Tag Archives: privacy

Why you should be bothered about the Snoopers Charter

Late last year, the UK Parliament passed the Investigatory Powers Act 2016. This law builds on the Regulation of Investigatory Powers Acts and the Data Retention Laws. This law allows the Government to store all our electronic communications traffic, read the content and meta data and co-opt the product and service vendors to help them. I describe this in more detail below.

The Law was written in the aftermath of Court of Justice of the European Union’s (CJEU) ruling in the Schrems vs. Facebook case that the EU’s Data Retention Directive and hence the member state implementations were in contradiction to the EU’s human rights law, the Charter of Fundamental Rights. Parliament had considered aspects of these proposals twice before under the two previous administrations and rejected them.

This article looks at the new Law, criticises it on Human Rights grounds in that it jeopardises the right to privacy, the right to organise, the right to a fair trial and rights to free speech and on IT Security grounds in that the new regulation of encryption products jeopardises access to electronic trust and privacy. It also examines the likely impact of the recent CJEU ruling on the legality of its predecessor law, and in passing, likely conflicts with last year’s passage of the General Data Protection Regulation (GDPR) by the European Union.   … » Read more …

Oi!, You! No snooping on my emails and chat!

Earlier this week, the Court of Justice of the European Union delivered its judgement on the legality of the UK & Swedish data retention and surveillance laws. They confirmed their ruling from 2015 that general monitoring is illegal, that retention must be specific and is only allowed to combat serious crimes, that access to surveillance records must be authorised by independent authorities and that EU data subjects must be have access to legal remediation if their rights to privacy are breached. The Guardian report on it here, the Independent here ,the Register here and even  the Daily Mash comments here. The UK’s Investigatory Powers Act also gives the government the right to mandate backdoors in UK operated communications products; these powers may also fall foul of the prohibition on general monitoring and the need for independent review. While the ruling is specific to the UK’s DRIPA law, which has now been replaced by the Investigatory Powers Act, it poses a clear challenge to the legality of the new Law.  … » Read more …

A note on the coming GDPR

In a blog at my employer’s site I looked at how to become compliant with the EU’s General Data Protection Regulation. Regulations are the Law in all the member states, and members of the European Economic Area. The article looks at the issues of consent, the new data subject rights, privacy by design, the meaning of adequate protection and new public accountability via the duty to report breaches and to appoint a professional data protection officer.  … » Read more …

More on Brexit

Many the implications of the vote to leave the EU has been exercising my mind. I have finally got my notes & thoughts to publish my initial views on the politics of the aftermath; this article attempts to limit itself to the events and thoughts of the first week after the referendum. I have published them as at the date I started my storify where I collected the sources I wanted to quote. This is because it is one of a planned series, I plan to follow up with a piece on immigration, one on Labour Party and Left unity and one on the mutation of capitalism and politics.

One of the reasons for my delay was that I was asked for a number of quotes in the IT trade press which took some writing time. I have posted the complete quotes as three articles in linkedin pulse, on Cybersecurity, Privacy & Trade and the single market, covering innovation, TTIP & Privacy and net neutrality.  … » Read more …

Here come de Judge

The highest levels of international judiciary have been busy over the last week, I report and comment on the Microsoft vs. FBI on linkedin Pulse, in an article called “Citizens Win”. It was quite simple in the end, the law under which the FBI was seeking search warrant powers was not on of the post 911 laws, but an earlier one and the US District Court says that the law grants no power of inspection abroad. The spooks are going to have to apply for an Irish warrant. In Europe however, Tom Watson’s & David Davies’s judicial review on DRIPA have reached the Advocate General. This reported by Tom Watson here, and by Glyn Moody here. Watson writes about the need for strong judicial review of the search warrants, and Moody brings up that mass surveillance can only be used in the fight against serious crime.   … » Read more …

The coming Chief Privacy Officer

I was asked to contribute to an article on the new legal framework surrounding Data Protection Officers (DPO). I was pleased they took what I consider to be one of the critical contributions I offered, that “Privacy by Design” is a requirements management problem.  … » Read more …

Labour & Digital

Trefor Davies of trefor.net commissioned and published an article by me on the state of the politics of digital and its likely impact on the General Election. In the article I classify the issues around citizenship and economics. Obviously the manifesto has not been published and so prediction of its content is not easy. Regular readers will know that I am a supporter of both the Open Rights Group and Privacy International. I have also served on NESSI, the EU’s internet/I.T. R&D project incubator.  I am hopeful on the issues of citizenship, unsure on copyright and intellectual property laws and expect a good offer on digital government.  … » Read more …

The EU D.P. Regulations falls at the hurdle

Glynn Moody, of course,  at TechDirt, syndicates the EDRi scoop about the final stages of the new EU Data Protection Regulation exposing the National Governments’ role in weakening the current legislation which have completed their 1st & 2nd stages. The EDRI have published a document called “Broken Badly” which contains their critique of the Council’s behaviour and positions because they weaken the rules around consent (both authorisation and purpose), corporate sanctions, duty to notify breaches, and the problematic one stop shop for jurisdiction. Correspondence to Chris Grayling I suppose.  … » Read more …

Digital Question Time

I went up to Blackfriars to techUK’s offices to listen to their Digital Question time. They had arranged for Vaizey, Onawurah and Huppert to speak. I covered the event using storify. They covered privacy, access and inclusion, start-ups, brexit (briefly) and government IT. Computer Weekly have hosted a video here…, if you want the complete story. The Guardian ran a story, “Vaizey calls for tech firms to ‘meet politicians halfway’ over encryption” and sub-titled, “Debate needs  … » Read more …

The end of (British) privacy

As the dust settles in Paris after the attack on “Charlie Hebdo”, politics in Britain returns to posturing as normal. Cameron states that the Tory Manifesto for the General Election in May will include promises to increase the legal powers of surveillance by MI5 to cover all communication. Jim Killock of the Open Rights Group writes a considered piece on what this might mean. The end of this road is prohibiting encryption for the use of ordinary law abiding citizens.   … » Read more …

Coming Privacy Law

Yesterday, attended a session convened by the BCS North London branch, called “Data Privacy – How Private is IT?” The presentation was given by two PWC staff members in two parts, the first was a forward looking review at the proposed EU Data Protection Regulation by Kyrisia Sturgeon and the second part a scenario based exploration of good data protection practice led by Pragasen Morgan. To me the coming key changes in the law are that all companies will need to have a qualified data protection officer, and it implements a right to be forgotten, or more accurately a right to be unindexed.  … » Read more …

Professionally published again

I have finally been published on my employer’s web site blog. The article, Conflicting Data Requirements: Privacy versus Transparency (http://lnkd.in/dtNbnTW) looks at the countervailing tendencies by governments legislating for citizen privacy and tax transparency. The article concludes with a series of technical challenges to meet the needs of both political initiatives. The article was syndicated on the Tabb Forum, and you can read that here. The article was originally provoked by a Gartner Press Release which suggests that location and the need for specific jurisdictional compliance will reduce as costs and  … » Read more …

Oh Shit! You mean spying on everyone is illegal?

Better change that then! In April, the Court of Justice of the EU, ruled that its 2004 Data Retention Directive mandating Information System Services Providers to store all their records for 12 months was declared incompatible with the EU’s Fundamental Charter of [Citizen’s] Rights. It and all the national laws implementing the Directive need to be reviewed to see if they remain legal. Last week, the Government announced that it planned to introduce new laws to plug the gap. This is to be called the Data Retention and Investigatory Powers Bill/Act. (DRIP) which they plan to pass in less than ½ a week using emergency provisions and the agreement of the Labour front bench.  … » Read more …