The chances are you’re aware of the Snoopers’ Charter. That’s the nickname that was given first to a piece of draft legislation entitled the Draft Communications Data Bill (which was later blocked) and more recently to the Investigatory Powers Bill (which treads over much of the same ground).
Posted on 11 March 2016 - Law
BY Tibus
The whys and wherefores, rights and wrongs of the legislation are currently being discussed at length. We’ll present the arguments for and against later in this article. For now, we’re focusing on what is on the table at present and what it means for Tibus customers.
As a web hosting and internet service provide operating our own network, we are within the telecommunications industry that many of the proposals in the draft relate to.
The key proposals relate to:
The Investigatory Powers Bill would give security and intelligence services the right to intercept and view the content of any call, email or social media message.
For Tibus customers, as for those of all other hosting providers, that means the security services could theoretically intercept emails being sent from our servers and read what you’ve sent.
The draft bill also includes provision to force telecoms providers, such as Tibus, to divulge communications data about their customers’ activities.
This relates to the who, where, when and how of the communication, not the what. In other words, the content itself does not have to be released (although, as we’ve established this could be intercepted), but details on who sent the communication, where from and to, when they sent it and how they sent it would have to be disclosed.
Security and intelligence services will be able to interfere with our devices in the course of their investigations if the bill is passed.
More often than not, this is likely to relate to smartphones but will also encompass computers and servers.
The bill would grant permission for agencies to remotely access the hardware and covertly download data from them.
The final main proposal is called Bulk Powers. This allows for the collection of huge swathes of electronic data, which may be examined at a later date if there are legal grounds to do so.
In practice, this would mean the intelligence services hoovering up most, if not all, of the data travelling along the UK’s fibre networks on a daily basis. That means that users of Tibus’ connectivity and internet services would have to expect that their data was being collected in bulk in this way.
The draft bill is published by the Home Office. The Gov.uk website includes lots of documentation that presents the Home Office's case for the Investigator Powers Bill.
It reads:
The Investigatory Powers Bill will govern the use and oversight of investigatory powers by the law enforcement and security and intelligence agencies and by other specified public authorities. It builds on the work of three comprehensive reviews undertaken in the last two years. Those reviews, carried out by David Anderson QC, the Independent Reviewer of Terrorism Legislation, the Intelligence and Security Committee of Parliament (ISC), and a panel convened by the Royal United Services Institute (RUSI), between them made 198 recommendations.
All three reviews agreed that the use of these powers will remain vital to the work of the law enforcement and security and intelligence agencies in the future. Collectively, they proposed reforms to the way these powers are overseen and recommended the introduction of stronger safeguards and greater openness.
The Investigatory Powers Bill will transform the law relating to the use and oversight of these powers. It will strengthen safeguards and introduce world-leading oversight arrangements. The Bill will do three things:
First, it will bring together powers already available to law enforcement and the security and intelligence agencies to obtain communications and data about communications. It will ensure that these powers – and the safeguards that apply to them – are clear and understandable.
Second, the Bill will radically overhaul the way these powers are authorised and overseen. It will introduce a ‘double-lock’ for interception warrants, so that these – and other warrants – cannot be issued by the Secretary of State until they have been approved by a judge. And it will create a powerful new Investigatory Powers Commissioner (IPC) to oversee how these powers are used.
Third, it will make sure powers are fit for the digital age. The Bill will make provision for the retention of internet connection records (ICRs) in order for law enforcement to identify the communications service to which a device has connected. This will restore capabilities that have been lost as a result of changes in the way people communicate.
On the other side of the argument, the Open Rights Group is leading a campaign against the bill.
Its website reads:
The new powers for the Police to access our 'Internet Connection Records' - a database of our online activity in the last 12 months - is invasive and unnecessary. Internet Service Providers, web hosting companies, and parliamentarians have been critical of this power.
The arguments made for bulk collection powers and Internet Connection Records are built on anecdotes. The operational case needs to provide figures, costs, and be open to scrutiny.
No other country in the world monitors and collects Internet browsing history to this extent.
The Bill endorses GCHQ's existing extensive and intrusive surveillance powers that were revealed by Edward Snowden, rather than rolling them back. This includes powers of bulk collection and analysis of data collected by tapping Internet cables, ie. Tempora. GCHQ should concentrate on targeting suspected criminals, not collecting information on law-abiding citizens.
The Bill includes the security agencies' powers to break into our laptops and mobile phones, including worrying new powers for non-targeted 'mass hacking', which may mean, for example, getting Apple to push out a compromised update to lots of phones. Worryingly, the Bill also forces Internet companies to help in hacking their own customers. It also makes it illegal for them to tell anyone what they've been asked to do. Will we be able to trust that we can use any device securely under this law?
Despite Government assurances that this Bill offers judicial authorisation for the first time, judges will have only a very narrow role. They are only allowed to check that there are grounds for the minister’s decision and that procedures have been followed. In practice this can simply amount to a rubber-stamp, and all the real power rests with Government Ministers.
So, those are the cases for and against the Investigatory Powers Bill. Hopefully that will provide you with enough information to make your mind up on the draft bill.
