(European) Police to spy on all emails

[papercut]

http://www.observer.co.uk/politics/story/0,6903,730091,00.html

Police to spy on all emails

Fury over Europe's secret plan to access computer and phone data

Kamal Ahmed, political editor
Sunday June 9, 2002
The Observer

Millions of personal emails, other internet information and telephone records are to be made accessible to the police and intelligence services in a move that has been denounced by critics as one of the most wide-ranging extensions of state power over private information.

Plans being drawn up by Europol, the police and intelligence arm of the European Union, propose that telephone and internet firms retain millions of pieces of data - including details of visits to internet chat rooms, and of calls made on mobile phones and text messages.

In a move that has been condemned by privacy campaigners, a draft document passed to The Observer reveals that the EU is now drawing up a 'common code' on data retention which will be applicable in all member states.

Security and police sources said new powers on accessing personal data will come into force in Britain towards the end of the year.

'It is typical that such a significant change in the control over private information is being worked out in secret,' said Dr Ian Brown, a leading expert on data privacy and director of the Foundation for Information Policy Research.

'It does seem to have been Britain that has put pressure on other member states to put in place this type of legislation. In 99 per cent of cases it will be used properly, but what about the other one per cent? There is not enough scrutiny of what is going on.'

The Europol document was drawn up at a private meeting of police, intelligence services and customs and excise officials from across Europe in The Hague last April. It lists 10 areas where companies will be required to keep information to help in the fight against international terrorism, domestic crime and drug running.

Companies that run internet sites will be required to retain passwords used by individuals, record which website addresses are visited, and keep details of webpages looked at and any credit card or bank details used for subscriptions.

The information retained about emails will include who sent the message, where the email went, its contents and the time and date it was sent.

It is believed that Britain will push for the data to be kept for up to five years. At the moment much of it is only kept for one or two months, for billing purposes, by the companies that run internet and email services.

Sources at the National High-tech Crime Unit, which is overseeing implementation of plans for data retention in Britain, point out that the growth of so-called 'cyber crime' means that they need new powers to keep ahead of the criminals.

One official also said that investigations into crimes such as the murders carried out by the GP Harold Shipman relied on the retention of old telephone records.

'We need to codify how this happens, so all countries in Europe are dealing with the same set of rules,' the source said.

'The internet does not recognise national boundaries and international companies don't need the confusion of dealing with separate codes in different countries.' The Europol document says the use of telephones - land lines and mobiles - will be monitored. Numbers dialled, when and where they were dialled from and personal details such as the address, date of birth and bank details of the subscriber who paid for the call will also be kept.

The document, headed 'Expert Meeting on Cyber Crime: Data Retention', suggests mobile phones records could be used by police and the intelligence services to track the geographical location of people making calls.

Mobiles use a network of masts to convey the calls, placing the user in a geographically distinct 'cell' at the time of the call. Records using such geographical locations were used to acquit the teenagers accused of murdering Damilola Taylor.

The Association of Chief Police Officers is also drawing up a manual of standards so that police forces across the country use similar methods when accessing the data.

PGP anyone?

 

[Zundfolge]

I think its against the law for us Americans to export PGP software without permission from the state department.

 

[KSFreeman]

German knock-knock joke:

"Knock, knock."
"Vo is it?"
"Vee vill ask der questions here!"

What would they be using e-mail in the UK for? To follow soccer games? Where warm beer is on sale? Hmmm.

 

[m.i.sanders]

That is absolutely unbelievable. :barf: I belive it's safe to say goodbye to any semblence of democarcy in Europe.

 

[Fred S]

m.i. sanders, you are correct. I've been saying that Europe lost what democracy they had when the EU was formed. Dictatorship by Bureaucracy.

 

[UltimaThule]

Sort of a European Carnivore?

In theory, of course, this information will only be available to the police after they get a court order, like with "old fashioned" phone-tapping. At least I think that is how it is, but they are probably not too worried about such technicalities in Britain, so maybe that is what they want to change in the rest of Europe?

In any case, all this information is available in today's hi-tech society. It is just a question of who gets access to it, "legally" or illegally. Anyone who trusts a government, any government, further than you can throw it, please raise your hand. It's not just governments of course, anyone who really wants to can access at least some of this information - at least if what we read about 14 year old hackers is true... And what if phone companies, credit card companies or others decide they want to sell information about you to for example your insurance company? Illegal you say? That depends on who has the sleaziest lawyers, doesn't it?

The solution? Be reasonably careful about what information you leave out there in the first place. I don't even like to speak about personal things on the phone. Who taught me to be that paranoid? The gov't of course.

PS: I don't live in the EU, I don't speak on behalf on anyone who does.

 

[papercut]

Zundfolge said:
I think its against the law for us Americans to export PGP software without permission from the state department.

Export the compiled software, yes. Export the source code, no.

The source code was printed in book form, complete with checksum bytes at the bottom of each page, and then the book was shipped to Europe where someone helpfully scanned and OCRed the whole thing, then recompiled it.

http://www.pgpi.org/

And now, of course, we have GPG. http://www.gnupg.org/