UK Legislators Want To Toss Tech Company Officials In Jail If They Inform Users About Government Surveillance Efforts
from the this-won't-make-it-far dept
Default mode at tech companies these days is to inform users of government surveillance. Unless explicitly forbidden to do so, multiple companies have stated they will inform users of requests for data or suspected state-sponsored hacking attempts.
The mechanisms inherent in US law usually prevent notification. Requests made by foreign governments, however, operate in a much grayer area. UK legislators are trying to close perceived loopholes with new legislation that would make it illegal to notify users of UK agencies’ requests for data. (via Boing Boing)
Bosses at Twitter and other communications companies face up to two years in prison if they tip off customers that spies or the police are monitoring them under a proposed new law.
Ministers want to make it a criminal offence to notify the subject of a surveillance operation that requests of their data have been made, unless expressly allowed.
The move follows concerns some communications and social media firms will alert users if MI5, MI6, GCHQ or the police have asked for their records.
Even if this dubious proposal becomes law, it’s unclear exactly how the UK plans to enforce this. Does it send cops to arrest the top exec at the offending company? Or would it go after a lower-level representative — one that hopefully resides in UK to better avoid the diplomatic awkwardness of extradition proceedings? In all likelihood, if this proposal survives, the jail term will be replaced with a suitably large fine.
This stipulation has been added to the draft version of the Investigatory Powers Bill — another attempt to broaden the UK’s surveillance powers while codifying the quasi-legal spy efforts GCHQ and others already engage in.
This addition would close the “loophole” tech companies are using by shifting the legal burden. Tech companies say they’ll notify users unless “expressly forbidden” to do so. The draft bill addition says companies can only notify users if they’re “expressly permitted” to do so. With everything hanging on the government’s permission, agencies will rarely have to provide justification for secrecy. Instead, the onus will be on tech companies to remain tight-lipped unless the UK government gives them the nod — something that will undoubtedly be a rarity.
On the plus side, it’s not just tech companies being targeted by additions to the draft bill. Similar consequences await those who abuse their surveillance powers.
The bill also proposes a new offence of knowingly or recklessly obtaining communications data without lawful authority.
The measure is aimed at ensuring those officials, officers and spies who access the personal data do so legitimately and appropriately.
Those who break the law will also face up to two years in prison.
Of course, enforcement of this proposed addition sounds just as unlikely as UK police officers handcuffing Google execs for informing a surveillance target of the UK government’s interest in them.
I’d say we’ll just have to wait and see, but the draft bill is becoming a dumping ground for every wild-eyed legislator’s idea on how to better “secure” the UK against the threat of terrorism. There are certainly more, equally-terrible ideas on the way. The only hope is that most of these will be discarded as the bill moves forward. It’s a given that far too many bad ideas will still survive, but with any luck, the worst suggestions won’t make it into the final version.