Ex-GCHQ chief: Bulk access to internet comms not same as mass surveillance

IPB A specially convened, one-off chinwag about the so-called "tech issues" in the UK government's latest draft super-snoop bill failed to get to the nitty-gritty on Tuesday afternoon.

Parliament's science and technology committee faced down industry bods, the former boss of GCHQ and a number of academics to try to better understand some of the technical concerns that have been raised following the draft legislation's arrival last week.

But – despite some good questions from Labour MPs Stella Creasy and Valerie Vaz – much of the discussion drifted too readily into a debate about being for or against Home Secretary Theresa May's proposed law to extend the surveillance powers of Britain's spooks and cops.

Inevitably, one-time GCHQ chief Sir David Omand was animated about supporting the government's bid to massively ramp up snooping on Brits' online activity.

When quizzed about technical improvements, he told MPs: "I would have gone slightly further than internet connection records. Having a full weblog would be far better."

The trouble is that such a strategy "is not thought to be saleable" at present.

"The volumes of data are enormous on the internet," Omand added. "This bill will not eliminate the difficulties of encryption ... but it will help the authorities manage their level of risk."

Fuzzy definitions

Earlier in the session, Internet Service Providers' Association chair James Blessing had warned MPs that many of the technical demands in the draft legislation were "fuzzy".

Omand countered that claim, however.

"The communications data definitions are actually not fuzzy at all, they're actually quite precise. What is not defined in the bill is metadata," he said.

"The position under the existing legislation is if it's not 'who, what, where or how' then it's content. So some of the fancy things you can do with metadata require a secretary of state to warrant. Now I'm very comfortable with that, as I know intelligence agencies are."

He added that communications data was the "gold dust" information needed by spooks and cops to monitor crims and terrorists.

Omand then went on to claim that metadata (the aforementioned gold dust) was less sensitive than the content – a comment repeatedly trotted out by g-men who attempt to justify the drag net surveillance of netizens.

On encryption, he said "I'm not mandating backdoors" and claimed that there was "a lot of nuisance" being written about the government's stance on crypto tech, which just so happened to chime with similar claims coming out of the GCHQ camp on Tuesday.

He also claimed that bulk access to internet communications was not the same as mass surveillance.

Request filters, anyone? Anyone? Hello ...

Among other things, the panel failed to discuss the contentious request filters mentioned in the draft bill.

Last week, the Home Office confirmed to The Register that the system would be used by public authorities to make a "complex request for communications data". Which, put another way, is a database query.

But – if you obey Whitehall – no one is allowed to use the word "database". Indeed, it's not mentioned once in May's proposed law. ®