UK Releases Snooping Bill, Attempts To Mislead Everyone

from the and-off-we-go dept

Earlier today we reported on a story in the Telegraph, claiming that the upcoming “Investigatory Powers Bill” in the UK would mandate encryption backdoors. The full draft of the bill has been released and the UK government is prattling on about how it doesn’t “ban” encryption. But note the subtle difference in language here. No one expected a ban on encryption: they expected backdoors. The bill is actually stupidly vague on this point. Here’s what the explanation says about “communication service providers in the UK and overseas.”

First it notes that under RIPA (the Regulation of Investigatory Powers Act), “CSPs” are already required to maintain “the ability to remove any encryption applied by the CSP to whom the notice relates.” In other words, the government is already claiming mandates to backdoor encryption, and then goes on to note:

The Investigatory Powers Bill will bring together these obligations in a single, comprehensive piece of legislation. It will provide an explicit obligation on CSPs to assist in giving effect to equipment interference warrants. Only intercepting agencies will have the ability to serve such warrants, which must be authorised by the Secretary of State. The draft Bill will not impose any additional requirements in relation to encryption over and above the existing obligations in RIPA.

The draft Bill will provide for the Secretary of State to require CSPs to maintain permanent capabilities relating to the powers under the draft Bill. This will replace the current obligation to maintain a permanent interception capability and will provide a clear basis in law for CSPs to maintain infrastructure and facilities to give effect to interception and other warrants.

The new power will also require CSPs to provide wider assistance to law enforcement and the security and intelligence agencies in the interests of national security. This will replace the general power of direction under the Telecommunications Act 1984. The new power will be subject to strict safeguards that will prevent it from being used to authorise any activity for the purpose of interference with privacy, such as authorising or requiring the disclosure of communications data.

So… is that mandating backdoors? It seems pretty likely that the government will use this combination of factors to do exactly that, but claiming that such backdoors are already required under RIPA — and thus it’s not “expanding” those powers, even as it also says that the new bill requires providing “wider assistance to law enforcement” and “intelligence agencies.” The explanation does note that “overseas” companies may have some exceptions, but again it’s vague. First it notes that “the draft Bill places the same obligations on all companies providing services to the UK or in control of communications systems in the UK” but then the vague exception: “the draft Bill will include explicit provision to take account of any potential conflict of laws that overseas companies may face.”

Right. Clears everything up.

Meanwhile the draft bill has tons of other problematic language, including requirements for data retention for your web browsing history. Also, it broadens GCHQ’s ability to hack into computers around the globe, with the innocuous sounding phrase “authorisations to interfere with property.” Specifically with regards to the GCHQ, the bill states:

GCHQ can ‘make use of’ as well as ‘monitor or interfere with electromagnetic, acoustic and other emissions and any equipment producing such emissions and to obtain and provide information derived from or related to such emissions or equipment and from encrypted material’. This clarifies that GCHQ may, in the performance of its functions, make use of communications services in the manner in which it was intended they would be used. This could be used for public communications as well as for investigative purposes.

Home Secretary Theresa May’s introduction to the draft claims that:

Powers to intercept communications, acquire communications data and interfere with equipment are essential to tackle child sexual exploitation, to dismantle serious crime cartels, take drugs and guns off our streets and prevent terrorist attacks.

In fact, the draft is weirdly peppered with “case studies” about gangs, criminals, exploited children and more as if to scream out “WE’RE SPYING ON YOU FOR YOUR OWN GOOD AND THE CHILDREN, SO SUBMIT.” This bill is not about protecting the public. It’s about giving much more surveillance and spying power to the government. It’s about fearmongering to get you to give up your privacy and safety so that the government can have more powers over the general public.

Filed Under: , , , , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “UK Releases Snooping Bill, Attempts To Mislead Everyone”

Subscribe: RSS Leave a comment
Anonymous Coward says:

A UK bill with international aspirations

Here’s an interesting tidbit:

29 Implementation of warrants

(4) A copy of a warrant may be served under subsection (3) on a person outside the United Kingdom for the purpose of requiring the person to provide such assistance in the form of conduct outside the United Kingdom.

31 Duty of operators to assist with implementation

(1) A relevant operator that has been served with a copy of a warrant to which section 29 applies by (or on behalf of) the implementing authority must take all steps for giving effect to the warrant that are notified to the relevant operator by (or on behalf of) the implementing authority. This is subject to subsection (4).
(2) In this section “relevant operator” means— (a) a public postal operator, or (b) a telecommunications operator.
(3) Subsection (1) applies whether or not the relevant operator is in the United Kingdom.

Anonymous Coward says:

So it comes down to will Apple refuse to sell it’s phone in England or will it cave and produce backdoors?

If it caves, then the US security agencies will have access to any communications simply by routing cell phone traffic through England back to the US. The 5 eyes will take care of the rest of it without violating so called domestic laws.

This one smells to high heaven.

Anonymous Coward says:

How's that again?

…take…guns off our streets…

How many guns does the UK have on the streets to begin with?

Last time I checked the UK didn’t have a citizen’s right to bear arms like the US. Even some of the UK’s deputized police officers don’t carry a sidearm, unlike the US where it’s extremely rare to see a police officer without a sidearm.

Mobido says:

How do they actually intent to mandate backdoored encryption software and encrypted communication software that is open source and freely available? How exactly are you going to remove this from the internet in the UK?

It makes no sense. I don’t think the people sitting around a table spending time coming up with this rubbish even have the slightest idea of what they are suggesting.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...