Download - Role of law enforcement, si as & others
![Page 1: Role of law enforcement, si as & others](https://reader036.vdocuments.site/reader036/viewer/2022082906/58ee21631a28ab49248b45ab/html5/thumbnails/1.jpg)
Role of law enforcement, SIAs & others
And some sumsNew Web Surveillance Powers: ensuring public safety and catching criminals in the digital age
Public Policy ExchangeGrange Wellington Hotel, London
Ray Corrigan, The Open University
12 January 2016
![Page 2: Role of law enforcement, si as & others](https://reader036.vdocuments.site/reader036/viewer/2022082906/58ee21631a28ab49248b45ab/html5/thumbnails/2.jpg)
Obama review groupLiberty and Security in a Changing World: Report and Recommendations of The President’s Review Group on Intelligence and Communications Technologies -Undermining comms infrastructure not function of govtShould, on contrary, be securing itDefence not offence
![Page 3: Role of law enforcement, si as & others](https://reader036.vdocuments.site/reader036/viewer/2022082906/58ee21631a28ab49248b45ab/html5/thumbnails/3.jpg)
SecurityComputersNetworksSmart metersCarsBarbie DollsMedical devicesInternet of thingsSoftware remote updatesEvery inhabited space will have cloud connected video & mics
![Page 4: Role of law enforcement, si as & others](https://reader036.vdocuments.site/reader036/viewer/2022082906/58ee21631a28ab49248b45ab/html5/thumbnails/4.jpg)
IP Bill power to subvertHome Secretary gets power to subvert security of all theseWorld is not “going dark”We’re swamped in electronic noise & Vast new sources for SIAs and LEs
![Page 5: Role of law enforcement, si as & others](https://reader036.vdocuments.site/reader036/viewer/2022082906/58ee21631a28ab49248b45ab/html5/thumbnails/5.jpg)
HackingBut when SIAs & LE hack –• Integrity of digital forensics may be compromised• Unintended consequences e.g. Stuxnet got out into the wild• Compromising digital security products through standards setting• Life or death with medical or transport equipment • Infrastructure at risk eg Russian attacks on Estonia, North Korea Sony
Hack, China v US, GCHQ v Belgacom• Compelling UK industry to act as accomplices undermines trust
![Page 6: Role of law enforcement, si as & others](https://reader036.vdocuments.site/reader036/viewer/2022082906/58ee21631a28ab49248b45ab/html5/thumbnails/6.jpg)
DenmarkAbandoned mass data retention (session logging – source & destination IP address, port nos. & session types TCP/UDP, timestamp retained for every 500th packet) 2012LE could not produce single example of where had been useful in 7 yearsSIAs said of limited use
![Page 7: Role of law enforcement, si as & others](https://reader036.vdocuments.site/reader036/viewer/2022082906/58ee21631a28ab49248b45ab/html5/thumbnails/7.jpg)
CourtsECJECrtHRHigh Courts in Romania (2009), Germany (2010), Bulgaria (2010), the Czech Republic (2011) and Cyprus (2011)
- question legality of bulk data retention
![Page 8: Role of law enforcement, si as & others](https://reader036.vdocuments.site/reader036/viewer/2022082906/58ee21631a28ab49248b45ab/html5/thumbnails/8.jpg)
Get the guilty not the innocent?William Blackstone: the law holds it better that 10 guilty persons escape than that one innocent party sufferBen Franklin: it’s better that 100 guilty should escape than that one innocent should sufferOtto von Bismark, Pol Pot and Dick Cheney took the opposite view: better that innocents suffer than one guilty person escapeIP Bill essentially about creating intimate digital dossiers of every connected UK resident amongst others May be ok or not: Franklin v Cheney?
![Page 9: Role of law enforcement, si as & others](https://reader036.vdocuments.site/reader036/viewer/2022082906/58ee21631a28ab49248b45ab/html5/thumbnails/9.jpg)
The maths – reversal of burden of proof
Assume giant digital terrorist catching machine is:99% effective at pointing out a terrorist if the person it is watching really is a terrorist (1% false negative rate)Unfortunately, your 99% catch-a-terrorist machine has a down side - also shows false positive results, sometimes labelling innocents as terroristsIt better it is at catching real terrorists, the more likely it will also label innocents as suchBut assume the false positive rate is also 1% (99% chance of correctly identifying innocent person)
![Page 10: Role of law enforcement, si as & others](https://reader036.vdocuments.site/reader036/viewer/2022082906/58ee21631a28ab49248b45ab/html5/thumbnails/10.jpg)
The maths continuedYour machine watches 60 million in UKAssume 6000 are terrorists (only 0.1% or 1 in a 1000 but a number used by successive governments)
It will identify 5,994 terrorists (99%)Of the remaining 59,994,000 innocents it will identify 599,940 of these as terroristsA 99% ‘reliable’ terrorist catching machine catches 5,994 terrorists but falsely accuses 599,940 innocentsIt approximately accuses 1000 innocents per terroristYour 99% effective machine is only really 0.1% effectiveAnd six terrorists still escape
![Page 11: Role of law enforcement, si as & others](https://reader036.vdocuments.site/reader036/viewer/2022082906/58ee21631a28ab49248b45ab/html5/thumbnails/11.jpg)
SIA & LE resourcesIf I had £750 million I’d be spending it recruiting and training police and SIA staff rather than a complex, distributed bulk surveillance sigint apparatus
Reversal of presumption of innocence a central, if unspoken and somewhat unnoticed, tenet of the Draft Investigatory Powers Bill
![Page 12: Role of law enforcement, si as & others](https://reader036.vdocuments.site/reader036/viewer/2022082906/58ee21631a28ab49248b45ab/html5/thumbnails/12.jpg)
RecommendationTargeted rather than bulk communications surveillanceMore & digitally trained LE