The "snooper's charter" showed just what the Government is capable of

The proposed "Filter" programme would have been a vast step up in terms of the state's ability to spy on its citizens.

Surveillance technology is of two main types – equipment that keeps tabs on you in the physical world, and processes that track your activity “online” where computers keep a record of your communications and your financial activity.

The physical world is reasonably straightforward to understand. For instance, large numbers of CCTV cameras are installed in public and private spaces in the UK and recordings are kept of what they see. The cameras may be fixed, or a remote operator may be able to choose where they point and how much they zoom in. Newer systems can produce high quality material to enable precise identification of individuals and may also capture audio to accompany the pictures.

“Online” tracking can be equally revealing of people’s actions and movements. Mobile phones continuously interact with nearby cell towers so that incoming calls can be delivered. The phone companies are obliged to retain data about the location of a phone whenever a call is made or received, but if your phone is powered up then they have access to your location at all times and can provide this to law enforcement in real time if this is required.

The records that telephone companies (both fixed line and mobile) keep can be rapidly interrogated to provide lists of calls made from any particular phone, or to any particular phone. These lists will also include the duration of the call and the physical location of the endpoints. Call records can be identified either by the phone number or the phone's unique IMEI device identifier – permitting the tracing of phone activity even when the SIM has been changed.

When interaction is by email instead of by phone then the authorities can still get lists of who is communicating with whom. The email provider is obliged (if they are within the European Union) to keep records of who email was sent to or from, along with timestamp information and exactly how large each email was. Once again, law enforcement regularly requests lists of this email metadata, which can be indexed by sender or receiver.

So far, all of the surveillance and tracking systems have been considered in isolation. One of the provisions of the draft Communications Data Bill was the creation of a data correlation system dubbed a “Filter”. This system would combine enormous amounts of data from different systems, hoping to identify activity that would not have been apparent within a single system.

It is fundamentally inherent to this proposal that Filter data should be collected on everyone’s activity and that this data should be made available en masse from the private companies, the ISPs and telephone companies that provide services, to government systems for the correlation processing. The data won’t necessarily be physically combined on a single system (in fact it would be poor engineering to do this) but it will be logically combined. The original collectors of the data will not have any knowledge of what it is being used for, or possibly even how much data is being processed, so there will be no opportunity for whistle-blowing should excesses occur.

This integrated processing promises to make it much harder for criminals to communicate over a diversity of systems and thereby avoid being tracked – records of phone calls, emails and tweets could be easily combined. But the system’s capabilities go much further than that and the type of “big data” system envisaged will be capable of complex data mining tasks.

To take a fictional example from Charlie Brooker’s National Anthem, the source of a YouTube upload could be identified by the uniqueness of its size and timing; or, closer to real life, the source of an embarrassing leak could be identified by cross-correlating records to pick out exactly who in Whitehall sent out an email whose reception by a journalist triggered an immediate call to the relevant newspaper editor.

The trade-off for these new insights into criminal activity is that more information must be automatically collected about everyone (“just in case”), it must be stored for long periods, measured in years, and it must be handed over to the government operated filter for processing with the inherent assumption that the processing will be necessary, proportionate and authorised. There is tremendous scope for misusing such a system; a police state would relish the opportunity of correlating data on everyone out on the streets for a demonstration, everyone gathering in groups behind closed doors – or just collating a list of everyone who passed on an email containing a subversive joke. The complexity and secrecy of the proposed “Filter” system will make it extremely challenging to ensure that misuse, or just simple “mission creep”, does not occur.

This is an extract of a longer chapter on the technologies of surveillance in from Open Rights Group’s Digital Surveillance report which offers less intrusive alternatives to the Communications Data Bill, or "Snoopers’ Charter", which Nick Clegg blocked last week.

Photograph: Getty Images

Dr Richard Clayton is a security researcher at the University of Cambridge. He has acted as a specialist adviser for Select Committees of both the Lords and Commons in various inquiries into Internet security topics.

Getty
Show Hide image

There's nothing Luddite about banning zero-hours contracts

The TUC general secretary responds to the Taylor Review. 

Unions have been criticised over the past week for our lukewarm response to the Taylor Review. According to the report’s author we were wrong to expect “quick fixes”, when “gradual change” is the order of the day. “Why aren’t you celebrating the new ‘flexibility’ the gig economy has unleashed?” others have complained.

Our response to these arguments is clear. Unions are not Luddites, and we recognise that the world of work is changing. But to understand these changes, we need to recognise that we’ve seen shifts in the balance of power in the workplace that go well beyond the replacement of a paper schedule with an app.

Years of attacks on trade unions have reduced workers’ bargaining power. This is key to understanding today’s world of work. Economic theory says that the near full employment rates should enable workers to ask for higher pay – but we’re still in the middle of the longest pay squeeze for 150 years.

And while fears of mass unemployment didn’t materialise after the economic crisis, we saw working people increasingly forced to accept jobs with less security, be it zero-hours contracts, agency work, or low-paid self-employment.

The key test for us is not whether new laws respond to new technology. It’s whether they harness it to make the world of work better, and give working people the confidence they need to negotiate better rights.

Don’t get me wrong. Matthew Taylor’s review is not without merit. We support his call for the abolishment of the Swedish Derogation – a loophole that has allowed employers to get away with paying agency workers less, even when they are doing the same job as their permanent colleagues.

Guaranteeing all workers the right to sick pay would make a real difference, as would asking employers to pay a higher rate for non-contracted hours. Payment for when shifts are cancelled at the last minute, as is now increasingly the case in the United States, was a key ask in our submission to the review.

But where the report falls short is not taking power seriously. 

The proposed new "dependent contractor status" carries real risks of downgrading people’s ability to receive a fair day’s pay for a fair day’s work. Here new technology isn’t creating new risks – it’s exacerbating old ones that we have fought to eradicate.

It’s no surprise that we are nervous about the return of "piece rates" or payment for tasks completed, rather than hours worked. Our experience of these has been in sectors like contract cleaning and hotels, where they’re used to set unreasonable targets, and drive down pay. Forgive us for being sceptical about Uber’s record of following the letter of the law.

Taylor’s proposals on zero-hours contracts also miss the point. Those on zero hours contracts – working in low paid sectors like hospitality, caring, and retail - are dependent on their boss for the hours they need to pay their bills. A "right to request" guaranteed hours from an exploitative boss is no right at all for many workers. Those in insecure jobs are in constant fear of having their hours cut if they speak up at work. Will the "right to request" really change this?

Tilting the balance of power back towards workers is what the trade union movement exists for. But it’s also vital to delivering the better productivity and growth Britain so sorely needs.

There is plenty of evidence from across the UK and the wider world that workplaces with good terms and conditions, pay and worker voice are more productive. That’s why the OECD (hardly a left-wing mouth piece) has called for a new debate about how collective bargaining can deliver more equality, more inclusion and better jobs all round.

We know as a union movement that we have to up our game. And part of that thinking must include how trade unions can take advantage of new technologies to organise workers.

We are ready for this challenge. Our role isn’t to stop changes in technology. It’s to make sure technology is used to make working people’s lives better, and to make sure any gains are fairly shared.

Frances O'Grady is the General Secretary of the TUC.