective for the future? How can their role be made more public facing?

A few Spy Blog suggestions which apply to the RIPA Commissioners or the proposed Inspector General and to the supposedly beefed up Intelligence and Security Committee

1. How about some photos etc. of the Commissioners (or the Inspector General) on their website ? Like Sir Peter Gibson (ex Intelligence Services Commissioner) on the Detainee Inquiry website (if they can get the hang of Wordpress hosted in Amazon S3 cloud) ?

   

   Rt. Hon. Sir Paul Kennedy, Interception of Communications Commissioner (photo UPPA Ltd via Daily Mail)

   

   Rt. Hon. Sir Mark Waller, Intelligence Services Commissioner (photo via Serle Court Chambers)

2. How about proper whistleblowing secure and anonymous contact web forms, email, postal address, mobile phones etc. for tip offs and whistleblowers ?


3. Statutory whistleblower protection counteracting the exemptions to current "normal" employment, and the various "national security" legislation


4. "Wilson Doctrine" extension to the Commissioners / Inspector General and the Intelligence and Security Committee and also their staff and families. This would apply to their public duties and to whistleblower related communications, but obviously not to investigations into private corruption etc.


5. Criminal sanctions including prison and unlimited fines for breaches of these rules by the intelligence agencies or the police or private sector sub-contractors etc.


6. Multi million pound budget and staff to handle enquiries from the public and the media - very cheap when compared to the lack of intelligence sources caused by mistrust of the agencies


7. Inclusion within the Freedom of Information Act regime, with the proviso that most of the National Security exemptions will apply to most of their casework and investigations. However requests about the Commissioners / Inspector General offices themselves e.g. number of complaints, waiting time for complaints to be processed or investigated etc should be made public without question or delay.


8. Statutory basis for the oversight of Prisons, which was lumped onto the Interception of Communications Commissioner by Gordon Brown, and which takes up a huge amount of his time and resources

Respond to the Consultation

Is it worth bothering to submit these to the formal Consultation process ?

There is an unencrypted web form:

http://consultation.cabinetoffice.gov.uk/justiceandsecurity/the-consultation

Email: justiceandsecurity@cabinet-office.x.gsi.gov.uk

Post: Justice and Security Consultation, Room 335, Cabinet Office, 70 Whitehall, London, SW1A 2AS

by Friday 6th January 2012

• Authority to Carry consultation document (PDF file - 328kb)
• Impact assessment - Implementation of authority-to-carry scheme (PDF file - 421kb)
• Equality impact assessment - Implementation of authority-to-carry scheme (PDF file - 278kb)

Note the lack of any Privacy Impact Assessment, despite the plans for automated snooping on the travel data of millions of innocent passengers a year.

The Consultation document asks

12. The Authority to Carry Scheme takes its name from legislation. Are the meanings of the terms 'authority to carry' and 'refusal' or 'denial' of authority to carry clear? If not, are there different terms which may be clearer?

c.f. Section 124 of Nationality, Immigration and Asylum Act 2002

When we first read the words "Authority to Carry Scheme" in the context of Aviation Security, we assumed that it was something to do with the ineffective and dangerous schemes for allowing firearms on to passenger flights favoured by gun crazy Americans, involving armed Air Marshals or Airline Pilots etc. - did none of them watch the film Con Air ?

However it appears to be another plan for an extension of bureaucratic snooping on innocent people, with no reasonable chance of ever achieving its stated aims.

Like the previous incompetent yet authoritarian Labour regime, the current Conservative / Liberal Democrat coalition is paying lip service to civil liberties and human rights.

Civil liberties are at the heart of the Government's approach to counter-terrorism and it will be important to ensure these proposals give consideration to people's freedoms.

[...]

Measures will be put in place to minimise the potential for members of the travelling public to be mistakenly identified as an individual whom an airline should be denied authority to carry under these arrangements.

Rubbish !

Nowhere in this plan is there any mention of any system for rapid, public apology, generous financial compensation and the effective purging of the libellous toxic database entries, shared around the world, which put a black mark against the name of an innocent person wrongly identified as a terrorist.

There is no mention of the six figure legal costs to the Government and the Airline industry which will result from libel cases etc. when they falsely accuse some innocent passengers as terrorist suspects.

The Home Office civil servants and politicians still live in a fantasy world and are seeking to justify spending millions, or even billions of pounds of other people's money on a feeble Black Swan Event scenario, which even their astonishing Impact Assessment admits will have a massive rate of False Positives and which may never prevent any terrorist attack, before the policy and its underlying assumptions are changed.

No doubt some terrorist plots will be foiled by the work of the intelligence agencies, the police or the vigilance of the general public, in spite of this policy, but not because of it.

Impact Assessment page 9

Between 1999 and 2009, there were ten major terrorist plots in the UK : The shoe bomb plot (2001), Ricin bomb plot (2003), fertiliser bomb plot (Operation Crevice, 2003), London transport attacks of 7 July 2005 and 21 July 2005, transatlantic liquid bomb plot (Operation Overt, 2006), Haymarket car bombs and Glasgow airport attack (Operation Seagram,2007), Ibrahim suicide vests (Operation Vulcanise, 2008) and the Exeter bombing (2009). Of these, just one (7 July 2005) was successful; the rest were either disrupted prior to execution by the police, or failed after execution due to perpetrator error or police intervention.

Using assumptions about the potential fatalities, casualties, property damage and tourism losses that each of these attacks could have caused, it was estimated that the average cost of these terrorist attacks, had they each been successfully executed, would be in the region £950m - £1.64bn. Given the current 'success rate' (1/10) and frequency of attacks (10 per decade), it is estimated that in an average decade, terrorist attacks will cost the UK economy £828m - £1.43bn .

None of these "major terrorist plots", most of which did not even involve airline flights at all, could have been prevented by the proposed "Authority to Carry Scheme" policy, but they are being used as the "benefit" calculation justification !

These cases are also being used to justify the budgets of MI5, MI6, GCHQ, the Metropolitan Police etc..

The "shutting the stable door after the horse has bolted" policy driver appears to be the Christmas 2009 "underpants bomber" case of Umar Farouk Abdulmutallab - the intelligence agency communications failures in that case, which did not involve the United Kingdom at all, would not have been mitigated by this proposed Aviation Security pre-flight Passenger Name database "Authority to Carry" scheme.

Neither would the "Authority to Carry Scheme" have prevented the visits of the Norwegian mass murderer Anders Behring Breivik to or from the UK.

Impact Assessment Page 10

- The manual system is assumed to be 99% effective, and the automated system 100% effective

- The number of false positives is assumed to be equal to the number of individuals correctly identified (i.e. 2.25 individuals per annum)

We simply do not agree with these ridiculous assumptions.

Given the hundreds of millions of airline passenger flights at UK airports every year, where exactly have they come up with these figures from ?

Where are the assumed figures for the number of False Negatives ?

Where are the figures of the number of terrorist suspects travelling on fake or genuine but falsely obtained Passports etc ?

Impact Assessment Page 12

These figures are based on data about all major terrorist plots to the UK, rather than using only those plots aimed at journeys in transit to the UK.

If they did that, then there would be no basis for this policy at all !

The Conservative / Liberal Democrat coalition have dithered over their pre-election promises regarding our freedoms and rights which were under such legislative assault by the previous Labour government.

Will they demonstrate that they are better than Labour and actually drop this proposed Aviation Snooping scheme on human rights grounds, rather than on "big cost / no financial benefit" grounds ?

If you care about your privacy and freedom, then put political pressure on the Coalition government to actually fulfil their pre-election promises and stop them from proposing inept, repressive, Labour style "technological magic fixes", by supporting the cross-party NO2ID Campaign

Text of the Impact Assessment: ]]> https://p10.secure.hostingprod.com/@spyblog.org.uk/ssl/spyblog/2011/10/15/aviation-insecurity---black-swan-event-fantasy-justification-for-more-bureaucrat.html https://p10.secure.hostingprod.com/@spyblog.org.uk/ssl/spyblog/2011/10/15/aviation-insecurity---black-swan-event-fantasy-justification-for-more-bureaucrat.html Bureaucracy Passenger Name Records Transport snoopers Sat, 15 Oct 2011 09:23:40 +0000 if you are a potential whistleblower or an investigative journalist or political blogger or even a police or intelligence agency handler of Covert Human Intelligence Sources (CHIS), you may well need to obtain or recommend, a hard (but not impossible) to trace, disposable "burner" pre-paid mobile phone, to arrange face to face meetings or document / data / money etc. dead drops.

If you have established initial contact with a potential confidential source or whistleblower, at least do them the basic security courtesy of not having to share a contact number with other confidential sources - an investigation into one such source, may very well draw attention to and betray the identities of other unrelated sources who have contacted the same phone number.

See our Hints & Tips for Whistleblowers etc. article: Buying a pre-paid phone card or mobile top up calling credit voucher anonymously

Tesco supermarkets are currently selling what they claim to be the "Cheapest Unlocked Mobile on the High Street" for under £10:

This is a very basic voice and SMS only phone (no camera, no removable SD memory etc.) but consequently with a long standby battery life (a claimed 560 hours i.e. over 3 weeks), so it could be used as a disposable Tracking device, if registered with a web map phone tracking service.

The choice of Free SIM cards (otherwise available for 99p each) is: Lycamobile and Lebara (often used for cheap international calls) and the main UK brand names i.e Vodafone, Orange, O2, T-Mobile and Virgin.

Tempting as it is to buy two or more such cheap phones (for the spare battery and power charger alone), do not do so from Tesco. They seem to have an arbitrary, unpublished or poorly advertised "rationing" policy in place, limiting the number of such "bargain" phones which an individual customer can buy at a time e.g. "one per customer in 24 hours".

You do not want the supermarket checkout operator to have to "consult" with the floor supervisor or have to argue about how many phones you are allowed to buy, not if you are trying to remain forgotten and anonymous in case of future whistleblower leak investigations.

Obviously if you are getting a trusted third party to buy the pre-paid mobile phone for you, this may be less of a risk to consider.

Conflict of interest row as ex-MI5 chief rules on fate of Russian 'spy', accused of using her job in Parliament to snoop on Britain

By Robert Verkaik

Last updated at 1:56 AM on 25th September 2011

A former head of MI5 is at the centre of a row over his role in deciding whether a young Russian woman accused of using her job in Parliament to spy on Britain should be sent back to her home country.

Sir Stephen Lander, the former director-general of the security service, is to sit on a panel of judges who will rule on whether Katia Zatuliveter should be deported.

Miss Zatuliveter, 25, who worked for Liberal Democrat MP Mike Hancock, was arrested last year, reportedly on the orders of MI5.

Sir Stephen was once responsible for combating Russia's spy threat and his appointment to the special immigration panel to hear Miss Zatuliveter's case next month has prompted accusations of bias.

if a British citizen was facing a similar secret tribunal in a foreign country, one of whose members was the former head of their national counter-intelligence service, what would the British government do about it ?

Even if Sir Stephen is actually scrupulously fair in his role in this case, he can never be seen to be an unbiased official of the court.

The SIAC was set up to hear appeals from foreign nationals who the Home Secretary wishes to remove from the UK on grounds of national security. Some of the evidence in Miss Zatuliveter's case is considered so sensitive it can only be given in secret. Sir Stephen's role will be to help the two judges on the panel weigh up this secret evidence.

Miss Zatuliveter, who will not be allowed to know the secret evidence against her, was interviewed by MI5 officers four or five times last year.

Officials were said to have grilled her about her alleged connections to Russia's security service and appeared to know details of her love life, suggesting that she was under surveillance. She is said to have had a meeting at Portcullis House in Westminster with a man MI5 believed to be a Russian agent.

As Mr Hancock's parliamentary aide, Miss Zatuliveter had access to potentially sensitive information given to the Commons Defence Committee, on which the 65-year-old Portsmouth South MP serves.

Since when was the Commons Defence Committee, or any other Commons select committee, ever given access to any real secrets ?

After her arrest in December last year she was held at an immigration detention centre before being bailed. Throughout the case she has protested her innocence and now wants to clear her name by overturning the deportation order at the SIAC hearing, which begins next month.

Sir Stephen was head of MI5 from 1996 to 2002 and then chairman of the Serious Organised Crime Agency from 2006 to 2009. Although he rarely speaks about his former role, last year he warned about the threat posed by Russia's female spies. He told a BBC Radio 4 documentary that the very existence of a ring of Russian 'illegals' (spies operating without diplomatic cover) must be taken seriously.

'The fact they're nondescript or don't look serious is part of the charm of the business,' he said. 'That's why the Russians are so successful at some of this stuff. They're able to put people in those positions over time to build up their cover to be useful.'

If there is any actual hard evidence of Katia Zatuliveter engaging in espionage activities, then why was she not arrested and charged under the Official Secrets Act last year ?

Briefing for UK Parliament on the 'Freedom Bill' - The Protection of Freedoms Bill Second Reading

They called for a single, powerful, well funded Privacy Commissioner, independent of Government Departments or Ministers, with legally enforceable powers of investigation backed up with criminal law sanctions, with proper in house technical expertise and investigation teams, like those which exist in Canada or Germany etc.

The House of Commons Select Committee on Home Affairs also agreed with them, when reporting on the News of the World mobile phone phone voice mailbox hacking scandal.

However, the Home Office's Byzantine "divide and rule" response, can be summed up a la Mel Brookes' Blazing Saddles as:

"Privacy Commissioner ? We don't need no stinking Privacy Commissioner!" (in a faux Mexican bandit accent)

Their official response to the Home Affairs Committee report contains this smugly complacent response:

THE GOVERNMENT RESPONSE TO THE THIRTEENTH REPORT
FROM THE HOME AFFAIRS COMMITTEE SESSION 2010-12 HC 907 (.pdf)

UNAUTHORISED TAPPING INTO OR HACKING OF MOBILE COMMUNICATIONS

[...]

2.14 We are concerned about the number of Commissioners, each responsible for different aspects of privacy. We recommend that the government consider seriously appointing one overall Commissioner, with specialists leading on each separate area. (Paragraph 42)

2.15 The Government believes the current spread of independent Commissioners ensures proper regulation of different aspects of privacy. The range of statutory functions carried out by each Commissioner varies significantly. It includes the provision of guidance, investigation of public complaints, serving and enforcing monetary penalty notices, making decisions over the deployment of technical devices, authorisation of some forms of surveillance and property interference, and oversight and inspection across different specialisms and under different legislation. Each Commissioner and his staff work in specialist, technical areas that require extensive knowledge of relevant legislation, equipment and procedures. Although the work they do can be related, it is also quite distinct.

2.16 The Government believes that the benefits the Committee is seeking can be delivered through existing arrangements and those proposed in the Protection of Freedoms Bill. The existing Commissioners already co-ordinate their work to ensure the right expertise is utilised in the right context and that wherever possible there is consistency between them. However, while respecting their independence, the Government will take note of the Committee's concerns in the way we develop and co-ordinate the roles and functions of the Commissioners.

There has been no Government "development" or "co-ordination" of the roles and functions of the Commissioners, except to keep them as secretive and powerless as possible.

Remember that neither the existing RIPA Commissioners (Interception of Communications, Surveillance or Intelligence Services) nor the Information Commissioner nor the two new proposed Commissioners (national security only Biometrics and some CCTV) actually have the word "Privacy" in the legislation which defines their roles and which they are narrowly constrained to follow.

The Home Office officials are deluding themselves and deceiving the public if they think that there is any evidence of "joined up" working between the existing Commissioners - they do not even meet each other face to face regularly, or at all. Apart from the Information Commissioner, they try their best not to talk to, or correspond, with members of the public. All of the Commissioners have far more legal expertise than detailed technological expertise. Only the Information Commissioner and the Chief Surveillance Commissioner bother to publish a public website and only the Information Commissioner's Office has a Twitter feed.

The Conservative / Liberal Democrat coalition government needs to deliver on its pre-election promises, right now, before Christmas, in regards to our freedoms and civil liberties. At the moment they are looking indistinguishable from the previous, increasingly hated, authoritarian yet incompetent, Labour government.

The Report Stage of the inadequate Protection of Freedoms Bill is set for Monday the 10th October 2011 i.e. in less than two weeks time

Please lobby your MPs e.g. via WriteToThem.com about our lost freedoms and suggest amendments to this half hearted Bill before then.

Would you risk your career or life, or those of your family and friends, on such such assurances ?

See our previous blog article of the 11th August 2011, before the revelations from Libya: Spy Blog letter to the Detainee Inquiry re: lack of whistleblower anonymity protection and immunity from prosecution

The Detainee Inquiry
35 Great Smith Street, London, SW1P 3BQ
Telephone: 020 7276 5544

From the Secretary to the Inquiry

13 September 2011

[name]
Spyblog
Via E-mail [email address]

LACK OF ANONYMITY PROTECTION FOR POTENTIAL OR ACTUAL WHISTLEBLOWERS TO THE DETAINEE INQUIRY.

Thank you for your e-mail to Sir Peter Gibson on behalf of Spyblog and its readership, in reference to the provisions of anonymity protection for whistleblowers and a number of issues related to the Inquiry's work. I am responding on Sir Peter's behalf.

The Inquiry takes the welfare and safety of any witnesses who provide evidence to us very seriously. The Inquiry's Protocol (available on our website) makes clear that witnesses may provide evidence to the Inquiry in private if the Inquiry believes that there is a good reason for them to do so.This is designed to ensure both the welfare and safety of witnesses by the protection of their identity, and the provision of full and frank evidence to the Inquiry. Any request by a witness to appear in private will be given careful consideration by the Panel. By way of further reassurance, the only people present during private hearings will be the witness and any one person they choose to accompany them, the panel, Counsel to the Inquiry, members of the Inquiry staff and contracted stenographers with the appropriate security clearance (see paragraph 37 of the Protocol). Should we find it necessary to seek further information from a Department or Agency as a result of evidence given by a witness, we would not reveal the source of the information leading to the request. We believe that the current measures are sufficient at this stage to protect the anonymity of whistleblowers or anyone else who has good reason to give evidence in private, but we will keep this under review

As you have identified, the Prime Minister stated in his letter of the 6 July 2010 to Sir Peter Gibson that 'the Attorney General has agreed to provide an undertaking that evidence given by witnesses may not be used against them in criminal proceedings, whether their evidence is given in public, private or both (other than in proceedings where he or she is charged with giving false evidence or conspiring to do so in the course of this Inquiry)' We are currently liaising with the Attorney General's office on producing a comprehensive undertaking which we are confident will address the concerns you have around potential prosecution of whistleblowers under legislation such as the Official Secrets Act. We hope to receive a final version of the undertaking soon and will then publish it on our website as you suggest. We will then confirm with the Cabinet Secretary and the Heads of the intelligence services their analogous undertakings to staff in respect of disciplinary proceedings based on the evidence provided, this was also set out in the Prime Minister's letter.

You raise an important point about assurances from the UK Intelligence Agencies in respect of their cooperating with the Inquiry. We have been assured by the Prime Minister that we will receive full co-operation from the Government and its Security and Intelligence Agencies. The Inquiry believes that this would cover all of the activities you have mentioned, as the type of behaviour you have explained regarding the Agencies deploying surveillance techniques on the Inquiry's Staff or asking Agencies in other countries to do likewise would go against this assurance of full cooperation.

Thank you for your recommendation in reference to encryption of the website to allow for individuals to submit evidence while protecting their identity. We continue to review our website and its security and will consider the points you have raised.

Finally on the important point in reference to ensuring that redactions placed on documents cannot be removed, the Inquiry takes its obligation to redact sensitive material, including individuals' personal details where they must be kept private, very seriously and are mindful of this risk. We shall, of course, do everything we can to ensure that this situation does not arise.

Yours Sincerely,

Alun Evans

With your help and feedback (either in the comments or via encrypted email, ideally using Tor or other IP Address obfuscation techniques) we will respond to the Detainee Inquiry, to press them further about the points in our Letter which they did not properly answer.

N.B. there are only a couple of working days left before the Attorney General and the Cabinet Secretary must reply to our Freedom of Information Act Requests for the promised Undertakings:

• FOIA request to Attorney General: promised Undertaking regarding the Detainee Inquiry into allegations of complicity in torture

• FOIA request to Cabinet Secretary regarding promised Undertaking about the Detainee Inquiry into allegations of complicity in torture
  
  

How sneakily are Blue State Digital tracking NGO political campaign emails ?

Several UK NGO's looked at this technology and chose to make use of it, without using its most privacy endangering features such as the use of hidden "web bug" graphics in HTML emails.

Just in case you thought that the Labour party has somehow changed its penchant for control freakery and mass surveillance, the iPad wielding apparatchiks have now launched a campaign website for the odious Ken Livingstone in his attempt to get re-elected as Mayor of London called http://yourken.org

The social media integrated web based political campaign service which the yourken.org website is using is called NationBuilder.com based in California, USA.

Snazzy integrated political campaign tools - but no privacy

To a political campaign or other non government organisation, this commercial service offers some snazzy tools, setting volunteer activists goals to achieve in terms of organising events or spreading the campaign message. There are blog pages and Google Maps showing where registered supporters are located , with tools to graphically "turf carve your voter file" amongst different local organisers etc. There is integration with Twitter and FaceBook.

All very slick, but all very American when it comes to privacy and data protection - there is none.

NationBuilder.com clearly states in its "privacy" policy that they make routine use of web tracking technologies like "web bugs":

Clear Gifs Information: When you use the Service, we may employ clear gifs (also known as web beacons) which are used to track the online usage patterns of our users anonymously. In addition, we may also use clear gifs in HTML-based emails sent to our users to track which emails are opened by recipients. The information is used to enable more accurate reporting, improve the effectiveness of our marketing, and make NationBuilder better for our users.

Third Party Services: 3dna uses Google Analytics to help understand use of the Service. This service collects the information sent by your browser as part of a web page request, including cookies and your IP address, and their use of it is governed by their Privacy Policy.

No SSL / TLS encryption for registration of Sensitive Personal Data , which is exported to the USA

Although the main NationBuilder.com website does have a working SSL / TLS Digital certificate, presumably so that they can process credit card or other online payments, this feature is totally lacking from the yourken.org website, which handles donations on the main kenlivingstone.com website.

Before even being able to browse the website to see what it it all about, all new visitors are already assumed to be supporters and are asked to fill in a registration form with their Personal Data i.e. home, address, phone and mobile phone, email details, Twitter and FaceBook accounts.

By implication, by virtue of registering for a Labour party political campaign, this Personal Data is being tagged with their presumed political affiliation. Legally this is Sensitive Personal Data defined under the Data Protection Act - there is no excuse for not protecting this in transit with standard SSL / TLS strong encryption.

Simply by accessing http://yourken.org, your computer's IP address and web browser details are logged by both Google Analytics and also by Quantserve, two third party commercial web tracking companies in the USA, through hidden JavaScript and sneaky 1 x 1 pixel sized transparent .gif images which are pulled from the tracking companies web servers rather than from the yourken.org website.

Email Blaster - is a tool for spam, not for responsible political campaigning

The worst aspect of the NationBuilder service is the "Email Blaster" campaign email tool. The NationBuilder website gives advice on creating a "Killer Email Blast" etc. This is email spam marketing rather than proper permission based email.

Just like the Blue State Digital tool we wrote about in 2009, the HTML emails (signed by Ken Livingstone himself, allegedly) sent out by this Email Blaster tool contain hidden "web bug" invisible 1 x 1 pixel graphics, not from Quantserve or Google Analytics, but from london@email-new.labour.org.uk, which is an alias for the NationBuilder.com system in the USA.

If, like most people, this email is read using HTML enabled email software, this "web bug" allows NationBuilder and the Labour Party to track not only whether a recipient has opened the email, but it also tracks other people to whom the "web bugged" email has been forwarded to.

Remember that all such log file tracking information is available, on demand, to US Government agencies, under their PATRIOT Act, or can be freely sold by these commercial US companies.

This is not appropriate for a list of a particular UK political campaign's supporters' home address, phone and mobile phone, email details, Twitter and FaceBook accounts details etc.

The Labour party is welcome to spy on those of its own supporters, who have actually given their prior, informed consent to do this. We suspect, however, that many ordinary Labour party members and supporters will be annoyed, or perhaps horrified, that this is being done to them without such informed prior consent.

We hope that no other UK political party will be tempted to abuse their supporters or potential supporters in this way and that they will shame the Labour party for doing so.

Will NationBuilder.com shut down yourken.org becuase of US trade embargos and sanctions against Fidel Castro and Hugo Chavez ?

NationBuilder.com, based in California, may well be dealing with Labour party social media apparatchiks, but they may be unware of the toxic nature of "Red Ken"s authoritarian political policies and fantasies.

It is possible that NationBuilder.com, which is run by Democrat supporters, or their upstream US based ISPs, could shut down the yourken.org website, because of his sycophantic support for the communist dictators Fidel and Raul Castro in Cuba and the anti-American Hugo Chavez in Venezuela. They could use the excuse of US trade embargo and economic sanctions laws, or they could simply take a moral stand against "Red Ken".

If the Labour party and Ken Livingstone's apparatchiks really cared about Londoners, they would not have outsourced the yourken.org website to the USA and would have employed a local London based company to provide exactly the same sort of social media integrated web campaigning tools, without the odious "web bug" tracking of people without their prior informed consent.