UK Government Leaders Say Investigatory Powers Act Isn’t Awful Enough, Announce Plans To Make It Worse
from the all-the-things-you-don't-like-but-MORE-OF-THEM dept
The UK government thinks the 2016 Investigatory Powers Act is due for an overhaul. But it has plenty of opposition. Some of the proposed amendments actually appear to be illegal. And at least one major tech company has threatened to exit the market if the proposed amendments become law.
The so-called “Snooper’s Charter” has always been one of the nation’s worst laws. But there are plenty of legislators who believe it can — and should — be made worse. Following the “King’s Speech” — the UK equivalent of our State of the Union address only, you know, slightly more colonist — UK leaders are informing the nation they’d very much like to increase the government’s already considerable surveillance powers.
On 8 November, the government introduced legislation to update the Investigatory Powers Act 2016.
The Investigatory Powers (Amendment) Bill was announced in the King’s Speech and will make urgent and targeted amendments to the existing act to ensure our country is kept safe and our citizens protected from harmful threats.
These amendments will enhance our national security by keeping the public safer from threats such as terrorism, hostile activity from foreign powers and serious and organised crime. The UK is a world leader in ensuring privacy can be protected without compromising security. The bill will maintain and enhance the existing high standards for safeguarding privacy in the 2016 act.
First off, there’s the standard claim that this will do something about national security. Those two words are capable of shutting down certain brains (including those handling judicial challenges) and bypassing objections by making it appear anyone opposing surveillance power expansion must want the terrorists to win.
Second, there’s the hilariously ridiculous claim that the UK is a “world leader in ensuring privacy.” London has been a camera-riddled dystopia for years — a dystopia made even worse by the routine addition of error-prone facial recognition tech. For years, the UK government has compromised privacy to achieve, at best, minimal gains in security.
Finally, claiming there’s anything in the 2016 Investigatory Powers Act that even remotely approaches “high standards for safeguarding privacy” is ludicrous. Claiming that adding even more data retention demands and surveillance options will somehow “enhance” these (lol) “high standards” is even more asinine.
But that’s how UK leaders are portraying this turn of events, spring-boarding off the King’s Speech to push another round of privacy violations and security compromises under the pretense of making the nation safer.
These officials even pretend this won’t give the government more snooping power than it already has.
The targeted reforms will not create new powers in the act. They will instead modify elements of the existing legislation to ensure it is proportionate, provides agencies and oversight bodies with appropriate resilience mechanisms and maintains and enhances the existing measures.
This sure looks like a new power. According to this fact sheet, service providers will now be required to retain certain internet browsing records created by their users. Here’s how things stand now:
There is no current requirement in law for CSPs to keep ICRs [internet connection records] and this information may therefore be unavailable to law enforcement agencies, meaning that often they can only paint a fragmented intelligence picture of a known suspect. Internet protocol (IP) address resolution identifies the sender of online communications.
So, if the government currently doesn’t have access to these records because CSPs (communication service providers) aren’t required to keep them, and the government issues a mandate to retain these records solely for the purpose of being able to access them on demand, that sure seems like a “new power,” even if the collection is being off-loaded (via government mandate) to providers who were never previously obligated to collect or retain this data.
The proposed changes would also expand the definition of bulk personal datasets (BPDs) to cover data collected by third parties, like data brokers. And, while this isn’t technically a “new” power it is definitely an expansion of the government’s existing power:
The bill would also increase the duration of a BPD warrant from six to twelve months in order to better demonstrate the necessity and proportionality of retaining and examining the data, the case for which can be made more effectively over this longer time period.
The government would be able to collect more and hold onto it longer. On top of that, privacy protections for datasets will no longer be equal across all datasets. The amendments would allow the government to declare some datasets more equal than others, lowering privacy protections as needed to access sets that were previously either off-limits or subject to enough restrictions the government rarely got a chance to view or retain them.
Then there’s this phrase, which says things about “resilience” when it clearly means lowering the bar for warrant acquisition:
Increasing resilience of the warranty authorisation processes to allow greater operational agility for the intelligence agencies and National Crime Agency. This will help to ensure they can always get lawful access to information in a timely way so that they can respond to the most serious national security and organised crime threats.
“Greater operational agility” is just a fancy way of saying “make things easier.” When you start altering the rules to increase law enforcement efficiency, you tend to turn protected rights into privileges that only need to be respected when they’re not inconveniencing law enforcement.
None of this is law. Yet. But it’s clear those heading the government firmly believe this is the right way to go.