Snooper's Charter and the DWP

Senior Executive Officers in Fraud and Error Services at the DWP will be able to see a list of every website claimants have visited in the past year, although the details will not include the individual pages that claimants have visited on a particular website.

The research was done by Claire Broadley at Who is Hosting This. Over 100 Freedom of Information requests [have] revealed that over 20,000 people have been given the power to snoop on the private communication and browsing data of innocent people.

[in] the list of 20,000+, 59 at the DWP

Caker wrote:Does it mention anything about how an individual will be linked with his internet history? i.e. If s/he has not provided details of whose name the internet service is registered with, for example, a parent or partner pays for the ISP?

This should delight the dim right wing of the 'nothing to hide, nothing to fear' persuasion

Access to traffic data is only available to a limited number of organisations specified in Orders made under RIPA, for example, the emergency services, police, Security Service. Most Government Departments, including DWP, do not have routine access to traffic data.

From reading the legislation and a discussion with an old colleague at a major ISP, it seems like it will be much easier to access than many are expecting.

While each ISP is responsible for storing the data themselves, to make it usable there will be a central application run by the government which can query each database. This means that each agency with access will login to the application and then request the history for a specific identity (name, phone number or address, etc). It sounds likely this will combine mobile data and home internet connections if the application can make a link. The permission required is from a supervisor in each agency, which role that is depends on each agency.

There appear to be no intentions to put any hard controls on access. So staff can simply open the application and browse the data, with or without permission.

Schedule 4 of the bill.

From your examples, these are the authorising parties who can authorise people to see your communications data:

NHS (Department of Health)

   Grade7+ (2nd highest grade of management) Medicines and Healthcare Products Regulatory Agency
   Grade7+ (2nd highest grade of management) Anti Fraud Unit

HMRC

   Senior Officer (high middle management)

DWP

   Senior Executive Officer in Fraud and Error Services
   Senior Executive Officer in the Child Maintenance Group Central Legal Services

Police (in this case, the met)

   Superintendent

In addition, you can see that the bill is being aimed at specific areas (DWP and DoH's authorising parties are quite interesting).

Admin wrote:remember this being posted on um

Investigatory Powers Bill

https://www.publications.parliament.uk/pa/bills/lbill/2016-2017/0066/17066.pdf

I always wondered what it would feel like to be suffocated by the sort of state intrusion that citizens are subjected to in places like China, Russia and Iran. I guess we’re all about to find out.

Caker wrote:So with regard to traffic data

Traffic data is defined as:

   “any data processed for the purpose of the conveyance of a communication on an electronic communications network or for the billing in respect of that communication and includes data relating to the routing, duration or time of a communication”.

This includes information about the routing or timing of any phone call, text or email, whether it relates to an individual or a company.