Archives

MPs plan Magna Carta Digitatum

A meeting in the House of Commons has overwhelmingly backed a Digital Bill of Rights.julian_huppert_mpOn the sixty-sixth anniversary of the United Nations declaration of Human Rights, Liberal Democrat Dr Julian Huppert MP made a spirited case for a new law to enshrine basic freedoms in the online sphere and to protect citizens’ privacy, identity and anonymity.

Policy

He was scathing about the security services who use telecommunications and digital messaging for mass surveillance, and said he was “perpetually disappointed how little discussion there has been in this place” since the national Security Agency whistleblower Edward Snowden revealed the extent of listening service GCHQ’s mass surveillance of the British public’s phone calls, digital messaging and emails. As the Liberal Democrats’ Home Affairs spokesman and Technology Adviser to the Deputy Prime Minister Nick Clegg, Huppert has campaigned for the Digital Bill of Rights to become party policy.

Stasi

And he blamed the lack of informed debate on the typical British attitude to spying, remarking that we take a James Bond view of the intelligence agencies and surveillance whereas the Americans still have bitter memories of Joe McCarthy, the anti-Communist witch-hunter of the 1950s and that in modern day Germany, the activities of the Stasi, the notorious East German security service that employed nearly a sixtieth of the population still creates social tensions.

Questioned about the need for security services to gather and retain ever more data in order to prevent crime and terrorism, the MP responded:

If you’re looking for a needle in a haystack, the last thing you need is for someone to throw on another load of hay. What you need is a magnet”

Dr Huppert, a Cambridge educated scientist with a PhD in Biological Chemistry from Trinity College, used a further scientific example to illustrate how to balance privacy with security.He drew a graph in the air to indicate where those two conflicting requirements should meet, and stressed the need to enshrine the same basic freedoms across the internet that the Magna Carta gave to British citizens in 1215.

As a step in that direction he said he had voted for a ‘sunset clause’ setting a time limit on the Government’s latest new law which gives the authorities the power to demand the retention of data so that it can be used for surveillance. The measure known as DRIP (Digital Retention and Investigatory Powers Act) now expires at the end of 2016, ensuring that it must be debated again and may be scrapped at that point in the future.

Two of the forty-nine rebel MPs who voted against the measure, Labour’s Tom Watson and the Conservative David Davis, are seeking judicial review, claiming that DRIP is not lawful. They are backed by the human rights campaign Liberty.

GCHQ

In the Digital Rights Bill meeting, a counter-argument came from lawyer Michael Drury, the ex legal services chief from the Government listening station GCHQ. Drury said that it was a political choice to require data to be collected and retained, and one that he finds defensible since the nation has a right to protect itself. Drury could not attend and his contribution was pre-recorded. Listen below to an extract..

 

Expert cryptographer Professor Fred Piper, on the other hand, backed the MP’s call for a Digital Bill of Rights. He said the answer to ‘Is it needed? is ‘yes’ and the debate should be about what it contains.

Prof Fred Piper of Royal Holloway

Prof Fred Piper of Royal Holloway University of London

He said his own university, Royal Holloway, is located near the site at Runnymede where the Magna Carta was signed, and is marking the eight hundredth anniversary next year by creating ten doctoral posts funded by the Leverhulme Trust to create a Magna Carta for the 21st Century.

As a cryptographer he expressed concern that encrypted emails and other communications negate the concept of lawful interception by the security services ad police, and blamed citizens’ lack of trust for the move by many to choose encryption. “If there were trust, we’d be able to distinguish between what they can do and what they do do“he said. He pointed out that users often do not know how to use technology.” How do you stop people clicking on an email? “he asked “It’s not an awareness issue, it’s a behavioural issue.

The inside track on law enforcement came from Charlie Mcmurdie the former head of the Metropolitan Police e-crime unit. she now works for management consultants Price Waterhouse Cooper as a cyber security adviser.

Charlie Mcmurdie: Scotland Yard's former head of cybercrime

Charlie Mcmurdie: Scotland Yard’s former head of cybercrime

The UK is fairly chunky” she said, comparing the UK’s regulatory framework for granting permission to police to tap phone calls, intercept online messages or require Internet Service Providers and telecommunication companies to keep data and give it to officers when requested. Other countries, she said, are less regulated and focus more on enforcement. Mcmurdie insisted that law enforcement officers only request data – using the RIPA law which does not require a warrant – when they know exactly what they need to find. “Looking for a stolen gemstone is completely different from tracking a stolen lorry” she pointed out, to illustrate the way police target different sources of information and communication methods. She claimed that if police had to get a court order every time they needed to collect suspects’ data they would spend all their time in court, since 95-98% of all crimes involve online communications of some sort.

Vote in favour

Summing up the debate, Future Intelligence Editor Peter Warren – who chairs the Cyber Security Research Institute and moderated the discussion – concluded that there is a need for a Digital Bill of Rights. A show of hands in the meeting gave overwhelming support to the concept. Warren said:”The question that emerged from today was not whether we need a Digital Bill of Rights but how the discussion about that Bill of rights is going to be framed. While the appetite for digital protection may not be there among the population at large, a critical need for it is beginning to be accepted by the people who are concerned with law and order, technology and regulation.”

As a starting point, Warren suggested using some of the precepts he explained in the Future Intelligence research reportCan we make the Digital World Ethical? For example, he cited the concept of ‘human primacy’ which would ensure that online systems were always controlled by people even in the age of autonomous machines and self-programming software. Another key clause would deal with ‘device sanctity’, the idea that a person’s individual smartphone, computer, self-driving car, wearable or handheld device and all the data and connections it contains should belong to the individual and not to the manufacturer or the internet companies that support it. Copies of the report ‘Can we make the digital world ethical? can be ordered through IT governance http://bit.ly/1um2wMJ