Language Selection

English French German Italian Portuguese Spanish

UK lobbies for data rentention

Filed under
Security

Britain will renew its efforts this week to get fellow European Union members to agree to the introduction of new controls for the retention of telecommunications data, following last week's bombings in London.

Under the proposals, telecoms operators and Internet service providers would have to keep records of emails, telephone calls and text messages for between 12 months and three years. Law enforcement agencies would be able to see who had sent and received these communications, although the content of these communications would not be stored.

Home secretary Charles Clarke claims that the powers would help to establish links between individuals.

"Telecommunications records, whether of telephones or of emails, which record what calls were made from what number to another number at what time are of important use for intelligence," said Clarke, according to reports.

The UK is one of several countries advocating the introduction of such measures over recent months. Other EU members have opposed them, fearing they would erode civil liberties.

Back in June the European Parliament rejected draft legislation introduced by France, Ireland, Sweden and the UK, amid fears that the proposals were illegal.

"There are sizable doubts on the choice of the legal basis and the proportionality of the measures. It is also possible that the proposal contravenes Article eight of the European Convention on Human Rights," the report from the parliamentary committee on Civil Liberties, Justice and Home Affairs says.

The committee also criticised the proposal because the data would be difficult to analyse and criminals could find a way around it.

"Given the volume of data to be retained, particularly Internet data, it is unlikely that an appropriate analysis of the data will be at all possible," the report says. "Individuals involved in organised crime and terrorism will easily find a way to prevent their data being traced."

The European Parliament's civil liberties committee has estimated that the proposals could cost large ISPs and telcos up to £120m to set up, and millions of pound a year to run.

By Graeme Wearden
ZDNet UK

More in Tux Machines

Debian and Ubuntu

Development: JavaScript, PHP, and GCC

  • 10 JavaScript concepts every Node.js programmer must master
    With JavaScript and the V8 engine at the core, an event-driven architecture, and scalability out of the box, Node.js has quickly become the new de facto standard for creating web applications and SaaS products. Many frameworks like Express, Sails, and Socket.IO enable users to quickly bootstrap applications and focus only on the business logic.
  • PHP Tour - Nantes 2017
    As for every AFUP event, organization was perfect, and I was able to meet a lot of developers and PHP users.
  • More OpenACC 2.5 Code Lands In GCC
    More code for supporting the OpenACC 2.5 specification has been landing in mainline GCC.
  • D Language Front-End Proposed For GCC 8, 800k Lines of Code
    A set of 13 patches amounting to nearly 800k lines of new code were sent out Sunday morning for adding a D language front-end to the GNU Compiler Collection (GCC).

Security Leftovers

  • Researchers find Android design defects that allow attacks

    The researchers — Yanick Fratantonio of the University of California, and Chenxiong Qian, Simon Pak Ho Chung and Wenke Lee, all from the Georgia Institute of Technology — called it a Cloak and Dagger attack as it happened without the owner of the smartphone being aware that any attack had taken place.

    The attack does not exploit any vulnerability, but takes advantage of two permissions that are allowed for apps to use certain features on Android.

  • The internet of unreliable and broken things
    Fine, the current process is rocky. Some of that is that it’s not matured yet (Alexa, when did Vincent Price die? No, not “play vincent price die”, not “christ die”, not “do you speak some price dead”, you stupid pile of undocumented microchips!) Some of it is that basically every large company underestimates how much people’s accounts are set up incorrectly or incompletely; after all, employees have everything set up right, because they know what they’re doing, and so this never comes up in testing. Some of it is because I’m joining dots on three or four very different puzzles: I’m sure if I were to get a Google Home and use Google Mail to send my shopping list to Google Keep and then buy things from Google Shopping, or if I were to get some theoretical Home Siri device and play music from my Apple account and put things in my Apple iCloud account… then all this would be a lot more seamless. But you should beware people who proclaim that technology would be easy if all us heathens were just to renounce our diverse needs and join their true faith. Mastery goes to the designer who can cope with us real people, in all our glittering and varied patterns and colours and desires. Not just the ones who take the easy way out and block you if you haven’t already bought all the rest of your stuff from them too.
  • 9 Ways Organizations Sabotage Their Own Security: Lessons from the Verizon DBIR
    Datasets from the recent Verizon 2017 Data Breach Investigations Report (DBIR) show that some security teams still may be operating under false assumptions regarding what it takes to keep their organizations secure. For starters, the same security standards don't apply across all vertical industries, says Suzanne Widup, a senior consultant for the Verizon RISK Team and co-author of the Verizon DBIR.
  • “Yahoobleed” flaw leaked private e-mail attachments and credentials
  • Web Developer Security Checklist
    If you have drunk the MVP cool-aid and believe that you can create a product in one month that is both valuable and secure — think twice before you launch your “proto-product”. After you review the checklist below, acknowledge that you are skipping many of these critical security issues. At the very minimum, be honest with your potential users and let them know that you don’t have a complete product yet and are offering a prototype without full security.
  • Obstacles to the Adoption of Secure Communication Tools

    [...] we interviewed 60 participants about their experience with different communication tools and their perceptions of the tools' security properties. We found that the adoption of secure communication tools is hindered by fragmented user bases and incompatible tools. Furthermore, the vast majority of participants did not understand the essential concept of end-to-end encryption, limiting their motivation to adopt secure tools

  • VMware Patches Multiple Security Issues in Workstation
    VMware fixed two bugs in its VMware Workstation late Thursday night, including an insecure library loading vulnerability and a NULL pointer dereference vulnerability. The virtualization software company warned of the issues Thursday night in a security advisory VMSA-2017-0009.

Linux Devices, Tizen, and Android