'Real Time' Surveillance and Breakable Encryption Proposed in U.K. Government Technical Paper

An alleged leak of a draft technical paper prepared by the U.K. government contains proposals that endorse the "live" surveillance of British web users' online communications, it emerged this week.

Civil liberties organization the Open Rights Group received the document on May 4 and decided to publish the draft, which states that telecommunications companies and internet service providers would need to provide "data in near real time" within one working day.

The paper, first reported by The Register, also states that technology companies would be required to remove encryption from private communications and provide the raw data "in an intelligible form" without "electronic protection".

If made law, the capabilities would come under the controversial Investigatory Powers (IP) Act, dubbed the "Snooper's Charter" by critics. According to the act, the access would have to be sanctioned by secretaries of state and a judge appointed by the prime minister. Telecoms firms would be forced to carry out the requirements in secret, leaving the public unaware that access had been given.

The Home Office has denied there is anything new in the consultation paper, which has reportedly been sent to affected bodies without being publicly announced by the government. However, the document reveals that bulk surveillance would occur simultaneously alongside individual access requests, but would be limited to one in every 10,000 users of a given service – or 6,500 people in the country at any one time.

The leak of the paper has re-opened the debate surrounding law enforcement agencies' demands for "back doors" in security protocols that would provide access to encrypted data, similar to the request that caused a standoff between the FBI and Apple last year.

"It seems very clear that the Home Office intends to use these [powers] to remove end-to-end encryption – or more accurately to require tech companies to remove it," said Dr Cian Murphy, a legal expert at the University of Bristol who spoke to the BBC. "I do read the regulations as the Home Office wanting to be able to have near real-time access to web chat and other forms of communication."

Home Secretary Amber Rudd recently argued that the Investigatory Powers Act offers a set of laws necessary to curb "new opportunities for terrorists" afforded by the internet. However, critics counter that the idea of creating back doors in encrypted communications would render the encryption worthless, since such access would inevitably end up in the hands of bad actors, while appearing as a green light for oppressive regimes to crack down on dissenters by compromising encrypted communications.

The U.K.'s Internet Service Providers' Association (Ispa), which represents BT, Sky, Virgin Media, TalkTalk and others, said it would be consulting its members and submitting a response to the draft regulations by May 19.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Tags: privacy, IPB

Top Rated Comments

(View all)

ginkobiloba

21 months ago

Pretty ironic coming from the country that gave the world George Orwell and his classic "1984"

Rating: 34 Votes

Glassed Silver

21 months ago

How on earth did with get through the Cold War era without violating the privacy of every citizen from "red" countries. But today a few bad actors out of 1 billion Muslims demand privacy violations of EVERYBODY?!??

That's the official spin, in reality they have been wanting these powers for many many years, but now they have a few moments of fear again to feast upon and abuse to get this bullcrap through.

This has nothing to do with efficient anti-terrorism measures.

Glassed Silver:ios

Rating: 29 Votes

Porco

21 months ago

The paper, first reported by The Register ('https://www.theregister.co.uk/2017/05/04/uk_bulk_surveillance_powers_draft/'), also states that technology companies would be required to remove encryption from private communications and provide the raw data "in an intelligible form" without "electronic protection".

Why don't they require a gallon of rainbow unicorn milk to be served in a thimble on the eighth day of every week while they're at it?

'So just break encryption that takes thousands of years to break within one day yeah, because we're asking you to OK?'
:rolleyes:

It's scary they're even asking, but it won't really go anywhere because it can't.

Anyone who requires/desires unbreakable encryption enough will still be able to get it, so what is the point of breaking it for everyone else? All it would do would be to weaken encryption for the average innocent person.

Again, if you outlaw encryption, the only ones with encryption will be the outlaws. You can't un-invent the encryption we have, and they shouldn't want to. Idiocy.

Access must be granted by a judge and others before a request is made for the data. And that's how it is now. They'll just get more of it faster unencrypted and they'll be able to act faster on terrorists and peodophiles etc. If you want total security and anonymity without these acts to gain access to the data, then you MUST accept that this will also be given to terrorists and peodophiles etc etc in the same way. Something that some on here seem more then comfortable with :eek:

It's not about being comfortable with bad guys having the same tech that currently protects us all. It's about leaving the bad guys as the only ones to still have the protection.

A judge cannot command maths to be discarded anymore than Canute could command the tide to turn. Bad guys who are happy to break the law doing whatever will surely not care they are breaking the law to keep using outlawed encryption products, but all law-abiding citizens will be under greater threat of ID theft, fraud and various other nasty things that encryption protects us from.

Rating: 24 Votes

centauratlas

21 months ago

How about let's apply this to the politicians for a few years first. Hillary in the US and Macron in France didn't seem to like it.

Rating: 24 Votes

jimthing

21 months ago

This is why when a 'lone operator' apparent attack happens in the UK (like the Whitehall one a month ago), I completely shut off when the news starts reporting politicians saying 'this is an example of why our security services need better access to communications from the bad people'.

Not at the expense of mine and everyone else's right to privacy it doesn't. Who are they trying to kid here. Lone ranger attacks will happen regardless of mass surveillance of the population.

Rating: 23 Votes

Porco

21 months ago

Just for clarification, the use of secure encryption is *not* being outlawed. There is nothing wrong with people in the UK using encryption products without government-mandated backdoors. You just can't rely on any products and services from UK-based companies anymore.

Otherwise I agree with you.

I think I see the technical distinction you are making, but I think they effectively are wanting to do just that (outlaw secure encryption), at least in terms of anything that involves communications in the UK.

Terrorists etc can drive in cars, let's ban cars...? Terrorists etc also breath air, let's ban air so that they can't breathe...? Where does it end?

The problem you seem to miss, along with many politicians, is you can't filter the innocent people and bad guys when it comes to strong, secure encryption. We either all have it, or no-one does. And on balance, it's better that we have it than we don't, because luckily the innocent many outnumber the small number of bad guys.

I want laws in place to catch the bad guys you mention, but not laws that turn the world into an ineffective fascist police state where those bad guys would still get away with stuff anyway but the innocent are unprotected from not only those bad guys but other bad guys we currently have some measure of protection against!!

To put it another way, yes I'd rather have encryption that can stop a lot of fraud, ID theft, domestic violence, bullying, intimidation, economic damage, wars(!), corruption... even if that means it's harder to track down the portion of terrorists and pedophiles who also use encryption.

Because the alternative is you try to catch more terrorists and pedophiles by compromising encryption, but they would surely just use other methods of communication (offline/alternate encryption that isn't back-doored), and meanwhile you've opened up everyone who uses the internet to greater risk of fraud, ID theft, domestic violence, bullying, intimidation, economic damage, wars and corruption. So why do that?

Any sane, humane person wants to stop terrorists and pedophiles from committing their horrible acts. But it's far from clear that having backdoors in encryption (whether just communications or more widely) would achieve that. I'd say it would potentially actually do the opposite, and make it less likely we catch such people. All the while making many other crimes more likely.

And it's not about not trusting the government in an ethical sense - more that even if you trust them to be doing it with good intentions, if they have access to backdoors etc, then sooner or later that access would leak to... guess who? Your proverbial terrorists and pedophiles, along with everyone else who could misuse such access.

Rating: 20 Votes

2010mini

21 months ago

I love how some have brought up Brexit :rolleyes:
Any excuse for remoaners to moan eh?

And I'm all for this, this will not lead to the failure of encryption services, that's BS being fed from companies to protect their public image and keep their customer base and profit margins, they know damn well it'll change nothing.

Access must be granted by a judge and others before a request is made for the data. And that's how it is now. They'll just get more of it faster unencrypted and they'll be able to act faster on terrorists and peodophiles etc. If you want total security and anonymity without these acts to gain access to the data, then you MUST accept that this will also be given to terrorists and peodophiles etc etc in the same way. Something that some on here seem more then comfortable with :eek:

You all happily use freemium apps who collect and sell your data to anyone without telling you or anyone else, and yet when it comes to a law that dictates a judge and MPs have to grant access to your data, after being presented with a case for doing so which will have to prove your breaking the law or are harming people, then you flat out refuse to support it... yeah what super evil governments they are protecting your security...

Pot kettle black IMO.

Oh God you are dense. Did You learned nothing from the US' NSA whistleblower? We too had a supposed judicial system to obtain warrants. Guess what happened??? It turns out when you have judges appointed by politicians who want mass surveillance.... then that judicial oversight then becomes a rubber stamp.

We were collecting more data from our citizens than bad actors in countries where the actual bad actors were. But I'm sure that makes sense to you.

Rating: 19 Votes

steve23094

21 months ago

If you're not guilty of anything, why be so annoyed?

Please post your internet history and all your logins and passwords. I presume you have nothing to hide.

Rating: 19 Votes

2010mini

21 months ago

All I see is the usual 'American' scaremongering because you'd sooner trust a serial killer then your own government...

Their is a HUGE difference in attitudes towards this with the UK and the US, and you ARE essentially going to be comfortable with peodophiles rings and terrorists using the same services you are, it's a fact, but you don't want laws in place to catch them and you'd rather those types of people had the same protection as you do...

I mean you lot go nuclear mental at the mere thought of a Police officer having the right to force you to use your finger and unlock your phone... ignoring the fact they would have to have probable cause to make you do that in the first place....
[doublepost=1494171545][/doublepost]

Oh you mean the guy who stole information on USB stick from inside the NSA building and passed it on.... something that has ABSOLUTELY NOTHING TO DO WITH THIS STORY!

Oh yeah I'm dense... I mean how stupid am I to assume those working at your NSA are veted and believe in America and it's security and the constitution, right?

Those who want safety at the expense of liberty deserve neither. Police have been successful at catching criminals for centuries without the need to violate everyone's privacy. You want to use the excuse that it is ok for government to violate everyone's freedoms to catch the few. Remember one thing: when you give government new powers, they will never give it back. And history has shown those new powers have always been abused.

Rating: 16 Votes

2010mini

21 months ago

Rating: 15 Votes

[ Read All Comments ]