Lord West urges e-mail snooping crackdown By Brian Wheeler

Political reporter, BBC News Published duration 3 March 2011

image caption Lord West is calling for action to prevent e-mail interception for commercial purposes

Ministers must do more to stop internet service providers (ISPs) snooping on private e-mails without consent, an ex-cyber security minister has said.

Some ISPs have trialled software that intercepts and scans e-mails to target ads.

They are meant to ask permission first - but former Labour minister Lord West says it is too easy to flout the rules.

The Home Office said interception of e-mails without the sender's knowledge or consent was already a criminal offence.

But Lord West said further action was needed to prevent abuses.

The Labour peer, who raised the issue in the House of Lords on Tuesday, said he had ordered officials to start work on a crackdown when he was in government, but they had run out of time before the last election to make the necessary changes.

'Blatant abuses'

He said: "This is something I think is important for the nation. Giving private companies the right to go and look into people's e-mails is something I find rather unhealthy.

"If, as a minister, I wanted to look at someone's e-mails I would, quite rightly, have to seek the permission of the home secretary.

"But these companies want the right to go into people's e-mails and look for key words without anyone's permission."

A Home Office spokesman said it was "currently an offence to intentionally intercept communications without lawful authority - this includes the interception of e-mails".

But civil liberties campaigners say the use of Deep Packet Inspection software, which scans e-mails for key words and tracks web browsing habits, including sites and forums visited, is widespread in the UK - and consumers who object to it have little or no redress.

Jim Killock, executive director of the Open Rights Group, said: "It's clear the police will ignore all but the most blatant abuses, and very few if any problems will ever get to court.

"A regulator is meant to issue advice, consult with industry and make sure rules are being observed: not wait until the worst abuses brings furious citizens knocking on their door."

'Strict liability'

The Home Office is tightening up internet security rules following an EC investigation into how Phorm, a controversial ad-tracking technology, was rolled out in the UK. It is due to make an announcement "shortly".

But Alex Hanff, of campaign group Privacy International, said the planned changes to the Regulation of Investigatory Powers Act (RIPA) would not improve consumer protection, as they only applied to the "unintentional" interception of e-mails.

He claimed companies were "deliberately" intercepting e-mails and tracking web use "for commercial gain", and Deep Packet Inspection was being used "almost across the board" by mobile broadband providers in the UK - although there are few examples, apart from the Phorm case, in which evidence of this has emerged publicly.

In December, the government rejected calls to beef up criminal law by making the interception of e-mails a "strict liability" offence, meaning ignorance would not be a defence.

Ministers said such a move would increase the burden on local police forces, who lacked the technical expertise to investigate potential abuses.

Instead, ministers are expected to extend the powers of the Interception Commissioner, who currently deals with citizens who feel they have been put under unnecessary surveillance via government agencies, to include complaints against private sector companies.

The commissioner could be given the power to issue civil fines of up to £10,000 against companies if customers claim their internet communications have been intercepted unintentionally.