The Information Commissioner is the latest public figure to criticise the proposed Communications Data Bill, saying his office does not currently have the funds to monitor the data collected.
Information Commissioner Christopher Graham said he had only seen the draft copy of the bill the day before it was published, and had little input. He claimed that its technical limitations meant the snooping would only catch “the incompetent criminal and the accidental anarchist”.
According to Graham, he does not yet know whether there will be extra resources made to enable checks on the massive data pool that services providers would be required to retain as part of the anti-terror plans.
Graham’s evidence suggested that the draft bill had been drawn up with little thought to privacy issues, with all the focus going on crime prevention.
“I haven’t had any discussions with the Home Office about how the regime is is expected to work,” Graham said in a Parliamentary debate.
“I didn’t see the bill – I saw the draft clauses that concern the Information Commissioner the day or maybe the week before the draft was launched. And I’ve had one phone call with the minister since.”
This is a system that’s looking for the incompetent criminal and the accidental anarchist
Graham’s most pressing concerns, which raised questions over whether he was simply involved in a landgrab for more funding, were how public information could be protected.
With an estimated 10PB of data generated a year under the proposals, he claimed it would be impossible to properly monitor how that data was being accessed, stored and deleted.
“Sir Paul [Kennedy, Interception of Communications Commissioner] has received the assurances that what he needs, he will have, but I’ve received no such assurance,” he said. “I will need to have the resources to do an annual review and need technologists to undertake spot checks needed – the manpower and the resources.”
Incomplete picture
Graham also echoed fears that the system could be worthless because criminals would circumvent controls, especially if only the top ISPs are involved.
With government estimates putting the cost of the plans at £1.8bn, Graham said security services would still not have access to a full range of data.
Security officials have said that under the status quo they can only access 75% of the information they’d like, but despite the investment there will still be loopholes for criminals.
Graham confirmed the possibility that only the biggest ISPs in the UK would be scrutinised because they covered 95% of web traffic, saying that would make it easy for anyone to avoid detection.
“The ambition is to increase the capability from 75% to 85% so that still leaves 15% uncovered – and if you’re the kind of international organised terrorist or criminal that this sort of system is designed for, then you have the wit not to go with one of the big six ISPs,” he said. “You might even be able to afford the £5 a month to buy a virtual private network registered overseas so all your traffic is encrypted.”
Disclaimer: Some pages on this site may include an affiliate link. This does not effect our editorial in any way.
