Tag Archive for: data

Police misleading the public to pass the Investigatory Powers Bill?

07 Dec
December 7, 2015

I was browsing twitter this evening when I came across the following tweet, published by an agency that I have a lot of respect for, the National Crime Agency. They’ve been doing some work with Channel 4 and are publicising an upcoming documentary. Part of that campaign seems to have led to this tweet:

The link in their email points to an infographic:
Misleading NCA infographic about the use of comms data in a missing person case

I had to read this infographic more than once – it’s so misleading that I had to check how many different problems there were with it. Although I replied to the NCA, 140 characters is a bit limiting for a response, so let me respond, in my professional opinion as a communications industry expert and with over a decade of experience in helping the Police with missing persons cases through Mountain Rescue.

So the infographic starts with a story about Amy, a missing 14 year old girl whose parents are unable to reach her because her phone is switched off. Let’s skip over the fact that this is not a surprising situation for a teenage girl, and suppose that there is something untold in the situation that places Amy in the “high risk” category that requires immediate investigation to prevent her from coming to harm.

At this point, the police request call data records from her mobile phone provider, but “…Amy uses online applications on her smart phone to make calls and send instant messages so no useful data is returned.” I’ll come back to this, but let’s take that at face value for the moment.

The police request that her mobile operator then provides communications data (presumably what the Investigatory Powers Bill is referring to as “Internet Connection Records”), but as they don’t store it, they can’t provide it. The police are stumped and can’t help Amy. Poor Amy.

The infographic then goes on to say how access to those records could help provided “key investigative leads” to trace Amy and reach her before she’s harmed.

Seems reasonable, right? Well, no.

First of all, Mobile Network Operators (MNOs) don’t just store call data records – they store a whole host of useful operational information on your mobile including information about the cell that you are or were connected to. This is useful operational information for the MNO, but is also useful for the security and law enforcement agencies (let’s just call them Law Enforcement Agencies, or LEAs for now). As a result, I wouldn’t be at all surprised if this information was not already the subject of an Order for retention under the current regime on all of the MNOs – however, that information is Classified Information, so we can only make educated guesses. That would give the police a good idea where the phone was (with a resolution of anywhere down to a few hundred metres normally) when it was turned off – in some cases, they could even ask the MNO to “ping” the phone from multiple cells to get a very accurate picture of where the handset is – but let’s assume the battery’s been taken out or the mobile destroyed. What else?

Sticking with communications data for a moment, what could that data have revealed if the MNO had been keeping it? Well, it could have told the police that Amy went to Google. She also used WhatsApp, twitter, Google Hangouts, Facebook, Hotmail and a whole host of other random websites.

That data’s limited to what service she was using and when – so for example, you can’t tell if she looked up the number of a local taxi company or searched for a bus timetable on Google. You can’t tell if she sent a message on WhatsApp, twitter, Hangouts or Facebook – because those apps maintain connections with their services on a semi-permanent basis to receive notifications of new messages. My twitter feed for example gets updated on my phone even when I’m not using it. What could the police do with this data? Well, they could approach a Judge and ask for warrants of intercept for each and every one of those services in case she uses them again – none of those are UK based, so they wouldn’t be subject to this new law. Whether the Judge would want more than just “she used them” to get a warrant is a good question. Or perhaps they could check those services and see if she posted anything publicly. Great, so this data was useful, right?

Well, sort of – asking Amy’s mum whether she used facebook reveals that yes, she’s always on it talking to her BFF, Brenda. A quick chat with Brenda, where the police explain the urgency here, and Brenda tells them all about Amy’s new boyfriend who she met online and was going to meet this morning. Or perhaps Brenda tells them about the album that Amy’s favourite band have just released and that she’s gone to buy it in defiance of her mum’s instructions. Or maybe Brenda doesn’t know anything, but she can at least tell the Police what services she uses to communicate with Amy, because Email is just soooo last year, everyone’s using Facebook Messenger at the moment…

“Human intelligence”, or information gathered directly from people rather than their communications has always been favoured by the LEAs and security services for many reasons – it brings along with it a wealth of useful and sometimes unintentional information. Brenda here was a much better source of information than Amy’s MNO because Brenda can provide context and information that isn’t transmitted by any communications services. Moreover, the MNO has given police a long list of service providers who they need to contact and the majority of those are outside the UK making warrants to get access to that data lengthy, time-consuming affairs.

So far then, the communications data hasn’t been as useful as what is occasionally referred to as “good, old-fashioned policing” – talking to relatives, friends and other people who are connected to this individual.

And this brings me neatly to my last point – that the NCA seems to think that there’s nothing else that the police can do. Now, I’ve been involved in dozens of missing persons (MisPer) investigations for high-risk MisPers and the communications data is a minuscule part of the investigation. CCTV cameras, taxi company bookings, conversations with family, friends, neighbours, bank records, credit card records – all of these can help track our activity. More than that, however they can provide insights into the one thing that the communications data can’t – our reason for doing something and our state of mind. A new boyfriend. An anniversary of the death of a loved one. A pending bankruptcy. An argument with a parent. All of these are hugely important in building up a profile of the missing person and will tell police where they’re likely to be. Unsurprisingly, this is well documented procedure in the Police Search Manual published by the College of Policing and that, together with the data from the Centre for Search Research, such as the UK Missing Persons Behaviour Study can be incredibly accurate and useful in guiding the next steps. To suggest then, that the police are stumped because they can’t get access to the communications data is so misleading as to be almost lying to the public and is doing an enormous disservice to the difficult and complex work that Police Search Advisors undertake as part of a search for a vulnerable missing person.

I’ve been watching the progress of this bill with interest and far better people than I have commented already – but this bit of poorly written and sensationalist misinformation from the National Crime Agency angered me – not only because it’s trying to influence the direction of a political bill through tugging on heartstrings using information that’s just plain wrong, but that it diminishes the skills and efforts of those teams of people whose job it is to find these vulnerable missing persons.

Hopefully, someone from the National Crime Agency will read this and reply as to why they thought this was acceptable, but I’m not holding my breath.

This post has been edited to correct the title of the bill, which I originally referred to as the Communications Data Bill – this was the original Snooper’s Charter in 2012, and not the new Investigatory Powers Bill which is currently being proposed.

Staying connected

22 Oct
October 22, 2012

I’m attending BroadSoft Connections this week – a major conference in the world of VoIP. For those who aren’t familiar with the name BroadSoft is one of the world leading companies in the industry and produce a hosted VoIP telephony platform complete with a range of ancillary services and products to provide service providers with a complete ecosystem.

Just because I’m attending a conference doesn’t mean I’m not working this week – there are a whole bunch of things going on back in the office that I need to keep abreast of, not to mention the fact that we’re planning on moving house soon! It’s been a year since the last Connections conference – how have things changed?

This year I’m travelling with four Internet-enabled devices – two smartphones (one work, one personal), a tablet PC and my laptop and – more than ever before – I’m realising that my life is so integrated with the Internet that when I go somewhere where my usage is curtailed, I really struggle. My ticket was booked online; I had an e-boarding pass. My entry into the US was contingent on completing the electronic travel authorisation (ESTA). The hotel booking was completed online and we registered for the conference online. I didn’t check any maps before I left – why bother when I have Google Maps on my phone (I wanted to make sure I arrived at the right place, so Apple Maps was out). All of this was tracked through Tripit – a great application that I use to organise my travel and help keep me up to date with unscheduled changes.

Those are my needs – what’s the reality? As soon as I arrived, both of my phones alerted me to the fact that data whilst roaming was expensive. I hadn’t made any preparations nor was I going to bother buying a local SIM as I have a range of services on my phones that depend on this mobile number – Vodafone are charging £15 for 5Mb of data as a flat rate. Orange texted me and told me they charged £8 per Mb – woah! But they also offered a package where I can turn on a service that, if I use any data, costs £6 per day for up to 30Mb – then we’re back to £8 per Mb after that. However they also provide an app that helps you track your usage and provide warnings. Once connected, the speeds I’m getting here in Phoenix, AZ are pretty impressive – the networks obviously have plenty of capacity.

Wherever possible, I’m using wifi – it was free in the airport and its also complimentary in our hotel, the Hilton-family Hampton Inn and Suites. Here in the venue hotel, the Westin Kierland, the wifi is free for guests but not for conference attendees, and it struggles with some 1,000 people attending this conference.

Either way, I’m pretty impressed – I’m managing to keep myself connected fairly effectively and managing to keep up to date with what’s going on at home, even if that does mean getting woken up at 4am this morning by an urgent phone call! Last year, I struggled a lot more with finding decent data – the conference venue wifi problems appear to be a common theme however, something that hotels like this really should have a better handle on. Maybe next year I’ll check out local SIMs as an option – or maybe by next year I won’t need to…?