The Canadian Privacy Law Blog: Developments in privacy law and writings of a Canadian privacy lawyer, containing information related to the Personal Information Protection and Electronic Documents Act (aka PIPEDA) and other Canadian and international laws.
The author of this blog, David T.S. Fraser, is a Canadian privacy lawyer who practices with the firm of McInnes Cooper. He is the author of the Physicians' Privacy Manual. He has a national and international practice advising corporations and individuals on matters related to Canadian privacy laws.
For full contact information and a brief bio, please see David's profile.
The views expressed herein are solely the author's and should not be attributed to his employer or clients. Any postings on legal issues are provided as a public service, and do not constitute solicitation or provision of legal advice. The author makes no claims, promises or guarantees about the accuracy, completeness, or adequacy of the information contained herein or linked to. Nothing herein should be used as a substitute for the advice of competent counsel.
This web site is presented for informational purposes only. These materials do not constitute legal advice and do not create a solicitor-client relationship between you and David T.S. Fraser. If you are seeking specific advice related to Canadian privacy law or PIPEDA, contact the author, David T.S. Fraser.
Saturday, May 09, 2009
I was stunned to read that British police use new anti-terror powers to stop and search people every three minutes. Section 44 of the Terrorism Act has been used 170,000 to search people in 2008 alone according to the BBC. (See: BBC NEWS | England | London | Capital sees rise in terror stops.) These searches have led to 65 arrests (0.035% success) and zero convictions (0.000% success). Of course there are no official stats on how many times Section 44 was used as a pretense for some other motive.
Draw your own conclusions.
Saturday, April 11, 2009
Monday, April 06, 2009
As of today, all internet service providers in Europe are required by law to retain information about every e-mail and VOIP call made by their users thanks to the European Data Retention Directive.
BBC NEWS Technology Net firms start storing user dataAnd, as an aside, I'm not sure many will find comfort in the idea that RIPA will act to protect privacy: RIPA surveillance may break human rights laws - ZDNet.co.uk.
Details of user e-mails and net phone calls will be stored by internet service providers (ISPs) from Monday under an EU directive.
The plans were drawn up in the wake of the London bombings in 2005.
ISPs and telecoms firms have resisted the proposals while some countries in the EU are contesting the directive.
Jim Killock, executive director of the Open Rights Group, said it was a "crazy directive" with potentially dangerous repercussions for citizens.
All ISPs in the European Union will have to store the records for a year. An EU directive which requires telecoms firms to hold on to telephone records for 12 months is already in force.
The data stored does not include the content of e-mails or a recording of a net phone call, but is used to determine connections between individuals.
Authorities can get access to the stored records with a warrant.
Governments across the EU have now started to implement the directive into their own national legislation.
The UK Home Office, responsible for matters of policing and national security, said the measure had "effective safeguards" in place.
There is concern that access to our data is widening to include many public bodies ISPs across Europe have complained about the extra costs involved in maintaining the records. The UK government has agreed to reimburse ISPs for the cost of retaining the data.
Mr Killock said the directive was passed only by "stretching the law".
The EU passed it by "saying it was a commercial matter and not a police matter", he explained.
"Because of that they got it through on a simple vote, rather than needing unanimity, which is required for policing matters," he said.
Sense of shock
He added: "It was introduced in the wake of the London bombings when there was a sense of shock in Europe. It was used to push people in a particular direction."
Sweden has decided to ignore the directive completely while there is a challenge going through the German courts at present.
"Hopefully, we can see some sort of challenge to this directive," said Mr Killock.
Isabella Sankey, Policy Director at Liberty, said the directive formalised what had already been taking place under voluntary arrangement for years.
"The problem is that this regime allows not just police to access this information but hundreds of other public bodies."
In a statement, the Home Office said it was implementing the directive because it was the government's priority to "protect public safety and national security".
It added: "Communications data is the where and when of the communication and plays a vital part in a wide range of criminal investigations and prevention of terrorist attacks, as well as contributing to public safety more generally.
"Without communications data resolving crimes such as the Rhys Jones murder would be very difficult if not impossible.
"Access to communications data is governed by the Regulation of Investigatory Powers Act 2000 (Ripa) which ensures that effective safeguards are in place and that the data can only be accessed when it is necessary and proportionate to do so."
Wednesday, March 25, 2009
With Google's recent launch of Street View in Europe and imminent photographing of Canadian cities, I thought I'd do some quick looking around at how effective their "face blurring" technology may be. It only took one minute of wandering around London and I was able to see where it might fall off the rails.
In this particular image, the anti-war protesters are recognizable but - THANKFULLY - the image of what's probably George W. Bush has been blurred out. But not blurred to the point of non-recognition.
Google: You've come a long way, baby, but there's work to be done.
Sunday, March 22, 2009
Google Street View went live in the UK last week. Despite the prevalence of surveillance in Britain, complaints have rolled in and Google has taken down hundreds of pictures. See: Google forced to black out hundreds of Street View photos after privacy protests - but site gets record hits Mail Online.
Thursday, October 16, 2008
The Independent is reporting that the British government is planning to announce a 1 BILLION POUND project that would involve the creation of a database to log every e-mail, telephone call and website click and retain the information for one year.
The project seems to be universally panned: the independent reviewer of UK anti-terrorism laws says "as a raw idea it is awful". The Information Commissioner calls it a "step too far".
If anyone had asked me (which they didn't, but I have constitutional rights here in Canada and get to say what I want), I would have said the idea is not surprising given the way things are going in England, but it is a clear step into the abyss of giving up any sense of private life in the country. See: Exclusive: Storm over Big Brother database - Home News, UK - The Independent. Big thanks to DP thinker: Proposed Database for pointing to the story.
Friday, October 10, 2008
The ridiculous degree of surveillance in the UK, supported by the Regulation of Investigatory Powers Act, is finally leading to a significant backlash as surveillance powers are being used to catch people who don't scoop their poop. Thanks to Rob Hyndman for the link.
Orwellian U.K. Angers People With Tree Cameras, Snooping Kids
By Caroline Alexander and Howard Mustoe
Oct. 10 (Bloomberg) -- Hidden in foliage next to a path in the southeast England seaside town of Hastings are digital cameras. Their target: litterbugs and dog walkers.
The electronic eyes feed images to a monitoring unit, where they're scanned and stored as evidence to prosecute people who discard garbage or fail to clean up after pets, a spokeswoman for the town council said.
``It's becoming a bit Big Brother-like,'' said Sandra Roberts, 50, a Hastings kiosk manager, invoking George Orwell's 1949 book ``Nineteen Eighty-Four,'' about a Britain where authorities pry into all aspects of citizens' lives.
Local authorities are adopting phone-record logging, e-mail taps and camera surveillance to police such offenses as welfare fraud, unlawful dumping of waste and sick-day fakery. Telecommunications companies are about to join the list of crime monitors. Already, 4.5 million closed-circuit cameras watch public places across Britain, or about 1 camera for every 15 people, the highest ratio in the world.
``There's too much of it now, all this spying,'' said Ivor Quittention, 80, a retired owner of three hardware stores who lives in Hastings. The town's spokeswoman, who declined to be identified, said spying is the most effective way of dealing with something residents complain about most.
The Regulation of Investigatory Powers Act, dubbed ``the snoopers charter'' by London-based civil-rights group Liberty, was passed by the ruling Labour Party in 2000 to legislate methods of surveillance and information gathering. The purpose of the law, known also as Ripa, was to help prevent crime, including terrorism, according to the Home Office.
`Too Much Power'
Initially, only security and intelligence services could invoke the Act's provisions. In 2003, Parliament extended powers to the 474 local councils in England, Scotland and Wales, as well as to 318 other state bodies, including 11 Royal Parks, the Post Office and Chief Inspector of Schools.
Since then, local authorities have been expanding their use of the provisions to dozens of lesser offenses.
The law has loopholes and councils like Hastings aren't doing anything wrong when they invoke it for minor crimes, according to Gus Hosein, a professor from the London School of Economics specializing in technology and privacy.
``Ripa just gives too much power to any Tom, Dick or Harry related to government,'' he said.
The latest proposed expansion of the Act requires telecommunications providers to store the text of all e-mails and details of all phone calls transmitted over their lines.
The government is seeking the views of the public on the proposal until Oct. 31. The bill will then go to Parliament for consideration.
Of the 163 U.K. councils that replied to calls and Freedom of Information requests from Bloomberg, 95 percent said they use Ripa. Nine said they don't, including Barnet, Basingstoke and Deane, Broadland, Halton, Harrogate, Shepway, West Devon, Slough and the Shetlands, a group of islands off Scotland where sheep outnumber people. Three declined to provide details without payment of an administrative fee.
East Hampshire, in south England, applied the law to catch vandals defacing tombstones. Derby, in northern England, invoked it to send children with recording gear into shops to see if they'd unlawfully be sold cigarettes and alcohol.
``It's unreal,'' said Dean Price, 24, a graphic designer in London. ``We've been sleep-walking into this. Everyone talks about Orwell and 1984 but no one ever does anything about it.''
A spokesman for the Home Office, which oversees Ripa, said the extension is vital to intelligence gathering and will help investigators identify suspects, track them and examine their contacts. He declined to be identified, in line with policy.
The Association of Local Government, which represents councils, said through a statement by outgoing Chairman Simon Milton that the ``crime-busting powers'' are an essential tool in gathering evidence needed to stop criminal activity.
At the same time, Milton said he wrote to all councils in June asking them not to invoke the law for petty offenses.
``It's ironic that a nation that was once a bastion of privacy, one in which `an Englishman's home is his castle' and that did away with National ID Cards in 1952, is now one of the most surveilled in the world,'' said Toby Stevens, founder of London's Enterprise Privacy Group.
The opposition Conservative Party is against Ripa in its current form and will amend it if it wins the next election, due by 2010, home affairs spokesman Dominic Grieve said.
Mark Jewell, a councilman for the U.K.'s third party, the Liberal Democrats, said more checks and balances are needed to ensure Ripa isn't abused. ``At the moment, you don't need to have done anything wrong to get snooped on,'' he said. No other European Union government has similar regulations.
Among councils which responded to Bloomberg's questions, those in northern England, Wales and Scotland used the law more than those in the south. Durham, in northeast England, was the biggest user, invoking the provisions 144 times in the past year, as authorities cracked down on offenses including fraud.
In April, council workers spent two weeks tailing a couple in Poole, southeast England, they wrongly suspected were planning to send their daughter to a school outside their designated area. Tim Joyce and Jenny Paton called the intrusion into their lives ``hugely disproportionate.''
In August, Paul Griffiths was taken to court and fined 1,000 pounds for allowing his dog to foul grass outside his home in Bristol. Griffiths said he's innocent and his pet had only been urinating when she was spotted on camera.
Brian Clements, a 79-year-old retired teacher from Clacton- on-Sea, south England, said the measures are ``like using a sledge hammer to crack a nut.''
``Wouldn't the Gestapo have loved all those little cameras,'' he said.
To contact the reporter on this story: Caroline Alexander in London at email@example.com.
Last Updated: October 9, 2008 19:01 EDT
Monday, September 29, 2008
The Open Rights Group in the UK is planning to crowdsource a photographic survey of the United Kingdom's surveillane aparatus on October 11. Participants are encouraged to:
- Spot something that embodies the UK’s wholesale transformation into the surveillance society/database state. Subjects might include your local CCTV camera(s), or fingerprinting equipment in your child’s school library
- Snap it
- Upload it to Flickr and tag it “FNFBigPicture” - please use an Attribution Creative Commons license*
Check out: The Open Rights Group : Blog Archive » Capturing the database state: community photocall. I'll post a selection of the photos on the blog. (Via the ever-vigilant Boing Boing.)
Sunday, September 28, 2008
A system designed to track motorists in the UK is being expanded to collect fifty million automobile movement records for five years, instead of the already intrusive two years originally announced. Alread pervasive CCTV cameras are being upgraded to capture license plates, adding to what is being said to be the largest oracle database in Europe.
Thanks to SpyBlog.org.uk for the link.
Friday, July 25, 2008
It's a busy week for privacy cases in the English courts. The media has widely reported on the case of Max Mosley, the Grand Prix boss, who has successfully sued the News of the World. The publication placed a hidden camera in a private residence and filmed Mosley in an intimate encounter. The paper suggested that he participated in a sadomasochistic orgy that attempted to recreate a Nazi death camp atmosphere.
In seeking to protect his privacy, the whole event has been thrown into the public arena. And consistent with other privacy cases, the quantum of damages is surprisingly low given the impact that this has had on Mosley.
The decision can be found here.
From the New York Times:
British Judge Rules Tabloid Report Tying Grand Prix Boss to ‘Orgy’ Violated Privacy - NYTimes.com
LONDON — In a ruling with potentially wide implications for press freedom in Britain, a judge ruled Thursday that a tabloid newspaper breached the privacy of Max Mosley, the overseer of grand prix motor racing, when it published an article in March claiming that he had participated in a sadomasochistic “orgy” with a Nazi theme.
The judge, Sir David Eady, awarded Mr. Mosley, 68, damages equivalent to about $120,000 and legal costs estimated to be at least $850,000 in his lawsuit against The News of the World.
The ruling upheld the central arguments by Mr. Mosley and his lawyers: that there had been no Nazi theme to the five-hour sex session in an apartment in the Chelsea district of London that was secretly filmed by the newspaper, and no issue of public interest in its decision to splash the article on its front page and post video on its Web site.
“I found that there was no evidence that the gathering of March 28, 2008, was intended to be an enactment of Nazi behavior or adoption of any of its attitudes,” the judge wrote.
He added that Mr. Mosley had a “reasonable expectation” of privacy for sexual activities that took place on private premises and that did not involve violations of the criminal law.
“There was no public interest or other justification for the clandestine recording, for the publication of the resulting information and still photographs, or for the placing of the video extracts on The News of the World Web site — all of this on a massive scale,” the judge said.
But he denied Mr. Mosley the “punitive damages” he had sought, which could have amounted to millions of dollars. The damage done to Mr. Mosley’s reputation by “the embarrassing personal information” disclosed by the newspaper “cannot be mitigated by simply adding a few noughts to the number first thought of,” the judge said.
Outside the court, Mr. Mosley said he was delighted with the ruling, which he described as “devastating” to The News of the World.
“It demonstrates that their Nazi lie was completely invented and had no justification,” he said. “It also shows that they had no right to go into private premises and take pictures and film of adults engaged in activities which are no one’s business but those of the people concerned.”
The ruling was one of several by Justice Eady and other judges in recent years in privacy cases against British newspapers under a provision of the European Convention on Human Rights. Some legal experts say the rulings have shifted the balance in Britain in favor of celebrity plaintiffs and against newspapers and other media organizations in invasion-of-privacy cases.
Justice Eady, in his finding, said his ruling should not be considered “a landmark case,” but rather “the application to rather unusual facts” in the Mosley case of privacy principles that had been developing in British court judgments in recent years. Still, the ruling caused a stir among lawyers fighting for press freedoms, some of whom said it was a bellwether for a new, more restrictive era of news media coverage of people in the public domain.
Other lawyers cautioned against alarmism, saying British courts would continue to weigh two competing provisions in the European rights convention — Article 8, establishing a right of privacy, and Article 10, protecting press freedoms — and that it was too early to know where the lasting balance would be struck.
“One lesson it teaches is that public figures can have a private life,” said Desmond Browne, a barrister who has represented some of the plaintiffs in headline-making privacy cases.
Editors of some of Britain’s more serious newspapers also were wary about drawing instant conclusions about where press law in Britain was headed.
Roger Alton, editor of The Independent, a newspaper known for the rigor of its investigative journalism, said he was not too troubled by the ruling.
“It’ll affect kiss-and-tell stories,” Mr. Alton told the British Broadcasting Corporation. “But it’s not a landmark. It’s not going to set things up in a completely different way.”
But Colin Myler, editor of The News of the World, said the judgment was based on precedents established by “judges in Strasbourg,” seat of the European Court of Human Rights, and that the issues involved had never been addressed by Britain’s Parliament. “As a result, our media are being strangled by stealth,” he said.
For Mr. Mosley, success in the case represented at least a partial vindication of what amounted to a gamble. Rather than resigning in shame, as have many well-known figures caught in sex scandals, Mr. Mosley chose another route. He admitted to a passion for sadomasochism, which he told the court had continued for 45 years, and discussed, from the witness box, details of what had occurred in the Chelsea apartment.
But the aspect of the article that he, and many of his detractors in the world of motor racing and beyond, considered the most damaging was the claim that the session involved a conscious effort to recreate the atmosphere of a Nazi death camp.
The potential damage to Mr. Mosley was linked, inevitably, to the fact that he is the son of Sir Oswald Mosley, leader of Britain’s National Union of Fascists in the 1930s, whose secret marriage to Mr. Mosley’s mother, Diana, took place at the home of the Nazi propaganda chief Joseph Goebbels in 1936, with Hitler as guest of honor.
In court, lawyers for The News of the World said they based their claim of a Nazi theme, in part, on the use of commands in guttural German or German-accented English by Mr. Mosley and the women involved. But Mr. Mosley and four of the five women involved maintained that what they intended in their role-playing was to recreate a generic prison scene, not a Nazi death camp.
Thursday, July 24, 2008
A colleague just brought to my attention a case handed down yesterday by the High Court of Justice (Queen's Bench Division) of England & Wales: Applause Store Productions Ltd. & Anor v Raphael  EWHC 1781 (QB) (24 July 2008).
The case relates to the misuse of private information and defamation. The defendant in this case had set up a false Facebook profile in the name of the plaintiff and established a Facebook group that was, shall we say, not flattering of the plaintiff. The court found in favour of the defendant on both claims.
What's additionally interesting is the detail with which the Court reviews the logging data generated by Facebook and provided to the Court. The case is an interesting read for privacy issues, but also is a good chance to look under the hood of Facebook, forensically speaking.
Saturday, June 28, 2008
Because actions speak louder than words, one can easily assume that the British populace is completely passive and accepting of the explosion of CCTV surveillance throughout the green and pleasant lands of England. There is some dissent. Witness: Marina Hyde who has an interesting opinion piece in The Guardian.
Marina Hyde: This surveillance onslaught is draconian and creepy Comment is free The Guardian
Closed-circuit TV cameras are the crime-fighting tool so fiendishly sophisticated that they can be foiled by the wearing of a hood. Yet having stuck 4.2 million of the things around this country, with nary a consultation on the matter - nor any significant impact on crime statistics - efforts to pimp them to 2.0 status continue
This week it emerged that scientists at Portsmouth University are developing "listening" cameras. Artificial intelligence software will be able to recognise sounds such as breaking glass, so that, when such a noise is detected, they can rotate in its direction and capture the act of vandalism/terrorism/God that resulted in a milk bottle falling off your doorstep. I paraphrase slightly, but given that the most recent Home Office report on the matter found that better street lighting is seven times more effective at cutting crime than CCTV, the truly suspicious behaviour is our deepening obsession with surveillance.
The past few years have thrown up dozens of instances which made one wince to be a citizen of this septic isle, but a personal low came with the discovery that 500,000 bins had been fitted with electronic tracking devices. Transponders in bins ... Could any morning news item be more designed to force one back against the pillows, too embarrassed about one's country to start the day? Yes, as it turned out. A couple of months ago it was discovered that Poole borough council, in Dorset, had used the Regulation of Investigatory Powers Act - designed to track serious criminals and terrorists - to determine whether a school applicant and her parents lived where they said they did. They did, and were appalled to discover they had been spied on for three weeks, the subject of surveillance notes such as "female and three children enter target vehicle and drive off". Target vehicle, if you please! The thought of some deep-cover council drone jotting this stuff down as though it were an elite Delta Force operation is not as funny as it is horrifying.
Just who are these people, these swelling legions of unelected, ill-qualified monitors who wield such extraordinary power in our surveillance society? Clarification in one case came last year, when the civilian in charge of a Worcester police station's surveillance team was suspended after detectives found, among one day's footage, a 20-minute sequence of close-ups of a woman's cleavage and backside as she walked oblivious through the streets. Whether the woman ever discovered she was the star of a kind of pervert Truman Show is not recorded. But the offending monitor escaped with a warning and was - unbelievably - back in post within weeks.
In some city centres, such as Middlesbrough, speakers have been put on the cameras, so that those monitoring can interact with potential miscreants. Let's hope these remote bossy boots imagine they're involved in some high-level negotiation, in which they talk down a teenager from his decision to drop a hamburger wrapper on the pavement.
The former home secretary John Reid, on whose draconian watch the Middlesbrough scheme was approved, even suggested at its launch that schoolchildren should enter a competition to become the voice of the cameras - once again laying bare the government's desire to co-opt its citizens into the surveillance process at all levels. We are, of course, coming up to the time of year when we are ordered to shop our neighbours for acts of hosepipe, while the Shoreditch Trust recently trialled a scheme encouraging residents to watch live CCTV feeds on a special local channel, the better to assist in policing.
For all this creepy "outreach", though, the only hands-down beneficiaries of our CCTV obsession (apart from the revenue gatherers) have been broadcasters. For no good reason, all manner of TV networks have been furnished with hours of footage to pad out their witless police chase documentaries, or offensively cheap "street crime UK" shows. Britain's CCTV network: proudly supporting the Bravo channel.
The worst thing is the blithe insistence that this is all necessary and normal. We are watched more closely, by more cameras, with each passing day. But so faultlessly designed is our society that we have never come close to having a say on it.
There's a great bit in Woody Allen's movie Deconstructing Harry when Robin Williams's character goes out of focus, appearing as a sort of fuzzy version of himself, which sounds increasingly like the sort of sickness that should be courted by any attractive woman keen to walk through Worcester. That said, she could always don a hood. Yet there does seem a vaguely depressing irony in governments insisting that constant surveillance is essential to prevent our being overrun by repressive regimes who'd make us all cover our heads and the like. It's these initiatives that drive even the most pliant members of society to dream of taking just that precaution themselves, if only for a bit of privacy.
Sunday, June 01, 2008
Shops track customers via mobile phone - Times Online
The surveillance mechanism works by monitoring the signals produced by mobile handsets and then locating the phone by triangulation measuring the phone’s distance from three receivers.
The Information Commissioner's Office (ICO) expressed cautious approval of the technology, which does not identify the owner of the phone but rather the handset's IMEI code -- a unique number given to every device so that the network can recognise it.
But an ICO spokesman said, "we would be very worried if this technology was used in connection with other systems that contain personal information, if the intention was to provide more detailed profiles about identifiable individuals and their shopping habits.”
Only the phone network can match a handset's IMEI number to the personal details of a customer.
Path Intelligence, the Portsmouth-based company which developed the technology, said its equipment was just a tool for market research. "There's absolutely no way we can link the information we gather back to the individual,” a spokeswoman said. “There's nothing personal in the data."
Liberty, the campaign group, said that although the data do not meet the legal definition of ‘personal information’, it "had the potential" to identify particular individuals' shopping habits by referencing information held by the phone networks.
This is similar to a form of "cookies" for the offline world. On the one hand, we have assurances that the phones' serial number will not be connected with other personal information, but there really is no assurance that will not happen. And once this information is collected, it will be in the system available to law enforcement and others who do have the ability to match it to personal information.
Wednesday, April 30, 2008
Campaign to lick lollipop rage UK news guardian.co.uk
For generations, lollipop men and women have shepherded schoolchildren safely across roads armed only with their trusty signs.
But they are about to undergo a Robocop-style makeover: their signs are to be equipped with cameras in an effort to combat "lollipop rage" by aggressive drivers.
The new signs, which cost £890 each, will allow lollipop men and women - officially known as school crossing patrol officers - to record dangerous driving and capture car number plates, say council leaders.
Friday, April 18, 2008
Greater details in this Flickr set.
Wednesday, April 16, 2008
Here is a shocking example of why intrusive powers need to be carefully circumscribed and subject to judicial oversight, otherwise they will be abused.
A local council in the UK (not surprisingly) has used the Regulation of Investigatory Powers Act, designed for serious crimes and terrorism, to surveil a three-year-old to determine if her parent's were misrepresenting place of abode to get into a better school. See: Council uses criminal law to spy on school place applicants Society The Guardian.
"The Home Office said the RIPA legislation did not appear to have been used inappropriately."
Friday, April 11, 2008
Some people, I am sure, will savor the irony that many London police officers are complaining about creepy surveillance and Big Brother tactics inherent in a new technology that will allow desk-riding senior cops to keep tabs on the location and activities of cops on the beat.
Apparently they don't like feeling like they're being watched. Some are concerned that innocent and lawful activities could be misinterpreted. Oh, and others are worried that information originally collected for safety and resource planning may be used for some other purpose. Pity.
Check it out:
Met Police officers to be 'microchipped' by top brass in Big Brother style tracking scheme the Daily Mail
Every single Metropolitan police officer will be 'microchipped' so top brass can monitor their movements on a Big Brother style tracking scheme, it can be revealed today.
According to respected industry magazine Police Review, the plan - which affects all 31,000 serving officers in the Met, including Sir Ian Blair - is set to replace the unreliable Airwave radio system currently used to help monitor officer's movements.
The new electronic tracking device - called the Automated Personal Location System (APLS) - means that officers will never be out of range of supervising officers.
But many serving officers fear being turned into "Robocops" - controlled by bosses who have not been out on the beat in years.
According to service providers Telent, the new technology 'will enable operators in the Service's operations centres to identify the location of each police officer' at any time they are on duty - whether overground or underground.
Although police chiefs say the new technology is about 'improving officer safety' and reacting to incidents more quickly, many rank and file believe it is just a Big Brother style system to keep tabs on them and make sure they don't 'doze off on duty'.
Some officers are concerned that the system - which will be able to pinpoint any of the 31,000 officers in the Met to within a few feet of their location - will put a complete end to community policing and leave officers purely at the beck and call of control room staff rather than reacting to members of the public on the ground.
Pete Smyth, chairman of the Met Police Federation, said: "This could be very good for officers' safety but it could also involve an element of Big Brother.
"We need to look at it very carefully."
Other officers, however, were more scathing, saying the new system - set to be implemented within the next few weeks - will turn them into 'Robocops' simply obeying instructions from above rather than using their own judgement.
One officer, working in Peckham, south London, said: "They are keeping the exact workings of the system very hush-hush at the moment - although it will be similar to the way criminals are electronically tagged. There will not be any choice about wearing one.
"We depend on our own ability and local knowledge to react to situations accordingly.
"Obviously we need the back up and information from control, but a lot of us feel that we will simply be used as machines, or robots, to do what we are told with little or no chance to put in anything ourselves."
He added: "Most of us joined up so we could apply the law and think for ourselves, but if Sarge knows where we are every second of the day it just makes it difficult."
Another officer, who did not want to be named, said: "A lot of my time is spent speaking to people in cafes, parks or just wherever I'm approached. If I feel I've got my chief breathing down my neck to make another arrest I won't feel I'm doing my job properly."
The system is one of the largest of its kind in the world, according to Telent, the company behind the technology, although neither the Met nor Telent would provide Police Review with any more information about exactly how the system will work or what sort of devices officers will wear.
Nigel Lee, a workstream manager at the Met, said: "Safety is a primary concern for all police forces.
"The area served by our force covers 620 miles and knowing the location of our officers means that not only can we provision resource more quickly, but should an officer need assistance, we can get to them even more quickly."
Forces currently have the facility to track all their officers through GPS devices on their Airwave radio headsets, but this is subject to headsets being up to date and forces buying the back office systems to accompany them, according to Airwave.
Steve Rands, health and safety head for the Met Police Federation, told Police Review: "This is so that we know where officers are. Let us say that when voice distortion or sound quality over the radio is lost, if you cannot hear where that officer telling you where he is, you can still pinpoint his exact position by global positioning system.
"If he needs help but you cannot hear him for whatever reason, APLS will say where he is."
Sunday, January 27, 2008
In stark contrast to Canada's Privacy Commissioner, the Information Commissioner in the UK is looking for stronger powers and penalties. See: IMPACT®: ICO publishes powers and penalties wishlist, which refers to "DATA PROTECTION POWERS AND PENALTIES: The Case for Amending the Data Protection Act 1998".
Sunday, January 20, 2008
The Register reports that a laptop containing the personal information of 600,000 UK military recruits was on a laptop stolen from a naval officer's car. See: Join the army, get your ID pinched - MoD laptop goes AWOL | The Register.
Friday, January 04, 2008
This is an interesting development. In response to the huge data breach in the UK (Canadian Privacy Law Blog: UK loses sensitive personal data on 25m people), the Parliamentary Justice committee is calling for criminal penalties for large data breaches. See: U.K. Needs Tougher Laws to Protect Private Data, Lawmakers Say - Bloomberg.com: U.K. & Ireland.
For some additional comments, see: IMPACT®: Data protection - more signs of unrest.
Saturday, December 29, 2007
In the wake of the UK's recent huge privacy incident, parliamentarians are considering a proposal that executives be directly accoutable for information security and perhaps even have to certify -- a la Sarbox -- its information practices. See: Call for CEOs to carry can for data leaks - Times Online.
Sunday, December 23, 2007
I think we'll be seeing even more of these out of the UK as government authorities and the media turn their attentiont to the issue.
It's being reported that a number of National Health System trusts have "lost" the personal information of hundreds of thousands of British residents in the past little while. See: BBC NEWS UK Nine NHS trusts lose patient data
Thursday, December 06, 2007
Just when you thought it couldn't get any worse: Scotsman.com News - Missing discs 'hold witness protection scheme IDs'.
Tuesday, November 20, 2007
A lot of stuff I read about privacy incidents leaves me scratching my head in wonder. In thinking about the staggering number of privacy breaches coming out of governments (Canadian, US, UK, etc.), I wonder:
I am thinking that it probably isn't #2.
The latest is from the UK. An employee of the Revenue & Customs sent CDs of unencrypted personal information about almost every child and parent in the UK via regular internal mail. The CDs never reached their destination. The minister responsible has admitted that this has occurred on multiple occasions. When are governments going to learn?
Tuesday, September 18, 2007
Out-Law, run by Pinsent Masons, has an exclusive article on a European Commission report that concludes the United Kingdom has not adequately implemented the Data Protection Directive. Check out the article: Europe claims UK botched one third of Data Protection Directive | OUT-LAW.COM.
Sunday, September 16, 2007
A comment in the Guardian by Henry Porter decries preceived intrusions into the private lives of the British and suggests that Canada is a good model to follow. He agrees strongly with what Pierre Trudeau said, that the Government has no business in the bedrooms of the nation.
Our sex lives are our own business Comment Guardian Unlimited Politics
... A few years ago, this sentence appeared at the beginning of a bill: 'Her Majesty by and with the advice of the House of Commons enacts as follows: rules to govern the collection, use and disclosure of personal information in a manner that recognises the right of privacy of individuals with respect to their personal information.'
The only words I have missed out are the 'senate' and 'of Canada'. Same queen, but different country and one which has placed the respect for privacy at the heart of its national life. It seems extraordinary that two countries which used to share so many political values have taken such different directions. There's a lot that Canada can teach the Mother of Parliaments, especially the opposition, which has lost the habit of thinking outside the terms that Labour has set for the national agenda.
There are two important acts which serve as good templates for the sorts of reforms Liberty calls for. The first is the Privacy Act which took effect in 1983 and which imposes obligations on some 150 government and federal departments and agencies to respect the privacy rights by limiting the collection, use and disclosure of personal information. It gives the individual a right to access and correction of personal information held by agencies. The second act is the Personal Information Protection and Electronic Documents Act (Pipeda), a law which means a company like Tesco, which accumulates enormous amounts of personal data, must have consent from its customers. Underlying these is the Canadian charter of rights and freedoms which states: 'Everyone has the right to be secure against unreasonable search and seizure', a guarantee which I would like to see in a British bill of rights.
It is argued that we have the Data Protection Act and the information commissioner, but despite the latter's agitation, nothing has stopped the 500,000 interceptions of private communication each year, the total surveillance of motorways, the building of the ID card data base, the creepy children's database and expansion of the police DNA database.
The Canadian system hasn't worked perfectly, especially since 9/11, but Canadians shudder at what is happening in the UK, at the abandon with which we allow government more and more control over our lives and our futures....
Monday, August 27, 2007
DP Thinker has posted a few developments in UK data protection law:
DP thinker: A few developments
Just a few developments to note on data protection in the UK:
1) The draft Data Retention (EC Directive) Regulations 2007 will take effect on 1st October 2007. These regulations implement the Data Retentions Directive 2006/24/EC and will apply to public electronic communications providers. Data will be retained for a period of 12 months from the date of communication (Regulation 4(2)). The types of data to be retained are telephone numbers and mobile numbers (Regulation 5(1) and 5(2)). The regulations do not apply to data from internet access, e-mail and internet telephony (VoIP). The Information Commissioner will monitor the application of these regulations (Regulation 8). A comparison of the other European Member States' Laws implementing the Data Retentions Directive 2006/24/EC can be found here.
2) On 24 October 2007, the transitional exemptions under the UK Data Protection Act 1998 will end. This means that structured manual filing systems containing personal records will be covered under the Data Protection Act, but would apply to data that was held before October 1998. The Durant case will be relevant, which took the view that most manual file files are not relevant filing systems.
3) Draft Freedom of Information and Data Protection (Appropriate Limit and Fees) Regulations 2007 - The Government has drafted amended freedom of information (FOI) fees regulations which will allow public authorities to take into account more comprehensively the work involved in dealing with an FOI request. The consultation was completed in June, but further details can be found here.
Friday, July 27, 2007
The Lawyer.com has an interesting article on the use of the Human Rights Act in the United Kingdom to dramatically extend individual privcy rights. It also includes a brief overview of some significant cases:
Privacy on parade - 16 July 2007
Five key cases
Lord Browne v Associated Newspapers, 2007
Eady J decided BP's shareholders had the right to know that Lord Browne had lied in court. But what they did not need to know were details of his personal conversations with ex-boyfriend Jeff Chevalier, which remain private.
McKennitt v Ash, 2005
One of the first real tests of Article 8. Eady J went through a number of passages from an exposé of singer Loreena McKennitt, deciding on each one whether it breached privacy rules. The result? A win for privacy.
Prince of Wales v Associated Newspapers, 2006
Blackburne J weighed up Articles 8 and 10 of the Human Rights Act and found that the former was stronger than the latter in the case of publishing the prince's diary.
Douglas v Hello!, 2007
The Lords' decision on Douglas has given celebrities greater control over their images and the way they are portrayed in the press.
Campbell v MGN, 2004
The Lords found that the photographs of Naomi Campbell attending a Narcotics Anonymous meeting had a far greater effect than just words and so had invaded her privacy.
Saturday, March 10, 2007
Richard Thomas, the Information Commissioner of the UK is calling for international privacy standards, particularly focusing on the ongoing squabbles between Europe and the United States. (See: UK official calls for international privacy standards.).
I agree that harmonization should be a goal, but I am concerned that this may lead to a "lowest common denominator" system which would reduce the protection that some jurisdictions afford to their citizens' privacy. The following quote suggests this may be the outcome:
"There could be 'scope for less bureaucracy, less emphasis on prior authorization and a more concrete focus on preventing real harm', he said."
"Privacy" is not just about preventing fraud and indentity theft. Most modern privacy regimes are about giving people choices about how (and whether) their information is collected, used and disclosed. Reducing emphasis on "prior authorization" would likely undermine this.
Canada's PIPEDA, for all its faults, has shown that you can have a comprehensive privacy law that is based on consent and still permits legitimate business use of personal information.
Friday, March 02, 2007
A UK court has sentenced a 67 year old man to four months in prison for consipring to install spyware on the compuer of the accused's estranged wife, whom he suspected was hiding assets. See: DP thinker: First UK case on Spyware.
Monday, February 26, 2007
DP Thinker is reporting on his blog that the UK Government intends to add prison time to the penalties available for misuse of personal information in the UK Data Protection Act: DP thinker: Data Protection Act 1998.
Sunday, January 14, 2007
People who want to stay on top of the UK terror alert level can sign up to receive periodic e-mail updates from MI5. Sorta but not quite, since MI5 has outsourced managing the e-mail service to an American company. See: MI5 terror alert blunder sends private data to US mailshot firm | the Daily Mail.
This is not a disaster, but clearly the UK intel folks didn't think about the perception of doing things this way.
What's the lesson here? When you are dealing with personal information, think about every facet of how the service is being offered and how it may be perceived.
Update (20070117): According to Spy Blog, MI5 is now handling its email subscriptions in-house.
Monday, November 27, 2006
Google Video is hosting a great documentary featuring Henry Porter of the Observer on widespread surveillance in the US and the UK that assumes everyone's a subject. Check it out: Suspect Nation - Google Video. From the Google Video blurb:
Since Tony Blair's New Labour government came to power in 1997, the UK civil liberties landscape has changed dramatically. ASBOs were introduced by Section 1 of the Crime and Disorder Act 1998 and first used in 1999. The right to remain silent is no longer universal. Our right to privacy, free from interception of communications has been severely curtailed. The ability to travel without surveillance (or those details of our journeys being retained) has disappeared. Indeed, as Henry Porter (the Observer journalist famous for his recent email clash with Tony Blair over the paring down of civil liberties) reveals in this unsettling film, our movements are being watched, and recorded, more than ever before.
Thanks to Open and Shut for the link.
Friday, November 24, 2006
Thursday, November 23, 2006
I blogged some time abo about Loreena McKennitt's successful bid in the UK High Courts to have an unflattering book pulled from shelves (Canadian Privacy Law Blog: Canadian folk singer opens the door to expanded privacy for celebrities in Europe ). Now the story is back in the news as she takes the battle to the Court of Appeal:
Canadian singer's privacy case back in London court Entertainment Entertainment News Reuters.co.uk:
Tue Nov 21, 2006 4:28 PM GMT
LONDON (Reuters) - Canadian singer Loreena McKennitt's action to prevent details of her life appearing in a book by a former friend was challenged in court on Tuesday, the second case this week that could influence English privacy law.
She won a High Court ruling in London last year in which the judge prevented the disclosure of details of her private life in a book by Niema Ash called "Travels With Loreena McKennitt".
Ash and the book's publishers, Purple Inc Press, are seeking to overturn the ruling in the Court of Appeal, arguing that it struck a "triple whammy" against freedom of expression.
A successful appeal could pave the way for the book to go back on sale -- about 300 copies were sold before it was withdrawn from shelves.
On Monday, celebrity magazines OK! and Hello! took their protracted row over photographs of the 2000 wedding of Michael Douglas and Catherine Zeta-Jones to the House of Lords, the upper house of Parliament which is also England's highest court.
That case is also being closely watched for which side the lords favour -- the celebrities and OK! magazine, who had an exclusive deal for the photographs, or Hello! which published unauthorised "spoiler" images of the event.
Legal experts say protecting people's private lives is one of the areas of the law most affected by the introduction of human rights legislation six years ago.
David Price, lawyer for Ash and Purple, told the court that considerable uncertainty surrounded privacy laws in the country.
"There is a perception that the law relating to breach of confidence and misuse of private information is in a state of some uncertainty," he said. "This uncertainty is undesirable. It has a chilling effect on freedom of expression."
He said the original judgement in McKennitt's favour set a "low hurdle" on what qualified as private information and a difficult and restrictive test for justifying information that is private.
He said it blurred the distinction between defamation and privacy which was a "particular concern for book publishers".
The court ruled last year that McKennitt was entitled to an injunction restricting publication of passages of the book which fell into categories including personal relationships, emotional vulnerability and her feelings for her late fiancé who drowned.
Thursday, November 02, 2006
I was going to write about this, but Michel-Adrien Sheppard not only beat me to it, but has written an amazingly thorough post on his blog, complete with loads of interesting and relevant links. Check it out: Library Boy: UK Fast Becoming Surveillance Society Says Info Commissioner.
Wednesday, November 01, 2006
The Guardian is running a deeply critical article on the new electronic health records system being rolled out in the UK, called The Spine:
Warning over privacy of 50m patient files Health SocietyGuardian.co.uk:
... And a Guardian inquiry has found a lack of safeguards against access to the records once they are on the Spine, the computer designed to collect details automatically from doctors and hospitals. The NHS initiative is the world's biggest civilian IT project. In the scheme, each person's cradle-to-grave medical records no longer remain in the confidential custody of their GP practice. Instead, up to 50m medical summaries will be loaded on the Spine.
The health department's IT agency has made it clear that the public will not be able to object to information being loaded on to the database: "Patients will have data uploaded ... Patients do not have the right to say the information cannot be held."
Once the data is uploaded, the onus is on patients to speak out if they do not want their records seen by other people. If they do object, an on-screen "flag" will be added to their records. But any objection can be overridden "in the public interest".
Harry Cayton, a key ministerial adviser, warned last month of "considerable pressure to obtain access to [the] data from ... police and immigration services", but he is confident that these demands can be resisted by his department.
Another concern is the number of people who can view the data. The health department has issued 250,000 pin-coded smart cards to NHS staff. These will grant varied access from more than 30,000 terminals - greater access for medical staff, and less for receptionists. Health managers, council social workers, private medical firms, ambulance staff, and commercial researchers will also be able to see varying levels of information. Officials say the data will be shared only on a need-to-know basis. But Guardian inquiries show a lack of safeguards.
Although data protection laws supposedly ban unnecessary build-ups of computer information, patients will get no right to choose whether their history is put on the Spine. Once uploading has taken place, a government PR blitz will follow. This will be said to bring about "implied consent" to allow others view the data. Those objecting will be told that their medical care could suffer....
Sunday, October 15, 2006
The police force Merseyside, UK is looking into deploying an unmanned aerial drone to crack down on "anti-social behaviour". I guess blanket surveillance at ground level isn't enough: BREITBART.COM - Police want spy planes to fight anti-social behaviour.
Thursday, August 31, 2006
Some experts are suggesting that the UK's new childrens' database will become a tool of pedophiles hunting for vulnerable children. See: The Sun Online - News: List could put kids at risk.
Update (20060901): At least celebrity kids will be protected:
Telegraph News Celebrity children will get database privacy:
... Lord Adonis, the education minister, told the House of Lords: 'Between 300,000 and 400,000 users will access the index. Children who have a reason for not being traced, for example where there is a threat of domestic violence or where the child has a celebrity status, will be able to have their details concealed.' ...
Via Privacy Digest.
(BTW: "Lord Adonis"? That's my nickname.)
Tuesday, July 18, 2006
Apparently a laptop containing Her Majesty's secrets has been stolen from an aide in Buckingham Palace. See: Contractor UK: Contractor steals laptop of royal secrets. I imagine it would be very difficult to steal the identity of Queen Elizabeth, but I suppose stranger things have happened.
Via Pogo Was Right.
Sunday, May 14, 2006
A TV service provider in London has rolled out a pilot project in which feeds from hundreds of "crime fighting" CCTV cameras are being rebroadcast for in-home viewing:
Telegraph | News | CCTV channel beamed to your home:
Shoreditch TV is an experiment in beaming live footage from the street into people's homes and promises to be every bit as fascinating as the courtship rituals of Celebrity Big Brother contestants Chantelle and Preston.
Viewers can watch the dog walkers on the street below, monitor the appearance of new graffiti and keep an eye on the local pub.
This summer 22,000 Londoners will be tuning in and homes across Britain are getting their own version next year. But despite being a curtain-twitcher's paradise, the channel is about 'fighting crime from the sofa', not entertainment.
In return for a package that includes footage from 12 security cameras, a police advice channel and an array of standard cable fare, the residents of Haberdasher Estate are expected to shop any yobs that they catch on camera.
Check out, also, the Slashdot discussion: Slashdot | London 2006, Meet London 1984.
Wednesday, April 12, 2006
The Information Commissioner in the UK has issued a guidance document outlining how transfers of customer databases upon the insolvency of a business or the sale of a business. In short, databases can be transferred without consent as long as the customers are given notice after it is transferred and as long as the information is only used for the original purposes for which it was collected. Read the Guidance Document here. (Link via Silicon.com and Pogo Was Right.)
Monday, March 20, 2006
Many who are critical of widespread video surveillance often point to instances where those doing the surveillance use the cameras for purient purposes. Today, The Register is reporting that police in the British community of Tyneside are investigating the leak pictures of participants in Spencer Tunick's mass nude photoshoot that took place last year. The pictures were apparently taken by CCTV operators with pan and zoom capabilities and were made available in local pubs. See: CCTV staff quizzed over nude art shoot footage | The Register.
Thursday, January 19, 2006
Health News Article Reuters.com
"In medical research there are thousands, if not tens of thousands, of unnecessary deaths occurring each year in the UK alone through the misinterpretation of these laws and guidelines," [Professor Rory Collins] added.
The same general argument has been raised by Canadian and US researchers about privacy laws in those countries.
Monday, January 02, 2006
Lawrence Lessig recently observed a poster on a train in the UK reminding riders that spitting on railway staff is assault and that the UK's national DNA database will be used to track down offenders. I'm not sure that was the kind of offense that was pointed to when the database came into being, but shows how versatile that sort of info really is! See: Lawrence Lessig.
Monday, September 05, 2005
Privacy advocates in the United Kingdom have had their knickers in a twist over a government proposal for a biometric national ID card. It has been sold as a solution to identity theft, terrorism and other ailments of modern society. Now, a British parliamentarian has suggested that the Labour Party has, perhaps, "oversold" the benefits of the National ID but they are still detrmined to go ahead with the plan. See BBC NEWS | Politics | Labour admits ID card 'oversell'. The BBC also has an interesting "fact page" on the ID proposal: BBC - Action Network - - A2319176 - ID cards: an Action Network briefing.
The Canadian Privacy Law Blog is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 2.5 Canada License.