Safe in the hands of the State.

[Randy]

The Investigatory Powers Act brings into force a whole raft of new powers apart from this one regarding internet access, and you can bet your life it won't be long before they are being used to harass the population not protect them.

 

They have been passed into law with barely a mention in the media and certainly little popular discussion. What with secret courts etc, this seems to be the way we do things these days. We are becoming a police state, yet there is barely a murmur to stop it.

 

Yes, I'm absolutely terrified that the government might be able to access my Sheffield Forum password or find out that I've just had a look at tomorrow's weather forecast.

[Santo]

The Investigatory Powers Act brings into force a whole raft of new powers apart from this one regarding internet access, and you can bet your life it won't be long before they are being used to harass the population not protect them.

 

They have been passed into law with barely a mention in the media and certainly little popular discussion. What with secret courts etc, this seems to be the way we do things these days. We are becoming a police state, yet there is barely a murmur to stop it.

 

What secret courts are those? How do you know about them?

 

Can't be that secret then can they?

 

[petemcewan]

Same here. I've not looked at stuff I shouldn't, so feel free.

 

As a side note, people have been able to get hold of this stuff for years, thanks to the wonders of the Data Protection Act. I've had all sorts of personal data about people through my job. I've had people's educational records, means tests, credit histories, medical records - without their knowledge. The same mechanism - an application to a Court - will still be required I'd imagine.

 

How did you get all that info? Where you entitled to it ? I recognise that a lot of personal information is legitimately held by various agencies.

 

---------- Post added 22-11-2016 at 17:10 ----------

 

Yes, I'm absolutely terrified that the government might be able to access my Sheffield Forum password or find out that I've just had a look at tomorrow's weather forecast.

 

Randy,

 

You'll be terrified when the agents of the State drop in on you through your ceiling. Pop you in a bag and deliver you to the cooling tower. And go to work on you with a Black and Decker (6 cm trepanning tool ); just to find out why exactly you wanted the weather forecast. LOL

[Andy1976]

How did you get all that info? Where you entitled to it ? I recognise that a lot of personal information is legitimately held by various agencies.

 

Perfectly entitled to it. Have a scan of the DPA, particularly S35.

 

S35(2) - DPA can basically be completely ignored, if a Court is satisfied that the information is needed for the purposes of legal proceedings (this is the clause I use).

 

The various other subsections confirm that if there's a suspicion of a crime, then the same system applies - DPA can be ignored.

 

Case in point - I (I'm a lawyer by the way), brought a claim against a company who allowed my client, a child, to be injured. We needed to show that the cause of the injuries was the behaviour of another child, so without that child's knowledge, were able to get educational records and medical records, all via a simple application. Perfectly legal, perfectly straight forward, and cost about £300. I've done the same to get credit histories, employment records, you name it.

 

Despite the protestations, if a parking company wanted to force DVLA to release details, this is the clause they would use, as long as they could show they intended legal proceedings. They don't have to follow them through, just convince the Court that they intend to. How do you disprove that? You can't. It takes 30 seconds to complete a Court claim form and say 'This is what I'll be sending'.

 

The point I make is this - these new powers allow the government to get access to documents, info etc. They can do that at the moment. If they think you've committed a crime, and that your bank records can prove that, they simply make an application to the Court to get those records without your knowledge, and to waive DPA. The Court has no option (due to the wording of DPA) but to agree to it.

 

All this new system will likely do is make it more straight forward, so I'd guess, although I haven't looked into it, that someone like a Chief Superintendent or similar could approve it, rather than wasting a Court's time.

 

I may be wrong on the logistics, but it will simply be an amendment to the powers already there.

[petemcewan]

Andy1976,

 

Thank you very much for that. It's a real insight.

 

---------- Post added 23-11-2016 at 17:06 ----------

 

Andy1976,

 

Do the contents of the following link, alluded to the privileges available to

solicitors -et al ?

https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/262847/25section10.pdf

Edited November 23, 2016 by petemcewan

[phil752]

Perfectly entitled to it. Have a scan of the DPA, particularly S35.

 

S35(2) - DPA can basically be completely ignored, if a Court is satisfied that the information is needed for the purposes of legal proceedings (this is the clause I use).

 

The various other subsections confirm that if there's a suspicion of a crime, then the same system applies - DPA can be ignored.

 

Case in point - I (I'm a lawyer by the way), brought a claim against a company who allowed my client, a child, to be injured. We needed to show that the cause of the injuries was the behaviour of another child, so without that child's knowledge, were able to get educational records and medical records, all via a simple application. Perfectly legal, perfectly straight forward, and cost about £300. I've done the same to get credit histories, employment records, you name it.

 

Despite the protestations, if a parking company wanted to force DVLA to release details, this is the clause they would use, as long as they could show they intended legal proceedings. They don't have to follow them through, just convince the Court that they intend to. How do you disprove that? You can't. It takes 30 seconds to complete a Court claim form and say 'This is what I'll be sending'.

 

The point I make is this - these new powers allow the government to get access to documents, info etc. They can do that at the moment. If they think you've committed a crime, and that your bank records can prove that, they simply make an application to the Court to get those records without your knowledge, and to waive DPA. The Court has no option (due to the wording of DPA) but to agree to it.

 

All this new system will likely do is make it more straight forward, so I'd guess, although I haven't looked into it, that someone like a Chief Superintendent or similar could approve it, rather than wasting a Court's time.

 

I may be wrong on the logistics, but it will simply be an amendment to the powers already there.

 

has the rules changed since 2014 on medic record access.

http://www.protectinginfo.nhs.uk/Disclosing/13.Solicitor%20Records%20Access%20protocol%20v1.2.pdf

[Afilsdesigne]

I might have nothing to hide from state surveillance but that does not mean it is either right or the best thing to do. Surely it would be better for the state to go after targeted individuals or groups, people who fit the right profile, rather than assuming everyone needs to be monitored? State surveillance on this scale is dangerous. How many government databases have been compromised over the years, or what happens if you accidentally type in a 'wrong' word that gets the attention of an automated government trolling supercomputer? What happens if you have an altercation, perhaps you upset someone on the road and they have access to these new powers? You may think you have nothing to hide but in fact we all have a great deal that needs to be kept private and not shared with anyone else.

[Andy1976]

has the rules changed since 2014 on medic record access.

http://www.protectinginfo.nhs.uk/Disclosing/13.Solicitor%20Records%20Access%20protocol%20v1.2.pdf

 

Not changed at all - that relates to Subject Access Requests - basically when we want records for our clients (which they will of course consent to, as it benefits them).

 

The DPA hasn't really changed since it came into force, and S35(2) is still going strong.

[petemcewan]

The snooper's charter.

 

“I have nothing to hide” is a common response when I raise the topic with colleagues. And while I genuinely admire the certainty with which people believe themselves to be inculpable, I do think that academics underestimate the importance of thinking about these questions – if not for themselves, then at least for their participants.

 

Let’s reflect: we are teaching students about research ethics and methods. We require researchers to protect participants’ privacy and confidentiality. We have to pass institutional review boards, comply with good practice standards, and appoint data protection officers. Yet, in my experience, the most fundamental question of digital security remains absent from our lecture halls and daily practices.

 

I have seen research projects on vulnerable subjects pass ethics boards because someone claimed that they would lock transcripts or store them on password-protected computers. I have seen researchers going to conflict regions without proper clarity on how to save and transport their digital data. I have been to lectures that advise on moral dilemmas and methodological approaches but fail to outline how to effectively safeguard information. None of this protects researchers and participants if devices are stolen or forcefully taken from them.

 

While I acknowledge that these concerns might not affect and apply to all researchers equally, there is a risk of academics collecting data with potential unintended consequences such as the confiscation of research material and its use in court cases.

 

Everyone’s talking about the Tef, but no one is listening to students

Read more

A changing landscape

Raising awareness of the need for digital security is one way to tackle the challenges of surveillance and censorship. The use of encryption and other tools such as The Onion Router or virtual private networks is key. Although their usage requires some basic technical familiarity, they make communication with vulnerable participants more secure and can protect data from unauthorised access or interference.

 

Advertisement

 

It is also important to keep up to date with the changing landscape of these tools through, for example, the CryptoParty movement, which runs autonomous global meetings introducing the public to cryptographic techniques. These meetings can be attended free of charge and without any prior knowledge or skills.

 

Academics must be more critical in the application of digital technologies; academia needs a public debate about the level of protection that scholars and participants can expect. We need to be outspoken about the increase of surveillance and censorship practices. Scientific advancement relies on scholars’ ability to conduct unobstructed inquiry.

 

Most importantly, institutions need to prepare staff and students for these challenges and give them not only an ethical and methodological toolkit but also the ability to anticipate the effects of information being restricted, participants exposed, or intellectual property being stolen.

 

The UK Investigatory Powers Bill could be a wake-up call for the academic community. Hopefully we will respond.

 

Leonie Tanczer is one of the authors of Censorship and Surveillance in the Digital Age: The Technological Challenges for Academics

 

Join the higher education network for more comment, analysis and job opportunities, direct to your inbox. Follow us on Twitter @gdnhighered. And if you have an idea for a story, please read our guidelines and email your pitch to us at highereducationnetwork@theguardian.com

 

More comment Topics

Academics Research Higher education

The Guardian. Thursday 1st December 2016. Edited December 3, 2016 by petemcewan