Chris Kelly
Main Page: Chris Kelly (Conservative - Dudley South)Westminster Hall is an alternative Chamber for MPs to hold debates, named after the adjoining Westminster Hall.
Each debate is chaired by an MP from the Panel of Chairs, rather than the Speaker or Deputy Speaker. A Government Minister will give the final speech, and no votes may be called on the debate topic.
This information is provided by Parallel Parliament and does not comprise part of the offical record
I am grateful to you, Mr Weir, for giving me the opportunity to speak in this important debate on the internet and privacy, and I congratulate my hon. Friend the Member for Harlow (Robert Halfon) on securing it. I want to preface my comments by saying that I am not particularly a civil libertarian, and I believe that the first role of the state and therefore our Government is to protect our population. To do so effectively requires sacrifices in the civil liberties that we would all ideally like to have all the time. For the population in modern Britain to be protected, we must accept that some of our liberties have to be curtailed slightly, or pooled for the greater good. In our liberal democracy, if a person has nothing to hide, they have nothing to fear.
What I am about to say about Google is not in any way a criticism of the industry or individuals within one company. It is an important industry and a major employer in the UK. I am actually a great admirer of Google and have been using its online services, particularly its search engine service, for 12 years or so. The company provides a first class service, and who here has not Googled themselves?
I want to cover the issue of Google’s aforementioned Street View project, which went live in March. The project was undoubtedly a brave and innovative commercial decision. It was a logistical task that is probably on a par with carrying out a population census. It has also been a hugely expensive task for the company. Like my hon. Friend the Member for East Hampshire (Damian Hinds), I am a capitalist and therefore I admire Google’s willingness to take a risk and provide a hugely innovative new online service. However, as my hon. Friend the Member for Harlow stated, there are a number of legitimate concerns about the way that the project was developed and about the regulator’s response to the legitimate concerns of many private citizens about the project.
The main concern is about data capture. As Google’s cars drove around the UK and many other countries, the wi-fi receptors on board captured information being transmitted online over the networks around them. What was captured, how much was captured and from whom is currently unknown and unclear. Encrypted and unencrypted data were captured. Given the number of people affected, it is almost certainly the largest intrusion into privacy ever to happen in this country. The code that enabled the capture of data from unknowing people by Google’s cars as they were driven through neighbourhoods was apparently written in such a form that encrypted data were separated out and dumped, specifically sifting out and storing the vulnerable unencrypted data on Google hard drives. If that is true, that goes well beyond the “mistake” explanation that was given to us by Google. Therefore, the question is whether Google intentionally breached the privacy of many people’s communications.
Does my hon. Friend agree that one of the great things about this debate is that it highlights the need for everyone to secure their wireless networks? I happen to be a software engineer, and I am struck by the fact that using an unencrypted wireless network is equivalent to shouting our personal details on a bus. Does he agree that we should all secure our networks?
Absolutely. I am very grateful to my hon. Friend for that intervention, and I will talk about locking routers very shortly. His point is very valid.
One thing that has been very good has been the expanse of wi-fi that has become available, which encourages people to use open networks. How will the hon. Gentleman fit that development into his proposals?
Again, I will touch on that issue very shortly. We all go to coffee shops and the like that have unsecure networks, and of course there is an element of choice in doing so. However, people in their private homes need to be aware that it is possible to lock their routers, and people need more education about that option. That is probably a job in the first place for the providers of the broadband services.
I should like to touch on the point about securing networks. To use an analogy, does my hon. Friend agree that, if someone leaves their window open and a burglar comes into their house, it is not the home owner but the burglar who is at fault? If it is being suggested that we should have to block our wi-fi and have special security—whatever that may be—that is, in essence, putting the responsibility on the individual, rather than on the “burglar” in the first place.
Things are not ideal—we live in an imperfect world—but the fact is that people need to be aware that it is possible to lock their wi-fi routers, and they should be encouraged to choose that option. To continue with that very point, the data capture by Google could have been avoided if everyone in the country locked their wireless routers, thereby encrypting their data. But not everyone is aware that it is possible to lock their routers and many businesses, such as the pubs and coffee shops that I mentioned earlier, offer unlocked wi-fi as a service to their customers. We do not encrypt our telephone calls or our post, but we still have a legitimate expectation that others are not prying into them, and indeed doing so is a criminal offence.
Google’s wi-fi intrusion has been brought to the attention of the Information Commissioner’s Office, as we heard earlier. However, the ICO only sent two non-technical staff to Google’s headquarters, which is the heart of what is perhaps the world’s most technologically advanced company. Those non-technical staff then looked at only a small sample of data taken from what Google chose to show them and promptly issued a press release that effectively cleared the company of any wrongdoing, in the middle of a formal police investigation into Google’s actions.
I question whether the regulator acted appropriately in this instance. The ICO now effectively refuses to investigate Google, while its counterparts in countries such as New Zealand, Australia, Canada, Germany, France, the Czech Republic and Italy all pursue the company on the issue of privacy, and the authorities in South Korea physically raided Google’s offices in the country. In addition, 38 US states have united to probe the company’s behaviour and a thumping class action has also been issued in America.
In Britain alone, the relevant commissioner has not taken the severity of the company’s wrongdoing seriously enough. The ICO has really let the British people down in that regard. We deserve better from those who are given the responsibility of protecting our privacy. After all, the Metropolitan police are currently investigating Google over this issue. If the allegations against Google merit an investigation by the police, who have to consider the criminal standard of fault, how is it plausible to say that those allegations do not merit an investigation by the ICO? I also question how sensible it is for the regulator to issue a press release when a Metropolitan police investigation is still under way.
To be fair, Google is hardly the only offender in privacy terms. Other hon. Members have mentioned sites such as Facebook, which I personally use avidly to communicate with more than 1,000 of my constituents. More generally, all the social networking media have privacy issues, but of all the providers and organisations working online, Google is the only one that I know of that has roamed the streets, taking data from the airwaves. That puts them in a special category.
Apart from the seizing of data by Google cars for Street View, like most companies in the online space, Google can generally defend its products when challenged about privacy or intrusiveness by pointing to the implied or explicit consent of users to surrender or generate data that will be retained by the company. However, that does not apply to Street View images, which are of homes whose owners have not consented to having such images shared and of members of the public who have not consented to having their bodies displayed.
In conclusion, this is perhaps the largest invasion of privacy ever to happen in the private sector in the UK. Moreover, it appears that it was only halted after the company involved got caught. So I am pleased that we have been able to debate these issues fully in Westminster Hall today, and once again I congratulate my hon. Friend on securing this important debate.