Costly Big Brother plan won't work, warns LSE

Home Office proposals for a "B ig Brother" capability to monitor the internet will not work and have poor safeguards against privacy, according to...

Home Office proposals for a "Big Brother" capability to monitor the internet will not work and have poor safeguards against privacy, according to a study by the London School of Economics.

In a briefing to be published by the LSE's Policy Engagement Network on 17 June, LSE academics and others will say that Home Office proposals for an Interception Modernisation Programme (IMP) will need new laws if it is to boost the ability of law enforcement and intelligence agencies to collect and analyse the internet activities of all UK citizens.

The government will also have to persuade the public that the threats from terrorism and crime are so extensive as to justify ever greater levels of intrusion and expenditure, the briefing will say.

Data storage

Telephone companies and some internet service providers (ISPs) already have to store "communications data" for all their customers for a year. This covers at least 70% of the population, it will say.

Under the Home Office proposals for consultation published in April, "Protecting the Public in a Changing Communications Environment", ISPs would be required to retain much more information and to pre-analyse it, the briefing will say.

"The aim is to enable the police and others to meet the challenges of the internet. These include web-based e-mail, instant messaging, internet telephony, social networking and online gaming," it will say.

The report will note that the Home Office says it has abandoned plans to hold all relevant UK internet traffic in a large central database. However, Sir David Pepper, former director of the government's electronic surveillance centre, GCHQ, argued strongly for such a database on the BBC programme "Who's watching you?" flighted two weeks ago.

New laws required

The LSE's Professor Peter Sommer said the Home Office was right to be concerned about the impact on criminal use of the internet on investigations. "However, they are wrong to think that this can be done by light tinkering with existing legislation," he said.

Current law, the Regulation of Investigatory Powers Act, 2000 (RIPA), is based on the old-fashioned telephone, the report will say.

RIPA gives two main powers. The first is a demand by a senior law enforcement official for "communications data" such as who called whom, when and for how long - in effect something like a detailed phone bill. ISPs retain all of this for 12 months in case law enforcement asks for it, Sommer said.

"The second and much more intrusive power, a warrant to intercept the content - that is, eavesdropping on what is said - is granted not by judges but by the home secretary of the day. Moreover, intercept material is inadmissible. It cannot be used or even referred to in court," Sommer said.

This would lead to implementation problems, he said. "With internet technology you have to collect everything and then throw away what the law does not allow you to have or use," he said.

"We think that at a practical level the communications data/interception distinction will be impossible to interpret both for ISPs and the courts," he said. "Moreover the existing balance of protections against abuse will also be lost."

Big Brother

The report's authors are also concerned that the Home Office was saying it aimed to maintain an interception capability. They will note that police powers and capabilities to watch the public have increased significantly over the past 15 years.

"We need a full debate about the balance between threats to public safety, police powers, the effectiveness of safeguards and cost," the report will say.

"The Home Office says the cost to the taxpayer will be £2bn, but provides no clue as to how this was derived," it will say.

The report will say that the IMP will place a much greater cost burden on ISPs, just as they will be expected under the Digital Britain plans to provide the UK with cheap universal high-speed internet connections.

"We are pleased to note that parliament's All Party Privacy Group is to hold hearings about the IMP in July 2009 and that it is using our work as a starting point," Sommer said.

The same LSE group was earlier responsible for a similar analysis of the government's plans to introduce a national identity card.

Read more on IT risk management