Should there be limits on access to information?

1,102 views

Published on

Published in: Technology, Education
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,102
On SlideShare
0
From Embeds
0
Number of Embeds
8
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Should there be limits on access to information?

  1. 1. Should there be limits on access to information? Ian Brown, FIPR
  2. 2. Overview <ul><li>What are the current limits, and how should they change? </li></ul><ul><li>Access to information on journalists and their sources – data trails and access </li></ul><ul><li>Access to leaked information by journalists – watermarking and trusted computing </li></ul><ul><li>Access by society to legally restricted information – permanent Web archives </li></ul>
  3. 3. Data trails <ul><li>Web server and cache logs </li></ul><ul><li>E-mail records </li></ul><ul><li>Mobile phone location </li></ul>
  4. 4. Web server logs <ul><li>17:gateway1.gsi.gov.uk - - [08/May/2000:11:42:44 +0100] &quot;GET /staff/I.Brown/archives/ukcrypto/0200-0500/threads.html HTTP/1.0&quot; 200 229936 </li></ul><ul><li>17:gateway1.gsi.gov.uk - - [08/May/2000:11:43:14 +0100] &quot;GET /staff/I.Brown/archives/ukcrypto/0200-0500/msg01632.html HTTP/1.0&quot; 200 4944 </li></ul><ul><li>17:legion.dera.gov.uk - - [08/May/2000:15:37:31 +0100] &quot;GET /staff/I.Brown/archives/ukcrypto/0898-1198/msg00195.html HTTP/1.0&quot; 200 6869 </li></ul><ul><li>17:horde.dera.gov.uk - - [09/May/2000:09:21:44 +0100] &quot;GET /staff/I.Brown/archives/ukcrypto/0799-1099/msg00946.html HTTP/1.0&quot; 200 3323 </li></ul><ul><li>17:horde.dera.gov.uk - - [09/May/2000:10:33:23 +0100] &quot;GET /staff/I.Brown/archives/ukcrypto/ HTTP/1.0&quot; 200 5118 </li></ul><ul><li>20:gatekeeper.hertscc.gov.uk - - [05/Jun/2000:17:12:22 +0100] &quot;GET /staff/I.Brown/pimms/index.html HTTP/1.0&quot; 200 353 </li></ul><ul><li>20:gatekeeper.hertscc.gov.uk - - [05/Jun/2000:17:12:23 +0100] &quot;GET /staff/I.Brown/pimms/toc.html HTTP/1.0&quot; 200 1383 </li></ul><ul><li>20:gatekeeper.hertscc.gov.uk - - [05/Jun/2000:17:12:24 +0100] &quot;GET /staff/I.Brown/pimms/bottle.gif HTTP/1.0&quot; 200 9499 </li></ul><ul><li>20:gateway.bradford.gov.uk - - [06/Jun/2000:08:42:09 +0100] &quot;GET /staff/I.Brown/archives/ukcrypto/0399-0699/msg00663.html HTTP/1.1&quot; 200 427 </li></ul><ul><li>20:gatekeeper.bournemouth.gov.uk - - [08/Jun/2000:00:42:40 +0100] &quot;GET /staff/I.Brown/archives/ukcrypto/0898-1198/msg00002.html HTTP/1.0&quot; </li></ul><ul><li>21:mail.braintree.gov.uk - - [16/Jun/2000:11:18:06 +0100] &quot;GET /staff/I.Brown/archives/ukcrypto/1199-0100/msg00266.html HTTP/1.0&quot; 200 3661 </li></ul><ul><li>22:wp.eris.dera.gov.uk - - [13/Jul/2000:11:24:42 +0100] &quot;GET /staff/I.Brown/archives/ukcrypto/0799-1099/msg00508.html HTTP/1.0&quot; 200 4265 </li></ul><ul><li>22:gtfw1.doh.gov.uk - - [14/Jul/2000:19:02:16 +0100] &quot;GET /staff/I.Brown/archives/ukcrypto/l HTTP/1.0&quot; 404 244 </li></ul><ul><li>22:gtfw1.doh.gov.uk - - [14/Jul/2000:19:02:25 +0100] &quot;GET /staff/I.Brown/archives/ukcrypto HTTP/1.0&quot; 302 411 </li></ul><ul><li>22:gatekeeper.bournemouth.gov.uk - - [16/Jul/2000:08:24:10 +0100] &quot;GET /staff/I.Brown/archives/ukcrypto/1198-0299/msg00293.html HTTP/1.0&quot; </li></ul><ul><li>6:shadow.dera.gov.uk - - [05/Apr/2000:14:18:32 +0100] &quot;GET /staff/i.brown/archives/ukcrypto/old/msg00112.html HTTP/1.0&quot; 200 7698 </li></ul><ul><li>6:proxy.hullcc.gov.uk - - [05/Apr/2000:16:50:21 +0100] &quot;GET /staff/I.Brown/archives/ukcrypto/0497-1097/msg00014.html HTTP/1.0&quot; 200 3725 </li></ul><ul><li>7:Bouncer.nics.gov.uk - - [11/Apr/2000:10:31:17 +0100] &quot;GET /staff/i.brown/archives/ukcrypto/1198-0299/msg00138.html HTTP/1.0&quot; 200 4381 </li></ul><ul><li>7:gateway1.gsi.gov.uk - - [11/Apr/2000:12:33:18 +0100] &quot;GET /staff/I.Brown/archives/ukcrypto/0200-0500/threads.html HTTP/1.0&quot; 200 142389 </li></ul><ul><li>7:gateway1.gsi.gov.uk - - [11/Apr/2000:14:35:19 +0100] &quot;GET /staff/I.Brown/archives/ukcrypto/0200-0500/threads.html HTTP/1.0&quot; 200 142674 </li></ul><ul><li>7:gtfw1.doh.gov.uk - - [12/Apr/2000:11:13:31 +0100] &quot;GET /staff/I.Brown/archives/ukcrypto/0497-1097/msg00245.html HTTP/1.0&quot; 200 4714 </li></ul><ul><li>7:gtfw1.doh.gov.uk - - [12/Apr/2000:11:14:33 +0100] &quot;GET /staff/I.Brown/archives/ukcrypto/0497-1097/msg00234.html HTTP/1.0&quot; 200 4811 </li></ul>
  5. 5. E-mail trails Messages are full of clues about their origins
  6. 6. Regulation of Investigatory Powers Act 2000 <ul><li>ISPs must install “black boxes” upon production of a SoS s.12 notice </li></ul><ul><li>“ Comms data” obtained by self-authorised demand from police, Customs etc. </li></ul><ul><li>Content requires warrant from SoS </li></ul>
  7. 7. “ Snooper’s charter” <ul><li>The Department for Environment, Food and Rural Affairs. </li></ul><ul><li>The Department of Health. </li></ul><ul><li>The Home Office. </li></ul><ul><li>The Department of Trade and Industry. </li></ul><ul><li>The Department for Transport, Local Government and the Regions. </li></ul><ul><li>The Department for Work and Pensions. </li></ul><ul><li>The Department of Enterprise, Trade and Investment for Northern Ireland. </li></ul><ul><li>Any local authority within the meaning of section 1 of the Local Government Act 1999. </li></ul><ul><li>Any fire authority as defined in the Local Government (Best Value) Performance Indicators Order 2000 </li></ul><ul><li>The Scottish Drug Enforcement Agency. </li></ul><ul><li>The Scottish Environment Protection Agency. </li></ul><ul><li>The United Kingdom Atomic Energy Authority Constabulary. </li></ul><ul><li>A Universal Service Provider within the meaning of the Postal Services Act 2000 </li></ul><ul><li>A council constituted under section 2 of the Local Government etc. (Scotland) Act 1994. </li></ul><ul><li>A district council within the meaning of the Local Government Act (Northern Ireland) 1972. </li></ul><ul><li>The Common Services Agency of the Scottish Health Service. </li></ul><ul><li>The Northern Ireland Central Services Agency for the Health and Social Services. </li></ul><ul><li>The Environment Agency. </li></ul><ul><li>The Financial Services Authority. </li></ul><ul><li>The Food Standards Agency. </li></ul><ul><li>The Health and Safety Executive. </li></ul><ul><li>The Information Commissioner. </li></ul><ul><li>The Office of Fair Trading. </li></ul><ul><li>The Postal Services Commission. </li></ul>
  8. 8. Anti-Terrorism, Crime and Security Act 2001 <ul><li>Contains provisions for data retention by Communications Service Providers </li></ul><ul><li>“ There is great merit for having information about subscribers kept for five years and call information for two years” –John Abbot, NCIS </li></ul>
  9. 9. Other access <ul><li>Private investigators through social engineering and hacking </li></ul><ul><li>Civil actions e.g. breach of confidentiality </li></ul><ul><li>Accidental revelation </li></ul>
  10. 10. Watermarked data <ul><li>Inter-character, word and line spacing can hide information in text </li></ul><ul><li>Many similar methods for audio, video… </li></ul>(c) F. Petitcolas – Facade of Notre Dame de Fourvière Basilica in Lyon
  11. 11. Trusted computing <ul><li>Documents can be “locked” to individual machines or groups of machines </li></ul><ul><li>Breaking protection both very difficult, and illegal (c.f. EU Copyright Directive) </li></ul><ul><li>Coming soon to a PC/PDA/mobile phone near you… </li></ul>
  12. 12. The end of rehabilitation? <ul><li>Mary Bell and daughter; Robert Thompson and Jon Venables </li></ul><ul><li>Sex offender registers – paediatricians vs. paedophiles </li></ul><ul><li>Press coverage of trials </li></ul>
  13. 13. Actions <ul><li>Prevent data retention; require higher standard for access to data on and from journalists </li></ul><ul><li>Journalists may need to change working practices with source materials </li></ul><ul><li>Rehabilitation issues very difficult </li></ul>

×