– UK government plans to track ALL web use: MI5 to install ‘black box’ spy devices to monitor British internet traffic (Daily Mail, Feb 6, 2013):
MPs’ report outlines spooks’ take on the draft Communications Data Bill It shows they are keen to implement nationwide surveillance regime They want ISPs to install ‘black boxes’ that can inspect all internet traffic Spies claim they are only interested in ‘communications data’ Campaigners warn it will give spies unprecedented surveillance powers
UK spy agencies want to install ‘black box’ surveillance devices across the country’s communications networks to monitor internet use, it emerged today.
A report by an influential committee of MPs tells how spooks are keen to implement a nationwide surveillance regime aimed at logging nearly everything Britons do and say online.
The spy network will rely on a technology known as Deep Packet Inspection to log data from communications ranging from online services like Facebook and Twitter, Skype calls with family members and visits to pornographic websites.
But civil liberties and privacy campaigners have reacted with outrage, saying that the technology will give the government a greater surveillance capability than has ever been seen.
The report by Parliament’s Intelligence and Security Committee, published on Tuesday, gives UK intelligence agencies’ perspective on the government’s draft Communications Data Bill, which is intended to update surveillance powers.
The government argues that swift access to communications data is critical to the fight against terrorism and other high-level crime, but it has been delayed after the Liberal Democrats dropped support for the bill.
MI5 chief Jonathan Evans told the committee: ‘Access to communications data of one sort or another is very important indeed. It’s part of the backbone of the way in which we would approach investigations.
‘I think I would be accurate in saying there are no significant investigations that we undertake across the service that don’t use communications data because of its ability to tell you the who and the when and the where of your target’s activities.’
The Bill has encountered stiff opposition, but authorities have been at pains to stress that they’re not seeking unfettered access to the content of emails or recordings of phone calls.Instead, they claim, what they are after is what many have described as ‘outside of the envelope’ information: Who sends a message, where and how it is sent, and who receives it.
For example, while the email addresses of senders and recipients would be available to agencies, they would still need to obtain a court order for access to the contents of the emails.
A similar situation would apply in the case of mobile phone calls, with the callers’ identities and locations available to agencies, along with the time of the call and its duration, but agents restricted from listening without authorisation from the courts.
Critics have said that in effect there is no way to reliably separate such communications data from the content of messages and calls, and that giving easy access to the former would also open the way to access of the latter.Campaigners also challenged the government over how it could criticise totalitarian regimes overseas which may be using similar systems to crack down on dissent.
Emma Carr, deputy director of privacy and civil liberties campaign group Big Brother Watch, said: ‘Using highly intrusive technology to monitor how people use the internet is not something that a civil society should be using on every citizen.
‘The danger is that the whole communication, including content, is inspected and potentially stored, intruding on people’s privacy in a dangerous and unprecedented way.
‘This sends a highly dangerous signal to regimes around the world who are looking for justification to use similar equipment on their populations.
‘The fact that at no point does the Government need court approval, either to install, use or look at data gathered is a major concern and if it is to be used as a last resort should only be done so on the highest judicial authority.’
Jim Killock, executive director of the Open Rights Group, which campaigns for freedom online, said the real threat was posed by the addition of what the report calls the ‘filter’ to the surveillance system.
He explained that this would work as a kind of search engine for everyone’s private data, linking it together from the various online and telecoms accounts people use to communicate.
‘The really worrying part of this is the “filter” the government wants to build,’ he told MailOnline.
‘This would put data from your mobile phone, email, web history and phones together, so the police can tell who your friends are, what your opinions are, where you’ve been and with who.
‘It could make instant surveillance of everything you do possible at the click of a button.’
A key challenge for the government has been extracting that information from overseas service providers – companies based in Silicon Valley or elsewhere that might not feel obliged to comply with a British spy agency’s request.
FOIL THE LISTENERS: HOW TO ENCRYPT YOUR COMMUNICATIONS
While the government has insisted that it will not invade the privacy of citizens’ communications without a court order, there are fears that installing deep packet inspection across the UK will nevertheless give them the capability.
Luckily, there is a range of software for both computers and mobile devices, much of it free, that can encrypt communications to keep it secure.
1) iSafeguard Freeware 6.2: This program will secure emails and files using strong encryption and syncs with most popular email clients.
2) HushMail: This web-based email service uses a Java applet to encode emails with 1024bit public key encryption.
3) GnuPG: This Linux-only application is an open-source replacement for PGP (Pretty Good Privacy). PGP was one of the first military-grade encryption products available to the general public.
It was in those cases, the committee’s report said, that the surveillance devices would come in handy.
‘It is important for the agencies that there is some means of accessing communications data from uncooperative overseas communications service providers,’ the report said.
The report said the probes would work using ‘deep packet inspection,’ so-called because it allows those intercepting packets of data to comb through their content.
The services that might be targeted by the probes weren’t identified, although Facebook, Twitter, Hotmail, and Google Chat are all popular in Britain and were among the services named elsewhere in the report.
Britain’s surveillance plans remain in draft form, and the report carried several critiques of the government’s proposals.
But in general it rejected opponents’ claims that the surveillance regime was unworkable or oppressive, warning that the pace of technological change would soon ‘have a serious impact on the intelligence and security agencies’ unless the new surveillance powers were introduced.
The report also appeared to reject suggestions that encryption might allow those trying to maintain the privacy of their communications to baffle government monitoring.
‘We have heard that the government has (redacted) options in dealing with the challenge encryption poses,’ the report said.
The next two paragraphs were completely blanked out.
Mr Killock of the Open Rights Group said it was unlikely that the government had the capability to crack advanced digital encryption.