“Plebgate” report shows why the UK’s data retention laws are such a terrible idea

Remember the U.K.’s fast-tracked Data Retention and Investigatory Powers (DRIP) Act, which I and others were recently railing against? Well, here’s a good example of why it’s such a dangerous thing.

DRIP, as you may recall, expands the kind of communications information that the police can requisition without a warrant, through an earlier piece of legislation known as the Regulation of Investigatory Powers Act, or RIPA.

Whereas RIPA originally just allowed the cops to access call, SMS and ISP email records, it now means they can access metadata around webmail, chat rooms and anything that “consists in or includes facilitating the creation, management or storage of communications” – as I have noted, everything is communications these days just by virtue of being online, so the potential scope granted to the authorities by DRIP is vast.

So what shall we learn from a Monday report by London’s Metropolitan Police into “Operation Alice,” its investigation of the so-called Plebgate affair? Without going into too much detail here, Plebgate refers to an incident in which a Conservative politician named Andrew Mitchell tried to exit the main gate at Downing Street with his bicycle. When the police wouldn’t open the gate for him, he swore at them. News reports at the time suggested he had called one officer a “pleb,” a pejorative term for someone from the lower classes, though this was subsequently shown to be false.

The idea that Mitchell had used this word first arose in an article in the Sun, the Murdoch-owned tabloid. According to the Operation Alice report, the Met accessed the phone records of Sun political editor Tom Newton Dunn in order to establish that he had been tipped off by a police officer. (He was in fact fed a lie by officers hoping to discredit the government, and three officers were subsequently sacked.)

The operation also took in several other pieces of communications evidence from various players – emails, text messages and so on – but Newton Dunn is a journalist, and European law is supposed to protect journalistic sources. Indeed, the political editor refused to give up his sources when interviewed by the police.

Not that that mattered. The Met confirmed to the Guardian on Tuesday that it had obtained Newton Dunn’s records using RIPA, meaning it didn’t need to get a judge’s permission, only a green light from a senior officer within the force.

Phone records today; webmail, Dropbox and WhatsApp records tomorrow? That’s certainly the view of legal commentator David Allen Green, who wrote in the Financial Times (registration required) on Wednesday that British public authorities make around 10,000 RIPA requests each week. Allen Green wrote:

There is no inherent reason why this police power cannot be regularly misused: there is no independent approval for each request and no real way of finding out when one has been made and challenging it…

This casual abuse of police power is revealing and disturbing; and it means no political or crime journalist in the UK should use their mobiles or many internet-based apps for contacts with their sources.

Remember, all this was allowed by a bad law that just got radically expanded (though the government and the opposition assured the public at the time that DRIP involved no such expansion at all). The United Nations’ human rights chief herself thinks data retention laws amount to disproportionate surveillance, the E.U. doesn’t like it either, and the U.K. now has the mother of all data retention laws, with few meaningful checks on its abuse.

And that’s why journalists there, who are talking to sources about stories that might bother the authorities, are well advised to stick to carrier pigeon in future.