Rifkind of the ISC…

Sir Malcolm Leslie Rifkind, KCMG, QC, MP, former Defence Secretary, former Foreign Secretary, distinguished member of Margaret Thatcher’s cabinet, long standing member of parliament, has become ensnared in a ‘cash for access’ scandal. This has many implications – and many different angles to examine, from his claim that it would be ‘unrealistic’ to expect an MP to live on £67k per annum onward – but the one that may be the most important is his role as Chair of the Intelligence and Security Committee, the ISC. The ISC is the only parliamentary body that oversees the activities of the intelligence services – MI5, MI6 and GCHQ. It is a body that is made up only of people personally nominated by the Prime Minister, and given the nod by the leader of the opposition – and until last year, it operated effectively in private. It has had one public session (about which I have written before) in November last year, and it wasn’t exactly impressive – it felt rehearsed, and scripted, the heads of MI5, MI6 and GCHQ having been given details of the questions beforehand.

In practice, therefore, there is an enormous amount of responsibility on the ISC, and on its chair in particular. What they do is largely behind closed doors – so we have to trust that they do a good job. The latest events for Sir Malcolm Rifkind make that seem very doubtful. I have met Rifkind – I sat next to him at the ‘Round Table’ events as part of the ISC’s inquiry into surveillance – and I have to admit I liked him. He was charming, affable, a good listener, clearly intelligent, and in some ways what appears to be a consummate politician. His experience is enormous, his ability to ‘manage’ meetings very impressive – but does that make him suitable for the key role overseeing the UK’s intelligence services?

He does not have the technical knowledge or understanding of the technology – he made that entirely clear from the start of the Round Table discussion, asking for the most basic information and demonstrating some critical levels of technical ignorance. He does not have the legal understanding either – he admitted to me directly that he didn’t understand RIPA – the Regulation of Investigatory Powers Act that is central to the governance of surveillance in the UK. So what is left? His ‘gravitas’, his position as a ‘safe pair of hands’. And that, importantly, is what is now compromised. He is supposed to represent us – and from what we have seen about his ‘cash for access’ scandal, it seems pretty clear that his main representation is of himself. He was duped by a fake Chinese company, set up by journalists, for the chance of making money. What he said may (it has yet to be confirmed) be within the parliamentary guidelines, but in this context that cannot be nearly enough. Being Chair of the ISC is a huge responsibility – and it has huge sensitivity.

It isn’t just personal issues that are at stake, but national security to: just imagine the possibilities if the fake Chinese company had been a cover for Chinese Intelligence rather than journalists from Channel 4 and the Telegraph. It is almost a classic trap – the sort of thing that has been played out in many thrillers. Some thrillers, these days, would have had Rifkind compromised by people within the intelligence services, so that they can bend him to their will – but I don’t believe that is the real risk here. Rather, it shows inappropriate priorities – when priorities are particularly critical.

There is another side to this that should be deeply concerning. This kind of thing matters because companies – specifically companies involved in the development and supply of surveillance technology – are part of the problem with surveillance. They want to promote surveillance so they can be paid to develop and implement technology here that can then be exported elsewhere – there is a ready market for surveillance systems all over the world, particularly to the more oppressive and autocratic of governments. These companies can lobby, can manipulate, can bamboozle people without the technological knowledge or understanding to appreciate the risks. And Rifkind fits the bill.

I don’t believe it is just Rifkind that is the issue here – though the idea that he could remain as Chair of the ISC after this is frankly deeply disturbing – but our whole system of oversight of intelligence. Depending on individuals, particularly individuals appointed through a system which is rife with patronage and inside connections, just doesn’t work. It creates vulnerability – and destroys the possibility of accountability. It needs root and branch reform – the involvement of technical experts, civil society and the judiciary, not just politicians and civil servants. Will it happen? It seems unlikely. Eventually Rifkind will probably fall on his sword, but nothing more will change. If only it would.

UPDATE: 10:15 February 24th: Rifkind has stepped down as Chair of the ISC, though he remains a member of the committee.

10:30 February 24th: Rifkind will also be stepping down as an MP in May

The Snoopers’ Charter: Shameful Opportunism

The news that four peers are trying to bring back the Snoopers’ Charter – in its last incarnation the Communications Data Bill – is depressingly predictable, but perhaps even more shameful than other attempts at legitimising mass data gathering and surveillance. It displays shameful opportunism that seems to plumb new depths – and in a number of different way

1     Bringing it in based on an event

It is a bit of an axiom that reactive law – knee-jerk law – is a bad idea. Law by its nature needs to be considered carefully, not passed in the heat of a moment. The more oppressive and ill-considered of ‘counter-terror’ legislation, however, seems to tend to be done this way all too often. The USA-PATRIOT Act (whose long name, the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act is worth a read in itself) is perhaps the best known example, but the Data Retention Directive worked just the same way, passed in the wake of the 7/7 bombings in London, and even making reference to those bombings in its preamble. That this directive was declared invalid by the Court of Justice of the European Union last year should give pause for thought. The CJEU said that the directive “entails a wide-ranging and particularly serious interference with the fundamental rights to respect for private life and to the protection of personal data, without that interference being limited to what is strictly necessary.” Authoritarian legislation, passed in haste, takes a long time to overturn. Even now, the repercussions are still being felt

2     Bringing it in based on this particular event

Hanging legislation on a hideous event is one thing – bringing it in based on this particular event, the Charlie Hebdo shootings, is even worse, as a careful examination of this event should have revealed not that more mass data gathering and surveillance is necessary, but rather the opposite. As I have written before, the shootings in Paris damage rather than enhance the case for mass data gathering and surveillance. The perpetrators were known to the authorities – they didn’t need to be rooted out by mass surveillance. The authorities had stopped watching them six months before, because, it seems, of lack of resources, resources that might have been available if a targeted rather than mass surveillance approach had been taken. This is part of an almost overwhelming trend – the killers of Lee Rigby and the suspects in the Boston bombings were also known to the authorities. There was no need for mass data gathering and surveillance to stop them – so to use this particular event as an excuse for bringing back the Snoopers’ Charter is particularly shameful.

3     Trying to rush the legislation through

It is almost never appropriate to rush legislation through – but sadly this is also all too familiar. Last summer, Parliament brought itself into significant disrepute by rushing through the Data Retention and Investigatory Powers Act (DRIP) in a matter of mere days, with no real time for scrutiny, no opportunity for independent expert analysis, and no real opposition from any of the main parties. This is not the way to legislate – it wasn’t right then, and it wouldn’t be right now.

4     Doing this in the midst of investigations and legal challenges

The one saving grace in DRIP was that it was intended to give breathing space, to allow proper, detailed and careful consideration to the many issues involved in surveillance. At the same time, there are a series of reviews over surveillance legislation in process – from the Intelligence and Security Committee and by the Independent Reviewer of Terrorism Legislation to start with. Moreover, DRIP itself is subject to legal challenge. To try to pass much more comprehensive and far-reaching legislation even before these reviews have been completed and their reports scrutinised, and before the legal challenges even make their way into the court room, is also deeply shameful – prejudging the results of those reports, and, in effect, disrespecting all those involved.

5     Doing this in the face of a clear CJEU ruling

What is perhaps even worse, is that on the face of it the planned legislation flies directly in the face of the CJEU ruling on data retention. The ruling was strong, clear and direct – but does not seem, on immediate reading of the legislation, to have been taken into account at all. Of course this may be wrong – but as the new legislation only appeared yesterday, and is planned to go before the Lords on Monday, there has not been time for proper, detailed analysis – and nor has there been any kind of explanation or reconciliation presented. This again highlights the point of taking time over legislation – and going through proper, detailed procedures.

6     Using a highly dodgy political method

The method which has been chosen to try to introduce this law is, to put it mildly, somewhat doubtful. Rather than a full Bill, the four peers have tabled an amendment – 18 pages of additional clauses – to an existing bill, the Counter Terrorism and Security, which has already gone through most of the processes necessary before becoming law. It’s like slipping in an entirely new law just before the first law is passed – it makes a mockery of parliamentary process, and in effect disrespects the whole of parliament.  Describing it as trying to sneak in the Snoopers’ Charter by the back door may even be too kind.

7     Ignoring the committee

The original Communications Data Bill was subject to analysis by a full parliamentary committee – and that parliamentary committee came out with a highly critical report, a report which ultimately led to the abandonment of the Bill.  By trying to bring it back now, seemingly virtually unchanged, the peers proposing the amendment are ignoring the committee and its findings – and as a consequence ignoring the whole process of parliamentary scrutiny.

8     Doing it at this time, in the run up to the election

To try to push through legislation like this in the run up to the election is in itself highly dubious tactics. Politicians have their minds on other things – and many of them may care much more about being re-elected than about whether the details of legislation to be passed are a good idea or not. Whether they ‘look’ good is what matters, and whether that makes them more electable. Right now, in the light of the anger and fear resulting from the Charlie Hebdo shootings, to oppose something that might make people safer, will be difficult – and may hinder the electoral prospects of MPs. This kind of thing has happened before – the way that the Digital Economy Act was passed in 2010 springs to mind – and again makes the timing of the bringing forward of the amendment feel very wrong

Why are they doing it this way?

The whole process – all these layers of opportunism – should make the alarm bells ring. This is a hugely significant piece of law – not just in terms of what it does but in terms of what it signifies, in terms of what kind of society we want to be living in, what kind of an internet we want to have. If we are going to make decisions like this, we should make them in careful, considered ways, weighing the evidence and seeking expert opinion. That’s the idea behind the parliamentary committee system, and the time it takes to bring laws in through normal procedures.

Why, then, are these procedures being avoided, and why are these underhand methods being used? It is hard to escape the conclusion that it is because those pushing it are afraid that if it is given the appropriate amount of time, of attention, and of scrutiny, then it will once again be defeated, as it was the last time around. In the cold light of day, do we want to live in such a surveillance society? I’m not sure – but I do think that trying to make those decisions in this way, in the heat of the moment and without the opportunity to give proper thought and proper scrutiny, is a disastrous way to proceed. Those behind it should be ashamed.

Non, David, vous n’êtes pas Charlie!

Along with so many other world leaders, David Cameron has made a big point of showing solidarity with the French in the face of the Charlie Hebdo atrocities, claiming to stand for freedom of expression – but anyone who has been following or studying the way his government deals with the press and indeed with freedom of expression generally knows that he’s far from a champion of freedom of expression.

Indeed, rather than championing freedom of expression, Cameron’s government has been actively hostile to it. His is a government that sent agents to a national newspaper’s office to force them to smash computers – an act that could hardly be interpreted as anything but brutal intimidation. This is a government under whose auspices the police have secretly monitored the communications between journalists and their sources.

This is a government that has forced through a law to prevent charities from campaigning on the very subjects for which they were founded, if that campaigning would amount to criticism of government policy. Under that very same law, letters were sent to political bloggers that could also be seen as little more than intimidation.

This is a government that monitors social media traffic to try to stop people protesting about badger culls. This is a government that bans protesting in Parliament Square.

This is a government that has championed – and seems likely to extend support for – a form of internet filtering that not only prevents access to lawful material but not just theoretically but practically has extensively overblocked, preventing access to sites on subjects like sex education. Indeed, even the discussion of subjects like the blocking and censorship of the internet – and circumvention of of this kind of blocking, in some ways the essence of freedom of expression – can and does get blocked by this kind of filtering. One of my own blog posts on the subject was blocked  by just such a system.

This is a government that supports exactly the kind of mass surveillance that studies show chill freedom of speech around the globe – indeed, an extensive report from American PEN demonstrated this just days before the Charlie Hebdo shootings. And what is David Cameron’s immediate reaction to the tragedy in Paris? To support even more of this surveillance.

So no, David, vous n’êtes pas Charlie. You’re very much the opposite. You’re not a champion of freedom of speech. You’re one of its enemies.

The Resurrection of Privacy?

The video below is the slideshow of my presentation this morning at the Society of Legal Scholars conference in Nottingham – and what follows it are some brief notes to support it. Some of this is speculative and some of it is contentious – particularly in relation to the relative importance of corporate and governmental surveillance – and this is an early stage of this research, though it builds on the work in my book, Internet Privacy Rights. I should also note that this is a development of the paper I gave at BILETA earlier this year: ‘who killed privacy?’

 

The Resurrection of Privacy?

In 1999, Scott McNealy, then CEO of Sun Microsystems, famously said:

“You have zero privacy anyway. Get over it.”

Events and developments since 1999 have hardly improved the prospects for privacy: the growth of social networking, technological developments like smartphones, geo-location, business ideas such as behavioural tracking and, most recently, the revelations from Edward Snowden about the near universal surveillance systems of the NSA, GCHQ and others. If privacy was in trouble in 1999, the argument that it is at least close to death in 2014 is much stronger.

That brings two questions:

  • If privacy is dead, who killed it? Did we kill it ourselves? Is it the activities of government agencies like the NSA and GCHQ, or of businesses like Google and Facebook?
  • If if privacy is in fact dead, is there a possible route towards its resurrection?

Suspect 1: us!

On the face of it, it might appear as though we ourselves have simply given up on privacy. We’ve killed it ourselves by embracing all the privacy-invasive technology that’s offered to us, by failing even to read privacy policies, by allowing the intelligence services to do whatever they want, with barely a murmur of protest. More than a billion of us have joined Facebook, for example, a service based at least in some ways on giving up on privacy, sharing our most intimate information.

That, however, is not the whole story. In many ways it appears that what we have done has been through a lack of awareness rather than by deliberate decisions. The extent to which people understand how systems like Facebook work is hard to gauge – but the surprise that people show when bad things happen suggests that there isn’t a great deal of awareness. It also appears that people are becoming more aware – and as they become more aware, they’re making more privacy-based decisions, taking control of their privacy settings and so forth.

Further, when we’re given the chance to see how intelligence agencies work, we don’t seem to be happy about it – though less, it has to be acknowledged, in the UK than in many other countries. Even so, when the Communications Data Bill was put under full scrutiny, it was rejected – in part because of the public reaction. Further, studies show that people don’t like behavioural advertising – and dislike it more when they learn more about how it works.

All this suggests that we aren’t really the key to the death of privacy: we’re more like unwitting accomplices.

Suspect 2: the NSA and GCHQ

The revelations of Edward Snowden about the surveillance activities sent shockwaves through the internet. Many people had already believed that the NSA, GCHQ and other agencies performed surveillance on the internet – Snowden’s revelations seemed to prove it, and to suggest that the level of surveillance was greater even than that feared by the more extreme of conspiracy theorists. Not just had they been gathering telephony and internet data and building (in the US) massive data centres, but they’d been accessing the servers of the big commercial internet providers, tapping into undersea cables, intercepting traffic between server sites and undermining encryption systems – and much more. The level of privacy invasion is extreme.

However, until Edward Snowden revealed all of this, the agencies were working largely in secret – and while this still constitutes a major invasion of privacy, the impact on people’s behaviour is much smaller. If we don’t know we’re being watched, our actions aren’t chilled – and our beliefs about privacy are not changed. Moreover, the kind of harms done to people by surveillance by the NSA and GCHQ are indirect, at least for most people. Finally, and most importantly, if it were not for the commercial operators’ surveillance, the NSA and GCHQ would have far less to ‘feed’ on.

All this is not to dismiss the role of the intelligence services or indeed the impact of their surveillance activities – they should be resisted with the utmost vigour – but in terms of the death of privacy, they can be seen more as opportunist accomplices, rather than instigators.

Suspect 3: businesses like Facebook and Google

The role of the commercial operators on the internet, on the other hand, is both deeper and more significant either than is often believed or than the role of governments and government agencies on their own. The commercial entities have contributed to the decline of privacy in three kinds of ways:

  • Systematic – commercial entities have undermined privacy both in technological and business model senses, developing technologies to invade privacy and business models that depend on systematic and essentially covert gathering of personal data. Businesses have also lobbied strongly to reduce the effectiveness of legal privacy protection. In Europe they have done their best to undermine and weaken data protection – including the on-going reform process. They continue to do so, for example in relation to the right to be forgotten. In the US, they have contributed to the effective scuppering of the Do Not Track initiative.
  • Cooperative – businesses have been working with governments, sometimes willingly, sometimes unwillingly, sometimes knowingly and sometimes unknowingly. The extent of this cooperation and the extent to which is has been willing is unclear – though recent statements from the NSA have suggested that they did know about it and did cooperate willingly. Further, they kept this cooperation secret – until it was revealed by the Snowden leaks.
  • Normative – businesses have been attempting to undermine the idea that privacy is something to value and something of importance. Mark Zuckerberg’s suggestion that ‘privacy is no longer a social norm’ is reflected not just words but actions, encouraging people to ‘share’ information of all kinds rather than consider the privacy impact. Further, they continue to develop technologies that invade privacy inherently – from geo-technology to wearable health monitoring and things like Google Glass.

All this combines to make the role of the businesses look most significant – if anyone is guilty of killing privacy, it is Facebook and Google rather than the NSA and GCHQ. Moreover, the harms to most people possible from corporate surveillance are both tangible and more likely than harms from the NSA and GCHQ: impact on things like insurance, credit ratings, employability, relationships and so forth are not just theoretical.

As Bruce Schneier put it:

“The NSA didn’t wake up and say, ‘Let’s just spy on everybody.’ They looked up and said, ‘Wow, corporations are spying on everybody. Let’s get ourselves a copy.’”

And as Timothy Garton Ash said when considering the Stasi:

“…the Minister for State Security observed that the results achieved by his ministry ‘would be unthinkable without the energetic help and support of the citizens of our country’. ‘For once,’ I comment, ‘what the Minister says is true.’”

Where the Stasi needs the citizen informers, the new surveillance programmes need the ISPs and the internet giants – the Googles, Facebooks, Microsofts, Yahoo!s, Apples and so forth. That is what makes their role in the reverse so important.

The resurrection of privacy

In the post-Snowden environment, at least on the surface, businesses have started to take a more ‘pro-privacy’ stance. Whether that meaningful, or they are just paying lip service to it, has yet to be seen. Their role, however, is crucial.

Reversing the three roles noted above – systematic, cooperative and normative – could produce a positive impact for privacy, effectively being a part of the ‘resurrection’ of privacy:

  • Systematic – businesses could play a part by building more robust technology and developing more privacy-friendly business models
  • Cooperative – and Resistant. Businesses could cooperate more with civil society and academia in working towards privacy – and could do more to resist being co-opted by governments, not just being more transparent in their dealings with governments but acting as a barrier and protection for their users in their dealings with governments.
  • Normative – businesses could play a part in changing the message so that it becomes clearer that privacy is a social norm.

At the moment it seems unlikely that businesses will do very much of this – but there are a few signs that are positive. Real names policies have been relaxed on Google +, and even Facebook has shown some moves in that direction. All the big companies are doing more to secure their systems – encryption is more common, both in the infrastructure and in user systems. Google does at least seem to be making some attempt to cooperate with the right to be forgotten – though whether these attempts are being done in good faith has yet to be seen.

It will probably take a miracle – resurrections generally do – but miracles do sometimes happen.

DRIP: web-mail and web-browsing….

One of the big questions concerning data retention and the hastily-passed DRIP is whether it applies to web-browsing activities. Indeed, Julian Huppert MP asked the question during that all-too-brief debate in parliament, and was assured that it did not. I was far from convinced by the answer, and remain far from convinced, particularly given the idea that this ‘update’ to powers is intended to cover activities like webmail and social networking messages. Some colleagues have been asking questions, and a reliable source within one of the US companies that operates webmail (amongst other things) told us that they don’t expect the data retention powers to apply, given that they have never done so and the government made clear that there was no change in that through DRIP. They added further that as a US company, they are in a very different situation to UK providers.

That leaves us in a very interesting situation. If you’re communicating by webmail or social networking, how can your activities be caught? I can see only two ways: directly from the webmail company, or by capturing web-browsing through the ISP. If there are other ways, I’d like to know… because in the current circumstances I can see only three options:

  1. That webmail and social networking will not be covered by DRIP. That’s almost inconceivable, given the intentions of DRIP and the extent to which communications of the kind that those behind DRIP want to capture take place on webmail and social networks; or
  2. That the non-UK webmail and social network providers have been misled, and DRIP will be used to compel them to gather and hold communications data concerning activities on their services; or
  3. That Julian Huppert – and parliament, and the people of the UK – has been misled, and DRIP will be used to gather web-browsing activities.

If there’s another option, I’d like to know it. It’s entirely possible, as I’ve been wrong often before, but I can’t see it immediately.

My instinct is that the third option is the most likely – and that the intent of DRIP was always to gather web-browsing activity. If we’d had proper time for scrutiny of the bill, and to get experts to ask questions in committee, we might know the answers – and make sure that appropriate balances and controls are put in place. We didn’t. I have a strong suspicion that was entirely intentional too.

DRIP: normalising the surveillance state.

Yesterday’s shameful passing of the Data Retention and Investigatory Powers Act, nodded through without amendment and without even the perceived need for a vote in the House of Lords, was not just very bad news for the UK, it was bad news for the world. The ease with which it was passed, the speed with which it was passed, and the breadth of the powers granted send signals around the world. Some of us have been warning about this effect for a long time – what we do in the UK is being watched around the world. If we, as a supposedly mature, liberal democracy believe that mass surveillance is OK, then that means that anyone could do it. Indeed, that any sensible state should do it.

I’ve been accused of paranoia by making such a suggestion. After all, this is just ‘emergency’ legislation, a mere stop-gap while a proper review of investigatory powers and data gathering goes on. Well,  within a few short hours of the passing of DRIP, its echoes were already being heard the other side of the world. Australia’s Attorney-General, George Brandis, used DRIP as an example, seemingly to help push forward his own proposals for data retention. As reported in ZDNet, he said:

“The question of data retention is under active consideration by the government. I might point out to you as recently as yesterday, the House of Commons passed a new data retention statute. This is very much the way in which western nations are going,”

This is how it goes – and one of the many reasons that the passing of DRIP yesterday was so shameful. If the UK does it, Australia does it. Then New Zealand and Canada.  Each new country adds to the weight of the argument. Everyone’s doing it, why not us? If the UK thinks it needs this to keep its citizens safe, we need it too? By the time the long-distant sunset clause kicks in, the end of 2016, every new country that’s added a data retention law to its books, however temporary, will be another reason to extend our own security services’ powers. It’s a vicious or virtuous circle, depending on your perspective.

Of course the normalisation works in different ways too. Less scrupulous nations will be able to say that if the Brits do it, so can we – and we won’t be able to claim that they’re oppressing their population, if we do the same to our own. Further, our security services will require more and more technology to do the surveillance – and the people who develop that technology will be looking for new markets. They may sell them to the Australians – but more likely they’ll find ready markets in governments with less of a tradition of liberalism and democracy. There’s a fine selection of such nations all around the world. They’ll also find markets of other kinds – businesses wishing to use surveillance for their own purposes… whether scrupulous or not. The very criminals that the supporters of DRIP like to scare us with will be looking too – there are so many uses for surveillance that it’s hard to know where to start.

Well, actually, it should have been easy to know where to start. To make a stand. To try to normalise freedom and privacy, respect for citizens fundamental rights and a willingness for open, honest debate on the subject. That, however, would have required rejecting DRIP. We didn’t do that. Shame on us.

 

DRIP: Parliament in disrepute?

I watched and listened to the parliamentary debate on the Data Retention and Investigatory Powers bill (DRIP) with a kind of grim fascination. The outcome was always inevitable – I knew that, as, I think did all opponents of the bill – but the debate itself seemed to me to be worth paying attention to. Not really in terms of the result, but in terms of the process, and in terms of the way in which parliament was engaging with the issues. There were, it has to be said, some quite wonderful speeches in opposition to the bill, and from many different directions. MPs like John McDonnell, Dominic Raab, Caroline Lucas, Diane Abbott, Pete Wishart, David Winnick, Duncan Hames, Clive Betts, Charles Walker, Dennis Skinner and of course Tom Watson and David Davis were all excellent. Indeed, as someone said at the time, the opponents didn’t lose the debate, they lost the vote.

Therein lies the problem – what was the point of the debate? The chamber was all-but empty for most of it. In the middle of the debate, I got so angry I tweeted a picture of the chamber – with a comment attached. The tweet went a bit wild…. retweeted 870 times at the last count, and included by Liberty in their summary of the debate.

Screen Shot 2014-07-16 at 07.32.41

I did, however, also get some serious criticism for the tweet. Some suggested I had faked it, because I missed out the caption at the bottom. Fair enough – I was too angry to get the screen capture right, but I don’t fake things. I satirise and parody, tease and joke – but I don’t fake. For avoidance of doubt, I took another soon after, this time with the caption:

Screen Shot 2014-07-15 at 16.36.42

Another criticism I received, quite aggressively, was that it was misleading to tweet the picture, and that most of the MPs were likely to be in their offices or their committee rooms, working hard, but following and listening to the debate as it was being broadcast throughout the house. That may well be true – and in no way was I suggesting that MPs don’t work hard. They do – well, a great many of them do – but at this particular moment, and on this particular issue, their attention was elsewhere, as was their physical presence.

I don’t blame the MPs for that part of it. Of course their attention was elsewhere – after all, they’d had this emergency debate foisted upon them at the last minute, and they already have busy lives and huge amounts of work to do, particularly with the parliamentary recess coming up, and with a reshuffle happening at that very moment. Naturally, MPs are distracted by the reshuffle – coalition MPs because their jobs are on the line, Labour MPs because they have to be ready to respond to the reshuffle. Naturally their jobs, their careers, their responsibilities come first.

That, though, is really where my tweet comes in. I said ‘This is how seriously our MPs take our privacy’. I meant it. They showed disrespect to the issue not just by not listening to the debate, but by accepting a process that meant that they only had a few hours of debate to listen to, and almost nothing to read or discuss about it. They accepted an unnecessary fast-tracking, effectively on trust – because they don’t really take our privacy seriously.

Frankly, I’m not convinced that they were listening to the debate – but if they were, that makes their voting even worse. If they listened to the debate and still voted the way they did, in a way that’s even more depressing than the more natural assumption that they were largely ignoring the debate and voting according to the whip. It would mean that they either didn’t understand the strong arguments against the bill, both analytical and impassioned – or they dismissed them as unimportant. Either way, it suggests they didn’t take our privacy seriously. At least, not seriously enough to think it needed proper, lengthy, public debate bringing in expert opinions and analysis. I’m a legal academic, specialising in internet privacy. I’ve written a book on the subject, and I’m one of the signatories of this open letter concerning DRIP – and frankly I haven’t had nearly enough time to properly analyse and understand this bill and its implications. We’ve only had a chance for the most basic of analyses – and if I can’t, how much understanding can MPs have of it?

As David Winnick, a veteran MP and member of the Home Affairs Select Committee put it:

“I consider this to be an outright abuse of parliamentary procedure. Even if one is in favour of what the home secretary intends to do, to do so in the manner in which it is intended, to pass all stages in one go, surely makes a farce of our responsibilities as MPs”

He’s right. It does. It brings parliament into disrepute. MPs should be ashamed of themselves.