View more tweets

View more tweets

Data retention – Devil is in the detail

by jamesbaker on 10 July, 2014

Emergency legislation has been announced today on new data retention legislation. I think those of a Liberal mind should rightly be very sceptical of legislation which apparently had the backing of all three party leaders before it was announced to the public.  To give a bit of background there is a need for new legislation after the EU data retention directive got struck down by the CJEU. Since that happened in April the UK has been carrying on with its blanket data retention regime.

The significant part of that ruling is in para 58

“Restrict retention to data that is related to a threat to public security and in particular restrict retention to a particular time period, geographical area and / or suspects or persons whose data would contribute to the prevention or prosecution of crime.”

That should kill blanket retention dead, unless the UK can demonstrate it’s needed for national security and proportionate for a democracy. That will probably be heading to Strasbourg for a ruling (although it’s worth noting Terrorism is generally considered  a criminal issue than national security issue, as despite the serious threat it posses to life and property it rarely if ever actually threatens the integrity of the state).

New Secretary of State powers

The Liberal Democrats were/are  in a very powerful situation to demand compliance with that aspect of the ruling as the price of any new legislation. The new legislation is presented to us as the status quo with some additional protection for civil liberties. This isn’t actually the case as it contains a number of provisions for the Secretary of State to make future changes to it via means of Statutory Instruments (a parliamentary procedure that lacks real scrutiny). In this regard it is actually enabling legislation that allows for the potential of illiberal measures to be pushed through by the Home Office and Home Secretary. Either in another future emergency, or more likely overtime slowly with a series of seemingly banal changes.

The Secretary of State may by regulations make further provision about the
Such provision may, in particular, include provision about
(a) requirements before giving a retention notice,
(b) the maximum period for which data is to be retained under a retention 5
notice,
(c) the content, giving, coming into force, review, variation or revocation
of a retention notice,
(d) the integrity, security or protection of, access to, or the disclosure or destruction of, data retained by virtue of this section

and

Any power to make regulations under section 1ó
(a) is exercisable by statutory instrument,
(b) includes power to
(i) confer or impose functions (including those involving the exercise of a discretion) on any person (including the Secretary of State),

No expert or public input

The other real problem this legislation has is that technical legal and privacy experts have been given no opportunity to contribute towards it. As they normally would do via means of public briefings to MPs and political parties. It’s disingenuous to spin this as an emergency as the need for new legislation stems from a court ruling that happened three months ago. Nor has there been any public debate around the nature of new powers that are needed. Both of these things should give any mature democracy cause for concern. It’s also a strategic mistake as it’s really going to upset privacy and civil liberty groups. Hence why you have reactions like this from ORG, a negative reaction from Liberty and from NO2ID.

No Emergency stop the data retention stitch up 

DRIP bill means future torrent of surveillance powers.

Emergency data law: “A debate for the future”? 

   Leave a comment

Leave a Reply

You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>