Red means that a database is almost certainly illegal under human rights or data protection law and should be scrapped or substantially redesigned. The collection and sharing of sensitive personal data may be disproportionate, or done without our consent, or without a proper legal basis; or there may be other major privacy or operational problems. Most of these systems already have a high public profile. One of them (the National DNA Database) has been condemned by the European Court of Human Rights, and both the Conservative Party and Liberal Democrats have promised to scrap many of the others.

The Communications Database

The UK’s intelligence agencies, 52 police forces, HM Revenue and Customs, prisons and 510 public authorities can all demand access to communications data. 519,260 such requests were made in 2007. From 15 March 2009 ISPs and phone companies will be required to retain specified communications data for 12 months.

The agencies have an Interception Modernisation Programme whose focus is a plan to centralise communications data in a government database, where it would be much more amenable to data mining for unusual patterns of behaviour. A typical application would be tracing the structures of individuals’ friendships and communications patterns.

In addition to this, it is planned to field Deep Packet Inspection (DPI) equipment that will look at the content of people’s Internet communications in order to determine who is talking to them in cases where this is not evident from the source and destination of the data packets.

For example, DPI boxes could record people’s coordinates in Second Life, and their webmail inbox screens. It is most unlikely that the average citizen will agree with the intelligence agencies’ argument that this is ‘traffic data’; an attempt to define full URLs as traffic data was defeated during the passage of the Regulation of Investigatory Powers Bill (RIPA).

The Government trailed the idea of taking powers to do all this in primary legislation; the story now is that there will be a consultation in March 2009. Meanwhile we understand that the construction of a prototype of the database is under way.

The fact that communications data is currently kept in separate locations under the control of telephone companies and ISPs provides a practical safeguard against abuse; agencies have to serve notices on these companies to retrieve specific data. They must also cover the costs of doing so, which provides an incentive for officials to consider the proportionality of requests. The
Information Commissioner’s Office has commented that the plans are “a step too far for the British way of life” and that:

“[B]efore major new databases are launched careful consideration must be given to the impact on individuals’ liberties and on society as a whole. Sadly, there have been too many developments where there has not been sufficient openness, transparency or public debate.”

Given this assessment, the public opposition, the huge cost of the exercise, and the intent to reduce the costs of surveillance to the point that instead of being able to watch anybody the intelligence services would be able to watch everybody, we have no choice but to rate this as privacy impact red.