Download pptx - Investigatory Powers Bill & ICRs

IP Bill & ICRsOversight or Theatre? Surveillance and Democratic Accountability

Ray Corrigan

5 February 2016 Wolfson Hall, Churchill College, University of Cambridge

Ray Corrigan, Open University

Almost universal agreementSerious threats – • terrorists• organised crime• dangerous dictators• …

SIS & LE need – • intelligence• skills• tools• resources

12/01/2016

Guilty, suspicious, innocent

Guilty

Suspicious

Innocent


6000 guilty

600,000 suspicious

60,000,000 innocents


600,000 guilty

6,000,000 suspicious

53,400,000 innocents


ICRs“internet connection record/s” appears in -

192 page draft bill – in s47 only – 3 timesGuide to Powers and Safeguards (once in contents page) x3 (“ICR/s”x11)Explanatory Notes x6 (“ICR/s”x1)Home Office written evidence to Joint Committee x29 (“ICR/s”x18)http://data.parliament.uk/writtenevidence/committeeevidence.svc/evidencedocument/draft-investigatory-powers-bill-committee/draft-investigatory-powers-bill/written/26435.html

Science & Technology Committee report x27 (“ICR/s”x53)Correspondence from Home Secretary (IPB0065) x11 (ICR/sx10)http://data.parliament.uk/writtenevidence/committeeevidence.svc/evidencedocument/science-and-technology-committee/investigatory-powers-bill-technology-issues/written/26486.html

Operational case for the Retention of Internet Connection Records x13 (“ICR/s”x88)

ICRs S47 Additional restrictions on grant of authorisations

(6) In this section “internet connection record” means data which— (a) may be used to identify a telecommunications service to which a

communication is transmitted through a telecommunication system for the purpose of obtaining access to, or running, a computer file or computer program, and

(b) is generated or processed by a telecommunications operator in the process of supplying the telecommunications service to the sender of the communication (whether or not a person).

ICRs s71 Powers to require retention of certain dataExplanatory notes (s190) say S71(9)(f) defines internet connection records:

“(9) In this Part “relevant communications data” means communications data which may be used to identify, or assist in identifying, any of the following—[…]

(f) the internet protocol address, or other identifier, of any apparatus to which a communication is transmitted for the purpose of obtaining access to, or running, a computer file or computer program.

In this subsection “identifier” means an identifier used to facilitate the transmission of a communication.”

Not an ICR in sight…

s71

S71

tech

Allnew

Insert data here from

ICRs in Guide to Powers and Safeguards ICR Not…“a person’s full internet browsing history”ICR is…“record of the services they have connected to”

ISPs required to retain ICRs for 12 months

ICRs in Explanatory Notes “records captured by a network access provider of the internet services with which a person or device interacts”“would not be able to be used to identify what the individual did”Public authority ICR access purpose: to ID sender/services/criminalityCSPs not currently required to retain ICRs by law“Clause 71(9)(f) of this Bill provides for the retention of internet connection records” (71(9)(f) does not use term “internet connection record/s”)

ICRs “relevant communications data”?⊂Local authority access to ICRs prohibited

ICRs in Science & Tech Committee reportGov say ICRs “the only substantially new requirements provided for in the draft Bill”Cttee:

ICRs “the subject of uncertainty and concern from business due to lack of clarity” Goverment should pay full costsTech Advisory Board should advise on CoP “requirements for protecting ICR data”Govt & business should advise on annual updates of CoPs“confusion about the extent to which ‘internet connection records’ will have to be collected”“essential that the Government is more explicit about the obligations it will and will not be placing on industry”“definitions of internet connection records and other terms … have led to significant confusion”

Dr Joss Wright OII “comparing it with telephony is ludicrous”Cf Denmark session logging abandoned 2012Home Secretary: Definitions ICRs & CD intended to be “technology neutral” & “necessarily abstract”Home Office’s Chief Scientific Adviser, Professor Bernard Silverman: ICR definition “pinned down in a way that satisfies both a legal and a scientific requirement”Feasibility of collection questionable – ISPA: “ICR does not exist” BT: “cannot realistically scope technical feasibility or cost” Andrews & Arnold: DPI?Security difficult: massive volume of ICR dataORG: “request filter” “one of the most concerning aspects”

Correspondence from the Home Secretary, Rt Hon Theresa May MP (IPB0065) http://data.parliament.uk/writtenevidence/committeeevidence.svc/evidencedocument/science-and-technology-committee/investigatory-powers-bill-technology-issues/written/26486.html

Discussing ICR details with industry“confident… feasible” (industry reps disagree)“Internet Connection Records is a record of the internet services a specific device is connected to”“Each ICR is a record of a single Internet Protocol event”

Not retained under existing law

Future aspiration

Simple example of ICR for mobile phone

Data Fields Example What does it represent?Account Reference 13109976224 The mobile telephone numberSource IP : Port – Private 10.13.26.70 : 5256 What the client looks like to the

Communication Service Provider for Internet access.

Source IP : Port - Public 232.99.52.12 : 80 What the client looks like to the Internet.Destination IP : Port 135.20.32.87 : 80 The Internet Service being accessed by the

client.URI domain www.socialmedia.c

omThe Internet Service’s web domain.*

Service identifier Social Media The Internet Service’s name.Session Start Time 14:30:01 GMT

03/09/2015The time and date for the start of session.

Session End Time 14:40:29 GMT 03/09/2015

The time and date for the end of session.

Data Volumes Transferred 1253 outgoing The number of Bytes Transferred and direction.

* A URI retained as part of an ICR may only contain the elements of the address which identify the communication service concerned.

ConcernsDefinitions vague“ICRs”, “telecommunications service”, “relevant communications data”, “communications content”, “equipment interference”, “technical feasibility” and “reasonably practicable”

s195: “data” includes any information which is not data

Government insist “clear” but “necessarily abstract”Technical feasibility questionableCostly for government & CSPsMass invasion of privacyIllusion “bulk collection” ok as long as only computers “see” dataExtraterritoriality & jurisdictional conflictOthers including despots watching for UK benchmark

ConcernsCSPs sustainability, security, legal & operational uncertaintiesQuestionable efficacy for crime/terrorism detection/prevention Comms infrastructure security nightmare combined with targeted and/or bulk:• interception• acquisition• retention • equipment interferenceSecuring bulk personal datasets extremely difficult

How they might be improvedAbandon retention of ICRsTargeted judicially supervised retention of data of those about whom authorities have reasonable suspicionWill need international cooperation & political signoff won’t wash

Political obstacles Unreasonably short timetableAbsolute commitment of Home Secretary & government to have something called the “Investigatory Powers Act” on the statute booksMedia spotlightIncentive to avoid concessions to avoid perceived weakness(e.g. partial move towards David Anderson judicial oversight recommendation called u-turn)

On the plus side, opportunity Mature debate (Andrew Parker)• Nature• Scope• Reach• Proportionality• Necessity• Legality• Clarity• Practicality• Etc

Historic first (David Omand): Bring secret state intelligence operations fully under rule of law

Insanity of bureaucracySacrifice/distortion of core services on altar of simplistic metricsLoss of institutional ethical memory/values over timeEducationNHSSocial welfareEconomyCriminal justice

From Solove to KafkaNo known cure for a bureaucrat with a target (mission creep)

Bureaucracy/algorithms make life-changing decisions based on secret information, while denying the subject/s of the data the ability to inform, see or challenge

Image © The Open University

Communications infrastructure of police state will not be permanently deployed benevolently…Need respect for:

the person (personal data should not be treated as industrial raw material)existing human rights laws