U.K. Police Given Phone, Web Spying Right Under Revised Billby
Bill introduced to Parliament defends hacking by authorites
U.S. tech companies may be forced to comply with court order
Britain’s intelligence agencies will have the power to examine Internet browsing histories and hack phones and computers with a warrant under the latest version of the country’s proposed surveillance law.
The revised bill, introduced to Parliament on Tuesday, makes changes to the original version unveiled last year and technology companies will now only be required to undo data encryption they’ve put in place and only when its practical to do so. The bill also takes into account a potential conflict of laws that foreign companies may face in cooperating with the new charter and introduces a so-called double lock to the authorization of interception warrants. This means both the Secretary of State and a judge must sign off.
“As those who wish to do us harm grow more sophisticated in circumventing the reach of law enforcement and the security and intelligence agencies, we must provide them with the powers they need to keep up and keep us safe,” Home Secretary Theresa May said in a statement on Tuesday.
The Investigatory Powers Bill -- dubbed the “Snooper’s Charter” by critics -- had garnered strong opposition, with the tech industry and several parliamentary committees flagging privacy concerns and lamenting the access it will grant to encrypted information. The bill will require Internet and phone carriers to collect and store data on millions of customers and allow intelligence agencies to remotely access smartphones and other devices. The revised bill builds in special protection for journalists and lawyers.
Vodafone Group Plc, Google and Facebook Inc. have united in opposition to the measure on topics ranging from the costs of capturing and storing data to concern over complying with U.K. laws when the companies already adhere to legislation in the U.S. They’ve also voiced criticism over possible government request to access encrypted data via so-called backdoors that would allow intelligence agencies access.
Apple Inc., which has refused U.S. demands that it assists investigators seeking to access encrypted iPhones, wrote to the U.K. government in December expressing concern over weakened encryption, which the company said could be manipulated by hackers. Others have said the government’s heavy hand in monitoring communications will drive many Internet users to seek more anonymous ways to surf the Web, such as using the Tor browser, which makes the user almost untraceable.
Privacy International, a charity focused on fighting privacy intrusions, said the revised bill still fails to address concerns put forth by U.K. lawmakers.
“The continued inclusion of powers for bulk interception and bulk equipment interference -- hacking by any other name -- leaves the right to privacy dangerously undermined and the security of our infrastructure at risk,” the group said in a statement.
Published alongside the bill was almost 50 pages justifying the case for so-called bulk collection powers, the right to collect everything about a users’ communications. In defending such powers, the Home Office maintained the hacking of messages and devices will be focused on accessing data to people outside the U.K. and that a warrant to do so must be obtained if national security is at risk.
May said the new bill doesn’t introduce “sweeping new powers,” but rather ensures authorities can keep the population safe in the face of serious and unpredictable threats.
The new bill also clarifies that companies can only be asked to remove encryption that they themselves have put in place. The government has said it will work closely with the telecommunications industry to implement the collection and storage of data. Companies are forbidden from discussing a request by authorities to retain data without permission from the government.
The bill now faces detailed scrutiny and debate before final votes in both houses of Parliament.