An alleged leak of a draft technical paper prepared by the U.K. government contains proposals that endorse the "live" surveillance of British web users' online communications, it emerged this week.
Civil liberties organization the Open Rights Group received the document on May 4 and decided to publish the draft, which states that telecommunications companies and internet service providers would need to provide "data in near real time" within one working day.
The paper, first reported by The Register, also states that technology companies would be required to remove encryption from private communications and provide the raw data "in an intelligible form" without "electronic protection".
If made law, the capabilities would come under the controversial Investigatory Powers (IP) Act, dubbed the "Snooper's Charter" by critics. According to the act, the access would have to be sanctioned by secretaries of state and a judge appointed by the prime minister. Telecoms firms would be forced to carry out the requirements in secret, leaving the public unaware that access had been given.
The Home Office has denied there is anything new in the consultation paper, which has reportedly been sent to affected bodies without being publicly announced by the government. However, the document reveals that bulk surveillance would occur simultaneously alongside individual access requests, but would be limited to one in every 10,000 users of a given service – or 6,500 people in the country at any one time.
The leak of the paper has re-opened the debate surrounding law enforcement agencies' demands for "back doors" in security protocols that would provide access to encrypted data, similar to the request that caused a standoff between the FBI and Apple last year.
"It seems very clear that the Home Office intends to use these [powers] to remove end-to-end encryption – or more accurately to require tech companies to remove it," said Dr Cian Murphy, a legal expert at the University of Bristol who spoke to the BBC. "I do read the regulations as the Home Office wanting to be able to have near real-time access to web chat and other forms of communication."
Home Secretary Amber Rudd recently argued that the Investigatory Powers Act offers a set of laws necessary to curb "new opportunities for terrorists" afforded by the internet. However, critics counter that the idea of creating back doors in encrypted communications would render the encryption worthless, since such access would inevitably end up in the hands of bad actors, while appearing as a green light for oppressive regimes to crack down on dissenters by compromising encrypted communications.
The U.K.'s Internet Service Providers' Association (Ispa), which represents BT, Sky, Virgin Media, TalkTalk and others, said it would be consulting its members and submitting a response to the draft regulations by May 19.
Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.
Top Rated Comments
This has nothing to do with efficient anti-terrorism measures.
'So just break encryption that takes thousands of years to break within one day yeah, because we're asking you to OK?'
It's scary they're even asking, but it won't really go anywhere because it can't.
Anyone who requires/desires unbreakable encryption enough will still be able to get it, so what is the point of breaking it for everyone else? All it would do would be to weaken encryption for the average innocent person.
Again, if you outlaw encryption, the only ones with encryption will be the outlaws. You can't un-invent the encryption we have, and they shouldn't want to. Idiocy.
It's not about being comfortable with bad guys having the same tech that currently protects us all. It's about leaving the bad guys as the only ones to still have the protection.
A judge cannot command maths to be discarded anymore than Canute could command the tide to turn. Bad guys who are happy to break the law doing whatever will surely not care they are breaking the law to keep using outlawed encryption products, but all law-abiding citizens will be under greater threat of ID theft, fraud and various other nasty things that encryption protects us from.
Not at the expense of mine and everyone else's right to privacy it doesn't. Who are they trying to kid here. Lone ranger attacks will happen regardless of mass surveillance of the population.
Terrorists etc can drive in cars, let's ban cars...? Terrorists etc also breath air, let's ban air so that they can't breathe...? Where does it end?
The problem you seem to miss, along with many politicians, is you can't filter the innocent people and bad guys when it comes to strong, secure encryption. We either all have it, or no-one does. And on balance, it's better that we have it than we don't, because luckily the innocent many outnumber the small number of bad guys.
I want laws in place to catch the bad guys you mention, but not laws that turn the world into an ineffective fascist police state where those bad guys would still get away with stuff anyway but the innocent are unprotected from not only those bad guys but other bad guys we currently have some measure of protection against!!
To put it another way, yes I'd rather have encryption that can stop a lot of fraud, ID theft, domestic violence, bullying, intimidation, economic damage, wars(!), corruption... even if that means it's harder to track down the portion of terrorists and pedophiles who also use encryption.
Because the alternative is you try to catch more terrorists and pedophiles by compromising encryption, but they would surely just use other methods of communication (offline/alternate encryption that isn't back-doored), and meanwhile you've opened up everyone who uses the internet to greater risk of fraud, ID theft, domestic violence, bullying, intimidation, economic damage, wars and corruption. So why do that?
Any sane, humane person wants to stop terrorists and pedophiles from committing their horrible acts. But it's far from clear that having backdoors in encryption (whether just communications or more widely) would achieve that. I'd say it would potentially actually do the opposite, and make it less likely we catch such people. All the while making many other crimes more likely.
And it's not about not trusting the government in an ethical sense - more that even if you trust them to be doing it with good intentions, if they have access to backdoors etc, then sooner or later that access would leak to... guess who? Your proverbial terrorists and pedophiles, along with everyone else who could misuse such access.