Ireland to have RIP-like citizen spying act by early next year

Andrew Duffy

The article I have linked to and reproduced here is currently on the front page of the Irish Times website. It describes an act being worked on which will require providers of telecommunications, like mobile phone companies and ISPs, to keep detailed data on every individual's use of their services for four years. This is tantamount to a wiretap on every user of a phone or internet service in the country, whether under suspicion of illegal activity or not. When the similar RIP act was passed in the UK in November 2000, public outrage and a campaign of faxing MPs led to the act being suspended while it was rewritten to protect the privacy of innocent citizens.
Politicians are usally reasonable people; if you write to your representatives outlining your concerns you can help avoid this nasty step towards our becoming a state that spies upon its citizens.

http://www.ireland.com/newspaper/front/2002/1128/901350883HM1TECH.html

Department to store data on citizens for four years

Detailed personal data on every Irish citizen's phone and mobile calls, faxes, and e-mail and Internet usage will be retained for up to four years under a new Department of Justice Bill, writes Karlin Lillington

The Bill, which is being drafted and which the Minister, Mr McDowell, hopes to implement by next spring, requires that personal electronic data be retained for two to four years. At present, data may only be retained for a short period, exclusively for billing purposes - generally, three to six months - and then must be destroyed.

"We have serious concerns that this is treating everybody as a potential suspect in a crime," said Mr Malachy Murphy, e-rights convener with the Irish Council for Civil Liberties. "This would also appear to go against the European Convention on Human Rights, which has explicit protections for citizen privacy."

Data produced by digital networks can be highly revealing, while 3G mobile phone networks, with phones which regularly broadcast their location back to the network, will provide information on where a person is standing to within a few metres. The legislation could also demand that Internet service providers store information on all the individual web pages a subscriber has visited over four years.

It is understood that Department officials failed to consult any organisation other than the Garda Síochána in preparing legislation which would in effect overturn existing EU data protection directives. The Bill would also run counter to data protection provisions within the State's E-Commerce Act 2000 - considered essential for creating a supportive e-commerce environment where businesses and consumers can trust how their private information is stored and handled.

Officials within the Department of Justice are understood to be seeking a legal regime similar to that mandated by Britain's controversial Regulation of Investigatory Powers (RIP) Act.

In Britain, aspects of RIP are being rewritten after strong opposition to the initial Act from the House of Lords, the business community, privacy advocacy groups and the British media. The British government had to withdraw additional legislation dealing with the same areas of data retention as the Irish Bill after this provoked widespread outrage and anger.

"The RIP Act was incredibly controversial when passed, but that was nothing compared to the opposition to data retention," said Mr Ian Brown, director of British policy for the Foundation for Information Policy Research (FIPR).

"Creating a huge database that is lying there for years is a huge invitation for government misuse, much more for hackers, blackmailers, criminals and others."

Mr Brown said Britain and the Republic have been under pressure from American surveillance agencies such as the CIA and FBI to loosen protections on data privacy.

The Department of Justice did not respond to questions about the Bill's details.

dahamsta

Reposted from IIU...

Department to store data on citizens for four years
From: Ireland.com
Thursday, 28th November, 2002

Detailed personal data on every Irish citizen's phone and mobile calls, faxes, and e-mail and
Internet usage will be retained for up to four years under a new Department of Justice Bill, writes
Karlin Lillington

The Bill, which is being drafted and which the Minister, Mr McDowell, hopes to implement by next
spring, requires that personal electronic data be retained for two to four years. At present, data
may only be retained for a short period, exclusively for billing purposes - generally, three to six
months - and then must be destroyed.

"We have serious concerns that this is treating everybody as a potential suspect in a crime," said
Mr Malachy Murphy, e-rights convener with the Irish Council for Civil Liberties. "This would also
appear to go against the European Convention on Human Rights, which has explicit protections for
citizen privacy."

Data produced by digital networks can be highly revealing, while 3G mobile phone networks, with
phones which regularly broadcast their location back to the network, will provide information on
where a person is standing to within a few metres. The legislation could also demand that Internet
service providers store information on all the individual web pages a subscriber has visited over
four years.

It is understood that Department officials failed to consult any organisation other than the Garda
Síochána in preparing legislation which would in effect overturn existing EU data protection
directives. The Bill would also run counter to data protection provisions within the State's
E-Commerce Act 2000 - considered essential for creating a supportive e-commerce environment where
businesses and consumers can trust how their private information is stored and handled.

Officials within the Department of Justice are understood to be seeking a legal regime similar to
that mandated by Britain's controversial Regulation of Investigatory Powers (RIP) Act.

In Britain, aspects of RIP are being rewritten after strong opposition to the initial Act from the
House of Lords, the business community, privacy advocacy groups and the British media. The British
government had to withdraw additional legislation dealing with the same areas of data retention as
the Irish Bill after this provoked widespread outrage and anger.

"The RIP Act was incredibly controversial when passed, but that was nothing compared to the
opposition to data retention," said Mr Ian Brown, director of British policy for the Foundation for
Information Policy Research (FIPR).

"Creating a huge database that is lying there for years is a huge invitation for government misuse,
much more for hackers, blackmailers, criminals and others."

Mr Brown said Britain and the Republic have been under pressure from American surveillance agencies
such as the CIA and FBI to loosen protections on data privacy.

The Department of Justice did not respond to questions about the Bill's details.

Typedef

Well how about running all of your email through 3DES or blowfish and let the politicos try and search the entire keyspace for 3DES if they want to try and read your email?

If you and a friend want to exchange information without giving big brother access to it, then why not just write your message in your favorite text editor, encrypt it with 3DES where only you and recipient (x) know both DES keys, and laugh at the politicos if they try and crack it? Or run 3DES three times and have six DES keys, all different and then see the politicos try and crack 3DES run thrice......?

Basically, I don't trust the government and I'm quite sure that 'somewhere' said government lackies are keeping copies of correspondance and so on for 'security reasons'. So, for individual security, I'm thinking that I might just be implementing 'some form' of secure message exchange with my friends, possibly based around 3DES or blowfish encryption with keys only know to myself and my friends.

Is this an infringement of civil liberties? Well yes, of course it is. I am surprised that the government are being so 'transparent' and honest about wanting to snoop people's correspondance. It just makes people react to protect their privacy really. To my mind, this is a public relations exercise as the people who 'need' for reason (x) to have secure information exchange, can ultimately have it, with enough effort, it's ultimately Joe Soap (x), that the government will end up snooping and ironically enough it's Joe Soap (x) the government has least to fear from.

MrPudding

Originally posted by Typedef
Well how about running all of your email through 3DES or blowfish and let the politicos try and search the entire keyspace for 3DES if they want to try and read your email?

This would be the obvious solution, the problem is if they follow the RIP act from the UK you could end up in prison. The RIP act states that if you *receive* or send an email which is encrypted and will not or *cannot* provide the key to decrypt it to the police if requested, you can be put in prison.

Typedef

RIP act states that if you *receive* or send an email which is encrypted and will not or *cannot* provide the key to decrypt it to the police if requested, you can be put in prison.

Hmm, somehow, I'm thinking that if you or your friend suddenly 'lost' the sheet of paper with your 3DES keys written down, that a judge will not throw you in prison for that, I mean seriously cannot, is not analagous to will not and in a court of law I honestly don't see 'cannot' as being sufficient grounds for a conviction.

Sure the prosecution will try and prove that it is the case that you 'will not' provide the key, but in practice I doubt anyone 'could', be jailed because said person had suddenly 'lost the sheet of paper your honour' with your 3DES keys written on it.

You could become a techie martyr maybe, like that Norwegian bloke who made decss available.*

*Hardware I own, DVDs I bought, running operating system of my choice on hardware I paid for from money I earned... mumble, mumble.

daveirl

This post has been deleted.

daveirl

This post has been deleted.

gandalf

Both threads merged - see I can do other moderators things apart from banning people

Gandalf.

LizardKing

Sent an email to my local TD complaining ; doubt it'll do any good though....

amen

Encrypt yout email messages is fine but other proposed aspects of the bill supposedly include
:log of all the web pages visited
:phone calls
:mobile calls(including location information)


the state doesn't have a right to spy/store information on citizens who have been suspected of no crime and are not doing any thing illegal

as we seem to have an inability to seperate governement/business in this state will we find details leaked from this database to specific business interests ?

Whos going to store this information ? protect it from hackers ?
ensure its validity ?

a policy state is not far away

dahamsta

As amen points out, this isn't just about email, it's about everything you do while on the Internet or your mobile phone. I'll wait patiently for the old "nothing to hide" nugget to pop up, but while I'm waiting, think about this: This is /exactly/ the same as giving An Post permission to open your letters, photocopy them, and put them into storage "just in case".

How would you feel about that?

adam

daveirl

This post has been deleted.

Typedef

How would you feel about that?

I would be vehemently opposed obviously.

Vis-a-vis web browsing, I expect anonymous proxying could become popular, encryption for email too perhaps, vis-a-vis mobile phones, I think it's pretty much a dead loss as many of the mobile relay stations are literally right on top of Garda stations, which, forgive my cynical mind, implys to me that the Garda are 'already' tapping phone conversations, SMS and else.

I'm thinking what is really needed is some form of action group to resist this.

slackware

MrPudding

I agree with you 100% Typedef, was just pointing out what they were/are trying to do in the UK. They made a absolute balls of it there and I don't hold much hope for it being any better here.

As for the "if you have nothing to hide" bunch that will no doubt rear it's whinging head screaming "we must protect the children", I have nothing to hide but I don't want some tosser with nothing better to do looking through my mails and checking out who I phoned in the last 4 years.

Lemming

Originally posted by Typedef
RIP act states that if you *receive* or send an email which is encrypted and will not or *cannot* provide the key to decrypt it to the police if requested, you can be put in prison.

Hmm, somehow, I'm thinking that if you or your friend suddenly 'lost' the sheet of paper with your 3DES keys written down, that a judge will not throw you in prison for that, I mean seriously cannot, is not analagous to will not and in a court of law I honestly don't see 'cannot' as being sufficient grounds for a conviction.

iirc, MrPudding's quote above is the exact interpretation of the original RIP bill in the UK.

It made no distinction between inability and refusal on the part of the party in question. Either was tantamount to the same thing - the inability of law-enforcement to decrypt a message, and was thus a criminal offense.

Thanx 4 The Fish

I already encrypt any mails I send that are of a personal or sensitive nature and as far as looking at them is concerned, it would be quite hard to tell that they are encrypted. How could it be proven that a message is encrypted and not just (for example) poorly spelled ?

vinnyfitz

Not very reassuring denials From RTE lunch time radio:

McDowell rejects personal data claims

November 28, 2002

(14:52) The Minister for Justice, Michael McDowell, has said today's Irish Times report suggesting the State plans legislation to retain personal data such as phone records, e-mails and interest usage for up to four years, is misleading.

Speaking on RTE Radio, Mr McDowell said there were no Big Brother plans to retain any sort of information.

He said the bill would require electronic communications providers to keep certain data, should it become necessary in the investigation of serious criminal offences.

He said that already in certain circumstances, Garda superintendents could apply to providers for information when investigating serious offences.

I know you hate Real Player but here is the interview:
McDowell rejects personal data claims

http://www.rte.ie/news/2002/1128/newsatone/news1pm2a.ram

Typedef

Mr Brown said Britain and the Republic have been under pressure from American surveillance agencies
such as the CIA and FBI to loosen protections on data privacy.

The Department of Justice did not respond to questions about the Bill's details.

If this Orwellian piece of legislation is really in the offing, it must be stopped. I for one will not tolerate Big Brother snooping email, my browsing habits, the sort of bars I frequent, perhaps a profile about my socio-political ethos would be built up.

This is in a big way about the freedom of the individual to live free from obteuse state scrutiny. If you haven't comitted any crime, then why should the State track you as if you were a paedophile, rapist or murder, something this State fails to do at present?

Really, if I wanted to live in an Orwell book, there are many States around the world with sufficiently authoritarian governments (or so I'm told by the TV).

Also, I'm assuming that the freedom of information act pertaining to information kept on you by person (x) does not apply to the Irish RIP?

seamus

Originally posted by vinnyfitz
He said the bill would require electronic communications providers to keep certain data, should it become necessary in the investigation of serious criminal offences.

Well, though it's no different, this is already going on, with your phones. The telco's already have logged what numbers you've called and for how long, and also of all SMS's sent over the last 6 months. The Gardai can access this information if needed.

The emails thing is a bit different though. There is no reason to log emails other then for spying on individuals. I wouldn't mind too much this info being held if and only if a court order was required for anyone to access this information.....

Typedef

Clearly in the arena of email and web browsing the government has no remit to intrude.

As has been pointed out, would you give the post office permission to copy every correspondance you recieved? I sure wouldn't. What about web browsing? Who decides what is kosher and what is not? Can you imagine a brigade of the righteously indignant attempting to cull you from 'deviant' web sites? I don't mean kiddie porn, but I do think that at best the logging of web browsing is open to interpretation from others in a less than objective way.

dathi1

yes ...pre Nice referendum I was told that I was over the top on using the word Orwellian in relation to this matter by jc but even now post Nice you have a pro federeralist CD party like FG using the same word!
look it like it or lump it...we now are heading for a closed system power block with absolute control..and though I disagree with Bonkey's expert opinion on PGP encryption and data storage we are all potential suspects in the future USE united states of Europe as they lackey to their Christian right US counterparts.
they're doin well so far:
1. Data Surveillance
2. Kill of Irish Fishing for good by buying the industry out and letting the Big countries (Spain) into what's left of our 50 mile exclusion zone. (conservation my arse!)

Ajnag

Might I suggest a lobby group or a board in the community/activism, cause if its let rest and left to our fine political representives, then we are left facing a situation, where not only will you have to put up with the worst internet service in europe, but the fact that all you say and do on the net is on record, and given this countrys history probably will be abused to certain party ends.

or Maybe if Ioffl were to take it up as a secondary issue.I heard it was the e.u trying to push this one through

the post analogy is perfect to push the point.


As for the guards monitering gsm? doubt it, these were the people who almost quit work when forced to use a computer system, How ever I have heard that all Irish mobile calls are routed through british intelligence.Not sure on that one, just one of those rumours, as a friend said 'a listening post on every garda station'.

Also did anyone here ever hear of project echalone(sp), an attempt to moniter all information transmitted?

Typedef

Originally posted by Ajnag
Might I suggest a lobby group or a board in the community/activism

Actually I was alluding to that earlier..... I'll start the topic in admin if not already there.

Meh

Originally posted by dathi1
like it or lump it...we now are heading for a closed system power block with absolute control..and though I disagree with Bonkey's expert opinion on PGP encryption and data storage we are all potential suspects in the future USE united states of Europe as they lackey to their Christian right US counterparts.

Uh, the EU isn't mandating data retention. Under the relevant EU directive, each EU member is free to decide for itself on this matter (source).

This legislation is McDowell's own idea. I voted for him last election, so if this gets through you can all blame me . Needless to say, he won't be getting my vote again unless he drops this proposal.

Typedef

This was just posted to the ILUG (Irish Linux Users Mailing List)

Justin MacCarthy
The minister for Justice will be on George Hooks show, between 4.30 and 7pm today, regarding this issue. You can email questions for George to ask at therighthook@newstalk106.ie

Ajnag

sorry typedef,
didnt notice that.

Actually I was alluding to that earlier..... I'll start the topic in admin if not already there.

DiscoStu

Originally posted by Ajnag
Also did anyone here ever hear of project echalone(sp), an attempt to moniter all information transmitted?

echelon is one of those super conspiracies that really would be a little to difficult to pull off without anyone actually noticing. the base is supposed to ba a man made movable oilring type setup out in the middle of the pacific.

maybe it the freemaisons

/me off to play deus

my oul lad has always said within 30 years we will be in a police state. looks like he aint that mad.

Typedef

But, seriously. Detailed records of all faxes and email sent for every citizen?

To quote a great thespian

"1984, yeah right, that was a typo.... Orwell is here, he's living large"

seamus

Originally posted by DiscoStu
echelon is one of those super conspiracies that really would be a little to difficult to pull off without anyone actually noticing. the base is supposed to ba a man made movable oilring type setup out in the middle of the pacific.

maybe it the freemaisons

/me off to play deus

my oul lad has always said within 30 years we will be in a police state. looks like he aint that mad.

After Osama & co did the deed, they admitted it actually exists, but it's not as sinister as expected(Although saying that's a little like trying to prove that infinity-1 < infinity). Basically they scanned emails, phone convos and stuff for words like bomb, Osama, Terrorist, etc etc.

No link atm

bonkey

You know, the interesting thing in all of this is that no-one has noticed a key aspect....

The only "external" sources consulted were the gardai. Ergo, we can deduce that the phone companies and ISPs have not been consulted. I'm curious as to whether or not they will react, pointing out the costs and/or impossibility of implementing such measures.

Time after time, we have people telling us that the end is nigh because of a proposed piece of legislation which has not been fully drafted, not gone through the review process and not been voted into law.

Reading a bit more into the article, we see that it could involve a number of things, may involve some others, and if it does these things, will 'overturn' (polite word for contravene) existing EU legislation designed to prevent this type of stuff.

In short, this whole thing strikes me as a storm in a teacup at this stage. The entire article seems to be written in a tone implying "how stupid is the minister, if he thinks this will pass", as opposed to "batten down the hatches, big brother is here".

On an aside, Echelon exists, and is not some motile man-made island. (Where do people come up with these crazy ideas?) It is a joint project involving the US, Canada, UK, Australia and New Zealand. Its known to exist because the two southern-hemisphere nations have admitted as much. Its purpose is information gathering. Its exact capabilities are not known. Do a google search on the word if you want to know more - its not hard.

jc

dahamsta

Couple things. MrPudding said: "just pointing out what they were/are trying to do in the UK. They made a absolute balls of it there and I don't hold much hope for it being any better here."

They did make an absolute balls of it in the UK, but that just means that our Government has somewhat of an insight into how we'll deal with it. On top of that, Ireland's really nothing like the UK. They have a much larger population and more importantly a much larger population of activists. Irish people all too often accept now and complain later.

On the matter of the Minister's statement, call me an old conspiracy-theorist-lefty if you want, but I wouldn't be at all surprised if the original story came from a intentional leak intended to guage reaction. It's just shooting high with an eye to settling higher than people would normally expect. Like the FBU asking for 30% -- they know it's not going to happen, but guess what'll happen if they ask for what they expect?

The things that creeps me out about current governance is the whole "daddy knows best" bit, the way they try and slip stuff under the carpet, hope you won't notice. Watch McDowell avoid the question of what exactly this legislation will cover over the next few days. He's already at it: "certain data", "should it become necessary", "certain circumstances". That shouldn't be good enough for us.

adam

amen

I noticed that several posted mention that a Garda superintendatn can ask a mobile phone provider for billing records of a customer.

Does this
1: Not violate Data Protection Act
2: Does the Garda not need a warrant

and upon what law is this based ?

DiscoStu

Originally posted by DiscoStu
. the base is supposed to ba a man made movable oilring type setup out in the middle of the pacific.

i really must use those </sarcasam> tags more often.

Typedef

I hope you are right about this bill bonkey, I really do.
To my mind it is better to act now, rather then to wait until the government were to attempt to push through such a draconian picece of legislation, it's an anthema to civil liberties any even part simian could tell that.

What I find really unsetteling (apart from the implied content of the bill) is the fact that Minister McDowell used to be the Attorney General and so must be quite aware of the extent of his powers, the leglislative process and exactly where legislation such as this would stand vis-a-vis established law and the Constitution and yet, said Minister has allowed himself to be publicy identified with it, before it's inception.

I'm not saying that is tantamount to a Big Brother society, however I do think that the current government has shown itself to be sufficiently right wing, to introduce such a measure.

Personally, I wouldn't trust the government 'not to attempt' to read and keep a copy of such information whether it were legal to do so or not. This is not analagous to decrying Elvis as a little green man from Mars, the very fact the government has publicised the notion of this bill is apt signal of the intent. Namely to track and catalog the movements and the data sent of every citizen in the state at least in the sense of digital media.

If one doesn't find that concept scary, draconian and quasi-Orwellian then what is? Referenda re-runs? Both persumably are legal or can be made to be legal, but does that negate the validity of the argument that the motive is anything but highly repressive and bordering on totalitarian governance?

dahamsta

Echelon exists ... It is a joint project involving the US, Canada, UK, Australia and New Zealand. Its known to exist because the two southern-hemisphere nations have admitted as much.

The US has too bonkey. Dunno about the UK.

adam

pro_gnostic_8

Originally posted by dahamsta
I'll wait patiently for the old "nothing to hide" nugget to pop up,

adam

Could somebody pls address the "nugget" if you have nothing to fear -- you have nothing to hide.

What is the objection to Echelon if it prevents lunatic bombers flying planes into offices or bombing nightclubs full of young people?

What is wrong with teh Gardai being given an extra weapon in the war against crims, gougers and drugsters? Internationally, should not the organisors of child-porn, racketeering, money-laundering, etc., be subjected to the utmost scrutiny? I honestly don't understand your reservations.

Calling the proposed RIP Orwellian is just not appropriate -- harsh times demand harsh measures. It is ironic that those who decry increasing levels of violence in society are the first to condemn measures to counter this tendency. Do you consider (for e.g.) CCTV on our streets an invasion of privacy or a worthwhile asset?

Meh

Originally posted by pro_gnostic_8
Could somebody pls address the "nugget" if you have nothing to fear -- you have nothing to hide.

What is the objection to Echelon if it prevents lunatic bombers flying planes into offices or bombing nightclubs full of young people?

You have nothing to hide? Great, so you won't mind posting your credit card number, your burglar alarm code, your boards.ie password and your bank machine PIN in this thread then...

What is wrong with teh Gardai being given an extra weapon in the war against crims, gougers and drugsters? Internationally, should not the organisors of child-porn, racketeering, money-laundering, etc., be subjected to the utmost scrutiny?

I'm not a paedophile, a racketeer, a money-launderer or a terrorist. Yet the proposed legislation will subject my private correspondence to "the utmost scrutiny".

Do you consider (for e.g.) CCTV on our streets an invasion of privacy or a worthwhile asset?

I have no problem with CCTV. Because when I'm walking down a public street, I have no reasonable expectation of privacy. It would be entirely different if the Gardai wanted to install a camera in my living room.

bonkey

Originally posted by pro_gnostic_8
Could somebody pls address the "nugget" if you have nothing to fear -- you have nothing to hide.

Certainly.

The issue with systems such as Echelon, and the rumoured implications of the coming Irish bill is that they are open to abuse for purposes other than those they are purportedly in place for.

For example, there is (at least) anecdotal evidence that Menwith Hill (a US surveillance-station based in the UK, and a part of Echelon) has been used to tap into phone calls between key players in other European nations, and the garnered information has been used to provide large US corporations with what amounts to insider information about their European competitors - in effect state-sanctioned, state-operated industrial espionage. Excuse me if I think that this is "protecting national interests at home and abroad" just a little too far.

I have no issue whatsoever with the details of my electronic information exchange usage being stored somewhere. I do have an issue with that data being used for anything other than an official investigation where I am an official suspect. I do not want to become a suspect because someone decides that my profile matches the one they're looking for based on patterns in my web-surfing. It would be no different to racial profiling, which is, to me, indefensible. Its the same as a policeman pulling over a black man driving a sports-car because he's a black man, driving a sports car, which must be dodgy.

I have no faith in the system, or its participants to adhere to such strictures as would make a system trustworthy. Hell, governments wont even tie their own hands that much with the legislation - after all, there's no point putting in place such a system if you dont use it, right?

I have relatively little faith in such a store of information being held securely either, which is a completely seperate threat - I dont want my demographics becoming someone's marketing.

What is the objection to Echelon if it prevents lunatic bombers flying planes into offices or bombing nightclubs full of young people?

Well, see, the problem is that there isnt a shred of evidence that it does do that. Its a misdirecting question. You havent shown that it does prevent these things.

In the wake of Sep.11, we were bombarded with theories of how the terrorists communicated over the internet by encoding messages into watermarks on images. It turns out that they didnt - they used email and other obvious methods.

The problem is that there is too much information. It is impossible to analyze every message in every language, for every pattern (including simple things such as word-replacement codes), and use this to identify threats. It is even questionable as to what can be done after the event. This is why the terrorists didnt bother hiding....they were already hidden in the sea of information.

So, Echelon is great for targetted information acquisition - tapping into phonecalls of people you want to listen to, but is too successful at untargetted information acquisition, because unless you know what you're looking for, you'll never find it.

So, Echelon will never be useful for predictive analysis, but rather is limited to after-the-fact investigative work....which means that its highly questionable as to whether or not it prevents anything. The vast majority of the post-9-11 trail was identified through standard police procedure - interviewing witnesses, following paper-trails, etc. It is highly questionable as to whether large-scale indiscriminate data-collection and storage has ever contributed extensively to any such investigation.

So, again, whats it for? The supposed benefits arent there, and there is a significant body of evidence suggesting that its less honest usages are widespread. Again, a quick google on Echelon will yield a multitide of sites, most of which carry references to Congress asking the NSA about it, the EU fact-finding mission being rebuffed, etc. etc. etc.

Do you consider (for e.g.) CCTV on our streets an invasion of privacy or a worthwhile asset?

Good example. I was hoping you'd mention that one.

There is very little evidence available to show that widespread CCTV coverage offers any benefits in terms of crime-prevention or crime-reduction whatsoever. They have an initial impact, which lessens over time.

In other words, we have something which is not a worthwhile asset, regardless of much an invasion of privacy it is

So, one must then ask what the reason to have it is? Well, quite simply, it provides good short-term benefits, and whenever those benefits fail, we simply need to buy more cameras to cover more ground to see another short-term benefit. In other words...its ultimately relatively ineffectual against crime, but is good for showing "fast" results when needed.

Similarly, many other "security" measures of recent years have no discernable security benefit, but exist for ulterior motives. Post 9.11, the Americans want ID cards to be used for internal air travel. Gosh...thats useful...the terrorists got into the US legally in the first place, but getting ID cards once legalling in the coutry...that'll stump them. NOT.

In reality, the ID cards will prevent the continuation of the practice of buying a return ticket for a one-way journey, selling on the return leg to someone else, and each of you ending up with a flight which was cheaper than the normal charge for a one-way flight. Security? Nah - the protection of a failing business model masquerading as security.

Bruce Scheider, a security expert, wrote an excellent missive in response to the "security measures" the world seemed to be baying for in the aftermath of last year's attacks. He effectively showed how not a single measure suggested would bring a useful security benefit. They would impress the people baying for something to be done, but that was it. The cost, however, would be personal privacy, some personal rights, and a few other paltry things like that.

Excuse me if I dont see it as a good trade. I'm more than willing to give up my privacy for something which is demonstrably a good thing. However, these so-called security measures are far too readily abused, and of far too questionable a benefit (at best) for me to be willing to countenance them.

Sorry for the long rant, but you did ask for someone to tackle that "nugget". See - its not even a nugget. Its another misdirection. I should not have to give up my privacy because I have nothing to hide. I should give it up because there is a tangible, proveable benefit to society in my doing so, and I should not fear doing this if I have nothing to hide.

There is no such tangible, proveable benefit. Therefore, there is no reason for me to give up my privacy, and far too many risks in me doing so.

jc

dahamsta

Could somebody pls address the "nugget" if you have nothing to fear -- you have nothing to hide.

*BUZZ* Sorry pro_gnostic_8, but Brian from ILUG is the Grand Prize Winner! Brian wins a rubber hose, a bright torch and a pair of shiny new crocodile clips. Sponsored by Implicit Guilt(R): Big Brother Just Got Bigger(TM).

What is the objection to Echelon if it prevents lunatic bombers flying planes into offices or bombing nightclubs full of young people?

Two words: It doesn't. Or, more accurately: It didn't. Echelon was around long before 911, yet it didn't see it coming. Why? Because mining Echelon data is like looking for a needle in a haystack. The "intelligence community" has trouble mining the data coming in from regular intelligence channels, never mind the tons of bits collected from the Echelon hoppers.

But as it happens, Echelon has absolutely nothing to do with this debate. Echelon is simply a rather hefty listening station, like Menwith Hill on steroids (well, actually multiplied by a couple dozen). It's illegitimate data collection legitimised by the perceived need for national and international intelligence and counter-intelligence. It's an argument for another thread...

What is wrong with teh Gardai being given an extra weapon in the war against crims, gougers and drugsters? Internationally, should not the organisors of child-porn, racketeering, money-laundering, etc., be subjected to the utmost scrutiny? I honestly don't understand your reservations.

...whereas the matters we've been hearing about today, and the RIPA, are more to do with the legitimate collection of data, and the storage of that data for future reference; something that in principle I don't actually have a problem with. In principle. So why do I object to it? Because it's the first step on a slippery slope.

Next year it'll be data collection and storage. The year after, data mining. Six months later, censorship of "anti-Government sentiment". Another three months: curfews, harassment, midnight arrests. Ok, it sounds over the top, and it is, but it is a slippery slope that puts temptation in the way of some politicians who'd like to take our democracy away. And the current environment makes it easy for them.

Look at the US right now. People - citizens - in jail without being arrested, without ever having seen a lawyer, or even their families. Police tapping phones and spying without warrants. Watch lists with legitimate politician's names on them. A new intelligence agency being created with a convicted criminal at the helm, and a Freemason all-seeing-eye as the logo. And that's just the stuff that passed!

Calling the proposed RIP Orwellian is just not appropriate -- harsh times demand harsh measures. It is ironic that those who decry increasing levels of violence in society are the first to condemn measures to counter this tendency.

I'm afraid I simply don't see these measures as the answer. Jail, jail and more jail is my answer, but that's another thread again.

Do you consider (for e.g.) CCTV on our streets an invasion of privacy or a worthwhile asset?

Honestly? I see it as an invasion of privacy, for the simple reason that it has never been proven that it serves the purpose it is purportedly intended for. The only data available states that violence is down on the streets the cameras are on, but that it just moves elsewhere. Solution: More cameras. Where do we stop? In your home? In your bathroom? CCTV cameras are there because of FUD, period.

adam

dahamsta

Heh, that looks like a summary of bonkey's post, but I assure you that I wrote it offline before he wrote his. I feel the need to make a further contribution though, so here's a few links to relevant Schneier pieces from Crypto-Gram:

Special devoted to September 11

War On Terrorism

National ID Cards

Fixing Intelligence Failures

adam

PS. I knew bonkey had the wrong name for Schneier, but I actually mispelled it myself when I typed it into Google. Google said: "Did you mean: bruce schneier" and served up his Counterpane page top of the list, just in case. Honestly, what would we do without it?

vinnyfitz

http://www.electricnews.net/news.html?code=8835725

Typedef

But this time frame seems to have been extended. In August, Statewatch, a UK-based privacy advocacy organisation, said that it had received a leaked document which showed that the EU is planning to force European telephone companies, mobile operators and ISPs to store details of all their customers' activities for between 12 to 24 months.



The possibility has been raised that the introduction of such a Bill into law will be contrary to the European Convention on Human Rights and Ireland's E-Commerce Act 2000.



In response, the Department spokesperson said that the Bill was being introduced to assist the Garda Siochana with serious crimes, and strict safeguards would be put in place to ensure the privacy of individuals would be protected. "The information will only be accessed for crime detection and prevention purposes," said the spokesperson.



However, the Irish Council for Civil Liberties (ICCL) has sharply criticised any such bill. "This bill will greatly undermine data privacy in this country and will make all citizens potential subjects in a crime," said Liam Herrick, research and parliamentary officer for the ICCL. Herrick added that it was doubtful whether it would have any real impact in preventing and prosecuting crimes. "Organised crimes and terrorists have the resources to evade these measures. Its benefits are spurious," he remarked.

Even if one assumes that the State is genuine when it claims it won't keep copies of your email. What it is planning on doing is.

Keeping logs of who you mailed, who you called, the websites you went to the location of you and your mobile phone, and Michael McDowell has the audacity to claim this is not Big Brother governance. Right and I suppose if I disagree, the government will be well aware of that fact (and will have mailing, browsing and sms log information to substancite it).

dahamsta

The Reg

Ireland preps home-grown RIP Act

Ireland is to extend the retention of personal data collected from "mobile calls, faxes, and e-mail and Internet usage" to up to four years, the Irish Times reports.

A new Department of Justice Bill, modelled on the UK's highly controversial RIP Act, is in draft stage and could be enacted by Spring, the paper says.

Expect opposition: "It is understood that Department officials failed to consult any organisation other than the Garda Síochána (the Police) in preparing legislation which would in effect overturn existing EU data protection directives."

Here is the Irish Times story. And here is our Irish content partner, ElectricNews.Net, on the subject. ®

(Blah, you've seen them already so I won't link them.)

adam

dahamsta

Karlin's blog:

Here's the second, longer story on data retention that ran yesterday and here's one that is running today. The Minister is trying to play this down but it's a very serious civil rights and privacy issue. I urge anyone concerned to make an opinion known to the Department of Justice. For further information on the kinds of pan-European data retention moves afoot, see Statewatch.

adam

bonkey

Originally posted by dahamsta
PS. I knew bonkey had the wrong name for Schneier,

Its a mistake I keep making. I know his name, and I consistently mis-spell it!

Kinda like my girlfriend has a brain-glitch which makes her call rabbit "chicken" about 99% of the time...

jc

Lemming

From Adam's already linked article

In Finland, meanwhile, law enforcement authorities have issued warrants for five senior executives of the country's primary telecommunications company, Sonera, on charges of misusing customer and employee billing data. The executives are accused of going through call records to try to find a "mole" who was leaking details of a management dispute to the press.

Well, there ye have it. The first publicised abuse of data-retention. How much has NOT been detected? This shows how easy it is for companies/agencies to abuse this supposedly "secure and cofidential" information.

And the Irish government wants us to trust them with our data given their record of purity and honesty to date?

HA

incidentally, that "ha" also includes eircom promising not to abuse any info they store.

pro_gnostic_8

The mutual position of Bonkey and Hamsta in opposing RIP would appear to be based (in their own words) on a fear of possible abuse of privacy. Now, if I were to promote the reverse notion that NOT implementing RIP would invite a future of terrorist/criminal hegemony on the world I would be rightly laughed off this board. Lets keep this debate in the present context; not extrapolated into what might/might not arise in the near or distant future. Such a route only leads to paranoia and FUD. Also, conspiracy theories regarding Western intelligence agencies having a secret agenda or desire to control every facet of our lives have no place in this debate.

I have no faith in the system, or its participants to adhere to such strictures as would make a system trustworthy.

Well, Bonkey that kinda damns any debate on the issue to inconsequentiality, doesn't it? I mean, if you have an unshakeable preconception such as this, there really is no point in me wasting my time or yours in making reasonable critique of your posting. However, I do feel obliged to address your analysis of any statement I made.

Well, see, the problem is that there isnt a shred of evidence that it does do that. Its a misdirecting question. You havent shown that it does prevent these things

My sentence did include the word "IF". As in What is the objection to Echelon if it prevents lunatic bombers flying planes into offices or bombing nightclubs full of young people? Now, giving due consideration to the "IF" element, could you offer your objection? In opposition to your statement that electronic eavesdropping is only of use in after-the- fact investigation are quite a few examples of how such systems actually did prevent terrorist or criminal offences. E.G., the planned gas attack on London Underground, Weds arrest of seven Al Qaeda members in France; the arrest of Binalshib in Pakistan last month, etc, etc.

There is very little evidence available to show that widespread CCTV coverage offers any benefits in terms of crime-prevention or crime-reduction whatsoever. .............we have something which is not a worthwhile asset,...............it provides good short-term benefits,

See, with respect, this is double-speak -- self-contradictory. And if it is NOT of any benefit why would most urban authorities, police forces, factory admins, implement a CCTV segment into overall security policy? Cannot be that they were all seduced by the blandishments of some super CCTV saleman.

Maybe to reiterate my position -- personally I have no beef with a perceived privacy issue if my safety and security is enhanced.

bonkey

Originally posted by pro_gnostic_8
Well, Bonkey that kinda damns any debate on the issue to inconsequentiality, doesn't it? I mean, if you have an unshakeable preconception such as this, there really is no point in me wasting my time or yours in making reasonable critique of your posting.

Well, I'd be willing to discuss reasons why you think the system would be safe from abuse, or how such abuse could be prevented. However, no-one has ever shown that such systems can be put beyond abuse, and there is much evidence to show that authority figures, time and time again, abuse their positions. The conclusion is inescapable - if such a system is put in place, it cannot be made abuse-proof, and there isnt a single reason to indicate that it will not be abused in some way.

My belief isnt unshakeable...if someone can offer a decent counter-argument, I'm more than willing to listen. The problem is that I have yet to hear anyone claim that our politicians, police etc will be beyond reproof in this area, and offer a credible reason as to why.

The more power you make available for abuse, the greater that abuse will be. This is the core of my argument. Unless these system can be properly regulated, it is opening the way for abuse on a scale never-before-seen in a so-called "free world" nation.

By all means - offer me reassurance...but not empty platitudes of "but they've really got your best interests at heart, you know".

My sentence did include the word "IF". As in What is he objection to Echelon if it prevents lunatic bombers flying planes into offices or bombing nightclubs full of young people? Now, giving due consideration to the "IF" element, could you offer your objection?

Certainly. If Echelon (and/or systems permitted under such laws as the RIP bill and this forthcoming irish bill) were shown to be successful in the manner you said, then there could be a case made for their validity. This case would have to offset such benefits against the known/suspected abuses which the systems are used to perpetrate. Should we decide that (in the case of Echelon) international, state-operated, state-sanctioned industrial espionage was an acceptable cost to pay for preventing terrorist attacks, then fine. However, my objection would still be that such a cost is not acceptable.

Of course, the question has as much validity as one beginning with "if Santa Clause was real...." because systems like Echelon DO NOT prevent terrorists flying planes into buildings....as I previously argued. You disagree, so lets take a look at that.....

In opposition to your statement that electronic eavesdropping is only of use in after-the- fact investigation are quite a few examples of how such systems actually did prevent terrorist or criminal offences. E.G., the planned gas attack on London Underground, Weds arrest of seven Al Qaeda members in France; the arrest of Binalshib in Pakistan last month, etc, etc.

Maybe you've got better sources of information than me, but I cant find a single reference anywhere to these arrests being linked to indiscriminate data collection systems (Echelon etc). Could you supply linkage to show that these events were connected to the use of such systems, or are you just assuming that they were?

I would also point out that the US is now spending an absolute fortune on homeland defence, post 9-11. Why is it increasing its security manpower so massively if electronic surveillance systems it already has are so efficacious? Surely this is a contradiction? Its not even data-analysis divisions which are being significantly upped in strength....its the man on the street.

See, with respect, this is double-speak -- self-contradictory. And if it is NOT of any benefit why would most urban authorities, police forces, factory admins, implement a CCTV segment into overall security policy? Cannot be that they were all seduced by the blandishments of some super CCTV saleman.

The most balanced reports you will find on CCTV usage show that they are, at best, of questionable and indeterminable benefit. In some areas where they are used the crime rates go down, in some it remains unchanged, and in some, it actually increases. In some locations it appears to relocate crime, in other it doesnt. Relocation of crime is also independant of increase/decrease of crime rate.

In other words, there isnt any concrete evidence showing that CCTV is effective against crime, only evidence suggesting that it might be, in certain circumstances.

If you were to show such evidence to a statistician, the inevitable answer you will get is that either there are other significant factors not being considered, or that there is, perhaps, no link whatsoever between CCTV usage and crime rates.

So...why is it so popular? Well, imagine you're running a town where people complain about crime rates loudly enough that you need to finally do something about it. What do you do? You have three options :

1) Adopt a system that is known to be ineffective
2) Adopt a system whose efficacity is in questionable
3) Admit to yourself that this is a nut no-one has cracked yet, so copying any existing systems will be of limited benefit, and come up with something new instead which could be good, bad or indifferent.

Of the three of these, option 2 is the easiest one to take, and new technology has a lovely "comfort factor". It allows you to tell everyone that you're modernising the system...implying of course that something more modern is, by necessity, better.

Option 2 is also, arguably the safest one...it probably wont yield drastic long-term improvements, but at least it is the least likely to be a screaming disaster.

Whilst trawling the net for information on this, I did notice a comment by one criminologist who stated that many towns who implement such systems overlook cheaper, more obvious improvements which should be made first, which are known to be at least as effective as CCTV. The first one they mentioned? Improved lighting.

Now really....you explain to me how someone can favour expensive CCTV installations over cheap improvements to lighting if it is not for some pointless reason like a love of technology, or a good salesman?

Maybe to reiterate my position -- personally I have no beef with a perceived privacy issue if my safety and security is enhanced.

Neither do I, but none of the examples you are giving are verifiably enhancing your safety and security. They may enhance your impression of safety and security, but thats exactly my point....that the impression of the efficacity of these systems has absolutely no bearing on their actual worth, and that when measured in real terms, their worth is highly questionable at best.

jc

bertiebowl

Frankly I was gobsmacked when I heard this lunatic proposal from Regressive Democretin McDowell.

We must organise to fight against this moronic big brother proposal......what the hell did we fight a war of independence if we are going to throw all our freedom away to some right wing jackbooted neo-nazi - who'll I'll bet will be more than glad to provide the information on Irish Citizens to the CIA/FBI whoever in the so-called "war on terror".

Speaking of which I saw Michael Moore's "Bowling for Columbine" - excellent documentary. He points out that there are large vested interests who profit from scaring the pants off the ordindary joe soaps with their "war on terrorism" nonsence......just like fascist McDowell is trying to do in turning us all into electronic slaves to the machine.....

daveirl

This post has been deleted.

bugler

It's a touchy subject, but let's try and not get emotive over it. Personally, I wouldn't piss on McDowell if he was on fire, and this latest episode won't change my mind much. Pro_gnostic is playing the part perfectly of what I'd term a lemming citizen, someone who does what their told and generally is incapable of believing that the government/gardaí/etc would ever do anything that wasn't in everyone's absolute best interest.

Secondly why isn't it a 'war on terror'. Do you not respect America's right to defend their country? I personally amn't a big fan of the way things have happened but I completely respect their right for self defence.

Finallly, why shouldn't we share information with the FBI. Surely the exchange of information on criminals is beneficial for all.

I don't think we need to turn this into another war on terror thread, but by the way, attacking countries that look at you funny is not self-defence in any sense.

Sharing info with other international law enforcement organisations has gone on I'm sure, and much of it is necessary and to be welcomed. Unfortunately, the only specific correspondence between the Gardaí and the FBI that I'm aware/knowledgable about is the case of the Irish soldiers kidnapped and murdered in South Lebanon(Privates Barret and Smallhorne), and the subsequent harbouring of the culprit by the U.S government. A story for another day perhaps, but maybe it highlights exactly why people have issues with the "War On Terror". Sorry for going off-topic-ish