|
Many of the
companies that supply Britain’s communications
services – the landline services, cable companies, mobile
operators and Internet Service Providers – are accumulating
a vast amount of personal information about their customers.
This “communications
data”, which is currently stored for up to seven years, may relate to all
the calls you have made and that you received, who you are in contact with, the
geographic location of your mobile calls, the emails you have sent and which
you received, the websites you have visited, the television programmes you have
watched, personal financial data and other personal information about you and
your family.
Combined, this extraordinary array of data creates a comprehensive
dossier on the contacts, friendships, interests, transactions,
movements and personal information of almost everyone in the UK.
Communications providers do not need to retain all this information,
but many of them are doing so as a result of negotiations
with the government. Law enforcement, investigative and national
security organisations have argued for years that the data is useful
to detect, prevent
or prosecute criminal activity. The Anti-Terrorism, Crime and Security
Act, passed in the months following the September 11th attacks,
gives the government power to require companies to keep this information
if the companies already retain it for business purposes.
While these rules are being settled, the vast data reserves of
an undisclosed
number
of companies
have
been
placed
at the disposal
of government. BT (to give just one example) has fully automated
its service to government to the point where any information on
any BT customer going back seven years can be obtained by any authorised
government agency merely by sending an email. 02 also keeps its
data for up to seven years. Details of hundreds of thousands of
consumers involving millions of communications are surrendered
each year by communications providers.
This activity has occurred
for years without legal authority and in violation of the Data
Protection Act. The Home Office attempted
in 2002 to authorise under the Regulation of Investigatory Powers
Act 2000 an even more extensive list of public authorities who
could access this communications data, but following a public
outcry was forced
to temporarily withdraw the proposal. This unprecedented access
would have been available – as indeed it is currently - without
any judicial oversight. The Home Office is now consulting over
these issues before taking further action, but the two consultation
documents it has published indicate that the current surveillance
regime is likely to be made universal.
So far as the vast majority of providers are concerned, the only
issue to be resolved is the level of subsidy that should be offered
by the government for access to their customers' information. The
negotiations have been in progress for more than three years. The
communications
providers have complained constantly to government that the cost
of providing this information is greater than the level of subsidy
offered to them. They have said little or nothing about the privacy
rights of their customers. And yet, for years, they have acted
illegally by retaining and disclosing their customers'
information.
These activities and
negotiations take place in secret. Scrutiny and oversight of
this substantial surveillance operation has not
been put in place. The government suggests in its current consultation
that oversight will be given to an official called the “Interception
of Communications Commissioner”, Sir Swinton Thomas. Read
his correspondence with Privacy
International’s Director,
Simon Davies, and judge for yourself whether his Office is a suitable
safeguard.
Precise information about the existence or the nature of data
is not made known to the public. If you exercise your legal rights
to ask your communications provider for a copy of the information
they hold on you, they will invariably
withhold some of the data, stall the request, or lie outright about
the information they are retaining.
Privacy International
believes that the privacy rights of customers should have been
respected both by government and by the companies.
We see the current arrangement as a collusion of interests that
will ultimately expose the most intimate details of people’s
lives.
We have created this campaign to help UK consumers retrieve the
information that is held about them. We hope that in so doing,
all of us will learn a great deal more about this covert activity.
It is also likely that the exercise of our data protection rights
will send a clear signal to communications providers and to government
that people have a high regard for their right to privacy.
Model Form Letters
The following letters
are models for consumers to obtain their records from telecommunications
companies under the Data Protection Act
1998. You should modify them accordingly to include
your personal and account information and cut and paste the address
for the company you are writing. You may have to include elements
from more than one if you receive multiple services from one
company. If your provider is not listed, your most recent bill
should include
an
address
to send the request to. The companies can charge a maximum of £10
for responding to your request so for quickest processing, you
should include a £10 cheque with the letter.
|
