link to briefings documents at magnacartaplus.org
 

Magna Carta Plus News

back to magnacartaplus.org index page
orientation to the news at MagnaCartaPlus.org

short briefing dcuments at MagnaCartaPlus.org

This page provides occasional items, linked to the original articles, as we attempt to keep up with the rapidly changing situation on civil liberties.
Archive of old news service:
2002 - 2004

1st Jan to 9th Sept 2005

Google
 
Web magnacartaplus.org

Is the UK Passport Service developing an alternative identity card and database?

Posted by James Hammerton @ 8:26 pm on 29 January, 2006.
Categories privacy and surveillance.
Edit This Permalink to this article

John Lettice, writing in the Register, suggests that the UK Passport Service is developing a scheme very similar to the proposed ID card plus identity register of the Identity Cards Bill (from page 2 of Lettice’s article):

Baroness Scotland helps explain the extent to which the National Identity Register already exists: “We have called the central new database ‘the register’, but noble Lords will be familiar with the fact that the Passport Office currently has a database. When we include the biometric data that will come from facial recognition and fingerprints, that information will have to be contained on that database. As a result of the demands made on the service, we have now piloted passport validation, a commercial service that will come on stream in 2006. It is demand-led because, even under the current legislation, there has been a demand for that from the business community.

“All of those items are coming anyway, and the passport service will have to provide for them. So if we look at the differences between the service that will be provided now and that which we anticipate will be necessary to be provided in the long term, the differences are not great. I will list them. A database of basic personal information and biometrics exists, and that will continue. An identity document that stores information, including biometrics, is already provided. The ability for banks and other organisations to validate identity documents with consent exists now in pilot form. Disclosure to the police and other agencies of data held on the passport database happens already, and this would include the equivalent audit usage data.
Click Here

“So what is new? The production of cards as well as passports is new. We do not currently record changes of address, but we propose to do so in the future. The IT infrastructure will be slightly bigger; and the scheme will be enforced; that is, civil penalties, mainly post-compulsion.”

You can see the inexorable logic when it’s put like that. The database will exist, will include biometrics, and via passports alone will ultimately cover 80 per cent of the UK population. The Passport Service’s transformation from a document-centred to a person-centred database positions it as the sole custodian of ‘gold standard’ identification in the UK, and the inclusion of biometric ID capabilities tying the individual to the identity document produces further potential benefits. When you go down to the bank to prove you exist, the bank can use a reader to associate you with the identity document, and all of the other claimed ID scheme benefits follow from there.

From this kind of perspective the fact that the UKPS ID Register (or, erm, “database”, as Baroness Scotland puts it) can only ever cover those in the population who’re UK passport holders is clearly anomalous. But if the ID scheme died and the Government nevertheless continues with the approach, and passport-linked biometric ID infrastructure begins to grow through Government and the commercial sector, we can anticipate how the tentacles will grow.

People might start demanding that ID documentation in a more convenient format (Passport Lite?) be issued. And you could envisage other Government departments (DWP, NHS and DVLA being obvious examples) increasingly using the UKPS database systems for the validation of their own existing ID documentation and systems, and dusting off plans to morph driving licences into ID cards, and to produce “entitlement cards”.

A further point to note here is that apparently the UK Passport Service scheme is being created via the government exercising its powers of “Royal Prerogative”, meaning that Parliament doesn’t get a look in. For details see page 3 of Lettice’s article.

Another Lords defeat for the Identity Cards Bill

Posted by James Hammerton @ 8:48 pm on 23 January, 2006.
Categories privacy and surveillance.
Edit This Permalink to this article

The BBC reports that the House of Lords have inflicted another defeat for the government over the Identity Cards Bill:

The government has been defeated twice in the Lords over its Identity Cards Bill, as opposition peers attempt to make the scheme entirely voluntary.

Ministers want applicants for passports and driving licences to be obliged to go on the ID card register.

But peers decided by 186 votes to 142 - a majority of 44 - to ensure that entry on the list is voluntary.

The government lost again when peers called for a separate Act of Parliament before cards could be made compulsory.

The votes were among a series of Lib Dem and Tory amendments aimed at making sure people have a choice.

These defeats followlast week’s amendment requiring the government to produce a detailed estimate of the costs of the scheme before the scheme can go ahead.

It is interesting to consider now what these defeats mean. When the bill goes back to the House of Commons they have the choice of overturning the amendments and sending the bill back to the House of Lords, or of accepting the amendments, or of using the Parliament Act to overrule the House of Lords. However, the last option would require the Bill to be reintroduced to Parliament in the next Parliamentary session resulting in a year or so’s delay.

So the critical questions are whether the government wishes to tough it out, playing ping-pong over the bill with the House of Lords, whether the House of Lords will insist on these amendments and whether Labour MPs will be swayed to back e.g. the amendment requiring a complete costing of the scheme. The government is ludicrously holding some figures back on “commercial” grounds — this is taxpayer’s money they’re proposing to spend and they want to keep MPs and the public in the dark over the costs.

If the House of Lords insists on its amendments, the government will either have to accept them or accept a year’s delay in implementation. If it accepts the amendment about costing, that will also delay the bill. If they accept the amendment making getting a card and being registered voluntary for those applying for the passport, they will accept delays in take-up of the scheme should it go ahead.

Whichever way it goes buys more time for those opposed to the scheme to campaign against it either in terms of stopping the bill, or in terms of persuading large numbers of people not to register whilst the scheme is entirely voluntary.

The crucial variable is that the House of Lords must not back down. Backing down will let the government get the bill on the books on its own timetable, with those who apply for or renew passports being compelled to register (or forgo having a passport).

Prosecution and police to decide sentence where defendant pleads guilty to minor offences

Posted by James Hammerton @ 2:57 am on 22 January, 2006.
Categories democracy and the rule of law.
Edit This Permalink to this article

Recently, the government has proposed that if a suspect pleads guilty to a minor offence, the sentence will be decided between the police and prosecutor (note no mention of the defence!):

Lord Falconer, the Constitutional Affairs Secretary, and Mike O’Brien, the solicitor general, are drawing up proposals to bypass the court process in as many as half the cases heard by magistrates every year.

Defendants who plead guilty to offences such as shoplifting, theft and criminal damage would have their punishment decided by the prosecutor, in consultation with the police, instead of going to court. Ministers believe that about half of the two million cases heard annually by magistrates could be handled in that way.

The plan would represent a revolution in the criminal justice system which has always been based on the principle that sentencing should be weighed in court, with the defence entering a plea in mitigation in response to the prosecution’s case.

Probation officers and magistrates are worried about power over sentencing being handed to the police and prosecutors. Judges are also likely to worry about any proposal to undermine the court system. The Government’s attempt to end jury trials in some cases was blocked by the Lords.

This is an insidious measure. The courts are there not just to decide guilt or innocence but to decide on an appropriate sentence in an impartial manner. Allowing the police and prosecution to decide on a sentence between themselves violates this impartiality — these parties have vested interests in the case. Also the defence is notably absent from the decision.

If the proposal goes ahead, there will be a strong incentive for the police/prosecution to pressure a suspect to admitting guilt — it will be lot less effort and lot less time consuming if the suspect admits guilt and the police and prosecution get to decide the sentence. The police will notch up a conviction and save time and money and will thus be quite happy with such an outcome. This does not mean that such an outcome would be just.

The proposal is thus in many ways typical of the Blair administration — it puts administrative convenience and the saving of money before justice, whilst weakening the power of the courts and replacing the rule of law with the rule of men.

Also, as the Talk Politics blog notes, the European Convention on Human Rights prevents someone being either imprisoned or forced to carry out a task (e.g. community service) without a fair hearing before a court, leaving only a fine as a possible punishment in such cases. So unless Blair intends derogating from the ECHR (or, perhaps, arguing that the police and prosecution themselves constitute a court!) the only sentence the police/prosecution could pass is a fine. Is having the perpetrator paying a fine likely to be what the victim of a theft or criminal damage wants?

Annoying someone via the internet anonymously is illegal in the US

Posted by James Hammerton @ 2:20 am on .
Categories political liberties, democracy and the rule of law.
Edit This Permalink to this article

Bruce Schneier recently commented on Bush’s signing into law of a bill that would make it illegal to annoy someone, anonymously, via the internet. From the news.com article Schneier cites:

Buried deep in the new law is Sec. 113, an innocuously titled bit called “Preventing Cyberstalking.” It rewrites existing telephone harassment law to prohibit anyone from using the Internet “without disclosing his identity and with intent to annoy.”

To grease the rails for this idea, Sen. Arlen Specter, a Pennsylvania Republican, and the section’s other sponsors slipped it into an unrelated, must-pass bill to fund the Department of Justice. The plan: to make it politically infeasible for politicians to oppose the measure.

However, Schneier writes in an update to his article:

EDITED TO ADD (1/9) Some commenters to BoingBoing clarify the legal issues. This is from an anonymous attorney:

“The anonymous harassment provision ( Link ) is the old telephone-annoyance statute that has been on the books for decades. It was updated in the widely (and in many respects deservedly) ridiculed Communications Decency Act to include new technologies, and the cases make clear its applicability to Internet communications. See, e.g., ACLU v. Reno, 929 F. Supp. 824, 829 n.5 (E.D. Pa. 1996) (text here), aff’d, 521 U.S. 824 (1997). Unlike the indecency provisions of the CDA, this scope update was not invalidated in the courts and remains fully effective.

In other words, the latest amendment, which supposedly adds Internet communications devices to the scope of the law, is meaningless surplusage.”

Here we have two phenomena I’ve noted in recent British bills, firstly measures included in bills which are not related to the matters the rest of the bill addresses — making it difficult for MPs to vote them down without jeopardising legislation they might otherwise support — and secondly, measures that criminalise actions that are already criminalised. Such tactics seem to me calculated to confuse and, with respect to criminalising already criminalised actions, to giving a visible impression of action on the part of the government.

Indeed, military action and large changes in taxation and spending aside, passing legislation is the most visible manner in which a government can portray itself as taking action — a government that pledges to tackle a problem will most likely pass legislation ostensibly aimed at dealing with it.

Very few people will actually read the legislation to see if it does what it says on the tin. Unfortunately this will likely include many elected representatives — the volume of legislation in Britain at least makes reading every clause of every bill impossible, and many MPs will focus only on “flagship” legislation and even then will rely on the reports of select committees, or the governments own claims about the legislation when deciding how to vote.

With regards to the freedom of speech aspects of the measure discussed above, the US constitution should hopefully provide some protection for people and might be used at least to blunt it’s impact. Were such a measure to be passed in Britain there seems to be no constitution worth speaking of. The Human Rights Act is the closest thing we’ve got, but consider the difference between the American Bill of Rights’ first amendment and article 10 of the ECHR (which the Human Rights Act enshrines in UK law. The latter is full of holes.

Lords defeats for British government on ID cards and Terrorism bills

Posted by James Hammerton @ 10:06 pm on 17 January, 2006.
Categories privacy and surveillance, political liberties, democracy and the rule of law.
Edit This Permalink to this article

The House of Lords has passed some opposition amendments to both the Identity Cards Bill and the Terrorism Bill.

Regarding the Identity Cards Bill, it has been amended so that the government must disclose their estimates of the full costs of the scheme before it can go ahead:

The victory by Tory and Liberal Democrat peers together with some Labour rebels means that Charles Clarke, the Home Secretary, will have to come up with hard figures for the scheme, which an independent report has warned may cost as much as £19 billion over the next decade, about the same as the development and purchase cost of the Royal Air Force’s new Eurofighter.

The Home Office will now have to present its costings to the Commons and the National Audit Office, meaning that Labour MPs opposed in principle to what has been mocked as a “breathing licence” will get another chance to vote against it.

Furthermore:

Yesterday’s vote of 237 to 156 follows two reports from the London School of Economics warning of the potentially colossal price of equipping every adult in Briton with a card. The only figure made available by the Home Office so far is one for annual running costs of £584 million.

But that refers only to the Home Office and not to other departments that will have to alter systems and install equipment such as “readers” capable of verifying biometric data.

In addition, there is no mention of the enormous capital cost. The LSE has warned that the charge for each card may have to be £300 just to cover costs.

The Government has concealed its estimate on the grounds that IT companies bidding to supply hardware and software would use it as a minimum start point in negotiations. But that argument was rejected by opposition peers, who said that such a lucrative deal would have companies scrambling to undercut each other.

Clearly the government will say anything to try and hide the full cost to taxpayers represented by this scheme. Having to produce a full costing of the scheme may help those who wish to see it kicked into the long grass, by delaying it further.

Meanwhile the Lords have also passed amendments to the Terrorism Bill, removing the offence of glorification of terrorism and redefining the offence related to publishing a terrorist publication so that someone would commit the offence only if they acted recklessly or with intent.

Hackers fighting back against the onslaught on privacy

Posted by James Hammerton @ 8:26 pm on 7 January, 2006.
Categories political liberties.
Edit This Permalink to this article

Wired News recently reported on an interesting conference:

BERLIN — When the Austrian government passed a law this year allowing police to install closed-circuit surveillance cameras in public spaces without a court order, the Austrian civil liberties group Quintessenz vowed to watch the watchers.

Members of the organization worked out a way to intercept the camera images with an inexpensive, 1-GHz satellite receiver. The signal could then be descrambled using hardware designed to enhance copy-protected video as it’s transferred from DVD to VHS tape.

The Quintessenz activists then began figuring out how to blind the cameras with balloons, lasers and infrared devices.

And, just for fun, the group created an anonymous surveillance system that uses face-recognition software to place a black stripe over the eyes of people whose images are recorded.

Quintessenz members Adrian Dabrowski and Martin Slunksy presented their video-surveillance research at the 22nd annual Chaos Communication Congress here this week. Five hundred hackers jammed into a meeting room for a presentation that fit nicely into CCC’s 2005 theme of “private investigations.”

Amongst topics discussed were how to find CCTV cameras on the internet using Google, the retention of communications data, the provision of secure communications and anonymity technologies.

How to fool biometric scanners

Posted by James Hammerton @ 8:15 pm on .
Categories privacy and surveillance.
Edit This Permalink to this article

Another catch-up item. The British government has placed great faith in biometrics to make their proposed identity cards secure. Yet it seems many biometric scanners can be easily fooled:

  • For example, Play-Doh has been used to fool fingerprint scanners:

    Associate Professor of Electrical and Computer Engineering Stephanie Schuckers and her team at Clarkson University found that most scanning systems can be fooled 90% of the time by taking a mold of the mark’s finger, filling the mold with Play-Doh, and using the fake digit to gain access.

    However the authors designed an algorithm that takes perspiration into account and it was only fooled 10% of the time.

  • If you’re not sure about the Play-Doh, you could always try using gelatine, which was found to fool the scanners 80% of the time.
  • Should you wish to fool an iris scanner, it seems printing a photograph of the iris, cutting a hole where the pupil is and looking through it will suffice. OK, you’ll look rather conspicuous if you’re at an iris scanner peering through bits of paper, but it does suggest that an appropriately designed contact lense would suffice. The linked article also gives you more ways of fooling that fingerprint scanner. The article also pointed out that showing live video of a registered person to the camera was enough to fool a facial recognition system.

30,000 people wrongly matched to names on US terrorist watch list

I have a backlog of items I wish to mention on this weblog, the first of which is this one…

On 6th December 2005, an article from ZDNet reported that:

WASHINGTON–About 30,000 airline passengers have discovered since last November that their names were mistakenly matched with those appearing on federal watch lists, a transportation security official said Tuesday.

Moreover the article states:

After submitting their notarized forms and identifications, and waiting for evaluations, the vast majority of the people mistakenly matched to names on the watch list have now been added to a “clearance” list. That doesn’t mean their names are erased from the watch list. In fact, travelers who go through the paperwork are told, Kennedy said, that “it will not quote ‘remove’ you from the list because the person we’re still looking for is out there.”

Instead, their names are put on the separate clearance list, which means they typically can’t check in for flights at an unmanned kiosk and must approach the ticket counter to explain their situation and have an airline employee match their name to the clearance list.

So, after being repeatedly hassled by security staff at airports, you find that your name mathces one on a government watch list. You tell the government there must be some mistake. They get you to fill in a form requiring 3 notarized forms of identification and wait for 45 to 60 days for them to evaluate your case. After which, if they conclude that there is indeed some mistake, your name gets put on another list, and you still find yourself having to explain things to the airport staff each time you travel.

And it could be worse. If you’re really unlucky you might find yourself detained, schackled, beaten, photographed nude and injected with drugs simply because your name matches that on someone’s list.

Some much for the innocent having nothing to fear from such measures.

One would have hoped the global war on terror was conducted by people who realise that a name might be shared by more than one person…

See Bruce Schneier’s article for further discussion.

The rise of Big Brother Britain

Posted by James Hammerton @ 9:19 pm on 3 January, 2006.
Categories privacy and surveillance, political liberties.
Edit This Permalink to this article

Firstly, I wish a Happy 2006 to all the readers of Magna Carta Plus and apologise for the lack of posting on the blog recently.

But now to the main purpose of this post. It is clear that Britain is developing the infrastructure for the mass surveillance of the general public, with almost every aspect of their lives coming under surveillance — and other countries have made their own steps down this road. This trend stretches back to the rise of CCTV in towns and shopping centres during the 1990s, but the trend is now accelerating. There are several lines of development:

  • The monitoring and storage of communications data. By the term “communications data” I mean the data covered by Section 21(4) of Britain’s Regulation of Investigatory Powers Act(RIPA) 2000. This data includes information about who you communicate with and even the location of your mobile phone when switched on. Under RIPA, the security services (MI5, MI6, GCHQ), the inland revenue, customs & excise and the police can monitor this information on their own authority, however the “Snooper’s Charter” extended such powers to local authorities and numerous quangoes (see the discussion of the “Snooper’s Charter” here).

    Thus far we merely have a broad power to monitor individuals who are under suspicion, but under the Anti-Terrorism Crime and Security Act 2001, the British government asked communications providers to store communications data for upto 2 years for retrospective trawling, under threat of bringing in a compulsory scheme for such retention if they failed to cooperate. Then, during the recent British presidency of the EU (which ran through the last 6 months of 2005), they pushed the EU to adopt a directive requiring the retention of this data for 6 months to two years across the EU. This directive was adopted in December. This means that data about who you communicate with electronically will be stored for upto 2 years, regardless of whether you’re suspected of a crime, and made available for retrospective trawling.

  • The monitoring of car journeys. A number of systems which use CCTV and/or Automatic Number Plate Recognition(ANPR) to record every journey in a particular area have been developed, such as:

    However more ambitious and more worrying are plans to use ANPR to track people’s journeys and store the details for 2 years for retrospective trawling, as reported in the Independent and the Sunday Times. And in the longer term there are even proposals to track every single car journey made in Britain by requiring all cars to have satellite trackers in them (see also Spy.org.uk’s discussion).

  • The government’s Identity Cards Bill. If this goes ahead, every time your identity is checked, it’ll be recorded on the national identity register. The government intends identity checks to be required for everything from opening a bank account or enrolling your kids at school through to registering with a doctor — thus this database will record everyone’s activities in considerable detail.

The trend is clear. The government is collecting more and more information about us and storing it for future analysis, regardless of whether we’re suspected of doing anything wrong. It is moving us steadily closer to a state where we are under surveillance in all our activities 24/7. Yet there’s barely any protest about these developments and indeed some seem to welcome them.

email feedback@magnacartaplus.org

© magnacartaplus.org2008, 2007, 2006 [1 December]

variable words
prints as variable A4 pages (on my printer and set-up)

abstracts of documents on magnacartaplus.org UK Acts of Parliament click for news from magnacartaplus.org orientation to magnacartaplus.org orientation button links to other relevant sites links

Powered by WordPress