Parliament Passes Snooper's Charter, Opens Up Citizens To Whole New Levels Of Domestic Surviellance
from the surfing-the-internet-with-The-Man dept
Despite loudly, and repeatedly, raised concerns from activists and members of Parliament, the UK’s Snooper’s Charter (a.k.a., Investigatory Powers bill [PDF]) has been passed by both parliamentary houses and only needs the formality of the royal signature to make it official.
These are the fantastic new things UK citizens have to look forward to with this expansion of government surveillance power.
The law will force internet providers to record every internet customer’s top-level web history in real-time for up to a year, which can be accessed by numerous government departments; force companies to decrypt data on demand — though the government has never been that clear on exactly how it forces foreign firms to do that that; and even disclose any new security features in products before they launch.
The list of new powers doesn’t end with these. UK intelligence agencies are also given permission to perform “electronic interference” — hack into computers and electronic devices belonging to UK citizens, not just individually, but in bulk. It also codifies secret (and illegal) surveillance of UK citizens that the country’s intelligence agencies have engaged in for years without proper authority or oversight.
The government, of course, is trying to portray this as nothing more than a fine tuning of preexisting laws, specifically the Regulation of Investigatory Powers Act (RIPA). Glossed over in its perfunctory “nothing to see here” explanation is the fact that RIPA was also rushed into existence to codify other secret and illegal surveillance programs.
But it’s no ordinary update of existing investigatory laws. Jim Killock of the Open Rights Group calls the Snooper’s Charter “the most extreme surveillance law ever passed in a democracy.” Thanks to the new powers, UK intelligence agencies should be able to put together very extensive dossiers on pretty much anyone they feel like.
This is the collection of Internet Connection Records (ICRs)—a record of which services every citizen it is connecting to, logged in real-time. This unprecedented level of micro-surveillance is accompanied by a machine to make sense of the mass of data, called a ‘Filter’, but is in essence, a search engine. It can match these ICRs with your mobile phone location data and call histories. It can, we believe, be used to profile the social relationships and the sexual and political activities of every U.K. citizen.
That’s how the UK government wants it, apparently: porn filtered out, but spy agencies let in.
Beyond the expansion of law enforcement and surveillance powers is the precedent set by the government in its continual codification of secret surveillance programs. Like RIPA before it, the new law sends a message to intelligence and law enforcement agencies that all misdeeds will ultimately be legislatively forgiven by their overseers. Agencies are implicitly invited to hide programs from overseers and explore new collection techniques without running it past anyone else in the government first. And years later, it will all be papered over by “updated laws.”
This is also good news for other Five Eyes surveillance partners. The NSA and GCHQ’s information sharing partnership means the US agency now has access to even more data on British citizens. Almost anything GCHQ can acquire, the NSA can access. And now GCHQ can access more than ever.
Filed Under: data retention, gchq, investigatory powers bill, ipbill, metadata, parliament, snooper's charter, uk
Comments on “Parliament Passes Snooper's Charter, Opens Up Citizens To Whole New Levels Of Domestic Surviellance”
>and political activities of every U.K. citizen.
And that is what the politicians want, as then they can nip any opposition, or forming protest groups in the bud.
Re: Re:
The politicians appear not to understand that the surveillance will extend to everybody and that they will be more closely watched than others. Talk about digging your own grave!
Didn’t somebody mention that 1984 was a cautionary tale and not an operations manual?
Re: Re: Re:
Actually, they got an immunity clause put in iirc.
Re: Re: Re: Re:
There’s LEGAL immunity, and REAL immunity.
Have a look at: https://en.wikipedia.org/wiki/Blackmail
Re: Re: Re:2 Re:
Nonsense, the intelligence agencies are loyal servants of the politicians, they would never turn around and use the absolutely gargantuan collection of personal information to protect and expand their power, that would be downright rude.
Re: Re:
In the end they wont be able to nip any opposition or protest group in the bud
Re: Re:
Jim Killock of the Open Rights Group calls the Snooper’s Charter "the most extreme surveillance law ever passed in a democracy."
Democracy? Really?
That’s the real issue here. There’s no democracy.
Good news! We can no longer wish people to go to hell. We’ve all arrived!
France just extended its state of emergency for over a year and the Trump administration is being filled with people who care little about the Constitution. Dark days ahead.
Re: Re:
I on!y see myself that War is brewing. I am not sure who, where and why but I do suspect an almost crusade into the middle east.
VPN
Seems like I will need to learn how to set up OpenWRT on my router to be connected to a VPN 100% of the time with bypasses for Netflix, Amazon video and BBC iPlayer.. or just torrent everything through the VPN and stop legally paying to watch stuff.
Re: VPN
A VPN is no protection from someone able to capture and analyze all the traffic passing through the VPN, when it becomes possible to figure out who is connecting to which web site. It is only a strong protection when it links users to an Internal network, like remote employees to a comp[any network, which is what it was designed for. It is also useful to protect against man in the middle attacks when using public WIFI access points.
Assume if you VPN provider is in a five eyes country, you are not protected from those countries spy agencies, and also note due to gag orders, US providers may be compromised by their own government, and shortly you will also have to assume that UK providers are also compromised, and decryption of the headers eliminates what little protection the VPN offered.
Note that encrypted contents, while hiding exactly what pages you visit, or what your message contents are do not obscure your social networks and interest from the proposed spying.
Re: Re: VPN
Encrypted VPN to out of country proxy server still good?
Re: Re: Re: VPN
Depends on where five eyes countries have their backbone cable taps. Using and supporting TOR by becoming a node makes it more difficult for them to carry out a correlation attack. Even so TOR really needs hardening against traffic analysis, and correlation attacks attacks by using dummy packets to keep the data flows between nodes as constant as possible, even the there will be some leakage at the exit nodes, like some site suddenly becoming popular.
The other significant point of the snoopers charter, that renders all use of TOR, VPN’s and strong encryption useless is the permission to hack into machines, and to do so in bulk. Protection against this requires a well protected offline machine, and use of some means of file transfer that is fully controllable, like using SD cards via an Arduino attached to the protected machine.
Re: Re: Re: VPN
Governments have not taken much action against VPN services yet but I am sure one day they will under the theme that laws are pointless if people can easily circumvent them.
So currently there is only a case by case basis of “we want your logs” followed “we don’t keep logs”.
On the day the UK Government goes after VPN services they will leave the UK and in more difficult times use a warrant canary.
Re: VPN
And use Tor Browser, but do it separately from the VPN.
Satellite internet?
How would this affect people who use 2 way satellite based internet? Are they exempt?
Re: Satellite internet?
If the ISP is based in the UK, no.
ISP size?
Would a local collective of individuals in a large building for example be considered an ISP if they were all just using 1 servers hard drive to store and retrieve files for themselves and others? Movie server, music server, etc…
Do the services provided actually have to hit an upper level ISP before they are required to be recorded or would a large school with thousands of kids have to track all internal only file transfers to and from students also?
Re: ISP size?
They would not be an ISP because the “I” part (Internet) would be missing.
Re: Re: ISP size?
Oh dear, you have missed several suggestion floated by UK politicians, to get teachers to monitor their pupils to detect and report their radicalization.
the overarching point...
…that is most telling, is the retroactive approval/legalization of the previously illegal/unthinkable…
as the author rightly points out, what else does this tell the spooks, other than they can do whatever the fuck they want, and the legislators will protect THEM, not US, their real (not) constituency…
upshot is, NO constitutional protection (on this side of the pond), and spooks run amuck with no effective oversight…
if that ain’t the very definition of a police state, i dont know what is…
Concern
I can now be extra thankful that not long ago I purchased TechDirt’s own VPN Unlimited lifetime Infinity VPN bundle which I can now put 24/7 on my ISP link so… The UK Government aka “peeping toms” can go and fuck off and die.
I would be happy the day that they pull up my log to see zero connections beyond VPN servers. I am already sure this is about “metadata” but even that is a telling story. And for added measure I will also add a second encryption level should my VPN ever be compromised.
I have always liked the phrase “People should not be afraid of their governments when governments should be afraid of the people” but here now are afraid citizens as the UK Government exceeds “1984” and “A brave new world”.
Even worse the Government under “terrorism” reasons make themselves more like an anti-social monster which even more people will grow to hate.
To end on a positive note at least this forms one more sound reason for the Internet as a whole to encrypt.
Re: Concern
You seemed to have overlooked a major power granted to the spy agencies, they can hack your machines, at which point all protections against them tracking what you are up to become moot. What is more this power is granted in a way that enables bulk hacking attempts, such as against all VPN users.
Re: Re: Concern
Yes well this user could also hack then back but I thought I had given up that hobby years ago. At minimum I tend to notice unauthorised tasks.
You are right though that Governments are the best at hacking, viruses, root kits and more. It would still not be easy for them with a good firewall and a strict security policy.
I just wonder on days like this why the public don’t find out where all this snooping hardware is and to give it a couple of sticks of dynamite. I am not sure how ISPs would feel about that one though.
Re: Re: Re: Concern
Which means that small closed groups of extremists, those most likely to use violence, can protect themselves, while ordinary citizens trying to organize a peaceful protest against some proposed government action are easily targeted. Often a protest can be headed off by targeting one or two leaders.
Doesn’t that tell you which the government fears the most?
Re: Re: Re:2 Concern
Has that ever happen in the UK, there been huge protests in the UK
Re: Re: Re:3 Concern
https://en.wikipedia.org/wiki/1981_England_riots
https://www.theguardian.com/commentisfree/2015/mar/31/poll-tax-riots-25-years-ago-political-awakening-carnage-trafalgar-square
Oh yes. Never rile a Brit. It’s said that Margaret Thatcher shat briquettes over these.
Re: Re: Re:2 Concern
I have two views on this when first a well trained terrorist cell would use encryption and the deep web. I am sure though that face to face chat is always best.
My other view is from my early hacking days when I compromised over one thousand computers simply due to bad security. I would not go as far to say the average user is a complete moron but they are very inexperienced.
Even at times I would myself strip out viruses and root kits on their computer and to patch the security holes even if that was to secure my own use of it.
My point here is that terrorists are no more computer savvy than the general population is. All evidence points to this fact meaning outside the core they use technology like everyone else. So their key plan is to not leak stuff on the Internet and to switch phones and SIMs as needed.
Re: Re: Re:3 Concern
As the Paris attacks showed, probably the best plan for a small group is to avoid encryption and VPN’s, as the security services have become fixated on secure communication channels to find the terrorists. Large groups on the other hand will show up on their social networking analysis tools, especially if it covers a large geographic area and is expanding, which is an indicator of a building political movement.
And now we see why politicians lied to get brexit off the ground. They dont want those pesky EU privacy laws.
Re: Re:
It seems we wont be leaving the EU now and many want to stay, brexit is falling apart fast
Re: Re:
Indeed. That and the European Human Rights laws. David “The Dead Pig Porker” Cameron absolutely loathed those.
He sported a massive boner over bringing back 12 year old chimney sweeps…
WW3 wont be nation VS. nation. It will be nations VS the people.
Yes!!
Now to spread it to the rest of the world!
One other aspect I should point out is that once ISPs have this year worth of data on everyone then “since it exists” it then becomes possible for Judges to subpoena (NPO) this data in unrelated cases like copyright infringement.
We also know the Copyright Cartels have strongly supported such snooping just to get their foot in that door.
If we run that theme along further then now the Government has to power to quickly punish any online crime.
Re: Re:
Not really there to much data and this will make it worse, they cant punish anything at best they can send letters claiming copyright
Re: Re: Re:
You overlook that while ISPs in most cases know you were using your Internet at stated date and time this new metadata would prove you were using BitTorrent also. It can also say what BT site you visited shortly before, maybe including your user details, or to spew out other browser related facts.
As said once ISPs log this data then so can a Judge order them to hand it over. Suspension then becomes an open and shut case with the only doubt over who was using that computer.
Re: Re: Re: Re:
unlikely
https?
This doesn’t appear to include https interception, so the amount of top-level URLs that they ISPs is going to be limited and decline over time.
Yes, they could look at packet destinations, but with much of the destinations being CDNs, there is going to be limited value in that information.
Only if they look for connections to one or more unusual destinations are they going to get any shred of information.
If only the UK was staying in the EU
If only the UK voted to stay in the EU, than such a measure would be struck down as in violation of EU civil rights laws.
Re: If only the UK was staying in the EU
The UK remains in the EU until 2019 where they are still subject to EUCoJ and EUCoHR rulings until then.
Re: Re: If only the UK was staying in the EU
This. Please can people stop saying that the EU would stop this, when we’re still in the EU.
Re: Re: Re: If only the UK was staying in the EU
“Anonymous UK Resident #5424743871”
Haha!
Re: Re: If only the UK was staying in the EU
and we may not end up leaving the EU at all
Re: Re: If only the UK was staying in the EU
The EU and ECHR aren’t the same thing at all.
Even if the UK leaves the EU, it’ll still be subject to the ECHR.
The Queen could stop this
But she won’t, because she’s the playing ball of lobbyists.
It became very apparent in the debate about copyright a few years back, where the Queen was parroting the copyright maximalists, and you could see that she did not have any grasp on what was really going on.
The same will happen here; because the Queen lives in a very bad filter bubble.
Wait no longer!
Now it is time to kick england out of the EU.
Let’s not wait until they start article 50 procedures but pre-empt them.
Yes, it will be bad for the EU economy in the short term.
We will no longer have to carve out special advantages for them.
In the long run it will be better for the rest of the EU as a (much more unified) whole.
Who would have told V for Vendetta was actually a prophecy, no?
Re: Re:
1984, Animal Farm… Why not V for Vendetta at this point? At least that one had a snappily dressed anti-hero with a penchant for rhymes.