Throwing the book at Amazon

UK lobbyists Privacy International and US groups EPIC and Junkbusters reckon that the biggest brand in cyberspace is flouting UK data protection laws, and are consequently considering legal action against Amazon. The company could even be forced to cease trading at the busiest time of the year. (It's unlikely to reach this stage, but stranger things have happened.)

According to the three privacy musketeers, Amazon is unable to remove personal information from its database. Simon Davies, the director of Privacy International, asked the company to wipe his own data from its records because he objected to its policy of transferring data to the US (see our story from September, 'Amazon accused of violating data protection laws', http://www.silicon.com/a39757 ).

But Amazon wouldn't (or couldn't) oblige.

Davies told us: "We got a response, 'I'm sorry we can't separate your data from our processing operations'. That immediately means amazon.co.uk is operating illegally in Britain."

Amazon says it's done nothing wrong and does take care to comply with the Data Protection Act - although a spokeswoman did confirm the company doesn't remove data completely on request. "We will delete data from our active customer database. We do retain a copy to meet taxation and fraud protection requirements."

The case has been referred to the Data Protection Commissioner, and if that fails to produce results Privacy International has vowed to go to court.

This week has in fact been dominated by privacy issues, thanks in part to the Observer's astonishing revelation last Sunday of a plan which, if accepted by the government, would force all communication companies to retain data about every phone call you make, every email you send and every website you visit for a period of seven years. A huge data warehouse would then be created (apparently for a mere £3m... someone's maths needs a brush-up) to give security forces access to this information. (see 'The spirit of Big Brother past' http://www.silicon.com/a41318 )

The plan was drawn up by the National Criminal Intelligence Service (NCIS) and is being considered by the Home Office. MI5 and MI6 are quite keen on the idea, surprisingly enough.

Civil liberties campaigners aren't quite so enthusiastic. The aforementioned Mr Davies said: "The NCIS proposal must be the most extraordinarily stupid idea that has come out of a law enforcement agency for many years."

ISPs and technical experts have focused on the practical issues. Shaun Fensom, CEO of Poptel, said: "This is yet another burden on ISPs, quite apart from the civil liberties issues. This would require a great deal of effort at a very high cost... it does seem absurd."

Dick Emery, group ecommerce manager at ICL, said: "There can't be a central database, because that means that for every email sent or phone call made there would have to be another communication to send that information to the database. Traffic would double overnight. So you need a distributed database. Then you have the problem of who is authorised to access it and then you have security problems."

Hopefully, this particular idea will be shot down in flames. Because it's daft. And also because it smacks of Big Brother. Speaking of which...

The Big Brother Awards took place on Monday night, an annual event organised by Privacy International (yep, them again) to lambast those who have done most to infringe civil liberties, and to praise the people who have done most to protect them (see http://www.privacyinternational.org/bigbrother for the full details).

The villains of the night included the national DNA database, and (not for the first time) Home Secretary Jack Straw, who this year picked up the evening's top gong, the Lifetime Menace Award. Oddly, he wasn't there to collect it.

A Tory peer (who was on hand to take his bow) won the plaudits of the judges for his work in amending the truly nasty bits of the RIP Bill. Lord Cope - a self-confessed Thatcherite - campaigned tirelessly for the legislation to be redrafted (especially the burden of proof stuff), but was humble enough to say he was "astonished to be receiving an award".

'MI5 whistle blower' David Shayler hosted the ceremony, along with Simon Davies (yep, him again). Shayler - a former MI5 agent - knows a thing or two about privacy. He wrote a few articles about MI5's activities, and was consequently accused of breaking the Official Secrets Act. He ran away to France to avoid arrest, but came back to the UK earlier this year. He was, of course, nicked by the long arm of the law as soon as he set foot on home soil. His DNA now graces the aforementioned national DNA database.

It is slightly odd that hardly anyone knows precisely what he did reveal about MI5. This either proves that this government is utterly paranoid about any unsanctioned information, however trivial, gaining a public airing, or (heaven forbid) that Mr Shayler isn't quite as dangerous a mole as he has been made out to be.

(I've always thought that 'mole' is a strange metaphor for this sort of cloak and dagger stuff. After all, they're kind of cute and fluffy. Even if you combined metaphors and dressed a mole up in a cloak and gave it a dagger, our national security would be pretty secure. Because moles are blind.)

But I digress. There is a point to all this: technology is certainly allowing new types of crime and facilitating old ones. As such, the security forces do need new powers to fight back. We need to be able to trust them not to abuse any powers they're given.

Technology is enabling new types of consumer behaviour and new types of company to exist. Online shopping, for example, is a great advance, even if we do have to give corporate entities a lot of personal data about ourselves. We have to be able to trust them not to abuse that data.

And there's the rub: trust. Trust isn't enough. Governments and companies ultimately act in their own interest. There have to be checks and balances built in, and that's where people like Lord Cope and Privacy International come in.

All power to their elbows.

Next week's Round-Up will be a bit special (well, different...) because it'll be the last one of the year. As such it will make some attempt to sum up the year's major events. Blimey...