Liberty News

The European Commission has sent a message to the British government, and it reads something like this: If you don't deal with Phorm, we will.

Earlier this month, according to Dow Jones, the European Union commissioner for information society and media sent a "pre-warning letter" to UK authorities, voicing her concern over Phorm, the behavioral ad targeter poised to track user activity on Britain's three largest ISPs: BT, Carphone Warehouse, and Virgin Media.

BT has already conducted two trials with Phorm - and web surfers were not notified.

It is very clear in E.U. directives that unless someone specifically gives authorization (to track consumer activity on the Web) then you don't have the right to do that, EU commissioner Viviane Reding said. If UK government does not deal with the issue, Dow Jones says, the EC could take action in the European Court of Justice.

Bad Phorm from BT Execs

See full article from dephormation

A Stop Phorm activist attended the BT AGM and asked a serious of amusing and awkward questions.

His blog entry makes for good reading:

On to resolution 9, appointment of Ms Hewitt.

Resolution 9 – elect Patricia Hewitt MP as a director

When was Ms Hewitt first informed by BT that it had conducted covert 'stealth' trials (BT's own words) of Phorm/121Media advertising systems? Does BT believe Ms Hewitt, or any other MP, would welcome interception of their unencrypted communications for advertising?

Michael Rake tried to shield her with more waffle. Ms Hewitt is obviously well used to handling difficult questions... She rescued him from deep embarrasment. She didn't specify a date, but mentioned a board meeting. Amazingly, she left herself hostage to fortune by saying she would opt in to Phorm because she trusted their assurances.

...Read full article

In Britain, we have regressed and that is the trend which David Davis is importantly drawing attention to in the run-up to his byelection and no doubt beyond. Rights, liberties and the liberty instinct are evaporating in this country, partly through ignorance of the historic struggle to win our freedoms - and the civilising effect this had on the world - and partly from selfishness and fear that has been remorselessly encouraged by the tabloid press. Into this gap have stepped sinister forces in the Civil Service and a government programmed to think of governance as no more than control.

We may be at the stage where we should coldly ask what is the point of personal freedom in our society? Russia has democracy without liberty and China has capitalism without democracy or liberty. Does the 21st century need to bother with the thing that tied up so much effort in the previous 250 years? Have personal freedom and rights become redundant, rather like the familiar objects that are gradually disappearing in our de-physicalised world - letters, CDs, road maps, photos, address book, albums?

...Read full article

Random searches of passengers and their belongings will begin next week on LA's Metrolink commuter trains.

Passengers got the news via a flier left on train seats. Sheriff’s deputies will be setting up random screening stations at random times. Access to the station platform will be restricted; passengers must pass through the checkpoint to gain access to the station platform, stated the flier.

The release goes on to say that some passengers will be selected from those lines and have their baggage searched. Anyone who refuses to be searched won’t be allowed to get on the train. Deputies are looking for “explosives” or other “dangerous items.”

Metrolink spokeswoman Denise Tyrrell said police are primarily looking for explosives, but won’t turn a blind eye to other issues. They are police officers, Tyrrell added: If you have a half a pound of hash in your book bag, they are going to arrest you. I would suggest if that’s the case you are one of the people that wants to walk away.

Sweden voted in favour of its controversial snoop law, after the proposal was amended.

Under the new law, all communication across Swedish borders will be tapped, and information can also be traded with international security agencies, such as America's National Security Agency.

A total of 143 members of parliament voted to pass the bill into law, with 138 delegates opposed.

Earlier , prime Minister Fredrik Reinfeldt failed to win the backing of his four-party coalition: the draft was sent back to the committee for revision. Key members of parliament who were likely to vote against the proposition were put under pressure by their parties, according to some reports.

Despite receiving copies of George Orwell's book 1984 from protesters earlier this week, MPs from Sweden's ruling party believe the law does not constitute the final nail in the coffin of democracy.

The amended law includes the creation of an agency to control the granting of permissions. The Swedish Data Inspection Board is to monitor the surveillance activities of the National Defence Radio Establishment. An external group comprising members appointed by the government will monitor privacy and integrity issues.

Pirates are the Good Guys vs the State Villains

Thanks to Donald
See Pirate Party to take Sweden to EU court from The Local

Sweden's Pirate Party has said it will take the country to the European Court of Human Rights in a bid to overturn a far-reaching eavesdropping law passed by the Riksdag on Wednesday evening.

• 'Yes' to surveillance law (18 Jun 08)
• Snoop law vote to go ahead (18 Jun 08)
• 'Orwellian law must be stopped' (18 Jun 08)

Deputy leader Christian Engström told The Local that the Pirate Party believed the new law was in clear breach of the European Convention for the Protection of Human Rights and Fundamental Freedoms.

Two groups have asked the courts to review a decision that allows border-patrol agents to search U.S. citizens' laptops without suspicion of crime.

The Electronic Frontier Foundation and the Association of Corporate Travel Executives claim that the laptop searches violate citizens' Fourth Amendment rights, which protect them from unreasonable search and seizures.

The case began in 2005, after U.S. citizen Michael Arnold returned to the U.S. from the Philippines and was arrested by Customs and Border Patrol agents who searched his laptop. A district court ruled in Arnold's favor. 

A three-judge panel from the 9th Circuit Court of Appeals overturned the district court's decision in April.

The Electronic Frontier Foundation and the Association of Corporate Travel Executives now contend that the 9th Circuit Court of Appeals' decision essentially negated the Fourth Amendment and put citizens' privacy and identities at risk, since border patrols can confiscate laptops and make full copies of their contents.

The two groups argue that laptops often contain personal banking and identity information and the level of privacy invasion at a border search is "enormous."

The groups are asking the court to require border agents to have reasonable suspicion of a crime to search a laptop. A decision on whether the court will rehear the case is expected to come within the next few months.

The Tory shadow Home Secretary, David Davis, has announced he will resign as an MP to force a by-election centred on the government's noxious counterterrorism bill.

In his resignation speech, he said:

The name of my constituency is Haltemprice and Howden. Haltemprice is derived from the medieval proverb meaning 'noble endeavour'. Up until yesterday I took the view that what we did in the House of Commons representing our constituents was a noble endeavour because for centuries our forebears defended the freedoms of the British people – or we did, up until yesterday.

This Sunday is the anniversary of the Magna Carta, the document that guarantees that most fundamental of British freedoms, habeas corpus, the right not to be imprisoned by the state without charge or reason. Yesterday this House decided to allow the state to lock up potentially innocent citizens for up to six weeks without charge.

The counterterrorism bill will in all probability be rejected by the House of Lords very firmly. What should they be there for if not to defend the Magna Carta. But because the impetus behind this is essentially political not security the government will be tempted to use the Parliament Act to overrule the Lords. It has no democratic mandate to do this since 42 days was not in the manifesto. Its legal basis is uncertain to say the least. But purely for political reasons this government's going to do that.

In truth 42 days is just one, perhaps the most salient example, of the insidious, surreptitious and relentless erosion of fundamental British freedoms.

We will have shortly the most intrusive identity card system in the world. A CCTV camera for every 14 citizens, a DNA database bigger than any dictatorship has, with thousands of innocent children and a million innocent citizens on it. We've witnessed an assault on jury trials, that bulwark against bad law and its arbitrary abuse by the state, shortcuts for our justice system that make our justice system neither firm nor fair, and the creation of a database state, opening up our private lives to the prying eyes of official snoopers and exposing our personal data to careless civil servants and criminal hackers.

The state has security powers to clamp down on peaceful protests and so-called hate laws which stifle debate, while those who serve violence get off scot-free. This cannot go on, it must be stopped and for that reason today I feel it is incumbent on me to take a stand.

I will be resigning my membership of this House and I intend to force a by-election in Haltemprice and Howden. I will not fight it on the government's general record; there is no point repeating Crewe and Nantwich. I will fight it on my personal record. I am just a piece in this great chess game. I will fight it. I will argue this by-election against the slow strangulation of fundamental British freedoms by this government. That may mean I have made my last speech to the House, possible. And of course that would be a cause of deep regret to me. But at least my electorate and the nation as a whole would have had the opportunity to debate and consider one of the most fundamental issues of our day. The ever-intrusive power of the state into our lives, the loss of privacy, the loss of freedom If they do send me back here, it will be with a single, simple message. That the monstrosity of al aw that we passed yesterday will not stand.

The German government have passed an anti-terror law that would grant police the power to monitor private residences, telephones and computers.

Instead of tapping phones, they would be able to use video surveillance and even spy software to collect evidence. Physically tampering with suspects' computers would still not be allowed, but police could send anonymous e-mails containing trojans and hope the suspects infect their own computers.

Government cyberspying, the legislators point out, would only be conducted in a handful of exceptional cases.

The bill, called a building block for Germany's security architecture by interior minister Wolfgang Schäuble, still needs to be approved by the lower and upper chamber of the German parliament.

The federal law was passed after months of heated debate. The proposed plans would not only widen the anti-terror skills of police and the Federal Crime Office, better known as BKA, it would also reverse recent rulings by Germany's constitutional court and Federal Supreme Court. A law which permits authorities in the western state of North Rhine-Westphalia to spy on computer users was rejected recently and last year the the Supreme Court ruled online police spying was unlawful.

Max Stadler, a security expert with the German Free Democratic Party, warned earlier the plan would weaken the trust of German citizens in government.

Three angry expressions and you're toast. Better safe than sorry!

European airlines are prototyping cameras trained on every passenger in flight, married to some kind of snake-oil "terrorism detection" software that will be able to tell if the guy in 11J is planning to rush the cockpit.

The European Union's Security of Aircraft in the Future European Environment (SAFEE) project uses a camera in every passenger's seat, with six wide-angle cameras to survey the aisles. Software then analyses the footage to detect developing terrorist activity or "air-rage" incidents, by tracking passengers' facial expressions...

It looks for running in the cabin, standing near the cockpit for long periods of time, and other predetermined indicators that suggest a developing threat, says James Ferryman of the University of Reading, UK, one of the system's developers.

Other behaviours could include a person nervously touching their face, or sweating excessively. One such behaviour won't trigger the system to alert the crew, only certain combinations of them.

Ferryman is not ready to reveal specifically which behaviours were most likely to trigger the system. Much of the computer's ability to detect threats relies on sensitive information gleaned from security analysts in the intelligence community, he tells New Scientist.

Watching over the Town of Poole?

A privacy watchdog is to investigate a council that used powers to spy on people, including a family suspected of lying about where they lived.

A couple were monitored for nearly three weeks by Poole Borough Council to find out if they were really living in a school catchment area.

Covert surveillance was also used to check for the illegal harvesting of cockles and clams by fishermen.

The Information Commissioner's Office (ICO) said it has "concerns". David Smith, deputy commissioner at the ICO, said: The ICO has some concerns about the surveillance that has taken place in Poole. It seems that in at least some cases the surveillance has involved the covert collection of personal information about those individuals under scrutiny. We will be contacting Poole Borough Council to ensure that the way in which personal information about those under surveillance has been collected and subsequently processed meets the requirements of the Data Protection Act.

The council said it had carried out surveillance on 17 separate occasions under the Regulation of Investigatory Powers Act (RIPA) since 2005.

Town hall snoopers are taking a liberty

See full article from the Telegraph by John Hipkin

Victims of the growing fondness for council surveillance are numerous and random: dog owners whose pets foul public grass; worried parents in Poole under suspicion of abusing school catchment area rules; unlawful shell fishermen in Poole. Plymouth council is currently exploring ways to make it easier to prosecute refuse "infringements".

These "crimes" have all been investigated under powers given to local councils by the Regulation of Investigatory Powers Act (Ripa), primarily designed to curb the use of the internet for illegal purposes by terrorists, serious criminals and paedophiles. It beggars belief that these powers are being used to catch such a pernicious threat to society as the under-age smoker.

Meanwhile, under a different edict, but on similar territory, the Communities and Local Government minister Hazel Blears has issued guidance for local authorities on community cohesion. This takes us into realms of social engineering of a deeply troubling kind.

Community Cohesion is what must happen in all communities... states her guidance. It will be achieved, in part, by establishing a multi-agency tension monitoring group, led by officers from the local authority and/or the local police force. These sentiments could have come from George Orwell's Ministry of Love.

...Read full article

Imagine a country where strangers have the right to ask intrusive questions and store the answers on a database. Where everyone from police officers to leisure-centre staff can demand: Tell me who you feel close to?

They will also have been trained to ask questions about sexual behaviour, family life, religion, secret fears, weight and "sleeping arrangements" at home.

Incredibly, thousands of Government and council apparatchiks in Britain became entitled on April 1 to ask such questions of anyone under 19.

This horrifying invasion of privacy has begun, almost unnoticed, because the Government has cleverly presented it as being in the interests of "child protection".

The new questionnaire, known as the Common Assessment Framework (CAF), is part of a £20million programme called Every Child Matters (ECM), ostensibly set up to ensure youngsters are safe and leading positive lives.

Professionals - such as police officers, teachers and doctors - and volunteers are now under orders to subject children to a questionnaire if they consider them "at risk": a definition so broad that many decent parents could find themselves labelled as potential abusers.

The questions don't need a parent's consent since any child over 12 is deemed responsible enough to grant permission for an interview.

Any child not achieving the Government's five "outcomes" - being healthy, staying safe, enjoying life, "making a positive contribution", and achieving " economic well-being" - is now defined as having "additional needs".

The Integrated Children's System isn't fit for purpose and many authorities are dragging their feet about implementing it because it's worrying the hell out of them, said Terri Dowty, director of Action On Rights For Children.

One police officer, who attended a CAF course, told me that many of his colleagues are so reluctant to interview teenage criminals about their emotional needs, sex life and diets that they avoid calls involving them. We're cops, not social workers, he said. It's insane. He and his colleagues have renamed the agenda Every Fat Kid Matters.

The UK supermarket chain, Budgens, has installed face recognition cameras in one of its stores to stop children buying alcohol and cigarettes.

It is thought to be the first time a UK retailer has used the technology to identify underage customers.

The scheme is being piloted at an unnamed branch of Budgens in London.

If the system recognises someone who has previously been unable to prove they are 18, a signal alerts the cashier who will refuse to serve them.

Facial recognition software makes a unique template of an individual's features by taking measurements between key points on the face.

Three cameras have been installed at the pilot branch, one in each checkout lane. The cameras monitor customers as they approach the tills, transmitting the pictures to a control centre in Worcester. The customers' facial features are automatically scanned against a database of images of young people who have visited the store before. Anyone who has been refused alcohol or cigarettes on a previous occasion will be flagged up.

The system also identifies when a customer has previously verified that they are 18 or over, enabling the sale to proceed more quickly. Young customers who are not recognised by the system will be asked by the cashier to provide proof of their age when buying drink or cigarettes. Their details will then be added to the database.

Charlie Willetts, managing director of Charton Ltd, which is supplying the software, said the system had to overcome a number of technical issues first and ensure that it was compliant with data protection laws. The storage of large amounts of data is also likely to fuel concerns about civil liberties.

Almost unnoticed last week, the Government announced it had shaved another £1 billion off the cost of its proposed identity card scheme.

It did so by deciding to let the "open market" capture citizens' biometrics, effectively outsourcing the cost of enrolling people on to the ID database. You could end up getting your fingerprints taken at a supermarket, rather than at a passport office as originally proposed.

Almost imperceptibly, the security architecture originally built around the ID card project has been dismantled.

Does any of this sound secure to you? It seems to defeat the purpose of the whole exercise, which is to protect identities, capture terrorists, bear down on benefit fraud and stop illegal immigration. But of course none of these will be ameliorated by the possession of an ID card, which nobody will be required to carry with them.

As one perplexed campaigner said after the publication of the new costings: The Government now appears to have junked the primary pretext for the scheme. So what is it for?

...Read full article

The US Federal Bureau of Investigation (FBI) has withdrawn a secret demand that the Internet Archive, an online library website, provide the agency with a user's registered personal information after the Web site challenged the records request in court.

The FBI sent a national security letter, or NSL, to the Internet Archive in November and included a gag order barring site founder Brewster Kahle from talking to anyone other than his lawyers about the request.

Kahle, the Electronic Frontier Foundation (EFF) and the American Civil Liberties Union (ACLU) filed a lawsuit to challenge the subpoena, arguing that the NSL program is unconstitutional, and the FBI withdrew the NSL on April 22.

The settlement between the FBI and the Internet Archive allowed Kahle to break the gag order, a standard part of an NSL request. The Internet Archive's challenge of the NSL is only the third case that the ACLU is aware of in which an NSL has been challenged in court, said Melissa Goodman an attorney for the civil liberties group's National Security Project.

The NSLs basically allow the FBI to demand extremely sensitive personal information about innocent people without any prior court approval, often in total secrecy, Goodman said.

The NSL program, expanded when Congress passed the antiterrorism Patriot Act shortly after the Sept. 11, 2001, attacks on the U.S., allows the FBI and other U.S. government agencies to issue administrative subpoenas to US businesses for customer and other personal information.

Although the settlement keeps parts of the FBI request secret, Kahle applauded the lawsuit and settlement, saying it will show other businesses how to challenge NSLs. The FBI issued nearly 200,000 NSLs between 2003 and 2006, according to a U.S. Department of Justice inspector general's report.

The gag order prevented Kahle from discussing the case with the library's board of directors, staff, and even his wife, he said. Gags don't seem to be necessary, he said. Gagging librarians is horrendous.

The NSL sent to the Internet Archive asked for a user's name, address, length of service, e-mail header information and activity logs.

The Internet Archive provided the FBI some information that was publicly available on the site, but could not comply with the FBI request because the site does not track user activity or record IP (Internet Protocol) addresses, said Kurt Opsahl, a senior staff attorney with the EFF. The site asks only for an unverified e-mail address when users register.

Oyster Cards: Containing pearls of data for the snoops

Spy chiefs are demanding the right to monitor the movement of bus, train and car passengers in Scotland supposedly as part of the battle against terrorism.

MI5 wants to use live information from a new generation of swipe-card payment systems planned for buses, trams and trains, as well as automatic number-plate recognition, to plot the movement of suspects as they travel.

It argues the information could be used to foil terrorist incidents such as last year's Glasgow Airport attack. But civil rights campaigners say the plan is another step towards a "surveillance society" and is open to abuse.

Currently, the security services need to make specific requests to monitor an individual, but they want to be able to watch anyone without seeking permission first.

In London, the Oyster swipe card, covering the Underground and buses, already records the details of around 17 million travellers automatically. Similar travel systems are planned across Britain, including Glasgow and Edinburgh, within five years.

If the security services get their way, details from these schemes will also be open to random checks. Plans to introduce swipe cards in Glasgow covering bus, subway or train tickets have already been mooted, and a similar scheme will come into operation with Edinburgh's new tram network.

The security agencies also want access to the Automatic Number Plate Recognition Scheme, a UK-wide network of 3,000 CCTV cameras.

The technology has the eventual capacity to monitor up to 50 million cars a day, including the time and date a vehicle was spotted, and its location, direction and final destination.

Microsoft has developed a small plug-in device that the authorities can use to quickly extract forensic data from computers.

The COFEE, which stands for Computer Online Forensic Evidence Extractor, is a USB "thumb drive" that was quietly distributed to a handful of law-enforcement agencies last June. Microsoft General Counsel Brad Smith described its use to the 350 law-enforcement experts attending a company conference

The device contains 150 commands that can dramatically cut the time it takes to gather digital evidence, which is becoming more important in real-world crime, as well as cybercrime. It can decrypt passwords and analyze a computer's Internet activity, as well as data stored in the computer.

It also eliminates the need to seize a computer itself, which typically involves disconnecting from a network, turning off the power and potentially losing data. Instead, the investigator can scan for evidence on site.

More than 2,000 officers in 15 countries, including Poland, the Philippines, Germany, New Zealand and the United States, are using the device, which Microsoft provides free.

New snooping laws are being used by Scottish councils to track people suspected of housing-benefit fraud, selling cigarettes to children and environmental-health offences. Campaigners are now calling for a root-and-branch review into the Regulation of Investigatory Powers Act (Ripa), after the scale of its use by local authorities across the UK was revealed.

Ripa was introduced in 2000, primarily giving the police, security services and HM Revenue and Customs wide powers to spy on people and their communications.

The main objectives of the Act were to help in the fight against crime and terrorism. But in 2002, the powers were controversially extended to councils, offering the opportunity to carry out surveillance.

An investigation has now revealed that councils have even used the Act to track dog-foulers and litterbugs, with some local authorities using the powers more than 100 times in the last 12 months.

Among the Scottish local authorities that confirmed using Ripa in the past year was Aberdeen City Council, which admitted covert surveillance on eight occasions to investigate benefit fraud, environmental-health and trading-standards issues. The council did not specify which environmental-health offences were involved, but this can include flytipping, littering and noisy-neighbour disputes.

Glasgow City Council carried out physical surveillance 24 times in criminal investigations, over trading-standards offences and illegal money-lending. Thirteen requests to access phone billing information – another power granted under the Act – were used in the same investigations.

Earlier this month, it emerged that a family in Poole in Dorset had been covertly tracked for nearly three weeks to check if they lived in a school catchment area.

The investigation has also revealed that the law was used in at least seven cases to find out about people who let their dogs foul; a breach of planning law; an animal-welfare case; and an instance of littering.

The findings have fuelled the debate on the surveillance culture in Britain and whether councils are using Ripa – which has been dubbed “a snoopers'
 charter” – proportionately.

Privacy International director Simon Davies called for a root- and-branch review of Ripa and questioned the huge cost to the taxpayer of the council surveillance: There have to be hard limits on the scope of surveillance by local authorities who do not work within the spirit of the Act or indeed the letter . Local authorities can be very petty and vindictive and they can become obsessed with issues like dog fouling and there can be a lack of judgment.

The FBI has called for new legislation that would allow federal police to monitor the Internet for “illegal activity.” The suggestion from FBI Director Robert Mueller, which came during a House of Representatives Judiciary Committee hearing, appears to go beyond a current plan to monitor traffic on federal-government networks. Mueller seemed to suggest that the bureau should have a broad “omnibus” authority to conduct monitoring and surveillance of private-sector networks as well.

The surveillance should include all Internet traffic, Mueller said. In response to questions from Rep. Darrell Issa, a California Republican, Mueller said his idea: balances on one hand, the privacy rights of the individual who are receiving the information, but on the other hand, given the technology, the necessity of having some omnibus search capability utilizing filters that would identify the illegal activity as it comes through and give us the ability to preempt that illegal activity where it comes through a choke point.

In response, Issa said: Can you have someone on your staff designated to work with members of Congress on trying to craft that legislation?

If any omnibus Internet-monitoring proposal became law, it could implicate the Fourth Amendment'
s guarantee of freedom from unreasonable searches and seizures. In general, courts have ruled that police need search warrants to obtain the content of communication, and the federal Wiretap Act created “super warrant” wiretap orders that require additional steps and judicial oversight.

In addition, it'
s unclear whether “illegal activity” would be limited to responding to denial-of-service attacks and botnets, or would also include detecting other illegal activities, such as online gambling, the distribution of “obscene” images of adults engaged in sexual acts, or selling drugs without a license.

To be fair, Wednesday'
s discussion of the plan was geared toward cybercrime and the Bush administration'
s classified “cyberinitiative,” which includes a shadowy program known as Einstein. Some politicians have already raised concerns that even Einstein, which is described as dealing only with government networks and not private ones, could infringe upon the privacy rights of American citizens. It'
s already in place at 15 federal agencies, but Homeland Security has said it'
s still preparing the necessary privacy impact assessments for a proposed $293 million governmentwide Einstein expansion.

Just a few routine questions Sir

The power of the police to mount surveillance operations at peaceful protests is being challenged in court.

In a case seen as opposing Britain's move towards a Big Brother-style society, the High Court will determine if police are legally entitled to take photographs and compile information on protesters even if they do not break the law.

Arms campaigner Andrew Wood from Oxford claims that his human rights were infringed after Scotland Yard took his details and images of him even though he was not arrested.

The two-day judicial review is likely to determine the legality of surveillance and whether 'routine' intelligence gathering is permissible under the Human Rights Act.

Wood attended the 2005 annual meeting of Reed Elsevier, a publisher of academic journals which also runs arms fairs. The Metropolitan Police openly photographed and questioned members of the public who attended the central London meeting.

At the time Wood was press officer at Campaign Against Arms Trade. Scotland Yard has admitted that photographs and notes were stored on computers although no one was arrested or charged. Wood was there as a shareholder to ask about the recent purchase of the arms exhibition subsidiary Spearhead.

I hope this legal action will safeguard our rights to privacy, said Wood, who was granted legal aid.

Police claim that routine intelligence gathering plays a key role in deterring crime. However, the case comes amid concern that Britain is heading towards a 'police state', with the government's information commissioner warning that fears the UK would sleepwalk into a surveillance society have become a reality.

Routine journeys carried out by millions of British motorists can be monitored by authorities in the United States and other enforcement agencies across the world under anti-terrorism rules introduced quietly by Jacqui Smith.

The discovery that images of cars captured on road-side cameras, and "personal data" derived from them, including number plates, can be sent overseas, has angered MPs and civil liberties groups concerned by the increasing use of "Big Brother" surveillance tactics.

Images captured by road-side cameras will be made available to foreign authorities
Images of private cars, as well as registration numbers, could be sent outside to countries such as the USA

Yesterday, politicians and civil liberties groups accused the Home Secretary of keeping the plans to export pictures secret from Parliament when she announced last year that British anti-terrorism police could access "real time" images from cameras used in the running of London's congestion charge.

A statement by Miss Smith to Parliament on July 17, 2007, detailing the exemptions for police from the 1998 Data Protection Act, did not mention other changes that would permit material to be sent outside the European Economic Area (EEA) to the authorities in the US and elsewhere.

Her permission to do so was hidden away in an earlier "special certificate" signed by the Home Secretary on July 4. The certificate specifically sets out the level of data that can be sent to enforcement authorities outside the European Economic Area (the EU plus Iceland, Liechtenstein and Norway) by anti-terrorist officers from the Metropolitan Police. It says: The certificate relates to the processing of the images taken by the camera, personal data derived from the images, including vehicle registration mark, date, time and camera location.

Last night, Nick Clegg, the Liberal Democrat leader, said: This confirms that this Government is happy to hand over potentially huge amounts of information on British citizens under the catch-all pretext of 'national security'.

Civil liberties campaigners said they were appalled that images of innocent people's journeys could end up in the hands of the British police, let alone foreign investigators. They feared that it was a move towards the US-style system of "data mining" - in which powerful computers sifted millions of pieces of information as they tried to build patterns of behaviour and match them to material about suspects.

Web companies are increasing their lobbying efforts against New York Assemblyman Richard Brodsky's proposed bill aimed at regulating snooping on web browsing with view to targeting advertising.

A consortium of members representing 12 companies, including AOL, Yahoo!, Google, Facebook, Comcast and eBay, complained about the bill in a letter to Brodsky.

The letter sent on behalf of the misleadingly named State Privacy and Security Coalition, said the proposed bill would have profound implications for the future of Internet advertising and the availability of free content on the Internet. The coalition wrote that the bill would subject advertising networks to an extremely detailed, unprecedented array of notice, consent and access obligations.

The group said the bill is unnecessary because several large advertising networks voluntarily allow users to opt out of behavioral targeting.

Brodsky, who said the measure is needed to protect privacy, said the State Privacy and Security Coalition is going to lose this fight. They're taking the position that a corporation can exploit, control and manipulate the activities of private citizens.

The proposed bill, the Third Party Internet Advertising Consumers' Bill of Rights (A. 9275), seeks to impose a host of requirements on companies that monitor Web-surfing activity for marketing purposes. Among the most significant requirement is that companies that use cookies to track browsing activity tell users about the practice and give them an opportunity to opt out.

The bill is largely patterned after the seven-year-old voluntary standards created by the Network Advertising Initiative who have proposed new behavioral-targeting guidelines. Among other changes, the new standards call for companies to obtain users' consent before using their Web-surfing history to target them based on "sensitive" matters, such as certain medical conditions, psychiatric conditions or sexual behavior. The new proposal also prohibits companies from using behavioral-targeting strategies to market to children younger than 13.

Ad-targeting system Phorm must be "opt in" when it is rolled out, says the Information Commissioner Office (ICO)

European data protection laws demand that users must choose to enrol in the controversial system, said the ICO in an amended statement.

The ICO only commented on whether Phorm complied with UK and European data protection laws. It said a decision about whether Phorm broke laws on interception was a matter for the Home Office.

From its discussions with Phorm, the ICO said it appeared the company did not break laws regarding "personal data" ie information which can be used to identify a living individual.

The ICO said European laws demand that users must consent to their traffic data being used for "value added services". The ICO wrote: This strongly supports the view that Phorm products will have to operate on an opt in basis to use traffic data as part of the process of returning relevant targeted marketing to internet users.

Before now Phorm has been expecting to operate on an "opt out" basis where every customer of ISPs that have signed up is enrolled unless they explicitly refuse to use it.

Responding to the ICO statement, Kent Ertugrul, chief executive of Phorm, said We now have a statement from the Home Office and the Information Commissioner saying not only is there no privacy issue but there is no interception issue either. He said that the warnings Phorm will give to those enrolled in it would "exceed substantially" the "valid and informed consent" demanded by European regulations.

Responding to the ICO statement, Nicholas Bohm, general counsel for the Foundation for Information Policy Research, said: The ICO has set a floor below Phorm-like activities by saying it has at least to be opt in and that's better than before. Bohm said Phorm had consistently "ducked" questions about whether its system was "opt in". Being opt in faces them with a much more difficult business model, he added.

Phorm has admitted that it deleted key factual parts of the Wikipedia article about the huge controversy fired by its advertising profiling deals with BT, Virgin Media and Carphone Warehouse.

A number of Phorm-friendly edits were made to the page. The revisions were quickly reverted by a Wikipedian who argued that they made Phorm out to be "awesome and perfect".

In a telephone conversation, a spokesman for Phorm refused to comment on why it had tried to censor a quotation from The Guardian's commercial executives describing the ethical stance they took against its tracking system. He also refused to talk about the deletion of a passage explaining how BT admitted it misled customers over the 2007 secret trial.

Phorm also deleted a link to the The Register's report on the 2006 trial, and accompanying reference to BT's own document. It said that the aim of the trial was to validate that users were unaware of the presence of the tracking system.

The spokesman said Phorm's PR team had not been aware of Wikipedia's policy on conflicts of interest. Among many other rules they violated, it states: Producing promotional articles for Wikipedia on behalf of clients is strictly prohibited.

Experian, the credit checking company, is braving mounting concerns over internet privacy with plans to launch a service that will track broadband users' activity so they can be targeted with advertising.

Through Hitwise, the web-site company it acquired for £120m a year ago, Experian has held talks with internet service providers to sell its monitoring technology.

Observers expect it to compete in part with Phorm who have stirred controversy after being recruited by BT, TalkTalk and Virgin Media to track their 10m customers' behaviour so they can be sent advertising messages on the websites they are looking at.

However, the key difference is that Hitwise, which describes itself as an “online competitive intelligence service” would play little part in dispatching the advertising to web pages itself, something that Phorm does through its Open Internet Exchange.

The head of one of Britain's biggest internet providers has criticised the music industry for demanding that he act against pirates.

The trade body for UK music, the BPI, asked internet service providers to disconnect people who ignore requests to stop sharing music.

But Charles Dunstone of Carphone Warehouse, which runs the TalkTalk broadband service, is refusing.

He said it is not his job to be an internet policeman. Dunstone, whose TalkTalk broadband is Britain's third biggest internet provider, said the demands are unreasonable and unworkable. He also said his firm will refuse to cooperate with the BPI, despite threats of legal action.

But the BPI said internet firms need to educate their customers not to steal music. It also claims that if they do not help with the fight against music piracy, then the government will bring in legislation to make them cooperate.

BT tested secret "spyware" on tens of thousands of its broadband customers without their knowledge, it admitted recently.

It carried out covert trials of a system which monitors every internet page a user visits.

An investigation into the affair has been started by the Information Commissioner, the personal data watchdog.

Privacy campaigners reacted with horror, accusing BT of illegal interception on a huge scale. The company was forced to admit that it had monitored the web browsing habits of 36,000 customers.

The scandal came to light only after some customers stumbled across tell-tale signs of spying. At first, they were wrongly told a software virus was to blame.

Executives insisted they had not broken the law and said no 'personally identifiable information' had been shared or divulged.

BT said it randomly chose 36,000 broadband users for a "small-scale technical trial" in 2006 and 2007.

The monitoring system, developed by U.S. software company Phorm scans every website a customer visits, silently checking for keywords and building up a unique picture of their interests.

Nicholas Bohm, of the Foundation for Information Policy Research, said BT's actions amounted to illegal data interception. He told the BBC: It seems a clear-cut case of illegal interception of communication.

A further trial is planned in the next few weeks, BT said, but customers will be asked in advance.

Technical analysis of the Phorm online advertising system has reinforced an expert's view that it is "illegal".

The analysis was done by Dr Richard Clayton, a computer security researcher at the University of Cambridge.

What Dr Clayton learned while quizzing Phorm about its system only convinced him that it breaks laws designed to limit unwarranted interception of data.

The Information Commissioner's Office (ICO) has also said it would monitor Phorm as it got closer to deployment.

In addition the ICO confirmed that BT is planning a large-scale trial of the technology involving around 10,000 broadband users later this month.

Previous trials of the technology by the telecoms firm were branded "illegal" by Nicholas Bohm of the Foundation for Information Policy Research (Fipr), which campaigns on digital rights issues.

As the company did not inform customers that they were part of the trial, he said the tests were "an illegal intercept of users' data".

In the subsequent trial the ICO said: We have spoken to BT about this trial and they have made clear that unless customers positively opt in to the trial their web browsing will not be monitored in order to deliver adverts.

Husbands who are not where they are supposed to be could soon be in danger of being “sniffed” out by a mobile phone service that gives suspicious partners an electronic map showing the location of their spouse.

The Social Network Integrated Friend Finder (Sniff) is a new application, accessed via Facebook or mobile phone. The service promises to provide users with a detailed map of their friends' locations, any time and anywhere. However, there are fears that Sniff could be abused by employers to remove the last vestiges of privacy from staff.

Useful Networks, the American company behind Sniff, promised that only consumers who gave their permission could be electronically tracked by the service, which operates across all mobile carriers. Users can specify who can and can not sniff them, or whether they are open to be sniffed by anyone on the network. The company plans to charge users about 75p for each location “sniff”, with the results for mobile customers sent by return text.

“Sniffing” works through similar technology used by the police to track down suspected terrorists or missing children via their mobile phones. The phone sends a signal to nearby base stations. Positioning software performs a triangulation calculation on the information from the base stations and converts it into a geographical location.

Brian Levin, chief executive officer of Useful Networks, told The Times: Privacy is paramount and sniffing should only be used by people you can trust.

But employees who are enjoying a long lunch or a secret liaison instead of the business meeting in their diary could also find themselves “sniffed out”. Levin said: If the employer is paying the phone bill and employees are aware they can be 'sniffed', at least everyone knows those are the rules.

Levin also cautioned that sniffing should not be relied upon by parents to track their young children: the service will only place a location within a radius of about 200m.

Useful Networks hopes to introduce “sniffing” in Britain this month.

Update: SNIFF Away

4th June 2008

The SNIFF service which allows friends and family to find out where you are has been launched in Britain.

The technology delivers a map to the inquirer's mobile phone, giving the location to the nearest 100 metres.

But those behind the idea insisted that such a service can only work if the person being sought gives permission to be found. And if someone has already agreed to be tracked, they have then option to be made “invisible” for as long as they want.

Users will be able to register on the Social Network Integrated Friend Finder (SNIFF) via social networking sites Facebook, Bebo and MySpace, as well as online, and each searching text will cost 50 pence.

The service provider, American-based company Useful Networks, hopes hundreds of thousands of people will sign up. It has been running in Scandinavia for several months and each registered person has an average of five to seven people they track.