UK passes new surveillance law, nicknamed "Snooper's Charter"

Started by Syt, November 20, 2016, 12:35:45 PM

Previous topic - Next topic

Syt

https://www.ft.com/content/40d2ede4-adac-11e6-9cb3-bb8207902122

QuoteSnooper's Charter passes into law — what it means

Surveillance powers include ability to hack into the emails of ordinary citizens

Last week the UK parliament passed the Investigatory Powers Bill, which will give the government wide-ranging surveillance powers including the ability to intercept and hack into millions of ordinary citizens' communications.

The bill, also known as the Snoopers' Charter, is still awaiting royal assent before it is codified into law, which it is expected to receive by the end of November, according to two sources who did not wish to be named.

Originally introduced by Theresa May last November when she was home secretary, the bill was passed despite strong objections from privacy advocates, academics and a host of major technology and telecoms companies including Apple, Google and Twitter, who warned that the law "could have far reaching implications — for our customers, for your own citizens, and for the future of the global technology industry".

Tech groups and privacy advocates say that nothing of substance has been altered in the final version of the bill. "In 20 years that I've been dealing with surveillance policy in this country I have never seen a more docile parliament," said Gus Hosein, executive director of the non-profit organisation Privacy International, regarding the bill's passage.

"I was there when we passed RIPA [the current surveillance law] in 2000 and after 9/11 in Washington and at 7/7 [the terrorist attacks in London], and at this moment parliament is sleeping."

The principal objections are to specific clauses that compel internet companies to keep bulk records of all users for up to a year, and allow the government to either coerce tech companies to hand them over when served with a notice and remove encryption when requested, or allow government agencies to hack into people's electronic devices.

However, the government will appoint an Investigatory Powers Commissioner and judicial commissioners as independent judges to oversee any warrants.

"There are some very extensive powers in the bill and in the wrong hands are capable of being abused, no doubt about that," said David Anderson QC, who was commissioned by David Cameron, the former prime minister, to conduct a review of surveillance laws; this work has been described as a blueprint for the new law. "But the bill does subject everything to a legal framework, so there is no excuse for agencies to do anything they are not fully authorised to do."

Here is a summary of the new legislation and how it could affect you.

Bulk data collection

The new law would allow mass and indiscriminate data collection of everyone in the UK. Internet and phone companies would have to keep the records of every phone call made and every website visited by any of their users for 12 months.

Not only would telecoms companies have a list of every site visited or call made, they would also record the date, time and duration of these actions.


MPs who voted against the bill during its draft stages, such as SNP MP Joanna Cherry, said they believed that "in order to protect civil liberties, surveillance should be targeted, with warrants from courts that ensure they are focused, specific and based on reasonable suspicion".

However, the bill allows bulk data collection, dashing the hope that surveillance will have to be targeted and "based on reasonable suspicion". Mr Hosein said: "No [western] government anywhere has passed such laws on bulk collection and bulk hacking because it's mass surveillance. Time and again, courts have ruled this is unlawful and unacceptable in a democratic society."

Access to bulk data

Dozens of public organisations and departments will be able to access your communications, in some cases without a warrant. These agencies range from the police, HM Revenue & Customs, customs officials and intelligence agencies, to the NHS, the Department of Health, the Food Standards Agency and the Gambling Commission.

To be given access to data pertaining to a specific person, no warrant will be needed, except in certain circumstances, such as when the police are trying to access data about a journalist's source.

Surveillance data can also be requested in bulk by the intelligence agencies — MI5, MI6 and GCHQ — under a special warrant that needs the approval of an independent judge. The data can belong to an unlimited number of people who are not suspected of any criminal activity.


According to Privacy International's general counsel: "The intelligence agencies can obtain large amounts of communications data, and potentially content, through the acquisition of bulk personal data sets, which are defined as containing information about individuals that 'are not, and are unlikely to become, of interest to the intelligence services'."

Bulk hacking

For the first time, the law will allow security agencies and law enforcement to hack into computers, phones and networks to eavesdrop on communications. They will require a warrant to do so.

Security and intelligence officials can even hack into computers outside the UK's borders under a warrant authorised by both the home secretary and an independent judge to download data from unattended mobile phones or remotely taking control of laptops.

Backdoors to encryption

This year, US tech giants including Apple, Google, Microsoft, Facebook and Twitter made written submissions to voice their concerns about the bill. "We reject any proposals that would require companies to deliberately weaken the security of their products via backdoors, forced decryption, or any other means," the document said.

The bill has retained the legal basis to force companies to create a backdoor even into encrypted services such as WhatsApp and iMessage — although government agencies will need a warrant to make the companies give them access.

However, "a key left under the doormat would not just be there for the good guys. The bad guys would find it, too", Apple cautioned in its submission to parliament last December.

Tech companies have also been worried about the extraterritorial nature of the law, which will require foreign companies with British consumers to comply, even if their home countries have conflicting laws, as the US currently does.
I am, somehow, less interested in the weight and convolutions of Einstein's brain than in the near certainty that people of equal talent have lived and died in cotton fields and sweatshops.
—Stephen Jay Gould

Proud owner of 42 Zoupa Points.

The Brain

Women want me. Men want to be with me.

Ed Anger

Stay Alive...Let the Man Drive

The Brain

Women want me. Men want to be with me.

Syt

I am, somehow, less interested in the weight and convolutions of Einstein's brain than in the near certainty that people of equal talent have lived and died in cotton fields and sweatshops.
—Stephen Jay Gould

Proud owner of 42 Zoupa Points.


mongers

This is merely a 6"x4" white postcard attached to a small length of string, with a drawing pin fixing it to a half-height wooden door, the notice reads "The horse has bolted"


The young mare was named Privacy and was know for her enthusiasm for jumping fences, but naivety proved to be her downfall in many races, where she often faced experience hack rides.


"We have it in our power to begin the world over again"

Crazy_Ivan80


Zanza


mongers

Quote from: Zanza on November 20, 2016, 03:09:09 PM
Sounds like a terrible law.

Terrible governments make terrible laws makes a terrible country
elects a terrible government that makes terrible laws making a still more terrible country. Which then elects a terrible government to make terrible laws, that enshrine the terrible state of the country, terrible people see only a more terrible future, so now only back terrible governments.
"We have it in our power to begin the world over again"

Richard Hakluyt

Quote from: Zanza on November 20, 2016, 03:09:09 PM
Sounds like a terrible law.

I would say that the overwhelming majority of my countrymen have no interest in liberty  :(

Hence the law and hence the lack of criticism of the law.


Zanza

Not really related, but the UK wants to force porn sites to have age verification mechanisms, probably based on credit cards. Otherwise British ISPs must block access. That will make sure that porn sites, including lots of foreign ones that may not follow British laws, gather lots of real names and credit card information on British citizens. Privacy again loses out to the nanny state.

Syt

http://yiu.co.uk/blog/who-can-view-my-internet-history/

QuoteA list of who will have the power to access your internet connection records is set out in Schedule 4 of the Act. It's longer than you might imagine:

Metropolitan police force
City of London police force
Police forces maintained under section 2 of the Police Act 1996
Police Service of Scotland
Police Service of Northern Ireland
British Transport Police
Ministry of Defence Police
Royal Navy Police
Royal Military Police
Royal Air Force Police
Security Service
Secret Intelligence Service
GCHQ
Ministry of Defence
Department of Health
Home Office
Ministry of Justice
National Crime Agency
HM Revenue & Customs
Department for Transport
Department for Work and Pensions
NHS trusts and foundation trusts in England that provide ambulance services
Common Services Agency for the Scottish Health Service
Competition and Markets Authority
Criminal Cases Review Commission
Department for Communities in Northern Ireland
Department for the Economy in Northern Ireland
Department of Justice in Northern Ireland
Financial Conduct Authority
Fire and rescue authorities under the Fire and Rescue Services Act 2004
Food Standards Agency
Food Standards Scotland
Gambling Commission
Gangmasters and Labour Abuse Authority
Health and Safety Executive
Independent Police Complaints Commissioner
Information Commissioner
NHS Business Services Authority
Northern Ireland Ambulance Service Health and Social Care Trust
Northern Ireland Fire and Rescue Service Board
Northern Ireland Health and Social Care Regional Business Services Organisation
Office of Communications
Office of the Police Ombudsman for Northern Ireland
Police Investigations and Review Commissioner
Scottish Ambulance Service Board
Scottish Criminal Cases Review Commission
Serious Fraud Office
Welsh Ambulance Services National Health Service Trust
I am, somehow, less interested in the weight and convolutions of Einstein's brain than in the near certainty that people of equal talent have lived and died in cotton fields and sweatshops.
—Stephen Jay Gould

Proud owner of 42 Zoupa Points.

Tamas

I guess not surprisingly, this seems to have flown right above BBC's head, was not worthy of coverage.

Monoriu