Privacy Digest

MI5 seeks powers to trawl records in new terror hunt - Via UK news | The Observer:

Millions of commuters could have their private movements around cities secretly monitored under new counter-terrorism powers being sought by the security services.

Records of journeys made by people using smart cards that allow 17 million Britons to travel by underground, bus and train with a single swipe at the ticket barrier are among a welter of private information held by the state to which MI5 and police counter-terrorism officers want access in order to help identify patterns of suspicious behaviour.

The request by the security services, described by shadow Home Secretary David Davis last night as 'extraordinary', forms part of a fierce Whitehall debate over how much access the state should have to people's private lives in its efforts to combat terrorism.

It comes as the Cabinet Office finalises Gordon Brown's new national security strategy, expected to identify a string of new threats to Britain - ranging from future 'water wars' between countries left drought-ridden by climate change to cyber-attacks using computer hacking technology to disrupt vital elements of national infrastructure.

The fear of cyber-warfare has climbed Whitehall's agenda since last year's attack on the Baltic nation of Estonia, in which Russian hackers swamped state servers with millions of electronic messages until they collapsed. The Estonian defence and foreign ministries and major banks were paralysed, while even its emergency services call system was temporarily knocked out: the attack was seen as a warning that battles once fought by invading armies or aerial bombardment could soon be replaced by virtual, but equally deadly, wars in cyberspace.

While such new threats may grab headlines, the critical question for the new security agenda is how far Britain is prepared to go in tackling them. What are the limits of what we want our security services to know? And could they do more to identify suspects before they strike?

One solution being debated in Whitehall is an unprecedented unlocking of data held by public bodies, such as the Oyster card records maintained by Transport for London and smart cards soon to be introduced in other cities in the UK, for use in the war against terror. The Office of the Information Commissioner, the watchdog governing data privacy, confirmed last night that it had discussed the issue with government but declined to give details, citing issues of national security.

Currently the security services can demand the Oyster records of specific individuals under investigation to establish where they have been, but cannot trawl the whole database. But supporters of calls for more sharing of data argue that apparently trivial snippets - like the journeys an individual makes around the capital - could become important pieces of the jigsaw when fitted into a pattern of other publicly held information on an individual's movements, habits, education and other personal details. That could lead, they argue, to the unmasking of otherwise undetected suspects.

Critics, however, fear a shift towards US-style 'data mining', a controversial technique using powerful computers to sift and scan millions of pieces of data, seeking patterns of behaviour which match the known profiles of terrorist suspects. They argue that it is unfair for millions of innocent people to have their privacy invaded on the off-chance of finding a handful of bad apples.

'It's looking for a needle in a haystack, and we all make up the haystack,' said former Labour minister Michael Meacher, who has a close interest in data sharing. 'Whether all our details have to be reviewed because there is one needle among us - I don't think the case is made.'

Jago Russell, policy officer at the campaign group Liberty, said technological advances had made 'mass computerised fishing expeditions' easier to undertake, but they offered no easy answers. 'The problem is what do you do once you identify somebody who has a profile that suggests suspicions,' he said. 'Once the security services have identified somebody who fits a pattern, it creates an inevitable pressure to impose restrictions.'

Individuals wrongly identified as suspicious might lose high-security jobs, or have their immigration status brought into doubt, he said. Ministers are also understood to share concerns over civil liberties, following public opposition to ID cards, and the debate is so sensitive that it may not even form part of Brown's published strategy.

But if there is no consensus yet on the defence, there is an emerging agreement on the mode of attack. The security strategy will argue that in the coming decades Britain faces threats of a new and different order. And its critics argue the government is far from ready.

The cyber-assault on Estonia confirmed that the West now faces a relatively cheap, low-risk means of warfare that can be conducted from anywhere in the world, with the power to plunge developed nations temporarily into the stone age, disabling everything from payroll systems that ensure millions of employees get paid to the sewage treatment processes that make our water safe to drink or the air traffic control systems keeping planes stacked safely above Heathrow.

(Read Original Article - Via UK news | The Observer.)