A court in Germany has ordered all data retained under the Data Retention Directive (Directive 2006/24/EC) should be destroyed.
This EU law is one of the more controversial across Europe and has seen protests across the continent, particularly in the Netherlands and Germany where memories of ‘data retention’ have a bitter resonance.
The German court was responding to a complaint brought by 35,000 plaintiffs, the largest number ever associated with one case. The court found the German legislation putting the EU directive into law violated a constitutional guarantee of privacy.
It is worth reminding ourselves of what the Data Retention Directive is: it mandates communication data should be retained for the period of at least 6 months. In particular, it requires the following across the European Union:
trace and identify the source of a communication, e.g. the telephone number and subscriber name and address (telecoms); user ID and name and address of the subscriber or registered user (Internet)
identify the destination of a communication e.g. number called, any number to which a call is rerouted, name and address of subscriber/user (telecoms); user ID or telephone number of the intended recipient(s) of an Internet telephony call, name and address of subscriber/user (Internet)
identify the date, time and duration of a communication
identify the type of communication e.g. the telephone or Internet service used
identify users‟ communication equipment, or what purports to be their equipment
identify the location of mobile communication equipment e.g. cell ID and geographic location of cell.
It is also worth remembering where this EU law comes from. Think of the Data Retention Directive as the UK’s gift to Europe: It started off life as Part 11 of the Anti-terrorism, Crime and Security Act (2001) in the UK Parliament. At this time is was voluntary.
When the UK’s presidency came in 2005, the UK introduced it as legislation in the form of a Europe-wide, compulsory framework for data retention and mass-surveillance.
Nottinghamshire Police have been criticised by an inquest for contributing to the murders of a couple–Joan and John Stirland–by a criminal gang.
They had moved to Lincolnshire from Nottingham after their son had attempted to murder gangster Colin Gunn’s nephew and the police feared they would face reprisals.
The inquest at Lincoln Crown Court was read an extract from Mrs Stirland’s 2003 diary after she fled Nottingham.
She wrote: “This is just because police in Nottingham cannot control the Gunn family.”
This was certainly true: the Gunn crime family were behind most of the high-profile crimes within Nottinghamshire and in no small part responsible for its reputation as ‘Shottingham’.
Failing to tackle Gunn is one of the major failings of Nottinghamshire Police; the way they brought him to justice is one of its major triumphs.
Eventually, Nottinghamshire Police did act and began a secret operation to bring Gunn to justice. Operation Utah was formed with this task and those on the operation were vetted for relationships to Gunn and worked separately from the main force; indeed, most of Nottinghamshire Police 2,400 employees were oblivious. The primary reason for this enhanced security was the fear Gunn had penetrated the police; and they were right.
As part of their investigation, which eventually saw Gunn jailed for 35 years, they uncovered two corrupt police men Philip Parr and Charles Fletcher. These two police officers were found guilty of passing information to Gunn’s associates, helping him evade justice.
Data Security
At the inquest into the Stirland’s death, the court heard evidence that Nottinghamshire Police had failed to pass on information to Lincolnshire Police concerning intelligence that the Stirlands may be targeted by Gunn. When the Stirlands reported a prowler in their garden, the police response was inadequate.
The question now must be be why was this information not passed on? Was it a simple administrative and bureaucratic error? Or was it something more sinister: did the police fear passing on this information to another force in case it would ‘leak’ out to Gunn? Were the police so fearful of corrupt elements within its organisation that it fears the distribution of this information?
The IPCC, in their 22nd February 2008, allude to this being a possibility:
“It is apparent that the secrecy surrounding Operation Utah was paramount, which in the right circumstances is appropriate. However, there is no doubt that such a situation inhibited those who had taken responsibility for the care of the Stirlands, when assessing the risks and necessary measures to counter the threats and attacks.”
The police need not have worried: The Stirlands’ new address was eventually found by Gunn who promptly had them murdered. Information as to their new address was given to Gunn by a British Telecom employee.
If nothing else, this case shows how precious “personal data” can be.
The Guardian reports the Serious and Organised Crime Agency is investigating the scale of corruption within the police. The day before, the Independent reported comments by Nick Hardwick, Chairman of the IPCC:
To say [police corruption] has gone away would be a very bad mistake. There are no forces that are free of corruption [...]
A glance of the cases in just the past 7 days bears this out:
Monday 8th February 2010: Ali Dizaei sentenced to four years for assualting a man and trying to frame him for assault.
Friday 12th February 2010:
PC Mark Bohannan passed on information to his wife’s drug dealer in exchange for free cocaine. This information allowed the dealer to escape undetected.
Monday 15th February 2010: Martin Lansley, a ‘civilian’ police worker, stole sensitive data about Royal visits by senior royals. He also obtained officer’s passwords, station door codes, PNC information and cryptographic signatures of the Chief Constable.
There are clearly some problems within our police force and problems in particular with data security.
Following Operation Helios and Ali Dizaei’s victory in his April 2003 trial, there was still sufficient evidence to place him through the formal disciplinary process. The IPCC, in their 16th June 2004 review [pdf] of the case are quite clear as to why this disciplinary process did not take place:
Making a private and confidential agreement with Supt Dizaei [...]
Confusing the vital public interest in promoting an effective diversity recruitment plan for the MPS with its public duty to uphold the police discipline system by assessing misconduct proceedings against Supt Dizaei on their merits.
They go on to say “the charges against Supt Dizaei are capable of proof”.
In short, a deal was done with Ali Dizaei to halt disciplinary proceedings. They say the Met confused its “diversity recruitment plan” with its “public duty to uphold the police discipline system”. In short, Dizaei got away with to avoid the Met being accused (again) of “institutional racism”.
There must be some focus upon the deal done with Dizaei that halted the disciplinary proceedings. The agreement with Supt Dizaei brokered by ACAS and the Metropolitan Police Authority (MPA), the Superintendents Association and the National Black Police Association should now be released.
Further, what input did the MPA have in this? Was there political inference from the professional politicians of the MPA and higher up? And what does this tell us about Conservative plans to further politicise the police service?
Perhaps Lord Toby–then Chairman of the MPA–will enlighten us.
Commander Dr Ali Dizaei has now spent his first night in prison following his conviction for corruption. He had tried to frame an Iraqi webdesigner for assaulting him; in reality, Dizaei had caused the injury himself. Of interest to this site is not the conviction itself, but how Dizaei was able to get away with corruption for so long.
In August 1999, Operation HELIOS was launched following allegations of corruption against Ali Dizaei. The operation uncovered much malpractice by Dizaei and this is detailed below. The IPCC was prevented from disciplining Dizaei due to a secret pact Dizaei had entered into with the Met. We will follow this tomorrow.
Hidden in the annexes of the Morris Inquiry into alleged racism against Met senior staff is an independent review of Operation HELIOS. From this, we learn the extent of what was found against Dizaei during operation HELIOS:
Operation HELIOS findings against Dizaei
December 1998
A drug-dealing friend of Dizaei is convicted of deception for fraudulently using Dizaei’s cheques without permission. At this time, Dizaei and friend are living in the same house. After his friend’s conviction, Dizaei signs a passport application from this man and states he has known the man for 14 years and that he was of good character. This was after the man’s conviction for fraudulently using Dizaei’s cheques.
August 1999
Operation HELIOS is launched into Dizaei due to his “friendly” relationship with known drug dealer.
22nd September 1999
Dizaei speaks to police officers who are involved in dispute with local builders and his friend.
24th September 1999
Reports suggests Dizaei is “associating with a nurse who was supplying him with needles.”
12th & 18th 1999
Dizaei and solicitor visit Ethiopian Embassy without clearance.
3rd February 2000
Dizaei charges associate £400 for his assistance with a speeding ticket offence.
7th February 2000
Dizaei receives “reward” from organisers of concert.
18th February 2000
Intelligence received by the Met shows Dizaei is associating with a cocaine user.
29th February 2000
Operation HELIOS continued. Met fear Dizaei is associating with “foreign nationals who are of interest to other agencies” [spooks]
4th March 2000
Dizaei is involved in the brokering of the sale of the Ethiopian Embassy.
10th April 2000
Dizaei pays cheque of £10,000 to associate suspected of money laundering in relation to fraud and drugs.
6th September 2000
Dizaei makes report of damage to his car, claiming it was damaged close to his place of work. At the time of damage, the car was parked in a different location.
15th September 2000
Dizaei receives £800 from an associate who was recently arrested for drink driving.
16th October 2000
Dizaei attends Iranian business confrence in Los Angeles and, without authority, gives speech in full uniform,.
18th January 2001
Dizaei suspended
11th January 2003
Dizaei acquitted. He was accused of perverting the course of justice over the scratched car incident.
16 June 2004
IPCC criticises Met for making a private and confidential agreement with Supt Dizaei which prevents further disciplinary action for past transgressions.
It has been reported T-Mobile has called in the Information Commissioner over customer personal details being sold on the black market. It is not yet known if the data was ’simply’ customer contact details, or whether it included the ridiculous level of personal data mobile phone operators have to retain to comply with TERROR legislation and Home Office edict.
By law or through the ‘voluntary’ agreement as Part 11 of the Anti-Terrorism, Crime and Security Act 2001, mobile phone operators record much data. This includes:
A log of where the phone has been used (usually the postcode of the transmitter) for the past year,
A log of each call made and text sent in the past year
A log of each call and text received in the past year
A list of websites visited in the past year
Email address of recipients of emails sent on the phone for the past year
It goes on….
Some of this information, incidentally, can be disclosed to councils, the NHS, fire services etc, as part of RIPA… and hopefully not the French Government (majority owner of Orange).
But fear not! The ICO is on the case. The perpetrators of this crime are doubtlessly shitting bricks over the powers at the disposable of the ICO. Under Section 55 of the Data Protection Act, a court can levy a £5,000 fine for a breach of the DPA and… that’s it.
Last night’s Panorama programme, available here on iPlayer, raises the serious issue of the ‘caution culture’ that has arisen in the police in the past 10 years.
The programme featured victims of serious crimes whose assailants have been reprimanded with cautions and fixed penalty notices instead of facing court. This debate over cautions is, at its root, a debate as to the purpose of the police service: is it to bring cases before a court for justice to be administered in public or to administer justice themselves in private?
A caution for an offender is often the ‘easy way out’ and used by the police as a convenient alternative to court action. It also helps to boosts a force’s or a BCU’s detection rate, a common component in performance related pay of senior police officers.
The Magistrates’ Association have long warned against increased police powers to administer justice, fearing they will be misused by the police. They have been joined by a somewhat unexpected voice: that of Met Boss Sir Paul Stephenson.
As far back as September, he was criticising the approach pioneered under Labour where fixed penalty notices and cautions were used in lieu of court action:
I have a real concern that it reduces the respect, majesty and full, proper implementation of what should be the right system [...] In a way we have been going down a line of, instead of finding the right system we have been finding a way around it.
He goes on to argue offences should be brought before a court and justice dispensed there:
“I think we have to look again at the number of times we do cautions and we have to look again at fixed-penalty tickets. We have to look again at how we can make the summary justice system dynamic, faster and responsive so we can have magistrates giving the right sentence. I think that magistrates would support this.”
He has continued these attacks on the caution culture at the weekend:
“The outcome [of the rise in cautions] has been an almost uncontrollable increase in cautions and the introduction of the fixed penalty ticket, which in the public’s mind equates to a parking ticket, which should not be [the case] with theft and thuggery,”
Once again, we find ourselves in agreement with Sir Paul.
More misconduct in uniform: this time PC Peter Cokell of Avon and Somerset Police Force is caught on CCTV committing theft. Magistrates in Bristol heard that he picked up Kill Zone 2 and Call of Duty: World at War—collectively worth £75—and hid them under his hat and stab-proof vest.
He claimed in court he was looking at the games to “help him relate to young people”!
A mother from Poole is at the Investigatory Powers Tribunal over her local council’s use of surveillance. Jenny Patton was suspected of lying on a school admission form, the council used covert surveillance to establish whether her application for a school place was fraudulent (it wasn’t).
The Regulation of Investigatory Powers Act(“RIPA”) liberalises huge surveillance powers to a range of public bodies, including councils and fire services. The Investigatory Powers Tribunal judges whether surveillance was lawful or unlawful.
From 2000 – 2008, the Tribunal heard 799 complaints.
It has upheld just 3 complaints.
The beauty of the RIPA system is this: you can complain about surveillance but how do you find out whether you’ve been spied on? Section 54 of RIPA—entitled ‘Tipping Off—prohibits disclosure of surveillance, including the target of surveillance. Indeed, tipping off under RIPA is a serious crime that carries as maximum sentence of 5 years.
So, you can complain to a quango about secret surveillance, but only if someone else breaks the law and tells you about it.
Charles Clarke—the sacked former Home Secretary—has written an absurd piece in the Guardian about the public’s insatiable desire for more databases and how Labour can win the next election through the fear of crime. Do read a brilliant critique over at the Surveillance Society blog.
Sadly, Clarke’s piece contains a few factual errors :
[We passed] the Regulation of Investigatory Practices [sic. read: Powers] Act, which for the first time regulated surveillance by public authorities.
RIPA was passed mainly to comply with the Human Rights Act and surveillance was regulated before RIPA’s appearance. RIPA allows a huge range of authorities (local councils, NHS, etc) the power to read email headers, get mobile phone location data, use covert surveillance, etc. RIPA liberalised surveillance; not restrict it.
We passed the Data Protection Act
No you didn’t! The Data Protection Act was passed in 1984. It was updated in 1998 to bring it into line with EU law but this removed many of its safeguards. Over New Labour’s time in government, the Data Protection Act has been watered down as these amendments made since 1998 show.
There is an understandable public demand to establish more databases to strengthen protection, for example against sex attacks on children
No there’s not; these databases already exist. Sex Offenders Register, List 99, PoCA lists, PoVA lists, CRIMINT, PNC and many others. The debate is around whether the public should have access to these databases.
The government needs to establish a coherent data regime that places the individual at the centre, with the practical right to see the data held on them and correct it if necessary.
This already exists as Section 7 of the Data Protection Act.
HMP Britain is a small archipelago that lies beyond the northwest shore of Continetal Europe. It consists of 60 million souls and 20 million CCTV cameras. It is considered the world's largest open prison. This blog exists to catalogue its rise and expediate its fall.
The blog is still being set up so not everything works!
A mother from Poole is at the Investigatory Powers Tribunal over her local council’s use of surveillance. Jenny Patton was suspected of lying on a school admission form, the council used covert surveillance to establish whether her application for a school place was fraudulent (it wasn’t).