IP Bill & ICRsOversight or Theatre? Surveillance and Democratic Accountability
Ray Corrigan
5 February 2016 Wolfson Hall, Churchill College, University of Cambridge
Ray Corrigan, Open University
Almost universal agreementSerious threats – • terrorists• organised crime• dangerous dictators• …
SIS & LE need – • intelligence• skills• tools• resources
12/01/2016
Guilty, suspicious, innocent
Guilty
Suspicious
Innocent
Guilty, suspicious, innocent
6000 guilty
600,000 suspicious
60,000,000 innocents
Guilty, suspicious, innocent
600,000 guilty
6,000,000 suspicious
53,400,000 innocents
Guilty, suspicious, innocent
ICRs“internet connection record/s” appears in -
192 page draft bill – in s47 only – 3 timesGuide to Powers and Safeguards (once in contents page) x3 (“ICR/s”x11)Explanatory Notes x6 (“ICR/s”x1)Home Office written evidence to Joint Committee x29 (“ICR/s”x18)http://data.parliament.uk/writtenevidence/committeeevidence.svc/evidencedocument/draft-investigatory-powers-bill-committee/draft-investigatory-powers-bill/written/26435.html
Science & Technology Committee report x27 (“ICR/s”x53)Correspondence from Home Secretary (IPB0065) x11 (ICR/sx10)http://data.parliament.uk/writtenevidence/committeeevidence.svc/evidencedocument/science-and-technology-committee/investigatory-powers-bill-technology-issues/written/26486.html
Operational case for the Retention of Internet Connection Records x13 (“ICR/s”x88)
ICRs S47 Additional restrictions on grant of authorisations
(6) In this section “internet connection record” means data which— (a) may be used to identify a telecommunications service to which a
communication is transmitted through a telecommunication system for the purpose of obtaining access to, or running, a computer file or computer program, and
(b) is generated or processed by a telecommunications operator in the process of supplying the telecommunications service to the sender of the communication (whether or not a person).
ICRs s71 Powers to require retention of certain dataExplanatory notes (s190) say S71(9)(f) defines internet connection records:
“(9) In this Part “relevant communications data” means communications data which may be used to identify, or assist in identifying, any of the following—[…]
(f) the internet protocol address, or other identifier, of any apparatus to which a communication is transmitted for the purpose of obtaining access to, or running, a computer file or computer program.
In this subsection “identifier” means an identifier used to facilitate the transmission of a communication.”
Not an ICR in sight…
s71
S71
tech
Allnew
Insert data here from
ICRs in Guide to Powers and Safeguards ICR Not…“a person’s full internet browsing history”ICR is…“record of the services they have connected to”
ISPs required to retain ICRs for 12 months
ICRs in Explanatory Notes “records captured by a network access provider of the internet services with which a person or device interacts”“would not be able to be used to identify what the individual did”Public authority ICR access purpose: to ID sender/services/criminalityCSPs not currently required to retain ICRs by law“Clause 71(9)(f) of this Bill provides for the retention of internet connection records” (71(9)(f) does not use term “internet connection record/s”)
ICRs “relevant communications data”?⊂Local authority access to ICRs prohibited
ICRs in Science & Tech Committee reportGov say ICRs “the only substantially new requirements provided for in the draft Bill”Cttee:
ICRs “the subject of uncertainty and concern from business due to lack of clarity” Goverment should pay full costsTech Advisory Board should advise on CoP “requirements for protecting ICR data”Govt & business should advise on annual updates of CoPs“confusion about the extent to which ‘internet connection records’ will have to be collected”“essential that the Government is more explicit about the obligations it will and will not be placing on industry”“definitions of internet connection records and other terms … have led to significant confusion”
Dr Joss Wright OII “comparing it with telephony is ludicrous”Cf Denmark session logging abandoned 2012Home Secretary: Definitions ICRs & CD intended to be “technology neutral” & “necessarily abstract”Home Office’s Chief Scientific Adviser, Professor Bernard Silverman: ICR definition “pinned down in a way that satisfies both a legal and a scientific requirement”Feasibility of collection questionable – ISPA: “ICR does not exist” BT: “cannot realistically scope technical feasibility or cost” Andrews & Arnold: DPI?Security difficult: massive volume of ICR dataORG: “request filter” “one of the most concerning aspects”
Correspondence from the Home Secretary, Rt Hon Theresa May MP (IPB0065) http://data.parliament.uk/writtenevidence/committeeevidence.svc/evidencedocument/science-and-technology-committee/investigatory-powers-bill-technology-issues/written/26486.html
Discussing ICR details with industry“confident… feasible” (industry reps disagree)“Internet Connection Records is a record of the internet services a specific device is connected to”“Each ICR is a record of a single Internet Protocol event”
Not retained under existing law
Future aspiration
Simple example of ICR for mobile phone
Data Fields Example What does it represent?Account Reference 13109976224 The mobile telephone numberSource IP : Port – Private 10.13.26.70 : 5256 What the client looks like to the
Communication Service Provider for Internet access.
Source IP : Port - Public 232.99.52.12 : 80 What the client looks like to the Internet.Destination IP : Port 135.20.32.87 : 80 The Internet Service being accessed by the
client.URI domain www.socialmedia.c
omThe Internet Service’s web domain.*
Service identifier Social Media The Internet Service’s name.Session Start Time 14:30:01 GMT
03/09/2015The time and date for the start of session.
Session End Time 14:40:29 GMT 03/09/2015
The time and date for the end of session.
Data Volumes Transferred 1253 outgoing The number of Bytes Transferred and direction.
* A URI retained as part of an ICR may only contain the elements of the address which identify the communication service concerned.
ConcernsDefinitions vague“ICRs”, “telecommunications service”, “relevant communications data”, “communications content”, “equipment interference”, “technical feasibility” and “reasonably practicable”
s195: “data” includes any information which is not data
Government insist “clear” but “necessarily abstract”Technical feasibility questionableCostly for government & CSPsMass invasion of privacyIllusion “bulk collection” ok as long as only computers “see” dataExtraterritoriality & jurisdictional conflictOthers including despots watching for UK benchmark
ConcernsCSPs sustainability, security, legal & operational uncertaintiesQuestionable efficacy for crime/terrorism detection/prevention Comms infrastructure security nightmare combined with targeted and/or bulk:• interception• acquisition• retention • equipment interferenceSecuring bulk personal datasets extremely difficult
How they might be improvedAbandon retention of ICRsTargeted judicially supervised retention of data of those about whom authorities have reasonable suspicionWill need international cooperation & political signoff won’t wash
Political obstacles Unreasonably short timetableAbsolute commitment of Home Secretary & government to have something called the “Investigatory Powers Act” on the statute booksMedia spotlightIncentive to avoid concessions to avoid perceived weakness(e.g. partial move towards David Anderson judicial oversight recommendation called u-turn)
On the plus side, opportunity Mature debate (Andrew Parker)• Nature• Scope• Reach• Proportionality• Necessity• Legality• Clarity• Practicality• Etc
Historic first (David Omand): Bring secret state intelligence operations fully under rule of law
Insanity of bureaucracySacrifice/distortion of core services on altar of simplistic metricsLoss of institutional ethical memory/values over timeEducationNHSSocial welfareEconomyCriminal justice
From Solove to KafkaNo known cure for a bureaucrat with a target (mission creep)
Bureaucracy/algorithms make life-changing decisions based on secret information, while denying the subject/s of the data the ability to inform, see or challenge
Image © The Open University
Communications infrastructure of police state will not be permanently deployed benevolently…Need respect for:
the person (personal data should not be treated as industrial raw material)existing human rights laws