http://www.bbc.co.uk/news/technology-18102793

In principle I've not got a problem with it UNTIL you read "even if no charges are brought forward"...
So even my joe innocent bloggs gets his records stored for anyone to take advantage of, hows that work when you run your business from your phone are the police allowed to take all your financial gubbins for record too?

Give it 10 years and this technology will be remote, stealthily gathering data as you pass by.

So, I need to start looking for something to encrypt my phone.

More than simply putting a lock on it.

So, I need to start looking for something to encrypt my phone.

More than simply putting a lock on it.

Sounds like you'll need Android then. iPhone won't do it. :rolleyes:

So, I need to start looking for something to encrypt my phone.

More than simply putting a lock on it.

Messenger pigeon job jobbed!

I had this discussion with a customer last week, because of the new laws proposed surrounding surveillance of emails, etc. Encryption technology is going to be a much much bigger market than it is now, because it's going to go consumer market!! With people trying to protect their own privacy!

Sounds like you'll need Android then. iPhone won't do it. :rolleyes:

already android my friend. I don't do fruit.

I had this discussion with a customer last week, because of the new laws proposed surrounding surveillance of emails, etc. Encryption technology is going to be a much much bigger market than it is now, because it's going to go consumer market!! With people trying to protect their own privacy!

Too true. A lot of my browsing is through VPNs so my ISP cannot get a handle on it.

The sad fact is industry needs to catch up. I did an audit of a system last week and data traffic between database/application server was clear text. Yet the app was considered sensitive enough to demand SSL to deliver to the browser.

As for email. Encrypt it. Run your own servers and delete once removed.

My home phone is voip, I can make calls direct to an ip address so intercept is a little bit more difficult especially if I then tunnel it through ssh or a vpn etc.

Run your own servers

The industry will catch up with demand once the demand arises Tim, you won't need to run your own servers like you would have to now.

Forget encryption.

Simple reason why.

There is already a law that states that failing to hand over an encryption key or password carries a 6 year sentence.

Forgetting said password is no defence and you will still get 6 years.

If you have to hand an encrytion key over before they can read your stuff, then they can't snoop on you without you knowing. Then you just change the key you use once youve given it to them, and they have to go through the whole process of asking for it again. They are not going to ask every Joe Public for a key anyway they wont ask unless they already have reason to suspect a crime.

If you have to hand an encrytion key over before they can read your stuff, then they can't snoop on you without you knowing. Then you just change the key you use once youve given it to them, and they have to go through the whole process of asking for it again. They are not going to ask every Joe Public for a key anyway they wont ask unless they already have reason to suspect a crime.

They'll just do what they do in the US and hack it

Your average copper doesnt know how to hack it, they need specialist data forensics who are far too scarce and precious a resource to waste looking at the contents of your phone because you got arrested for a fight in a pub. Forensics to hack it or get a court order to demand a password or encryption key? Encryption is good enough to protect a law abiding citizens privacy. Police should no more be able to look at your data without judicial approval, than they should be able to enter your home and read the letters in your bedside drawer without getting a warrant.

Your average copper doesnt know how to hack it, they need specialist data forensics who are far too scarce and precious a resource to waste looking at the contents of your phone because you got arrested for a fight in a pub. Forensics to hack it or get a court order to demand a password or encryption key? Encryption is good enough to protect a law abiding citizens privacy. Police should no more be able to look at your data without judicial approval, than they should be able to enter your home and read the letters in your bedside drawer without getting a warrant.

I think that's the point of the thread they don't need any approval, or have I read the article wrong.

Oops I got it wrong, its only 2 years for "normal" and 5 years for terror related investigations under RIPA Section 49

http://arstechnica.com/tech-policy/2007/10/uk-can-now-demand-data-decryption-on-penalty-of-jail-time/

I think that's the point of the thread they don't need any approval, or have I read the article wrong.

No according to this new article they wouldn't need any approval to take it off you and try and read it, but if they can't read your mobile phone, and they don't suspect you of any crime other than a fight in the pub, what do you think they are going to do about it? Properly encrypted data can take months to crack and it needs to be done by specialist data forensics, who for most Police forces in the UK are a third party contractor as they don't employ their own, and those guys are absolutely stacked trying to assist with serious crime, terrorist activity, and decrypting data encrypted by kiddie fiddlers. They are not going to start decrypting the mobile phones of everyone who gets arrested on a Saturday night.

They can only ask you for encryption keys as part of a criminal or terror investigation (ie: they need to have charged you with a crime), and they have to have good reason to suspect data relevant to that investigation (and that crime) is on the device to be decrypted. Then they need to serve written judicial notice on you asking for the encryption key.

They are still not allowed to ask for encryption keys for data in flight, (ie: intercepted emails or internet communications). They can only ask for keys for data at rest (ie: on a storage device).

Relaxing laws on data encryption further would be met with massive resistance from lobbying bodies, as all big businesses rely on key cryptography to protect their data (customer information, intellectual property, and all sorts of other data which would impact competitive advantage or even directly damage the business if compromised and made public).

The data includes call history, texts and contacts, and the BBC has learned that it will be retained regardless of whether any charges are brought.

That's disgusting.
There is already a law that states that failing to hand over an encryption key or password carries a 6 year sentence.
Forgetting said password is no defence and you will still get 6 years.
Which is similarly disgusting.

Forget thinking the law and/or Police are on your side as a law abiding citizen.

Which is similarly disgusting.

It's a bit more complicated than that. It only affects suspected criminals, terrorists, paedophiles, etc. It's powers to gather evidence as part of a criminal investigation, not much different to police getting a search warrant to search a house for evidence. Does Joe Public want criminals to be able to avoid prosecution through lack of evidence, because they've encrypted it?

For those criminals who are asked for keys, if the data contains the evidence the Police are looking for, they probably won't give up the key anyway, because a 2 year sentence for that will be the least of their worries.

This is all a follow on from the Blairite paranoia in the 90's. He tried so hard to copy the Yanks that we inherited their "red under every bed" syndrome....

We will soon be living in a police state...

We will soon be living in a police state...
I often think that time is upon us already

or just do what i do and stay in the dark ages...

i have a mobile phone but don't use it unless i really need to and if i didn't need to have one i wouldn't.

i don't do faceache or other social networking apart from 3 forums.

i'm slowly getting pizzed at gmail so looking for other ways.

I do think there is a bit of good old fashioned paranoia going on here. For starters nothing has changed in law, the police have always been able to examine anything in your possession at time of arrest for evidence pertaining to the offence under investigation, all that is different now is that they can do it straight away and give you your phone back, rather than sending it of for examination for several weeks/months. Which would you prefer? They won't be doing it routinely, as I said they have to have a reasonable suspicion it is evidence of the offence under investigation, so if your nicked for drink driving they won't bother, unless you say you were actually parked up waiting for a taxi that you had just called....

I'm very fortunate in not needing to worry about protecting my phone and e-mails with any fancy encryption, there's nothing on there of interest to anyone......

I do think there is a bit of good old fashioned paranoia going on here. For starters nothing has changed in law, the police have always been able to examine anything in your possession at time of arrest for evidence pertaining to the offence under investigation, all that is different now is that they can do it straight away and give you your phone back, rather than sending it of for examination for several weeks/months. Which would you prefer? They won't be doing it routinely, as I said they have to have a reasonable suspicion it is evidence of the offence under investigation, so if your nicked for drink driving they won't bother, unless you say you were actually parked up waiting for a taxi that you had just called....

I'm very fortunate in not needing to worry about protecting my phone and e-mails with any fancy encryption, there's nothing on there of interest to anyone......

The police should have no right to retain data (or biometric data) where no charges are brought without the express permission from the owner. I am sure that there are many police officers who will be responsible with regard to data management but there are also others who lack the knowledge or responsibility to do so properly. http://www.belfasttelegraph.co.uk/news/local-national/northern-ireland/exofficer-is-fined-9600-for-misuse-of-psni-computer-16101365.html

Is that no right morally, or legally. I'm inclined to agree with the former, unfortunately the facts of law are the later.

I guess both morally and legally, the key word being 'should'.

So if a crime is reported to the police and as a result they have a reasonable suspicion that you were involved and arrest you, but subsequently are unable to secure sufficient evidence to bring a charge, you think they should dispose/destroy any evidence that they secured during that investigation?

Have you got any idea how often someone is released without charge and then some time later the investigation is reopened when fresh information comes to light and a conviction is then secured?

Once evidence is lost it is gone forever, think through what you are advocating.

This is all a follow on from the Blairite paranoia in the 90's. He tried so hard to copy the Yanks that we inherited their "red under every bed" syndrome....

We will soon be living in a police state...

Except the misdirection of muslim terrorists instead of the commie peril as an excuse...

So if a crime is reported to the police and as a result they have a reasonable suspicion that you were involved and arrest you, but subsequently are unable to secure sufficient evidence to bring a charge, you think they should dispose/destroy any evidence that they secured during that investigation?

Have you got any idea how often someone is released without charge and then some time later the investigation is reopened when fresh information comes to light and a conviction is then secured?

Once evidence is lost it is gone forever, think through what you are advocating.

There should be a reasonable time frame on these things connected to any inquiries.

For example get nicked for the traditional Friday punch up, your dirty texts to the missus (or not...) shouldn't be on file forever more. If it was someone else' missus and the husband has been stabbed then maybe that is different...


Still not really any idea what the state would do with such volumes of data to worry anyone, like reading all emails or phone calls etc. Not like anyone could listen to them all.

However, it's the principal of the thing. Every state intrusion into privacy and freedom should be fought against.

However, it's the principal of the thing. Every state intrusion into privacy and freedom should be fought against.

Yet at the same time we enjoy living in one of the most secure civilizations on the planet. I'm fairly sure things are set to get significantly worse, maybe one day some of us will look back and wonder why, and it won't be because we were to dictatorial.

So if a crime is reported to the police and as a result they have a reasonable suspicion that you were involved and arrest you, but subsequently are unable to secure sufficient evidence to bring a charge, you think they should dispose/destroy any evidence that they secured during that investigation?

Have you got any idea how often someone is released without charge and then some time later the investigation is reopened when fresh information comes to light and a conviction is then secured?

Once evidence is lost it is gone forever, think through what you are advocating.

I can see your point but as always there are costs to obtaining these benefits. On the same logic it could be argued that all communications should be stored just in case somebody needs that information to secure a conviction for a future crime.

I do not agree with indefinite storage of such information, certainly not when it can be so easily referenced over time. Now, perhaps if there were a system that could be relied upon to keep that stored data secure, inaccessible even to the police without a 'data reference warrant' then I might get close to the point where I could accept the risks. At the moment however, I think we lack both the available technology and the necessary secure operating procedures to make this possible.

Yet at the same time we enjoy living in one of the most secure civilizations on the planet. I'm fairly sure things are set to get significantly worse, maybe one day some of us will look back and wonder why, and it won't be because we were to dictatorial.

Maybe so, but feral youths running around engaging in stabism is sod all to do with snooping on peoples internet connection and everything to do with boots on the street and general society.

How do you think laws like this will help sort out chavy little n*bheads who don't care if they get convicted or not?

How do you think laws like this will help sort out chavy little n*bheads who don't care if they get convicted or not?
I believe that these little scrotes will only change when poked with a cattle prod

I believe that these little scrotes will only change when poked with a cattle prod

Birch would be better but we digress.

Birch would be better but we digress.

Luddite :-P

Well.........if they can arrest people in Azerbaijan for voting in favour of an opposite country in the Eurovision Song Contest via mobile text.........

What a great excuse to pass a law for arresting all those that vote for the likes of Jedward on the XFactor.... as a matter of security risk to the UK :lol:

What a great excuse to pass a law for arresting all those that vote for the likes of Jedward on the XFactor.... as a matter of security risk to the UK :lol:

there you go, I would say that constitutes "reasonable grounds". "Come on son, 'and it over"

Well.........if they can arrest people in Azerbaijan for voting in favour of an opposite country in the Eurovision Song Contest via mobile text.........

What a great excuse to pass a law for arresting all those that vote for the likes of Jedward on the XFactor.... as a matter of security risk to the UK :lol:

Personally I believe that anyone who watches the Xfactor etc should be arrested...Once upon a time you could be sent to the asylum for stuff like that.....oh for the good old days :smt041

I dont understand why we need these laws against terrorists today who havent had a significant success for many years but we never needed them when the IRA were actively bombing on the UK mainland for a few decades?

I dont understand why we need these laws against terrorists today who havent had a significant success for many years

Its obviously working then. We should definately keep on doing what we are doing. BTW I am selling a bracelet that will protect you from Sabretooth Tigers, I guarantee that they work because I have been wearing one for 5 years and have yet to be savaged by a Sabretooth Tiger.

but we never needed them when the IRA were actively bombing on the UK mainland for a few decades?

Thats because the IRA was only playing at it*, I mean coded alerts so the police could clear the area, for the number of incidents, thats just having fun, like putting on-fire dog poo through the old guy down the streets letterbox.

There were (in mainland Britain) surprisingly few deaths.

The Arndale Center was just a shop-lifting excercise (3ft in the air mind you :p)

True Story, while speaking to a guy at a wedding the the US (Kentucky, he was the Brides Uncle) he went in a single sentence from going on about how terrible those A-Rab Terrists were to praising the IRA.

*Obviously (I hope) this response is for comedy purposes only and I acknowledge that many people have died from various terrorist activities in all parts of the world for many years and would not like anyone to think that I really do think so lightly of them.

I think the right for them to look at phones easily is fair enough. Imagine the fella bragging via text about beating someone up or the suspected bike thief who turns out to be in a large organised gang complete with other members details and locations etc.

I think the need or want to keep innocent peoples info is completely useless and will only get people's shackles up.

I think the need or want to keep innocent peoples info is completely useless and will only get people's shackles up.

How do you tell who is innocent and who isn't...?

I've been trying to do it for the past 25 years and although I think I'm fairly good at it those pesky people at the courts just won't take my word for it and keep asking for evidence.....

Now for all those that started to turn this thread into a discussion on terrorism...lets not even go there. If you think this is big brother you just would not believe what they can do if the T word is involved.....

I mean the information they want to keep from suspects who they don't prosecute or are found innocent.

If you think this is big brother you just would not believe what they can do if the T word is involved.....

yes i can and its scarey ****,

cmd
data entry sub system run file delete davepreston
-
-
-
davepreston file no longer exists
spider tracing all other files from all other systems local and external
completed
end program**


hi my names paul wilson lol***

**sick joke ref's to other threads