Seizing personal data without reasonable suspicion
Tim Hardy looks at the recent news that UKBA are using anti-terrorism laws to seize personal data of individuals travelling via air.
Image: X-ray-washbag by jimmedia CC BY-NC-SA 2.0
How would you feel if the police stopped you on a whim, took your phone, your laptop, your digital camera, your MP3 player, your USB sticks and your memory cards then copied everything on them?
How would you feel if they told you they were going to keep all your photographs, your documents, your address book, your financial data, your browsing history, your emails, your chat logs, your electronic diary, your music and recordings and anything else they liked for at least six years - indeed maybe they’d keep them until you reached the age of a hundred in case they might prove useful one day?
How would you feel if they then demanded all of your passwords and threatened you with years in jail if you refused to hand them over?
Welcome to Britain.
These are the rights granted to the police at the border controls of this country.
Within the UK, police officers are authorized to seize phones and download information only after making an arrest. The border control officers have no such limitations.
Anyone entering or leaving the UK faces this possible treatment under port powers contained in Schedule 7 to the Terrorism Act 2000. No prior authorization is needed to stop you and there does not need to be any suspicion. Your data can be kept even if you are not arrested and the police can find no evidence of any crime.
Each year around half a million people are stopped as they enter or leave the UK for screening questions which last for a few seconds or minutes. Nearly 70,000 are examined for longer periods. Less than 0.03% of those questioned for longer are arrested.
The Office for Security and Counter-Terrorism advises that there are no national records kept of data downloads taken and that downloads are conducted at the examining officer’s discretion on a case-by-case basis but that they occur “in a substantial number of cases.”
Noting the arguments for allowing stops without suspicion, David Anderson QC, the independent reviewer of terrorism laws, warned in 2012 and again in 2013
“.. despite having made the necessary enquiries, I have not been able to identify from the police any case of a Schedule 7 examination leading directly to arrest followed by conviction in which the initial stop was not prompted by intelligence of some kind.”
In spite of this the police still have the legal power to act on a hunch or a whim.
Whistleblower Edward Snowden memorably described the NSA and GCHQ spying apparatus as “turnkey totalitarianism”. When asked why the British seem so complacent about this, the academic, journalist and author John Naughton noted
“Britain has no recent historical experience of being invaded, and so the culture has no clear understanding of the consequences of intensive surveillance technology and records falling into the “wrong” hands.”
The retention of data for as long as the state feels it might be useful, should alarm everyone. Everyone should have something to hide. Just because we live in a nominally democratic society right now doesn’t mean it will always be that way. Russia, ironically the first country to decriminalise homosexuality, is fast criminalising it again. Right now you would have good reason to feel worried if the Russian state was holding copies of your mobile telephone and computer data if that included evidence of your sexuality.
Within the UK, there is a growing litany of abuse by police officers being exposed. This is alleged to include spying on the friends and families of victims of police brutality, seemingly with the intent to discredit. How happy are you that your most intimate messages and photographs could be in the hands of people who have shown themselves only too willing to leak sensitive information to the press?
David Anderson has warned in his latest annual report on terror legislation in the UK:
“The fact that such powers are useful does not automatically mean that they are proportionate. It is ultimately for Parliament, prompted if necessary by the courts, to strike the appropriate balance. Even if a no-suspicion power to stop and examine is thought acceptable, it might for example be possible to require some level of suspicion before a phone can be downloaded or a person can be taken into detention... by analogy with the proposal that reasonable suspicion should be required before a strip search is conducted.”
The comparison to a strip search is a good one. As the boundaries between the physical and the digital dissolve and more of our most intimate moments and experiences occur in places that overlap both spheres, the cold scientific language of “data” and “downloads” becomes insufficient to describe the sense of violation such behaviour by the state can cause.
Borders are strange places. We accept perhaps that we may be subject to invasive procedures when we cross but at the very least we expect that there must be reasonable suspicion for the degrading experience of a strip or cavity search. In the same way, we must demand that at the very least that our personal data be considered inviolable unless there are very clear grounds for this invasion. Privacy is a right we should not surrender easily, yet without our paying attention the state signed it away for all people trying to enter or leave the country.
There are many grounds for concern about these laws and the reluctance of the government to consult on the issues raised by David Anderson in his review of them. That the data of innocent people stopped without a warrant and without clear grounds for suspicion can be kept effectively forever is wrong.
Due to an ambiguity over whether the existing act provides sufficient legal authority for this copying of personal data, the government has proposed an amendment inserting a new paragraph 11A into Schedule 7, headed “Power to make and retain copies” as part of The Anti-Social Behaviour, Crime and Policing Bill passing through Parliament at the moment.
Although the government’s intention is simply to protect itself from legal challenges, this is potentially an opportunity to have stricter controls over these extensive powers written into the law.
The Bill has just entered the report stage. MPs now have the chance to introduce proposals for change. Unfortunately there seems to be little government will to make any changes to a bill that gives way too much authority to the police with too little accountability and too few safeguards. Little wonder given how few people seem to be aware of these sweeping powers.
Share this article
Comments
Comments (3)
Latest Articles
Featured Article
Schmidt Happens
Wendy M. Grossman responds to "loopy" statements made by Google Executive Chairman Eric Schmidt in regards to censorship and encryption.
ORGZine: the Digital Rights magazine written for and by Open Rights Group supporters and engaged experts expressing their personal views
People who have written us are: campaigners, inventors, legal professionals , artists, writers, curators and publishers, technology experts, volunteers, think tanks, MPs, journalists and ORG supporters.
Haddion:
Jul 31, 2013 at 04:53 PM
I am a native born (white, as if it matters) British Citizen and my wife is a Canadian with full right of abode in the UK.
When we left the UK to move to Canada last year, we took our desktop PCs in our checked baggage. I was held so long at security that we almost (2 minutes from departure time) missed our flight. They claimed that I had "explosive lint" in the bottom of one of my carry-on bags.
When we arrived in Canada, my PC had been disassembled and put back together incorrectly. Disks were hooked up to the wrong ports or not at all and several screws had been shorn off.
I didn't bother to complain (I am just grateful to be out of the UK, frankly) but I was disgusted that they lied to me (explosive lint my arse) and blatantly abused my privacy.
I've got nothing to hide, but I certainly fear what these people are doing *in my name* for "classified" purposes.
Allan:
Aug 03, 2013 at 12:19 AM
Well, there goes my trip to Britain. Screw them.
john:
Aug 06, 2013 at 10:26 PM
Surely any evildoers well be using full disk encryption and other methods to evade this kind of process, meaning that yet again it is only the innocent members of the general public who have their privacy invaded in this way (cf snoopers' charter etc).
If I wanted to take my phone through the border without giving my secret terror attack plans and contact list to the authorities, I'd keep a image of the phone on my tor hidden service, wipe the phone (or image it with an innocent-looking profile) and then once safely across the border (why of course you can look at my phone officer, anything to protect the children) download my evil phone image and go about my evil business. Or I could mail my encrypted evil data on SD cards in retail packaging in an Amazon box with the appropriate faked documentation.
If I can think of that in less than a minute, I'm sure dedicated terrorists could come up with a much better plan. But Ms Jane Ordinary won't take such measures and risks her private correspondence, phone logs, intimate photos etc being pawed over by government agents indefinitely. Laws like this are products of "something must be done" thinking, security theatre and legislative capture by the security services.