britain-defence-strategy

How the UK government will track everything you do online

 

This afternoon, UK Home Secretary Theresa May announced the return of the Snooper’s Charter, aka the Draft Investigatory Powers Bill. It’s the third attempt to get the Snooper’s Charter onto the statute books, and there’s a very good chance it’ll go through this time. All kinds of people think that’s a very bad idea. Here’s why.

Everything you do, they monitor it for you

The most worrying new power is mass surveillance of everybody’s internet use. Don’t be fooled by claims that as the data collected is “just metadata” it’s akin to keeping phone records: metadata means storing details of every website you visit as well as every communication you make using apps such as WhatsApp for 12 months.

ISPs won’t hand over details of the actual pages you visit or contents of your communications without a warrant, but site URLs can make it abundantly clear what they’re about: you don’t visit Wonga.com if you’re financially stable, for example. Similarly, location data can say a lot about you – churchgoing, perhaps, or visiting a particular building at particular times when Alcoholics Anonymous just happens to be meeting.

It’s worth noting that this surveillance already happens – Edward Snowden revealed GCHQ’s illegal surveillance of millions of people’s online activities in 2003. The proposed new legislation effectively legitimises what’s been going on in secret for years.

It could get hacked

Firms such as Talk Talk will be responsible for storing that data and keeping it safe.

Talk Talk.

Keeping data safe.

Dark comedy aside, that’s a serious worry. As Lib Dem peer Lord Strasburger said of the previous Snooper’s Charter, getting private firms to store such data would create a “”honeypot for casual hackers, blackmailers, criminals large and small from around the world, and foreign states”.

 

1028522311

All kinds of people get access

The usual bogeymen have been trotted out – we need the new powers to fight ISIS and the reanimated corpses of 1970s BBC children’s programme presenters – but the communications data will be available to your local council, to the taxman and to 38 other public bodies.

Previous surveillance powers have been used to crack down on the menace of people not picking up dog poo and trying to get their kids into better schools. According to the Guardian, some 517,000 requests for communications data were made last year and signed off by police officers.

It puts the ‘fish’ into officialdom

One fear of mass surveillance is “fishing expeditions”, where data is mined to identify possible potential criminal activity rather than actual criminal activity. We’ve already seen people arrested for downloading books deemed to be “extremist material” under anti-terror legislation. As Cardinal Richelieu is said to have written back in the 17th Century, “If one would give me six lines written by the hand of the most honest man, I would find something in them to have him hanged.”

It’s bad for journalism

Journalists are worried that the powers could be bad for whistleblowers, enabling officials to identify and silence sources. Theresa May has made it clear that journalists’ sources won’t be identified without first getting a warrant from a judge, unless a secretary of state decides it’s too urgent to get a judge. In those cases, the secretary of state can sign a warrant authorising the secretary of state to identify the journalist’s source. Theresa May currently signs off 2,400 interception warrants per year.

Tech firms will laugh at us

Part of the proposals involves demanding that firms such as Apple decrypt encrypted communications on demand. Without international agreements in place, however, that’s just a wish list. “Oh yeah,” the tech firm might say. “We totally tried to decrypt that, but it was too hard.”

It gives the security services really scary powers

The Bill doesn’t give GCHQ a licence to kill, but it does give it a licence to hack into computers, intercept phone calls, track locations and remotely access smartphones’ microphones and cameras to monitor anybody nearby.

We’ve been misled

Liberty says that the Government has deliberately floated the idea of the most “outrageous, even impractical powers” to distract from the meat of the bill: by spouting rubbish about banning encryption – something that’d cripple our financial services industry for starters – and monitoring individual social media posts the government has been able to distract everybody from the things it really does want. According to Liberty’s Shami Chakrabarti, the Home Office is guilty of “frantic spinning”: deliberately telling journalists porkies about powers they had no intention of keeping in the Bill so that the Government could appear to back down without diluting the key bits of the proposals.

It’ll be abused

On average there are four data breaches a day, Big Brother Watch says, and in 2013 it emerged that the Met was using surveillance to create files on journalists detailing their medical history, family circumstances and sexual preferences. Those journalists weren’t implicated in any crimes; the files appeared to be a form of insurance should said journalists get too curious. Liberty reports that GCHQ has spied on the private communications of Amnesty International and other campaign groups, and the police are known to have spied on and smeared the parents of murdered teenager Stephen Lawrence.

Elsewhere councils have used surveillance powers to spy on employees suspected of lying about their car parking (Darlington), hours of work (Exeter) or sick pay (Hammersmith and Fulham) and to spy on people suspected of flouting the smoking ban. We’re not condoning any of that behaviour, of course, but it’s hardly the organised crime, global terrorism and drug smuggling the powers were supposed to fight.

812__300x300_internet_snooping_uk

It’s the wrong answer

The security services already intercept astonishing amounts of data, and they don’t have the resources to process what they’ve got: for example, the killers of Lee Rigby were well known to the security services, but they were classed as low risk and weren’t monitored due to lack of resources. It’s hard to see how upping the amount of data collected is going to improve that.

What now?

The legislation is a proposed bill, so it’ll be scrutinised by MPs before it’s voted. Previous attempts were defeated by opposition from the Lib Dems, but there aren’t so many of them around these days. Most observers believe that the Bill will become law without too many changes.