Britain’s Draft Surveillance Bill puts free speech and free press at risk
“Try to think of the new powers as just an extended itemised phone bill,” was the way UK Home Secretary Theresa May tried to explain the implications of the Draft Investigatory Powers Bill to British parliamentarians in November of 2015.
However, the Bill (also known as the Snoopers Charter) goes much further than simply itemising internet communications, and it risks making Britain one of the most draconian surveillance societies in the world. The window for public consultations on the draft ended this week, and the Joint Committee (made up of MPs from the House of Commons, and peers from the House of Lords) is currently preparing their report on this draft legislation, which has been presented as an anti-terrorism measure.
What it Means – Obligations within the Draft
If it passes into law, the Bill makes explicit in law the security services’ powers for the bulk collection of large volumes of personal communications data.
It will require that web and phone companies maintain records of websites visited by every UK citizen for 12 months for access by police, security services and other public bodies.
Companies will also be required to maintain “permanent capabilities” to intercept and collect the personal data passing over their networks and legally oblige communications companies to assist in these operations in order to bypass encryption mechanisms.
Communications companies will also fall under wider powers which oblige them to assist the security services and the police in the interests of national security.
The proposed legislation puts tech companies (and potentially content communities such as Wikipedia) who warn their users that they are being watched at risk of being criminalised under a gag order. This inclusion makes it an offence for a communications service provider to notify the subject of an investigation that a request has been made for their data unless expressly permitted to do so.
The Draft Bill also has global aspirations – it includes provision for these regulations to be applicable to any operator who does business in Britain, meaning staff employed by international companies will also be liable, if they work in UK operations, and Section 189 provides the capability for the British state to oblige “…persons outside the United Kingdom” and require them to take (or not take) certain actions outside the United Kingdom.
There has also been some debate around the fact that the wording of the draft seems to oblige smaller internet access providers such as cafes with wifi or public libraries to collect their share of user-data as well.
A Grab-bag of Objections
Commentators from the media, legal, non-governmental, internet policy and technical communities have responded to the Draft Bill with alarm.
Some have called it a new kind of digital colonialism. Mozilla have argued that the draft legislation is a “harmful step backwards”, Facebook, Google, Microsoft, Twitter and Yahoo submitted joint evidence in which they raise concerns about the jurisdictional reach and provisions for bulk collection of data, while the Tor Project’s submission highlights how the legislation might have chilling effect on the way human rights organisations are able to use encrypted communications for their work.
Some academics and civil society activists have called the Draft Bill a “blank cheque” for spying on citizens and limiting the ability of journalists to do the type of investigative work which led to the Snowden revelations.
ISPs and mobile network operators in the UK have testified that the cost involved might be too much for them to bear, and have stated that the Home Office should bear the full cost of the estimated £240 million needed to implement the Bill. BT, Virgin Media and Sky also testified that the implementation of the technology required to meet the legal obligations of the Bill might not be deployable before 2018.
The Law Society of England and Wales and the Law Society of Scotland raised concerns about the chilling effect of surveillance and argued that there is a risk that legal professional privilege is not protected and therefore liable to government request.
A Faster Process Than Usual
Aside from support from law enforcement agencies, there seems to be little appetite for the bill. But observers note that the unusual speed with which this Bill is being ushered through the British legislative process is telling. The government has indicated this is a response to the Paris attacks in November 2015. The accelerated timetable for comment and report-back implies that the Government is keen to push it through as soon as possible. Chairman of the Joint Committee, Lord Murphy of Torfaen, said:
“We are aware that the short time available to the Committee for its investigation has been a cause of concern for people who have their own concerns and questions about the draft Bill. Our timetable, set by the two Houses, is certainly a challenging one”
The Role of the European Union
It is possible that legislation like this might be questioned under European law, particularly with the EU Court of Human Rights’ increasing unease with untargeted surveillance. While this might be true, it is also possible that this draft Bill is part of the UK government’s ongoing attempts to step away from the Council of the European Union and renegotiate Britain’s relationship with the EU, and in particular with the current administration’s long-held plans to scrap the Human Rights Act.
Now that the period of public consultation is over, the joint Committee will prepare its report, which may result in amendments. The draft will then be returned to the floor of the House of Commons, where the amended Bill can be debated and further amendments proposed before voting on it. While no dates have yet been given for this particular Bill, it is one which many internet users around the world will be watching closely.
This post represents the view of the author and does not necessarily represent the view of the institute itself. For more information about the topics of these articles and associated research projects, please contact email@example.com.
Is AI a creativity killer? We consider whether and how generative AI can be used to foster creativity at universities.
What are the strengths and weaknesses of the data breach notification obligation in the GDPR given its objectives?