Missed News: US Adopts Euro Cyber Crime Proposal ...

Tue Dec 5 07:33:29 PST 2000

David Honig wrote:

> This just about sums it up:
> 
> Barry Steinhardt, associate director of the American Civil
>      Liberties Union, said the pact could force police in the
>      United States to conduct searches under rules established
>      by treaty ''that don't respect the limits of police powers
>      imposed by the U.S. Constitution.''

And guess what? The UK government says they need to do this because the
US (among others) wants them to. Over the weekend proposals to enforce
data retention for 7 years were leaked to newspapers & civil liberties
groups here in Britain. Just in time for the annual Big Brother Awards
(  http://www.privacyinternational.org/bigbrother/ :-)
Your very own John Young has made the offending document available at
http://cryptome.org/ncis-carnivore.htm

Of course it isn't official government policy. Oh no, just some paper
put out by a junior official. All very deniable. It is so *very*
offensive that even the Home Secretary will be able to to say that he
doesn't accept it - and then come out with something that, while not
quite that bad is still a lot worse than what we have now. And they will
say that our "European partners" want us to have such laws. And in
Germany they will say that the British want it... and in France they
will say that all of civilisation wants it...so a whole load of
diplomats will get together & make some treaty, more or less dictated to
them by the military.

of course the universal opinion here is that it is actually the
Americans - they pull the strings at GCHQ & this sort of policy in the
UK nearly always comes straight out of GCHQ.

Meanwhile, back in the corridors of power, the Data Protection law
(which tends to be administered by well-meaning mild lefties, as opposed
to the military who may be well-meaning but are almost by definition
right-wing authoritarians) now seems to require that you make personal
data, including logs, available to people who can be identified from
them. How about having to not only keep your Apache logs for 7 years but
also be prepared to search them at the request of anyone who might have
browsed your website?

Ken

The vile paper states:

3.2 INTERNATIONAL DIMENSION 

3.2.1. We have strong partnerships with overseas colleagues and an
expectation exists that the UK will take a bold and strategic position
on data retention in order to continue to meet both domestic and
international obligations on organised crime. Elsewhere in Europe and in
the G8, countries are also concerned about the lack of clarity in law
and are advancing legislation to meet the needs of their Agencies. In
particular, Belgium, Italy, the Netherlands, Germany and the US have
taken steps towards a statutory framework. 

3.2.2. A degree of international agreement on standards is important.
For example, in relation to telephone data, competition in the market
has led to "least cost routing". This involves calls being sent by the
cheapest route, taking advantage of reduced off-peak rates elsewhere in
the world. It has even become more economical to briefly route domestic
UK calls overseas. Similarly, in the case of computer viruses, these can
be transmitted around the world across any number of communications
networks and ISP servers. Progress towards standardisation is therefore
important both for domestic and international law enforcement activity. 

3.2.3 CSPs consider it is important to harmonise UK legislation with
regulatory regimes elsewhere. If requirements are more
onerous in the UK than in other EU Member States, then the natural
reaction will be to relocate to the most favourable regime. The nascent
E-Commerce knowledge industries are highly mobile and the Industry would
anticipate an immediate response from UK CSPs to unfavourable conditions
here. CSPs are actively consulting their international counterparts on
this subject. ISPs in particular would support adopting an international
legislative framework provided it was on the basis of a level playing
field and would actively work on the formulation of an "Industry-wide
Code of Practice" to achieve that objective.