Possibly should be labelled "2018" - I believe several courts including the UK High Court and the European Court of Human Rights have found against parts of the Investigatory Powers Act, in addition to ECJ findings in 2016. Practical consequences of that are.. unclear. I'd think the lack of safeguards in the Act is one of the reasons this has become standard practice.
The whole documentation (redacted) is available at https://www.whatdotheyknow.com/request/mobile_phone_data_ext... (search "ACESO documents"; note that most of the page is correspondence relating to FOIA and the usual practice of being denied and having to complain repeatedly)
> "“It appears that, in relation to the introduction cyber kiosks, only the benefits were presented by Police Scotland to the SPA, with the known risks not provided. The SPA, for its part, seems to have accepted the information provided with very little critical assessment.
> “Even the most fundamental questions, such as the legal basis for using this technology, appear to have been totally overlooked."
When back in the early 00's the UK wanted to introduce a picture ID card, there were huge protests across the country that resulted in the scheme being shelved indefinitely. It took the UK years to even introduce a picture driving license (you might have seen the "counterpart" old driving licenses which were in use until very recently. They were a single A4 sheet with no picture on it).
How ironic that despite the continued protests against picture ID cards based on privacy concerns, the UK is the most watched country based on the number of CCTV cameras per square mile, and now this.
>How ironic that despite the continued protests against picture ID cards based on privacy concerns, the UK is the most watched country based on the number of CCTV cameras per square mile, and now this.
It's because people have given up hope of winning the war against the surveillance state but they still feel like they can opportunistically win a few battles.
The National ID Card controversy wasn't simply about a photo-ID card (as noted, UK driving licenses are biometric photo-ID cards—and have been since before the NID was mooted). The real problem was the integration of a National Identity Register, a universal biometric ID database storing numerous non-essential items that was to act as a central authentication point for access to all government (and many corporate) services. Failure to register was to be a criminal offense (in US terms, a felony); failure to update within a week of changing address, ditto (don't ask how this would work for the homeless, or for students and workers living away from home part-time): it was to be carried at all times on pain of a hefty fine: changes to your address had to be reflected in a new physical card (which would be charged for): and a whole bunch more stuff.
Let's just say that it wasn't just a picture ID card; it was the camel's nose under the tent flap for a massively intrusive national database system with huge potential for misuse, abuse, and creeping changes of scope.
Today the UK has a de-facto biometric authentication system in the shape of the Identity and Passport Office database and the DVLA driing license database: between these, there's roughly 90% coverage of the adult population. But because it's opt-in and voluntary, and the police can't at any moment challenge you to produce a card and arrest you instantly if you're not carrying it, it hasn't produced the same push-back.
(As for those CCTV cameras? Most of them are in private premises, subject to GDPR data sharing restrictions. It's actually illegal for a shop CCTV system to cover the pavement outside, for example. The police only have access to them when a crime has been reported and half of them aren't working, as my wife discovered when her bicycle was stolen from right under a cluster of them …)
There was a popular campaign against the government keeping around the hand written, cardboard ww2 National ID cards on civil liberties grounds. They didn't even all have photos, and were super easy to forge! Attlee had kept them around throughout the Labour administration and proposed using them, and this will sound oh so familiar to anyone who remembers the Blair attempts at an ID card and database, as a "a key that could be used to access all the benefits of the state, from rationing to voting to NHS services". The chief Law Lord in the final appeal said of requiring "all and sundry" to produce ID cards that it "inclines them to obstruct the police instead of to assist them".
It was ultimately Churchill's second term that repealed them in the early 50s. The same decade a Conservative politician and lawyer drafted the first European Convention on Human Rights.
Same old arguments, 70 years on. I'm not sure those Tories would recognise today's bunch though. :)
It's actually illegal for a shop CCTV system to cover the pavement outside, for example.
Do you have a source for that, please? I've been wondering about this kind of issue for a long time, as a lot of private premises now have cameras obviously overlooking public space outside or even more private areas like the gardens of neighbouring properties. Personally I find that quite intrusive in terms of the public spaces and rather inappropriate in terms of neighbouring private spaces, but given the many ambiguities in our data protection and privacy laws, it's not obvious to me what would make it illegal in black and white. Both the UK government web site and the ICO do have specific guidance about domestic CCTV systems that clearly allows the possibility of and provides guidance for systems that overlook areas outside the operator's own property.
Where the hell are all these Brexit loons when you need them? ID card protests for window dressing only - as long as it's Her Majesty's surveillance state instead of the EUSSR Bob's your uncle?
I was a campaigner against ID cards back then, and this is basically spot on: even back then, the people on the street who supported ID cards mentioned immigration. What happened? The biometric residence permits. ID cards are mandatory if you're a non-EU immigrant. The rest of the "hostile environment" made proof of immigration status mandatory for employment and renting a house. We got all the pieces of a surveillance state except the ID cards - because that's what the public wanted.
All of the Windrush fiasco and other Home Office outrages show that the UK is pretty comfortable with bureaucratic authoritarianism so long as they think it only applies to immigrants.
Perhaps - assuming they could get one in the first place. Alternatively the application process could have simply accelerated their deportation. Things might have gone better under the Blair government, but the whole point of ID cards is to impose the state's view on everyone's status.
Indeed it would have. I think the worst kinds of surveillance mechanisms are the ones that can cause a lot of suspicion and false positives, but don't allow those affected to refute any allegations. Identity documents are not like that at all. On the contrary.
Because the one thing that old people fear more than Brussels is the teenagers down the block. If you truly believe that you are "good" and that only other people are "bad" then things like picture ID seem warm and friendly.
> (you might have seen the "counterpart" old driving licenses which were in use until very recently
Non-photo UK driving licenses are in fact still legal [0] although they are not now issued. If you need a replacement or update (e.g. on address change) the new license will be the photo version. They are still valid for hire car.
If I need photo ID I use my passport. I do not therefore have an official photo-based identity document on me when travelling routinely in the UK.
Yes we as a country seem to be according to polls mostly in favour, but it depends upon how the poll question is framed https://en.wikipedia.org/wiki/Opinion_polls_on_the_British_n.... However a vocal minority are strongly against it. However, over in Europe - many countries there have national ID cards and equally I'm sure they have their share of distractors against them above and beyond criminal type reasons.
As for the UK being the most watched CCTV density - well - have you seen the quality of most of those CCTV's, egads. Just look at some of the images the UK police release which have been pulled from CCTV. Very rare that their is ever anything that would stand up in court. Then most of these CCTV are private, mostly shops.
So yes, we may (not sure if still have) the most per square mile, but darn - the quality on so many is terrible. But then, older camera's and the rush to be first often does that. Beijing on the other hand, now that's a CCTV network I dare say who could tell you were you lost your house keys in the park if so inclined.
Because some people are happy with the public discussing ID cards with pictures, when the real deal is somewhere else.
The same in Germany with taxes, people discuss increasing taxes for the rich, who are happy to confront this, because the real deal in Germany is not paying taxes, not paying social security and health insurance by the rich.
Well..CCTV cameras caught the 2005 bomber's at King's Cross Station and helped establish their identities and their full itinerary when cross-referenced with other CCTV videos
That doesn't mean its worth it. There is always a tradeoff and I would rather live in a world where I know I am free from surveillance than a world where I am .000001% safer or criminals are caught 10% faster.
It's not just safety vs. privacy, it's safety vs. safety: pervasive surveillance can and does make us less safe due to the potential for a future, less benevolent, government to abuse it to oppress politically unpopular groups.
Do you have any proof to backup your empty claim? It may discourage pocket picker at your local market.. when it comes to blowing up King Cross I bet you more survelieance the more incouraging to terror. These folls live for five minute survelliance video of one of their own walking down with backpack across few CCTV cameras on all national News Stations, so yeah I bet you its a one big fat encouragement to them to harm more.
> pervasive surveillance can and does make us less safe due to the potential for a future, less benevolent, government to abuse it to oppress politically unpopular groups.
Do you disagree that pervasive surveillance would make it easier for an oppressive government to collect data on their opponents and imprison or harass them? The East German Stasi didn’t have the advantage of universal surveillance and they did a great job of suppressing political opposition. Do you think their job would have been easier or harder with pervasive logging of all conversations conducted electronically or in public or private spaces?
In the grandparent comment’s specific example police stalked and killed a completely innocent man because they thought he looked like one of the bombers from their CCTV tapes
Just the presence of surveillance alone discourages criminals from acting in the first place. Without any surveillance, I don't think criminal activity will increase by just .000001%.
In the case of (PUBLIC) meatspace, physical surveillance (e.g., cameras), I'm onboard with the Big Brother panopticon state. Bad, meaningful stuff happens in meatspace, like explosions.
When it comes to cyberspace, digital surveillance, I fled Windows for Linux and read /r/StallmanWasRight. Bad stuff happens in cyberspace, but none of it is meaningful enough to me to warrant the limitations to privacy that we endure IRL.
Does anyone else have this arbitrary configuration of opinions?
Well. Strangely I happen to be one of the folks in that .000001%, so I apologize if my opinions have been shaped differently.
I lost one of my ex-school mates in an market-place explosion (2005 Delhi bombing). While the London Bombing suspects were identified, all suspects in the Delhi bombing that same year were released due to "lack of evidence".
I am completely in favor of surveillance of public property.
> While the London Bombing suspects were identified
They were identified. After they’d blown themselves up on trains and a bus. The one person ‘identified’ as it was happening was in fact mistakenly identified and killed by the police.
Surveillance only helps in situations like this where the authorities have intelligence upfront. Even then you can argue that regular on-foot surveillance is a more proportionate approach over serveilling the entire nation ‘just in case’.
I was in London when the bombs went off (I worked on Russel Square along from the bus bomb - I would walk past the site, every day, to and from work; and have a friend who was on the train going from Liverpool St that was blown up). And, I remember being nearby (and hearing) the IRA bomb in Bishopsgate. I still believe very strongly that governments should not have carte blanche rights to spy on all citizens. Privacy is more valuable
But if we make a world safe from these .000001% events, what do you think that will look like? I can only imagine a dystopian/ Orwellian society where we are all encouraged to report any suspicious behavior and everything becomes a race to the bottom, a Prisoner's Dilemma where I feel pressured to rat out my neighbor for _something_ before he does it to me.
Who's asking everyone to report suspicious behaviour ? You have raised a _strawman_ argument. Automatic surveillance of public property and public spaces is in my opinion necessary for analysis, investigation and prosecution of terrorists. This must be done by career intelligence folks not by amateurs.
Pervasive surveillance will inevitably lead to machine learning techniques being used to analyse the data which will massively increase the rates of false positives, people who aren’t a threat but who the system flags as potential threats. Freedom and security trade off against one another.
Citation needed. You are making a strong statement about the inevitable future based on what? Sounds like evidence as strong as your claim would be worth some very interesting papers.
Have you been paying attention to anything regarding government surveillance in the past decade? NSA? Five Eyes? Governments are thirsty for any new tech that allows them to amass data fast about public behavior. There's startups that exist right now that use ML techniques to analyze security footage for bad actors. There was a Japanese one on the HN front page a couple days ago. This isn't a slippery slope argument, this shit is happening right now.
The question is where do you draw the line for removing privacy to enable law enforcement? Would you consider a system that monitors every individual at all times because it would almost guarantee that any criminal is identified?
Its not merely prevention of one bombing. It is also prosecution and preventing future bombings. Otherwise the folks who plan these bombings are free to organize the next bombing.
That was done by looking at the tapes afterwards. But hiw.many crimes were actually prevented by the cameras? Do they provably act as a deterrent? In how many cases did the cameras result in help arriving on time?
Only MI5/GCHQ/OSCT can answer your questions with actual numbers.
(EDIT)
There are several studies on effectiveness of camera surveillance on crime prevention.The UK unlike other nations actually has a lot of material here.
I haven't followed up. Are these numbers published? If not, I would tend to assume that they are too embarrassing to show. But despite my bias, I'm actually curious.
>Well..CCTV cameras caught the 2005 bomber's at King's Cross Station and helped establish their identities and their full itinerary when cross-referenced with other CCTV videos
I'm not disputing any facts if they are indeed facts. I am merely pointing out how the public opinion can be shaped to react differently given the same subject wrapped differently.
I am very sure, inspecting phones has, or will at some point in future be used to stop some crime or terrorist attack, but that's not the point here.
Yes, cameras in public spaces are one thing. Surveillance of private property (personal phones) is a completely different thing. I agree that the latter is terrible.
Oh Shit - I had NO idea the old driving licenses were invalid!
Oh Gosh. It's been years since I owned a car, but I've been merrily hiring them here and abroad two or three times a year. I'm a bit surprised that no one has denied me a vehicle as a result :\
Thanks for the heads up - I guess I need to get mine updated!
- ed
OH. PHEW. @KineticLensman states this isn't quite the case in another response here. I did wodner why none of the hire companies had said anything!
The article is pretty light on technical details. As well, it lacks a definition of what is meant by "on a scale". Does it mean mass surveillance (malware installed on every phone they get hold off; or malware installed remotely with help of ISPs)?
It’s likely referring to routine data collection during police encounters. Michigan started doing something similar awhile ago.
Forensic devices were installed in patrol cars and officers could download phone contents during a traffic stop. I’m sure these devices are a lot more advanced now.
> "The lack of transparency around new policing tools such as mobile phone extraction is a serious cause for concern. There are no records, no statistics, no safeguards, no oversight and no clear statement of the rights that citizens have".
There may be places where this is routine, but it really shouldn't be - anywhere.
If you'd like to educate yourself on some of the transgressions of UK police in the past, and the extent to which subsequent cover ups have gone, I'd suggest reading some recent Irish history.
It's not clear how police are taking this information. Do they have physical possession of a device? If so, how do they break in? If not, how is the information extracted?
Are there now available any TrueCrypt-like mountable encrypted filesystems for Android? Last I checked it seemed like it wasn't possible, but that was several years ago.
Even today it seems like there are many apps available that claim to keep photos, docs, etc., safe from prying eyes. But this seems to be accomplished just by putting the files into a location that's hidden from the standard apps, and requiring a password to run the one app that knows where to look. So, useless against something that captures the whole filesystem.
It looks like you can use EncFS and TrueCrypt now on Android, with a few different apps. But I'm not sure how good the implementation is, or if you need to be rooted.
Full reports hints that they can already read data from iPhones too:
Highlighting the potential value of data from mobile apps, a recent murder
investigation in Germany utilized metrics from the apps on individuals’ phone. In
that case, Apple’s iPhone health app activity record stated that the suspect was
“‘climbing stairs,’ which authorities were able to correlate with the time he would
have dragged his victim down the river embankment, and then climbed back up.
I'm not sure if the data comes from physical access to the phone or from asking service providers.
In the case of iOS, it would require access to the phone or iCloud account. Health data is encrypted on device and in cloud storage [1] - see the "Health & Fitness" section.
Yes they cannot get anything from a modern iOS device. But they can still (for now) use a warrant to get anything from iCloud. Apple is working on making even that impossible.
It depends on whether it's end-to-end encrypted or not. Unfortunately only some iCloud data is, not all of it (nor is there an option for all of it), but they have been slowly expanding the magic circle there. Health data is a recent addition actually, according to Apple's iCloud security page (HT202303) it is E2E as of iOS 12. Before that it presumably would have been available via warrant, but if someone has all their current devices updated it shouldn't be. Looks like the current full list is:
Home data
Health data (iOS 12+)
iCloud Keychain
Messages in iCloud
Payment information
Quicktype Keyboard learned vocabulary (iOS 11+)
Screen Time
Siri information
Wi-Fi network information
One odd and notable exclusion though is iCloud Backups. If you use that feature, at least from what I can tell it can actually compromises the E2E of some of the others since keys are stored as part of the backups. I guess Apple considers backups to be more important to the general population to have fallbacks for, but it's also a big privacy hole and I still consider it a bummer that they don't at least have an option to not store keys with Apple there and just have it be an encrypted blob (with UI for printing out recovery keys and such of course, but they've long had that for FileVault already).
Also worth noting that Apple's overall scheme for multi-factor and general Apple ID auth and management remains an irritating worrying clusterfuck, but at least there have been some ongoing improvements I guess.
At this point, I'm willing to accept that Apple has an honest intent (to the extent that any corporate entity has any meaningful intent to do anything) to provide reasonable security on its new devices and related cloud systems. This is at least in part because they are reasonably transparent about how far their existing measures go and they don't seem to have a track record of exaggerating claims in this area.
Clearly they could still go significantly further, as the lack of end-to-end encryption for things like iCloud backups of photos demonstrates.
Another black mark against them for now is their persistence in walling off their ecosystem so much that iCloud (or maybe iTunes running on additional Apple equipment) is the only reasonably usable and future-proof method of transferring data between devices. It really should be possible to import and export common types of data like calendars, photos, contacts and notes in standard formats using standard protocols, and it's clearly a deliberate policy not to support this.
Even so, the world of iOS now appears to be in an entirely different class to the Android ecosystem in terms of privacy and data protection. At least with Apple devices, you can (if you're willing to spend an hour or so toggling settings) basically turn off all of the data sharing and remote services if you just want a modern phone with standard communications tools like web and email available. And at least Apple doesn't have an obvious commercial interest in undermining its own devices' privacy safeguards.
Part of the functionality is "access to SIM", so they can pop it out and get the IMSI plus any texts or addressbook data stored there. Although I doubt the iPhone uses those features.
It's been around for years, out of principle when I get a new phone, I pop on a zip-bomb of two out of principle against anybody scraping my phone in any capacity without my direct approval - then I'd tell them.
Though those truly paranoid - there are many ways to curtail such actions, re-wire the USB lines demanding you use a equally rewired USB cable and many other avenues.
But back to the police - what irks me is that whilst they can pull all this data - it is futile unless they use it. Alas the level of data-mining is very much lacking here - unless however it is related to a headline case and then the full PR budgets kick in and the real policing happens (cynical I know, but based upon decades of observations, that are equally shared amongst people in the force I know).
The real thing many overlook is that UK laws are already in place that telco providers have to keep copies of all calls made and text messages for many years (3 iirc at least).
However, things change and it is how long they retain such images of phones content that makes things concerning. After all, laws change and what was legal yesterday, probably won't be tomorrow. But more so - perception and interpretation. As an example the fad of planking could be classed foul of many a law in most situations if zealously applied it could be classed as a performance and as that fun planking video in the local park needed a performance license from the local authority. Then lottoiring laws and many others that came in to curtail real issues but.....if social perception changes could render innocent and well mannered acts foul of legal redress down the line due to cultural change. But been many a innocent fad, all harmless and an edge-case accident happens so that fad then becomes demonised. That happens. But with social media and other snapshots of your life moments via your phone immortalized. Whilst the spirit of the law is more important than the letter of the law, that spirit over time can change and yet facts do not and afford reinterpretation at a later time of the event. That end up recontextualizing it all and some innocent, totally harmless and socially acceptable action of the time could become antisocial tomorrow. Cigerrettes - classic upon that, and who knows, maybe in a few hundred years time, pictures of this era of people smoking will garner cries of murderer in future minds and classed as terrorist poisoners murdering the innocent around them with their polluting weapons of mass destruction.
So yes, how long they retain it - would be the real concern about all this.
Sure, but dedicated hardware and a very deep nested zip hinting at something juicy deep at the bottom, maybe - maybe not. Be fun to find out if such an eventuality transpires.
Might prove that they are the perfect way to store your sensitive data - buried deep inside a zip-bomb, knowing AV will filter it away. Food for thought.
Are you sure or is this a guess? The article doesn't mention what technique is used (as opposed to e.g. coercion to reveal passnumbers or just collecting data from unencrypted devices).
If it is on a massive scale, then how many "suspects" does britain have? Or can anyone be considered a suspect by a police officer? For all of britain's susposed outrage at facebook over their privacy violations, britain sure loves to do its fair share of violating privacy. This seems to be a trend everywhere now. No respect for privacy.
Most police forces in the UK are using digital forensic "self service kiosks", which allow ordinary officers to create images of the storage of mobile devices seized during criminal investigations. Privacy International are concerned that policies and procedures surrounding the use of this technology may be inadequate. In particular, they are concerned that the Police and Criminal Evidence Act gives the police relatively broad powers to image devices without a warrant. The report does not identify any specific evidence that these powers are being abused.
No it didn't, it brought those activities under a regulatory framework.
The problem the article is highlighting is that police are gathering data from phones outside the powers granted by RIPA. Police are potentially acting unlawfully, and so now we have RIPA we can stop them doing so.
The law is more than what is written in an act of parliament. Sure, parliament can pass a law that grants anybody any powers – but parliament also passed the Data Protection Act 2018, bringing the GDPR into domestic law. Treaty obligations, legal principles, and the interaction of different overlapping laws can all result in inconsistencies.
The UK government has passed quite a few laws and government departments have taken their own interpretations of these – for instance, the home office has been using tax filing corrections (fairly routine practice in the UK) as evidence of dishonesty – in some cases the amounts owed didn't change – and using these to write the your-immigration-status-has-changed-go-home-before-we-deport-you letter. [0]
A lot of interpretations of legislation fall under the "there is no case law – it is probably unlawful but plenty of others are doing it and the worst that can happen is..." category.
Last I heard (see source) is that they can bypass the pinlock delay, making brute-force entry much more efficient.
If you use a numeric pincode, even if 8 digits, "breaking the encryption" is well within their reach.
If you use an alphanumeric+symbols password that 8 characters or longer, brute-forcing rapidly becomes impossible, even for cellebrite.
A running, unlocked phone may be hacked by zero days. Encryption at rest... currently no.
Any body have more details on these technical aspects ?
Pattern is just a numeric lock underneath(the dots that you connect represent numbers on a numpad, on Android they even used to be saved in plaintext as a pin until Android 2.1 iirc).
