Recently in RIPA Commissioners Category

Dear Sirs,

Here are some points which need to be considered in the new Covert Human Intelligence Source Code of Practice:

This is 2014 and somehow, yet again, there is no specific mention of *online* CHIS activities in the Code of Practice - this is inexcusable

Online "Legend" building and maintenance

It may be necessary and proportionate for a CHIS or a Relevant Source to create fake online internet service accounts e.g. Google Gmail, Microsoft Live ID, Twitter, Facebook, blog registrations, online discussion forum registrations etc.

A Relevant Source is essentially an undercover police officer etc. holding a public office, rather than acriminal or other informant, defined in The Regulation of Investigatory Powers (Covert Human Intelligence Sources: Relevant Sources) Order 2013

These may be used to help establish a "Legend" (does nobody else find the use of this Soviet era KGB espionage slang by the Home Office questionable ?)

N.B. by doing so, the CHIS or Relevant Source will almost certainly be breaking the legal Terms and Conditions of the online service.

Since newly created social media accounts which participate in discussions or which try to "follow" or "friend" other users, are less trustworthy and more suspicious, a convincing online persona requires a searchable history of online activity for it to be

Therefore any such "Legend" building (which may not yet have been allocated to a particular Relevant Source or investigation or operation) could take years and must also be reviewed by a senior responsible officer and the Surveillance Commissioners, with the same audit trails and regularity as other Relevant Sources i.e. regular review at least annually.

Automated social media software

There are plenty of companies willing to sell or create social media software tools and services for "marketing" or for "social media intelligence", the use of which can help in the creation of believable online "Legends", or allow the gathering of online social media details about an individual or group.

Any use of such tools or services must also be clearly authorised and audited as per Relevant Sources.

online CHIS risk of Disruption , Agents Provocateurs & Entrapment

One particular danger is the temptation for a CHIS or Relevant Source to use automated scripts or software to easily create and try to maintain multiple fake online personalities, often with limited artificial intelligence to send and reply to messages, so as to to create "buzz" or "chatter" online about a particular topic or issue.

They are also used to try to to manipulate (up or down) the ranking of certain keywords in web search engine queries.

These are abused by unethical businesses and by criminals to, for example, manipulate the price (up or down) of stocks and shares ("pump and dump" or "boilerhouse" operators) or to try to hide unfavourable or embarrassing press articles or social media commentary (no matter how truthful) from most naive web search engine users, who rarely progress beyond the first page or two of results.

Such software can also be used to "swarm" or "spam" political discussion forums, pushing a particular viewpoint and stifling free debate through "trolling" and "sock puppetry".

Therefore any use of such software must also be carefully authorised like a Relevant Source and audited by the Surveillance Commissioners. There also needs to be a clear Financial audit trail, as there is could be a substantial cost to the public purse.

Any use of such software for the dubious purpose of "disruption" of criminal or terrorist enterprises is also fraught with danger that it will be used to disrupt and cause collateral damage to innocent people e.g. those involved in political or social campaigns, peaceful demonstrations etc.

Although popular in the USA and with repressive dictatorships, such techniques risk creating online Agent Provocateurs and Entrapment, which should be a legal anathema in the UK.

N.B. even a "justifiable" use of such software or techniques will inevitably cause reputational damage to the trustworthiness of the law enforcement agency which uses them, when, not if, this becomes public.

This new CHIS Code of Practice must clearly forbid any use of Agents Provocateurs or Entrapment, whether online or in person.

The recent Washington Post article via whistleblower Edward Snowden, NSA report on privacy violations in the first quarter of 2012 has a few figures, which were never intended to be made public about the inevitable errors in large scale interception and communication data / "metadata" trawling by the United States' National Security Agency (NSA)

Without any individual detail, there is mention of completely predictable errors such as transposing or mis-typing the digits of a telephone number, or failing to narrow a database query sufficiently, either on the original authorisation documentation or at a later stage by a human analyst.

There are also worrying mentions of what are claimed to be merely massive automated data snooping cockups, which can be interpreted as hints of illegal activity e.g. snooping on all telephone traffic in Washington D.C. (area code 202) during an election year when automated equipment was supposedly "only" snooping on all international phone calls to / from Egypt (international phone prefix 20). Why was that not noticed after an hour or at most a day ?

The NSA spin doctors claim that only a tiny percentage of their vast snooping schemes are affected by such (admitted) mistakes, which may reassure US citizens that they are mostly not being snooped on by the NSA, deliberately or accidentally, but that is of no comfort whatsoever to United Kingdom and other "foreign" citizens.

For Spy Blog and the other few readers of the United Kingdom's Regulation of Investigatory Powers Act 2000 Commissioner' Annual reports, anodyne, detail free "audits" of the secret surveillance snoopers are familiar and depressing.

However, if we assume that the public servants in the NSA Signals Intelligence Directorate's (SID) director of oversight and compliance office and the UK's Interception of Communications Commissioner have tried to do an honest job, with their deliberately limited resources, the figures which have been not published but revealed (USA) or which have been published & censored (UK) should be compared:


leaked NSA Privacy Violations 2011 - 2012 (.pdf)

Figure 1a
: Table of the Number of NSAW SID-reported Incidents by Authority

E.O. 12333396390601670

i.e. 2776 "privacy violations" = "unauthorized collection, storage, access to or distribution of legally protected communications" in 2012, just for the main NSA HQ at Fort Meade in Maryland, not including its other big centres in USA :Augusta, Georgia; San Antonio, Texas; Honolulu, Hawaii; Denver, Colorado. or foreign stations like Menwith Hill in the UK.


2012 Annual Report of the Interception of Communications Commissioner (.pdf)

page 15
2012 Annual Report of the Interception of Communications Commissioner

6.4 Interception Errors

Figure 4 - Total Number of Intercept Errors over the previous 5 years


During the reporting year, 55 errors / breaches were reported to my office by public authorities.


N.B. GCHQ only admits to 8 intercept errors, 3 of which were from the previous reporting period i.e. only 5 for 2012..

Compare this with the over 2700 "privacy violations" admitted to in secret by the NSA for 2012.

Page 27 About half a million Communications Data requests per year for all UK intelligence agencies, police forces, local authorities etc.


Page 28 Just under 1000 Communications Data errors in the last year for all UK intelligence agencies, police forces, local authorities etc.


This figure is higher than the previous year (895). However, as the number of requests has increased by 15% this year, the overall error percentage has actually reduced from 0.18% in 2011 to 0.17% in 2012. I am satisfied that the overall error rate is still low when compared to the number of requests that were made during the course of the reporting year

Less than 0.2% error rate for all of the United Kingdom's Intelligence Agencies, Police Forces, Local Authorities etc.

N.B. the Interception of Communications Commissioner only audits a tiny sample of the half a million or so Communications Data requests each year.

The UK'S GCHQ has about 6,000 employees worldwide compared with the estimated 37,000 to 40,000 at the USA's NSA i.e. about 7 times as many in total, probably at least 3 or 4 times as many (more than 20,000) at the Fort Meade HQ and nearby facilities which are the subject of the leaked audit report.

The likelyhood of human errors e.g. transpositions of telephone number digits etc. must be similar in both organisations and the technology appears to be identical in many cases, so why is there an apparent discrepancy between the two sets of figures ?

Is the NSA in Maryland really orders of magnitude more error prone than GCHQ, even allowing for its bigger size, or are the UK's publicly published figures seriously mis-reporting or covering up the real number of GCHQ intercept errors ?

How does over 2700 "privacy violations" a year compare with only low single figures for GCHQ intercepts and less than a thousand Communications Data errors a year for the whole of the United Kingdom, including GCHQ plus the other two UK intelligence agencies, the 50 or so Police Forces and the several hundred albeit low level users of Communications Data (Local Authorities mobile phone subscriber name & address lookups mostly) i.e. National Security and general crime and regulatory infringements

N.B. It is scandalous that the UK Communications Data figures are not broken down by agency.

There is no conceivable tactical impact on any ongoing counter espionage or counter terrorism investigations which could be harmed by publishing, openly, the figures and percentages of self defined, self reported vague "privacy violations", even broken down by database access programme codeword / cover name.

Both NSA and GCHQ should publish such data openly, so that their respective bosses i.e. politicians and the people, can get a vague idea as to whether privacy violations are on the increase or not and can adjust their policies and budgets accordingly.

The Conservative / Liberal Democrat Coalition Government has been a bit more respectful to the public than the previous Labour government was, with respect to the publication of the the Annual Reports by the Commissioners, set up under the Regulation of Investigatory Powers Act 2000. They seem to be publishing them all at the same time in the July following the year calendar year to which they apply. Labour managed, on occasion, to delay publication of these Reports (which are in any case already censored of any interesting details) for nearly 2 years after the statutory deadline for publication.

The entirely separate yet equally content free Annual Report of the Intelligence and Security Committee has also been published in the same week as the RIPA Commissioners' reports.
(see later blog posting)

This year all of these reports have undergone an update to their design and layout, with a few more graphs etc. but none of them fulfils the claims by the Government that they somehow provide Reassurance to Parliament and the Public, that either the extensive snooping powers of the State are not being abused or that the secretive Intelligence Agencies are not wasting huge amounts of public money and committing various crimes, which can be justified in a few exceptional "national security" cases.

That hypothesis may perhaps be true, but the inadequate mechanism of censored annual reports, from legally toothless Commissioners or Committees, who do their best not to investigate individual complaints from the public, fails to inspire any confidence.

A few bits which caught our attention:

Why is it that two former High Court judges and all of the Home Office / Cabinet Office securocrats and mainstream media journalists have failed to spot the misleading tables in both the Interception of Communications Commissioner and the Intelligence Services Commissioner's reports with respect to RIPA Part III The Investigation electronic data
protected by encryption
. ?

2011 Annual Report of the Interception of Communications Commissioner

page 6

Which section of RIPA ?What is the power?When can this power be used?Who can use this power?Who authorises use of this power?Who oversees the responsible use of power?
Pt. IIIThe investigation of electronic data protected by encryptionInterests of national security

Prevention / detection of crime

Interest of economic well being of United Kingdom; or

For the purpose of securing the effective exercise or proper performance by any public public authority of any identified statutory power or statutory duty.

Any public authority Authorisation is most frequently by a Judge Oversight is conducted by the Interception of Communications, Intelligence Services and Surveillance Commissioners except where authorised by a judge

Intelligence Services Commissioner 2011 Annual Report

Annex B

Page 42

Which section of RIPA ?What is the power?What is a typical use of this power?When can this power be used?Who can use this power?Who authorises and who oversees the responsible use of power?
Pt. 3 The investigation of electronic data protected by encryption Request for encryption password or key pertaining to criminal suspects's computer
  • Interests of national security
  • Prevention/ detection of crime
  • Interest of economic well being of United Kingdom; or For the purpose of securing the effective exercise or proper performance by any public public authority of any identified statutory power or statutory duty
Any public authority Authorisation is most frequently by a Judge

Except when authorised by a judicial authority, oversight is conducted by the Interception of Communications, Intelligence Services and Surveillance Commissioners

These misleading tables give the impression that any public authority has powers to compel the handover of de-cryption keys or de-crypted plain text, when it clearly only the Police, SOCA, SCDEA, HMRC and the Intelligence Agencies who can do so.

Neither the IOC nor the ISC mentions if they have dealt with any Section 49 notices at all - were they kept out of the loop ? Only the Chief Surveillance Commissioner's report gives any details about encrypted information requests.

The "authorisation" of Section 49 notices is not actually by Judges or by "judicial oversight", it is by Police Constables (at or above the rank of Superintendent) and by NTAC (National Technical Assistance Centre now part of GCHQ).

Chief Surveillance Commissioner Annual Report for 2011-2012

Home Office support

3.13. The Home Secretary is required by the Police Act 1997 to provide me with the support necessary to fulfil my responsibilities. The support I receive continues to be, in some respects, inadequate. In particular, information technology for many years has failed to meet the demands of remote, secure and mobile working which is an integral part of the inspection process. Promises of improvement are not fulfilled and there appears little urgency to resolve recurring problems. Similarly, I have to rely on archaic facsimile machines which repeatedly malfunction.

That just about sums up the effectiveness and esteem in which the (technologically incompetent) Home Office holds the RIPA Commissioners

Section 49 - encryption

4.10. During the period to which this report relates, NTAC granted 57 approvals from 57 applications. Permission was not sought in three cases after NTAC approval. From the remainder, 33 had permission granted by a Circuit Judge, of which 20 have so far been served. Of these nine were complied with and 15 were not (this includes orders obtained in the last reporting year but not progressed at the time of the last report); the remainder are still being processed. It was decided not to proceed with five of the 14 people were charged with an offence. So far, in the period of this report, NTAC has been informed that there have been two convictions with other cases still in progress.

4.11. One conviction related to the importation of controlled substances, the other related to a fraud offence. Other offences include: domestic extremism, possession of indecent images of children, insider dealing, fraud, evasion of excise duty, drug trafficking and drug possession with intent to supply.

4.12. These statistics are provided by NTAC who are able to be accurate regarding the number of approvals granted. However, unless informed by the case team, the statistics cannot properly reflect the snapshot at the time of this report. However, it appears that there has been delay in serving some notices after approval has been granted and information regarding the progress of the cases although requested is not as prompt as it should be. Notices, one [sic] approved, should be served without delay and the information supplied to NTAC as soon as possible

57 requests and only 2 criminal cases which led to convictions (possibly on the basis of the other evidence presented, not the De-crypted material) is a very poor justification for the Section 49 snooping powers, which have done so much damage to the reputation of the United Kingdom as a good place from which to run an internet e-commerce related business.

Neither of these convictions involved any national security i.e. terrorism or espionage cases

National security does not feature in the vague list of "other offences" either.

It is unacceptable that these muddled figures appear to show that RIPA section 49 notices are being served without Judicial permission

Digital investigation and data sharing

5.16. The Data Protection Act is not within my remit but the ease with which data can be shared is of interest to me, particularly when the data being shared is the result of covert surveillance. First, there must be adequate protection of sources, techniques and product and this is not always apparent when there is no human in the loop to challenge the need to know. Secondly, I do not detect much effort by some authorising officers to make adequate arrangements for the destruction of product which was the result of collateral intrusion or not of value to the investigation or not properly authorised. The default solution appears to be in favour of retention. The necessity and proportionality of retaining data, which may later be shared in a different context, is as important as the necessity and proportionality of obtaining it in the first place.

5.17. A frequent response to my Inspectors' enquiries regarding a reduction in directed
surveillance is that 'overt' investigations using the Internet suffice. My Commissioners have expressed concern that some research using the Internet may meet the criteria of directed surveillance. This is particularly true if a profile is built by processing data about a specific individual or group of individuals without their knowledge.

5.18. There is a fine line between general observation, systematic observation and
research and it is unwise to rely on a perception of a person's reasonable expectations or their ability to control their personal data. Like ANPR and CCTV, the Internet is a useful investigative tool but they each operate in domains which are public and private. As with ANPR and CCTV, it is inappropriate to define surveillance solely by reference to the device used; the act of surveillance is the primary consideration and this is defined by RIPA section 48(2-4) (monitoring, observing, listening and recording by or with the assistance of a surveillance device). The Internet is a surveillance device as defined by RIPA section 48(1). Surveillance is covert "if, and only if, it is conducted in a manner that is calculated to ensure that persons who are subject to the surveillance are unaware that it is, or may be taking place." Knowing that something is capable of happening is not the same as an awareness that it is or may be taking place. The ease with which an activity meets the legislative threshold demands improved supervision.

The Internet is a surveillance device as defined by RIPA section 48(1).

implies that there should be specific Direct Surveillance authorisations before investigators
are allowed to use, say, Social Media data mining tools and then only for narrowly targeted investigations, not for "data trawling" or "fishing expeditions"

Automated Number Plate Recognition

5.19. The Commissioners invited ACPO representatives to present the case for continued
operation of the ANPR system when legislation demands authorisation. It was accepted that ANPR cameras can be used for an overt and covert purpose. The Commissioners were not persuaded to alter their guidance. I am pleased that ACPO has decided to improve its national guidance and to incorporate the advice of my office.

5.20. I am less happy to discover that the proper ANPR authorisation process can be circumvented using the Police National Computer. I do not desire to prevent the use of this very useful tool, but the ease with which ANPR can be used for directed surveillance demands that authorisation processes should not be circumvented.

5.21. The Commissioners believe that the use of privately owned ANPR systems for a covert purpose should be subject to authorisation if it is to be used for the benefit of a public authority operation or investigation.

5.20. I am less happy to discover that the proper ANPR authorisation process can be circumvented using the Police National Computer.

How many times has this happened ? Who are the culprits ?

Interception of Communications Commissioner 2011 Annual Report

As usual, the Interception of Communications Commissioner's report fails to provide enough of a detailed breakdown of the figures which it presents to be meaningful

The examples of the types of errors, caused by human mistakes when entering telephone numbers or email addresses or physical addresses etc. into computer systems or authorisation paperwork show how true to life Terry Gilliam's film Brazil, where the innocent character "Buttle" is arrested and tortured in place of the terrorist called "Tuttle" has proved to be:

page 31

...Unfortunately in two separate cases where a CSP disclosed the incorrect data, the mistakes were not realised and action was taken by the police forces on the data received. Regrettably, these errors had very significant consequences for two members of the public who were wrongly detained / accused of crimes as a result of the errors. I cannot say more about these two instances at this time as investigations are ongoing....

This is no error correcting mechanism within this system of RIPA regulation which forces the authorities to make public apologies and to pay financial compensation and to wipe out the erroneous data from all of their database and paperwork systems.

Astonishingly, the IOC has not bothered to, or has not felt able to, actually contact the victims of these mistakes or their lawyers directly and it must be assumed that the reason for their false arrests has been kept secret from them.

page 32

Under the Code of Practice I have the power to direct a public authority to provide information to an individual who has been adversely affected by any wilful or reckless exercise of or failure to exercise its powers under the Act. So far it has not been necessary for me to use this power but there is no room for complacency, and each public authority understands that it must strive to achieve the highest possible standards.

So even when people have been falsely arrested as a result of Communications Data mistakes, the IOC has not directed the police etc. to inform the individuals or to apologise.

Even if the Police etc. did so of their own volition, exercising one of the few legal powers which the Interception of Communications Commissioner actually has and "naming and shaming" the culprits, could have sent a useful message to the other public authorities and communications service providers.

There are some graphs etc. in the new report format template which give a few crumbs of evidence to inform the debate over the controversial Draft Communications Data Bill

There really needs to be a far more detailed breakdown, by each requesting public authority
for there to be a meaningful debate. This would not affect any operational security aspects of any ongoing or future investigations.

page 29

Figure 5 - Breakdown of Communications Data Authorisations/Notices by Type

Subscriber Data: 52%
Traffic Data: 25%
Service Use Data: 6%
Combination: 17%

Intelligence Services Commissioner 2011 Annual Report

As usual, there is almost not useful public content in the Intelligence Services Commissioner report.

Since there is no direct mechanism or budget for the secretive Intelligence Services Commissioner to deal with complaints from the public (who are usually not be aware of possible abuses by the intelligence services, due to the overwhelming blanket of secrecy), it is hard to see what Reassurance to the Public or Parliament the role of Intelligence Services Commissioner actually provides.

In the same way in which the Interception of Communications Commissioner inspects the justifiable snooping on the phone calls in Prisons, without this actually being part of the RIPA legislation, the Intelligence Services Commissioner is now involved in doing some vague, non-statutory oversight of:

page 28 onwards


i.e. the use of or knowledge of torture .

Now that the Detainee Inquiry (conducted by the previous Intelligence Services Commissioner, Sir Peter Gibson) has been nobbled, this is as close to any independent oversight of potential torture practices by the UK military and intelligence services that there is i.e. not very much.

As Spy Blog readers will have come to expect, the ISC has found no wrongdoing:

Based on the information provided to me, and to the extent set out in my remit, I am not aware of any failure by a military or intelligence officer to comply with the Consolidated Guidance in the period between 1st January and December 31st 2011. I have received assurances from the relevant departments and intelligence agencies that they have disclosed fully relevant information about cases within the detainee grid. I am also assured that I have been given full access to both information and officers to discuss particular cases both in the UK and during Station visits. I therefore have no reason to doubt that the guidance is being complied with based on the information that has been provided to me in 2011.

After faffing around for over 4 years, the Crown Prosecution Service and the Metropolitan Police Service have decided not to charge anyone at MI5 the Security Service or SIS the Secret Intelligence Service in the cases of two people who have made allegations of complicity in torture against them.

Their joint statement does not "clear" the officers and agencies concerned of any wrongdoing, which is the propaganda line being spun by say , the Daily Telegraph, it just says that the CPS feels that there is insufficient evidence for the likely prospect of a criminal conviction.

Joint statement by the Director of Public Prosecutions and the Metropolitan Police Service


This is a joint statement by the Director of Public Prosecutions (DPP) and the Metropolitan Police Service (MPS) dealing with:

(a) the decisions of the CPS not to charge any named individuals in relation to the investigations in Operations Hinton and Iden;

(b) the setting up of an advisory panel for scoping other complaints about ill-treatment by detainees in similar circumstances; and

(c) the decision by the MPS whether to investigate two further cases where allegations of criminal wrongdoing are raised in relation to the alleged rendition of named individuals to Libya and the alleged ill-treatment of them in Libya.


All concerned have been mindful of the obligation that allegations such as those made in Operations Hinton and Iden must be investigated thoroughly and in accordance with Article 3 of the European Convention on Human Rights.

Article 3 of the European Convention on Human Rights is very short and all encompassing:

No one shall be subjected to torture or to inhuman or degrading treatment or punishment.

Operation Hinton involved the investigation of the alleged involvement of British officials in the ill-treatment and torture of Mr Binyam Mohamed when he was detained in Pakistan between about April and July 2002 and/or when he was detained elsewhere between about July 2002 and early 2004.

Mr Mohamed has never alleged that any member of either the Security Service or the Secret Intelligence Service was directly involved in the torture and ill-treatment he alleges. The investigation has therefore focused on whether there is sufficient evidence to provide a realistic prospect of convicting any member of either Service for offences of aiding and abetting torture, aiding and abetting war crimes and misconduct in public office.


However, the CPS has also concluded that there is insufficient evidence to prove to the standard required in a criminal court that any identifiable individual provided information to the US authorities about Mr Mohamed or supplied questions for the US authorities to put to Mr Mohamed, or was party to doing so, at a time when he or she knew or ought to have known that there was a real or serious risk that Mr Mohamed would be exposed to ill treatment amounting to torture.

"he or she knew or ought to have known that there was a real or serious risk"

The Crown Prosecution Service appear to be completely out of touch with reality, again.

Intelligence Agencies not only ought to have known exactly which countries and state agencies use torture, but they ought to know exactly where the torture chambers are located and the identities of the torturers and their superiors, because they should be hunting them down, instead of helping them.

If the Intelligence Agencies are claiming to be somehow ignorant of this, then MI5 or SiS officers and their superiors, should be charged with Misconduct in Public Office,
for "wilful neglect or misconduct", since everyone within the UK Intelligence Agencies is supposed to be aware that "torture" or "inhuman or degrading treatment or punishment" is utterly wrong.

Any investigation of the Libyan allegations , which Sir Peter Gibson's Detainee Inquiry had already promised to look into back in September 2011, are now in danger of being spun out for another 4 years by the Metropolitan Police Service and the Crown Prosecution Service.

Ploddingly and bureaucratically, they have announced that they have set up "an advisory panel" to decide whether they should investigate these claims or not. Why have they not already started to investigate before Christmas 2011 ?

Statement by the Inquiry, January 12, 2012


Following the advice of the joint advisory Crown Prosecution Service and Metropolitan Police Panel, the Metropolitan Police has decided that the allegations raised in the two specific cases concerning the alleged rendition of named individuals to Libya and the alleged ill-treatment of them in Libya are so serious that it is in the public interest for them to be investigated rather than at the conclusion of the Detainee Inquiry.

The Detainee Inquiry Panel will now carefully consider its next steps and the Chairman of the Panel, Sir Peter Gibson, will make an announcement in due course.

Surely it is possible for the Detainee Inquiry to proceed in parallel with any Police investigation ? If they wait for every investigation and court case to finish, before they get formally started, then they might as well all resign now.

Were these kidnappings of individuals and families, none of whom were terrorists who posed a threat to the UK and their "extraordinary rendition" into the hands of torturers in the USA, Afghanistan, Pakistan, Morocco, Jordan, Egypt or Libya etc.
sanctioned by Labour government Ministers under the Intelligence Services Act 1994, section 7 Authorisation of acts outside the British Islands ?

Will Tony Blair and his henchmen like Jack Straw and David Blunkett, try and divert responsibility for British complicity in torture by blaming their civil servant officials instead ?

The Conservative / Liberal Democrat coalition government's hands are not entirely clean either, given that only last year, they firstly accepted the defection of
Moussa Koussa from the Gadaffi regime in Libya and then let him go freely out of their custody. There are plenty of allegations around of his personal involvement in political assassinations, massacres and torture as head of the Libyan intelligence bureaucracy, whose abandoned offices have yielded prima facie evidence of such complicity.

It is now over 18 months since the Detainee Inquiry was set up and the promise Undertakings to protect witnesses or whistleblowers from prosecution and / or disciplinary action have still not been agreed or published

Spy Blog has raised with the Detainee Inquiry, the question of Communications data snooping, Interception of Communications and Intrusive Surveillance and recruitment of Confidential Human Intelligence Sources i.e. routine Intelligence Agencies powers and techniques, which could easily be aimed at members and staff of the Detainee Inquiry and their families and friends, by one or all of the intelligence Agencies, trying to identify potential or actual whistleblowers who may not be adhering to the official party line. The self justification for doing so will be on the nebulous grounds of "national security" - to determine if anyone willing to talk, even in secret, to the Detainee Inquiry about the deeds or misdeeds of their colleagues or superiors be trusted any more.

See the previous Spy Blog article: Reply from the Detainee Inquiry, regarding anonymity protection for whistleblowers, surveillance targeting against the Inquiry itself etc.

Were the Metropolitan Police and Crown Prosecution Service teams working on investigations Operation Hinton and Operation Iden targeted in this way ? Given the 4 years it took them to fail to find sufficient evidence and the number of people they were not allowed to interview, it may well be that the Intelligence Agencies were always one step ahead of the investigators, perhaps through the use of such surveillance techniques.

Will the Metropolitan Police investigation into the Libyan allegations, if it ever goes ahead, also be so targeted by the Intelligence Agencies ?

Remember that individual Police officers and investigation teams have, according to evidence given to the Leveson Inquiry, been targeted by News of the World and / or other journalists and private investigators, including the team investigating Downing Street complicity in the "cash for honours" scandal headed by the now politically disgraced Assistant Commissioner John Yates.

It is therefore not fanciful to assume that people within the UK Intelligence Agencies with these secret surveillance powers will use them, or will get their US or European sister intelligence agencies to do so on their behalf against such torture investigations, unless expressly and publicly forbidden to do so .

Any such ban must be public, so that the companies and staff working in telecommunications, internet and postal communications services can recognise illegal requests for Communications Data or the contents of communications and refuse to accede to them.

It is ironic that the person to whom complaints about such abuses of the Regulation of Investigatory Powers Act 2000 by the Intelligence Agencies, if they exist, is the Intelligence Services Commissioner, the post held by Rt. Hon. Sir Peter Gibson until he resigned it early in his tenure to devote himself to the Detainee Inquiry.

The current Intelligence Services Commissioner is Rt. Hon. Sir Mark Waller - see the previous Spy Blog article: Intelligence Services Commissioner, Rt. Hon. Sir Mark Waller appointed early, announced late

The several parallel Metropolitan Police investigations into the News of the World "phone hacking" scandal, Operation Tuleta and Operation Weeting and Operation Elevden continue to produce no arrests and no prosecutions of corrupt Police or Mobile Phone industry insiders, with respect to the alleged abuse of Communications Data privacy, especially the abuse of Mobile Phone Location Data.

Surely it is obvious now even to the most technologically illiterate politicians and Whitehall civil servants, that there is no effective regulation of Communications Data investigation systems.

Communications Data snooping by the Police etc can be a powerful investigative technique, but only when it is clear that it is not being abused.

Public confidence in the use of these techniques has been damaged by allegations (so far without much hard proof) that disreputable tabloid newspapers have been able to gain access to this highly intrusive, private information, which can only have come via corrupt police or intelligence agency or mobile phone network staff.

BBC reports that lawyers in civil cases before Mr Justice Vos have claimed:

18 November 2011 Last updated at 16:29

NoW hacking victims claim investigator tracked phones

A private investigator was involved in illegally tracking mobile phones, hacking victims have claimed.

Glenn Mulcaire, who was jailed for phone hacking for the News of the World, is linked to the so-called pinging of mobiles and computer hacking, a High Court civil case heard.

Pinging is tightly regulated and restricted to police, security services and a small selection of other bodies.

Mulcaire and News International have yet to respond to the claims in court.


The allegations were aired at a case management hearing in the civil cases for breach of privacy brought by hacking victims against News International, the owner of the now defunct NoW.


In July, the Metropolitan Police launched Operation Tuleta, alongside phone-hacking inquiry Operation Weeting, to probe allegations of computer hacking.

Operation Tuleta is examining breach of privacy claims received by police since January.

Sea also the previous Spy Blog article and comments back in July 2011:

NYT: NOTW bought mobile phone location data for $500 a time from corrupt police

N.B. under the Regulation of Investigatory Powers Act 2000, there are no criminal sanctions available against the Police or others who abuse Communications Data, of which Mobile Phone Location Data is a part, although there is a penalty of up to 2 years in prison for illegal Interception of the content of mobile phone voice or data communications, which is what the the News of the two News of the World employees were convicted of back in 2007.

The deliberate loopholes in this lax regime , brought in by the technologically inept yet authoritarian Labour government e.g. the totally ineffective and secretive Interception of Communications Commissioner, have not been tightened up by the dithering Conservative / Liberal Democrat Coalition government,

The proposals to slightly strengthen the roles of the Interception of Communications Commissioner and the Intelligence Services Commissioner and/ or the creation of an Intelligence Services Inspector General outlined in the recent Green Paper on Justice and Security , do not apply to "normal" Police cases.

Green Paper on Justice and Security


The Ministry of Justice / Cabinet Office have produced a public consultation Green Paper on Justice and Security. which closes on 6th January 201.

Some Spy Blog observations on:

Nobbling civil cases and inquests

The first section seems to be about various proposed legalistic fiddles to the evidence procedures civil cases and Inquests.

They seem to be proposing to infect civil courts and inquests with the same wretched Special Advocate / Closed Material Procedures schemes which were introduced under Labour for the ineffective Special Immigrations Appeals Tribunal (SIAC) and the Proscribed Organisations Appeal Commission (which rarely does anything at all).

They also appear to be trying to nobble the use of Norwich Pharmacal orders (a rarely used legal precedent which allows a third party not directly involved in a civil case, to be ordered to hand over information or evidence which is pertinent). Such orders have recently been applied to cases tainted with "national security" or "intelligence" rather than actual evidence.

If you believe the Green Paper, this is to allow better, more accurate "justice" in cases cases which involve genuine "national security" secrets, which might otherwise have to be abandoned or settled out of court by the government to preserve "the public interest" in secrecy.

The increasingly hated and incompetent previous Labour government always cloaked its repressive legislative onslaught on our civil liberties and freedoms with Orwellian newspeak and the Coalition seems to be following suit.

Whilst there is a case for keeping genuine time limited tactical intelligence, or the specific details of still viable technological intelligence gathering techniques, or the identities of Covert Human Intelligence Sources secret, there is no trustworthy mechanism for limiting such secrecy only to such examples.

Far too often, the "national security" classification of documents or witness testimony is really about preventing embarrassment to politicians, mandarins and apparatchiki in Whitehall etc.e.g. the torture claims case of Binyam Mohamed and the inquest into the "Friendly Fire" deaths of UK military personnel caused by trigger happy US Air Force ground attack aircraft pilots in Afghanistan etc.

It is all about maintaining the fiction of the appearance of "The Control Principle"

We expect our intelligence partners to protect our material when we share it with them, and we must be able to deliver the same protection of their material.

Confidence built up over many years can all too quickly be undermined. That is why, if the trust of the UK's foreign 'liaison' partners is to be maintained, there should be no disclosure of the content or fact of the intelligence exchange with them without their consent. This is known as the Control Principle.

The United States government, for example, regularly betrays this Control Principle, either through incompetence, or when it suits them politically e.g.

  • Leaving Diplomatic Cables involving the United Kingdom or our allies on vulnerable computer systems accessible by millions of low level US military personnel, bureaucrats and defence contractors, to then be published "for maximum impact" by the cult.

  • Several UK anti-terrorism raids involving international plots, have had to be rushed too early, before the alleged plotters have actually got their hands on any explosives or weapons or money etc.because the US government crowed about them in public, thereby perhaps tipping off some of the suspects.

Is this Control Principle going to be applied to all of the secret MI6 correspondence recently retrieved by journalists and human rights activists from abandoned government offices in Libya ?

In the Binyam Mohamed case, which is what led directly to the still not yet properly running Detainee Inquiry on UK Government complicity in torture, the "intelligence material" details in dispute had already been made public in the USA, but the UK government persisted in wasting public money on legal appeals to pretend to be upholding the "Control Principle".

Still no proposals about Intercept As Evidence

A major failing of this Green Paper is the lack of anything about the policy of No Intercept As Evidence.

This is Yet Another Broken Promise by the Coalition government - both the Conservatives and the Liberal Democrats claimed that they would sort this out, when making thei increasingly worthless pre-election promises. The Labour party, is as usual, failing to hold the government to account, presumably because they dare not remind people of their own repressive mendacity.

Whitehall is still dithering about this after all these years, with the "Advisory Group of Privy Counsellors" chaired by Sir John Chilcot, not actively doing anything about it, as he is presumably busy giving the likes of Tony Blair etc. an easy time of it over at the still running Iraq Inquiry anyway. - see the previous Spy Blog article Intercept as Evidence Report - £2.5 million spent and still no workable "legal model"

Intelligence and Security Committee

The slightly more interesting section is on proposed reforms to the Intelligence and Security Committee and the Regulation of Investigatory Powers Act 2000 Commissioners - The Intelligence Services Commissioner and the Interception of Communications Commissioner

All of these suffer from a lack of public visibility amongst the general public and a vast amount of scepticism about their effectiveness amongst those of us who do actually bother to read their censored public reports.

Question: What changes to the ISC could best improve the effectiveness and credibility of the Committee in overseeing the Government's intelligence activities?

3.4 The Government recognises the criticisms that have been made about current oversight arrangements, particularly that they do not provide sufficient public reassurance that current scrutiny is effective.

The Government does not want the ISC to have even the weak powers of a Select Committee

3.18 A possible option would be to change the status of the ISC to that of a departmental select committee. Departmental select committees have a remit 'to examine the expenditure, administration and policy' of the relevant government department and associated public bodies. A Standing Order, which would need to be renewed each Parliament, could cover appropriate handling of sensitive material, accommodation, staffing and reporting. Creating a select committee would result in oversight being demonstrably undertaken by Parliament.

3.19 However, under such arrangements the Government would clearly have no veto on publication of sensitive material.

That is the whole point !

There would be a real risk that, with fewer safeguards in place than under the present arrangements, Agency Heads would find it hard to reconcile their statutory duty to protect information with their statutory duty to facilitate parliamentary oversight.

Contempt of Parliament and contempt for the general public.

Sharing of less sensitive information and a corresponding reduction in both the credibility and effectiveness of the oversight the committee provided could be the result.

For these reasons, the Government believes this option should not be taken forward.

How can this be less effective or less credible than the current milksop that is the Intelligence and Security Committee ?

3.23 As the ISC has developed its role it has, with the agreement of previous and current governments, taken evidence from bodies beyond the three Agencies which are a part of the wider intelligence community within government These include Defence Intelligence in the Ministry of Defence (MOD), the Office for Security and Counter-Terrorism in the Home Office and the central government intelligence machinery in the
Cabinet Office (including the Joint Intelligence Organisation). It has also, in its annual reports, made recommendations relating to those bodies. The ISC has proposed that this role should be formalised.

3.24 These bodies are part of larger departments (MOD, Cabinet Office and Home Office) which are overseen by the appropriate departmental select committee. However, where the work of these organisations relates directly to intelligence material, the relevant departmental select committees are not able to provide oversight. The Government proposes formally to recognise the wider role the ISC should play in overseeing the Government's intelligence activities by enabling it to take evidence from any department or body in the wider intelligence community about intelligence-related activity where to do so would help the ISC provides coherent intelligence oversight. This development would not affect the primary accountability of those bodies to the relevant departmental select committee of the House of Commons.

It is obvious that even Members of the Select Committee on Defence, like the Liberal Democrat MP Mike Hancock are not actually trusted with any secrets:

Why is Sir Stephen Lander (ex DG of MI5) involved in the SIAC deportation case of Katia Zatuliveter ?

However, what in the USA would be the criminal act of acting as an Unregistered Agent of a Foreign Government, is tolerated and encouraged by UK Ministers and top Civil Service mandarins, when it comes to commercial or political lobbyists as revealed in the Liam Fox / Adam Werrity scandal.

Accommodation, staffing and budget

3.31 We are considering possible changes to the ISC's staffing, accommodation and funding with a view to strengthening both the ISC's actual and symbolic connection to Parliament. The most tangible physical demonstration of independence, and a natural consequence of the ISC becoming a Committee of Parliament, would be to make
arrangements with the parliamentary authorities for the ISC to be accommodated in suitably secure premises on the parliamentary estate, rather than on the government estate. Similarly, its staff could have the status of parliamentary staff (rather than departmental civil servants based in the Cabinet Office), and its budget funded directly from parliamentary appropriation rather than the Cabinet Office's departmental budget.

3.32 The Government accepts that some of the proposals in this section, if implemented, would require a modest uplift in the Committee's current levels of resourcing. The ISC itself has made a case for an increase in its resourcing. Following decisions on next steps after this consultation, the Government - with the parliamentary authorities if the above plans are taken forward - proposes to review the level of resourcing that the ISC requires to support it in the discharge of its functions and the nature of the skills the Committee requires to have at its disposal.

How about an actual Investigative team with access to scientific forensic techniques for examining paper and computer documents ?

How about some forensic accountants who can "follow the money" any suspected trail of waste and corruption involving secret projects ?

How about proper secure and anonymous electronic and physical communications facilities, which the UK intelligence agencies are expressly forbidden from snooping on ?

How about a comprehensive intelligence agency whistleblower protection scheme backed up by criminal sanctions, to encourage internal whistleblowers who may have important allegations or evidence to bring forward to the ISC, without the fear of being detected or punished by their work colleagues or bosses.

See Spy Blog letter to the Detainee Inquiry re: lack of whistleblower anonymity protection and immunity from prosecution

Access to information

3.36 Under current legislation the ISC requests information from the Heads of the three Agencies who can, in theory, decline to disclose information if it is 'sensitive' (as defined by ISA - which could include information about sources or methods or relating to articular operations or which has been provided by foreign partners who do not consent to its onward disclosure). An Agency Head's refusal to disclose such information to the ISC can be overturned by the relevant Secretary of State on public interest grounds. In practice,

Agency Heads have rarely refused an ISC request for information.

The fact that they have actually done so repeatedly in the past, has been revealed in the public section of several of the ISC's censored Annual Reports.

The Government agrees with the ISC's proposal that the Committee should be given the power to require information from the intelligence Agencies. The Government also agrees with the ISC proposal that this should be subject only to a veto exercisable by the relevant Secretary of State, rather than by the Head of the individual Agency, as now.

About time too, although what actual difference the location of the exercise of such a veto will actually make in practice, remains to be seen.

Raising the public profile of a couple of the RIPA Commissioners

The Commissioners

The role of the Commissioners in intelligence oversight

3.39 Independent oversight of the Agencies is provided by the Intelligence Services Commissioner and the Interception of Communications Commissioner. The Commissioners are appointed by the Prime Minister for a (renewable) period of three years and must hold or have held high judicial office.

The Intelligence Services Commissioner's central function is to keep under review the issue of warrants by the Secretary of State, including those authorising intrusive surveillance (e.g. eavesdropping) and interference with property, in order to make sure that the Secretary of State's issue of the warrants was in compliance with legal requirements. The Interception of Communications Commissioner's central function is to keep under review the issue of warrants for the interception of communications. More details of the remits of the Commissioners can be found at Appendix G.

3.43 The Government proposes that the Commissioners' ability to discharge these types of duties is placed on a statutory footing, in order to ensure transparency, coherence and a clear basis of authority. This would need to be broad enough to cover current non-statutory duties and also a range of potential future duties. The Government proposes that this is done by adding a general responsibility for overseeing the effectiveness of operational policies to the statutory remit of the Intelligence Services Commissioner, who would maintain responsibility for monitoring compliance by the Agencies with the necessary legal requirements in the exercise of their intrusive powers. The specific areas on which the Commissioner focuses at any one time would need to be agreed, on an ongoing basis, with the appropriate Secretary of State.

3.44 The effectiveness and value of the Commissioners in providing assurance and challenge to Ministers is not in doubt.

Yes there is plenty of doubt !

They are highly respected former members of the judiciary whose experience and insight is invaluable in checking the necessity and proportionality of the use of the Agencies' intrusive powers. However, their low public profile means that they play a lesser role in providing assurance to the general public that the activities of the Agencies are at all times reasonable, proportionate, necessary and compliant with all legal obligations. A number of steps have been taken recently to increase the public profile of the Commissioners. The Commissioners' most recent annual reports have been revised to make them more readable and with the inclusion of more qualitative information of potential interest to readers. A new dedicated website for the Commissioners has been established and is expected to go-live around the time of publication of this Paper. These steps are important as they allow the Commissioners to explain to the public how their offices work, what they do and how they link into other elements of the oversight landscape. The Government considers that future appointments should bear in mind the importance of the public element of the Commissioner role.

This "new dedicated website for the Commissioners " got off to a typically inept start:

MI5 inspector's website shut down after security blunder

A new website for the former High Court judges responsible for oversight of MI5, MI6 and wiretapping has been shut down after it emerged that anyone could edit any page of it.

By Christopher Williams, Technology Correspondent

8:00AM BST 23 Oct 2011

The security blunder forced the Intelligence Services Commissioner, Sir Mark Waller, and the Interception of Communications Commissioner, Sir Paul Kennedy, to pull the plug on their new website on Friday afternoon following enquiries by The Telegraph.

Every page contained an "edit" link that allowed anyone visiting the website to change any text and upload files.

After it was shut down a secure version was published at a new address


The secure version of their new website is at

Inspector General

The Government have also floated the idea of an Inspector General, but their proposal in Appendix I is rather half hearted:

Question: Are more far-reaching intelligence oversight reform proposals preferable, for instance through the creation of an Inspector-General?

Appendix I
Possible model for an Inspector-General

1. An Inspector-General (IG) could oversee the powers and policies of the security and intelligence agencies and retrospectively review their operational activity. An IG for the Agencies could replace the Intelligence Services Commissioner and part of the remit of the Interception of Communications Commissioner.

2. An IG could be responsible for oversight of all the Agencies' covert investigation techniques, including the use of authorisations under the Intelligence Services Act 1994, and use by the Agencies of powers under the Regulation of Investigatory Powers Act 2000 (RIPA) Part I Chapter I (interception) and Chapter II (communications data), Part II (surveillance and CHIS) and Part III (encrypted data). It could also be responsible for oversight of requirements arising out of new government policies or legislation or the development of new practices. The IG could also provide legal advice and guidance to the Agencies on the use of their covert investigative techniques.

Doesn't the existing role of Intelligence Services Commissioner already do this ?

3. An IG could review the policies and procedures of the Agencies that relate to operational activities, including ethical matters. Ethical matters could be referred from, and reviewed, in close co-operation with the Staff Counsellor.

Who are these Staff Counsellors to which intelligence agency whistleblowers could complain to regarding, say, ethical concerns they have about intelligence operations involving torture or excessive snooping on innocent people ?

Rt. Hon. Sir John Chilcot "was Staff Counsellor to the Security and Intelligence Agencies (1999-2004) and the National Criminal Intelligence Service (2002-06). "

What a small, cosy world there seems to be amongst senior Whitehall mandarins and Judges, even after they retire.

If you were a whistleblower within these organisations today, would you trust

  1. The personal integrity of such a former Whitehall mandarin or retired senior Judge - probably yes

  2. His Operational Security technical computer, communications and "Moscow rules" style anti-surveillance tradecraft, to keep your identity secret from your work colleagues and managers and from other intelligence agencies - almost certainly not

4. An IG could have a retrospective review function that would include the ability to launch its own enquiries into past Agency operational activity. It could have a right to request intelligence, subject to Ministerial veto.

That would be a change from the current RIPA only remit of the intelligence Services Commissioner.

5. This would create two distinct oversight bodies: one focused on the Agencies, and one on all other public authorities with RIPA powers.

The risk of this approach is that oversight of interception would be split between two different bodies, possibly leading to different standards or approaches emerging. This would need to be managed and would not necessarily be straightforward.

Oversight of Interception is not as much of a problem as the lack of proper oversight of the vastly larger number of requests / demands for Communications Data, something which the existing Interception of Communications Commissioner fails to satisfy the demand for public accountability.

6. The IG could have a statutory duty to consult the Prime Minister on its annual work programme. It could produce an annual report for the Prime Minister, and publish reports on the outcome of the retrospective enquiries into Agency operational activity and reviews into operational policies. The IG could have a duty to develop an effective public profile for its work.

There must be clear, very effective methods for members of the public and for whistleblowers to contact the Inspector General , securely and anonymously, in the first instance, without the technical or legal risk of being snooped by the very intelligence agencies that they might be complaining about or about which they are providing evidence of wrongdoing or incompetence or corruption etc.

A single, censored, RIPA Commissioner or Intelligence Security Committee style Annual report to the Prime Minister absolutely will not inspire any public or even Parliamentary confidence whatsoever.

Any such reports should be made directly to Parliament, like the Information Commissioner.

7. An IG could be appointed by, and answerable to, the Prime Minister. The post could have some form of pre-appointment scrutiny by Parliament and/or could be advertised publicly. The role could be filled by a suitably experienced judge. If this was not a judicial appointment, the IG could be a senior civil servant but would need to be supported by a legal adviser with the appropriate legal and/or judicial experience. The IG could head up a team which would include a Secretariat and specialists with responsibility for aspects of the work of the IG (e.g. interception)

No! The post should be independent of the executive arm of government i.e. it should be an appointment by the Queen, just like a High Court Judge.

Spy Blog suggestions

Question: What combination of existing or reformed arrangements can best ensure credible, effective and flexible independent oversight of the activities of the intelligence community in order to meet the national security challenges of today and of the future?

Question: With the aim of achieving the right balance in the intelligence oversight system overall, what is the right emphasis between reform of parliamentary oversight and other independent oversight?

Question: What changes to the Commissioners' existing remit can best enhance the valuable role they play in intelligence oversight and ensure that their role will continue to be effective for the future? How can their role be made more public facing?

A few Spy Blog suggestions which apply to the RIPA Commissioners or the proposed Inspector General and to the supposedly beefed up Intelligence and Security Committee

  1. How about some photos etc. of the Commissioners (or the Inspector General) on their website ? Like Sir Peter Gibson (ex Intelligence Services Commissioner) on the Detainee Inquiry website (if they can get the hang of Wordpress hosted in Amazon S3 cloud) ?


    Rt. Hon. Sir Paul Kennedy, Interception of Communications Commissioner (photo UPPA Ltd via Daily Mail)


    Rt. Hon. Sir Mark Waller, Intelligence Services Commissioner (photo via Serle Court Chambers)

  2. How about proper whistleblowing secure and anonymous contact web forms, email, postal address, mobile phones etc. for tip offs and whistleblowers ?

  3. Statutory whistleblower protection counteracting the exemptions to current "normal" employment, and the various "national security" legislation

  4. "Wilson Doctrine" extension to the Commissioners / Inspector General and the Intelligence and Security Committee and also their staff and families. This would apply to their public duties and to whistleblower related communications, but obviously not to investigations into private corruption etc.

  5. Criminal sanctions including prison and unlimited fines for breaches of these rules by the intelligence agencies or the police or private sector sub-contractors etc.

  6. Multi million pound budget and staff to handle enquiries from the public and the media - very cheap when compared to the lack of intelligence sources caused by mistrust of the agencies

  7. Inclusion within the Freedom of Information Act regime, with the proviso that most of the National Security exemptions will apply to most of their casework and investigations. However requests about the Commissioners / Inspector General offices themselves e.g. number of complaints, waiting time for complaints to be processed or investigated etc should be made public without question or delay.

  8. Statutory basis for the oversight of Prisons, which was lumped onto the Interception of Communications Commissioner by Gordon Brown, and which takes up a huge amount of his time and resources

Respond to the Consultation

Is it worth bothering to submit these to the formal Consultation process ?

There is an unencrypted web form:


Post: Justice and Security Consultation, Room 335, Cabinet Office, 70 Whitehall, London, SW1A 2AS

by Friday 6th January 2012

Back in March, the deliberately misleadingly entitled "Protection of Freedoms Bill" was published, the NuLubour style plan to introduce another couple of toothless "Commissioners" (for National Security Biometrics and for some, but not all, CCTV Cameras) was correctly criticised by our friends at ARCH, Privacy International , Genewatch UK and NO2ID:

Briefing for UK Parliament on the 'Freedom Bill' - The Protection of Freedoms Bill Second Reading

They called for a single, powerful, well funded Privacy Commissioner, independent of Government Departments or Ministers, with legally enforceable powers of investigation backed up with criminal law sanctions, with proper in house technical expertise and investigation teams, like those which exist in Canada or Germany etc.

The House of Commons Select Committee on Home Affairs also agreed with them, when reporting on the News of the World mobile phone phone voice mailbox hacking scandal.

However, the Home Office's Byzantine "divide and rule" response, can be summed up a la Mel Brookes' Blazing Saddles as:

"Privacy Commissioner ? We don't need no stinking Privacy Commissioner!" (in a faux Mexican bandit accent)

Their official response to the Home Affairs Committee report contains this smugly complacent response:




2.14 We are concerned about the number of Commissioners, each responsible for different aspects of privacy. We recommend that the government consider seriously appointing one overall Commissioner, with specialists leading on each separate area. (Paragraph 42)

2.15 The Government believes the current spread of independent Commissioners ensures proper regulation of different aspects of privacy. The range of statutory functions carried out by each Commissioner varies significantly. It includes the provision of guidance, investigation of public complaints, serving and enforcing monetary penalty notices, making decisions over the deployment of technical devices, authorisation of some forms of surveillance and property interference, and oversight and inspection across different specialisms and under different legislation. Each Commissioner and his staff work in specialist, technical areas that require extensive knowledge of relevant legislation, equipment and procedures. Although the work they do can be related, it is also quite distinct.

2.16 The Government believes that the benefits the Committee is seeking can be delivered through existing arrangements and those proposed in the Protection of Freedoms Bill. The existing Commissioners already co-ordinate their work to ensure the right expertise is utilised in the right context and that wherever possible there is consistency between them. However, while respecting their independence, the Government will take note of the Committee's concerns in the way we develop and co-ordinate the roles and functions of the Commissioners.

There has been no Government "development" or "co-ordination" of the roles and functions of the Commissioners, except to keep them as secretive and powerless as possible.

Remember that neither the existing RIPA Commissioners (Interception of Communications, Surveillance or Intelligence Services) nor the Information Commissioner nor the two new proposed Commissioners (national security only Biometrics and some CCTV) actually have the word "Privacy" in the legislation which defines their roles and which they are narrowly constrained to follow.

The Home Office officials are deluding themselves and deceiving the public if they think that there is any evidence of "joined up" working between the existing Commissioners - they do not even meet each other face to face regularly, or at all. Apart from the Information Commissioner, they try their best not to talk to, or correspond, with members of the public. All of the Commissioners have far more legal expertise than detailed technological expertise. Only the Information Commissioner and the Chief Surveillance Commissioner bother to publish a public website and only the Information Commissioner's Office has a Twitter feed.

The Conservative / Liberal Democrat coalition government needs to deliver on its pre-election promises, right now, before Christmas, in regards to our freedoms and civil liberties. At the moment they are looking indistinguishable from the previous, increasingly hated, authoritarian yet incompetent, Labour government.

The Report Stage of the inadequate Protection of Freedoms Bill is set for Monday the 10th October 2011 i.e. in less than two weeks time

Please lobby your MPs e.g. via about our lost freedoms and suggest amendments to this half hearted Bill before then.

If you are a potential or actual whistleblower, working in the United Kingdom intelligence services, who had information regarding involvement in torture, which might contradict what the senior managers and officials who will be appearing before Sir Peter Gibson's Detainee Inquiry, would you be satisfied with the assurances given below ?

Would you risk your career or life, or those of your family and friends, on such such assurances ?

See our previous blog article of the 11th August 2011, before the revelations from Libya: Spy Blog letter to the Detainee Inquiry re: lack of whistleblower anonymity protection and immunity from prosecution

The Detainee Inquiry
35 Great Smith Street, London, SW1P 3BQ
Telephone: 020 7276 5544

From the Secretary to the Inquiry

13 September 2011

Via E-mail [email address]


Thank you for your e-mail to Sir Peter Gibson on behalf of Spyblog and its readership, in reference to the provisions of anonymity protection for whistleblowers and a number of issues related to the Inquiry's work. I am responding on Sir Peter's behalf.

The Inquiry takes the welfare and safety of any witnesses who provide evidence to us very seriously. The Inquiry's Protocol (available on our website) makes clear that witnesses may provide evidence to the Inquiry in private if the Inquiry believes that there is a good reason for them to do so.This is designed to ensure both the welfare and safety of witnesses by the protection of their identity, and the provision of full and frank evidence to the Inquiry. Any request by a witness to appear in private will be given careful consideration by the Panel. By way of further reassurance, the only people present during private hearings will be the witness and any one person they choose to accompany them, the panel, Counsel to the Inquiry, members of the Inquiry staff and contracted stenographers with the appropriate security clearance (see paragraph 37 of the Protocol). Should we find it necessary to seek further information from a Department or Agency as a result of evidence given by a witness, we would not reveal the source of the information leading to the request. We believe that the current measures are sufficient at this stage to protect the anonymity of whistleblowers or anyone else who has good reason to give evidence in private, but we will keep this under review

As you have identified, the Prime Minister stated in his letter of the 6 July 2010 to Sir Peter Gibson that 'the Attorney General has agreed to provide an undertaking that evidence given by witnesses may not be used against them in criminal proceedings, whether their evidence is given in public, private or both (other than in proceedings where he or she is charged with giving false evidence or conspiring to do so in the course of this Inquiry)' We are currently liaising with the Attorney General's office on producing a comprehensive undertaking which we are confident will address the concerns you have around potential prosecution of whistleblowers under legislation such as the Official Secrets Act. We hope to receive a final version of the undertaking soon and will then publish it on our website as you suggest. We will then confirm with the Cabinet Secretary and the Heads of the intelligence services their analogous undertakings to staff in respect of disciplinary proceedings based on the evidence provided, this was also set out in the Prime Minister's letter.

You raise an important point about assurances from the UK Intelligence Agencies in respect of their cooperating with the Inquiry. We have been assured by the Prime Minister that we will receive full co-operation from the Government and its Security and Intelligence Agencies. The Inquiry believes that this would cover all of the activities you have mentioned, as the type of behaviour you have explained regarding the Agencies deploying surveillance techniques on the Inquiry's Staff or asking Agencies in other countries to do likewise would go against this assurance of full cooperation.

Thank you for your recommendation in reference to encryption of the website to allow for individuals to submit evidence while protecting their identity. We continue to review our website and its security and will consider the points you have raised.

Finally on the important point in reference to ensuring that redactions placed on documents cannot be removed, the Inquiry takes its obligation to redact sensitive material, including individuals' personal details where they must be kept private, very seriously and are mindful of this risk. We shall, of course, do everything we can to ensure that this situation does not arise.

Yours Sincerely,

Alun Evans

With your help and feedback (either in the comments or via encrypted email, ideally using Tor or other IP Address obfuscation techniques) we will respond to the Detainee Inquiry, to press them further about the points in our Letter which they did not properly answer.

N.B. there are only a couple of working days left before the Attorney General and the Cabinet Secretary must reply to our Freedom of Information Act Requests for the promised Undertakings:

2010 annual report of the Interception of Communications Commissioner (.pdf)

The Rt Hon Sir Paul Kennedy, Interception of Communications Commissioner, mentions some examples of Interception of Communications Errors:

Communications Service Providers

3 July Error 1 relates to a human error by a member of CSP staff, whereby a feasibility call was conducted on an agency contact officer's number rather than the warranted target number. Therefore the incorrect transposition of a phone number led to the wrong mobile telephone being placed under intercept. Staff changes and weekend leave meant that the error was not uncovered until three days after interception commenced. Once the error was understood interception was immediately suspended and any product collected was destroyed. The CSP reviewed the incident and implemented a new pro-forma which separated warranty details from contact details to ensure such a mistake was not repeated in future.

Hoist by their own petard !

What exactly is a "feasibility call" with reference to phone interception ?

Communications Data Statistics

7.13 During the reporting year public authorities as a whole, submitted 552,550 requests for communications data. The intelligence agencies, police forces and other law enforcement agencies are the principal users of communications data. Chart 1 illustrates that the number of requests submitted in the last three years has increased year on year by approximately 5%. I cannot give a precise reason for the steady increase, but it is indicative of the growth in communications technology. The statistics show that certain police forces have increased their demands for communications data and I believe that this is due, in part, to the fact that there is an increasing awareness amongst investigators of the type of communications data that is available and how communications data can used as powerful investigative tool.

Which mainstream media organisation or other online commentators will make the annual mistake of misquoting the "552,550 requests for communications data" figure, as if this was the "number of phone taps" or some other nonsense, this time ?

The use of spreadsheet charts to display some of the statistics is an innovation in this year's Report, but it does hide the figures from search engines which might otherwise read and index the text of the (.pdf) file.

Chart 1: Number of Notices / Authorisations for Communications
Data in the previous three year period

2008 - 504,073

2009 - 525,130

2010 - 552,550

7.14 Chart 2 illustrates the breakdown of the communications data requests by type. Nearly two thirds of the requests for communications data in the reporting year were for subscriber data under Section 21(4)(c), usually in the form of enquiries to ascertain the ownership of mobile phones

The figures for the number of communications data requests for 2010 are broken down as:

Subscriber Data - Section 21 (4)(c) - 65% of 552,550 = 359,158

Traffic Data - Section 21 (4)(a) - 26% of of 552,550 = 143,663

Service Use Data - Section 21 (4)(b) - 6% of of 552,550 = 33,153

Combination of (a), (b) and (c) - 3% of of 552,550 = 16,577

Wrong Numbers

This Interception of Communications Commissioner Report alludes to other "wrong numbers" or transposed figures on warrants etc.,

However, digging into one of the Case Studies reveals another, even more tragic "wrong number":

Case Study 2

Lancashire Constabulary - Operation Lace

Lancashire Constabulary used communications data very effectively when investigating the murders of Mr Abdullah Aziz Mohammed and his wife Ayesha Mohammed, and the attempted murder of their two children. The communications data initially identified two suspects who were shown to travel simultaneously into the vicinity of the offence location at the relevant time. This evidence was used to present the case to the CPS who agreed a charge of murder. However from the evidence available these two suspects could not have been responsible for setting the fire and further communications data acquired in relation to the two suspects actually assisted to exonerate them from the murders.

This is an example of how dangerous, to innocent people, the snooping on mobile phone Location Data can be.

They should never have been prosecuted on the basis of this "evidence" in the first place.

The two innocent people who were arrested, charged with murder and remanded in custody will remain forever on police and other databases

Two in court over Blackburn double fatal house fire

"Imran Ali, 29, from Manchester, and Peter Bowden, 39, from Lytham St Annes, were brought before Blackburn magistrates in separate hearings on Friday morning.

They are both charged with the murder of Abdullah Mohammed, 41, his 39-year-old wife Ayesha, and arson with intent to endanger life.

Both men were remanded in custody until a preliminary hearing at Preston Court on November 11. "


Blackburn fire murder charges dropped for two men

"The cases against Peter Bowden, 39, of Lytham St Annes and Imran Ali, 29, of Manchester, have been discontinued."

4 murderers were actually convicted:

Gang Jailed For Murder Of 'Wrong' Couple

The intended victim, Mo Ibrahim - who is no relation to the convicted man - lived at 135 London Road in Blackburn, while the Mohammed family were at 175 London Road.

None of the Case Studies illustrate anything which justifies the Data Retention of Communication Data belonging to millions of innocent people for a year.

If the Data Retention legislation had been repealed, all of these serious crime investigations would have proceeded exactly as before, with targeted access to just the current or very recent Communications Data of just the people who were being investigated.

Future Reports should include a breakdown of requests for historical Retained Communications Data i.e. older than 1 month, older than 3 months, 6 months or the full year.

We suspect that there will actually be very few of such requests for historical Retained Data and almost none of them will have been proportionate to current ongoing targeted investigations.

law Enforcement or Intelligence Agencies or Communications Service Providers should not be allowed to inflate the Data Retention use statistics, by pretending that a request for say, subscriber information for a currently used mobile phone counts as a "full 12 months historical Retained data" request, because the phone is on an annual or longer contract, where the name and address details have not changed in 12 months.

8.14 Regrettably serious weaknesses and failings were found in the systems and processes of 15 of the prison establishments which were inspected. This number has reduced from the previous year, but it is still too high and indicates a failure by managers and staff to ensure the interception of communications is conducted fully in accordance with the rules. Three of these prisons were visited twice during the reporting year. I am pleased to report that the re-inspection of one of these prisons found a complete transformation and consequently that establishment is now achieving a good level of compliance. Regrettably my Inspectors concluded that the other two establishments had
not made significant progress during the re-inspections and were still achieving a poor level of compliance. This is concerning considering the fact that they were subject to two inspections in the reporting year. These prisons have now provided an assurance that they will take the necessary remedial action, nevertheless they will again be subject to an early re-inspection to check that they have improved.

Since the Interception of Communications Commissioner does not technically even have a remit under RIPA to inspect prisons, but was asked to do so, he has now enforcement powers.

He should publicly name and shame these two "repeat offender".prisons.

At the very least, his inspection reports must be forwarded to the Independent Monitoring Boards of each of the prisons concerned.

Yet again there is duplication with Intelligence Services Commissioner' Report, regarding a few crumbs of information from the secretive Information Tribunal:

9.2 As I have explained in my previous Annual Reports, complaints to the Investigatory Powers Tribunal cannot easily be "categorised" under the three Tribunal systems that existed prior to RIPA. Consequently, I am unable to detail those complaints that relate to the interception of communications that would previously have been considered by the Interception of Communications Tribunal. I can only provide the information on the total number of complaints made to the Investigatory Powers Tribunal. The Tribunal received 164 new applications during the calendar year 2010 and completed its investigation of 208 cases during the year. 40 cases have been carried forward to 2011.

Assistance to the Tribunal

9.3 Section 57(3) of RIPA requires me to give all such assistance to the Tribunal as the Tribunal may require in relation to investigations and other specified matters. My assistance was not sought by the Tribunal during 2010.

Determinations made by the Tribunal in favour of complainants

9.4 During 2010 the Investigatory Powers Tribunal made six determinations in favour of complainants. Since its inception the Investigatory Powers Tribunal has now upheld ten complaints. One of the upheld complaints was made by a husband and wife who lodged a joint complaint and five by members of the same family. On the grounds of confidentiality, the Investigatory Powers Tribunal Rules 2000 prohibit me from disclosing specific details about the complaint made by the husband and wife, but it is sufficient to say that the conduct complained of was not authorised in accordance with the relevant provisions of RIPA. The complaints made by the five members of the same family were the subject of an open hearing in November 2009 which was widely reported in the media. The case involved directed surveillance carried out by Poole Borough Council of a family in connection with an application made by the parents for a school place for their youngest child. The Tribunal found that the conduct complained of was not authorised in accordance with the relevant provisions of RIPA. The complainants made no application for remedies and none were awarded. The fact that these cases were upheld has led to changes in guidelines provided to Local Authorities on the use of directed surveillance and proposed legislation to change the procedures on the authorisation of this type of surveillance.

Directed surveillance by Poole Borough Council case did nothave anything to do with either Interception of Communications or the acquisition of Communications Data.

target="_rr2" title="Report of the Intelligence Services Commissioner for 2010 - PDF - new window">Report of the Intelligence Services Commissioner for 2010

The Right Honourable Sir Peter Gibson, in his last Report before he is succeeded by Sir Mark Waller, who was appointed as Intelligence Services
Commissioner with effect from 1 January 2011, tries his usual "Jedi mind trick" by passing out his public report, so as not to reveal anything of significance at all about the Intelligence Services and their use or abuse of their huge RIPA surveillance powers.

These are aren't the droids you are looking for...

Move along, move along

We are slightly intrigued by

1. I was appointed the Intelligence Services Commissioner under section 59 of the Regulation of Investigatory Powers Act 2000 (RIPA) with effect from 1 April 2006. My appointment was initially for three years and was, from 1 April 2009, extended for a further period of three years to 31 March 2012. I stepped down as Commissioner on 31 December 2010 so that I could devote myself to the Detainee Inquiry which I have been asked to chair and a new Commissioner was appointed with effect from 1 January 2011.


25. Both I and my predecessor, Lord Brown, before me in our annual reports set out the functions of the Intelligence Services Commissioner. Despite that, it is apparent from the publicised criticisms of my appointment as chairman of the Detainee
that misconceptions as to the functions of the Commissioner still remain.

This seems to confirm our Spy Blog comments on the post facto announcement that a new Commissioner had been appointed three weeks after
he had taken up office in secret.

Intelligence Services Commissioner, Rt. Hon. Sir Mark Waller appointed early, announced late

Part III of RIPA

33. As I have noted above, Part III of RIPA came into force on 1 October 2007. However, no notification of any directions to require disclosure in respect of protected electronic information has been given to me in 2010 and there has been no exercise or performance of powers and duties under Part III for me to review.

Identity Cards Act 2006 (ICA)

34. Following the repeal of the ICA, Identity Cards ceased to be valid legal documents on 22 January 2011 and the database has now been destroyed. I am not aware of any acquisition, storage and use made by the intelligence services pursuant to the ICA of information which had been recorded in the National Identity Register.

Prevention of Terrorism Act 2005

35. I was consulted by the Home Office about control orders in accordance with the Act on 7 January 2010 and, on 21 January 2010, I advised officials there that in the absence of viable alternative arrangements I did not object, in principle, to the extension of the control order regime for a further period of 12 months

Move along, move along

Guidance on Detention and Interviewing of Detainees by Intelligence Officers and Military Personnel

28. In his speech on 18 March 2009, the then Prime Minister made a statement to Parliament that he had asked the Intelligence Services Commissioner, and the Commissioner had agreed, to monitor compliance by intelligence officers and military personnel with the Consolidated Guidance on the standards to be followed during the detention and interviewing of detainees, and to report to the Prime Minister annually. The period of this extra-statutory oversight commenced on 6 July 2010 when the Consolidated Guidance to Intelligence Officers and Service Personnel (the Guidance) was published. Also published at that time was a Note of Additional Information from the Foreign Secretary, the Home Secretary and the Defence Secretary. I was not involved in the drafting of the Guidance or the Note.


45. In conclusion, I am not aware of any failure by intelligence officers and military personnel to comply with the Guidance in the period between 6 July and 31 December 2010. It is properly recognised within the Security Service, SIS and the MOD that compliance with the Guidance is mandatory and that personnel must be trained accordingly.


Move along, move along


50. 28 errors in respect of RIPA authorisations and ISA warrants were made and reported to me in 2010. Six errors resulted from a delay within one Government Department in dealing with the replacement of one warrant relating to six individuals with six applications for warrants, one for each individual. It is not possible for me to say anything further about the 28 errors without revealing information of a sensitive nature, but I have referred to them in more detail in the Confidential Annex. However, I can report that the majority of the errors occurred in respect of surveillance and interference with property for which there was no valid authorisation or warrant in force for a comparatively short time. Every such breach is a matter for regret. I have been given a full description of, and explanation for, each error. All the errors can properly be categorised as minor. None of the cases involved bad faith or any deliberate departure from established practices. In all cases, following the discovery of the errors, internal procedures have been reviewed and, where possible, strengthened with a view to minimising the risk of a future recurrence.

Move along, move along



53. The Tribunal received 164 new applications and completed 208 cases during the calendar year 2010. 40 cases were carried forward to 2011.

Assistance to the Tribunal

54. Section 57(3) of RIPA requires the Commissioner to give all such assistance to the
Tribunal as the Tribunal may require in relation to investigations and other specified matters. My assistance was not sought by the Tribunal during 2010.

Move along, move along

Determinations made by the Tribunal in favour of complainants

55. During 2010 the Tribunal made six determinations in favour of complainants.Since its inception the Tribunal has now upheld ten complaints. One of the upheld complaints was made by a husband and wife who lodged a joint complaint. The Investigatory Powers Tribunal Rules 2000 prohibit me on the grounds of confidentiality from disclosing specific details about the complaint made by the husband and wife, but it is sufficient to say that the conduct complained of was not authorised under the relevant provisions of RIPA nor was it a complaint against any of the agencies or persons over whom I exercise oversight.

56. Complaints were also successfully made by five members of the same family and were the subject of an open hearing in November 2009. The case was widely reported in the media. It involved directed surveillance carried out by Poole Borough Council of a family in connection with an application made by parents for a school place for their youngest child. The Tribunal found that the conduct complained of was not authorised in accordance with the relevant provisions of RIPA. The complainants made no application for remedies and none was awarded.

57. The fact that these cases were upheld has influenced changes in guidelines provided to Local Authorities on the use of directed surveillance and proposed legislation to change the procedures on the authorisation of this type of surveillance.

These two cases have got nothing whatsoever to do with the Intelligence Services, but since this Report always has so little actual content, so we are presumably supposed to grateful for these crumbs of information, at second hand, from the secretive Information Tribunal.

The alleged "oversight" mechanism of an Annual Report which never says anything at all in public, actually detracts from public confidence in the Intelligence Services

About this blog

This United Kingdom based blog attempts to draw public attention to, and comments on, some of the current trends in ever cheaper and more widespread surveillance technology being deployed to satisfy the rapacious demand by state and corporate bureaucracies and criminals for your private details, and the technological ignorance of our politicians and civil servants who frame our legal systems.

The hope is that you the readers, will help to insist that strong safeguards for the privacy of the individual are implemented, especially in these times of increased alert over possible terrorist or criminal activity. If the systems which should help to protect us can be easily abused to supress our freedoms, then the terrorists will have won.

We know that there are decent, honest, trustworthy individual politicians, civil servants, law enforcement, intelligence agency personnel and broadcast, print and internet journalists etc., who often feel powerless or trapped in the system. They need the assistance of external, detailed, informed, public scrutiny to help them to resist deliberate or unthinking policies, which erode our freedoms and liberties.

Email & PGP Contact

Please feel free to email your views about this blog, or news about the issues it tries to comment on.


Our PGP public encryption key is available for those correspondents who wish to send us news or information in confidence, and also for those of you who value your privacy, even if you have got nothing to hide.

We offer this verifiable GPG / PGP public key (the ID is available on several keyservers, twitter etc.) as one possible method to establish initial contact with whistleblowers and other confidential sources, if it suits their Threat Model or Risk Appetite, but will then try to establish other secure, anonymous communications channels e.g. encrypted Signal Messenger via burner devices,or face to face meetings, postal mail or dead drops etc. as appropriate.

Current PGP Key ID: 0x1DBD6A9F0FACAD30 which will expire on 29th August 2021.

You can download a free copy of the PGP encryption software from
(available for most of the common computer operating systems, and also in various Open Source versions like GPG)

We look forward to the day when UK Government Legislation, Press Releases and Emails etc. are Digitally Signed so that we can be assured that they are not fakes. Trusting that the digitally signed content makes any sense, is another matter entirely.

Hints and Tips for Whistleblowers and Political Dissidents

Please take the appropriate precautions if you are planning to blow the whistle on shadowy and powerful people in Government or commerce, and their dubious policies. The mainstream media and bloggers also need to take simple precautions to help preserve the anonymity of their sources e.g. see Spy Blog's Hints and Tips for Whistleblowers - or use this easier to remember link:

BlogSafer - wiki with multilingual guides to anonymous blogging

Digital Security & Privacy for Human Rights Defenders manual, by Irish NGO Frontline Defenders.

Everyone’s Guide to By-Passing Internet Censorship for Citizens Worldwide (.pdf - 31 pages), by the Citizenlab at the University of Toronto.

Handbook for Bloggers and Cyber-Dissidents - March 2008 version - (2.2 Mb - 80 pages .pdf) by Reporters Without Borders

Reporters Guide to Covering the Beijing Olympics by Human Rights Watch.

A Practical Security Handbook for Activists and Campaigns (v 2.6) (.doc - 62 pages), by experienced UK direct action political activists

Anonymous Blogging with Wordpress & Tor - useful step by step guide with software configuration screenshots by Ethan Zuckerman at Global Voices Advocacy. (updated March 10th 2009 with the latest Tor / Vidalia bundle details)


Watching Them, Watching Us

London 2600

Our UK Freedom of Information Act request tracking blog - ethical and technical discussion about the project for anonymous mass leaking of documents etc.

Privacy and Security

Privacy International
United Kingdom Privacy Profile (2011)

Cryptome - censored or leaked government documents etc.

Identity Project report by the London School of Economics
Surveillance & Society the fully peer-reviewed transdisciplinary online surveillance studies journal

Statewatch - monitoring the state and civil liberties in the European Union

The Policy Laundering Project - attempts by Governments to pretend their repressive surveillance systems, have to be introduced to comply with international agreements, which they themselves have pushed for in the first place

International Campaign Against Mass Surveillance

ARCH Action Rights for Children in Education - worried about the planned Children's Bill Database, Connexions Card, fingerprinting of children, CCTV spy cameras in schools etc.

Foundation for Information Policy Research
UK Crypto - UK Cryptography Policy Discussion Group email list

Technical Advisory Board on internet and telecomms interception under RIPA

European Digital Rights

Open Rights Group - a UK version of the Electronic Frontier Foundation, a clearinghouse to raise digital rights and civil liberties issues with the media and to influence Governments.

Digital Rights Ireland - legal case against mandatory EU Comms Data Retention etc.

Blindside - "What’s going to go wrong in our e-enabled world? " blog and wiki and Quarterly Report will supposedly be read by the Cabinet Office Central Sponsor for Information Assurance. Whether the rest of the Government bureaucracy and the Politicians actually listen to the CSIA, is another matter.

Biometrics in schools - 'A concerned parent who doesn't want her children to live in "1984" type society.'

Human Rights

Liberty Human Rights campaigners

British Institute of Human Rights
Amnesty International

Prevent Genocide International

asboconcern - campaign for reform of Anti-Social Behavior Orders

Front Line Defenders - Irish charity - Defenders of Human Rights Defenders

Internet Censorship

OpenNet Initiative - researches and measures the extent of actual state level censorship of the internet. Features a blocked web URL checker and censorship map.

Committee to Protect Bloggers - "devoted to the protection of bloggers worldwide with a focus on highlighting the plight of bloggers threatened and imprisoned by their government."

Reporters without Borders internet section - news of internet related censorship and repression of journalists, bloggers and dissidents etc.

Judicial Links

British and Irish Legal Information Institute - publishes the full text of major case Judgments

Her Majesty's Courts Service - publishes forthcoming High Court etc. cases (but only in the next few days !)

House of Lords - The Law Lords are currently the supreme court in the UK - will be moved to the new Supreme Court in October 2009.

Information Tribunal - deals with appeals under FOIA, DPA both for and against the Information Commissioner

Investigatory Powers Tribunal - deals with complaints about interception and snooping under RIPA - has almost never ruled in favour of a complainant.

Parliamentary Opposition

The incompetent yet authoritarian Labour party have not apologised for their time in Government. They are still not providing any proper Opposition to the current Conservative - Liberal Democrat coalition government, on any freedom or civil liberties or privacy or surveillance issues.

UK Government

Home Office - "Not fit for purpose. It is inadequate in terms of its scope, it is inadequate in terms of its information technology, leadership, management systems and processes" - Home Secretary John Reid. 23rd May 2006. Not quite the fount of all evil legislation in the UK, but close.

No. 10 Downing Street Prime Minister's Official Spindoctors

Public Bills before Parliament

United Kingdom Parliament
Home Affairs Committee of the House of Commons.

House of Commons "Question Book"

UK Statute Law Database - is the official revised edition of the primary legislation of the United Kingdom made available online, but it is not yet up to date.

FaxYourMP - identify and then fax your Member of Parliament
WriteToThem - identify and then contact your Local Councillors, members of devolved assemblies, Member of Parliament, Members of the European Parliament etc.
They Work For You - House of Commons Hansard made more accessible ? UK Members of the European Parliament

Read The Bills Act - USA proposal to force politicians to actually read the legislation that they are voting for, something which is badly needed in the UK Parliament.

Bichard Inquiry delving into criminal records and "soft intelligence" policies highlighted by the Soham murders. (taken offline by the Home Office)

ACPO - Association of Chief Police Officers - England, Wales and Northern Ireland
ACPOS Association of Chief Police Officers in Scotland

Online Media

Boing Boing

Need To Know [now defunct]

The Register

NewsNow Encryption and Security aggregate news feed
KableNet - UK Government IT project news - UK eGovernment and public sector IT news
eGov Monitor

Ideal Government - debate about UK eGovernment

NIR and ID cards

Stand - email and fax campaign on ID Cards etc. [Now defunct]. The people who supported have gone on to set up other online tools like The Government's contemptuous dismissal of over 5,000 individual responses via the website to the Home Office public consultation on Entitlement Cards is one of the factors which later led directly to the formation of the the NO2ID Campaign who have been marshalling cross party opposition to Labour's dreadful National Identity Register compulsory centralised national biometric database and ID Card plans, at the expense of simpler, cheaper, less repressive, more effective, nore secure and more privacy friendly alternative identity schemes.

NO2ID - opposition to the Home Office's Compulsory Biometric ID Card
NO2ID bulletin board discussion forum

Home Office Identity Cards website
No compulsory national Identity Cards (ID Cards) BBC iCan campaign site
UK ID Cards blog
NO2ID press clippings blog
CASNIC - Campaign to STOP the National Identity Card.
Defy-ID active meetings and protests in Glasgow - New Alliance's ID Cards page - total rejection of any UK ID Card

International Civil Aviation Organisation - Machine Readable Travel Documents standards for Biometric Passports etc.
Anti National ID Japan - controversial and insecure Jukinet National ID registry in Japan
UK Biometrics Working Group run by CESG/GCHQ experts etc. the UK Government on Biometrics issues feasability
Citizen Information Project feasability study population register plans by the Treasury and Office of National Statistics - comments and links to each paragraph of the Home Office's "Strategic Action Plan for the National Identity Scheme".

De-Materialised ID - "The voluntary alternative to material ID cards, A Proposal by David Moss of Business Consultancy Services Ltd (BCSL)" - well researched analysis of the current Home Office scheme, and a potentially viable alternative.

Surveillance Infrastructures

National Roads Telecommunications Services project - infrastruture for various mass surveillance systems, CCTV, ANPR, PMMR imaging etc.

CameraWatch - independent UK CCTV industry lobby group - like us, they also want more regulation of CCTV surveillance systems.

Every Step You Take a documentary about CCTV surveillance in the Uk by Austrian film maker Nino Leitner.

Transport for London an attempt at a technological panopticon - London Congestion Charge, London Low-Emission Zone, Automatic Number Plate Recognition cameras, tens of thousands of CCTV cameras on buses, thousands of CCTV cameras on London Underground, realtime road traffic CCTV, Iyster smart cards - all handed over to the Metropolitan Police for "national security" purposes, in real time, in bulk, without any public accountibility, for secret data mining, exempt from even the usual weak protections of the Data Protection Act 1998.

RFID Links

RFID tag privacy concerns - our own original article updated with photos

NoTags - campaign against individual item RFID tags
Position Statement on the Use of RFID on Consumer Products has been endorsed by a large number of privacy and human rights organisations.
RFID Privacy Happenings at MIT
Surpriv: RFID Surveillance and Privacy
RFID Scanner blog
RFID Gazette
The Sorting Door Project blog - where we sometimes crosspost RFID articles

Genetic Links

DNA Profiles - analysis by Paul Nutteing
GeneWatch UK monitors genetic privacy and other issues
Postnote February 2006 Number 258 - National DNA Database (.pdf) - Parliamentary Office of Science and Technology

The National DNA Database Annual Report 2004/5 (.pdf) - published by the NDNAD Board and ACPO.

Eeclaim Your DNA from Britain's National DNA Database - model letters and advice on how to have your DNA samples and profiles removed from the National DNA Database,in spite of all of the nureacratic obstacles which try to prevent this, even if you are innocent.

Miscellanous Links

Michael Field - Pacific Island news - no longer a paradise - John Gilmore versus USA internal flight passports and passenger profiling etc.

The BUPA Seven - whistleblowers badly let down by the system.

Tax Credit Overpayment - the near suicidal despair inflicted on poor, vulnerable people by the then Chancellor Gordon Brown's disasterous Inland Revenue IT system.

Fassit UK - resources and help for those abused by the Social Services Childrens Care bureaucracy

Former Spies

MI6 v Tomlinson - Richard Tomlinson - still being harassed by his former employer MI6

Martin Ingram, Welcome To The Dark Side - former British Army Intelligence operative in Northern Ireland.

Operation Billiards - Mitrokhin or Oshchenko ? Michael John Smith - seeking to overturn his Official Secrets Act conviction in the GEC case.

The Dirty Secrets of MI5 & MI6 - Tony Holland, Michael John Smith and John Symond - stories and chronologies.

Naked Spygirl - Olivia Frank

Blog Links blog - Comments on IT security and Privacy or the lack thereof.
Rat's Blog -The Reverend Rat writes about London street life and technology
Duncan Drury - wired adventures in Tanzania & London
Dr. K's blog - Hacker, Author, Musician, Philosopher

David Mery - falsely arrested on the London Tube - you could be next.

James Hammerton
White Rose - a thorn in the side of Big Brother
Big Blunkett
Into The Machine - formerly "David Blunkett is an Arse" by Charlie Williams and Scribe
infinite ideas machine - Phil Booth
Louise Ferguson - City of Bits
Chris Lightfoot
Oblomovka - Danny O'Brien

Liberty Central

dropsafe - Alec Muffett
The Identity Corner - Stefan Brands
Kim Cameron - Microsoft's Identity Architect
Schneier on Security - Bruce Schneier
Politics of Privacy Blog - Andreas Busch
solarider blog

Richard Allan - former Liberal Democrat MP for Sheffield Hallam
Boris Johnson Conservative MP for Henley
Craig Murray - former UK Ambassador to Uzbekistan, "outsourced torture" whistleblower

Howard Rheingold - SmartMobs
Global Guerrillas - John Robb
Roland Piquepaille's Technology Trends

Vmyths - debunking computer security hype

Nick Leaton - Random Ramblings
The Periscope - Companion weblog to journalist network.
The Practical Nomad Blog Edward Hasbrouck on Privacy and Travel
Policeman's Blog
World Weary Detective

Martin Stabe
B2fxxx - Ray Corrigan
Matt Sellers
Grits for Breakfast - Scott Henson in Texas
The Green Ribbon - Tom Griffin
Guido Fawkes blog - Parliamentary plots, rumours and conspiracy.
The Last Ditch - Tom Paine
The (e)State of Tim - Tim Hicks
Ilkley Against CCTV
Tim Worstall
Bill's Comment Page - Bill Cameron
The Society of Qualified Archivists
The Streeb-Greebling Diaries - Bob Mottram

Your Right To Know - Heather Brooke - Freedom off Information campaigning journalist

Ministry of Truth _ Unity's V for Vendetta styled blog.

Bloggerheads - Tim Ireland

W. David Stephenson blogs on homeland security et al.
EUrophobia - Nosemonkey

Blogzilla - Ian Brown

BlairWatch - Chronicling the demise of the New Labour Project

dreamfish - Robert Longstaff

Informaticopia - Rod Ward


The Musings of Harry

Chicken Yoghurt - Justin McKeating

The Red Tape Chronicles - Bob Sullivan MSNBC

Campaign Against the Legislative and Regulatory Reform Bill

Stop the Legislative and Regulatory Reform Bill

Rob Wilton's esoterica

panGloss - Innovation, Technology and the Law

Arch Rights - Action on Rights for Children blog

Database Masterclass - frequently asked questions and answers about the several centralised national databases of children in the UK.


Moving On

Steve Moxon blog - former Home Office whistleblower and author.

Al-Muhajabah's Sundries - anglophile blog

Architectures of Control in Design - Dan Lockton

rabenhorst - Kai Billen (mostly in German)

Nearly Perfect Privacy - Tiffany and Morpheus

Iain Dale's Diary - a popular Conservative political blog

Brit Watch - Public Surveillance in the UK - Web - Email - Databases - CCTV - Telephony - RFID - Banking - DNA

BLOGDIAL - smart mobile phone forensics, information security, computer security and digital forensics by a couple of Australian researchers

Ralph Bendrath

Financial Cryptography - Ian Grigg et al.

UK Liberty - A blog on issues relating to liberty in the UK

Big Brother State - "a small act of resistance" to the "sustained and systematic attack on our personal freedom, privacy and legal system"

HosReport - "Crisis. Conspiraciones. Enigmas. Conflictos. Espionaje." - Carlos Eduardo Hos (in Spanish)

"Give 'em hell Pike!" - Frank Fisher

Corruption-free Anguilla - Good Governance and Corruption in Public Office Issues in the British Overseas Territory of Anguilla in the West Indies - Don Mitchell CBE QC

geeklawyer - intellectual property, civil liberties and the legal system

PJC Journal - I am not a number, I am a free Man - The Prisoner

Charlie's Diary - Charlie Stross

The Caucus House - blog of the Chicago International Model United Nations

Famous for 15 Megapixels

Postman Patel

The 4th Bomb: Tavistock Sq Daniel's 7:7 Revelations - Daniel Obachike

OurKingdom - part of OpenDemocracy - " will discuss Britain’s nations, institutions, constitution, administration, liberties, justice, peoples and media and their principles, identity and character"

Beau Bo D'Or blog by an increasingly famous digital political cartoonist.

Between Both Worlds - "Thoughts & Ideas that Reflect the Concerns of Our Conscious Evolution" - Kingsley Dennis

Bloggerheads: The Alisher Usmanov Affair - the rich Uzbek businessman and his shyster lawyers Schillings really made a huge counterproductive error in trying to censor the blogs of Tim Ireland, of all people.

Matt Wardman political blog analysis

Henry Porter on Liberty - a leading mainstream media commentator and opinion former who is doing more than most to help preserve our freedom and liberty.

HMRC is shite - "dedicated to the taxpayers of Britain, and the employees of the HMRC, who have to endure the monumental shambles that is Her Majesty's Revenue and Customs (HMRC)."

Head of Legal - Carl Gardner a former legal advisor to the Government

The Landed Underclass - Voice of the Banana Republic of Great Britain

Henrik Alexandersson - Swedish blogger threatened with censorship by the Försvarets Radioanstalt (FRA), the Swedish National Defence Radio Establishement, their equivalent of the UK GCHQ or the US NSA.

World's First Fascist Democracy - blog with link to a Google map - "This map is an attempt to take a UK wide, geographical view, of both the public and the personal effect of State sponsored fear and distrust as seen through the twisted technological lens of petty officials and would be bureaucrats nationwide."

Blogoir - Charles Crawford - former UK Ambassodor to Poland etc.

No CCTV - The Campaign against CCTV

Barcode Nation - keeping two eyes on the database state.

Lords of the Blog - group blog by half a dozen or so Peers sitting in the House of Lords.

notes from the ubiquitous surveillance society - blog by Dr. David Murakami Wood, editor of the online academic journal Surveillance and Society

Justin Wylie's political blog

Panopticon blog - by Timothy Pitt-Payne and Anya Proops. Timothy Pitt-Payne is probably the leading legal expert on the UK's Freedom of Information Act law, often appearing on behlaf of the Information Commissioner's Office at the Information Tribunal.

Armed and Dangerous - Sex, software, politics, and firearms. Life’s simple pleasures… - by Open Source Software advocate Eric S. Raymond.

Georgetown Security Law Brief - group blog by the Georgetown Law Center on National Security and the Law , at Georgtown University, Washington D.C, USA.

Big Brother Watch - well connected with the mainstream media, this is a campaign blog by the TaxPayersAlliance, which thankfully does not seem to have spawned Yet Another Campaign Organisation as many Civil Liberties groups had feared.

Spy on Moseley - "Sparkbrook, Springfield, Washwood Heath and Bordesley Green. An MI5 Intelligence-gathering operation to spy on Muslim communities in Birmingham is taking liberties in every sense" - about 150 ANPR CCTV cameras funded by Home Office via the secretive Terrorism and Allied Matters (TAM) section of ACPO.

FitWatch blog - keeps an eye on the activities of some of the controversial Police Forward Intelligence Teams, who supposedly only target "known troublemakers" for photo and video surveillance, at otherwise legal, peaceful protests and demonstrations.

Other Links

Spam Huntress - The Norwegian Spam Huntress - Ann Elisabeth

Fuel Crisis Blog - Petrol over £1 per litre ! Protest !
Mayor of London Blog
London Olympics 2012 - NO !!!!

Cool Britannia


Free Gary McKinnon - UK citizen facing extradition to the USA for "hacking" over 90 US Military computer systems.

Parliament Protest - information and discussion on peaceful resistance to the arbitrary curtailment of freedom of assembly and freedom of speech, in the excessive Serious Organised Crime and Police Act 2005 Designated Area around Parliament Square in London.

Brian Burnell's British / US nuclear weapons history at

Syndicate this site (XML):

Follow Spy Blog on Twitter

For those of you who find it convenient, there is now a Twitter feed to alert you to new Spy Blog postings.

Please bear in mind the many recent, serious security vulnerabilities which have compromised the Twitter infrastructure and many user accounts, and Twitter's inevitable plans to make money out of you somehow, probably by selling your Communications Traffic Data to commercial and government interests. (same window)

Recent Comments

  • wtwu: NetIDMe seems to be in process of being wound up read more
  • wtwu: The House of Lords have approved the Regulations, without a read more
  • wtwu: Data Retention and Investigatory Powers Bill Government Note on the read more
  • wtwu: The former Customs Officer and the others involved in dealing read more
  • wtwu: BBC reports the password was $ur4ht4ub4h8 When Hussain was read more
  • wtwu: "only" an extra 4 months in prison for failing to read more
  • wtwu: Although not confirmed as part of the Wilson Doctrine per read more
  • wtwu: For now (just before Christmas 2013) it appears that the read more
  • wtwu: As expected, the ISC did not give the intelligence agency read more
  • wtwu: N.B. the Intelligence & Security Committee is now legally consituted read more


Monthly Archives

August 2020

Sun Mon Tue Wed Thu Fri Sat
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28 29
30 31          

UK Legislation

The United Kingdom suffers from tens of thousands of pages of complicated criminal laws, and thousands of new, often unenforceable criminal offences, which have been created as a "Pretend to be Seen to Be Doing Something" response to tabloid media hype and hysteria, and political social engineering dogmas. These overbroad, catch-all laws, which remove the scope for any judicial appeals process, have been rubber stamped, often without being read, let alone properly understood, by Members of Parliament.

The text of many of these Acts of Parliament are now online, but it is still too difficult for most people, including the police and criminal justice system, to work out the cumulative effect of all the amendments, even for the most serious offences involving national security or terrorism or serious crime.

Many MPs do not seem to bother to even to actually read the details of the legislation which they vote to inflict on us.

UK Legislation Links

UK Statute Law Database - is the official revised edition of the primary legislation of the United Kingdom made available online, but it is not yet up to date.

UK Commissioners

UK Commissioners some of whom are meant to protect your privacy and investigate abuses by the bureaucrats.

UK Intelligence Agencies

Intelligence and Security Committee - the supposedly independent Parliamentary watchdog which issues an annual, heavily censored Report every year or so. Currently chaired by the Conservative Sir Malcolm Rifkind. Why should either the intelligence agencies or the public trust this committee, when the untrustworthy ex-Labour Minister Hazel Blears is a member ?

Anti-terrorism hotline - links removed in protest at the Climate of Fear propaganda posters

MI5 Security Service
MI5 Security Service - links to encrypted reporting form removed in protest at the Climate of Fear propaganda posters

syf_logo_120.gif Secure Your Ferliliser logo
Secure Your Fertiliser - advice on ammonium nitrate and urea fertiliser security

cpni_logo_150.gif Centre for the Protection of National Infrastructure
Centre for the Protection of National Infrastructure - "CPNI provides expert advice to the critical national infrastructure on physical, personnel and information security, to protect against terrorism and other threats."

SIS MI6 careers_logo_sis.gif
Secret Intelligence Service (MI6) recruitment.

Government Communications Headquarters GCHQ

National Crime Agency - the replacement for the Serious Organised Crime Agency

Defence Advisory (DA) Notice system - voluntary self censorship by the established UK press and broadcast media regarding defence and intelligence topics via the Defence, Press and Broadcasting Advisory Committee.

Foreign Spies / Intelliegence Agencies in the UK

It is not just the UK government which tries to snoop on British companies, organisations and individuals, the rest of the world is constantly trying to do the same, regardless of the mixed efforts of our own UK Intelligence Agencies who are paid to supposedly protect us from them.

For no good reason, the Foreign and Commonwealth Office only keeps the current version of the London Diplomatic List of accredited Diplomats (including some Foreign Intelligence Agency operatives) online.

Presumably every mainstream media organisation, intelligence agency, serious organised crime or terrorist gang keeps historical copies, so here are some older versions of the London Diplomatic List, for the benefit of web search engine queries, for those people who do not want their visits to appear in the FCO web server logfiles or those whose censored internet feeds block access to UK Government websites.

Campaign Button Links

Watching Them, Watching Us - UK Public CCTV Surveillance Regulation Campaign
UK Public CCTV Surveillance Regulation Campaign

NO2ID Campaign - cross party opposition to the NuLabour Compulsory Biometric ID Card
NO2ID Campaign - cross party opposition to the NuLabour Compulsory Biometric ID Card and National Identity Register centralised database.

Gary McKinnon is facing extradition to the USA under the controversial Extradition Act 2003, without any prima facie evidence or charges brought against him in a UK court. Try him here in the UK, under UK law.
Gary McKinnon is facing extradition to the USA under the controversial Extradition Act 2003, without any prima facie evidence or charges brought against him in a UK court. Try him here in the UK, under UK law.

FreeFarid_150.jpg - Kafkaesque extradition of Farid Hilali under the European Arrest Warrant to Spain

Peaceful resistance to the curtailment of our rights to Free Assembly and Free Speech in the SOCPA Designated Area around Parliament Square and beyond
Parliament Protest blog - resistance to the Designated Area restricting peaceful demonstrations or lobbying in the vicinity of Parliament.

Petition to the European Commission and European Parliament against their vague Data Retention plans
Data Retention is No Solution - Petition to the European Commission and European Parliament against their vague Data Retention plans.

Save Parliament: Legislative and Regulatory Reform Bill (and other issues)
Save Parliament - Legislative and Regulatory Reform Bill (and other issues)

Open Rights Group

The Big Opt Out Campaign - opt out of having your NHS Care Record medical records and personal details stored insecurely on a massive national centralised database.

Tor - the onion routing network
Tor - the onion routing network - "Tor aims to defend against traffic analysis, a form of network surveillance that threatens personal anonymity and privacy, confidential business activities and relationships, and state security. Communications are bounced around a distributed network of servers called onion routers, protecting you from websites that build profiles of your interests, local eavesdroppers that read your data or learn what sites you visit, and even the onion routers themselves."

Tor - the onion routing network
Anonymous Blogging with Wordpress and Tor - useful Guide published by Global Voices Advocacy with step by step software configuration screenshots (updated March 10th 2009).

Amnesty International's campaign

BlogSafer - wiki with multilingual guides to anonymous blogging

NGO in a box - Security Edition privacy and security software tools

Home Office Watch blog, "a single repository of all the shambolic errors and mistakes made by the British Home Office compiled from Parliamentary Questions, news reports, and tip-offs by the Liberal Democrat Home Affairs team."

Reporters Without Borders - Reporters Sans Frontières - campaign for journalists 'and bloggers' freedom in repressive countries and war zones.

Committee to Protect Bloggers - "devoted to the protection of bloggers worldwide with a focus on highlighting the plight of bloggers threatened and imprisoned by their government."

Icelanders are NOT terrorists ! - despite Gordon Brown and Alistair Darling's use of anti-terrorism legislation to seize the assets of Icelandic banks.

No CCTV - The Campaign Against CCTV


I'm a Photographer Not a Terrorist !


Power 2010 cross party, political reform campaign


Cracking the Black Box - "aims to expose technology that is being used in inappropriate ways. We hope to bring together the insights of experts and whistleblowers to shine a light into the dark recesses of systems that are responsible for causing many of the privacy problems faced by millions of people."


Open Rights Group - Petition against the renewal of the Interception Modernisation Programme

wblogocrop_150.jpg - Fighting for justice for whistleblowers