UK to Become Even More Draconian with Privacy Laws

Oh dear, UK going backwards again. A bad case of Big Brother syndrome and once again under the blanket excuse of efforts against terrorism.

Please! That’s so old and tired now, do governments seriously think they can keep infringing people’s privacy and rights under the same old guise? Strike terror into the public by continually telling them they are under threat from terrorists? I guess they do…watch out folks of the UK because they will be watching you.

A massive government database holding details of every phone call, e-mail and time spent on the internet by the public is being planned as part of the fight against crime and terrorism. Internet service providers (ISPs) and telecoms companies would hand over the records to the Home Office under plans put forward by officials.

The information would be held for at least 12 months and the police and security services would be able to access it if given permission from the courts

The proposal will raise further alarm about a “Big Brother” society, as it follows plans for vast databases for the ID cards scheme and NHS patients. There will also be concern about the ability of the Government to manage a system holding billions of records. About 57 billion text messages were sent in Britain last year, while an estimated 3 billion e-mails are sent every day.

Held for 12 months? Soon to be linked to your ID card and NHS records? To your tax number, driving licence, home address, cellphone number, e-mail address and your ICQ number? I guess…they will be monitoring everything, every SMS and every e-mail.

Worried yet?

The proposal has emerged as part of plans to implement an EU directive developed after the July 7 bombings to bring uniformity of record-keeping. Since last October telecoms companies have been required to keep records of phone calls and text messages for 12 months. That requirement is to be extended to internet, e-mail and voice-over-internet use and included in a Communications Data Bill.

Police and the security services can access the records with a warrant issued by the courts. Rather than individual companies holding the information, Home Office officials are suggesting the records be handed over to the Government and stored on a huge database.

One of the arguments being put forward in favour of the plan is that it would make it simpler and swifter for law enforcement agencies to retrieve the information instead of having to approach hundreds of service providers. Opponents say that the scope for abuse will be greater if the records are held on one database.

It would be easier to get information for the police during an investigation, but does that make it right? Isn’t that the job of the police to co-ordinate with the various ISPs and companies involved to get the records they need to track someone down?

Sometimes I wonder what they are thinking, or if they are really thinking at all.

Source: Times Online

Posted in: Legal Issues, Privacy

, ,

Latest Posts:

Socialscan - Command-Line Tool To Check For Email And Social Media Username Usage Socialscan – Command-Line Tool To Check For Email And Social Media Username Usage
socialscan is an accurate command-line tool to check For email and social media username usage on online platforms, given an email address or username,
CFRipper - CloudFormation Security Scanning & Audit Tool CFRipper – CloudFormation Security Scanning & Audit Tool
CFRipper is a Python-based Library and CLI security analyzer that functions as an AWS CloudFormation security scanning and audit tool
CredNinja - Test Credential Validity of Dumped Credentials or Hashes CredNinja – Test Credential Validity of Dumped Credentials or Hashes
CredNinja is a tool to quickly test credential validity of dumped credentials (or hashes) across an entire network or domain very efficiently.
assetfinder - Find Related Domains and Subdomains assetfinder – Find Related Domains and Subdomains
assetfinder is a Go-based tool to find related domains and subdomains that are related to a given domain from a variety of sources including Facebook and more.
Karkinos - Beginner Friendly Penetration Testing Tool Karkinos – Beginner Friendly Penetration Testing Tool
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a 'Swiss Army Knife' for pen-testing and/or hacking CTF's.
Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.

24 Responses to UK to Become Even More Draconian with Privacy Laws

  1. Pedro Pinheiro May 26, 2008 at 10:28 am #

    The goal of collecting all this data is not to mine it per se (usually), but to know who is communicating with whom. This serves the purpose of discovering other members of a certain organized crime group or terrorist cell after one has be found through more traditional investigation methods.
    I’m not defending the system, I do believe that “Those Who Sacrifice Liberty For Security Deserve Neither.” (incorrectly attributed to Benjamin Franklin), just saying why they probably store the info. It’s not the content, but the metadata that counts.

  2. Bogwitch May 26, 2008 at 4:46 pm #

    Let’s not panic yet.. This is a proposal. I would love to find someone who actually thought that the UK government could handle that amount of information. Given the past history government of IT projects (CSA, Inland Revenue, MoD, NHS), I doubt they could get this off the ground in any realsitic timeframe.
    That said, if this does go ahead, the potential for abuse is astronomical. I have heard of considerably more bent coppers than I have terrorists.

  3. ZaD MoFo May 26, 2008 at 5:46 pm #
  4. razta May 26, 2008 at 10:04 pm #

    These plans will never go ahead, they are just testing the water.

  5. Jinesh Doshi May 27, 2008 at 4:43 am #

    No words to say. These guys are slowly eliminating privacy of their citizens. Soon other countries will follow this. Also, what if that database is hacked by wrong persons or terrorists themselves?


    If I am not wrong you are from UK right?

  6. Pantagruel May 27, 2008 at 9:25 am #

    @ZaD MoFo

    Well said, but it is more likely the UK following suit after being touched by the dirty mitts of the US. (I can’t quite remember the author of the paperback you’re quoting, will have to dive into the moving boxes to dig one up).

    @razta, I guess they are beyond testing the water since the UK seems to be very eager to please the US and badly wants to follow EU guidelines concerning storing communications/connections data.

    /Sarcastic mode

    Look at it from the ‘bright’ side, we don’t need voice mail any more or to keep elaborate email back-up, our government will be providing it for us in combination with time,date and location data. In the end we’ll end up paying for it through taxes and such.

  7. razta May 27, 2008 at 10:06 pm #

    Also another thing that takes the biscuit is the new “Computer Misuse act” legislation which they are also voting on later this year, which they copied from Germany’s approach to computer laws, if that passes parliament I wont legally be able to obtain and store “Hacker Tools” such as pen testing tools. The swine’s!

    I had no idea that this site was linked to security-forums! Great site before it turned into windows-security.

  8. Darknet May 28, 2008 at 3:27 am #

    Jinesh: Yes I am from UK but I don’t live there.

    razta: Yeah Security Forums was an offspring from what I did here, I founded it with another guy. It went down-hill after it was bought by those guys…I was ‘fired’ as an admin as I didn’t agree with what they were doing there. I don’t even have moderator access now.

  9. Jinesh Doshi May 28, 2008 at 5:16 am #

    All the very best luck to all the UK guys. Hopefully government will drop the plan.

  10. John Miller May 28, 2008 at 3:18 pm #

    I am from the UK and this is typical from the politically correct/communist UK government. First they let illegal undocumented aliens in to the country, then give asylum to the worlds terrorists and no goods where they can preach hate. Then surprise, surprise you have a crime and terrorism problem so their answer is to monitor all the UK’s legal citizens.

    Would not it be easier to have secured the borders and actually arrest and deport the terrorists. They know who they are but just won’t act.

    I also agree the implementation will be a mess. They will probably outsource it to Capita who already have illegal aliens on their payroll just like they did with the CSA.

  11. Bogwitch May 28, 2008 at 4:01 pm #

    As abysmal as Capita might be, the CSA fiasco is the responsibility of EDS.
    The finger of blame points to EDS for many of the other public IT debacles.
    This particular project, were it to go ahead, would almost certainly be awarded to BT as they own the majority of the infrastructure that Internet communications follow in the UK.

    It might not be PC to say so, but there is a perception that immigration, both legal and illegal, is creating a crime problem in the UK. I doubt you’re going to crack down on it sucessfully by monitoring Internet communications.

  12. John Miller May 28, 2008 at 4:22 pm #

    Sorry you are right about EDS. However I have seen first hand how Capita have also been awarded government contracts and then deliberately either held the project to ransom via change control or else made sure their board get some kind of backhanded bonus.

    I totally agree that immigration is the real problem for the UK.

  13. Bogwitch May 28, 2008 at 5:53 pm #

    You can replace EDS and Capita with any number of large organisations that are awarded Government contracts, almost all of them use similar tactics to increase the profit from their contracts. It might not be a popular opinion, but the Civil Service actually provided a more cost-effective solution than any profit making organisation has thus far.

    I didn’t say I agreed the immigration is the real problem in the UK. There certainly is sufficient anecdotal evidence to show that there are some issues but the hardcore evidence that there are deep-rooted problems seem to be whipped up by the press. The problems go back just a little further than the current immigration policy, it may be the fact that we are bound to European immigration policy – and actually adhere to it – whereas the countries, in Europe, that the immigrants traverse, do not. But that has nothing to do with UK government monitoring Internet communications. That has more to do with industrial espionage than anything else.

  14. Christoffer Stromblad May 29, 2008 at 2:16 pm #

    I’d like to propose an interesting change in perspective on this issue that brings up a few questions we should all ask ourselves.

    Let us assume for a second that there actually are terrorists and that they are not the government.

    What if their intention is exactly what’s happening, to trick all the governments into ridiculous monitoring legislation?

    I can’t help but ask myself, how are these records and likely huge databases to be protected? They would need to link hundreds of ISPs, hospitals and government institutions together into one big network mesh… that surely will be one complex behemoth of an application.

    So, now with all this aggregated data, arguably a gold-mine for terrorists, what would they do if this data came into the wrong hands? (Again, assuming it’s not already in the hands of the true evil!) It would seem to me that it would be even easier to attack a given target, as they can now find out what would, statistically, do the most damage, or any other interesting target.

    Just a thought.

  15. Jinesh Doshi May 30, 2008 at 5:42 am #

    @Christoffer Stromblad

    No offence but i already mentioned this stuff in one line long time back :).

  16. Christoffer Stromblad May 30, 2008 at 6:07 am #


    Ops! I failed to read all comments properly I see… well done Chris, NOT!

  17. Bogwitch May 30, 2008 at 8:17 am #

    @Christoffer Stromblad,
    I doubt this information would be of any use to terrorists, first, they are not particularly interested in high profile targets; they want to cause terror among the common man, and if they were, they have easier ways to identify them.

    @Jinesh, @Christoffer Stromblad,
    You’re quite right though, it would be a goldmine for a hacker to break into this data store. The success of spear phishing attacks could increase dramatically given that an attacker would have access to historic email records. Identity theft would be a real issue, too.
    Given that the Government does not have a good record in relation to protecting our data, how long do we think it will take before this data gets dumped on a roundabout?
    newer storage technologies
    it will be possible to lose even more data than a couple of CDs at a time!

  18. Jinesh Doshi May 31, 2008 at 5:31 am #


    Dear Bogwitch i dont agree with your this statement “I doubt this information would be of any use to terrorists, first, they are not particularly interested in high profile targets”

    High profile targets are well protected so if they are affected then there will be fear in the minds of common man. Its like if such high profile people are hit then common people will definitely be scared.

  19. Bogwitch May 31, 2008 at 5:47 pm #


    Historically, terrorists have attempted to create terror among the common people. Part of this is to create as many victims as possible. If high profile targets are selected, the number of victims is likely to be reduced. Also, by selecting a high profile target, an ‘ordinary’ member of the public feels a sense of removal from the victim.
    Take the 7/7 bombings in London or the September 11th attack in New York; the terrorists went for the greatest number of victims rather than the high profile victims.
    That said, it is entirely possible that the terrorists would like to select a higher profile victim but there would be easier ways to select that target than hacking the UK ACDB (All Communications DataBase) ;)

  20. Pantagruel June 1, 2008 at 8:52 am #


    The average Jane and Joe represent a multitude of possible targets, bet you can name at least 5 rather large businesses (+1000 employees in one building) which would not be considered ‘high’ profile but make a perfect target to wreak havoc.
    “If you want to instill fear into their hearts, take the battle to their homes” seems to be the terrorist credo. It’s little use going for a well guarded MP/president since the chances of success are small and the costs are high. Like Bogwitch mentions the general public doesn’t usually identify with their MP’s/President but will be shaken when the themselves could be the next on the list.

  21. dave June 2, 2008 at 12:35 am #

    The government is NOT to be trusted. There are some smart people on here who know the big agenda. The US already has super computers that listen in to billions of phone calls world wide and emails. The ISP’s have all forced to install taps both in the US and here for several years now so everything is already captured. Not all the data but keywords are pulled then alarms sound is something interesting crops up.

    BTW there is greater evidence that the UK 7/7 bombs were an INSIDE job just like 9/11 in order to get Brits to accept more security and less freedom. There is so much wrong with the 9/11 story its not even funny as CNN pole recently found 89% believed it WAS an inside job. Even the dumb Americans are beginning to see the truth.

    Little 7/7 clues that don’t add up include the number 30 bus was the ONLY bus to be forced detour off its usual route that day. Why would that happen without prior inside knowledge?

    Eye witness on the underground that survived the blast said the explosions came from UNDER the carriages blowing metal upwards. They never came from rucksacks.

    The rucksack bombers were more likely duped in to the frame as they had good jobs, families and were playing cricket the night before and bought return tickets. Does that sound like a suicide bomber?

    Finally the biggest con of all. The anti terror squad said publicly they were doing terror rehearsals on the SAME day at the SAME stations that actually happened for real. Get real the odds of that as a chance is billions and billions to one! Unless they planned the attacks.

    While all this happened for 3 hours the public was told it was a power outage on the underground.

    Anway, some of you are smart on here you know as well as i do that it wont be long before you are fined for looking at in appropriate sites or doing or saying things against the grain. You will get a Big Brother pop up on your screen to let you know you violated something and fined 150 quid been deducted from your paypal account. Further violations will result in loss of internet connection.

  22. Christoffer Stromblad June 2, 2008 at 6:18 am #

    @Dave, tell it, tell it brother! There have definitely been questions asked yet to be answered regarding 9/11. I personally think it’s fairly obvious why these things are happening. It’s not the government we should blame, not really. It’s big mega corporations with monetary interests, weapons manufacturers and the like. Those are the real winners here. The federal reserve, all big banks. They are all profiting from this in one way or another.

    Meh, it’s turning into just another rant. Fuck this, let’s go hack on something instead.

  23. Jinesh Doshi June 2, 2008 at 8:16 am #

    @Bogwitch, @Pantagruel,

    Guys I partly agree with you but just image the amount of fear when your president\prime minister gets killed and than it is followed by some massive attacks like 9/11 or 7/7. I hope none of this happens in any country.

  24. razta September 23, 2008 at 6:00 pm #

    After reading a summary of the recommendations put forward by the panel who investigated the future of ‘net crime’, I could not see where it said “ban the use of software used by hackers”, or anything close. Maybe im missing something, or not reading the right section. Can any one else find a reference to banning hack tools within the original papers? Am I reading the wrong papers??? Is all this just media hype??

    The future of netcrime now: Part 1