This will wind up the "if you have nothing to hide, you have nothing to fear" brigade
UK cops and spook agencies wrongly fingered five people as criminals after seizing data about their communications, according to a new report. The Interception of Communications Commissioner's latest dossier [PDF] gave examples of intelligence data used to seize drugs and firearms, stop illegal waste dumping and in one …
This post has been deleted by its author
"No, they'll say 5 wrong arrests are a tiny price to pay for fighting terrorism, thinking of the children, etc."
Indeed they will
I forget who said it exactly, I think it was one of the USA's "Founding Fathers";
Better 100 guilty men go free than 1 innocent person unjustly deprived of their Liberty.
Prevention is NOT always better than cure - but to appreciate that you have to apply more sophisticated reasoning than an amoeba.
The same dilemma exists for screening healthy people for diseases in medicine.
'Screening' starts with the default assumption that the patient has heart disease, breast cancer whatever - and you then set out to prove the negative.
There is always a false positive error rate in whatever test you apply.
Therefore one should accept
1. normal people are going to be misdiagnosed
2. if the damage (and/or number) of misdiagnoses exceeds the benefits (and/or numbers) of correct diagnoses you abandon the screening program
Harvest (say) a million internet transactions to catch the one in a million by a p@edo/terrorist/tax dodger. Say your test has the unbelievably impressive false positive rate of 0.01 percent (1:10000) and 100 percent true positive rate.
You will 'detect' one terrorist whilst falsely accusing 100 innocent people.
Not looking so good for the snoopers - even with highly optimistic assumptions of prevalence of bad guys and performance of the screening instrument.
> How can you 'accidently' request someones texts, voicemails or emails?
Easy, you put, as an example, 01234 567890 into the 'phone number' field on the online form instead of 01234 576890. You may not notice the cock-up until there's no sign of an incoming call matching an outgoing one to the number from another suspect.
I've talked to my own voicemail several times because someone at work has a mobile number that is the same as mine except that the last two digits are reversed.
>were "malicious or deliberate".
>How can you 'accidently' request someones texts, voicemails or emails?
>"I can smell shite"
You could request the details for your ex's new squeeze. Doing so is illegal, and is why the security services (and the police, etc) audit all requests, to check that the requester has a lawful reason to look up the information about the target.
570,135 requests to snoop. Over a 12-month period, that's over 1,550 each and every day. Assuming that each request is properly qualified, prepared, reviewed and approved, then the amount of effort required to process them is enormous. But that's a big assumption.
Note also that it's not just cops and spooks who have the powers to request communications data. Other public bodies including local authorties can do it.
Intercept warrants - 3,372 is over 9 a day. They have to be signed off by a Secretary of State. Properly reviewed and questioned before Secretarial sign-off? Yeah, right.
BTW, there really is a helicopter above me as I type this. They surely couldn't react so quic
It is an extremely concerning figure. It's a pretty massive proportion of the country (more than are ever in their lives likely to be accused much less convicted of any sort of crime - the current prison population for the entire country is less than 100k).
At best it's a disproportionate response to whatever issue we're trying to solve, and it appears we're trying to solve issues that shouldn't be solved with communications data.
Any state action that deprives a citizen of their liberty without cause should be investigated with swift and ruthless efficiency.
When it is proven the actions were unwarranted, or evidence is willingly tampered with, the police, lawyers and judge involved should be bunged up in jail for the same period of time.
Only when their own butts are on the line, and responsibility for their actions is enforced, will things will get better.
"Any state action that deprives a citizen of their liberty without cause should be investigated with swift and ruthless efficiency.
Ideally, by the citizens. In a well-run society, they ought to have all the information they need to do so - and the powers as well. "Democracy" means that the people have the ultimate power - and that should not mean imaginary symbolic power, as represented by the right to choose, every four or five years, between two bunches of crooks to run their country.
"When the people fear their government, there is tyranny; when the government fears the people, there is liberty". - Thomas Jefferson
Which do you think is the case in the nation where *you* live?
that understands the difference between 'here is the suspect's numberplate - can we see it on ANPRS?' and 'let's store every ANPRS event in the case that we might want to look later' or 'is this suspect sending emails to other suspects' and 'let's store every email just in case'?
And understands that while the public might accept the first of each case they may well have a reasonable and reasoned objection to the second in each case?
Nothing to fear, nothing to hide, my arse. It's nothing to do with that and any implication that it is is smoke and mirrors. When the powers that be put every email, every web page they access, and 24-hour video of their lives online, I *might* believe that they actually think that motto...
Whilst I can understand the police's desire to be able to back track a suspects movement (i.e. we only be came aware that X was planning to bomb that church today, where did he get the bombs from, lets check the data and see where he was previously), I dont agree with it, and I dont believe that Joe Public would actually accept their every movement being tracked, catalogued and assesed, if they were honestly aware of the level of intrusion going on.
Then again I might be giving too much credit to Joe Public, having seen the level of education in some areas of the UK, I doubt they can even spell Surveillance State let alone think about how it affects them...
"that understands the difference between 'here is the suspect's numberplate - can we see it on ANPRS?' and 'let's store every ANPRS event in the case that we might want to look later' or 'is this suspect sending emails to other suspects' and 'let's store every email just in case'?"
In fact I'm not clear what "law" the UK ANPRS system operates under beyond the true motivation of all data fetishts "Because we can."
It's called RIPA section 1 and it's pretty explicit.
The issue is the relevant law is not being enforced or overseen as it's supposed to be. The government of the day and the last government seem and seemed to be happy with GCHQ et al telling them what a fantastic job they are doing. Read the report - it's a pretty shocking indictment of the current ICC regime.
Would it be possible to see if any requests have been made about me?
Why, dear sir, since you ask such a pointed question, while we can't tell you nuthin, we can say one thing, and make of it what you will: You will have been the subject of such a request, by the time you get back home!
This post has been deleted by its author
Security authorities have been making this kind of fuck-up since Walsingham* was Elizabeth the First's "M". Are we really surprised? They do it again and again and use the same excuses each time. "You can't make an omelette without breaking eggs". In other words we are told that we have to except this particularly nasty example of "friendly fire" and if we do not accept this then their reply is "what is your problem, something to hide have we?"
"In another error, police were sent to an address where they wrongly believed a child had threatened to harm him or herself."
I have personally dealt with something similar. A user in a chat room became concerned that another user was attempting suicide. They contacted their local police in Australia. The Australian police tracked down the IP (this will have involved a third party) and traced it to the UK. They then contacted Scotland Yard with the information.
Scotland Yard contacted the ISP with the information. The ISP called me at 3:00am to get the details of who had that IP at that time. For security reasons, account information is not accessible remotely so I had to drive in, track it down through the logs and them associate it with an account. The details were then passed on to Scotland Yard who no doubt passed it onto the local police force.
Information was exchanged at many points and passed through many hands. Any transcription or lookup error could have easily resulted in the police knocking on the wrong door. It is hardly surprising they get a couple wrong.
Bootnote: Did the user attempt or even succeed with the suicide? I have no idea but the first thing I did was ping the address and got this response:
x.x.x.x is alive.
"This will wind up the "if you have nothing to hide, you have nothing to fear" brigade" says Andrew Moore. Does that mean that he's for or against data snooping? Sounds from the "wind up" part as if he's not worried if HIS data is slurped and distinctly scornful of those who may protest, so I assume he's in favour. I reckon if HE was in the dock, wrongfully accused due to plod's blundering, the story would be a little different. Snooping and lack of privacy has got way beyond a joke.
The Terrorists have finally won when the Government makes the populace afraid to live their lives.
Yes, there are acts of murder & mayhem but terrorism is really in the mind and the goverment WANTS us to be afraid so they can control us even more than they do now.
I remember an old SF short story from Asimov or Astounding where people became so afraid of plague and terrorism that they never left home, had all supplies delivered by the tube, lived in sealed houses, conducted life over some form of video etc.
I think the bastards may eventually cause this to happen if they scare people enough.
The fact is that NOTHING or NO ONE can protect you 100% of the time.
"Don't fight it son. Confess quickly! If you hold out too long you could jeopardize your credit rating. "
Using another marketing term, if we assume 5 nines reliability, that still means a 0.001% error rate. Some will be innocent people being falsely accused while others will be guilty people being let off. Even if the reliability rate remains the same, the more data is collected, the more mistakes will be made. However the reliability rate seems to be tending more to 9 fives instead as more and more people are required to handle and process oodles of useless information about innocent people just going about their daily business. Quite apart from the civil liberties issues, this is a massive waste of time and money that could be spent on something more useful.
Given that the UK doesn't compensate innocent people incarcerated for years, these 'errors' won't cost much.
At one time, when I was young, parents would say if you need help - find a Plod. Scotland Yard was actually respected - now, just another bunch of bag men.
These days Plod ARE the problem - crooks in uniform.
If the system is so good, why weren't the crooked Plod caught selling information. Why? Because it was, and is, ineffective.
Biting the hand that feeds IT © 1998–2021