Exact details of the legislation to be submitted are not yet available, but the general contents may be surmised based on the draft that circulated in 2012. In addition to requiring Communication Service Providers to archive customer metadata for 12 months, the bill would also allow the government to use 'black boxes' to intercept any traffic not made available by CSPs. This technology, according to the Office of Security and Counter-Terrorism, is already 'used as a matter of course.'
The bill would also establish arrangements for law enforcement and security teams to examine and correlate data from different sources. For example, it would be possible to collect a suspect’s mobile phone data, landline phone data, Facebook data, and other types of communications so security teams could gain a more complete picture of the suspect’s activities and connections.
Why is this bill needed? According to Home Secretary May, between 25% and 40% of the time police made requests for communications data, their work ends up saving lives.
'The aim of this is to ensure our law enforcement agencies can carry on having access to the data they find so necessary operationally in terms of investigation, catching criminals and saving lives,' she told a special committee of MPs and peers in 2012.
This bill is one of several new security laws passed in Europe intending to give governments and their intelligence and security agencies greater access to data that can help them uncover and stop terrorist plots.
In the U.S., the legislative trend is heading the other way. The NSA is broadly seen as having overreached its charter in its mass collection of telephone metadata. Consequently, a bill reauthorising the NSA’s data collection failed to win support in Congress.
A weaker provision passed instead; the USA Patriot Act has now given way to the USA Freedom Act. But this new act is far from toothless. In fact, it calls for telecommunications companies to store records and make them accessible to government agencies in a manner similar to that prescribed for CSPs in the Snooper’s Charter.
Which suggests, perhaps, that the Snooper’s Charter is the path of moderation.
Security is always a compromise. For public safety, it’s a compromise between privacy and security, whereas in the enterprise it's between security and productivity.
Our nation faces an unprecedented challenge from an asymmetric enemy that is technically savvy and highly distributed. A balancing act between liberty and privacy is always going to be very hard to achieve for any government.
Any future terrorist strike will result in the usual outcry for why better intelligence did not get gathered, understood, or acted on, but until then, those arguing for less scrutiny and greater liberty will shout loudest.
So let the balancing act continue. Perhaps as important as the particulars of the legislation itself, is the democratic process that brings any sort of charter into effect and that monitors its results. Should abuses occur, they must be noted and corrected.
Should operational lapses occur, vigilance must be increased. Should new technologies become available, they should be considered and applied with prudence and insight.