November 2003 Archives

The Joint Committee on the Draft Civil Contingencies Bill
seems to have produced a report which is very critical of the Government's plans.

The actual report is now available on the Parliament website at:

It will be interesting to see how closely this tallies with our amateur polemical analysis of the Draft Civil Contingencies Bill:

  1. Who will have the power of life or death over us ?
  2. How well are we prepared to deal with major emergencies ?
  3. Forced evacuations ?
  4. Financial compensation - no insurance ?
  5. Police control of ISPs and Telcos ?
  6. Censorship of the press and media ?
  7. Interaction with the Emergency Broadcast System Bill
  8. Safeguards against a Coup D'Etat ?
  9. Criminal penalties for abuse of Emergency powers ?
  10. Is it a real Emergency or is it a Hoax ?
  11. Consultation ? What consultation ?
  12. Data Retention for an Automatic Independent Public Inquiry
  13. Other organisations reponses to the consultation document
  14. Our response to the Consultation
  15. Where to send your responses to the consultation
  16. Joint Committee on the Draft Civil Contingencies Bill

Blunkett on satellite tags


Why do Government Ministers base policies on unproven, pie in the sky technologies, which do not yet actually work reliably ?,7991,1094419,00.html

"Tagging plan for asylum seekers
Press Association
Thursday November 27, 2003

"The home secretary said that he expected a new kind of tag, employing satellite technology to pinpoint the wearer's location, to be used within around 12 to 18 months."

"Speaking about the tagging proposals, Mr Blunkett said: "It is an alternative to secure removal centres. If we can track people, both in terms of electronic tagging and in future satellite tracking, we can avoid having to use that"

Is this more Sky Guardian hype ? c.f.

VeriChip RFID evil

| | Comments (2)

There is a USA based company called Applied Digital Solutions which seems to be intent on selling the creepiest and most threatening versions of RFID tags - ones which are implanted under the human skin.

These VeriChips work on 125KHz which copes better than the High Frequency 13.56MHz or Mobile Phone frequency range (868 - 930 MHz) Ultra High Frequency RFID tags, with absorbtion by the mostly saline liquid human body. Their range is limited, but seems to be sufficient for door scanners.Naturally, although these RFID tags contain a unique serial number, this is not compliant with even the weak EPCglobal standards for privacy, and they are too "stupid" to be "killed" or decativated even temporarily. Obviously removal of the tags requires another surgical operation.

These so called "security" chips are the 21st century version of permanent cattle brands (indeed the original market for Verichips is for prize cattle and pet cats and dogs) or tattoos.

We find the concept completely unethical, bordering on actually evil. What is there to prevent this technology being used by exploiters of slave labour, pimps and brothel keepers, religous cults, abusive or paedophile parents or police states in order to control the movements of their victims and to prevent escape via actual alarm systems or the fear that "we will track you down if you try to escape" ?

They are being sold to the Latin American and Russian markets, aimed initially to exploit the fears of rich parents who fear that their children may be kidnapped, and who are therefore willing to electronically brand them in the vain hope that this will somehow make it easier to trace kidnap victims.

The alternative market to the forced branding of children who are in no position to object is to electronically brand vulnerable adults, e.g. those with Alzheimer's disease, again, a process likely to happen without fully informed consent. The company is also selling the concept of access to online medical records via the VeriChip RFID serial number.

If we have expressed doubts about the security and privacy implications of the EPCglobal back end "internet of things" databases, then these worries are multiplied by orders of magnitude when it comes to VeriChip databases containing details of children or vulnerable adults with, in some cases their online medical records.

The VeriChip distributor in Mexico Solusat, is proudly claiming links with the Mexican Red Cross for access to Medical Records, and the National Foundation of Investigations of Robbed and Missing Children

Why then, is Solusat not using SSL/TLS session encryption on the website through which the VeriChip RFID tag registration details and medical records can be accessed ?

Why is the SQL Server administrator account and password apparently visible to any hacker or corrupt employee, simply by inspecting the HTML source code of this website ?

This would be bad enough if the only thing that they were putting at risk was credit card details, but to put Children's details and Medical Records at risk over the internet or to corrupt employees in this way is criminal negligence.

The latest nonsense from the company is VeriPay, an attempt to try to convince people that electronic payments could be safely authorised using their crude technology which does not employ encrypted authentication handshakes, instead of a normal credit card.

Of course, many fundamentalist Christians see RFID technology, but especially VeriChips as the "Mark of the Beast":

"Moreover, it caused everyone, great and small, rich and poor, slave and free, to be branded with a mark on his right hand or forehead, and no one was allowed to buy or sell unless he bore this beast's mark, either name or number. (Here is the key; and anyone who has intelligence may work out the number of the beast. The number represents a man's name, and the numerical value of its letters is six hundred and sixty-six.)
(Revelations chapter 13: verses 16-18)"

Any reputable companies deploying RFID tags would be well advised to help get these evil RFID human implants banned, or risk being tarred with the same brush.

Queen's Speech media spin


Her Majesty's Gracious Speech to Parliament traditionally sets out the Government's proposed legislative programme for the next session of Parliament.

Like the Chancellor of the Exchequer's Budget Speech, it is supposed to be top secret, until it is actually delivered in public. However, this is obviously not the case, and the sleazy compact between the mainstream media and the Government's propaganda machine has been in evidence, yet again, with almost everything in the speech having been trailed and leaked in the media.

The so called "analysis" by the media is now concentrating on soundbites concerning "University top up fees", claiming that this is somehow the most controversial part of the legislative programme.

Top up fees are apparently more controversial than the Civil Contingencies Bill which would suspend our human rights and liberties and constitutional checks and balances to an extent that would embarass even someone like Robert Mugabe or Edvard Sevardnadze
trying to cling to power by declaring a State of Emergency.

Top up fees are apparently more controversial than Blunkett's Biometric ID Card plans, which would create an expensive, disruptive, mass surveillance surveillance infrastructure spying on the majority of innocent people, in a futile attempt to catch terrorists or illegal immigrants.

Top up fees are apparently more controversial than paving the way for a referendum on joining the Euro.

Top up fees are apparently more controversial than the reforms to the House of Lords, or the creation of a Supreme Court.

Top up fees are apperently more controversial than the anti-hunting bill, which controversially does not appear in the Speech, but which the media assume will still be brought in during the next session of Parliament.

If Parliamentarians are so easily diverted from the real issues and dangers in the Queen's speech, as their mainstream media symbiotes are, then the next session of Parliament will only turn people off politicians even more.

The Information Commissioner's Office have redesigned their website. Unfortunately they seem to have "hidden" the Search Form for accessing the Register of Data Controllers.

The URL which used to be on the old front page to the Search Form, now no longer works, i.e. it points to the frontpage of

To find the current URL requires the visitor to run a search query, but here it is:

Why is this link unavailable from the front page of the website, like it used to be ? Is this a website design error or is it now the deliberate policy to hide the search form ?

Their website feedback form returns a "Could not access 'CDO.Message' object." error, so it is anyone's guess as to wether this works or not.

Voyeurism offence becomes law

| | Comments (1)

The Sexual Offences Act 2003, became law on 20th November 2003, establishing the new offence of Voyeurism, with up to two years in jail and the Sex Offenders Register as punishments.

This could be used to counter some of the most egregious abuses of CCTV surveillance and papparazzi tabloids, and voyeurs with camera equipped mobile phones, but, there seem to be substantial loopholes which will allow pornographers, stalkers and papparazzi to avoid prosecution.

Do the installers of CCTV systems who install equipment is say toilets or changing rooms, or the Mobile Phone Netweorks who are so heavily promoting voyeuristic camera and video phones realise that they might be prosecuted ?

Beverly Hughes on ID Cards

| | Comments (3)

More public relations on ID cards from Home Office Minister Beverly Hughes, which needs to be argued against:,11026,1090930,00.html

ID route to beating fraud

Saturday November 22, 2003
The Guardian

I would like to clarify a couple of points raised by your article on European identity cards (ID cards may cut queues, but learn lesson of history, warn Europeans, November 15).

First, I should stress that, while we will continue to work closely with our European partners, most of whom already have existing ID card schemes,
we will not be replicating wartime ID papers. Instead, we will be developing a new, highly secure biometric identity cards scheme. This will help us to ensure that the scheme brings real benefits in tackling illegal employment, immigration abuse, identity fraud and terrorism.

Which European ID Card schemes have actually been shown to cost effectively reduce illegal employment, immigration abuse, identity fraud and terrorism ?

The Home Office has still not provided a detailed account of how exactly
ID Cards are going to be used
to tackle these illegal activities. Where are the published cost/benefit assumptions which balance how much of a reduction there is expected to be in these illegal activities against the massive cost, disruption to the economy and the loss of indivdual privacy ?

Biometric identity cards will provide the most secure form of identification ever. The personal information held encrypted in the card will be only that required to verify identity.

It is interesting to see that this Beverly Hughes is being a bit more cautious than her fellow Home Office Ministers David Blunkett or Fiona Mactaggart (c.f. with respect to claiming that Biometrics are "unique" or "unforgeable".

Is this a firm promise from the Minister that there will be nothing on the ID Card or on the central database except for the Biometric Identifier, a right of residence flag, a right to work flag, a card serial number, and a card date of date of issue only ?

It is neither technically necessary nor desirable, for any other details to be stored on the ID card i.e. no name, no address, no gender, no race etc. and nothing else should held on the central database in secret over and above what is on the card. Nothing should be printed on the face of the card over and above what is stored securely in the chip.

These details could, of course, be presented as part of the primary documentation used to authenticate the enrollment and registration process, but they must not be stored on the ID Card system.

Or is the Home Office actually planning something much more Orwellian and intrusive ?

Ongoing parliamentary scrutiny of the government's proposals will ensure that individual rights continue to be protected.

To say that we are not impressed with the Parliamentary scrutiny of anything to do with technology would be an understatement. The lack of informed debate and consultation on the Regulation of Investigatory Powers Act and the Anti-terrorism, Crime and Security Act brings shame on both the Government and Parliament - is it any wonder that they seem increasingly out of touch with the public ?

Furthermore, the police will not have the authority to demand production of identity cards on the spot, and in implementing the identity cards scheme

Is the Minister hereby ruling out the suggestion from David Blunkett that there might soon be mobile technology available to the police that would allow the checking of Biometric Identifiers against the central database, without even requiring an actual ID Card to be available ?

the government remains committed to tackling any sort of discrimination.

Does that meane no discrimination or second class public services aimed at those people who choose not to register for the ID Card or who choose not to use one ?

Beverley Hughes MP
Home Office Minister

The public motto of the Home Office is "Building a Safe, Just and Tolerant Society" but what they seem to be building is a massive technological surveillance infrastructure. We do not think that they intend to abuse this at the moment, but the loss of individual privacy that it entails can never be reveresed and this system could so easily become "a rod for our own backs" in the hands of corrupt individuals or extremist politicians in the future. The only procedural and technological safeguard to our privacy and liberty, is not to collect and collate the intrusive surveillance data in the first place.

SmartMobs website censored in UAE

| | Comments (1)

We have a link to Howard Rheingold's SmartMobs website which discusses and supports his interesting book "Smart Mobs:The Next Social Revolution "

Try changing the proxy settings in your your web browser using a proxy server such as 195.229.nnn.nn:80 (email us if you want the full IP address) in the United Arab Emirates, which blocks various websites.

Now try and get that strange feeling when you discover that a website that you can see no problem with, is being censored by somebody for some uknown reason.

SmartMobs censored in UAE screenshot


Is the book also banned/censored in the United Arab Emirates ?

London JamCams censored again

| | Comments (1)

It looks as if the London JamCams are being censored again, during President Bush's visit. e.g. Whitehall/Parliament Square

It is precisely when temporary road closures etc. are in operation that these low resolution pictures are most useful for steering people away from the affected areas.

There is no security issue with low quality, non realtime pictures, which are delayed for several seconds or minutes.

Which petty official at either the BBC or at Transport for London is in charge of making the decision to censor these JamCams, and under whose orders ?

Censored JamCam image

The secrecy surrounding the excuse not available for operational reasons shows contempt for the public - "we can snoop on you when we want, but we will not share the publically funded data if it suits us".

This is by no means the first time that this censorship has happened, any major street demonstrations seem to trigger this stupid policy.

This imbalance of power, between "us" and "them" lies at the heart of many people's objections to public CCTV surveillance systems.

Most people are generally supportive or do not really care about the visit of President Bush to London.

However the disruption caused by the extraordinary security measures is worth looking at.

14,000 police officiers (about half the Metropolitan Police) is more people than the UK armed forces have out in Iraq at the moment. The claims that this will not affect the normal policing of the rest of London is rubbish.

All the President's policemen, The Times, November 18th 2003 reports:

"Security chiefs are even considering shutting down all mobile phone signals
near the President every time he leaves Buckingham Palace in case terrorists
try to use a mobile to detonate a bomb"

What would the exact legal basis be for such a draconian measure ?

There are relatively few Mobile Phone Base Stations near Buckingham Palace and Whitehall, presumably due to the open spaces of St. James' Park etc., but if these were to be blacked out, how could one be sure that the next nearest base stations would not still function ?

c.f. Radio Communications Agency map of Mobile Phone Base stations:

e.g. Mobile Phone Base Stations near Buckingham Palace

Would they attempt to shut these down or would it simply be a case of using an illegal Mobile Phone jammer in the immediate vicinity of the President ?

Will the frequency of the timeout between the Base Station and the Mobile Phone be reduced, so that the phones have to transmit and negotiate the handshake more frequently than normal, thereby making it easier to triangulate their postions (whilst running down their batteries more rapidly) ?

Will the GSM Mobile Phone encryption be switched off, allowing for quicker "tactical" mobile phone interceptions by the US Secret Service ?

What if there is a non-mobile phone detonated device, not quite on the President's route, or even the normal sort of first aid incident that always happens in large crowds? Wouldn't jamming all the Mobile Phones make calling the emergency services even more difficult ?

There seem to be attempts by the usual more money than sense "flash mob" suspects to try to "coordinate" their protests by sending SMS messages and MMS camera phone pictures to central websites etc. to "track George Bush", as if the world's TV media will not be doing this in any case. This sort of tactic is only of use if Bush were to depart from his planned itinerary and go shopping or sightseeing to "meet the people" etc., which seems rather unlikely.

Are these people aware that they could be "tarred with the same brush" and be seen as being "guilty by association" if the Mobile Phone records along the route of the visit are analysed by, for example, I2's PatternTracer Telephone Call Analysis software ?

Has the Home Secretary signed warrants under RIPA for the interception of all mobile phone calls along the President's route ? Are the Metroplitan Police gathering "traffic data" on all such mobile phones ?

What happens to the details of all the innocent people who have been caught up in any such "trawling" operation ?

What mobile phone information, if any, is being handed over to the US authorities ? Will the presence of your mobile phone in central London during the visit be treated as "suspicious" ? If you actually participate in any SMS/MMS "flashmob" protest lists, will you be classified as a "potential enemy" and have your details added to the "Echelon" style watchlists ?

Will the various Commissioners who have been appointed under RIPA, i.e. the secretive Sir Swinton Thomas, the Interception of Communications Commissioner or the slightly more open Sir Andrew Leggatt, Chief Surveillance Commissioner, actually investigate what electronic snooping on the public has occurred prior to and during the visit of President Bush ?

Have all the US presidential VIP vehicles registered for the London Congestion Charge, even if they are deemed to be exempt from paying it ?

Tesco Radio Barcodes plans

| | Comments (2)

Tesco have announced plans for requiring their suppliers to use RFID tags by 2006, except that they are trying to call them Radio Barcodes

Their published plans for suppliers only mention case level tagging up to the year 2008

Does this mean that Tesco have abandoned their plans for consumer item level tagging of goods in the supermarket itself ? Well, not necessarily, since their What are Radio Barcodes ? page clearly shows Smart Shelves in the actual supermarket, and no means of "killing" the RFID tags at the checkout.

They claim that they will be using UHF epcglobal Class 1 tags i.e. a 96bit serial number, with a measly 8 bit password to operate the challenge response security.

Fiona Mactaggart misunderstands Biometrics


Another Labour Minister "on the left" fails to understand Biometrics:,3604,1083804,00.html

The eyes have it

As the former chairwoman of Liberty, I was against ID cards. But new technology has changed my mind

Fiona Mactaggart
Thursday November 13, 2003
The Guardian

There are few things more risky in politics than admitting you have changed your mind about a policy you have always vehemently opposed. If you have recently become a minister as well, you can expect the sneers to come thick and fast that your principles have been squashed under the weight of the red box.

My admission is this: like many people I know, I have gradually changed my mind on ID cards. For an ex-chairwoman of Liberty and contributor of plenty of damning articles on the subject over the years, this is not easy to say. But the world has changed with the development of biometric technology. Now, those of us on the left who have always led the charge against previous plans, need to stop and ask ourselves whether the steamroller of hi-tech identification which is heading our way will make matters worse for the poorest and most excluded people in our society if we do not go ahead with a compulsory scheme.

For those on the left who have always opposed ID cards, the argument has gone like this: the state has no right to collect central information on you purely for the purpose of identification. Without a written constitution, people are entitled not to have to be identified unless they are accessing a specific service or committing an offence. Even then, you are more likely to be harrassed by the authorities if you are poor or belong to an ethnic minority. On a practical level, Whitehall has a poor record of delivering big technical projects and the benefits of an ID card have been so oversold that the likely price tag of between ?1.6bn-?3.1bn will be money wasted.

That estimate only covers the waste on the ID Cards themselves, not on the ID Card Reader Infrastructure or the loss in GNP caused by the massive queues which Registration and Enrollment in Person. By insisting on the use of Biometrics, there can be no "offline" savings using postal applications as per Passports or Driving Licences - you will have to use up holidays or take time off work etc. in order to queue and queue and queue.

So what has changed? In a word, biometrics. The development of these hi-tech identifiers of your unique personal characteristics; an iris print, fingerprint or face scan, will revolutionise the way in which we identify ourselves over the next 10 years.

Here we go again, the repetition of the false claim that biometrics are somehow unique. Not even the people with a vested commercial interest in selling the technology dare to make that claim. Your "biometric characteristics" may be reasonably individual to you personally, but that is not the same as saying that what ends up inside a Smart Card or database is "unique" or "unforgeable".

The specious reasoning goes along the lines of: if your Smart ID Card ever gets lost or stolen, there would be no need to worry, since, for example your fingerprint biometric would make it impossible for anybody else to use it, thereby crushing Identity Theft.

Leaving aside the statistics of False Positives, False Negatives, and the small percentage of people with no usable biometric at all (tens of thousands in a population of 60 million) the fact is that you leave your fingerprints all over your ID Card. There is a very high probability (around 80%) that latent fingerprints taken off your ID Card could be used to construct a "false finger" which is sufficient to fool the finger print scanner.

The same fundamental weakness applies to the more secure iris scan technology. This also uses a digital scan or photograph as the basis for the approximation to a biometric identifier. 10 years ago there were very few digital cameras capable of stealing photographs of people's eyes. Nowadays there are literally millions of them, available cheaply from any electronic goods retailer.

When I was opposing home secretary Michael Howard's ID card scheme while at Liberty in 1996, the only option was a piece of plastic no more sophisticated than a library card. Now, the potential to establish ID authentically through biometric identification is so clear that all the G8 countries are rapidly working up their own schemes to make the most of the opportunities it offers.

Biometric systems were available even in 1996, and were rejected then as impractical for non-technological reasons, as they should be now.

I do not trust the UK Government to be able to store my personal data such as "biometric identifiers" securely, let alone other G8 governments such as the USA or Russia with such an dismal record of Government IT insecurity and the corruption of officials with top secret security clearances.

If I'm honest, one unstated reason why I have opposed ID cards is my fear that this is another thing for me to lose. But a powerful opportunity provided by biometric technology is that your iris is part of you, it can't be lost, and in the longer term I envisage a system which depends on a biometric rather than the card.

Biometrics - the password you can never revoke, even when the system has been compromised.

Relying on having to look up the Biometric Identifiers in a database each time rather than comparing it to what is stored on an ID card and making use of a Digital Signature Public key Infrastructure will add orders of magnitude of cost and complexity to the system.

The attitude of the US is accelerating change. Still reeling from the horror of 9/11, the US is now demanding that all visa entrants hold biometric visas from the end of 2004.

But not even the USA has decided to introduce a compulsory ID Card system for its citizens to "protect" them from such terrorist attacks. None of the world's current ID card systems are of any use against crime or terrorism or illegal migration, except as tools of a police state.

Countries such as Britain which still want to take advantage of the visa waiver scheme must put biometrics in passports. As a result, over the next decade the passport service will begin to issue biometric passports routinely as they are renewed. Driving licences will undoubtedly also begin to go biometric. Faced with a world of greater mobility, rapid change and new abuses of identity, the technology will be used whether we like it or not.

It is an astonishing that this Labour Government seems to be intent on handing over sovereignty and sensitive personal data on all of us, to untrustworthy foreign governments, without even, it seems, getting data on their citizens in return.

It is a scandal that the UK Government has aquiesced to US demands for Biometric Passports and Visas, but does not require US visitors to the UK to suffer the same inconvenience and loss of privacy. Border controls between countries should be reciprocal, on an equal footing.

If the Government goes down the International Civil Aviation Organisation route for Biometric Machine Readable Travel Documents , then this will be incompatible with the US Biometric passport system, and not interoperable with any commercial Public Key Infrastructures such as might allow the use of these ID Cards by the commercial sector or e-government in general. This is because the ICAO rightly considers the problem of interoperability, cross domain certification and revocation as too complicated to work, and so they deliberatly are proposing a simplified Public Key Infrastructure to digitally sign their chosen Biometric specifically for Passports and Visas only.

It seems that the UK Government is rightly most impressed with Iris Scans as the most accurate Biometric, but that is not what ICAO standard passports will use, they will use a Digitised Photo, which may or may not include Facial Recognition, and which may or may not also have some kind of Fingerprint (one finger, or two or the full set of ten is unclear). The US Government is going for both index fingers Fingerprints and Facial Recognition.

Anybody with experience of large Government Information Technology projects will have already recognised the signs of an impending project disaster, from the taxpayers' point of view, or a massive Cost Plus cash cow, from the lucky IT contractors' viewpoint.

Those of us on the left have to face reality. If we stick our heads in the sand, the security and opportunity of biometric ID will only be available to the prosperous; those who can afford to travel will find it easier to protect their identity from abuse than the poor and marginalised. If you are already at the margins of society, reliant on the state, you will find it more difficult to vouch for your veracity when opening a bank account or registering at a GP. This is not an acceptable vision of the future for someone who believes in social justice.

So why is the Labour Government proposing what is in effect an ID Card Poll Tax, with all the extra cost and bureaucracy of yet more means tested discounts for the poor ? If this is such a vital and necessary part of our national defence infrastructure, why not pay for it out of central taxation and make it free issue to the people ?

I would prefer to live in a society based on trust. But trust has been abused - by the people traffickers and organised criminals who have done so much damage to the social fabric of our country. Faced with the reality of entitlement fraud, it is fairer to develop a universal way to demonstrate eligibility to services than to rely on a piecemeal approach. Yes, there are risks which we will need to work through. But these risks are no greater than the risks of prejudice and human error which already exist.

The intoduction of compulsory biometric ID cards would introduce additional risks on top of the existing ones.

By treating the majority of innocent people in the same way as serious criminals, by photgraphing them, taking their fingerprints, scanning their irises, centrally registering their names and addresses, the Government is changing the trust relationship between itself and the people.

It is good we are having a debate.

Except that you and your Government have not been listening and have abused the official "Entitlement Card" consultation process.

Despite good intentions we could get this wrong. The people who devised the Vagrancy Act had no idea that 150 years later it would be used to create the "sus" offence which brought so many young black men into conflict with the state. There will be no new powers for the police to demand ID cards and we will be working with the Commission for Racial Equality and others to make sure that it does not have an unfair impact on ethnic minorities.

So you are going to bring back discrimination against the 1 million or so Irish nationals living in the UK instead ? Or are there now to be border controls with Ireland ? Or will the British taxpayer end up paying for an Irish ID card system ?

The technology, the data protection and the way in which access to services is regulated will all need to be worked through. But politics is about taking judgments based on the world we live in, the problems that face it and the scientific advances which are coming. By embracing the need for universal ID cards now, we can safeguard liberty while ensuring the poor and excluded have their identities secured in the modern world.

That is why I have changed my mind and I hope other previously sceptical critics of ID cards will do so as well.

You will have to do a lot better than that in order to convince the neutrals, let alone the sceptics.

How about actually publishing the "pre zero" Office of Government Commerce Gateway Review of this ill-conceived ID Card plan ?

How exactly have the accountants and project managers from the OGC assessed the project risk and the financial implications when there has not been a public announcement of even which Biometric Identifier technologies these ID Cards are meant to use, either singly or in combination ? At the moment there is a vast range of possible levels of security and financial costs.

Where are the anticipated cost/benefit analyses ? What is the estimate of by how much illegal working would be reduced by the ID Card scheme ? How many terrorists will be caught per year by means of the ID card ?

? Fiona Mactaggart is minister for race equality, community policy and civil renewal

You are helping to build an infrastructure of repression which even if it is not abused by this Government, could be a rod for our own backs in the future, in exactly those areas over which you now have Ministerial responsability.

Given the blind faith in vague, undefined Biometric technology shown by Labour Government Ministers, Civil Servants and the Highgate/Islington media commentators, it would be interesting to discover who exactly has been spreading the poisonous meme that "Biometrics" are "unique" or "unforgeable". Perhaps the Freedom of Information Act when it comes into force in 2005 might shed some light on the behind the scenes lobbying which is obviously influencing them.

There are some important discrepancies between what the Home Office published in their documnent "Identity Cards The Next Steps".

It is not necessary to store an Address on a Biometric ID Card or on the central database. It would be evil to store anything in secret on the ID Card or central database, which does not correspond with what can be read from it without special equipment. Is the plan to force people to re-register their change of address and pay ?40 for a new card each time ? Identifying you as a person, with the right to live and work anywhere in the UK, does not require an address - that would help build the infrastructure for repression involving internal passports, no go areas, apartheid, ghettos etc.

and what the Home Secretary David Blunkett actually said on the floor of the House of Commons

Commons Hansard:
11 Nov 2003 : Column 172

Mr. Blunkett:
"Parliament would determine under strict criteria what identifiers were necessary on the chip contained in the card and, therefore, what should be held on the database itself. It would not be necessary, for instance, to hold the address of the individual on the face of the card, as with current driving licences, therefore reducing rather than increasing risk."

Identity Cards The Next Steps:
Page 12

"24. Data held on the National Identity Register will be basic identity information such as name, address, date of birth, gender, immigration status and a confirmed biometric and this will be set out in statute. Organisations using the National Register to verify identity will not be able to get to other personal information, for instance health or tax records, via the Register."

Commons Hansard:

11 Nov 2003 : Column 177 continued
Mr. Mark Oaten (Winchester):

"He has great faith in the use of biometrics, but can he confirm that he has no plans to introduce ID cards without biometrics?"

11 Nov 2003 : Column 178
Mr. Blunkett:

"No, we will not introduce non-biometric ID cards. That was what the hon. Gentleman asked me."

Identity Cards The Next Steps:
page 12

"21. For very frail and elderly citizens it would be possible to issue a non-biometric card (for instance those with severe learning disabilities who are in residential care or those over 80)."

ChildLocate upgrade to SSL/TLS encryption

| | Comments (1)

Response to email from Jon Magnusson, Managing Director, MobileLocate:

From: Jon Magnusson
To: <>
Subject: Your article
Date: Tue, 11 Nov 2003 10:33:18 +0100

Hi there,

A few points I would like to raise in response to your web article on

1 - We have implemented the strongest available encryption technology to secure all data transitions and communications via our network. This means that all communications with our customers are encrypted. For more info on our security set-up go to

This is welcome news, and we were astonished that MobileLocate did not launch the ChildLocate service with this SSL/TLS encryption from the customer's web browser to the Trackwell credit card and userid and password handling server, back on October 9th.

The previous Flash forms were served from:

Which did not then, and does not now, have a Digital Certificate installed. At least, as of Tuesday 11th November 2003, this URL links automatically to the same page as the current Flash form handling URL and which both now end up at:

This server (also still based in Iceland) does now have a Thawte Digital Certificate which allows for 128bit SSL/TLS encryption:

Valid from: 05 November 2003 15:13:57
Valid to: 04 November 2004 15:13:57
CN =
O = Track Well Software hf
L = Reykjavik
S = Reykjavik
C = IS

However, SSL/TLS encryption on its own still does not mean that the back end systems are secure. There are many cases of vulnerabilities to SQL injection attacks, default database passwords, vulnerable default stored procedures etc. Even "Unbreakable" Oracle database systems are plagued with security holes c.f.

2 - All our customer records are stored in in accordance with the UK Data Protection Act 1998 Notification Registration Number: PZ8277048. The Data Protection Act covers all countries within the EU and the EEA.

Again, this is welcome news, however, there is still no mention of this on the Data Protection Register for the public to see at the moment.

Perhaps MobileLocate could publish a copy of what will, hopefully eventually appear on the DPR.

3 - I very much disagree with you that the use of our service can be "life threatening". The notification features in place make sure that the person being tracked is made aware about the service and he or she is in full control over his or her privacy. Here is a list of privacy control commands available on a mobile phone:

The ChildLocate service is a very tempting target for child molesters, spouses involved in child custody battles, abusive husbands whose women and children try to flee from to battered wives' hostels, celebrity stalkers, paparazzi, criminal kidnappers, terrorists etc.

The full comment still seems fair:

"The consequences of a breach in security of such a website could be literally life threatening."

There have already been cases in the UK of stalkers compromising Mobile phone SMS messages, with the help of "insiders" working at a mobile phone company c.f.

SMS messages are inherently insecure and can be easily forged. This is not much of a risk to the revenue of Mobile Phone companies, as forged messages still have to be paid for, but it is too risky to rely on SMS messages and simple passwords on their own as strong authentication. There is a whole m-commerce industry using WAP, WTLS etc. which tries to answer some of these problems for the m-commerce and financial industries, and one would have expected that what is considered to be essential to secure mere credit card payments etc. would also be used to protect Children's personal details and the "trusted" messaging system that ChildLocate offers.

4 - The ChildLocate service is regulated by a Privacy Management Code of Practice that has been approved by the 4 major UK mobile operators and is the basis for the regulation of location based services using GSM in the UK. This document took takes into account various stakeholders interest into account and took over 1 year to create so there isn't like the operators have just jumped at the bandwagon in order to cash in on location based services. As a result of their concerns, the mobile operators have for example not agreed on allowing "buddy tracking" services on their networks, however lucrative that market might seem.

The most important "stakeholders" are the mobile phone customers. The public would be very interested to read this "Privacy Management Code of Practice" which does not appear on either the Oftel, Vodafone, Orange, O2 or T-Mobile websites. Perhaps MobileLocate will publish a copy on their website ?

5 - The operation of the ChildLocate service does not require us to check staffs background via the Criminal Records Bureau. However, access to personal data is restricted on three levels, depending on the role of the person involved, to only a handful of trusted staff and all access to customers for technical support purposes is only accessed by staff directly employed by MobileLocate Ltd.

It can be argued that you are operating a "child care organisation" which "supervises" children, and therefore come under the Protection of Children Act 1999. Given the service that you are selling, it is in your commercial interest to ensure that you are seen to be at least as responsible an employer as your local school or volunteer scout and guide association.

I hope the above is in some way an answer to your concerns and I hope that you will reflect these information in your web text as soon as possible, whereas the current article does not reflect correctly on the security measures we have taken to ensure the safety of our ChildLocate service.

Best regards,

Jon Magnusson

Managing Director
MobileLocate Ltd

Some of our concerns have been answered, but we shall be closely watching future developments regarding the commercial exploitation of Location Services, especially those aimed at monitoring children or vulnerable adults.

On Tuesday 11th November 2003, the Home Secretary David Blunkett made a statement to the Hoouse of Commons about his ID card plans and has published a document called Identity Cards, the Next Steps (.pdf)

Home Office Press release

The Labour Government seems set on having a Biometric ID Card Poll Tax, but is trying to avoid opposition to Compulsion by pretending that they
will not make the final decision on this until 2007 or so.

On the floor of the House, Blunkett said that there would be no non-biometric ID card, although his document does actually suggest that there could
be such a card for the very frail, elderly or infirm.

None of the questions about Biometric Identifiers have been answered in these statements, there is the usual waffle about fingherprints, irsises, and facial recognition, but no actual decision as to which single Biometric or combinition of Biometrics they are actually advocating. How can they possibly guess about the security or cost of the proposed system when they still have not made a clear choice about the technology to be used ?

There is still no mention of Public Key Infrastructure, so we must assume that these ID cards will be incompatible with standard Digital Certificates, thereby making them usless for Internet accessible Government or commercial services.

RFID tags in shampoo bottle tops

| | Comments (2)

The secret consumer level item testing of RFID tags in Max Factor Lipsticks, by WalMart and Proctor & Gamble in the USA, despite their press statements that they had restricted their trials of the technology to backroom and warehouse operations, is interesting.

Chicago Sun-Times report:

It seems that, just as with the Tesco Cambridge (UK) RFID trial using Gillette razorblades, the temptation to monitor the public guinea pigs in secret by means of remote CCTV was too great to resist.

CASPIAN press release:

The example of an RFID tag embedded in the plastic cap of a Proctor & Gamble Pantene brand shampoo bottle, rather than in an external paper label, shows how, for many consumer items, it will be impractical to physically remove such RFID tags without damaging or spoiling the product itself.

BBC Breakfast with Frost Sunday November 9th 2003

The transcript of the interview with Sir John Stevens, the head of the Metropolitan Police covers at least two controversial issues, the secret passive millimetre wave radar "see under your clothes" scanner and his call for compulsory biometric ID cards, now, for stop and search purposes, ahead of the Government's delayed timetable, and with no concern for the cost or practicality.

DAVID FROST: Well, as we mentioned, the Metropolitan Commissioner for Police, Sir John Stevens, known as Britain's top cop - a good phrase isn't it, really - is with us this morning, and welcome John.

JOHN STEVENS: Thank you.

DAVID FROST: Can I start with this weekend's news, front page of The Times yesterday, the news of this awesome new scanner in order to fight those people who are armed with either guns or other weapons. How does that work?

JOHN STEVENS: Well we have tried to make use of all the technology that's around and it will involve a quantum leap in terms of how we tackle this type of crime. It's bringing together some of the techniques we've been using in anti-terrorism, also linking in with some of the techniques used to search people at airports and we hope to be using that before Christmas or in the new year.

DAVID FROST: Before Christmas or in the new year. Was it, was it inspired by James Bond? Two, two James Bond movies ago there was a device like this.

JOHN STEVENS: No, David, it wasn't. It was, it's actually a gradual work up of some of the techniques we've been using specifically in the anti-terrorist world.

DAVID FROST: And what about the people who say well, you know, basically if a, if a peeping tom or someone gets hold of this machine they can strip any girl naked as she's walking down the street, as it were, with the machine. How do you guard against that sort of thing?

JOHN STEVENS: Well it doesn't actually work that way but we do, must make sure that there are safeguards in relation to how we use it.

Even it it is only used at airports, the current technology could well be illegal
to use to "see under the clothes" of children, as this constitututes making and distributing "child porn" images, without exception (stupid, perhaps, but that is the law).

Given that male and female genitalia are visible with these "see under your clothes" scanners, even the new offence of Voyeurism under the Sexual Offences Bill could easily apply.

How can this technology be classified as anything other than intrusive surveillance which should require specific , warranted permission under the Regulation of Investigatory Powers Act, and should not be used for mass surveillance.

Why didn't Frost ask him about the alleged secret trials of this system on the streets of London ? Does Sir John take personal responsibility for this apparent example of intrusive mass surveillance ?

What are the health risks of this Millimetre Wave Radar ?

The use of technology actually has been advancing and when we come to ID cards, which is something I was ambivalent about five years ago but very much in favour now, the technology in relation to that will allow us to use identification cards in a way that we have never envisaged before.

DAVID FROST: Well that's exactly what I wanted to talk about second, so you're spot on there. And in fact, while we're on the how it works bit, I mean people think it's going to be more complicated obviously than a credit card, some people say well we've got passports why do we need this, but is it because of all the extra devices, the retinal spotting and so on? What is, what is the way to make an ID card, a compulsory ID card, work?

JOHN STEVENS: Well there are two reasons for it. We have been picking up people, terrorists and also organised crime individuals, who have got identification on them which is as good as the identification you or I carry - we've got a problem in relation to that.

The new biometric type of advances which have been made which allow us to use fingerprints, allows us to use eye identification, give us a certain amount of certainty in terms of identification. It is absolutely essential, in the modern world, the dangerous world we live in, that we have proper means of identification.

It is very possible to forge Biometric Identifiers, and it is certainly possible to obtain documents with genuine Biometric Identifiers which still do not truthfully identify the person.

DAVID FROST: And what about people who say well that's all right, sure just for illegal immigrants that's fine, or whatever, or people coming into the country and trying to disappear when they get here, but why do all the rest of us need it?

JOHN STEVENS: Well I think a certain amount of certainty about identification is needed because when police stop and search people, of course some difficulties can arise if there's some difficulty in actually identifying people. But if you've got a means of identifying people with reasonable certainty - which this is - then I think that's what we should be using.

Not even David Blunkett's Home Office consultation paper thought that having to carry the ID Card for the benefit of Police stop and searches was a good idea. The "sus" law abuses would inevitably return, given the admitted racial discrimination problems which are acknowledged in other parts of this interview.

DAVID FROST: And will it, will it have a significant effect in helping you in the war against terror?

JOHN STEVENS: We have absolutely no doubt it will. One of the main aspects of it which must take place is as the technology is used we keep ahead of the criminal, so you'd need a technical unit to make sure the criminals, when it is being used, don't get ahead of the game in relation to that as well. We can do that and should do it.

DAVID FROST: What's the realistic timetable, there may be draft legislation in the Queen's Speech and so on, that's obviously, we haven't seen that yet, but I mean how long will it take to introduce this to the whole population?

JOHN STEVENS: Well some time. But for us in the police -

DAVID FROST: Years, though, will it?

JOHN STEVENS: Well we hope not, what we'd like to see is it brought in quite quickly. I think you could incorporate it in driving licence identification and some of the identification we all carry as a matter of course. So the sooner it's brought in for us, being somewhat selfish in terms of the public safety, the sooner it's brought in the better.

Do the maths Sir John and Sir David - if you want to register the population of 60 million with Biometric Identifiers (which means no postal applications like for Passports or Driving Licences will be possible, you will have to queue up at a Government office) in one year you would need to create a system capable of handling 500 correct registrations per second for every second during the working year.

No Government IT system has ever approached this level of performance, so it could easily take 10 or more years simply to register the population for their first ID Card, by which time a good proportion of them would already have expired and have to be re-issued.

DAVID FROST: And it will cost about, cost each of us, leaving aside the old and those who are below a certain threshold, financial threshold, the rest of us will pay ?39 it's estimated.

JOHN STEVENS: Well I think the cost of it is still being organised. I mean one of the reasons I think why there's been a certain amount of reticence about bringing it in is the cost. But for me, as a police officer, and for us as the police service, we know the benefits it can bring.

If ID Cards are really such a vital and useful crime fighting or anti-terrorist tool, then they should be funded out of the anti-crime and anti-terrorism police budgets, and the public should not have to pay an ID Card Poll Tax.

Or could it be that the Police and Police Authorities might actually find far better and more effective uses for the billions of pounds that ID Cards would cost?

The Times reports the trials of a

Secret scanner to trap armed criminals

Passive millimetre wave radar imaging has been under development for the miltary for many years, and now seems to be expanding into the civilian police surveillance market.

It is astonishing that, apparently

"The existence of the scanner has been kept secret within Scotland Yard and only a few senior officers know of the project. Sir John and other commanders were given laboratory demonstrations this year.

A large version has already been tested on the London streets, from the back of a converted van"

Who gave permission for this military technology to be used on unsuspecting civilians ? Have these trials been licenced by the Radiocommunications Agency ? Could there be interference with the existing satellite, radio astronomy and radioloction frequency allocations in these frequency bands ?

Does this system seek to extend the range of the technology by illuminating the targets with powerful millimetre wave radiation source or is it restricted to just the low level of natural background radiation ? The images on the Qinetiq website show that the system works by having both a source of millimetere waves and a detector (look at the shadows of the feet in the images, the shadow is pointing in a different direction from that caused by sunlight)

How is this technology meant to work at night or indoors away from natural sunlight ?

Perhaps natural "black body" radiation (emitted from a warm human body can be used very close up, but this is subject to a very rapid drop off with distance in the detectable strength governed by the the well known fundamental laws of physics used in astronomy and engineering.

Exactly how powerful are the 30GHz to 90GHz millimetre wave radar transmitters ?

Who says that millimetre wave radar is "harmless" and can they actually prove this ?

What are the potential health risks to the operators and to the public ?
Where are the studies to ensure the safety of the public being irradiated with signals in this part of the electromagentic spectrum ?

The precautionary principle of safety should apply i.e. even if there have been no instant fatal casualties, that is no reason to permit the use of this technology to indiscriminantly scan the public.

The powerful argument can also be made that secret scanning of the public with a technology which can see under people's clothes is immoral and constitutes an illegal search e.g.

Qinetiq Millimetre Wave Radar

It is unfortunate that Liberty seem to have been coaxed into a statement which does not object to the secret deployment of this military technology against innocent civilians:

Civil liberties groups in the United States have complained about the technology and yesterday Liberty, the British civil liberties group, cautioned that it would have to be used with strict controls.

Liberty said: �It�s a question of responsible use. We can�t object to technology which helps to protect police and the public. The danger is technology of this sort has a potential for obvious misuse. It might be used for pure titilation.�

Based on how CCTV Surveillance cameras are used, especially hidden ones or ones which zoom in beyond normal human visual range, or which see in the dark, there is no question that such "see under your clothes" scanners will be abused

The question of wether such "see under your clothes" scanners, especially if they are used covertly in the street etc, create "obscene photos or images" i.e. illegal child porn also needs to be decided.

Adult genetalia can, apparently be made visible. The new offence of Voyeurism under the Sexual Offences Bill currently going through Parliament could also be relevant.

Cabinet dither over ID Cards


The Prime Minister's Official Spokesman's Official Press Briefing tries to spin the line that the Cabinet is unified over the issue of ID Cards.

"In principle, Cabinet believes that a national ID card scheme could bring major benefits. In practice, given the size and complexity of the scheme, a number of issues will need to be resolved over the years ahead.

So we intend to proceed, by incremental steps, to build a base for a compulsory national ID card scheme, with a final decision to proceed to a compulsory card later, when the conditions for moving to a compulsory card are met.

We will legislate to enable the scheme to be introduced, and plan on the basis that all the practical problems can be overcome. But we will reserve the final decision on a move to compulsion until later this decade."

We await the more detailed statement to Parliament by the Home Secretary.

We hope that the Joint Committee on the Draft Civil Contingencies Bill of Parliament which is due to report by the 30th of November questions our UK Civil Contingencies Secretariat on wether a UK version of the the USA civil defence exercise Topoff2 held in May would be as shambolic.

FEMA Points To Flaws, Flubs In Terror Drill

"When Washington unleashed 8,000 emergency workers, federal agents and scientists on Chicago and Seattle in May to conduct the largest mock terrorist attack ever organized, officials expected some gaps in America's emergency-response capabilities.

Turns out those gaps are more like craters."

"According to the FEMA internal report, at some point during the simulated radiological dirty-bomb attack in Seattle and bioterror strike in Chicago, medical-emergency teams couldn't get vital equipment such as ventilators because no one knew which federal agency was responsible for them. In other cases, officials deployed equipment and personnel without telling anyone in charge.

Federal agents did not pass on vital intelligence because the intended recipients didn't have security clearances or secure telephone lines. And almost no one understood the Department of Homeland Security's color-coded threat-warning system. "Throughout the first two days of the exercise, disagreement (and confusion) resulted between local, state and federal agencies over whether DHS has implemented 'Orange' or 'Red,' and whether the level was applicable nationally or locally," the report said. "

"What makes the criticism of the exercise particularly worrying for emergency-response experts is that it was one of the most heavily scripted drills ever staged."

"After seeing the Topoff2 analysis, James Lee Witt, the respected former head of FEMA, expressed concern. "It's my experience that any time you add more layers of bureaucrats into emergency plans, it's a hindrance," he said"

We did send our own UK observers to the Topoff2 exercise didn't we ? We do have access to the USA Topoff2 analysis report don't we ? Or does the USA/UK "special relationship" no longer stretch this far ?

Why is it that the Civil Contingencies Secretariat 's UK Resilience website, which is meant to be a central resource for UK Emergency planners and the public, has no mention of Topoff2 at all ?

Remember that a Regional disaster or Emergency in the USA would be a National Emergency here in the UK due to the smaller size of the country.

The recent Bank Underground Station exercise was obviously a much smaller scale affair than Topoff2, and that seemed to be fairly unrealistic and heavily scripted as well.

Does this mean that the actual threshold for declaring Emergency Powers and suspending most of our civil liberties is actually, in practice relatively low, not due to the actual scale of a natural or terrorist disaster, but simply due to the scale of a diasater that the bureaucracy can handle comfortably ?

If there were say 3 Bank Tube exercise scenariios in play at the same time, which would not actually devastate London, would Emergency Powers be declared because of the panic and misinformation and unclear chains of command and information hoarding which seems to be the normal mode of response by inadequately trained and underfunded Emergency Services and Civil Servants and Politicians ?

We have severe doubts about the Draft Civil Contingencies Bill

UK CCTV Map project


The new MySociety website has inspired an appeal for help with a UK CCTV Map project.

If this gets underway, there is even a chance of some charitable financial support.

If there were proper UK Government Regulation of Closed Circuit TeleVision (CCTV) Surveillance cameras etc, then there would not be a need for this grassroots project, which would promote the proper, controlled use of CCTV and could prevent some of the abuses and save some of the public money which badly run schemes waste.

About this blog

This United Kingdom based blog attempts to draw public attention to, and comments on, some of the current trends in ever cheaper and more widespread surveillance technology being deployed to satisfy the rapacious demand by state and corporate bureaucracies and criminals for your private details, and the technological ignorance of our politicians and civil servants who frame our legal systems.

The hope is that you the readers, will help to insist that strong safeguards for the privacy of the individual are implemented, especially in these times of increased alert over possible terrorist or criminal activity. If the systems which should help to protect us can be easily abused to supress our freedoms, then the terrorists will have won.

We know that there are decent, honest, trustworthy individual politicians, civil servants, law enforcement, intelligence agency personnel and broadcast, print and internet journalists etc., who often feel powerless or trapped in the system. They need the assistance of external, detailed, informed, public scrutiny to help them to resist deliberate or unthinking policies, which erode our freedoms and liberties.

Email & PGP Contact

Please feel free to email your views about this blog, or news about the issues it tries to comment on.


Our PGP public encryption key is available for those correspondents who wish to send us news or information in confidence, and also for those of you who value your privacy, even if you have got nothing to hide.

We wiil use this verifiable public key (the ID is available on several keyservers, twitter etc.) to establish initial contact with whistleblowers and other confidential sources, but will then try to establish other secure, anonymous communications channels, as appropriate.

Current PGP Key ID: 0x1DBD6A9F0FACAD30 which will expire on 29th August 2021.

You can download a free copy of the PGP encryption software from
(available for most of the common computer operating systems, and also in various Open Source versions like GPG)

We look forward to the day when UK Government Legislation, Press Releases and Emails etc. are Digitally Signed so that we can be assured that they are not fakes. Trusting that the digitally signed content makes any sense, is another matter entirely.

Hints and Tips for Whistleblowers and Political Dissidents

Please take the appropriate precautions if you are planning to blow the whistle on shadowy and powerful people in Government or commerce, and their dubious policies. The mainstream media and bloggers also need to take simple precautions to help preserve the anonymity of their sources e.g. see Spy Blog's Hints and Tips for Whistleblowers - or use this easier to remember link:

BlogSafer - wiki with multilingual guides to anonymous blogging

Digital Security & Privacy for Human Rights Defenders manual, by Irish NGO Frontline Defenders.

Everyone’s Guide to By-Passing Internet Censorship for Citizens Worldwide (.pdf - 31 pages), by the Citizenlab at the University of Toronto.

Handbook for Bloggers and Cyber-Dissidents - March 2008 version - (2.2 Mb - 80 pages .pdf) by Reporters Without Borders

Reporters Guide to Covering the Beijing Olympics by Human Rights Watch.

A Practical Security Handbook for Activists and Campaigns (v 2.6) (.doc - 62 pages), by experienced UK direct action political activists

Anonymous Blogging with Wordpress & Tor - useful step by step guide with software configuration screenshots by Ethan Zuckerman at Global Voices Advocacy. (updated March 10th 2009 with the latest Tor / Vidalia bundle details)


Watching Them, Watching Us

London 2600

Our UK Freedom of Information Act request tracking blog - ethical and technical discussion about the project for anonymous mass leaking of documents etc.

Privacy and Security

Privacy International
United Kingdom Privacy Profile (2011)

Cryptome - censored or leaked government documents etc.

Identity Project report by the London School of Economics
Surveillance & Society the fully peer-reviewed transdisciplinary online surveillance studies journal

Statewatch - monitoring the state and civil liberties in the European Union

The Policy Laundering Project - attempts by Governments to pretend their repressive surveillance systems, have to be introduced to comply with international agreements, which they themselves have pushed for in the first place

International Campaign Against Mass Surveillance

ARCH Action Rights for Children in Education - worried about the planned Children's Bill Database, Connexions Card, fingerprinting of children, CCTV spy cameras in schools etc.

Foundation for Information Policy Research
UK Crypto - UK Cryptography Policy Discussion Group email list

Technical Advisory Board on internet and telecomms interception under RIPA

European Digital Rights

Open Rights Group - a UK version of the Electronic Frontier Foundation, a clearinghouse to raise digital rights and civil liberties issues with the media and to influence Governments.

Digital Rights Ireland - legal case against mandatory EU Comms Data Retention etc.

Blindside - "What’s going to go wrong in our e-enabled world? " blog and wiki and Quarterly Report will supposedly be read by the Cabinet Office Central Sponsor for Information Assurance. Whether the rest of the Government bureaucracy and the Politicians actually listen to the CSIA, is another matter.

Biometrics in schools - 'A concerned parent who doesn't want her children to live in "1984" type society.'

Human Rights

Liberty Human Rights campaigners

British Institute of Human Rights
Amnesty International

Prevent Genocide International

asboconcern - campaign for reform of Anti-Social Behavior Orders

Front Line Defenders - Irish charity - Defenders of Human Rights Defenders

Internet Censorship

OpenNet Initiative - researches and measures the extent of actual state level censorship of the internet. Features a blocked web URL checker and censorship map.

Committee to Protect Bloggers - "devoted to the protection of bloggers worldwide with a focus on highlighting the plight of bloggers threatened and imprisoned by their government."

Reporters without Borders internet section - news of internet related censorship and repression of journalists, bloggers and dissidents etc.

Judicial Links

British and Irish Legal Information Institute - publishes the full text of major case Judgments

Her Majesty's Courts Service - publishes forthcoming High Court etc. cases (but only in the next few days !)

House of Lords - The Law Lords are currently the supreme court in the UK - will be moved to the new Supreme Court in October 2009.

Information Tribunal - deals with appeals under FOIA, DPA both for and against the Information Commissioner

Investigatory Powers Tribunal - deals with complaints about interception and snooping under RIPA - has almost never ruled in favour of a complainant.

Parliamentary Opposition

The incompetent yet authoritarian Labour party have not apologised for their time in Government. They are still not providing any proper Opposition to the current Conservative - Liberal Democrat coalition government, on any freedom or civil liberties or privacy or surveillance issues.

UK Government

Home Office - "Not fit for purpose. It is inadequate in terms of its scope, it is inadequate in terms of its information technology, leadership, management systems and processes" - Home Secretary John Reid. 23rd May 2006. Not quite the fount of all evil legislation in the UK, but close.

No. 10 Downing Street Prime Minister's Official Spindoctors

Public Bills before Parliament

United Kingdom Parliament
Home Affairs Committee of the House of Commons.

House of Commons "Question Book"

UK Statute Law Database - is the official revised edition of the primary legislation of the United Kingdom made available online, but it is not yet up to date.

FaxYourMP - identify and then fax your Member of Parliament
WriteToThem - identify and then contact your Local Councillors, members of devolved assemblies, Member of Parliament, Members of the European Parliament etc.
They Work For You - House of Commons Hansard made more accessible ? UK Members of the European Parliament

Read The Bills Act - USA proposal to force politicians to actually read the legislation that they are voting for, something which is badly needed in the UK Parliament.

Bichard Inquiry delving into criminal records and "soft intelligence" policies highlighted by the Soham murders. (taken offline by the Home Office)

ACPO - Association of Chief Police Officers - England, Wales and Northern Ireland
ACPOS Association of Chief Police Officers in Scotland

Online Media

Boing Boing

Need To Know [now defunct]

The Register

NewsNow Encryption and Security aggregate news feed
KableNet - UK Government IT project news - UK eGovernment and public sector IT news
eGov Monitor

Ideal Government - debate about UK eGovernment

NIR and ID cards

Stand - email and fax campaign on ID Cards etc. [Now defunct]. The people who supported have gone on to set up other online tools like The Government's contemptuous dismissal of over 5,000 individual responses via the website to the Home Office public consultation on Entitlement Cards is one of the factors which later led directly to the formation of the the NO2ID Campaign who have been marshalling cross party opposition to Labour's dreadful National Identity Register compulsory centralised national biometric database and ID Card plans, at the expense of simpler, cheaper, less repressive, more effective, nore secure and more privacy friendly alternative identity schemes.

NO2ID - opposition to the Home Office's Compulsory Biometric ID Card
NO2ID bulletin board discussion forum

Home Office Identity Cards website
No compulsory national Identity Cards (ID Cards) BBC iCan campaign site
UK ID Cards blog
NO2ID press clippings blog
CASNIC - Campaign to STOP the National Identity Card.
Defy-ID active meetings and protests in Glasgow - New Alliance's ID Cards page - total rejection of any UK ID Card

International Civil Aviation Organisation - Machine Readable Travel Documents standards for Biometric Passports etc.
Anti National ID Japan - controversial and insecure Jukinet National ID registry in Japan
UK Biometrics Working Group run by CESG/GCHQ experts etc. the UK Government on Biometrics issues feasability
Citizen Information Project feasability study population register plans by the Treasury and Office of National Statistics - comments and links to each paragraph of the Home Office's "Strategic Action Plan for the National Identity Scheme".

De-Materialised ID - "The voluntary alternative to material ID cards, A Proposal by David Moss of Business Consultancy Services Ltd (BCSL)" - well researched analysis of the current Home Office scheme, and a potentially viable alternative.

Surveillance Infrastructures

National Roads Telecommunications Services project - infrastruture for various mass surveillance systems, CCTV, ANPR, PMMR imaging etc.

CameraWatch - independent UK CCTV industry lobby group - like us, they also want more regulation of CCTV surveillance systems.

Every Step You Take a documentary about CCTV surveillance in the Uk by Austrian film maker Nino Leitner.

Transport for London an attempt at a technological panopticon - London Congestion Charge, London Low-Emission Zone, Automatic Number Plate Recognition cameras, tens of thousands of CCTV cameras on buses, thousands of CCTV cameras on London Underground, realtime road traffic CCTV, Iyster smart cards - all handed over to the Metropolitan Police for "national security" purposes, in real time, in bulk, without any public accountibility, for secret data mining, exempt from even the usual weak protections of the Data Protection Act 1998.

RFID Links

RFID tag privacy concerns - our own original article updated with photos

NoTags - campaign against individual item RFID tags
Position Statement on the Use of RFID on Consumer Products has been endorsed by a large number of privacy and human rights organisations.
RFID Privacy Happenings at MIT
Surpriv: RFID Surveillance and Privacy
RFID Scanner blog
RFID Gazette
The Sorting Door Project blog - where we sometimes crosspost RFID articles

Genetic Links

DNA Profiles - analysis by Paul Nutteing
GeneWatch UK monitors genetic privacy and other issues
Postnote February 2006 Number 258 - National DNA Database (.pdf) - Parliamentary Office of Science and Technology

The National DNA Database Annual Report 2004/5 (.pdf) - published by the NDNAD Board and ACPO.

Eeclaim Your DNA from Britain's National DNA Database - model letters and advice on how to have your DNA samples and profiles removed from the National DNA Database,in spite of all of the nureacratic obstacles which try to prevent this, even if you are innocent.

Miscellanous Links

Michael Field - Pacific Island news - no longer a paradise - John Gilmore versus USA internal flight passports and passenger profiling etc.

The BUPA Seven - whistleblowers badly let down by the system.

Tax Credit Overpayment - the near suicidal despair inflicted on poor, vulnerable people by the then Chancellor Gordon Brown's disasterous Inland Revenue IT system.

Fassit UK - resources and help for those abused by the Social Services Childrens Care bureaucracy

Former Spies

MI6 v Tomlinson - Richard Tomlinson - still being harassed by his former employer MI6

Martin Ingram, Welcome To The Dark Side - former British Army Intelligence operative in Northern Ireland.

Operation Billiards - Mitrokhin or Oshchenko ? Michael John Smith - seeking to overturn his Official Secrets Act conviction in the GEC case.

The Dirty Secrets of MI5 & MI6 - Tony Holland, Michael John Smith and John Symond - stories and chronologies.

Naked Spygirl - Olivia Frank

Blog Links blog - Comments on IT security and Privacy or the lack thereof.
Rat's Blog -The Reverend Rat writes about London street life and technology
Duncan Drury - wired adventures in Tanzania & London
Dr. K's blog - Hacker, Author, Musician, Philosopher

David Mery - falsely arrested on the London Tube - you could be next.

James Hammerton
White Rose - a thorn in the side of Big Brother
Big Blunkett
Into The Machine - formerly "David Blunkett is an Arse" by Charlie Williams and Scribe
infinite ideas machine - Phil Booth
Louise Ferguson - City of Bits
Chris Lightfoot
Oblomovka - Danny O'Brien

Liberty Central

dropsafe - Alec Muffett
The Identity Corner - Stefan Brands
Kim Cameron - Microsoft's Identity Architect
Schneier on Security - Bruce Schneier
Politics of Privacy Blog - Andreas Busch
solarider blog

Richard Allan - former Liberal Democrat MP for Sheffield Hallam
Boris Johnson Conservative MP for Henley
Craig Murray - former UK Ambassador to Uzbekistan, "outsourced torture" whistleblower

Howard Rheingold - SmartMobs
Global Guerrillas - John Robb
Roland Piquepaille's Technology Trends

Vmyths - debunking computer security hype

Nick Leaton - Random Ramblings
The Periscope - Companion weblog to journalist network.
The Practical Nomad Blog Edward Hasbrouck on Privacy and Travel
Policeman's Blog
World Weary Detective

Martin Stabe
B2fxxx - Ray Corrigan
Matt Sellers
Grits for Breakfast - Scott Henson in Texas
The Green Ribbon - Tom Griffin
Guido Fawkes blog - Parliamentary plots, rumours and conspiracy.
The Last Ditch - Tom Paine
The (e)State of Tim - Tim Hicks
Ilkley Against CCTV
Tim Worstall
Bill's Comment Page - Bill Cameron
The Society of Qualified Archivists
The Streeb-Greebling Diaries - Bob Mottram

Your Right To Know - Heather Brooke - Freedom off Information campaigning journalist

Ministry of Truth _ Unity's V for Vendetta styled blog.

Bloggerheads - Tim Ireland

W. David Stephenson blogs on homeland security et al.
EUrophobia - Nosemonkey

Blogzilla - Ian Brown

BlairWatch - Chronicling the demise of the New Labour Project

dreamfish - Robert Longstaff

Informaticopia - Rod Ward


The Musings of Harry

Chicken Yoghurt - Justin McKeating

The Red Tape Chronicles - Bob Sullivan MSNBC

Campaign Against the Legislative and Regulatory Reform Bill

Stop the Legislative and Regulatory Reform Bill

Rob Wilton's esoterica

panGloss - Innovation, Technology and the Law

Arch Rights - Action on Rights for Children blog

Database Masterclass - frequently asked questions and answers about the several centralised national databases of children in the UK.


Moving On

Steve Moxon blog - former Home Office whistleblower and author.

Al-Muhajabah's Sundries - anglophile blog

Architectures of Control in Design - Dan Lockton

rabenhorst - Kai Billen (mostly in German)

Nearly Perfect Privacy - Tiffany and Morpheus

Iain Dale's Diary - a popular Conservative political blog

Brit Watch - Public Surveillance in the UK - Web - Email - Databases - CCTV - Telephony - RFID - Banking - DNA

BLOGDIAL - smart mobile phone forensics, information security, computer security and digital forensics by a couple of Australian researchers

Ralph Bendrath

Financial Cryptography - Ian Grigg et al.

UK Liberty - A blog on issues relating to liberty in the UK

Big Brother State - "a small act of resistance" to the "sustained and systematic attack on our personal freedom, privacy and legal system"

HosReport - "Crisis. Conspiraciones. Enigmas. Conflictos. Espionaje." - Carlos Eduardo Hos (in Spanish)

"Give 'em hell Pike!" - Frank Fisher

Corruption-free Anguilla - Good Governance and Corruption in Public Office Issues in the British Overseas Territory of Anguilla in the West Indies - Don Mitchell CBE QC

geeklawyer - intellectual property, civil liberties and the legal system

PJC Journal - I am not a number, I am a free Man - The Prisoner

Charlie's Diary - Charlie Stross

The Caucus House - blog of the Chicago International Model United Nations

Famous for 15 Megapixels

Postman Patel

The 4th Bomb: Tavistock Sq Daniel's 7:7 Revelations - Daniel Obachike

OurKingdom - part of OpenDemocracy - " will discuss Britain’s nations, institutions, constitution, administration, liberties, justice, peoples and media and their principles, identity and character"

Beau Bo D'Or blog by an increasingly famous digital political cartoonist.

Between Both Worlds - "Thoughts & Ideas that Reflect the Concerns of Our Conscious Evolution" - Kingsley Dennis

Bloggerheads: The Alisher Usmanov Affair - the rich Uzbek businessman and his shyster lawyers Schillings really made a huge counterproductive error in trying to censor the blogs of Tim Ireland, of all people.

Matt Wardman political blog analysis

Henry Porter on Liberty - a leading mainstream media commentator and opinion former who is doing more than most to help preserve our freedom and liberty.

HMRC is shite - "dedicated to the taxpayers of Britain, and the employees of the HMRC, who have to endure the monumental shambles that is Her Majesty's Revenue and Customs (HMRC)."

Head of Legal - Carl Gardner a former legal advisor to the Government

The Landed Underclass - Voice of the Banana Republic of Great Britain

Henrik Alexandersson - Swedish blogger threatened with censorship by the Försvarets Radioanstalt (FRA), the Swedish National Defence Radio Establishement, their equivalent of the UK GCHQ or the US NSA.

World's First Fascist Democracy - blog with link to a Google map - "This map is an attempt to take a UK wide, geographical view, of both the public and the personal effect of State sponsored fear and distrust as seen through the twisted technological lens of petty officials and would be bureaucrats nationwide."

Blogoir - Charles Crawford - former UK Ambassodor to Poland etc.

No CCTV - The Campaign against CCTV

Barcode Nation - keeping two eyes on the database state.

Lords of the Blog - group blog by half a dozen or so Peers sitting in the House of Lords.

notes from the ubiquitous surveillance society - blog by Dr. David Murakami Wood, editor of the online academic journal Surveillance and Society

Justin Wylie's political blog

Panopticon blog - by Timothy Pitt-Payne and Anya Proops. Timothy Pitt-Payne is probably the leading legal expert on the UK's Freedom of Information Act law, often appearing on behlaf of the Information Commissioner's Office at the Information Tribunal.

Armed and Dangerous - Sex, software, politics, and firearms. Life’s simple pleasures… - by Open Source Software advocate Eric S. Raymond.

Georgetown Security Law Brief - group blog by the Georgetown Law Center on National Security and the Law , at Georgtown University, Washington D.C, USA.

Big Brother Watch - well connected with the mainstream media, this is a campaign blog by the TaxPayersAlliance, which thankfully does not seem to have spawned Yet Another Campaign Organisation as many Civil Liberties groups had feared.

Spy on Moseley - "Sparkbrook, Springfield, Washwood Heath and Bordesley Green. An MI5 Intelligence-gathering operation to spy on Muslim communities in Birmingham is taking liberties in every sense" - about 150 ANPR CCTV cameras funded by Home Office via the secretive Terrorism and Allied Matters (TAM) section of ACPO.

FitWatch blog - keeps an eye on the activities of some of the controversial Police Forward Intelligence Teams, who supposedly only target "known troublemakers" for photo and video surveillance, at otherwise legal, peaceful protests and demonstrations.

Other Links

Spam Huntress - The Norwegian Spam Huntress - Ann Elisabeth

Fuel Crisis Blog - Petrol over £1 per litre ! Protest !
Mayor of London Blog
London Olympics 2012 - NO !!!!

Cool Britannia


Free Gary McKinnon - UK citizen facing extradition to the USA for "hacking" over 90 US Military computer systems.

Parliament Protest - information and discussion on peaceful resistance to the arbitrary curtailment of freedom of assembly and freedom of speech, in the excessive Serious Organised Crime and Police Act 2005 Designated Area around Parliament Square in London.

Brian Burnell's British / US nuclear weapons history at

Syndicate this site (XML):

Follow Spy Blog on Twitter

For those of you who find it convenient, there is now a Twitter feed to alert you to new Spy Blog postings.

Please bear in mind the many recent, serious security vulnerabilities which have compromised the Twitter infrastructure and many user accounts, and Twitter's inevitable plans to make money out of you somehow, probably by selling your Communications Traffic Data to commercial and government interests. (same window)

Recent Comments

  • wtwu: NetIDMe seems to be in process of being wound up read more
  • wtwu: The House of Lords have approved the Regulations, without a read more
  • wtwu: Data Retention and Investigatory Powers Bill Government Note on the read more
  • wtwu: The former Customs Officer and the others involved in dealing read more
  • wtwu: BBC reports the password was $ur4ht4ub4h8 When Hussain was read more
  • wtwu: "only" an extra 4 months in prison for failing to read more
  • wtwu: Although not confirmed as part of the Wilson Doctrine per read more
  • wtwu: For now (just before Christmas 2013) it appears that the read more
  • wtwu: As expected, the ISC did not give the intelligence agency read more
  • wtwu: N.B. the Intelligence & Security Committee is now legally consituted read more


Monthly Archives

August 2019

Sun Mon Tue Wed Thu Fri Sat
        1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30 31

UK Legislation

The United Kingdom suffers from tens of thousands of pages of complicated criminal laws, and thousands of new, often unenforceable criminal offences, which have been created as a "Pretend to be Seen to Be Doing Something" response to tabloid media hype and hysteria, and political social engineering dogmas. These overbroad, catch-all laws, which remove the scope for any judicial appeals process, have been rubber stamped, often without being read, let alone properly understood, by Members of Parliament.

The text of many of these Acts of Parliament are now online, but it is still too difficult for most people, including the police and criminal justice system, to work out the cumulative effect of all the amendments, even for the most serious offences involving national security or terrorism or serious crime.

Many MPs do not seem to bother to even to actually read the details of the legislation which they vote to inflict on us.

UK Legislation Links

UK Statute Law Database - is the official revised edition of the primary legislation of the United Kingdom made available online, but it is not yet up to date.

UK Commissioners

UK Commissioners some of whom are meant to protect your privacy and investigate abuses by the bureaucrats.

UK Intelligence Agencies

Intelligence and Security Committee - the supposedly independent Parliamentary watchdog which issues an annual, heavily censored Report every year or so. Currently chaired by the Conservative Sir Malcolm Rifkind. Why should either the intelligence agencies or the public trust this committee, when the untrustworthy ex-Labour Minister Hazel Blears is a member ?

Anti-terrorism hotline - links removed in protest at the Climate of Fear propaganda posters

MI5 Security Service
MI5 Security Service - links to encrypted reporting form removed in protest at the Climate of Fear propaganda posters

syf_logo_120.gif Secure Your Ferliliser logo
Secure Your Fertiliser - advice on ammonium nitrate and urea fertiliser security

cpni_logo_150.gif Centre for the Protection of National Infrastructure
Centre for the Protection of National Infrastructure - "CPNI provides expert advice to the critical national infrastructure on physical, personnel and information security, to protect against terrorism and other threats."

SIS MI6 careers_logo_sis.gif
Secret Intelligence Service (MI6) recruitment.

Government Communications Headquarters GCHQ

National Crime Agency - the replacement for the Serious Organised Crime Agency

Defence Advisory (DA) Notice system - voluntary self censorship by the established UK press and broadcast media regarding defence and intelligence topics via the Defence, Press and Broadcasting Advisory Committee.

Foreign Spies / Intelliegence Agencies in the UK

It is not just the UK government which tries to snoop on British companies, organisations and individuals, the rest of the world is constantly trying to do the same, regardless of the mixed efforts of our own UK Intelligence Agencies who are paid to supposedly protect us from them.

For no good reason, the Foreign and Commonwealth Office only keeps the current version of the London Diplomatic List of accredited Diplomats (including some Foreign Intelligence Agency operatives) online.

Presumably every mainstream media organisation, intelligence agency, serious organised crime or terrorist gang keeps historical copies, so here are some older versions of the London Diplomatic List, for the benefit of web search engine queries, for those people who do not want their visits to appear in the FCO web server logfiles or those whose censored internet feeds block access to UK Government websites.

Campaign Button Links

Watching Them, Watching Us - UK Public CCTV Surveillance Regulation Campaign
UK Public CCTV Surveillance Regulation Campaign

NO2ID Campaign - cross party opposition to the NuLabour Compulsory Biometric ID Card
NO2ID Campaign - cross party opposition to the NuLabour Compulsory Biometric ID Card and National Identity Register centralised database.

Gary McKinnon is facing extradition to the USA under the controversial Extradition Act 2003, without any prima facie evidence or charges brought against him in a UK court. Try him here in the UK, under UK law.
Gary McKinnon is facing extradition to the USA under the controversial Extradition Act 2003, without any prima facie evidence or charges brought against him in a UK court. Try him here in the UK, under UK law.

FreeFarid_150.jpg - Kafkaesque extradition of Farid Hilali under the European Arrest Warrant to Spain

Peaceful resistance to the curtailment of our rights to Free Assembly and Free Speech in the SOCPA Designated Area around Parliament Square and beyond
Parliament Protest blog - resistance to the Designated Area restricting peaceful demonstrations or lobbying in the vicinity of Parliament.

Petition to the European Commission and European Parliament against their vague Data Retention plans
Data Retention is No Solution - Petition to the European Commission and European Parliament against their vague Data Retention plans.

Save Parliament: Legislative and Regulatory Reform Bill (and other issues)
Save Parliament - Legislative and Regulatory Reform Bill (and other issues)

Open Rights Group

The Big Opt Out Campaign - opt out of having your NHS Care Record medical records and personal details stored insecurely on a massive national centralised database.

Tor - the onion routing network
Tor - the onion routing network - "Tor aims to defend against traffic analysis, a form of network surveillance that threatens personal anonymity and privacy, confidential business activities and relationships, and state security. Communications are bounced around a distributed network of servers called onion routers, protecting you from websites that build profiles of your interests, local eavesdroppers that read your data or learn what sites you visit, and even the onion routers themselves."

Tor - the onion routing network
Anonymous Blogging with Wordpress and Tor - useful Guide published by Global Voices Advocacy with step by step software configuration screenshots (updated March 10th 2009).

Amnesty International's campaign

BlogSafer - wiki with multilingual guides to anonymous blogging

NGO in a box - Security Edition privacy and security software tools

Home Office Watch blog, "a single repository of all the shambolic errors and mistakes made by the British Home Office compiled from Parliamentary Questions, news reports, and tip-offs by the Liberal Democrat Home Affairs team."

Reporters Without Borders - Reporters Sans Frontières - campaign for journalists 'and bloggers' freedom in repressive countries and war zones.

Committee to Protect Bloggers - "devoted to the protection of bloggers worldwide with a focus on highlighting the plight of bloggers threatened and imprisoned by their government."

Icelanders are NOT terrorists ! - despite Gordon Brown and Alistair Darling's use of anti-terrorism legislation to seize the assets of Icelandic banks.

No CCTV - The Campaign Against CCTV


I'm a Photographer Not a Terrorist !


Power 2010 cross party, political reform campaign


Cracking the Black Box - "aims to expose technology that is being used in inappropriate ways. We hope to bring together the insights of experts and whistleblowers to shine a light into the dark recesses of systems that are responsible for causing many of the privacy problems faced by millions of people."


Open Rights Group - Petition against the renewal of the Interception Modernisation Programme

wblogocrop_150.jpg - Fighting for justice for whistleblowers