The watchdog organisation compiled its figures based on
estimates supplied by the Home Office, Ministerial statements,
legal experts, the communications industry and the All Party
Internet Group of MPs.
A conference yesterday at the London School of Economics heard
Privacy International explain that requests from police and other
investigative agencies involve an estimated 100 million individual
phone calls, subscriber data on nearly a million consumers, and the
acquisition of an unknown number of e-mail and internet logs.
This mass of seized information comprises perhaps a billion
individual items of data, ranging from credit card numbers to
dialled numbers.
Combined, this array of data creates a comprehensive dossier on
the contacts, friendships, interests, transactions, movements and
personal information on almost everyone in the UK, says the human
rights group. A single customer file can involve thousands of
items.
According to Privacy International, BT stores records for up to
seven years and these are sent automatically on request to
government agencies without the need for human intervention.
It adds that mobile phone providers - 02 in particular - are
able to provide authorities with information on their customers'
geographic movements (while using their phone) going back months
and sometimes years.
This "communications data" can include all the calls you have
made and that you received, who you are in contact with, the
geographic location of your mobile calls, the e-mails you have sent
and which you received, the web sites you have visited, the
television programmes you have watched, personal financial data and
other personal information. It does not, however, include the
content of e-mails or phone conversations.
Privacy International's Director, Simon Davies, said the
estimates were "very much on the low side" and did not include
access to e-mail or internet activity, or investigations by
security organisations such as GCHQ. "We literally halved the Home
Office estimate before commencing the extrapolation, just to be on
the safe side" he said.
This activity has occurred for years, which Privacy
International claims has been done without legal authority and in
defiance of the Data Protection Act.
However, the organisation does not mention the Interception of
Communications Act 1985, which has long provided authority for such
activity in conjunction with a provision of the Data Protection Act
that gives exemptions for preventing or detecting crime. The
Interception of Communications Act is due to be replaced by
provisions of the Regulation of Investigatory Powers Act 2000
(RIPA) that have yet to come into force.
Last year, the Home Office attempted to authorise under RIPA an
even more extensive list of public authorities to access this
communications data, but following a public outcry was forced to
temporarily withdraw the proposal.
This unprecedented access would have been available - as indeed
it is currently without any judicial oversight. The Home
Office is now consulting over these issues before taking further
action, but its two consultation documents it has published
indicate that the current surveillance regime is likely to become
universal.
Privacy International believes that the privacy rights of
customers should have been respected both by Government and by the
companies.
"We see the current arrangement as a collusion of interests that
will ultimately expose the most intimate details of people's lives"
said Mr Davies.
Privacy International has also launched a campaign to help UK
consumers retrieve the information that is held about them.
"We hope that in so doing, all of us will learn a great deal
more about this covert activity. It is also likely that the
exercise of our data protection rights will send a clear signal to
communications providers and to government that people have a high
regard for their right to privacy" added Mr Davies.
