Parliament Passes Snooper's Charter, Opens Up Citizens To Whole New Levels Of Domestic Surviellance

from the surfing-the-internet-with-The-Man dept

Despite loudly, and repeatedly, raised concerns from activists and members of Parliament, the UK's Snooper's Charter (a.k.a., Investigatory Powers bill [PDF]) has been passed by both parliamentary houses and only needs the formality of the royal signature to make it official.

These are the fantastic new things UK citizens have to look forward to with this expansion of government surveillance power.

The law will force internet providers to record every internet customer's top-level web history in real-time for up to a year, which can be accessed by numerous government departments; force companies to decrypt data on demand -- though the government has never been that clear on exactly how it forces foreign firms to do that that; and even disclose any new security features in products before they launch.

The list of new powers doesn't end with these. UK intelligence agencies are also given permission to perform "electronic interference" -- hack into computers and electronic devices belonging to UK citizens, not just individually, but in bulk. It also codifies secret (and illegal) surveillance of UK citizens that the country's intelligence agencies have engaged in for years without proper authority or oversight.

The government, of course, is trying to portray this as nothing more than a fine tuning of preexisting laws, specifically the Regulation of Investigatory Powers Act (RIPA). Glossed over in its perfunctory "nothing to see here" explanation is the fact that RIPA was also rushed into existence to codify other secret and illegal surveillance programs.

But it's no ordinary update of existing investigatory laws. Jim Killock of the Open Rights Group calls the Snooper's Charter "the most extreme surveillance law ever passed in a democracy." Thanks to the new powers, UK intelligence agencies should be able to put together very extensive dossiers on pretty much anyone they feel like.

This is the collection of Internet Connection Records (ICRs)—a record of which services every citizen it is connecting to, logged in real-time. This unprecedented level of micro-surveillance is accompanied by a machine to make sense of the mass of data, called a ‘Filter’, but is in essence, a search engine. It can match these ICRs with your mobile phone location data and call histories. It can, we believe, be used to profile the social relationships and the sexual and political activities of every U.K. citizen.

That's how the UK government wants it, apparently: porn filtered out, but spy agencies let in.

Beyond the expansion of law enforcement and surveillance powers is the precedent set by the government in its continual codification of secret surveillance programs. Like RIPA before it, the new law sends a message to intelligence and law enforcement agencies that all misdeeds will ultimately be legislatively forgiven by their overseers. Agencies are implicitly invited to hide programs from overseers and explore new collection techniques without running it past anyone else in the government first. And years later, it will all be papered over by "updated laws."

This is also good news for other Five Eyes surveillance partners. The NSA and GCHQ's information sharing partnership means the US agency now has access to even more data on British citizens. Almost anything GCHQ can acquire, the NSA can access. And now GCHQ can access more than ever.


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 17 Nov 2016 @ 11:00am

    >and political activities of every U.K. citizen.

    And that is what the politicians want, as then they can nip any opposition, or forming protest groups in the bud.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 17 Nov 2016 @ 11:14am

      Re:

      The politicians appear not to understand that the surveillance will extend to **everybody** and that **they** will be more closely watched than others. Talk about digging your own grave!

      Didn't somebody mention that *1984* was a cautionary tale and not an operations manual?

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 17 Nov 2016 @ 12:47pm

      Re:

      In the end they wont be able to nip any opposition or protest group in the bud

      reply to this | link to this | view in chronology ]

    • icon
      Ninja (profile), 18 Nov 2016 @ 8:15am

      Re:

      Jim Killock of the Open Rights Group calls the Snooper's Charter "the most extreme surveillance law ever passed in a democracy."

      Democracy? Really?

      That's the real issue here. There's no democracy.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 17 Nov 2016 @ 11:02am

    Good news! We can no longer wish people to go to hell. We've all arrived!

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 17 Nov 2016 @ 11:04am

    France just extended its state of emergency for over a year and the Trump administration is being filled with people who care little about the Constitution. Dark days ahead.

    reply to this | link to this | view in chronology ]

  • icon
    Rabbit80 (profile), 17 Nov 2016 @ 11:08am

    VPN

    Seems like I will need to learn how to set up OpenWRT on my router to be connected to a VPN 100% of the time with bypasses for Netflix, Amazon video and BBC iPlayer.. or just torrent everything through the VPN and stop legally paying to watch stuff.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 17 Nov 2016 @ 11:32am

      Re: VPN

      A VPN is no protection from someone able to capture and analyze all the traffic passing through the VPN, when it becomes possible to figure out who is connecting to which web site. It is only a strong protection when it links users to an Internal network, like remote employees to a comp[any network, which is what it was designed for. It is also useful to protect against man in the middle attacks when using public WIFI access points.
      Assume if you VPN provider is in a five eyes country, you are not protected from those countries spy agencies, and also note due to gag orders, US providers may be compromised by their own government, and shortly you will also have to assume that UK providers are also compromised, and decryption of the headers eliminates what little protection the VPN offered.
      Note that encrypted contents, while hiding exactly what pages you visit, or what your message contents are do not obscure your social networks and interest from the proposed spying.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 17 Nov 2016 @ 11:41am

        Re: Re: VPN

        Encrypted VPN to out of country proxy server still good?

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 17 Nov 2016 @ 12:21pm

          Re: Re: Re: VPN

          Depends on where five eyes countries have their backbone cable taps. Using and supporting TOR by becoming a node makes it more difficult for them to carry out a correlation attack. Even so TOR really needs hardening against traffic analysis, and correlation attacks attacks by using dummy packets to keep the data flows between nodes as constant as possible, even the there will be some leakage at the exit nodes, like some site suddenly becoming popular.
          The other significant point of the snoopers charter, that renders all use of TOR, VPN's and strong encryption useless is the permission to hack into machines, and to do so in bulk. Protection against this requires a well protected offline machine, and use of some means of file transfer that is fully controllable, like using SD cards via an Arduino attached to the protected machine.

          reply to this | link to this | view in chronology ]

        • icon
          Violated (profile), 17 Nov 2016 @ 12:35pm

          Re: Re: Re: VPN

          Governments have not taken much action against VPN services yet but I am sure one day they will under the theme that laws are pointless if people can easily circumvent them.

          So currently there is only a case by case basis of "we want your logs" followed "we don't keep logs".

          On the day the UK Government goes after VPN services they will leave the UK and in more difficult times use a warrant canary.

          reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 19 Nov 2016 @ 10:41am

      Re: VPN

      And use Tor Browser, but do it separately from the VPN.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 17 Nov 2016 @ 11:11am

    Satellite internet?

    How would this affect people who use 2 way satellite based internet? Are they exempt?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 17 Nov 2016 @ 11:15am

    ISP size?

    Would a local collective of individuals in a large building for example be considered an ISP if they were all just using 1 servers hard drive to store and retrieve files for themselves and others? Movie server, music server, etc...

    Do the services provided actually have to hit an upper level ISP before they are required to be recorded or would a large school with thousands of kids have to track all internal only file transfers to and from students also?

    reply to this | link to this | view in chronology ]

    • identicon
      Whoever, 17 Nov 2016 @ 1:26pm

      Re: ISP size?

      They would not be an ISP because the "I" part (Internet) would be missing.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 17 Nov 2016 @ 1:51pm

        Re: Re: ISP size?

        Oh dear, you have missed several suggestion floated by UK politicians, to get teachers to monitor their pupils to detect and report their radicalization.

        reply to this | link to this | view in chronology ]

  • icon
    art guerrilla (profile), 17 Nov 2016 @ 11:32am

    the overarching point...

    ...that is most telling, is the retroactive approval/legalization of the previously illegal/unthinkable...
    as the author rightly points out, what else does this tell the spooks, other than they can do whatever the fuck they want, and the legislators will protect THEM, not US, their real (not) constituency...
    upshot is, NO constitutional protection (on this side of the pond), and spooks run amuck with no effective oversight...
    if that ain't the very definition of a police state, i dont know what is...

    reply to this | link to this | view in chronology ]

  • icon
    Violated (profile), 17 Nov 2016 @ 12:13pm

    Concern

    I can now be extra thankful that not long ago I purchased TechDirt's own VPN Unlimited lifetime Infinity VPN bundle which I can now put 24/7 on my ISP link so... The UK Government aka "peeping toms" can go and fuck off and die.

    I would be happy the day that they pull up my log to see zero connections beyond VPN servers. I am already sure this is about "metadata" but even that is a telling story. And for added measure I will also add a second encryption level should my VPN ever be compromised.

    I have always liked the phrase "People should not be afraid of their governments when governments should be afraid of the people" but here now are afraid citizens as the UK Government exceeds "1984" and "A brave new world".

    Even worse the Government under "terrorism" reasons make themselves more like an anti-social monster which even more people will grow to hate.

    To end on a positive note at least this forms one more sound reason for the Internet as a whole to encrypt.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 17 Nov 2016 @ 12:28pm

      Re: Concern

      You seemed to have overlooked a major power granted to the spy agencies, they can hack your machines, at which point all protections against them tracking what you are up to become moot. What is more this power is granted in a way that enables bulk hacking attempts, such as against all VPN users.

      reply to this | link to this | view in chronology ]

      • icon
        Violated (profile), 17 Nov 2016 @ 12:46pm

        Re: Re: Concern

        Yes well this user could also hack then back but I thought I had given up that hobby years ago. At minimum I tend to notice unauthorised tasks.

        You are right though that Governments are the best at hacking, viruses, root kits and more. It would still not be easy for them with a good firewall and a strict security policy.

        I just wonder on days like this why the public don't find out where all this snooping hardware is and to give it a couple of sticks of dynamite. I am not sure how ISPs would feel about that one though.

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 17 Nov 2016 @ 12:56pm

          Re: Re: Re: Concern

          It would still not be easy for them with a good firewall and a strict security policy.

          Which means that small closed groups of extremists, those most likely to use violence, can protect themselves, while ordinary citizens trying to organize a peaceful protest against some proposed government action are easily targeted. Often a protest can be headed off by targeting one or two leaders. Doesn't that tell you which the government fears the most?

          reply to this | link to this | view in chronology ]

          • identicon
            Anonymous Coward, 17 Nov 2016 @ 1:11pm

            Re: Re: Re: Re: Concern

            Has that ever happen in the UK, there been huge protests in the UK

            reply to this | link to this | view in chronology ]

          • icon
            Violated (profile), 17 Nov 2016 @ 1:32pm

            Re: Re: Re: Re: Concern

            I have two views on this when first a well trained terrorist cell would use encryption and the deep web. I am sure though that face to face chat is always best.

            My other view is from my early hacking days when I compromised over one thousand computers simply due to bad security. I would not go as far to say the average user is a complete moron but they are very inexperienced.

            Even at times I would myself strip out viruses and root kits on their computer and to patch the security holes even if that was to secure my own use of it.

            My point here is that terrorists are no more computer savvy than the general population is. All evidence points to this fact meaning outside the core they use technology like everyone else. So their key plan is to not leak stuff on the Internet and to switch phones and SIMs as needed.

            reply to this | link to this | view in chronology ]

            • identicon
              Anonymous Coward, 17 Nov 2016 @ 2:04pm

              Re: Re: Re: Re: Re: Concern

              As the Paris attacks showed, probably the best plan for a small group is to avoid encryption and VPN's, as the security services have become fixated on secure communication channels to find the terrorists. Large groups on the other hand will show up on their social networking analysis tools, especially if it covers a large geographic area and is expanding, which is an indicator of a building political movement.

              reply to this | link to this | view in chronology ]

  • icon
    James Burkhardt (profile), 17 Nov 2016 @ 12:26pm

    And now we see why politicians lied to get brexit off the ground. They dont want those pesky EU privacy laws.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 17 Nov 2016 @ 12:53pm

      Re:

      It seems we wont be leaving the EU now and many want to stay, brexit is falling apart fast

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 18 Nov 2016 @ 1:21am

      Re:

      Indeed. That and the European Human Rights laws. David "The Dead Pig Porker" Cameron absolutely loathed those.

      He sported a massive boner over bringing back 12 year old chimney sweeps...

      reply to this | link to this | view in chronology ]

  • identicon
    I.T. Guy, 17 Nov 2016 @ 12:35pm

    WW3 wont be nation VS. nation. It will be nations VS the people.

    reply to this | link to this | view in chronology ]

  • identicon
    Whutevah, 17 Nov 2016 @ 12:48pm

    Yes!!
    Now to spread it to the rest of the world!

    reply to this | link to this | view in chronology ]

  • icon
    Violated (profile), 17 Nov 2016 @ 1:06pm

    One other aspect I should point out is that once ISPs have this year worth of data on everyone then "since it exists" it then becomes possible for Judges to subpoena (NPO) this data in unrelated cases like copyright infringement.

    We also know the Copyright Cartels have strongly supported such snooping just to get their foot in that door.

    If we run that theme along further then now the Government has to power to quickly punish any online crime.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 17 Nov 2016 @ 1:15pm

      Re:

      Not really there to much data and this will make it worse, they cant punish anything at best they can send letters claiming copyright

      reply to this | link to this | view in chronology ]

      • icon
        Violated (profile), 17 Nov 2016 @ 1:49pm

        Re: Re:

        You overlook that while ISPs in most cases know you were using your Internet at stated date and time this new metadata would prove you were using BitTorrent also. It can also say what BT site you visited shortly before, maybe including your user details, or to spew out other browser related facts.

        As said once ISPs log this data then so can a Judge order them to hand it over. Suspension then becomes an open and shut case with the only doubt over who was using that computer.

        reply to this | link to this | view in chronology ]

  • identicon
    Whoever, 17 Nov 2016 @ 1:31pm

    https?

    This doesn't appear to include https interception, so the amount of top-level URLs that they ISPs is going to be limited and decline over time.

    Yes, they could look at packet destinations, but with much of the destinations being CDNs, there is going to be limited value in that information.

    Only if they look for connections to one or more unusual destinations are they going to get any shred of information.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 17 Nov 2016 @ 1:33pm

    If only the UK was staying in the EU

    If only the UK voted to stay in the EU, than such a measure would be struck down as in violation of EU civil rights laws.

    reply to this | link to this | view in chronology ]

    • icon
      Violated (profile), 17 Nov 2016 @ 1:54pm

      Re: If only the UK was staying in the EU

      The UK remains in the EU until 2019 where they are still subject to EUCoJ and EUCoHR rulings until then.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous UK Resident #5424743871, 17 Nov 2016 @ 2:50pm

        Re: Re: If only the UK was staying in the EU

        The UK remains in the EU until 2019 where they are still subject to EUCoJ and EUCoHR rulings until then.

        This. Please can people stop saying that the EU would stop this, when we're still in the EU.

        reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 17 Nov 2016 @ 4:52pm

        Re: Re: If only the UK was staying in the EU

        and we may not end up leaving the EU at all

        reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 18 Nov 2016 @ 7:46am

        Re: Re: If only the UK was staying in the EU

        The EU and ECHR aren't the same thing at all.

        Even if the UK leaves the EU, it'll still be subject to the ECHR.

        reply to this | link to this | view in chronology ]

  • icon
    Seegras (profile), 18 Nov 2016 @ 3:10am

    The Queen could stop this

    But she won't, because she's the playing ball of lobbyists.

    It became very apparent in the debate about copyright a few years back, where the Queen was parroting the copyright maximalists, and you could see that she did not have any grasp on what was really going on.

    The same will happen here; because the Queen lives in a very bad filter bubble.

    reply to this | link to this | view in chronology ]

  • identicon
    Yes, I know I'm commenting anonymously, 18 Nov 2016 @ 4:26am

    Wait no longer!

    Now it is time to kick england out of the EU.
    Let's not wait until they start article 50 procedures but pre-empt them.

    Yes, it will be bad for the EU economy in the short term.
    We will no longer have to carve out special advantages for them.
    In the long run it will be better for the rest of the EU as a (much more unified) whole.

    reply to this | link to this | view in chronology ]

  • icon
    Ninja (profile), 18 Nov 2016 @ 8:12am

    Who would have told V for Vendetta was actually a prophecy, no?

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Insider Shop - Show Your Support!

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.