Personal information detailing intimate aspects of the lives of every British citizen is to be handed over to government agencies under sweeping new powers. The measure, which will give ministers the right to allow all public bodies to exchange sensitive data with each other, is expected to be rushed through Parliament in a Bill to be published tomorrow.

The new legislation would deny MPs a full vote on such data-sharing. Instead, ministers could authorize the swapping of information between councils, the police, NHS trusts, the Inland Revenue, education authorities, the Driver and Vehicle Licensing Authority, the Department for Work and Pensions and other ministries.

Opponents of the move accused the Government of bringing in by stealth a data-sharing program that exposed everyone to the dangers of a Big Brother state and one of the most intrusive personal databases in the world. The new law would remove the right to protection against misuse of information by thousands of unaccountable civil servants, they added.

Thomas Hammarberg, the Council of Europe’s commissioner for human rights, said he believed Britain had gone too far in helping to bring about a “surveillance society”. In a report drawing on personal data infringements across Europe but “inspired” by Britain’s plan for a new internet, email and telephone database, he added: “General surveillance raises serious democratic problems which are not answered by the repeated assertion that those who have nothing to hide have nothing to fear. This puts the onus in the wrong place: it should be for states to justify the interferences they seek to make on privacy rights.”

He said he was “very worried about the downgrading of the protections of personal information”, adding: “Of course there has to be a balance to be struck. At the moment we have not got it right.”

David Howarth, the Liberal Democrat justice spokesman, added: “The Government shouldn’t try to sneak through further building blocks of its surveillance state. Unrestricted data-sharing simply increases the risks of data loss. This is particularly troubling since the Government has already shown itself entirely incapable of keeping our personal data safe.”

The data-sharing measure is referred to in the Coroners and Justice Bill outlined in yesterday’s Queen’s Speech. It could, for instance, pave the way for medical records to be sent to the Driver and Vehicle Licensing Agency to identify drivers who pose a health risk, or school attendance data being handed to the Department for Work and Pensions to verify social security claims made by parents.

But civil rights groups warned that the possibility of public records being transferred to private companies on a minister’s whim was of even greater concern. Under the existing system, public bodies require primary legislation to authorize the transfer of data to another agency. The new plans would end such parliamentary scrutiny by permitting ministers to use secondary legislation without a full vote of MPs. The Bill sets out how ministers would be able to sidestep data protection and human rights laws that prevent public bodies revealing private information.

NO2ID, a group which campaigned against government plans for ID cards and the associated National Identity Register, said the proposals went far beyond data protection and were intended “to build the database state, concealed under a misleading name”. The group’s national coordinator, Phil Booth, said: “This is a Bill to smash the rule of law and build the database state in its place. Burying sweeping constitutional change in obscure Bills is an appalling approach. Having proved – and admitted – they cannot be trusted to look after our secrets, they are still determined to steal what privacy we have left. Parliament needs to wake up before it has no say any more.”

Civil liberties groups said the new powers could be used in conjunction with the equally controversial plan for a giant database holding details of people’s emails, telephone calls and internet searches. The Communications Data Bill, which would contain this information, was set for inclusion in yesterday’s Queen’s Speech but will now be part of a consultation paper to be published in January.

Mr Hammarberg said Britain’s poor record on data loss had led to an EU-wide debate about the dangers of a surveillance society. He added: “Data protection is crucial to the upholding of fundamental democratic values: a surveillance society risks infringing this basic right.”

The Ministry of Justice said data-sharing was essential for the delivery of “efficient and effective public services, tackling crime and protecting the public”. “Any draft order would require parliamentary approval and a privacy impact assessment,” said a spokesman. “Additionally, the Information Commissioner would have been invited to comment on the proposals. This will ensure any potential privacy issues and risks are identified and examined.

“The power will be exercised only in circumstances where the sharing of the information is in the public interest and proportionate to the impact on any person adversely affected by it.”

www.independent.co.uk/news/uk/politics/the-big-brother-state-ndash-by-stealth-1050576.html

“From on or about April 22, 2005 thought on or about May 21, 2005, a mail cover was conducted for all mail pieces addressed to an individual residing on Lauder Street in Detroit, Michigan who was, at all times relevant to the Information, the subject of an ongoing federal criminal investigation,” reads the complaint filed in the U.S. District Court for the Eastern District of Michigan on Friday.

On July 8th of that year, Cry “did disclose to the subject … that his mail was monitored by the Postal Service,” the complaint alleges, violating a federal law against disclosing confidential government information, a misdemeanor.

Courts have ruled that Americans have no reasonable expectation of privacy in the address information on their mail, and mail covers have a long and storied history in the annals of domestic surveillance. In the 1970s, the Church Committee found that the CIA and FBI had used the mail cover program as a front to secretly open, copy and re-seal some 215,000 letters, in a single spying operation run from an office in New York.

In 2005, the Bush administration unsuccessfully lobbied Congress for expanded authority to obtain mail covers, complaining that the Postal Service’s standards for approving the surveillance were too restrictive.

Unlike other forms of surveillance, like wiretaps and pen registers, statistics on the number of mail covers performed each year are not released. In 2007, Salon reported on widespread suspicions in the civil liberties community that the secret number is rising.

It’s surprising to hear that an ordinary letter carrier would be privy to the workings of a surveillance program, even one as antiquated as mail snooping. It’s also kind of reassuring. If you notice your mailman, avoiding eye contact the time you sign for a parcel, they may be trying to send you a message.

http://blog.wired.com/27bstroke6/2008/04/post-carrier-ac.html

Chertoff was in Canada discussing the Bush administration’s push for stricter identity systems including the so-called “Server in the Sky” program to share fingerprint databases among the U.S., Canada, the U.K., and Australia.

When asked about concerns some critics are raising over the privacy aspects of sharing that kind of data, among four countries, Chertoff replied, “Well, first of all, a fingerprint is hardly personal data because you leave it on glasses and silverware and articles all over the world, they’re like footprints. They’re not particularly private.”

But then Chertoff praises the idea of taking DNA samples from US citizens prior to a conviction, and from foreign citizens detained at the border for further scrutiny. They can’t be used for categorizing or for genetic profiling of people it is said.

Jennifer Stoddart, the Canadian official in charge of privacy issues letter:

Letter to the Minister of Public Safety and Emergency Preparedness Canada

April 11, 2008

The Privacy Commissioner of Canada, Jennifer Stoddart, sent the following letter to the Minister of Public Safety and Emergency Preparedness Canada, regarding her concern about remarks made by the U.S. Secretary of Homeland Security suggesting fingerprints are not “personal data”.

The Honourable Stockwell Day, P.C., M.P.
Minister of Public Safety and Emergency Preparedness Canada
Public Safety Canada
Room: 19A-7400
269 Laurier Avenue West
Ottawa, ON K1A 0P8

Dear Minister,

I am writing to express my concern about remarks U.S. Secretary of Homeland Security Michael Chertoff made yesterday while in Ottawa, suggesting fingerprints are not “personal data”.

As you know, Canadian privacy legislation defines fingerprints as personal information. In Canada, we have traditionally taken a more restrained approach to the collection of fingerprints, largely restricted to cases where individuals are charged with or convicted of certain criminal behaviour.

In contrast, the U.S. has increasingly relied upon the collection of biometric data, including fingerprints, from a broad range of individuals for border control purposes and in order to identify and track suspected terrorists. Fingerprints constitute extremely personal information for which there is clearly a high expectation of privacy. Canadian courts have held that, absent lawful authority, compelling persons to provide fingerprints may violate their rights under the Charter of Rights and Freedoms.

No one doubts the need to strengthen information-sharing among nations. We all share a common goal of ensuring our national security. However, as Privacy Commissioner, I strongly urge the Government of Canada to ensure that the privacy rights of individuals are respected and protected at all times.

Canadians rightly expect their government to respect their civil liberties and safeguard their personal information from abuse. The challenge lies in finding the balance between the protection of civil liberties and the need for national security.

As Privacy Commissioner, I certainly expect to be consulted if the Government of Canada is considering new programs to share biometric information – or any personal information – with foreign governments.

I expect your assurance that adequate oversight and control mechanisms are built into the collection, use and safeguarding of personal information that may be shared with other governments, and I expect the opportunity to review these mechanisms.

I know that our respective staffs have built a solid working relationship in matters of security and privacy, and expect that the concerns identified above will be addressed as programs are expanded or new programs are considered.

Sincerely,

Original signed by

Jennifer Stoddart
Privacy Commissioner of Canada

original link:
http://www.privcom.gc.ca/media/nr-c/2008/let_080411_e.asp

Top Stories


My StumbleUpon Page

Pasdar won’t name the wireless carrier in question, but his claims are nearly identical to unsourced allegations made in a federal lawsuit filed in 2006 against four phone companies and the U.S. government for alleged privacy violations. That suit names Verizon Wireless as the culprit.

Pasdar has executed a seven-page affidavit for the nonprofit Government Accountability Project in Washington, which on Tuesday began circulating the document (.pdf), along with talking points (.doc), to congressional staffers hashing out a Republican proposal to grant retroactive legal immunity to phone companies who cooperated in the warrantless wiretapping of Americans.

According to his affidavit, Pasdar tumbled to the surveillance superhighway in September 2003, when he led a “Rapid Deployment” team hired to revamp security on the carrier’s internal network. He noticed that the carrier’s officials got squirrelly when he asked about a mysterious “Quantico Circuit” — a 45 megabit/second DS-3 line linking its most sensitive network to an unnamed third party.

Quantico, Virginia, is home to a Marine base. But perhaps more relevantly, it’s also the center of the FBI’s electronic surveillance operations.

“The circuit was tied to the organization’s core network,” Pasdar writes in his affidavit. “It had access to the billing system, text messaging, fraud detection, web site, and pretty much all the systems in the data center without apparent restrictions.”

The 2006 lawsuit (.pdf), which is suspended pending an appeals court ruling, describes a similar arrangement, naming Verizon.

Because the data center was a clearing house for all Verizon Wireless calls, the transmission line provided the Quantico recipient direct access to all content and all information concerning the origin and termination of telephone calls placed on the Verizon Wireless network as well as the actual content of calls.

The transmission line was unprotected by any firewall and would have enabled the recipient on the Quantico end to have unfettered access to Verizon Wireless customer records, data and information. Any customer databases, records and information could be downloaded from this center.

That doesn’t mean Pasdar’s affidavit confirms the claims in the lawsuit. He acknowledges speaking with the attorneys on that lawsuit before it was filed, so he may be the source in that complaint as well. But he insists he did not name Verizon or any other phone company to the lawyers.

“I don’t know if I have a smoking gun, but I’m certainly fairly confident in what I saw and I’m convinced it was being leveraged in a less than forthright and upfront manner,” Pasdar says.

Verizon spokesman Peter Thonis says he can’t confirm or deny a Quantico arrangement, or comment on whether Pasdar did contract work for the company.

“What you’re talking about sounds as if it would be classified and involving national security, so I wouldn’t be able to find out the facts,” Thonis writes in an e-mail.

Update: Changed to accurately report Pasdar’s company’s name.

Postscript: In response to some of the comments here and elsewhere: No, it’s not CALEA. CALEA requires phone companies to give the FBI real time access to call content and call detail information on specific targets when presented with a warrant. It does not oblige them to give the FBI or anyone else direct unmonitored access to switches, billing systems or databases.

For more on the FBI’s CALEA network, check out Ryan’s article on the subject from last year.

After failing to strip immunity from the Senate bill, Sen. Chris Dodd announced he would abandon his effort to block the bill with a filibuster, arguing that the House, which has passed an immunity-free bill, would be a better place to try to strip immunity from Congress’s final piece of legislation.

“We lost every single battle we had on this bill,” Dodd said on a conference call Tuesday with reporters and bloggers. “And the question is now, Can we do better with the House carrying the ball on this bill?”

The bill to update the Foreign Intelligence Surveillance Act, including a provision granting retroactive immunity to telecommunications companies that facilitated government spying, passed the Senate on a 68-29 vote Tuesday evening.

In an effort to move along the legislative process prior to a Friday deadline on the temporary measure, Dodd said he wanted the Senate to pass something so that both chambers can begin a conference committee. If the two chambers produce a bill containing immunity, Dodd said he would filibuster that conference report.

There seemed some hope for blocking immunity in the House, as its Judiciary Committee Chairman John Conyers, who has seen secret White House justifications for its warrantless wiretapping, said the documents do not support giving immunity to the telecommunications companies.

“Indeed, review and consideration of the documents and briefings provided so far leads me to conclude that there is no basis for the broad telecommunications company amnesty provisions advocated by the Administration and contained in the Foreign Intelligence Surveillance Act (FISA) bill being considered today in the Senate,” Conyers wrote in a letter to White House counsel Fred Fielding (.pdf). and that these materials raise more questions than they answer on the issue of amnesty for telecommunications providers.”

On Tuesday, the Senate struck down several proposals to strip retroactive immunity from an update to the Foreign Intelligence Surveillance act and seemed ready to pass a final bill. However, the FISA update still needs to be squared with the House, which passed an immunity-free version several months ago and remains opposed to the proposal.

The Senate actions would shield from lawsuits telecommunications companies that helped the government eavesdrop on their customers without court permission after the Sept. 11 terrorist attacks.

After nearly two months of stops and starts, the Senate rejected by a vote of 31 to 67 an amendment sponsored by Sens. Chris Dodd (D-CT) and Russ Feingold (D-WI) that would have stripped a grant of retroactive immunity to the companies.

Also voted down were amendments that would have shielded the companies from most aspects of the lawsuits while still maintaining some judicial oversight of Bush’s program, which critics say violated privacy and telecommunications law. On a 30-68 vote, the Senate rejected a proposal from Sens. Arlen Specter (R-PA) and Sheldon Whitehouse (D-RI) that would have made the government stand in as defendant in those suits. The Senate then rejected an amendment to allow the FISA court to determine whether the companies did, in fact, respond in “good faith” to government requests; that proposal from Sens. Dianne Feinstein (D-CA), Bill Nelson (D-FL) and Ben Cardin (D-MD) failed on a 41-57 vote.

Sens. Barack Obama (D-IL) and John McCain (R-AZ) took some time from campaigning for Tuesday’s slate of “Potomac Primaries” in Maryland, Virginia and Washington to swing by the Capitol and vote on the amendments. Obama voted for the amendments to strip immunity from the bill, while McCain opposed the amendments and voted in favor of keeping immunity.

Hillary Clinton did not vote on the immunity issue at all, although she was in Washington at least part of the day Tuesday, competing in the same primaries as Obama and McCain.

It is unclear whether Clinton will pay a political price for her absence, especially in light of her campaign’s decision last fall to highlight Obama’s “present” votes when he was an Illinois State Senator. “A president can’t pick and choose which challenges he or she will face,” she said in October.

National Journal correspondent Shane Harris suggests Clinton’s present votes could be a bit of a boon for Obama, but likely won’t hurt Clinton too much because the most vocal immunity proponents probably already weren’t going to vote for her anyway.

“She was never considered fully onboard with the anti-immunity crowd, represented most vocally in the Senate by Christopher Dodd (D-Conn.). Presumably, this hands Obama an arrow to fire at his rival, who has criticized the former Illinois state senator for his record of “present” votes,” he writes.

“But I’m not sure how sharp this arrow is. Obviously, the liberal wing of the Democrat party will have some problems with her non-position position. But I don’t see how this costs her anything in the primaries, or in the long run. But let’s see how she votes on the full bill, or if she does.”

A Clinton spokesman did not immediately respond to a request for comment on the New York senator’s absence from Tuesday’s votes, but Marc Ambinder reports she had already left Washington to campaign in Texas.

“Senator Clinton was unable to vote earlier, but she has made her strong opposition to this legislation crystal clear,” her Senate spokesman Philippe Reines tells Ambinder in an e-mail.

President Bush has promised to veto any new surveillance bill that does not protect the companies that helped the government in its warrantless wiretapping program.

About 40 lawsuits have been filed against telecom companies by people alleging violations of wiretapping and privacy laws.

Telecom immunity must still be approved by the House; its version of the surveillance bill does not provide immunity.

Roll Call reports that House Democrats may not be ready to give in to the president’s immunity demands and are girding themselves for a fight if Republican senators obstruct, or President Bush vetoes, an immunity-free bill. The Captiol Hill newspaper’s Emily Pierce reports:

To try to insulate themselves from the likely Republican argument that they’ll be exposing the United States to new terrorist attacks, Democrats have argued that the administration can continue ongoing eavesdropping investigations until August or possibly later, and they can still use the FISA court to get approval for new wiretaps. But at the same time, Democrats are nervous about giving Republicans fodder in an election year. To that end, Senate Majority Leader Harry Reid (D-Nev.) has three bills ready to go: a 15-day extension, a 30-day extension and an 18-month extension. He may seek consent to pass one or all of those bills this week, the Senate Democratic leadership aide indicated. And if it does expire because of filibuster or veto, it’s the fault of Republicans and the White House, Democrats will argue. “If we say we’re willing to do an extension and they refuse, it will be them who allow the program to expire, rather than Democrats,” the House Democratic leadership aide said.

The government’s post-9/11 Terrorist Surveillance Program circumvented a secret court created 30 years ago to oversee such activities. The court was part of the 1978 Foreign Intelligence Surveillance Act, a law written in response to government abuse of its surveillance authority against Americans.

Glenn Greenwald, a lawyer and blogger for Salon who has sharply criticized the warrantless wiretapping program, offers a brief history lesson Tuesday on the catalyst for FISA reform and its disappointing endgame:

It’s worth taking a step back and recalling that all of this is the result of the December, 2005 story by the New York Times which first reported that the Bush administration was illegally spying on Americans for many years without warrants of any kind. All sorts of “controversy” erupted from that story. Democrats everywhere expressed dramatic, unbridled outrage, vowing that this would not stand. James Risen and Eric Lichtblau were awarded Pulitzer Prizes for exposing this serious lawbreaking. All sorts of Committees were formed, papers written, speeches given, conferences convened, and editorials published to denounce this extreme abuse of presidential power. This was illegality and corruption at the highest level of government, on the grandest scale, and of the most transparent strain. What was the outcome of all of that sturm und drang? What were the consequences for the President for having broken the law so deliberately and transparently? Absolutely nothing. To the contrary, the Senate is about to enact a bill which has two simple purposes: (1) to render retroactively legal the President’s illegal spying program by legalizing its crux: warrantless eavesdropping on Americans, and (2) to stifle forever the sole remaining avenue for finding out what the Government did and obtaining a judicial ruling as to its legality: namely, the lawsuits brought against the co-conspiring telecoms. In other words, the only steps taken by our political class upon exposure by the NYT of this profound lawbreaking is to endorse it all and then suppress any and all efforts to investigate it and subject it to the rule of law.

The surveillance law has been updated repeatedly since then, most recently last summer. Congress hastily adopted a FISA modification in August in the face of dire warnings from the White House that changes in telecommunications technology and FISA court rulings were dangerously constraining the government’s ability to intercept terrorist communications.

Shortly after its passage, privacy and civil liberties groups said the new law gave the government unprecedented authority to spy on Americans, particularly those who communicate with foreigners.

That law expires Feb. 15, the deadline against which the Senate is now racing to pass a new bill. Senate Majority Leader Harry Reid reportedly has prepared 15-day, 30-day and 18-months extensions of the temporary Protect America Act he would seek to pass if the push for a long-term update stalls again.

In a separate voice vote Tuesday, the Senate expanded the power of the court to oversee government eavesdropping of Americans. The amendment would give the Foreign Intelligence Surveillance Court the authority to monitor whether the government is complying with procedures designed to protect the privacy of innocent Americans whose telephone or computer communications are captured during surveillance of a foreign target.

The House approved its own update last fall, and differences between the two remain to be worked out, approved by both houses, and delivered to the president for his signature.