Investigatory Powers
How times change. Previously I might have been found impatiently refreshing web pages for the launch of festival or gig tickets, but recently I was hitting the reload button waiting for the release of a government draft policy paper. I was eager to read the Draft Investigatory Powers Bill (which can be found at http://bit.ly/DraftIPBill). This was published with quite a lot of publicity (and, it has to be said, an unusual amount of pre-briefing to the press). The early twenties version of me would be horrified! This is a large document as it turns out. Its 299 pages in total, accompanied by another 26 separate documents, which are impossible to summarise in the 300 words allowed for the column!
There’s a lot of ongoing analysis available on the internet, as you might expect, and the bill is expected to become law at the end of next year after passing through its various phases (committees and such like). There is an opportunity for us all to have our say on this legislation as it passes through Parliament, which I personally think is worth doing, regardless of what your political persuasion might be.
My particular interest was initially the burden any such investigatory law might place on service providers and to see what, if any, of the pre-bill discussion about encryption might have made it into the published document. However, the sections on ‘bulk equipment interference’ (which is basically legalised hacking) and the numerous gagging orders contained in the bill are very interesting. As sysadmins, we are tasked with ensuring systems are secure and are immune to attack. There is much in this legislation that might conceivably affect us in the future (eg situations may arise where speaking to anyone about them will land you in prison). It’s worth being aware of this bill’s progress so I urge you to read about it. jolyon.brown@gmail.com.