Britain Sneaks "Enfopol" Plan Into Action

Consultation paper on the Interception of Communications published in circumstances intended to minimise reporting or public discussion.

Controversial new plans for intercepting e-mail, the Internet, pagers, mobile phones and all new types telecommunications services were proposed in Britain last week. If the new law is passed as proposed, all "communications service providers" (CSPs) will be required at their own expense to build in government interception facilitities to their networks. The proposed new law follows the specifications secretly agreed by European police officials in the ENFOPOL plans revealed last year.

Legal obligations to be imposed on CSPs will include all Internet Service Providers operating in the UK, whether large or small. It will also cover "interception of business telecommunication services, ranging from basic networks of a few lines found within a small office to large networks linking offices, in both the public and private sectors".

Developing or introducing new networks or systems which cannot be monitored will breach the new interception law, according to the British Home Office. The need to provide interception interfaces "will be an ongoing requirement which CSPs will have to consider each time they develop their network or introduce new services".

The government expects the British telecommunications industry, not the police, to pay all the costs of installing tapping facilities. They expect CSPs "Communication Service Providers to pay for the provision and maintenance of the basic intercept capability defined in the requirements issued by the Secretary of State".

The law will apply to all types of new communications services, including internet telephony, TV conferencing, , and satellite based personal communications systems. Not just ordinary e-mails or phone calls are covered. Tapping centres will also have to be sent information about conference calls, redirected calls, calls that are not answered, and even the times when phones are switched on. Data from mobile phone networks will be used to track a target's movements.

Government officials refused to say whether the "basic intercept capability" will include regulations requiring ISPs to provide "full-time, real-time" access to communications. Nor has it decided how sophisticated the tapping centres required at each network centre should be. "In order to ensure that the requirements are proportionate and fair, it will be important to take into account such factors as the resources available to the company; the likely demand for interception from the Agencies; and the technical complexity of providing an interception capability.

But "in reaching a decision on what constitutes appropriate requirements to meet the [law enforcment and intelligence] Agencies' needs, the Secretary of State will take full account of internationally recognised standards such as the International User Requirements" (IUR).

The United Kingdom has thus become the first government in Europe directly to refer to the previously secret work of the so-called International Law Enforcement Telecommunications Seminar (ILETS) organisation in trying to impose interception facilities on the telecommunications industry without parliamentary or public discussion. (ILETS' activities were first revealed in Telepolis).

The Home Office claimed:

"International User Requirements were adopted by Member States of the European Union in the Council Resolution of January 1995, and have subsequently been adopted by the Governments of the USA, Canada, Australia and New Zealand".

They did not mention that the requirements were agreed without ministerial discussion, without the awareness or consent of industry or civil liberties groups, nor that their existence was kept secret for two years.

Thanks to the secret work of ILETS, the British claim that "maintenance of an interception capability forms a basic requirement for providers of communication services in countries such as France, Germany, the Netherlands, Sweden, Canada, the USA and Australia. We therefore feel that, ... they [will not] place the UK's communication services at a commercial disadvantage".

The proposals were announced last week by the Home Office in a Consultation paper on the Interception of Communications. The consultation paper was published in circumstances intended to minimise reporting or public discussion. The publication was announced a few hours beforehand on a day when journalists working in the area were already covering three major similar Home Office stories, involving Freedom of Information act proposals, an Official Secrets Act trial involving journalists, and a major report on computer crime. As a result, less than 20 journalists attended a press conference lasting barely 15 minutes.

One week earlier, the Home Office had revealed that during 1998, the government ministers had signed 2,031 telephone tapping warrants for domestic purposes, as well as an unknown number for foreign surveillance. Each one has to be signed personally by the Home Secretary or Scottish First Minister, who has to read the case papers and satisfy himself that a sufficient case has been made. This means that about 40 warrants have to be signed each week. Caspar Bowden of the Foundation for Information Policy Research pointed out that given statistical fluctuations, there would be some days on which he would have to sign 10, 15 or even 20 warrants. How long did he actually spend taking each decision?

"I'm not going to answer that question", said Home Secretary Jack Straw.

Elsewhere in Britain, large ISPs are already being asked to provide secure facilities within their own premises and at their own expense for the government to install routers running special programmes to select traffic in which they are interested.

Under the present British law, passed in 1985, only licensed public telecommunications system operators currently have to provide government tapping facilities within their networks. ISPs, unless they are also telecommunications operators, do not. However, they must surrender any stored communications data they have, including e-mails, web access records, and service details, if served with an order from a judge.

The British government claims that the new law will make full provision for human rights legislation. According to Home Secretary Jack Straw, "robust, independent safeguards are already in force ... I believe our proposals strike the right balance".

But according to Madeleine Colvin of Justice, the international human rights organisation and British section of the International Commission of Jurists, the proposed law would not achieve this:

"There are major gaps in what these proposals suggest for controlling surveillance methods. For example, how is anyone to know if their human rights may have been abused if they are never going to be told that their e-mail has been intercepted by the government?"

(Duncan Campbell)