UK's Investigatory Powers Bill: A "Breath-taking Attack" on Internet Security

In keeping with global trends, the UK released its own draft Investigatory Powers Bill last week. The legislation sets out to clarify and simplify previous law, but also to negatively impact privacy and security for all.

Key measures include:

• Internet connection records (ICRs) retained for one year, to be accessed in order to identify the sender of a communication or the communications services a person is using or to determine whether a person has been accessing or making available illegal material online. ICRs include main web addresses visited, but not the content or profiles viewed or the searches performed on each page.

• Targeted interception of phone calls and emails with Secretary of State-issued, Judicial Commissioner-approved warrants.

• Targeted equipment interference, allowing for data to be obtained from computers, tablets, smart phones, cables, wires and static storage devices, through a warrant process similar to the aforementioned.

• Bulk communications data obtained when required to protect national security, through the aforementioned warrant process.

Until 2016, the Bill remains a draft, leaving time for the very “scrutiny and debate” Home Secretary Theresa May requested in the Bill’s foreword.

One British human rights organization, Liberty, is promoting just that by encouraging concerned citizens to sign their names in support of an eight-point Safe and Sound plan, which seeks:

1. Prior judicial authorisation of all surveillance requests.
2. No blanket powers forcing communications companies to store more personal data.
3. Surveillance conducted for tightly defined reasons such as the investigation of serious crime and preventing loss of life, with requests and warrants targeting individuals on the basis of suspicion in criminal activity.
4. Improved redress and increased transparency for those who have been under unlawful surveillance or are no longer under suspicion.
5. Use of intercept evidence in court to bring perpetrators to justice.
6. Data-sharing arrangements between UK and other countries made public and set out in law.
7. Legislative protection against the breaking of our country’s encryption standards.
8. Recognition of the unique threat posed by hacking to British people’s security.

In the words of Liberty's Director, Shami Chakrabati, "After all the talk of climbdowns and safeguards, this long-awaited Bill constitutes a breath-taking attack on the Internet security of every man, woman and child in our country. We must now look to Parliament to step in where Ministers have failed and strike a better balance between privacy and surveillance."

The Investigatory Powers Bill is neither perfect nor complete; let Parliament know where you stand before this Bill becomes law.

---

Want to know more about cybersecurity legislation worldwide? Read on!

• CISA: Thankfully, Not Yet A Law
• Australia's New Law: A Honey Pot for Hackers
• Public Comment Welcomed on South Africa's Cybercrimes Bill

SumRando Cybersecurity is a South Africa-based VPN, Web Proxy and Secure Messenger provider. Surf secure and stay Rando!