UK Intelligence Agencies Aim To Undermine Privacy Protections -

Post Views: 191

Intelligence agencies are urging the government to establish a fresh kind of data set that would be immune from the present degree of court supervision in light of the most recent update of the Investigatory Powers Act.

UK intelligence services are lobbying for the government to relax surveillance regulations, claiming that the high volume of personal data needed to comply with current safety measures prevents them from building AI models.

In order to evaluate data sets, notably Bulk Personal Data sets (BPDs), which frequently contain private data about persons who are not of interest to the security services, GCHQ, MI5, and MI6 have been adopting AI technology more and more.

Currently, a judge must give his or her approval before a BPD can be examined or retained, a procedure that intelligence agencies have dubbed “disproportionately burdensome” when it comes to “publicly available datasets, especially those that included information in reverence of which the individual in question has little or no adequate expectation of privacy.”

The UK Intelligence Community (UKIC) maintains six kinds of BPDs that are obtained via both overt and covert means. These categories are law enforcement or intelligence, travel, communications, financial, population, and commercial.

The House of Lords member and senior attorney David Anderson reviewed the Investigatory Powers Act last year, and as a result, intelligence services are now urging government officials to swap out these protections with a self-authorization procedure.

The UKIC was having trouble keeping data scientists on staff because they were becoming “baffled and irritated by what could appear to them as meaningless impediments… particularly the requirement to devote months acquiring warranty for typical open-source training data,” Anderson wrote in his findings. He added that his team had been informed that the bureaucratic processes surrounding the use of BPDs had an impact on both the recruitment and retention of talent.

To address this problem, Anderson suggested creating a new BPD category for materials like news articles, academic papers, public records, audiobooks, podcasts, and other material obtained from online video-sharing platforms that are considered to have little to no expectation of privacy.

The amount of time required to approve the utilization of such a BPD would be greatly decreased by eliminating the requirement for a warrant to examine what Anderson referred to as “low/no datasets.”

However, he suggested that ministers and judges should be mandated to authorize and accept the placement of a dataset into this freshly recommended class rather than leaving it up to the UKIC to decide which BPDs would come under this new category.

Furthermore, Anderson stated that “low/no datasets” that UKIC wished to keep and study would continue to be liable to the Data Protection Act’s data protection standards as well as an additional authorization need and accompanying precautions. The other consumers of such databases would not be subject to this, which would be specific to UKIC.

When using AI algorithms as part of their use of investigative powers, “it is vital that they conform to robust ethical and supervision frameworks,” he wrote, adding that the ethics of AI is one of the most pressing modern problems, extending far beyond the world of intelligence and policing.

Two of the biggest civil rights groups in the UK, Liberty and Privacy International, issued statements opposing any plan that would diminish the current protections for BPDs when the Home Secretary first revealed the study in March 2023.

The statement from Liberty stated that weakening protections “would be an unjustified attack on previously diminished rights, and the Home Secretary’s proposals would give the State greater authority to obtain highly sensitive information such as a person’s health records or confidential legal communications.” We already know that the current “safeguards” do little to uphold our rights or keep those in positions of authority accountable.

About The Author:

Yogesh Naager is a content marketer that specializes in the cybersecurity and B2B space. Besides writing for the News4Hackers blog, he’s also written for brands including CollegeDunia, Utsav Fashion, and NASSCOM. Naager entered the field of content in an unusual way. He began his career as an insurance sales executive, where he developed an interest in simplifying difficult concepts. He also combines this interest with a love of narrative, which makes him a good writer in the cybersecurity field. In the bottom line, he frequently writes for Craw Security.