Home Page | About Us | Press Enquiries| Reports | Policy Issues | News Items | Press Releases | Mailing Lists | Bookstore |
Free Secure Web based e-mail - http://www.cyber-rights.net
Read the Cyber-Rights & Cyber-Liberties (UK) statement for the Palermo Conference, 11 December, 2000.
United Nations Convention Against
Transnational Organized Crime, Palermo, Italy, 12-15 December,
2000, hosted by the Italian Government, http://www.odccp.org/palermo/convmain.html
Yaman Akdeniz will be speaking at the Seminar for the Media on the Convention against Transnational Organized Crime (Palermo, Palazzo dei Normanni) within the E-media: An avenue for communication or cyber-crime? session. See also the Biographical notes on the participants for the Un Seminar. |
|
See the press release First UN Treaty against Transnational Organized Crime Adopted by Assembly (16 November 2000) Cyber crime: the crimes of tomorrow are on our doorstep - (Spanish, French) |
New pages added: December
2000
Information related to Cybercrime Policy Making Process within the Council of
Europe, European Union, G8, and the United Nations
Internet
Detective: Censorship, National Security, and Freedom of Information
- Added December 2000.
A case of censorship or protection of national security? Read the
related documents and the Ombudsman's decision and judge yourself.
Looking to
the Future: Clarity on Communications Data Retention Law
NCIS Submission to the Home Office, By Roger Gaspar, Deputy Director General,
NCIS Chairman ACPO Police and Telecommunications Industry Strategy Group, on
behalf of A.C.P.O. and A.C.P.O (S), H.M. Customs & Excise, Security Service
Secret Intelligence Service, and, GCHQ, 21 August, 2000.
See also the Observer, Secret
plan to spy on all British phone calls, 03 December, 2000.
Cyber-Rights.Net Launch Coverage
Cyber-Rights.Net Launch - November 2000, http://www.cyber-rights.net
Cyber-Rights.Net Forms Alliance with Hush Communications to offer HushMail Private Label to Internet users.
Leeds, UK & Dublin, Ireland(November 01, 2000) Cyber-Rights & Cyber -Liberties (UK) have partnered with Hush Communications to campaign against the Regulation of Investigatory Powers Act (RIP) 2000, which passed into law in October this year. The Regulation of Investigatory Powers (RIP) Act outlines the extended reach of the UK governments law enforcement and security agencies in regards to the monitoring and interception of communications across the Internet, and government access to encryption keys. Similar proposals are currently being discussed by the Council of Europe which would give law enforcement agencies extended powers and capabilities for Internet monitoring in more than 40 countries.
In an effort to raise public awareness of these important policy issues and to encourage Internet users to use secure communications, Cyber-Rights & Cyber-Liberties (UK) are launching the Cyber-Rights.Net project. The project offers Internet users HushMail Private Label, an encrypted email solution, that employs Hushs patent-pending Hush Encryption Engine ™. With HushMail Private Label, Cyber-Rights.Net will be able to offer its visitors and users end-to-end secure email through, http://www.cyber-rights.net. HushMail Private Label fully integrates Hushs roaming key pair management technology into the Cyber-Rights.Net system enabling its users to send and receive secure mail from any location with access to the Internet throughout the world.
Mr. Yaman Akdeniz, Director, Cyber-Rights & Cyber-Liberties (UK) stated:
"Both the Website and project promote privacy of communications and hope to raise awareness for security on the Internet. In the absence of clearly defined conditions and safeguards protecting the privacy of communications in homes and in working environments, it is time for the individual to take action and protect their communications. Cyber-Rights.Net will be an additional tool for concerned Internet users when securing their communications."
Cyber-Rights & Cyber-Liberties (UK) is dedicated to the promotion of secure and private communications over the Internet and has been influential in the national and international policy making process.
Jon Matonis, CEO of Hush Communications said, "We are excited to be a part of the Cyber-Rights & Cyber-Liberties project. HushMail Private Label will offer Cyber-Rights.Net users the most secure and user-friendly email solution available on the market today. From everyday Internet users to legal and medical professionals, Hush protects online communications."
From its inception, Hush Communications has been dedicated to the privacy rights. The companys core technology was specifically developed to protect the communications and transactions of anyone with access to the Internet. While Hush offers a variety of products and services for sale, its flagship product, HushMail.Com (www.hushmail.com), provides fully encrypted, Web-based email, free of charge, to the general public. Hush posts its source code for review and download at www.hush.ai.
About Cyber-Rights & Cyber-Liberties (UK)
Cyber-Rights & Cyber-Liberties (UK) (http://www.cyber-rights.org), is a non-profit organisation established to protect the interests of all honest, law abiding Internet users with the aim of promoting free speech and privacy on the Internet. It was founded in 1997 and has been actively involved with the Internet policy-making process of the UK government, the European Union, Council of Europe, OECD, and the United Nations.
About Hush Communications Corporation
Hush is the premier provider of encryption products and services in the secure communications industry. The companys SDK, Software Developer Kit, allows other Web-based infrastructure companies and application providers to design product and service offerings that utilise the Hush Key Server Network. Hush has strategic alliances with Netsmart (www.netsmart.com), NetNation Communications (www.netnation.com) and Security Portal (www.securityportal.com), and its investors include OffRoad Capital Corporation (www.offroadcapital.com). Hush Communications is the leading market share for encryption key management services and has users in every country in the world. Hush Communications Corporation is a U.S. company with subsidiary companies located in Dublin, Ireland; Salt Lake City, Utah; and Austin, Texas and is the provider of HushMail.Com, HushMail Private Label, and HushPOP with worldwide headquarters based in Dublin, Ireland.
Contact Details
Cyber-Rights & Cyber-Liberties (UK)
Mr. Yaman Akdeniz,
Director, Cyber-Rights & Cyber-Liberties (UK)
Url: http://www.cyber-rights.org
E-mail: lawya@cyber-rights.org
Tel: +44 (0)7798
865116
Dr. Louise Ellison,
Deputy Director of Cyber-Rights & Cyber-Liberties (UK)
Tel: +44 (0) 118 9875123 (ext. 7507)
E-mail: lawlee@cyber-rights.org
Hush Communications
Genevieve Van Cleve
Ciara Hudson
22 Upper Pembroke St.
Dublin 2, Ireland
Phone: +353-1-241-0367
Fax: +353-1-241-0370
genvc@hushmail.com
ciara@hushmail.com
Global Internet Liberty Campaign Member
Letter
on Council of Europe Convention on Cyber-Crime,
18 October, 2000.
Cyber-Rights & Cyber-Liberties signed this letter and
was involved with the drafting of this letter.
See also the Draft
Convention on Cyber-crime (version 22).
An html version is offered by CR&CL here.
FOR IMMEDIATE RELEASE, October 18, 2000
Cyber-Rights & Cyber-Liberties
Civil Society Groups Oppose Computer Crime Convention NGOs Urge Council of Europe to Adopt Safeguards for Internet Users
Members of the Global Internet Liberty Campaign (GILC) today urged the Council of Europe to reconsider a draft treaty on "Cyber Crime." The international coalition of civil liberties and human rights organizations said the proposal posed a threat to free speech and privacy on the Internet.
Cyber-Rights & Cyber-Liberties signed the GILC letter and was involved with the drafting of this letter. Yaman Akdeniz, Director of Cyber-Rights & Cyber-Liberties stated that:
"In my view, the whole of Article 18 (dealing with interception of communications) is incompatible with Article 8 of the ECHR and with the jurisprudence of the European Court of Human Rights and some sections of the draft Convention goes even further than the requirements of the Regulation of Investigatory Powers Act 2000. The development of the Internet requires the instillation of trust in Internet users and affirmation that their expectation of privacy in correspondence is legitimate. But it seems to be the Council of Europe which has no trust and instead seeks to develop unjustified intrusive surveillance systems into the national legal systems of its member states."
"The most problematic parts of the draft Convention involves those sections dealing with interception of communications, traffic data, corporate liability of ISPs, and mutual assistance without dual criminality."
On the issue of mutual assistance without dual-criminality, Yaman Akdeniz added that:
"It is not acceptable for a law enforcement body of one nation to respond to a request of another without the need for dual criminality. In the absence of dual criminality, the implementation of this section could lead into the investigation of one nations law abiding citizens by another nations law enforcement bodies."
The Council of Europe proposed the Cyber Crime treaty in April as part of an effort to strengthen computer crime laws among many countries. The Group of Eight (G8) will be discussing the treaty at a meeting on October 24 in Berlin.
The civil society organizations said that the draft treaty is "contrary to well established norms for the protection of the individual, that it improperly extends the police authority of national governments, that it will undermine the development of network security techniques, and that it will reduce government accountability in future law enforcement conduct."
According to the organizations, the Convention on Cyber Crime would require Internet companies to retain records of customer activity and force Internet Service Providers to review private messages distributed through computer networks. The draft treaty would also criminalize copyright violations and discourage the development of new network security tools.
Other sections would encourage law enforcement access to stored records and encryption keys without sufficient legal safeguards and expand surveillance powers.
The Council of Europe had planned to finalize the convention by December 2000, but the opposition of citizen organizations may slow the process.
The Global Internet Liberty Campaign is an international coalition of organizations working to protect and enhance online civil liberties and human rights. Links to member organizations, as well as information about GILC issues and activities are available at http://www.gilc.org/
Cyber-Rights & Cyber-Liberties is at http://www.cyber-rights.org
This press release will be available through http://www.cyber-rights.org/press/
Global Internet Liberty Campaign Member Letter on Council of Europe Convention on Cyber-Crime: http://www.gilc.org/privacy/coe-letter-1000.html
UPDATED (11 October, 2000) - Cyber-Rights & Cyber-Liberties (UK), "Echelon Watch," at http://www.cyber-rights.org/interception/echelon/
DTI LAWFUL BUSINESS
PRACTICE REGULATIONS: RESPONSE TO CONSULTATION
"The Government is confident that the Lawful Business
Practice Regulations will allow business to conduct most
important monitoring or recording activities without needing to
restructure practices and without undergoing significant costs.
The Regulations should offer business the greatest possible scope
for maximising the advantages of new ways of working with phone,
email and other electronic communications, consistent with a high
degree of privacy for the users of communications services. As
such, they will contribute to the Government's aim of making the
UK the best place for e-commerce by encouraging modern markets
and confident consumers." --- So they say but the
new regulations will not achieve this country to become the best
place for e-commerce, 04 October, 2000. See further Ananova,
"Government
to award firms more licence to snoop".
For the DTI press release see http://www.cyber-rights.org/interception/
House of Lords Select
Committee on European published its Fourteenth Report
entitled
E-Commerce:
Policy Development and Co-ordination in the EU in
August 2000. See also the Minutes
of Evidence
and Written
Evidence including Cyber-Rights & Cyber-Liberties (UK)'s
submission.
In relation to hotlines, the Committee stated that: "51. We recommend that the United Kingdom Government take advantage of the expertise which exists in certain independent monitoring organisations to address the issue of harmful content. However, we also recommend that the Government takes steps to ensure that such organisations conform to the principles of good regulation as laid down by the Cabinet Office's Better Regulation Task Force. (see paragraph 259)" - This was a point raised in the Cyber-Rights & Cyber-Liberties (UK)'s submission to the Select Committee.
In relation to the RIP Bill, the Committee stated that: "270. Clearly, there is a justifiable need for legislation to counter serious crime and terrorism over the Internet. On balance, however, we have found that the continuing adverse perception of the Bill has weakened the impression that Government understands and supports the e-commerce-based sector and has threatened the Prime Minister's objective of making "the UK the best environment in the world for e-commerce". This highlights the need to proceed with careful consideration of all aspects of legislation impacting upon industry, especially in a rapidly changing technological environment. Wider and earlier consultation would have been helpful in this case. A more patient development of an agreed international approach to common legislation might have been helpful in the longer run."
Yaman Akdeniz, Anonymous Now, Index on
Censorship, The
Privacy Issue, 2000 (3), June.
http://www.indexoncensorship.org/300/akd.htm
On July 28, 200 the RIP Bill became an
Act of Parliament.
For information about the Regulation of Investigatory
Powers Act 2000 see http://www.cyber-rights.org/crypto/
Press Release - 12 July, 2000, Cyber-Rights & Cyber-Liberties (UK)
Apart from what we published yesterday on Part III and related Code of Practice on Part III of the RIP Bill, we would like to bring the following information to your attention.
The Trade and Industry Committee on its Fourteenth Report on the Draft Electronic Communications Bill, HC 862, 25 October, 1999 stated on paragraph 34 in relation to codes of practices related to Part III that:
"Provision has been made for the Secretary of State of Home Affairs to issue a code of practice 'in connection with the exercise or performance by persons (other than proposed Commissioner and Tribunal) of their powers and duties' under part III of the draft Bill. Such persons are to 'have regard for the code of practice' when performing their duties; but it is expressly provided that failure to comply with any provision of the code will NOT of itself lead to criminal or civil proceedings against the person concerned."
Therefore the Committee stated that "the proposed code of practice may prove to be toothless" and "the impression is given by the legislation that infringements of the code of practice will go unpunished".
Therefore, in Cyber-Rights & Cyber-Liberties (UK)s view, the safeguards within the Code of Practice are inadequate as there is not even a mention of such offences that may be related to failure to comply with any provisions of the draft Code of Practice.
Moreover, the Government responded on 26 January, 2000, in the Third Special Report of the Trade and Industry Committee, HC199 and stated that:
"The Government is considering carefully how the proposed statutory Code of Practice is to be best operated. The view of the Committee, ......, will be taken into account in bringing forward the RIP Bill".
Furthermore, section 11 of the draft Code of Practice on Part III of the RIP Bill is entitled "Safeguards" but there is no mention of "a specific offence" as it has been recommended by the Select Committee even though paragraph 1.5 (overview section) states that there are "associated offences" BUT there are not.
However, according to Yaman Akdeniz, director of Cyber-Rights & Cyber-Liberties (UK), "the views of the Committee and the concerned parties were not taken into account while the draft Code of Practice (Part III) was drafted. The government once again failed to provide adequate safeguards for the protection of seized encryption keys. We will continue to oppose government access to keys (GAK)."
Dr. Brian Gladman, Technology Policy Advisor, for Cyber-Rights & Cyber-Liberties (UK) stated that:
"The Bill has finally set a requirement for seized keys to be kept safe but the draft Code of Practice sets no standards for this purpose; in consequence the interests of key owners are still at risk. I really cannot see anyone who takes their security seriously being willing to risk their keys in such an inadequate regime."
Cyber-Rights & Cyber-Liberties (UK) would also like to point the interested parties to the European Parliament Resolution which recognised the importance of encryption technology in May 1998. The European Parliament resolution emphasised in paragraph 20 that:
"legal rules on access to keys should not be introduced, as the measure is not commensurate with the expected result, particularly in view of the increased possibility of misappropriation of the keys, invasion of personal privacy, cost, and lack of efficacy."
Yaman Akdeniz, director of Cyber-Rights & Cyber-Liberties (UK), added: "So despite the issue being recognised at the European Parliament, the UK government decided to push forward its desire to access encryption keys. The views of the European Parliament should have been taken into account and GAK should have never been introduced."
Press Information:
This press release is at http://www.cyber-rights.org/press/
Cyber-Rights & Cyber-Liberties (UK), A Critique of Part III, Regulation of Investigatory Powers Bill, 11 July, 2000, at http://www.cyber-rights.org/reports/part-iii.htm
Brian Gladman's comments on Draft Home Office Code of Practice on Part III (Investigation of electronic data protected by encryption etc) of the Regulation of Investigatory Powers Bill, 11 July, 2000 is at http://www.cyber-rights.org/reports/p3copcom.pdf. Brian Gladman states that "fears about the impact of this Bill on trust and confidence in the provision of Internet security services are well founded. The UKs e-commerce aspirations are now at risk." An important conclusion of the Gladman paper is that "this code of practice is seriously deficient in respect of the requirements for seized encryption key protection" by the UK government.
European Parliament Resolution on the communication from the Commission to the Council, the European Parliament, the Economic and Social Committee and the Committee of the Regions on ensuring security and trust in electronic telecommunication - towards a European framework for digital signatures and encryption (COM(97)0503 - C4-0648/97), 20 May 1998, A4-0189/98.
The Home Office published the Preliminary draft codes in relation to RIP: These documents are circulated by the Home Office in advance of enactment of the RIP Bill as an indication of current thinking. They will be subject to changes and additions. See http://www.cyber-rights.org/crypto/ for details and links.
Contact Information:
Mr. Yaman Akdeniz, Director of Cyber-Rights &
Cyber-Liberties (UK),
CyberLaw Research Unit, Centre for Criminal Justice Studies,
University of Leeds, Leeds, LS2 9JT,
Tel: +44 (0) 498 865116, Fax: +44 (0) 7092199011
E-mail: lawya@cyber-rights.org
Dr. Brian Gladman, Technology Policy Advisor, Cyber-Rights
& Cyber-Liberties (UK)
Worcester, UK
E-mail: brg@cyber-rights.org
Cyber-Rights & Cyber-Liberties (UK), Press Release - 11 July, 2000
LEEDS - Cyber-Rights & Cyber-Liberties (UK) today published its comments on Part III of the Regulation of Investigatory Powers Bill (based upon the latest version of the Bill) by taking into account the related Home Office Code of Practice on Part III.
The document (http://www.cyber-rights.org/reports/part-iii.htm) is an annotated version of Part III of the Regulation of Investigatory Powers Bill in which italic (blue) text has been added where Cyber-Rights & Cyber-Liberties (UK) considers that the proposals still pose serious difficulties in respect of the rights of honest Internet users.
The concerns raised in the CR&CL(UK) statement (which has been sent to members of House of Lords) is for the most part, confined to those raised by Part III dealing with the seizure of encryption keys. The statement, furthermore, raises three important questions to be answered by the Government in relation to seizure of encryption keys (see the statement - http://www.cyber-rights.org/reports/part-iii.htm).
In relation to the protection of keys for digital signatures, the CR&CL(UK) document states that, in practice, clause 47(9) is ineffective in protecting many signature keys if the clauses giving access to keys remain in the Bill. We believe this will undermine the use of digital signatures and hinder the development of e-commerce soon after the enactment of the Electronic Communications Act 2000, which intended to facilitate such developments.
Among other points raised, CR&CL(UK) statement argues that section 48(3) is very damaging and should be completely removed. If this clause stays, trust and confidence in the use of public key cryptography for both confidentiality and signature purposes will be seriously undermined. And this is certain to have an impact on UK e-commerce aspirations.
Press Information:
Cyber-Rights & Cyber-Liberties (UK), A Critique of Part III, Regulation of Investigatory Powers Bill, 11 July, 2000, at http://www.cyber-rights.org/reports/part-iii.htm
The Home Office published the Preliminary draft codes in relation to RIP: These documents are circulated by the Home Office in advance of enactment of the RIP Bill as an indication of current thinking. They will be subject to changes and additions. See http://www.cyber-rights.org/crypto/ for details and links.
This press release is at http://www.cyber-rights.org/press/
Contact Information:
Mr. Yaman Akdeniz, Director of Cyber-Rights &
Cyber-Liberties (UK),
CyberLaw Research Unit, Centre for Criminal Justice Studies,
University of Leeds, Leeds, LS2 9JT,
Tel: +44 (0) 498 865116, Fax: +44 (0) 7092199011
E-mail: lawya@cyber-rights.org
Dr. Brian Gladman, Technology Policy Advisor, Cyber-Rights
& Cyber-Liberties (UK)
Worcester, UK
E-mail: brg@cyber-rights.org
Mr. Nicholas Bohm, E-Commerce Policy Adviser, Cyber-Rights
& Cyber-Liberties (UK);
Member of the Law Societys Working Party on Electronic
Commerce
Salkyns, Great Canfield, Takeley,
Bishops Stortford CM22 6SX,
Tel: +44 (0) 1279 871272,
Fax: +44 (0) 1279 870215
E-mail: nbohm@cyber-rights.org
UPDATE: Cyber-Rights & Cyber-Liberties (UK), A Further Open Letter to the House of Lords concerning the Regulation of Investigatory Powers Bill, 29 June, 2000, at http://www.cyber-rights.org/reports/hl-let2.htm - This is an updated version of the 27 June letter to the House of Lords as on 26 June, 2000 (the day we wrote to the House of Lords), the Government introduced a series of amendments in the House of Lords in an effort to reduce opposition to this legislation. Since these amendments were introduced after we first raised our concerns with the House of Lords, this letter repeats our earlier input but with the addition of comments on the extent to which the Government amendments allay our fears. The new sections are in italic text.
For ECHELON and ENFOPOL related news and developments, see the ECHELON WATCH section of Cyber-Rights & Cyber-Liberties (UK) at http://www.cyber-rights.org/interception/echelon/
Cyber-Rights & Cyber-Liberties (UK), Press Release - 27 June, 2000
LEEDS - Cyber-Rights & Cyber-Liberties (UK) today sent an open letter to members of the House of Lords in relation to the Regulation of Investigatory Powers ("RIP") Bill. The six page letter expressed concerns of the CR&CL(UK) Board members that the proposed Bill will not achieve the desired result. Indeed, it is our carefully considered opinion that a number of provisions will have the opposite effect and will bring aspects of UK law into direct conflict with the European Convention on Human Rights ("ECHR").
The letter further explains that CR&CL(UK) does not believe that the proposed measures will provide an effective way of dealing with criminal misuse of the Internet but will instead have a detrimental impact on the perceived safety, security and privacy of UK citizens and businesses in Internet use. "This, in turn, will have a highly detrimental impact on the development of electronic commerce in the UK."
The concerns raised in the CR&CL(UK) letter to the House of Lords is for the most part, confined to those raised by Part III dealing with the seizure of encryption keys.
"It is our considered opinion that the powers for key seizure and Internet interception in this legislation fail every one of the CR&CL(UK) tests (that is spelled out in the letter) and also fail the Cabinet Office Regulatory Impact Units principles of good regulation."
The letter concludes urging the House of Lords to reject this legislation and to seek major changes in the Government strategy for countering criminal misuse of the Internet.
Mr. Yaman Akdeniz, Director of Cyber-Rights & Cyber-Liberties (UK) said: "In the absence of widespread public support for the Bill, and with strong criticism from both the civil liberties organisations and the industry, the government should reconsider the content of the Regulation of Investigatory Powers Bill. House of Lords should not support such proposals, which we believe would be a serious curtailment of important and well-established civil rights."
Dr. Brian Gladman, Technology Policy Advisor, Cyber-Rights & Cyber-Liberties (UK) said: "The technical proposals that underpin this legislation will be ineffective against criminals but very costly for both taxpayers and Internet Service Providers; there are more effective and much less costly ways of countering criminal misuse of the Internet."
Mr. Nicholas Bohm, E-Commerce Policy Adviser, Cyber-Rights & Cyber-Liberties (UK) said: "The damage that the Regulation of Investigatory Powers Bill will do to electronic commerce will also hinder the development of the wider social benefits flowing from the Information Society."
Press Information:
The Cyber-Rights & Cyber-Liberties (UK) letter to the House of Lords is available through http://www.cyber-rights.org/reports/hl-lett.htm
This press release is at http://www.cyber-rights.org/press/
Cyber-Rights & Cyber-Liberties (UK) Press Release, 23 May, 2000
LEEDS - Today, Cyber-Rights & Cyber-Liberties (UK) published a submission made to the House of Lords Select Committee on the European Union (by Sub-Committee B -Energy, Industry and Transport) on e-Commerce: Policy Development and Co-ordination in the European Union.
The written submission which was sent to the House of Lords Select Committee during last week dealt with Internet content regulation related matters within the UK and within the European Union. The submission is critical of the role played by the Internet Watch Foundation within UK and states that without "accountability", the IWF will never become a transparent policy-making organisation.
The submission concluded that:
"If the UK is to become the best place for e-commerce, it should also offer the best protection for individual rights and liberties. If bodies like the IWF are to exist, then they must more clearly be subjected to standards of constitutionality and good government. They must also have greater regard to legal standards, especially those standards which serve to protect liberty."
Mr. Yaman Akdeniz, Director of Cyber-Rights & Cyber-Liberties (UK) stated that:
"We are very much concerned about unaccountable organisations judging the suitability or illegality of Internet content without due process. There is a serious risk that hotline operators will act as "self-appointed judges" and the country may witness the beginning of a new privatised cyber-censorship culture."
Notes for the Editors
Cyber-Rights & Cyber-Liberties (UK) is at http://www.cyber-rights.org
Cyber-Rights & Cyber-Liberties (UK) submission to the House of Lords Select Committee on the European Union by Sub-Committee B (Energy, Industry and Transport) on e-Commerce: Policy Development and Co-ordination in the European Union, May 2000, at http://www.cyber-rights.org/reports/crcl-hl.htm
For a list of Cyber Rights & Cyber-Liberties (UK) reports and papers see http://www.cyber-rights.org/reports
Contact Information
Mr Yaman Akdeniz, Director of Cyber-Rights &
Cyber-Liberties (UK)
Telephone: 0498-865116, dial +44 498 865116 if you are abroad.
E-mail: lawya@cyber-rights.org
AP News, "Britain plans cyber-center to spy on the Internet," May 10, 2000, at http://www.chicagotribune.com/news/nationworld/article/0,2669,SAV-0005110169,FF.html
LONDON (AP) -- To civil libertarians, it smacks of Big Brother.com. The British government plans to set up a multimillion-dollar spy center capable of tracking every e-mail and Internet hit in the country -- a move it says will help fight cybercrime, but which civil libertarians contend heralds the arrival of an Orwellian state.
The new cyber-snooping base, which will bear the unassuming title of Government Technical Assistance Center, reportedly will be housed within the fortress-like London headquarters of the MI5 spy agency.
It will be established as part of the Regulation of Investigatory Powers Bill, expected to become law this fall.
``We regard it as an outrageous piece of legislation,'' said Yaman Akdeniz, director of the watchdog group Cyber-Rights and Cyber Liberties.
As part of the bill, Internet service providers will have to establish secure channels to transmit information about Internet traffic to the government cyber-center.
The bill also gives law enforcement authorities the power to demand that Internet users hand over the keys to decode encrypted messages. Encryption is commonly used by business and in e-commerce transactions to protect credit card numbers and other sensitive information.
Civil liberties groups argue the legislation sets a sinister precedent by requiring individuals and companies to prove they cannot hand over encryption keys or face prosecution.
``The bill creates a new offense -- not providing this information to the government,'' Akdeniz said. ``It will be incompatible with the European Convention on Human Rights in terms of self- incrimination and a switch in the burden of proof.''
The legislation is wending its way through Parliament, but the government already has established a so-called encryption coordination unit to oversee creation of the $40 million spy center. The government argues the bill protects individual rights, setting out strict conditions under which law enforcement agencies can demand keys to unlock encrypted data or intercept records of Internet traffic.
``The bill does not give the authorities any new powers to obtain material which they cannot already do,'' said Home Office Minister Charles Clarke, the Cabinet minister responsible for the project. ``Accusations that the bill reverses the burden of proof are simply wrong. Innocent people are not going to suffer under these proposals.''
Although authorities must obtain a warrant before demanding access to information, critics argue the grounds for getting one are vague. In addition, they say warrants should be issued by judges instead of by Cabinet ministers, as provided for by the bill. Internet service providers have expressed concerns about the cost to the industry of complying with the new regulations -- estimated at $32 million -- and of the vagueness of the rules. Some predict the new rules will also scare Internet users away from encryption technology, dealing a blow to the government's stated aim of making Britain a hotbed of e-commerce.
``Everything in the bill is a little bit undefined,'' said Roland Perry, regulation officer for the London Internet Exchange, a grouping of some 100 service providers. ``Who needs to sign the bits of paper, what they might be requesting -- there's a national standard for that negotiated between industry and law enforcement, and if we're not careful this bill might throw all that away,'' he said.
While countries like China and Singapore monitor their citizens' Internet use, Akdeniz says the British government's move is unprecedented in Europe. ``Of course, the government has to improve law enforcement techniques and adapt to information technology,'' he said. ``But that doesn't mean they have to turn it into an Orwellian state. We are moving toward Big Brother.''
Britain's Internet service providers already must tread more carefully than their counterparts in some other parts of the world, including the United States. In March, Internet service provider Demon Internet Ltd. apologized and agreed to pay damages in an out-of-court settlement with a man who said he was libeled by items posted on a Web site. The case was seen as setting a precedent that service providers could be considered publishers and held responsible for information transmitted on their networks. In the United States, by contrast, the Supreme Court ruled this month that service providers are not legally and financially liable when someone is defamed in e-mail communications or bulletin board messages.
On 30 March, 2000, Demon Internet had an out of court settlement with Dr. Laurence Godfrey in relation to a libel claim. Demon Internet paid 15,000 GBP in damages and around 250,000 GBP for the legal costs of Dr. Godfrey.
DR LAURENCE GODFREY v DEMON INTERNET LTD (2000) , QBD (Eady J) 30/3/2000, Statement in open court relating to libel proceedings brought as a result of defamatory postings by users of an Internet service provider. Statement in open court made in two libel actions brought by the claimant, a lecturer and researcher, against the defendant, an Internet service provider, following two defamatory postings on separate newsgroups owned by the defendant. The first posting, for which the first libel action was brought, purported to be by the claimant but was a forgery, while the second, for which the second action was brought, made further allegations of a defamatory nature (see Laurence Godfrey v Demon Internet Ltd (1999) 4 EMLR 542). Prior to bringing the actions the claimant had attempted to persuade the defendant to remove the postings from its sites, but without success. The defendant did not dispute the defamatory nature of the postings but claimed that it was not responsible for the material posted by its users on its sites. Upon clarification of the legal position, the defendant changed its procedures. The defendant agreed to pay damages in the sum of £15,000 and the claimant's costs. It apologised for failing to remove the postings from its servers and for alleging in its defence that the claimant had deliberately provoked them. Leave to withdraw the record requested. |
For an analysis of the case by Yaman Akdeniz, the director of Cyber-Rights & Cyber-Liberties (UK), read the following paper.
Akdeniz, Y., Case Analysis: Laurence Godfrey v. Demon Internet Limited, (1999) Journal of Civil Liberties, 4(2), 260-267 (July). An online version is at http://www.cyber-rights.org/reports/demon.htm
Cyber-Rights & Cyber-Liberties (UK) Briefing for the House of Commons, Second Reading Debate of the "Regulation of Investigatory Powers Bill", 6 March, 2000, at http://www.cyber-rights.org/reports/crcl-rip.htm