The new surveillance powers the Tories have planned may need a rethink if it is to actually fulfil its purpose properly
On November 4th the Home Secretary Theresa May presented a new bill to the House of Commons laying out how internet providers will be made to maintain records of the websites visited by UK citizens and their internet communications for up to a year. The new law is designed to help police and law enforcement gather data, and access profiles of people consisting of internet activity logs, to tackle crime, terrorism and other national security threats. These collected records will be made accessible on request by law enforcement, security and intelligence agencies and the armed forces. The actual content of the websites visited, however, will not be revealed.
This bill is fundamentally a continuation of the older surveillance powers, and aims to tidy up the assemblage of prior outdated surveillance laws, such as the Regulation of Investigatory Powers Act of 2000. It basically consolidates all the existing laws into one for a more a simplified set of rules. This is important since many of the data-related definitions and terms have become outmoded therefore needing further updating and clarification, an overall critical step in ensuring that old laws can be adapted and appropriated for the modern digital world. It also appears to be a ghost of another past bill; the Snoopers’ Charter from 3 years ago, since it resembles similar proposals. However it was blocked by the Liberal Democrats who were also in government at the time, though now a majority Conservative government can propose a rebranded bill without the scrutiny and obstruction of a coalition.
Privacy advocates have been quick to point out the neglecting user privacy online will endure if the law is passed. Edward Snowden called it “the most intrusive and least accountable surveillance regime in the West” as he went on a lengthy Twitter rant vilifying the newly proposed rules. Some have even gone as far as to say it’s a step towards a police state, where the government is able to oversight it’s citizens in the most intimidating and hawkish manner, ruthlessly swiping records of their internet activities and communications data, fallaciously in the name of security. Outlandish and exaggerated perhaps, however the basic underlying concept of these excessive claims can be appreciated. Although, the incentive behind the bill can be justified somewhat. After all it is understandable that any government which acknowledges how the internet can be utilised as a means to commit crimes or threaten national security, would feel it necessary to introduce such powers to help prosecutors track down malicious criminals and adversaries. This bill is the one of the government’s strategies, it would argue, to ensure adequate national security, especially during a time where threats have seem to become more minacious and pervasive.
However, one of the more interesting components of the bill is ignoring the actual content of the webpages visited. For powers which are meant to aid law enforcement and others to tackle crime, terrorism and other threats, this does not actually seem to be too helpful. Surely to accurately and fully interpret whether a suspects internet activity and communications data constitutes to them being a national threat, records of the actual content of the webpages visited ought to be known. Otherwise just knowing that somebody had searched a query into Google, but not knowing what exactly was searched, since anything beyond the forward slash remains veiled, in theory should make it more difficult to assess whether the activity is contributing to illegal acts. Of course, other pieces of evidence may be gathered as well to contribute to such investigations, but since we are becoming ever more reliant on the capabilities of technology, so much so that we are committing more and more aspects of our lives to its apparent conveniences, the significance of knowing the specifics of what was searched enlarges to the point that it would be nearly useless to know only the website accessed. Thus, this aspect of the bill seems to be not enough in tracking down those malicious actors, or in creating a truly accurate profile of citizens.
Furthermore, another fundamental weakness of the bill is its ignorance of the competencies of the fast-pace technological age of which the bill is meant to be adapted for. If a terrorist or any criminal were to use the internet to plan, create or execute a crime or an attack, and were aware of these investigatory powers knowing that somebody is watching them and all of their activities being recorded, then it would make sense that this would encourage them to utilise technologies to help them bypass government surveillance. The bill does not consider how it will be able to access the data of those who are coaxed into being a little more pedantic in how they communicate online and use the internet, such as those using VPN’s or using more robust encryption to protect their data. It’s not just the bad actors who will use such techniques, but those who are conscience about their privacy are also likely to engage in such practices. What’s more, if more people become aware or exert enough extra effort to utilise these additional processes because of their concerns of their privacy growing more prudent due to bills like this being introduced, which give legal justification to the governmental controversially spying on its own citizens, which is a possibility, then this bill could potentially become even more nugatory.
The remainder of the bill, particularly the special ‘double-lock’ safeguard for intercept warrants, and the elucidation of prior surveillance powers, are imperative and necessary, as thorough checks being implemented and the issuing of warrants to obtain the data collected is absolutely mandatory for the sufficient justification of these investigatory powers. However the very vagueness of the data collected with the proposed processes, and it’s undermining of the innovative and rule-bending ways of the internet, make this bill more erroneous than its actual infringement upon privacy. It is another example of governments, politicians and lawmakers not quite grasping, or keeping up with, the constant and sprightly development of technology. Their attempts at creating or developing legislation which is appropriated to suit the modern digital world while maintaining the ability to keep people safe are still distant from the realities and are hopelessly unsustainable. So even if it can be argued that this bill controversially legitimises infringements upon privacy, its proposals are myopic in doing so. Essentially, the draft Investigatory Powers bill announced by Theresa May, which lacks the ability to make an accurate profile of people based on the websites they visit along with the communications data produced from their utilisation of the internet and mistakingly disregarding the flexibility and adaptability of the internet age, may actually turn out to be not as invasive as initially interpreted, making the label of ‘ the Cloak-and-Dagger Conservatives’ an overly flattering one.