The government has the legal ability to hack, intercept, record and monitor everyone’s internet use and communications. What does that mean to your privacy and why transparency and consent of how the legislation is used, should be seen as a pivotal step towards reaching the balance between security and privacy
The Investigatory Powers Bill was first discussed in Parliament by then Home Secretary, Theresa May, in 2015, not too long after Snowden’s terrifying revelations about state surveillance. Despite all the controversy surrounding it, the IP act eventually received a Royal assent and became law on 29th of November last year. There were some loud headlines such as “UK surveillance law marks a ‘worse than scary’ shift” and “Snoopers law creates security nightmare”. The civil rights group Liberty responded to the passing of the bill with “See you in court”.
What is IPA?
The IP act is said to exist so that law enforcement, security, and intelligence agencies have powers to disrupt terrorist attacks in the digital age. The government assures it’ll be subject to “strict safeguards and world-leading” oversight, as it is replacing the Data Protection and Investigatory Powers Act (DRIPA) which expired on 31st of December 2016. IPA is said to update existing powers and create a new interesting power: the introduction of the Internet Connection Records (ICR).
What are Internet Connection Records?
ICR is data about all users’ full records of their online activity, including every website visited, the time, location and information about devices, every app accessed. Under the new act, telecom operators are required to hold those records for 12 months and make them accessible under a warrant, to police, intelligence agencies and some authorities like the HRMC, Home Office, government departments, even the Food Standards Agency. These companies will have to keep the data secure and seek approval from the Home Office if they want to create any new services or products, or even if they want to rebrand their businesses. Systems of surveillance will be built with taxpayers’ money and overseen by the Home Office.
Statements and actions re: IP act
*To see how your local MP had voted, visit Simon Johnson’s GitHub.
Edward Snowden, who revealed NSA and GCHQ’s spying activities, has been strongly opposing the investigatory legislation.
Jim Killock from the Open Rights Group has said long ago:
“The CJEU has sent a clear message to the UK Government: blanket surveillance of our communications is intrusive and unacceptable in a democracy.
“The Government knew this judgment was coming but Theresa May was determined to push through her snoopers’ charter regardless. The Government must act quickly to re-write the IPA or be prepared to go to court again.”
The ORG intervened in the case together with Privacy International, arguing that the Data Retention and Investigatory Powers Act (DRIPA), rushed through parliament in 2014 and that it was incompatible with the EU law. While the judgment no longer affects DRIPA, it has major implications for the Investigatory Powers Act.
Last December, the EU’s highest court ruled out the indiscriminate collection of emails as illegal and intrusive:
“The fact that the data is retained without the users of electronic communications services being informed of the fact is likely to cause the persons concerned to feel that their private lives are the subject of constant surveillance. Consequently, only the objective of fighting serious crime is capable of justifying such interference.
“Legislation prescribing a general and indiscriminate retention of data … exceeds the limits of what is strictly necessary and cannot be considered to be justified within a democratic society.”
David Davis was against the Bill, as one of the most “vociferous critics” of the mass collection of personal data, saying the government is “treating the entire nation as suspects”, but he withdrew from the case following his appointment as Brexit Secretary.
Another story from the past giving much light to how real the threat to privacy is, were the revelations about UK’s security agencies conducting bulk data collections in secret for 17 years, as reported by the Guardian in October, last year.
How can we have more balance between privacy and surveillance?
@privacytimes‘ interviewed Dr. Keith Spiller, a Criminology lecturer from BCU, to find out what he thinks on the issues surrounding the Investigatory Powers Act and if he believes the public is properly informed about the implications of the act on their private correspondence.
Dr. Spiller says: “For me, the key is transparency and consent. If people agree their information to be handed over and they are fully aware what they are doing well and good, that’s their choice. ” Then says that also the government can take information with the consent of those being targeted but once “they start using that information in ways in wasn’t consented to, that’s when the problems arise”.