SunGard Aquires Hosting 365
A synopsis of SunGard's acquisition of 365 Hosting Limited, a Dublin, Ireland-based cloud computing and data centre services company..
ZDNet UK / News and Analysis / Security / Security Threats
Plan to extend police-hacking powers gathers pace
Topics
NEWS
The UK government has agreed to work with the European Parliament on plans to extend police powers to conduct remote searches of computers.
The European Union Council of Ministers approved a plan in November 2008 to grant law-enforcement authorities in member states the power to perform remote searches of suspects' computers, as well as to perform 'cyber patrols' of the internet and increase data sharing between European police forces. The plan, to be implemented within the next five years, raises the possibility of cross-border co-operation on cyber investigations.
The Home Office said on Monday that it has decided to participate in the further formulation of the European Parliament plans, but that no timetable or detail for the proposals had been settled.
"The UK has agreed to a strategic approach towards tackling cybercrime on the same basis as all member states; however... the Council conclusions are not legally binding, and there are no agreed timescales," the Home Office said in a statement. "We fully support work to develop an understanding of the scale and impact of electronic crime across the EU and will work with member states to develop the detail of the proposal."
According to Richard Clayton, a Cambridge University computer security expert, it has been legal for the police to hack into suspect systems without a warrant since 1995, when a 1994 amendment of the Computer Misuse Act was brought into force. Remote warrantless searches of computers are also legal under part three of the Police Act 1995, and under parts of the Regulation of Investigatory Powers Act 2000.
Clayton told ZDNet UK on Monday that the most likely method for UK police to hack into computers was to enter a premises and install a keylogger on the target system. This would be more reliable than a drive-by download or "sending an email with a dodgy attachment", as the chances of successful interception of data were higher, said Clayton. Alternatively, police could hack Wi-Fi networks to gain access to systems, said the computer security expert.
"The police could sit outside the door, search for the Wi-Fi network, break the WEP or WPA encryption key and look at the contents of the hard drive," said Clayton.
The Association of Chief Police Officers (ACPO) said that between 2007 and 2008 there had been 194 warrantless searches performed by the police, but an ACPO spokesperson was unable to confirm at the time of writing how many of those searches had been of computers.
To perform a warrantless search, the police need the approval of a chief constable — no judicial oversight is necessary. However, according to an ACPO statement, the police should also in some circumstances seek the approval of the surveillance commissioner, except in an emergency.
"To be a valid authorisation, the officer giving it must believe that when given it is necessary to prevent or detect serious crime and action is proportionate to what it seeks to achieve," said the ACPO statement.
Privacy campaigner Simon Davies, director of Privacy International, called on the Home Office to reform the warrant process so remote searches of computer systems have judicial oversight.
"That level of intrusion is more intrusive than telephone interception," Davies told ZDNet UK. "Frankly, the entire warrant system needs to be overhauled."
Davies said that there was a danger that an EU-wide system of remote searches could open the UK to requests for remote warrantless searches of UK computers by law-enforcement authorities from other member states.
"That would open a whole Pandora's box," said Davies. "Any EU government that wanted to could invade the privacy of the British people."
Related stories
Post your comment
In order to post a comment you need to be registered and logged in
Log in or create your ZDNet UK account below
By signing up for this service, you indicate that you agree to our Terms and Conditions and have read and understood our Privacy Policy. Questions about membership? Find the answers in the Community FAQ
ZDNet UK Live
HR in the UK Bill Kutik on HR Collaboration Options: By Oliver Marks | September 5, 2010, 6:02pm... http://bit.ly/9q2dmG expertlectures.com
59 minutes ago on Twitter by expert_lectures
Jack, I hereby nickname you "Ebenezer." Leorising, I *totally* trust some obscure search engine with no transparent revenue stream to be honest and...
3 hours ago by SoFrank on Google’s Buckyballs doodle costs people money, drives users away
New iPlayer to launch, with social features... Social TV will be interesting! http://bit.ly/diCEYW
4 hours ago on Twitter by mapyourbrand
Google’s Buckyballs doodle costs people money, drives users away http://t.co/K7VmmHu <- HA! That didn't affect OPERA for me at all! Irony!
4 hours ago on Twitter by mikecane
Google Doodles are terrific examples of creativity for creativity's sake... except when they overheat your machine: http://bit.ly/aC1rqL
6 hours ago on Twitter by jtroll Switch to Startpage: http://www.startpage.com/eng/download-startpage-plugin.html You can add them to your pulldown search list in firefox, dunno...
7 hours ago by leorising on Google’s Buckyballs doodle costs people money, drives users away The Nano is a real backwards step, too small and fiddly if you're over 40 and with reduced functionality. I'm going to put a 32GB SDHC card in my...
7 hours ago by BrianExCIS on New iPods, revamped Apple TV arrive "I'd rather have the time back that I spent reading this article." Second to that. What computer you are using there? Very interesting, my three...
7 hours ago by Stjepan on Google’s Buckyballs doodle costs people money, drives users away "I'd rather have the time back that I spent reading this article." Second to that. What computer you are using there? Very interesting, my three...
7 hours ago by Stjepan
String theory gets entangled in quantum computing http://bit.ly/cFWmmv
7 hours ago on Twitter by chokha
String theory gets entangled in quantum computing: ... Imperial College London think they have found a way to test... http://bit.ly/cIEKw7
7 hours ago on Twitter by rpreibold
#RT #SM #SocialMedia BBC iPlayer: social media and the public interest: Ah, yes, but social media so... http://bit.ly/aZEYQN #social #media
8 hours ago on Twitter by Socmediadigest
.@jackschofield on the surprising (to me) cost of Google’s Buckyballs doodle: http://bit.ly/dvpIDq On ZD Net
8 hours ago on Twitter by adam_ps
John Ross on retail market behavior...and social media http://bit.ly/95qJAd
8 hours ago on Twitter by macmanblack
New iPods, revamped Apple TV arrive: ZDNet UKBy Staff, CNET News, 3 September, 2010 17:58 On Wednesday in Sa... http://tinyurl.com/236h64g
8 hours ago on Twitter by Ezbizs
Interesting: BBC iPlayer: social media and the public interest http://bit.ly/cv6amU
9 hours ago on Twitter by DarrenZahradnik
RT @DarrenZahradnik: Interesting: BBC iPlayer: social media and the public interest http://bit.ly/cv6amU http://bit.ly/9gHQfH
9 hours ago on Twitter by SocialMediaXprt
BBC iPlayer: social media and the public interest: By Rupert Goodwins, 5 September, 2010 17:42 The BBC is preparin... http://bit.ly/aISQLf
9 hours ago on Twitter by GloriaEdwards12Latest in Security Threats
Featured white papers
HP Managed Print Services deal yields 40 percentcost saving at Merck Sharp & Dohme Italia SpA
Merck Sharp & Dohme Italia SpA wanted to consolidate its ageing, unmanaged print, copy and fax fleet and introduce a Managed Print Service (MPS) solution to drive down costs.
Real-Time Protection for Hyper-V
Server virtualization is a hot topic in the IT world because of the potential for providing serious cost savings for customers.
Talkback
Forgive me and my American sentiment - Warrantless searches are among the reasons why the colonies broke away from Great Britain.
Are you folks asleep?
Can you not read George Orwell's text of 1984 buried in the EU proposals?
Every single legal Government oppression has begun with the police for some safety reason and ended with regular troops enforcing tyrranies.
Good Luck.
It would be interesting to see if its legal to keep them from hacking into your system. Or would having a highly secure home computer system hooked to your cable or DSL line become prima-facie evidence that YOU are a criminal? (Obviously he's got something to hide. Let's go hack into that guy's system to find those naughty pictures so we can put him in jail before he does something EVEN WORSE!)
Assuming that if the police seem to think a suspect is "potentially going to commit a crime" the question becomes what did this potential terrorist or criminal or angry jobless IT nerd do to make the police think that he was "potentially" going to commit a crime?
How much pre-arrest surveillance do the police have to do to figure out that this potential terrorist was going to, at some time in the future, commit such a dastardly act as to merit such warrant-less lack of restraint by the police?
Please notice that you can't use the word "alleged" yet because he/she hasn't DONE ANYTHING ILLEGAL YET!
They made a really bad movie about this sort of thing called "Minority Report" starring the scientifically-challenged Tomas Cruising. I didn't realize that it was a reality-TV script for something that WAS GOING TO HAPPEN IN THE FUTURE!
And I thought the US Patriot Act was bad.
What about when the Police hacked into someones PC.
They then managed to find Child Porn on it.
Coincidence or what?
KJR
As we've been getting massive doses of lately, public officials aren't above turning corrupt especially when it lines their pockets. Planting evidence can justify a considerable amount of increased funding for the cops and loss of personal freedoms for the public.
Assuming you can hack your way into the system, you can mess with the clock and plant evidence indicating the owner is a criminal of just about any type of your choosing. Most judges are like the rest of the general population and untrained enough to be able to tell if an "IT forensic expert" or a "police security expert" is telling the truth or not.
If you want to scare the people into submitting to even more surveillance, just find some stooges to plant some terrorist manifestos on their laptops or desktops. Go hack back into their computers, find the planted evidence and then go publicize it and taint the entire jury pool. Throw him in jail and when he gets out, Mr Public Official is out of office and retired somewhere overseas.
I can't help thinking that an experienced lawyer would make an effective case for having such material dismissed as potentially tainted evidence.
If they had to modify your computer remotely to obtain access, then there absolutely no way anyone could subsequently tell the source of any material then found on the machine.
Hmmm. Expect an upturn in the sales of W.O.R.M. drives.
We do need to improve our IT security from cybercrime, but shouldn't we be looking at other ways.
Either way, hacking is not legal for any of us - if I hacked into them they wouldn't like it. I'd be banged up..
The police is an invented organisation, they should NOT have the power to just delve in remotely onto our computers. They are OUR machines and we should be permitted to do what we like.
However where I do think we need changes is the Internet. We do need to improve fraud issues, viruses, terrorists.. but there's other ways than hacking our computers. I dont have a problem with ISPs keeping my traffic for a couple of years. I don't trust the government with that data and I think ISPs should say:
We've had a complaint about some traffic on ---- date, and we need to comply with the authorities.
This data will be disclosed to you in writing and passed to the government.
Then we should be able to see what was sent and then if we feel it's wrong we can justify it and complain. However, if this amount of expense and trouble is going to be required the average cop can't bugger about. Just an idea. But I wont tollerate hacking.. that's just wrong.