CCDP: The Government’s plan to make Britain the most monitored society in the world
Britain is soon to be an unenviable first in the world, as we attempt to leapfrog China and become the worlds number one most monitored society – The Communications Capabilities Development Programme (CCDP) is the Coalition governments programme to record everything we do on the internet and everyone we talk to on the phone.
New Labour failed with a similar scheme, the Intercept Modernisation Programme (IMP) because of the controversy of the proposals, project feasibility and the immense proposed cost (estimated at £2 billion by the LSE5). Although much of the proposed work was never really dropped. The components of the IMP plan that had been slated as part of the Communications Data Bill have continued under many other guises – the IMP proposals however were to include a centralised database containing a mass of information gathered by CSP’s (Communications Service Provider’s) on internet communications data and telephone communications data.
The Coalition have acted quickly to revive the IMP policy under the new name of the Communications Capabilities Development Programme (CCDP). The CCDP has much the same scope of the IMP and gives the same powers to government. Data gathering would include information that is not usually gathered by CSPs, such as email recipients or details from instant messages, and other third-party data – this is only data which could only be gathered through interception and “deep packet inspection”
The differences contained in the CCDP appear to be the lack of IMP’s proposed centralised database, it will however “assist” CSPs (money most probably out of our pocket) in maintaining their own databases of collated data; which then could be accessed by the “relevant authorities”, which are now worryingly, the Home Office says, not limited to those working on terrorism or organised crime.
CCDP poses the same serious issues about technical feasibility, cost, and privacy that the IMP did, but now we face the further threat of the wider dissemination of all that captured data. The standard excuses of terrorism and the spectre of EU regulation will be used to explain the implementation of this scheme; but this sort of mass surveillance will only lead to “fishing expeditions” and does not lead to better crime detection. The EU Data Retention Directive1 although dramatically flawed does not ask for the amount of information being trawled for and it has very specific safeguards built in.
As the Queen said at the opening of parliament “My government intends to bring forward measures to maintain the ability of the law enforcement and intelligence agencies to access vital communications data under strict safeguards to protect the public, subject to scrutiny of draft clauses.” read what the press release here – http://www.dehavilland.co.uk/PoliticalUploads/Draft_Communications_Data_Bill.pdf
The technical argument against the CCDP
Previously we used the email addresses provided for us by our ISP’s – who largely had their servers in the UK and the government were able to look at the information on who we were emailing and when, with ease. However as most of us now use email providers like Gmail and Hotmail , who are run by companies outside of the UK (Google and Microsoft respectively). and so don’t have to automatically comply with UK government requests.
The government doesn’t want to have to go through the whole process of making requests to ISP’s every time it wants information about someone, so it is seeking alternative solutions.
New Labour proposed a system requiring ISPs to record all interactions. This was done through the ominously named “Black Boxes” which performed ‘deep packet inspection‘ on communications across the internet. They do this by opening all the packets of information in an internet communication stream and read them, to identify which services you are using.
If you are using a social networking site, the boxes dig deeper to find out what the user is doing there. – If you are chatting, the boxes will record who speaks to who. Everything is monitored at key points on each communications network so that all people and their communications can be identified and opened up.
What is the Coalition proposing?
The Government wants to force ISPs to collect more information on our internet use, but don’t worry our taxes will help to pay them to snoop on us. This is how they plan to go about it:
1. Third Parties – “Communications Service Providers” (CSP’s) already have duties under law to provide government agencies with the information that they hold, when requested. However the first proposal in the CCDP means that that Google, Facebook and other providers will have to grant government agencies the same type of access to data that CSPs provide.
2. “Black Boxes” – Here the government is just reworking the IMP; “Black Boxes” will be installed to monitor and store all communications data. All of which brings up a range of security issues. How secure will these “Black Boxes” be? There are lots of examples of unscrupulous individuals, businesses and governments accessing data they shouldn’t. What about encrypted traffic? When using using SSL/TLS the black boxes know which service provider you are connecting to, but can’t access further information. This issue can be got around, but if the government attempted to, it would present many difficulties, be very controversial and could also be judged to be illegal.
The extension from the present position of the government where they are already able to request every location you’ve been to over the last twelve months, to the level of detail they would have access to under the CCDP would mean every friend that you’ve had on Facebook, every phone-call or communication on your mobile or landline, smart-phone, computer and anything else you use would open a Pandoras box of data that they will hold on each individual. And there are scant controls available to us to prevent abuse under the law, such as RIPA2
Why is the government forcing companies to collect data on us that is simply an excessive intrusion into our private lives? We will be akin to China and Iran if the CCDP goes ahead. Once the government has access to all this data there will be no limit on future actions, and to the extent that the governments will be able to intrude in our lives.
What can you do? Well at the moment the Government have presented a draft bill to parliament and this is in the ‘consultation’ phase now.