Sweeping UK spy bill dubbed ‘snoopers’ charter’ becomes law
In Britain, Big Brother just got bigger. After months of wrangling, Parliament has passed a contentious new snooping law that gives authorities - from police and spies to food regulators, fire officials and tax inspectors - powers to look at the internet browsing records of everyone in the country. The law requires telecoms companies to keep records of all users’ web activity for a year, creating databases of personal information that the firms worry could be vulnerable to leaks and hackers. Civil liberties groups say the law establishes mass surveillance of British citizens, following innocent internet users from the office to the living room and the bedroom.
Tim Berners-Lee, the computer scientist credited with inventing World Wide Web, tweeted news of the law’s passage with the words: “Dark, dark days.” The Investigatory Powers Bill - dubbed the “snoopers’ charter” by critics - was passed by Parliament this month after more than a year of debate and amendments. It will become law when it receives the formality of royal assent next week. But big questions remain about how it will work, and the government acknowledges it could be 12 months before internet firms have to start storing the records.
“It won’t happen in a big bang next week,” Home Office official Chris Mills told a meeting of internet service providers on Thursday. “It will be a phased program of the introduction of the measures over a year or so.” The government says the new law “ensures powers are fit for the digital age,” replacing a patchwork of rules. In a move taken by few other nations, it requires telecommunications companies to store for a year the web histories known as internet connection records - a list of websites each person has visited and the apps and messaging services they used, though not the individual pages they looked at or the messages they sent.
The government has called that information the modern equivalent of an itemized phone bill. But critics say it’s more like a personal diary. Julian Huppert, a former Liberal Democrat lawmaker who opposed the bill, said it “creates a very intrusive database.” “People may have been to the Depression Alliance website, or a marriage guidance website, or an abortion provider’s website, or all sorts of things which are very personal and private,” he said.
Officials won’t need a warrant to access the data, and the list of bodies that can see it includes not just the police and intelligence services, but government departments, revenue and customs officials and even the Food Standards Agency. “My worry is partly about their access,” Huppert said. “But it’s much more deeply about the prospects for either hacking or people selling information on.” James Blessing, chairman of the Internet Services Providers Association, said the industry has “significant questions” on how the law will work - including “how to keep the vast new data sets secure.” He warned that if the law is not implemented in a “proportionate, considered way, there is a real danger the UK could lose its status as a world-leading digital economy.” Some aspects of the new law remain clouded by secrecy. Not all internet companies will have to comply - only those that are asked to by the government. The government won’t say who is on that list, and the firms involved are forbidden from telling their customers.
Service providers are also concerned by the law’s provision that firms can be asked to remove encryption to let spies access communications. Internet companies say that could weaken the security of online shopping, banking and a host of other activities that rely on encryption. The new law also makes official - and legal - British spies’ ability to hack into devices and harvest vast amounts of bulk online data, much of it from outside the UK In doing so, it both acknowledges and sets limits on the secretive masssnooping schemes exposed by former US National Security Agency contractor Edward Snowden. — AP