The House of Lords has passed the controversial Investigatory Powers Bill or Snoopers’ Charter and very soon the legislation will enshrine in law for the first time the mass surveillance of the populace by the security services.
Despite opposition from the Liberal Democrats, Labour’s refusal to fight the bill in the end allowed its pretty smooth ascent into law with few apparent changes.
That will dismay rights campaigners who argue that even if these powers are used with restraint today, they give a terrifying amount of power to the state which will be very hard to reclaim in the future.
The powers themselves legitimize what the security services were recently found to have been doing illegally for years – mass surveillance of the populace and the ability to hack citizens’ devices.
That puts the UK somewhere on a par with Russia and China.
It also mandates that ISPs retain their customers web and phone data for a year – providing attackers with a potential treasure trove of eminently hackable information which could be used for follow-up fraud attacks or even worse, blackmail.
CensorNet CEO, Ed Macnair, expressed his disappointment at the passing of the Snoopers’ Charter by the Lords.
“It’s hardly a secret that agencies like GCHQ and MI5 already have access to our communications, should they need it,” he argued. “Given that, I can’t see how this law will increase our ability to stop terrorism and other crime enough to make it worth it. In fact, I worry it could do more harm than good.”
In fact, former NSA technical director, William Binney, made exactly that point at a committee reviewing the Investigatory Powers Bill in January.
He argued that bulk collection of data doesn’t work, because there’s simply too much for analysts to process. The communications from 9/11 terrorists weren’t spotted because of this approach, he added.
“Who wants to know everyone who has ever looked at Google or the BBC? We have known for decades that that swamps analysts,” he said at the time.
“The net effect of the current approach is that people die first, even if historic records sometimes can provide additional information about the killers.”
Macnair also pointed to the huge security risk that could come from forcing ISPs to retain customer records.
“Can you imagine the damage that could be done to individuals if their private browsing history was made public?” he said.
“That’s not people on ‘dodgy’ sites but individuals with highly personal concerns from sexuality and HIV, to addictions and depression. The Ashley Madison hack if nothing else showed us the devastation that occurs when incredibly personal information is leaked.”