The current iteration of the UK's "Communications Data Bill" is now dead.
Privacy International has been working closely with others behind the scenes to work on understanding what little case there was, and fundamentally demolishing it.
The UK Government is now examining a "middle way" for the legitimate law enforcement access of communications data. Working with others around the world, we have a few principles
that should be considered.
Privacy International is already starting to work with others on the work required to begin to speed up Mutual Legal Assistance Treaty requests (MLATs). MLATs can be designed to ensure strong safeguards apply, matching the highest standards between two countries. At the moment they are slow mostly due to institutional neglect as governments were keen to find more convenient and less challenging mechanisms for gaining access to personal information. We hope to improve these processes and raise standards.
What happens now
We await what the Home Office will do next, and we are not entirely optimistic. This is the third attempt the Home Office has made to pass this legislation, substantially unchanged, and has failed every time. We look to their next announcement for substantial process reform, and a change in both staffing and approach. Otherwise, this law will get renamed again, and come back under another Government, continuing to be pushed by the same Detica salesmen as our Big Brother Incorporated project
found from 2008.
There are overwhelming economic, diplomatic, and civil arguments while this approach is flawed. We remain happy to meet with the Home Office, and their equivalents around the world who were watching, on approaches that protect individuals' privacy while supporting the work of law enforcement.
We hope the UK's replacement policy will include far better training for police on the masses of data they acquire from suspects already, a more expeditious and rigorous MLAT process, and transparent rules on what is requestable and requested.
While a centralised system for all data is the wrong approach, the UK's current method of leaving the lowest standard of tool up to individual police force choice has led to postcode policing, where the liklihood of an arrestees data being searched is primarily depedent on the police force that arrested them, not the crime. The building of a better standardised tool, for analysis of returned data is something that should be done, and should be an example of an SME designing a system that better protects privacy, cheaper, and better than a large Government IT provider.
While there may be concerns about how much data is available, that data should only relate to one investigation, and discussions between civil society, industry and law enforcement could easily come up with an understanding of how investigation specific identifiers could be used, where the police only obtain names and details when someone is a suspect, and not receive them from all who happened to be nearby.
But for now, the snoopers' charter has been stopped by (especially) Nick Clegg and Julian Huppert, David Davis and Dominic Raab, supported by scepticism from backbenchers of all parties
, and a broad coalition across all aspects of civil society. What impact the forthcoming process changes have on whatever replaces it remains to be seen.
We hope that the countries copying it will take note.