Our beloved government is once again Taking Powers in the fight against computer crime. The Home Office proposes to create cyber-asbos that would enable the police to ban suspects from using such dangerous tools as computers and bank accounts. This would be done in a civil court against a low evidence standard; there are squeals from the usual suspects such as zdnet.
The Home Office proposals will also undermine existing data protection law; for example by allowing the banks to process sensitive data obtained from the public sector (medical record privacy, anyone?) and ‘dispelling misconceptions about consent’. I suppose some might welcome the proposed extension of ASBOs to companies. Thus, a company with repeated convictions for antitrust violations might be saddled with a list of harm-prevention conditions, for example against designing proprietary server-side protocols or destroying emails. I wonder what sort of responses the computer industry will make to this consultation 🙂
A cynic might point out that the ‘new powers’ seem in inverse proportion to the ability, or will, to use the existing ones. Ever since the South Sea Bubble in the 18th century, Britain has been notoriously lax in prosecuting bent bankers; city folk are now outraged when a Texas court dares to move from talk to action. Or take spam; although it’s now illegal to send unsolicited commercial emails to individuals in the UK, complaints don’t seem to result in action. Now trade and industry minister ‘Enver’ Hodge explains this is because there’s a loophole – it’s not illegal to spam businesses. So rather than prosecuting a spammer for spamming individuals, our beloved government will grab a headline or two by blocking this loophole. I don’t suppose Enver ever stopped to wonder how many spam runs are so well managed as to not send a single item to a single private email address – cheap headlines are more attractive than expensive, mesy implementation.
This pattern of behaviour – taking new powers rather than using the existing ones – is getting too well entrenched. In cyberspace we don’t have law enforcement any more – we have the illusion of law enforcement.
I have a number of issues with the proposals, apart from the fact that they are ill thought out.
1, The use of a civil court means that a defendent has no right to assistance in fighting the state.
An example of this sort of missuse was the dangerous dogs act which had both criminal and civil asspects. The Police on a number of occasions failed to get convictions using the criminal side as legal aid was granted to the defendents, so the Police switched instead to using the civil procedings. In more than one example there was only the Police Officers word that the dog was dangerous, and no other evidence was pressented.
2, The equipment seizier asppects, in what constitutes computer equipment.
An example goes back to the 1980’s and Pirate Radio. When a studio site was raided the authorities took all electronic equipment, even if it was not related to the pirate station. On one occasion a medium wave station used woodland next to a playing field. The authorities siezed push bikes of children playing football in the area.
3, What constitutes the use of the Internet.
In the modern world you would find it almost impossible to survive without using some form of electronic communications, and this is going to be increesingly the case as time goes on. In the case of Kevin Mitnick for instance he was not allowed to use even a phone for some considerable period of time. A lot of manual workers cannot work without the use of a phone, even shop assistants and factory workers these days get shift changes made at the drop of a hat and need to phone a very short period of time before their shift is due to start to find out if they are actually working.
I could go on at length about all the asspects of the proposals but you get the generall idea, the ability for the state to commit abuse against the individual is almost endless with these proposals
There are actually many loopholes in The Privacy and Electronic Communications (EC Directive) Regulations 2003
Only direct marketing is covered, not marketing in the guise of research. “Have you ever considered buying XXXX? Would YYYY be a good price?”.
Existing “customers” are not covered, so when Amazon spammed me they were quite safe
Unsubscribe can be made slow, difficult and risky (e.g. requiring you to select low security settings and follow a link from the email – see “2”)
Charities and Political Parties are not covered
B2B is not covered
Non-UK spammers are not covered.
I raised most of these issues before the bill was passed, so they are hardly new – giafly.