The Conservative Party's Shadow Justice Secretary, Dominic Grieve, has launched a new policy paper (‘ Reversing the Rise of the Surveillance State’) that, if elected, would seek to protect the peoples’ right to privacy. The paper includes a pledge to submit government plans for the retention of communications data (i.e. logs of all your email, website and telephone accesses) to the Information Commissioner (ICO) for a Privacy Impact Assessment (PIA).

Measures Include:

* Scrapping the National Identity Register and ContactPoint database

* Establishing clear principles for the use and retention of DNA on the National DNA Database, including ending the permanent or prolonged retention of innocent people's DNA

* Restricting and restraining local council access to personal communications data

* Reviewing protection of personal privacy from the surveillance state as part of a British Bill of Rights.

* Strengthening the audit powers and independence of the Information Commissioner

* Requiring Privacy Impact Assessments on any proposals for new legislation or other measures that involve data collection or sharing at the earliest opportunity. Require government to consult the Information Commissioner on the PIA and publish his findings

* Immediately submitting the Home Office's plans for the retention of, and access to, communications data to the Information Commissioner for pre-legislative scrutiny

* Requiring new powers of data-sharing to be introduced into law by primary legislation, not by order.

* Appointing a Minister and senior civil servant (at Director General level) in each Government ministry with responsibility for departmental operational data security

* Tasking the Information Commissioner to publish guidelines on best practice in data security in the public sector

* Tasking the Information Commissioner to carry out a consultation with the private sector, with a view to establishing guidance on data security, including examining the viability of introducing an industry-wide kite mark system of best practice

Download the Paper (.PDF)

Under existing government plans the Interception Modernisation Programme (IMP), which is part of the wider Communications Data Bill, will see all YOUR email accesses and website visits (not content) monitored and stored for a period of one year. Many organisations, such as the NHS, Local Councils and Royal Mail could then be granted access to this data, not just the police.

The system is expected to cost a staggering £2bn over a 10-year period, though mercifully plans for a centralised government database to store all the information have recently been scrapped. Instead UK broadband ISPs will be required to maintain the information. To resolve concerns the Conservative's are proposing a number of new measures to protect privacy, which will include submitting Labour's Internet snooping plans for a PIA.


A PIA is defined as a "process whereby a project's potential privacy issues and risks are identified and examined from the perspectives of all stakeholders", and a search is undertaken for ways to avoid or minimise privacy concerns. Although the PIA process takes the Data Protection Act (DPA) and other relevant laws into account, it does not focus on them. A complementary process is needed to ensure legal compliance.

We welcome the tougher line against a government stance that has always appeared to be unnecessarily intrusive upon private personal communications. However it remains to be seen whether any of this will result in a practical scaling back of privacy invading ISP data retention plans.