What is missing from the debates over RIPA, IMP and Data Retention

The achievements of Bletchley Park in World War 2 were stupendous - but we intercepted a fraction of enemy traffic, accurately recorded a fraction of that, attempted to decrypt a fraction of that and successfully decrypted a fraction of that. The success came from targeting resources, not attempting to boil the ocean.

The engineers of the Post Office and of Cable and Wireless who subsequently recorded cold war and terrorist telephone calls and telegraphic traffic were servants of the Crown operating under the Official Secrets Act as well as a magistrates warrant when the request came from the police.

Then the Thatcher government set about demolishing the communications monopolies of the Post Office and Cable and Wireless in parallel with privatising them. This helped trigger a process of global change, including the end of the AT&T monopoly in the US, which enabled the rise of the Internet, a network of competing networks. Now mobile devices often communicate locally with each other, without passing over a network at all, This facility, used by Anna Chapman to bypass US wiretapping, is being promoted as part of contingency planning for when networks have to shed non-emergency traffic during the Olympic.   

The "status quo" that those calling for data retention seek to preserve is that of the early 1980s when all intra-UK communications still passed through BT switches and all overseas communications were routed via Cable and Wireless. The mind-set behind current proposals appears to be to create a modern equivalent of that bygone age.

I would not be surprised if some of those involved also look forward to recreating a situation where all UK communications traffic, mobile as well as fixed, once again passes through BT operated switches and monitoring stations. Indeed  it has been alleged that the proposals are intended to help encourage this by imposing disproportionate costs on others.

But the world has moved over the past 30 years. If the objective is to be able to mount surveillance on Islamic Terrorists in much the same way as that on the IRA on the 1980s, it would almost certainly be more cost-effective to work through the technologies and structures that underpin today's world of ubiquitous computing than try to recreate those of yesterday. The latter is an expensive and ineffective pursuit that risks uniting civil liberties and business lobbies in a way that has not happened since England's last revolution - in 1688..

 At the Scrambling for Safety debate last week, Nick Pickles, Director of Big Brother Watch said that part of the current problem was that Britain had never had a proper revolution. He was wrong. More-over one of the triggers for the Glorious Revolution of 1688 was revulsion with the surveillance system used by James II to support his creation of an absolutist monarchy. One of James' last acts as Duke of York, before he became King, was to suppress Dockwra's  penny post. This had transformed London's business communications but had also enabled conspirators (including those carrying on illicit love affairs, not just political opponents of the King) to write to each other without James, (who ran the Royal Mail service for his brother), being able to have their letters steamed open.  After the revolution Dockwra was given the Royal Mail to run and was himself subsequently sacked himself for opening and detaining correspondence. The oath I took when I became a Freeman of the City Of London dates from around then. It requires me to inform the Lord Mayor, not the security services, if I know of any "gatherings" or "conspiracies" against the Queen's Peace. Those who say the debate over interception goes to the heart of what it means to be British are not "barking".

I do not, however, believe that we can afford to do nothing in the face of a rising tide of Internet assisted crime of all types, not just terrorism and less violent forms of subversion. Something must be done. But it would still be better to do nothing than to require data to be stored in case it might be needed, without any responsibility or liability on the part of those requiring it to be stored in the event of unauthorised access and abuse.    

My hope is therefore that we will start looking at solutions that are fit for the 21^st century, with its tensions between privacy and security, localism and globalisation and uncertainty with regard to direction and pace of technology change. In looking to preserve a democratically accountable society we need to look at more practical ways of identifying and monitoring communications between criminals and terrorists. That should include learning from the global monitoring and intelligence services organised to help banks, telcos, ISPs and on-line retailers to protect themselves and their customers from attack. These now include routines to track the source of on-line transactions and communications and to take action under a mix of existing civil and criminal law against those responsible. Using such routines to help organise targeted interception and retention, instead of trying to record everything, should be a no-brainer .

I am currently advising the Cybersecurity work stream of the Information Society Alliance (EURIM) on the practicality of putting together a small group to facilitate trusted intelligence sharing between those for whom such services are already a multi-billion pound commercial business. Some of those concerned believe that this would also offer a more cost-effective way forward for government current proposals. Others fear that the very different attitudes to the issues of accountability would make co-operation with central government security services, as opposed to with local law enforcement under judicial control, a non-starter.

I personally believe the way forward should be based on a mix of "aid to the civil power" (placing this much higher in GCHQ's priorities) and community policing, with clear legal frameworks for handling the consequences of voluntary peacetime co-operation with law enforcement, under judicial oversight.

How to achieve that is another matter.