Douglas Crawford, editor of independent online security and VPN advice service BestVPN.com, discusses the likely arrival of the so-called ‘Snooper’s Charter’.
In recent weeks the House of Commons passed a new law that constitutes what is arguably the greatest assault on the privacy and freedom of the British people in modern times.
The Investigatory Powers Bill (IPB, aka the “Snoopers’ Charter”) grants the UK government unprecedented powers to spy on the personal web browsing history of every British citizen, while simultaneously giving it the legal power to intercept internet communications from anywhere in the world.
Some very minor (but overhyped) concessions were granted at the last minute, but the substance of this terrible legislation was passed untouched by 444 MPs to 69, with the backing of all major political parties. There are four main areas in which the public have been unequivocally failed by this bill, which has now been passed to the Lords.
So what is wrong with the Snoopers’ charter?
The government is keen to stress that “only” metadata” will be stored – not a list of the actual content you view online, or of conversations you have. This argument, however, is highly disingenuous.
If I am a married man who regularly visits dating websites, then it does not take Sherlock Holmes to deduce that I am having (or want to have) an affair, and if I regularly visit environmental awareness websites, then it is not hard for the government to guess my political leanings.
Metadata provides the government with a huge amount of very accurate and very personal information. If it didn’t, then why is the government so keen to obtain it?
No information warrant
What to the Department of Health, HM Revenue and Customs, the Postal services Commission, the NHS ambulance service Trust, the Scottish Ambulance Service Board, and many more, have in common?
Answer: They will all be able to access the private records on individuals collected by ISPs without any form of oversight whatsoever. Note that you do not even need to be suspected of a crime before this ridiculously long list of agencies can access your data.
This is alarming enough in and of itself, but is even more worrying when we consider the existing terrible track record communications companies have for protecting customers’ data from hackers!
The “double lock” oversight
The much vaunted “double-lock” oversight provides very little real protection for citizens. It does not apply simply to accessing your data (see above), and therefore concerns much more intrusive TAO-style operations, such as breaking into suspects’ houses in order to plant bugs or infect their laptops with malware.
When the government wants to perform such an “intercept”, it must be approved by a retired judge. Since these hand-picked-by-the-government appointees lack the technological expertise or understanding of covert surveillance necessary to make informed decisions, they will effectively just rubber-stamp ministerial edicts (and even this requirement can be delayed if the government declares the case to be “urgent”).
Some weak (and somewhat self-serving on the part of MP’s) concessions have been made to protect journalists’ sources, and MPs from having their computers and phones hacked, but the message is clear – there is no such thing as a “privileged” or “confidential” conversation, such as between patient and doctor, or between a constituent and their MP.
These are “rights” that the British people have always taken for granted, and are now about to be legislated away.
Under the IPB, technology companies (including international ones) must help the UK government hack their customers’ data and perform bulk surveillance on customers if asked.
The government has backed down a little over fears that it would demand companies to introduce backdoors into their products (and make it a criminal offense for employees to even reveal their existence!), but it’s somewhat ambiguous wording on the issue still leaves many uneasy.
The big question, of course, is how the government thinks it can realistically enforce any such rules on companies such as Apple, which has already staunchly resisted similar attempts by its own government!
The Bill will likely spell the doom of the British technology industry, however, because who in their right mind will use products they know will effectively become government spyware?
So where does this leave us?
The Snoopers’ Charter is a truly Orwellian piece of legislation that will touch each and every British citizen.
It formalises what has gone on secret for years without the knowledge or consent of the public, and, distracted by cat videos, anti-immigration paranoia, and divisive debates over EU fishing quotas, hardly anyone has even noticed.
Even those who have noticed are sold on the false narrative that surrendering every aspect of our personal privacy is necessary to make use “safer”. But safer from what? If for the illusion of “security” we sacrifice all the hard won freedoms that make our culture worth defending, then the criminals and terrorists have already won.