Last week, the Investigatory Powers Act (IPA) was given royal assent and passed into law. Also known as the ‘snooper’s charter’, the new law gives the UK government surveillance powers unprecedented in the free world.
Executive director of the Open Rights Group, Jim Killock, has described the IPA as ‘one of the most extreme surveillance laws ever passed in a democracy’. And when combined with the vast surveillance infrastructure and technological expertise that has been developed over the years by GCHQ, the government is now positioned to become the most repressive surveillance state anywhere in the world.
In effect, the snooper’s charter removes any right to privacy. All communications providers (such as internet service providers and phone companies) must keep detailed metadata records on all customers for a minimum of 12 months.
This means the government can now spy on every phone call you make, every text message or email you send, and on every website that you visit. And because the new law is based on the old RIPA legislation, this information will be freely available to a staggeringly long list of government agencies.
This list includes the Charity Commission, the Finanical Conduct Authority, the Food Standards Authority, the Post Services Commission, and many more. Given that the Scottish Ambulance Service Board will have free access to your personal information with no oversight, it seems rather odd that councils have been singled out as requiring a warrant. But there you go.
Arguments that ‘only’ metadata is collected, rather than the actual contents of communications, are pure sophistry. As Michael Hayden, former director of both the NSA and CIA, gleefully admitted, ‘We kill people based on metadata’.
It does not take a genius to work out the political affiliations of a regular visitor to www.labour.org.uk, or to know a great deal about the personal life of a married man who uses the Grindr app.
This information will also probably be shared with GCHQ’s spying buddy, the NSA. And given the large number of government bodies with access to the data, combined with the government’s pitiful track record on data security, it is safe to assume that these huge troves of highly personal information will soon be available to criminal hackers.
The powers the government has granted itself in the IPA go much further than spying on people via their metadata. The law explicitly gives the government wide hacking powers, which include breaking into people’s houses and laptops, and bugging personal communications.
According to the act, these intercept powers require ‘judicial approval’ before they can be put into effect, but when examined in detail this amounts only to a group of retired judges who are handpicked by the government.
Given that these retired judges will not have the technical expertise to understand the details and full implications of authorising, their job will simply be to ensure that the correct procedures have been followed.
Put another way, their job will be to rubber-stamp government requests. And even then, the government can delay presenting its case for approval for five days if a minister declares the case urgent.
Professions in which privacy is usually considered sacrosanct, such as between journalists and their sources, or doctors and patients, are not immune to being spied upon, although ministers will have to spell out the protections afforded to sensitive information when investigating members of such professions.
Interestingly, one of the very few amendments actually pushed for by MPs was to ensure greater privacy protections for MPs!
Furthermore, the snooper’s charter allows the government to order tech companies to backdoor their encrypted products. Not only will deliberately sabotaging the security of products be an open invitation to criminal hackers – a backdoor that is open to the government is also open to everyone else – but it will also severely damage trust in UK products.
After all, why would anyone use a product they know is deliberately compromised by the UK government? Now let’s return to that “safely assume” bit. Or safely assume, at least – the IPA makes it a criminal offense for companies or their employees to reveal the existence of these back doors to their users.
The law also allows the UK government to demand that international tech companies introduce backdoors into their products, but this provision seems unenforceable to the point of existing in la-la land.
It should be noted that it is not just UK citizens who should be scarred for their privacy. The IPA legalises what GCHQ has been doing for years, including spying on all data that passes through the transatlantic fiber-optic cables that terminate in the UK.
Given that this constitutes a very large percentage of the entire world’s internet traffic, this means the government has given itself carte-blanch to spy on just about everybody. For some unexplained reason, no foreign government has seen fit to complain about this.
A further factor to consider is that (other) repressive regimes will use the snooper’s charter to justify ramping up their own intrusive surveillance measures, while at the same time the UK’s moral authority to criticise them for such will be severely diminished.
The UK government is now in possession of a tool of oppression unrivalled anywhere else in the world.
Sourced from Douglas Crawford, cyber security expert, BestVPN.com