Tag Archives: privacy

Speech about RealMe, big data & power

Edited text of a speech given by Thomas Beagle at the launch of What If – “an education and action campaign working to stop data collection and sharing by the NZ State and private corporations for the purposes of social control and exploitation, and working for community control of information resources for the benefit of all”.


The technocrats have a utopian view of our data driven future. As the NZ Data Futures Forum puts it, they plan to “unlock the latent value of our data assets and position us as a world leader in the trusted and inclusive use of shared data to deliver a prosperous society.”

  • They promise that we’ll be healthier, with population wide tracking to predict and therefore prevent diseases.
  • They promise that government services will be both cheaper and more effective through better targeting of those who need them.
  • They promise that we’ll be wealthier, with businesses able to offer new and exciting products based on our individual needs.

Indeed, is there anything that government and business couldn’t do if they had enough data and some smart people to analyse it?

Now, this is going to require a lot of data. And when you’re collecting a lot of data you’ve got to make sure that it’s accurate.

One of the things that’s particularly important is making sure that we have the right person. There’s no point in targeting John Andrew Smith with a medical checkup when it’s actually John Adam Smith whose genetic analysis shows their predisposition to a particular condition.

Wouldn’t it be easier if everyone in the country had a single electronic identity, one that we could use as a digital key across all these systems to ensure that we had the right person?

 

RealMe

And this is where RealMe comes in. It’s a joint venture between the Department of Internal Affairs and NZ Post and, in their own words: “RealMe lets you easily and securely prove your identity online, plus access lots of online services with a single username and password.”

The sales pitch is aimed at making it easier for the citizen consumer. Get a RealMe account and access a wide range of critical services that require strong proof of identity such as govt agencies, the health system, banks, and so on.

It’s important to note that there are two sorts of RealMe accounts. You can get as many unverified accounts as you like – but if you want to use the more useful services you will need to get your account verified and your photo taken at an NZ Post shop. You’re only allowed one of these.

RealMe is of particular appeal to financial institutions because of their new responsibilities to identify their customers and report suspicious transactions to the government as a result of the Anti Money Laundering and Countering Financing of Terrorism Act. Kiwibank, the BNZ and TSB Bank are using RealMe, with more expected to follow, although uptake has been slower than expected.

RealMe itself doesn’t store any data about people, but it does enable two services that use it to share data if the person gives them permission. For example, if you apply for medical insurance, you can use RealMe to freely choose to give the insurer secure access to your medical records.

There’s not much more to RealMe, but there doesn’t have to be. It provides two vital components to enable data sharing on an ever larger scale – a key to identify a person, and a pipeline to share the data. It’s an important building block in the creation of our glorious shared data future.

 

Issues with RealMe

Sadly, utopia is not assured. Let’s look at some of the issues.

Firstly, data sharing. While the people who developed RealMe seem to have good intentions, I can’t help feeling that they seem rather naïve. It’s great that data sharing through the RealMe service is voluntary and done under the control of the user, but does anyone really believe that’s how it’s going to work?

If you want health insurance, you will be obliged to give them access to your medical records. Credit applications will demand access to your bank accounts. You could freely refuse – at the price of being turned down for what you’re applying for.

And at some point I can assure you that there will be a small law change allowing the IRD full access to whatever data they want through the RealMe service.

There are other agencies that also have the power to override our privacy choices. The Police, SIS and GCSB can all legally access the information in the systems that RealMe have so kindly linked together, and we’d never know that they’d done it.

Secondly, it seems that RealMe will inevitably evolve into a de facto digital identity card; the “papers please” of the internet age. As processes move online, everyone is going to need a RealMe account and opting out will not be an option.

But there is a deeper philosophical problem with having a single verified identity. Do we actually want to use the same identity for dealing with the government, banks, Trademe, and a variety of social media sites? Will there be increasing pressure to use our ‘official’ identity everywhere? I see important advantages in being able to present different faces to people – to the people we work with, our parents, our children, our friends, our various communities.

And, of course, RealMe has a big future. It’s going to be available whenever the government thinks up a new reason why it needs to track us and spy on us. We don’t just have to worry about what it’s being used for now, we have to worry what will be build on it in the future.

To think of just one example, something that worries governments and businesses alike is the inability to conclusively identify who did what online. It seems possible to me that in ten years’ time we’ll be obliged to connect to the internet using our RealMe identity.

With everything you do online linked back to your RealMe ID, the internet truly will be the greatest surveillance machine ever built.

 

Dystopia

However, it’s when you add large scale data collection and analysis that you realise how this technocratic utopian vision can all too easily become a dystopia.

The same data that can be used to target assistance to those who need it, can be used to penalise those who transgress. Has an algorithm decided you feeding your children too much junk food? Did you spend time helping at the local community centre when you should have been looking for a job? Our data shows you were out in the car when you said you were sick last Tuesday, just how sick were you?

Citizen, justify yourself!

 

Big Data

RealMe is just one more component of the big data transformation of our society.

I don’t think that the big data juggernaut can be stopped. Every day the technology to watch, collate and analyse data is getting cheaper and more powerful. It’s the price of the modern internet and computer driven society.

And personally, I’m still enough of a utopian that I’m not even sure that we want to stop it.

But we know that people react differently when know they’re being watched. We know that people value their privacy and feel powerless when others know their secrets. Can freedom of expression survive in a surveillance state? Will dissent, so necessary in a democratic society, wither under the all seeing eye?

So while we can’t stop it, there is a very clear need to control it. To make sure that we get the benefits while not accidentally creating a society we don’t want to live in.

 

What can we do?

However I do believe that this is possible. We can’t control what foreign companies and governments do, but we can set limits on what our own government can do, and we can pass laws that control what New Zealand companies can do.

This isn’t going to be easy. We do have the Privacy Act, but the technocrats have the ear of government and they’ve already announced plans to repeal the Privacy Act and re-enact it in a form even more friendly towards data sharing. But even then, it’s not just privacy that we’re worried about, but power and control.

To stop this trend, to set up real protections, we’re going to have to persuade our fellow New Zealanders that we need them.

We have the power to decide what sort of country we want to live in. We can reject the surveillance society and the subsequent crushing of our democracy. I hope this meeting is another step on the way to doing so.

 

Can the NZ Police search your phone if you’re arrested?

If the NZ Police arrest you they also have the power to search you. In light of recent decisions in Canada and the US amongst other countries, we had two questions:

  1. Can the Police also search your mobile phone or other smart device if you’re arrested?
  2. Can the Police force you to unlock it if it is secured by a password or fingerprint?

We asked the Police and while the answers aren’t as in-depth as we’d like, we thought we’d share what we got combined with our own analysis.

Firstly, if the Police can legally search you (they have a warrant, you’re in the vicinity of a legal search being executed, you’re suspected of being involved in certain classes of crime, etc), section 125(1)(l) of the Search & Surveillance Act explicitly allows them to search your phone or other data device.

Furthermore, section 130 of that Act can be used to compel assistance (i.e. you must unlock it) if they are doing a legal search. Note that the “no self incrimination” clause is generally understood to refer to the information used to unlock, not the information that is revealed by being unlocked.

The Police also have access to a range of tools used to access the information on such devices. In 2013 the Police Electronic Crime Group searched 1309 mobile phones and other devices. This number doesn’t include any searches at the District level (stats are not recorded) or by officers on the street persuading people to let them examine their phone.

Secondly, section 88 allows the Police to do a warrantless search of someone who has been arrested if they have reasonable grounds to believe that they have a thing that may be used to harm someone, be used to escape, or may contain “evidential material relating to the offence in respect of which the arrest is made”.

It would seem that this clause would allow the Police a large amount of leeway to come up with some vaguely plausible explanation as to why they need to search your digital device if you’re arrested. e.g. they could require the information on it to track your movements or who you communicated with before you were arrested.

Conclusion

From our brief analysis, supported by the information from the Police, it seems that the NZ Police can upon arrest:

  1. Search your mobile phone or other electronic device if they can formulate a plausible reason to do so.
  2. Oblige you to unlock it.

Does anyone have a counter view?

Other questions

How long can the Police hold the data for?

Who can they share the data with?

What limits as to reasonableness will the judiciary impose when it comes up in court?

Report: Eyes on New Zealand

Global Information Society Watch has published a report on the state of communications surveillance in New Zealand.

Written by Joy Liddicoat (member of APC and Tech Liberty), this comprehensive and perceptive summary is well worth reading by anyone who wants to know how we got here – and where we need to go.

New Zealand is a small country, with a population of less than five million, situated in the far reaches of the southern hemisphere. But its physical remoteness belies a critical role in the powerful international intelligence alliance known as the “Five Eyes”, which has been at the heart of global controversy about mass surveillance. This report outlines the remarkable story of how an international police raid for alleged copyright infringement activities ultimately became a story of illegal spying on New Zealanders, and political deals on revised surveillance laws, while precipitating proposals for a Digital Rights and Freedoms Bill and resulting in the creation of a new political party. We outline how civil society has tried to respond, and suggest action points for the future, bearing in mind that this incredible story is not yet over.

Read the full report.

Privacy isn’t dead

Edited version of Thomas Beagle’s opening remarks at the Privacy Panel at NetHui in Auckland on 11th July 2014.


Privacy isn’t dead. Yesterday at Nethui we were told that it’s too late for privacy, that it’s over. But the fact we’re all here and talking about it is a sign of just how wrong this is.

There’s no doubt that technology is changing how we think about privacy but it’s not as simple as saying that people these days are just giving it up willy-nilly. People don’t always get it right, but most have an intense interest in keeping certain pieces of information away from certain people.

Privacy is multi-faceted

I think it’s important to note that information privacy is not simple. People have many relationships – work, family, friends, doctors, government – and they need to be able to control who sees what and when.

Just because we give a piece of personal information to one of those, or they take it without asking, doesn’t mean that we’ve lost our privacy interest in that information. I might tell my doctor about my drug use, but still need to keep it secret from my family, employer and government.

Privacy is also about security

Part of this control is that for many people the debate about privacy is also about security. If you’re a teen questioning your sexuality in a conservative town, that information leaking out might be enough to get you beaten up or worse.

And at the same time, have you ever felt that sick feeling when someone you don’t trust has damaging information about you? What if it’s the government and they’re the ones paying you a benefit that is keeping your family fed? Information is power.

The surveillance demands of national security, the desire to know everything we’re doing, actually leads to many people feeling less secure because they don’t know what the government knows about them and they don’t know how they’re going to use that information.

I’m optimistic

That said, I’m optimistic about privacy.

When it comes to our digital peers such as friends and family we generally already have the tools to protect ourselves, even if we don’t always get it right.

If we look at the rest of the privacy problem, I split it up into three categories. The biggest risk is your own government, because they’re the ones that can put you in jail or deny you basic services. The second is the local companies you deal with to buy your power, your food, and so on. The third is the foreign companies such as Google and Facebook.

The good news is that in a democracy like New Zealand, we can control the first two. We can set limits on what data they collect and how they can use it and how they can share it. Maybe two out of three is actually good enough to say that we can continue to maintain our privacy in the internet age.

Limiting information use

And we can set those limits however we like. Some people seem to believe that once something is published, either by ourselves or leaked by others, that it’s fair game. I’d argue that just because something is out there doesn’t mean that it should be available for use.

There’s ample precedent for this: You’re not allowed to use the electoral roll for anything not to do with elections. Juries are told to ignore any information they may have learnt outside of the trial.

If we decide as a society that we don’t want the Ministry of Social Development to spy on beneficiaries on social media, we can change the law so that they are not allowed to. If we don’t want the GCSB to be able to apply for wide-ranging access authorisations to spy on New Zealanders – for our own protection of course – we can change the law so that they can’t. It’s up to us.

Changes to the law

I believe we do need changes to privacy law in New Zealand. The Privacy Act is a great base for us to work from but it needs works – and not just the new powers for the Privacy Commissioner.

It’s obvious that privacy controlled by opt-in click-through contracts doesn’t really work. I believe that the solution is to further ratchet up the baseline protections provided by the Privacy Act – and to close the law enforcement loophole.

Sadly, I fear that the government’s promised repeal and re-enactment of the Privacy Act will be going in the wrong direction. Thank you.

Open letter to John Key – the right to know

Dear Mr Key

This letter is partly in response to the findings of the Kitteridge report about the GCSB and their failures to follow the law, but is also mindful of the recent PRISM revelations about the actions of the NSA in the USA, as well as the mass spying revealed to have been carried out by the GCHQ in the United Kingdom. As disturbing as these revelations have been, we cannot help but be shocked that this surveillance was done in secret without the knowledge of the citizens of each country.

We assert that, as citizens of a democratic society, we have the right to know the methods that government agencies use to watch us. Without this knowledge we cannot assert our rights to put appropriate limits on their use.
Continue reading Open letter to John Key – the right to know

Govt proposes GCSB control over NZ communications in new TICS Bill

The government has announced two new Bills for reforming the GCSB and expanding their powers. The first is the GCSB and Related Legislation Amendment Bill (PDF) and the second is the Telecommunications (Interception Capability and Security) Bill (PDF).

This article is a summary of the major parts of the TICS Bill.

The TICS Bill is a replacement for the Telecommunications (Interception Capability) Act 2004. This law forced communications providers (ISPs, telcos, data networks, etc) to provide “lawful intercept” capabilities so that the Police, SIS and GCSB could access communications once they had a suitable warrant. The new bill expands and clarifies these requirements.

However, the addition of the word “security” is the key to what has changed. The new bill now gives the GCSB sweeping powers of oversight and control over the design, deployment and operation of all data and telecommunications networks run by network providers in New Zealand. The stated reasons are to both protect New Zealand’s infrastructure and to ensure that surveillance agencies can spy on traffic when required. As part of this, the GCSB will have the power to stop network providers from reselling overseas services that do not provide these capabilities.

Summary of major elements of the TICS Bill

Interception

From the Bill:

A network operator must ensure that every public telecommunications network that the operator owns, controls, or operates, and every telecommunications service that the operator provides in New Zealand, has full interception capability.

Note that the surveillance agencies still need to have a legally issued warrant (under the Search & Surveillance Act, NZ SIS Act, or GCSB Act) to actually intercept any communications and there are obligations to avoid capturing communications that are not covered by the warrant.

The new Bill splits communications providers into multiple classes, with small, wholesale and infrastructure providers having reduced obligations. Providers must either have a full intercept capability, to be “intercept ready”, or to be “intercept accessible”. Membership of these classes can be varied by direction of the Minister.

The Bill specifies that the law applies to companies whether based in New Zealand or overseas. It then goes on to give the Minister the power to ban the resale of an off-shore telecommunications service in New Zealand if it does not provide interception capabilities. This could stop the resale of foreign-hosted VPNs, instant message services, email, etc.

Finally, there is more detail about how intercepted data should be formatted and delivered (apparently this has caused problems under the existing law).

Encryption and decryption

Network operators must decrypt the intercepted communications if they have provided the encryption, but there is no obligation to do so if the encryption is provided by others.

What does this mean for providers such as Mega (file locker) or LastPass (password storage) who have a business model based on the fact that they supply a cloud product that uses encryption but have deliberately designed it so that they can not decrypt the files themselves? This gives users the assurance that they can trust them with their data. Will the government close them down unless they provide a backdoor into the system?

Network security

There is a major new role for the GCSB in overseeing the design and operation of commercially available data and voice communications networks.

The Bill says that network providers and the GCSB are to work co-operatively and collaboratively on identifying and addressing network risks. If they fail to cooperate sufficiently, the law provides for penalties of up to $500,000 with an additional $50,000 per day.

Network operators must notify the GCSB of any proposed decision, course of action or changes made by them in regards to purchases, network changes or ownership/control of the “specified security interest”. This includes their network operations centre (NOC), lawful intercept equipment, customer databases, databases of user accounts, and “any place where data aggregates in large volumes”.

The GCSB can also demand any other information about the security and interception capabilities of the network including copies of contracts, specifications, and so on. That the information is commercially sensitive or held in confidence is not a defense.

Compliance

All network operators will have to register themselves with the government. The register will be administered by the Police and available to the Police, SIS and GCSB.

The register will include the numbers of customers, names of responsible contact people within the organisation, the regions they operate in and the types of services they provide. Providers of infrastructure services (e.g. companies that provide fibre links but not the equipment for communicating over those links) will also have to give the names of their customers to the register. There are penalties for non-compliance.

The government can insist that communications providers must obtain secret-level security clearances for some of their staff. It does not say what will happen if none of the technical staff qualify for a security clearance.

Liability and protecting classified information

People who do any act in good faith under the new law will be protected from subsequent prosecution or lawsuits. i.e. the new law is superior to other NZ laws or existing contracts.

There is also a provision that allows the courts to receive classified information in a court case in the absence of the defendant or the defendant’s lawyer. This applies to information that might reveal details of the interception methods used by the surveillance agency or is about particular operations in relation to any of the functions of the surveillance agency, or is provided as secret information from the surveillance agencies of another country. It can also be used if that disclosure would prejudice security of NZ, prejudice the maintenance of law, or endanger the safety of any person. The judge in the case can appoint someone with an appropriate security clearance to represent the interests of the defendant for these parts of the trial.

Analysis and comment

The new TICS Bill is a major expansion of government power over the internet and other communications networks in New Zealand. While the existing TICA Act already mandated the provision of lawful intercept capabilities, handing over final control of network design and operation to the GCSB in the name of “security” seems incredibly wide and open ended.

Adding an additional level of government bureaucracy to the design and operation of these systems would appear to be a fairly significant hindrance to the ability of network operators to run their businesses.

There also must be concern about the GCSB being able to ban the resale of any services that do not provide lawful intercept capability. This means that New Zealanders will be prevented from protecting their communications from the New Zealand government – but equally they will be prevented from protecting their communications from foreign governments too. (We can safely assume that a foreign service that gives access to the NZ govt will also provide it to others.) These rules could wipe out businesses such as file lockers and password stores that rely on providing secure storage to their users.

One must ask where the justification for this expansion of power is coming from. Has New Zealand already been materially affected by attacks on our communications infrastructure? It seems clear that while the GCSB may not be that competent at exercising the powers they already have, they have done a fine job of convincing the government that they can handle a lot more.

There are many other parts of concern and there will need to be more analysis of the interception capabilities in conjunction with the new GCSB bill. One that does stick out as particularly offensive to civil liberties are the provisions for convicting people based on secret evidence. How can you defend yourself fairly when you can’t even find out the evidence presented against you?

We will be doing further work on analysing this bill and would welcome contributions, particularly from those within the industry who already have experience working with TICA requirements.

Police use of new surveillance technology

The NZ Police are continuing to expand their use of technology to watch and track people in New Zealand. We’ve already discussed automated number plate recognition, but information has emerged about two new initiatives:

The first is Signal – a tool used to scan and collate publicly availably data from multiple social media sites such as Twitter, Facebook and Youtube. This data can then be analysed to establish connections between people and events, and was used during the Rugby World Cup to monitor both boy racers and political protesters.

The second is the trialling of aerial surveillance drones. As part of the trials they have already been used in some Police investigations.

We’re not reflexively opposed to the NZ Police using tools to do their job better, but we do have some concerns about how they can be used to infringe our rights to go about our lawful business without unwarranted surveillance and tracking. We believe that it is not healthy in a democratic society for our every movement and action to be monitored, stored and analysed by the government.

We’ve made requests to the Police for more information about both of these initiatives and will report more once we receive it.

General Principles

One thing that is of concern is that the Police seem to be being quite secretive about their use of technology. It seems that they wait for someone to find out about it before releasing information in dribs and drabs, sometimes after prompting from the Ombudsman. If the Police aren’t proud of what they’re doing to more efficiently fight crime, perhaps they shouldn’t be doing it at all.

A second concern is that our laws, even including the new Search & Surveillance Act, might already be out of date when it comes to the Police use of such technology. For example, are there any controls on amassing publicly available data to such an extent that modern data analysis software can make some assumptions about very private behaviour?

We’d like to see two things:

  1. The NZ Police taking a more proactive role in disclosing what they are doing and how they are doing it. They may even wish to do more consulting with community groups and watchdogs such as Tech Liberty and the NZ Council for Civil Liberties.
  2. Work on a new set of standards and principles to inform the Police’s (and other agencies) use of new technology and “big data” systems. These should cover data integrity, retention, security, auditing and notification. This is something that Tech Liberty is currently working on.

Guest post: cameras in toilets

One of the most common topics of the emails we receive at Tech Liberty is the placement of video cameras. People worry about them where they work, in the street, and on their neighbour’s properties.

This guest post is from Yuri Wierda, a licensed security consultant, and he’s concerned about the increasing popularity of security cameras in public toilets:


I have personally refused to install cameras in toilets and have talked a few clients out of doing it. I believe cameras in toilets are immoral and may be illegal. Part of my responsibility when advising people on security is ensuring that they themselves don’t break the law.

The argument for cameras in toilets has been that it reduces vandalism.

While there may be signs advising people that there is a camera I do not believe that it justifies it or complies legally. There are several situations where signs will not provide informed consent.

  • Someone may get changed in the toilet and not see the sign.
  • Someone may be blind or illiterate.
  • Someone may be intellectually disabled.
  • Children may be visiting the toilet unaccompanied.

This creates several privacy and legal issues:

  1. The intellectually disabled and children CANNOT legally provide consent to being filmed in the nude or partly clothed. Toilets are places where people adjust their clothing and may be partially clothed. Children and intellectually disabled people will not expect there to be a camera filming them. Filming such an event is illegal (s216G to s216N of the Crimes Act) and potentially can (and should) result in serious criminal charges.
  2. People who have not seen the sign or were unable to read it cannot provide informed consent.

I am appalled that the police has provided advice that it is not illegal.

Police confirm they’re not keeping ANPR data

See update at end of post.

We’ve been keeping an eye on the NZ Police trials of ANPR (automated number plate recognition – read our explanation).

The main civil liberties issue with this technology is that the system stores the time and location of the license plate check. Once enough of these systems are deployed they can be used to track people by following vehicle movements, as is being done by a number of other countries. We believe that, at a minimum, there should be some controls on how this data is stored and used, for example by having to apply for a tracking warrant.

The Police themselves have been sending out mixed messages about whether they’re keeping the information and whether they’ll be using it for tracking, as documented by our article. At the end of that article we said we were seeking further clarification from the Police.

Police confirm they’re not keeping ANPR data for tracking

We have now received a letter (PDF) from Superintendent Carey Griffiths in which he explains:

All three patrol cars and one of the vans have the capacity to store information for up to a two or three day period depending upon operational use. In general the information is not stored for any longer than a shift period which can vary from an eight hour to a ten hour shift.

One of the [two] vans has a system known as BOSS ( Back Office System Software) and this system has the capability to store information for a longer period … The BOSS system settings have recently been amended, and the information is now only stored for a maximum of 48 hours.

It seems clear from this that the Police will not be keeping the ANPR data.

Police believe they can’t track without a warrant

Furthermore, Superintendent Griffiths goes on to say that:

Police considers that with so few cameras, the technology cannot be used to “track” vehicles. In any event, Police cannot track vehicles other than in accordance with the Search & Surveillance Act 2012.

This contrasts strongly with what the Police said in a letter from December 2011:

There is no requirement for police to apply for a warrant for any ANPR information as it is gathered in a public place.

This change in attitude is quite interesting. The Search & Surveillance Act only refers to getting a warrant for tracking when it involves the use of a tracking device (s46). We initially took this to refer to getting a warrant to allow the installation of a “bug” on the car or person to be tracked.

However, tracking device is defined as “a device that may be used to help ascertain, by electronic or other means … the location of a thing or a person”.

Could one define an ANPR system as a tracking device and would the Police then have to get a warrant to use it to track people? It seems that the Police now think it would. The same argument would also seem to apply to using mobile phones to track people.

In our opinion this interpretation would fit in both with the purpose of the Act and the requirements in a civil society for oversight of the use of this type of mass surveillance.

Conclusion

We’re pleased that the Police are not attempting to implement the sort of pervasive people/vehicle tracking systems that are becoming popular in some overseas jurisdictions. We do not think that this sort of police state behaviour has any place in a free and democratic New Zealand.

Furthermore, after some problems with illegal surveillance in recent years, it’s good to see that the Police are taking their responsibilities under the Search & Surveillance Act seriously.

We will continue to monitor the Police use of ANPR technology and look forward to receiving copies of the assessment from the Privacy Commissioner and the final Police report into their test ANPR deployment.

Update 5th August 2013

The Police have announced they will be deploying new red-light and speed cameras. We asked them if these new cameras would support ANPR. Their response:

There are no current plans to deploy either digital red-light cameras or speed cameras that support Automatic Number Plate Recognition.

Police contradictions on ANPR

Close Up have done a piece about the NZ Police trials of automated number plate recognition (ANPR). (See our earlier article explaining it.)

The main civil liberties issue is that the system stores the time and location of the license plate check. Once enough of these systems are deployed they can be used to track people by following vehicle movements. We believe that, at a minimum, there should be some controls on how this data is stored and used, for example by having to apply for a tracking warrant.

Nothing to fear?

The Police were represented on Close Up by Superintendent Carey Griffiths who said that these fears were incorrect: “The system we are using here, we don’t retain the data.”

He went on to say: “Most of the cameras and systems we use drop it off at the end of the shift. We’re certainly not using it for data mining.”

Police contradictions

However, we have letters (first letter March 2011, second letter December 2011) from the Police that indicate a very different story:

“Details of vehicle movements captured during ANPR deployments will be retained on a secure Police database.”

What sort of data is stored?

“The time, data and a photograph of all vehicles passing the ANPR camera is stored.” and “Yes it will include the location or where the device was deployed.”

And will they be used for tracking?

“Police may search the stored data if there is a belief that there may be information relation to a crime; e.g. where a serious crime has taken place and Police are looking for an offender’s vehicle.”

And do the Police think they need a warrant to track people in this way?

“There is no requirements for police to apply for a warrant for any ANPR information as it is gathered in a public place.”

The big question

Who is correct – Superintendent Carey Griffiths, Road Policing Manager, who just appeared on Close Up or Superintendent Paula Rose, National Manager Road Policing, who wrote to us in March and December 2011?

Has the policy changed in the meantime? Was Superintendent Paula Rose incorrect? Or has Superintendent Carey Griffiths been misleading us all on national TV?

Edit (19/8/2012): We have written to the Commissioner of Police to ask for an explanation and will report back with any answer we get.