The Law Shop is now closed. Please click here to find out more.

Commons committees blast latest surveillance bill

James Watkins - Law on the Web

  1. 16 February 2016
  2. Miscellaneous
  3. 0 comments
Malevolent eye

The latest iteration of the so-called “snooper’s charter” has come under a series of attacks from MPs for lacking oversight and not making a good enough case for the monitoring of British citizens’ private internet activities.

Three different cross-party committees have levelled significant criticisms at the draft Investigatory Powers Bill in the space of two weeks.

What is the Investigatory Powers Bill?

The IP Bill, which is the successor to the rejected draft Communications Data Bill, would make it easier for police, security services and other public bodies to acquire communications data.

It would require internet service providers to keep records of their customers’ browsing history for 12 months for security services to access, and would require companies which offer encrypted communication services (such as WhatsApp and iMessage) to give security services a way to access communications sent through these services.

Security services would not be able to access this data at will – they would need to obtain an interception warrant before they could access these records, which would need approval from both a judge and the home secretary. The bill would also introduce a commissioner dedicated to overseeing the use of these powers.

The bill clarifies a number of powers which security services have already unofficially given themselves, using obscure legal clauses from a pre-internet world. The Data Retention and Investigatory Powers Act 2014, a piece of emergency legislation introduced to cover security services’ previously unlawful activities, will expire at the end of this year.

However, there is still a great deal to be done before MPs will be satisfied with the bill.

Highly critical reports

The bill’s first metaphorical tongue-lashing this month came at the hands of the Commons science and technology committee.

The committee warned that UK tech companies would be put at a commercial disadvantage by the requirement to retain website records, saying that any extra costs for this should be met by the government.

“It is vital we get the balance right between protecting our security and the health of our economy,” said Nicola Blackwood MP from the science and technology committee. “We need our security services to be able to do their job and prevent terrorism, but as legislators we need to be careful not to inadvertently disadvantage the UK’s rapidly growing tech sector.”

The committee also expressed concerns about the broad scope and lack of clarity of the bill, saying that more work was needed to ensure it was “future-proofed”.

“There remain questions about the feasibility of collecting and storing Internet Connection Records (ICRs), including concerns about ensuring security for the records from hackers,” Ms Blackwood said.

“The Government needs to do more to allay unfounded concerns that encryption will no longer be possible.”

The term Internet Connection Records is a particular sticking point, due to its vagueness – while it is meant to refer to details of people’s browsing histories, it is easy to see how it could be interpreted more broadly in the future.

A second report, from the intelligence and security committee, was even more scathing. The committee, which oversees GCHQ, MI5 and MI6, criticised the bill for a number of reasons, including the apparent lack of emphasis on maintaining the right to privacy.

“Given the background to the draft Bill and the public concern over the allegations made by Edward Snowden in 2013, it is surprising that the protection of people’s privacy – which is enshrined in other legislation – does not feature more prominently,” the report says. “This results in a lack of clarity which undermines the importance of the safeguards associated with these powers.”

The report also noted that the bill appeared to have been rushed.

“While we recognise the timing constraints imposed by the ‘sunset clause’ in the Data Retention and Investigatory Powers Act 2014, it appears that the draft Bill has perhaps suffered from a lack of sufficient time and preparation and it is important that this lesson is learned prior to introduction of the new legislation,” notes the report.

The final blow came in a report by the joint select committee set up to review the bill.

While the joint select committee was more supportive of the bill than the other committees, it still outlined a number of failings in the current draft, particularly over its sloppy handling of technical details.

“We recommend that more effort should be made to reflect not only the policy aims but also the practical realities of how the internet works on a technical level,” the report said.

The report made 86 detailed recommendations to improve the bill.

“The fact that we have made 86 recommendations shows that we think that part of the bill is flawed and needs to be looked at in greater detail,” said committee chair Lord Murphy. “There is a lot of room for improvement.”

Meanwhile, Lib Dem peer and committee member Lord Strasburger wrote in Wired that the bill “needs to be fundamentally rethought and rebuilt”.

What does this mean?

The Investigatory Powers Bill already had plenty of vocal opponents, with human rights groups, privacy advocates and tech firms all issuing dire warnings.

However, such criticism from MPs is a particularly stinging blow for intelligence agencies and the home secretary.

Criticism from the intelligence and security committee will have been particularly painful. The committee had been accused under its previous chair, Malcolm Rifkind, of being too soft on intelligence agencies.

His replacement, for Attorney General Dominic Grieve, is a fierce defender of civil liberties. With Mr Grieve heading up this committee, the government may find it significantly more difficult to rush through anti-terrorism legislation.

Share your experiences

Please note: The views expressed in community areas of this site do not necessarily reflect or represent the views of Law on the Web, its owners, its staff or contributors. All comments are moderated prior to publication.

comments powered by Disqus