It would depend what the SHPO says. If you have to give them your passwords then changing them just means you have to notify the PPU again.
Most SHPOs do not ask you to hand over passwords, but they do tell you not to delete history, which would include emails, and to let them install monitoring software. That software allows them to spy on your emails remotely and might allow them to harvest passwords, depending how it is set up. 

I found this thread very interesting.  Not from a legal point of view, but a retired IT guy's point of view.  The main purposes of passwords are security and identification.  On the latter, a system needs to identify someone if they delete files, post abusive content etc.  You know who I'd share my password with?  Absolutely no-one.  I might change my mind if threatened with prison, of course.  I wouldn't trust the police, because I wouldn't trust anyone.  If they want your passwords, the only reason is that they will login to your account, or want the option to do so in the future.

But....  There is a fix for the potential 'bent copper'. On facebook and most other platforms, there is a "View your account's recent login activity" feature.  This isn't highly detailed, but typically lists the device and approximate location which should be enough to separate you from anyone else accessing the account.  Each device will have an IP address and this isn't usually listed in the recent activity, but the service provider will have it and their ISP can be gleaned from that.

Of course, if they have your wifi password, they can park outside your house and connect as though it were you, which is scary.

The real gold is your email password.  Its the same for hackers.  If you read someone's emails, you can see they have an amazon/ebay/some_forum account, then go to the site and click on forgotten password, go back to email and change the password and delete the password reset email.  The scope for impersonation is extensive.

So...... If someone isn't too tech savvy, they will log in from home on their device and a different ISP who will be able to connect this to an address and a user.

If the approximate location is Birmingham and you were on holiday or in Scotland at the time, it would be obviously dodgy.

By the same token if your ISP is Virgin and the posts are from a Vodafone ISP, then very dodgy.

Food for thought......

I think if it were me, I'd hand them all over and then change them all PDQ starting with the email and wifi.

Cheers

Steve

Sorry for the slow reply but though I agree to them inspecting my mobile and laptop, I have stressed nothing would be allowed to be installed as there is no "order" allowing them to. I asked why they look seeing I have no "internet" offence, but the reply was local policy so I live with it. I use software to clear history etc as a habit from my security days plus to maintain the devices. They live with that

Society suggests I must let go of all my expectations but I disagree, as whilst I have a voice, I have hope.

Learn from yesterday, live for today, hope is for tomorrow else what is left if you remove a mans hope.
------------------------------

This forum supports these words, thank you Unlock and your contributors.

I said I used WhatApp when I was on the SOR. The only requirement was that I didn't delete any messages which I don't anyway.

From what you have previously posted, you appear to have a far more restrictive set of rules than I did, so it's probably not right to compare my experience with yours.

I agree entirely about the vagueness. Again it's deliberate as it allows them to react however they want in any given situation.

I find they vary from very reasonable to completely draconic and in many circumstances it makes achieving the broader goals that they SAY they want you to work towards absolutely impossible. How is one supposed to re-engage with society if one just avoid children entirely? 
My probation officer has even reinterpreted the written condition that I'm not allowed unsupervised contact with children under 18 to the extent that I'm not allowed to meet children so used to know, even though I've disclosed to their parents and they are aware of that they would have to be present. She says if I spend any time with them as a family, she'll recall me.
I'd fight it, but I know it would just mean more unfavourable headlines, win or lose, and if that was just me, I'd risk it; but it potentially affects the children too.
Comes to something when the offender is more concerned with children's wellbeing than the service that is supposed to protect them...

The entire usage history is just a variation on the phrases 'internet history' and 'history of internet use', both of which predate the emergence of things like Whatsapp. It's because of the problem with stand alone apps which bypass the browser history. They haven't come up with a way to describe that yet, so they are improvising. 

I had an interesting conversation with the PPU about emails. They decided that if the spam filter deletes an email then that's ok, but I delete the same email, then its not ok. Every PPU and probation officer makes up their own rules. I was told by probation that I couldn't go into a pub, if it had a children's play area, even though I have no contact restrictions, or restrictions on where I can go, in my SHPO. It's all a consequence of them using vague words like 'contact' and 'history', that are not defined anywhere in the law.

Someone mentioned they use WhatsApp. I've been specifically told I can't use that because it doesn't keep a lot.

So much further these "standard phrases" my probation officer keeps insisting she uses..

They aren't "standard phrases", though. You can read the standard phrases in their policy framework document here. Those old favourites "necessary" and "proportionate" also put in an appearance.

=========================================================================================================

If you are to punish a man retributively you must injure him. If you are to reform him you must improve him. And men are not improved by injuries. (George Bernard Shaw)

It's not about dodgy things, it's about asking an offender to sign up to rules that they cannot follow. Whilst yes, the actions that break the rules would require a "bent" copper, and that sounds like the typical paranoid fantasy, it is not correct to say a bent copper does not exist. Most services that require a password are very clear that sharing said password is a breach of the EULA, and whilst there will be clauses to allow the operator to comply with law enforcement, I doubt there are any that say it's okay for the user to share a password with them.

It's just too open to abuse and too hard to control once your password is  in a third party's hands. You give your password to your PPU. They give it to three mates down the pub and ask them to log into your Facebook account (or whatever) on a burner phone and post a comment. It doesn't even have to be anything illegal they post ..because on next visit they ask you to show your record for device "x" and of course you don't have it. Yes of course an investigation you hope will reveal the truth; enjoy your 6 to 12 months languishing on remand while the police, effectively investigate themselves.

Someone posted "do you really need Facebook that much?". No, which is why I closed it.

My licence is far more restrictive than my SHPO. Where the latter says I can't access the internet unless I maintain a record of at least 30 days, the former says I must maintain "an entire usage history".

I did challenge this as it's very restrictive and in effect has an extra financial penalty (eventually the phone will be full requiring me to buy a new one) but I've only ten weeks to go now and then I should be able to clear up some space.

Probation have been ridiculously inflexible about this; they said I couldn't even edit a document, but would have to keep a copy of the original and put changes in that...but as soon as I make a copy and change it... well logically you can see that's an infinite loop.

When challenged my probation officer says these are "standard phrases"...but I haven't seen anyone else subjected to this "entire usage history" requirement.

I don't think they can put monitoring software on iphones. But I don't think they need to anyway, because these phones already spy on you. I read a very interesting article about how iphones scan every image you upload and put a marker on your phone if the image is considered dodgy. The marker doesn't trigger a report to the police, unless there are a certain number of images though. This is to cover you for accidental uploading apparently.

But there is a threshold number of images and once you hit the threshold, it triggers the phone to release all of the accumulated markers to the authorities.

True, but it would be sufficient to prove that a bent copper had logged in using your details and did dodgy things to frame you, which seems to be the worry here.

As for monitoring software. I agree, it is not mandatory. It's at their choice and they may chose not to.

I did get a Windows Phone mobile just to see if they had software for it (they didn't). I also took in a replacement iPhone to the station and they didn't put anything on it. However, I never deleted a single thing for 5 years so I was compliant with my SHPO.

ISP's will log the websites you visit, but will not log what you are viewing (far as I know anyway)

Not sure that's right. Monitoring software is optional, even if the SHPO says you have to agree to it being installed, doesn't mean the PPU will choose to install it. Most PPU only check the browser history, they don't ask the isp for logs, and even if they did, the logs only record what websites you visited, don't they?

Whilst true the sense that not everything goes through a "browser", everything is logged (and a lot that looks like it doesn't go though a browser invariably does - Chrome CEF is an example). Your ISP is also required by law to keep logs of everyone's internet activity. They have to keep it for 12 months.

In any case, I'd be astonished if anyone is allowed to keep a device that hasn't been audited as "safe" (e.g. IoT devices) or doesn't have monitoring software installed by the PPU on it, so it's a bit moot.

Browser history is not the same thing as internet access. Because many apps don't use the browser, it means all your internet use is not recorded in the browser. Although when the SHPOs were originally conceived, almost everything did go through the browser, which is why the wording is misleading. The tech has evolved, but the law has not.

Hi

If your restrictions say you are not to delete your internet access then turn that off. 

There are many reasons why you would change your password but unless it is written down in your conditions, you do not have to update them when you do. 
Obviously many words are said to "add pressure" to see how you react; remember in your police interview the manner of the way questions were asked: to see if you admit to something by mistake. If you are doing nothing wrong then do not be concerned as it is just their process.

If you think they will be accessing your account then why have facebook or whatever. Do you really and honestly need them? Many would argue against me but maybe some time off will help you relax.

Never forget you can't answer all the questions in the universe but you can control your own thoughts and actions so concentrate on those. Your own wellbeing is what is vital to enjoy whatever quality of life to wish for.

Society suggests I must let go of all my expectations but I disagree, as whilst I have a voice, I have hope.

Learn from yesterday, live for today, hope is for tomorrow else what is left if you remove a mans hope.
------------------------------

This forum supports these words, thank you Unlock and your contributors.

Actual access to your social media with out you being present would still require a court order, even if they do have a password, so they are not likely to use it unless they suspect you are up to something and if that's the case they will probably have already obtained one.

I notified my PPO of all my social media and forum login handles and it was fine. They let me use aliases as long as they knew what they were and I could give an explanation of why I needed them.

Facebook was slightly different as within hours of my conviction the police had notified Meta (and the US visa waiver scheme!) and they were immediately disabled. This may have knock on effects with Instagram/Threads but I had no problem with WhatsApp (also owned by Meta). There is nothing illegal about setting up a new Facebook account, but it would be against the terms and conditions and Facebook in theory does not allow anonymous accounts (although this is clearly not very well policed.) However, leaving Facebook (whether forcibly or not) was one of the better things that happened. 2 years off the register and I have no inclination to return to that cesspool of nonsense and hate!

Have you not got monitoring software installed on all your devices? That does all the monitoring that is required by law. In any case, most police offers aren't IT literate. What they are almost certainly referring to is browser history when they say all internet access.

Just don't delete anything even if it would save space - and this means check your PC settings. I installed a major Windows update which installed Storage Sense on by default which started removing temporary files without my knowledge!!! 

They can and in my case have, asked for passwords. They also said I must maintain a record of all internet access. They couldn't see how the two made my compliance impossible. What's to stop an officer using my login and password to access Facebook (or whatever) and then accusing me of non compliance when I can't produce a record to match it in one of my devices?
They say they would never do that...but in that case why do they need the password when they can access my account in my device on request?
It was easier just to close all my accounts.

For me you have to be cynical when it comes down to the PPU, as they do have a habit of saying one thing, doing another or changing their minds entirely. 
I am fortunate that I have been open about my offences to my family and these are the people I live with, so just as PPU come in pairs, I don't deal with them on my own either; and acts kinda as a way of a witness when they say they did x y z when they never. 


I have met many people who believe just because you are an RSO automatically means you cannot control yourself with children and automatically want to do contact offences which is wrong and by a long stretch. 

I have to agree to the definition of ex offender though, and I think this is a good description. 

My SHPO says I have to disclose passwords to them if asked, but this is because when I got interviewed they wanted my passwords so I refused and pretty much told them to give me a section 49 notice 😂. 

Its worth noting though, if they ask for your passwords and you don't give them they can apply under RIPA to get a Section 49 notice to get them out of you or face up to 2 years inside. 

For me personally, The 2003 act is now becoming vast out of date unfortuantely, the law always plays catch up just like the computer misuse act. :/