Despite David Cameron and Theresa May calling for a better insight into the websites we visit with the potentially fast tracked Investigatory Powers Bill, a committee of politicians has warned that it lacks clarity, not defining key points. It warned that if the tech-firms that must be complicit in the monitoring do not understand what is expected of them, then the bill is far from ready for approval.
The Investigatory Powers Bill is a modified piece of legislation loosely based around the original Draft Communications Bill, or “Snooper's Charter,” as it was known, proposed by May several years ago and shot down by then coalition leader, Nick Clegg in 2013. However in the past six months its reared its head again, with politicians looking to use the attacks in France as justification for its speedy passing.
Technology firms and privacy advocacy groups have decried its wording, suggesting that its vaguery for what data would actually be recorded and when, left it open to interpretation and exploitation. Now a parliamentary committee has called for it to be reviewed in order to provide a better understanding for all involved.
“There remain questions about the feasibility of collecting and storing internet connection records (ICRs), including concerns about ensuring security for the records from hackers,” said committee chair, Nicola Blackwood. She highlighted the vaguery of “internet connection records,” (ICR) which most, even those proposing the bill, don't seem to understand the actuality of (via The Guardian).
Is an ICR browser history? Is it merely a connection online? Do internet service providers have the hardware or software to archive them? If not, who will pay for it? Some estimations we received from one ISP, suggested that it could cost tens of millions of pounds for each provider and that doesn't even factor in the long term costs of maintaining such records.
Other concerns with the bill related to encryption. While the committee has said that it understands the intelligence agency's desire to be able to read encrypted messaging, the bill doesn't suggest how that could be possible without a ‘backdoor' being used. It's not clear whether the bill would also make it illegal to use current end-to-end encryption services, employed by most major messaging platforms at this point.
Discuss on our Facebook page, HERE.
KitGuru Says: Either May and the other supporters of this bill don't understand it, or they don't care that it would impact the privacy and security of every British citizen. Either way they shouldn't be responsible for this sort of legislation.