A secret database of citizens' personal lives and habits isn't explicitly spelled out in the UK's latest surveillance law. No, instead, it's described as a set of "request filters."
The term is buried in the draft Investigatory Powers Bill (IPB), which was introduced to Parliament on Wednesday. Turn to page 254 of the 299-page document [PDF], and you'll find it under "Clause 51: Filtering arrangements for obtaining data."
Such arrangements, the proposed law states, will be implemented by the Secretary of State, and no mention is made of any judicial oversight.
The request filters are ways in which the authorities can, without a court warrant, search for and organize information on citizens from their "internet connection records," which are held for 12 months, presumably stored by the ISPs. These records include details such as your IP addresses, the websites you visit, when you visit them, and where you connect from.
Two example request filters are cited in the IPB. The first is IP address associations, allowing snoops to narrow down who is using a particular website:
An investigator has details of a number of IP addresses which they believe relate to a specific individual, and have been used to access internet services at known times.
However, each IP address cannot be resolved to a single individual because at the known time it has been simultaneously shared between many internet users. In this example, the Request Filter would be able to match the specific individual in common between the users of each of the IP addresses, then disclose only the communications data about that specific individual to the public authority.
Without the Request Filter, telecommunications operators would need to disclose details of every individual that had shared the IP addresses at the relevant times, and an analyst working in the public authority would examine all of the individuals' data to obtain the same result.
The second example cited is "location correlation," which again points to a request filter being used. Both examples, of course, demonstrate that this is a database by another name.
In subsequent clauses, the bill goes on to state that the investigatory powers watchdog will have "rigorous oversight and control" of the request filters, seemingly based on details provided in an annual report that's submitted by senior operatives of the database.
Telco lobby group ISPA offered up its initial take on the proposed legislative overhaul:
The Draft Bill is highly complex and some of the provisions seem to be an extension of existing powers: for example the inclusion of a "request filter" and how Internet Connection Records are defined.
ISPA will be responding more fully in the coming days on the implications of the new legislation.
The cryptically named request filters had formed part of UK Home Secretary Theresa May's draft Communications Data Bill in 2012. It even came under scrutiny from the UK's Information Commissioner Office (ICO), which demanded details about the opaque system from the Home Office.
Later, in light of the Snowden revelations, the ICO had this to say:
Using technology to help enhance privacy, not just to erode it, is possible and can help meet the twin objectives of security and privacy protection. The potential for this was recognised in the Government's Draft Communication Bill published in June 2012, which included provisions for the establishment of a "request filter."
This would have ensured that only information of concern is passed on to investigative bodies, without the need for any intrusive or unreliable human intervention, and would have allowed communications data of no concern to be promptly deleted.
Recent reports have suggested that security agencies are performing quite the opposite by building their own collection, storage, filter, and analysis mechanisms.
Based on the ICO's logic, the UK government simply needs to be transparent about such a database with citizens and regulators, and then it can slurp away. ®
Updated to add
A Home Office spokesman got in touch after publication of this story. Here's the government department's response in full:
I’m contacting you regarding your article "UK govt sneaks citizen database aka 'request filters' into proposed internet super-spy law", in which you allege the request filter for which the draft Investigatory Powers Bill makes provision is "a secret database of citizens’ lives and habits".
This is plain wrong – I expect your copy to be updated to reflect the points below, as per our right of reply, given how misleading and inaccurate your report is. Our position is as follows:
· The assertion that the request filter in the draft Investigatory Powers Bill is a “secret database of citizens’ personal lives and habits” is plain wrong. The Request Filter is a safeguard that means when public authorities make a complex request for communications data (i.e. police seeking to find out which mobile phone was at three crime scenes at the relevant times) they only get back data that is absolutely necessary.
· Currently, public authorities might approach CSPs for location data to identify the mobile phones used in those three locations at the relevant times, in order to determine whether a particular phone (and a particular individual) is linked to the three offences. This means the public authority may acquire a significant amount of data relating to people who are not of interest.
· The request filter will mean that when a police force makes such a request, they will only see the data they need to. Any irrelevant data will be deleted and not made available to the public authority.
· The operation of the filtering arrangements will be overseen by the Investigatory Powers Commissioner.
· The filtering arrangements can only operate in response to a necessary and proportionate authorisation for the acquisition of communications data.
· The Joint Committee on the draft Communications Data Bill said that “the request filter will speed up complex inquiries and minimise collateral intrusion. These are important benefits”.
Seeing data, deleting data. How does one perform such tasks? Surely not by looking at and interacting with a database?