UK Releases Snooping Bill, Attempts To Mislead Everyone
from the and-off-we-go dept
Earlier today we reported on a story in the Telegraph, claiming that the upcoming “Investigatory Powers Bill” in the UK would mandate encryption backdoors. The full draft of the bill has been released and the UK government is prattling on about how it doesn’t “ban” encryption. But note the subtle difference in language here. No one expected a ban on encryption: they expected backdoors. The bill is actually stupidly vague on this point. Here’s what the explanation says about “communication service providers in the UK and overseas.”
First it notes that under RIPA (the Regulation of Investigatory Powers Act), “CSPs” are already required to maintain “the ability to remove any encryption applied by the CSP to whom the notice relates.” In other words, the government is already claiming mandates to backdoor encryption, and then goes on to note:
The Investigatory Powers Bill will bring together these obligations in a single, comprehensive piece of legislation. It will provide an explicit obligation on CSPs to assist in giving effect to equipment interference warrants. Only intercepting agencies will have the ability to serve such warrants, which must be authorised by the Secretary of State. The draft Bill will not impose any additional requirements in relation to encryption over and above the existing obligations in RIPA.
The draft Bill will provide for the Secretary of State to require CSPs to maintain permanent capabilities relating to the powers under the draft Bill. This will replace the current obligation to maintain a permanent interception capability and will provide a clear basis in law for CSPs to maintain infrastructure and facilities to give effect to interception and other warrants.
The new power will also require CSPs to provide wider assistance to law enforcement and the security and intelligence agencies in the interests of national security. This will replace the general power of direction under the Telecommunications Act 1984. The new power will be subject to strict safeguards that will prevent it from being used to authorise any activity for the purpose of interference with privacy, such as authorising or requiring the disclosure of communications data.
So… is that mandating backdoors? It seems pretty likely that the government will use this combination of factors to do exactly that, but claiming that such backdoors are already required under RIPA — and thus it’s not “expanding” those powers, even as it also says that the new bill requires providing “wider assistance to law enforcement” and “intelligence agencies.” The explanation does note that “overseas” companies may have some exceptions, but again it’s vague. First it notes that “the draft Bill places the same obligations on all companies providing services to the UK or in control of communications systems in the UK” but then the vague exception: “the draft Bill will include explicit provision to take account of any potential conflict of laws that overseas companies may face.”
Right. Clears everything up.
Meanwhile the draft bill has tons of other problematic language, including requirements for data retention for your web browsing history. Also, it broadens GCHQ’s ability to hack into computers around the globe, with the innocuous sounding phrase “authorisations to interfere with property.” Specifically with regards to the GCHQ, the bill states:
GCHQ can ‘make use of’ as well as ‘monitor or interfere with electromagnetic, acoustic and other emissions and any equipment producing such emissions and to obtain and provide information derived from or related to such emissions or equipment and from encrypted material’. This clarifies that GCHQ may, in the performance of its functions, make use of communications services in the manner in which it was intended they would be used. This could be used for public communications as well as for investigative purposes.
Home Secretary Theresa May’s introduction to the draft claims that:
Powers to intercept communications, acquire communications data and interfere with equipment are essential to tackle child sexual exploitation, to dismantle serious crime cartels, take drugs and guns off our streets and prevent terrorist attacks.
In fact, the draft is weirdly peppered with “case studies” about gangs, criminals, exploited children and more as if to scream out “WE’RE SPYING ON YOU FOR YOUR OWN GOOD AND THE CHILDREN, SO SUBMIT.” This bill is not about protecting the public. It’s about giving much more surveillance and spying power to the government. It’s about fearmongering to get you to give up your privacy and safety so that the government can have more powers over the general public.
Filed Under: data retention, encryption, gchq, going dark, mass surveillance, snooper's charter, surveillance, uk
Comments on “UK Releases Snooping Bill, Attempts To Mislead Everyone”
Perhaps we need a corollary to Ken White’s Rule of Identifying Frivolous Litigation…
If you can’t write a law without that isn’t vague and ambiguous, then by definition it can’t be anything other than an assault on the freedoms and privacy of the people.
Re: Re:
Doh, edit fail. Strike “without”.
A UK bill with international aspirations
Here’s an interesting tidbit:
So it comes down to will Apple refuse to sell it’s phone in England or will it cave and produce backdoors?
If it caves, then the US security agencies will have access to any communications simply by routing cell phone traffic through England back to the US. The 5 eyes will take care of the rest of it without violating so called domestic laws.
This one smells to high heaven.
So the UK gave itself jurisdiction over the whole world? Hey! I thought only we could do that!
Powers to intercept communications, acquire communications data and interfere with equipment are essential to tackle child sexual exploitation, to dismantle serious crime cartels, take drugs and guns off our streets and prevent terrorist attacks
Children? Check.
Drugs? Check.
Guns? Check.
Terrorism? Check.
Privacy and security? Pending.
How's that again?
…take…guns off our streets…
How many guns does the UK have on the streets to begin with?
Last time I checked the UK didn’t have a citizen’s right to bear arms like the US. Even some of the UK’s deputized police officers don’t carry a sidearm, unlike the US where it’s extremely rare to see a police officer without a sidearm.
Re: How's that again?
As an American, when I started reading the Guardian one thing that weirded me out is that there’s a section called “Knife Crime”. The only knife crime I know about is making the mistake of taking one to a gun fight.
Re: How's that again?
“How many guns does the UK have on the streets to begin with?”
In short, not many.
But to be fair when we were able to buy handguns the answer was still ‘not many’. Admittedly we have even less now.
the UK government is prattling on about how it doesn’t “ban” encryption
As others pointed out, mandating backdoors have the same effect.
Ahem. In my whole life I never thought I’d see the West become what it despised.
Re: Response to: Ninja on Nov 4th, 2015 @ 11:39am
It was inevitable. People have a very strong tendency to become what they spend a lot of energy hating.
Re: Re:
Ahem. In my whole life I never thought I’d see the West become what it despised.
It’s a shame so many Americans died saving the Brits from the tyranny of the Nazis, only for the Brits to become their own tyrants.
I find it highly ironic that the telecommunications act was passed in 1984.
well this is going to work well……… not
How do they actually intent to mandate backdoored encryption software and encrypted communication software that is open source and freely available? How exactly are you going to remove this from the internet in the UK?
It makes no sense. I don’t think the people sitting around a table spending time coming up with this rubbish even have the slightest idea of what they are suggesting.
Idiocracy in the UK
What would Alan Turing have to say about UK government mandated weakening of encryption standards that allows it to surveil it’s subjects with ease while in search of “deviant” behavior?
The Telecommunications Act 1984? So, they admit it in the name!
So how do we protest it?
So if I’m reading that right the City of London police (and in doing so the MPAA and the RIAA) are about to get unrestricted warrantless access to everyones browsing history?
You wanna know what “bill”, i wanna see UPDATED
How about, THE HUMAN RIGHTS BILL
For starters, stop using the last one as bog roll