An alleged leak of a draft technical paper prepared by the U.K. government contains proposals that endorse the "live" surveillance of British web users' online communications, it emerged this week.
Civil liberties organization the Open Rights Group received the document on May 4 and decided to publish the draft, which states that telecommunications companies and internet service providers would need to provide "data in near real time" within one working day.
The paper, first reported by The Register, also states that technology companies would be required to remove encryption from private communications and provide the raw data "in an intelligible form" without "electronic protection".
If made law, the capabilities would come under the controversial Investigatory Powers (IP) Act, dubbed the "Snooper's Charter" by critics. According to the act, the access would have to be sanctioned by secretaries of state and a judge appointed by the prime minister. Telecoms firms would be forced to carry out the requirements in secret, leaving the public unaware that access had been given.
The Home Office has denied there is anything new in the consultation paper, which has reportedly been sent to affected bodies without being publicly announced by the government. However, the document reveals that bulk surveillance would occur simultaneously alongside individual access requests, but would be limited to one in every 10,000 users of a given service – or 6,500 people in the country at any one time.
The leak of the paper has re-opened the debate surrounding law enforcement agencies' demands for "back doors" in security protocols that would provide access to encrypted data, similar to the request that caused a standoff between the FBI and Apple last year.
"It seems very clear that the Home Office intends to use these [powers] to remove end-to-end encryption – or more accurately to require tech companies to remove it," said Dr Cian Murphy, a legal expert at the University of Bristol who spoke to the BBC. "I do read the regulations as the Home Office wanting to be able to have near real-time access to web chat and other forms of communication."
Home Secretary Amber Rudd recently argued that the Investigatory Powers Act offers a set of laws necessary to curb "new opportunities for terrorists" afforded by the internet. However, critics counter that the idea of creating back doors in encrypted communications would render the encryption worthless, since such access would inevitably end up in the hands of bad actors, while appearing as a green light for oppressive regimes to crack down on dissenters by compromising encrypted communications.
The U.K.'s Internet Service Providers' Association (Ispa), which represents BT, Sky, Virgin Media, TalkTalk and others, said it would be consulting its members and submitting a response to the draft regulations by May 19.
Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.
Top Stories
Seemingly Unreleased Version of Logic Pro X With Live Loops Appears on Apple's Education Site [Updated]
Zoom Updates iOS App to Stop Sending Data to Facebook
Apple Suppliers Worried About iPhone Demand, Production Ramp-Up for New iPhones Reportedly Postponed
2020 iPad Pro Teardown Provides Closer Look at LiDAR Scanner and Confirms Incremental Update
Apple Watch Series 6 Could Feature Touch ID Fingerprint Sensor, Pulse Oximetry and Sleep Tracking Support
Bloomberg: Apple's 5G iPhone Still on Schedule for Fall Launch, But Future Products Could Be Delayed
Kuo: Apple to Launch Several Macs With Arm-Based Processors in 2021, USB4 Support Coming to Macs in 2022
Top Stories: Hands-On With 2020 iPad Pro and MacBook Air, iOS and iPadOS 13.4 Released, iPhone 12 Delay?
Deals: Huge Refurbished iPhone Sale Discounts iPhone 7, 8, X, XR, and XS (From $120)
Top Rated Comments
(View all)How on earth did with get through the Cold War era without violating the privacy of every citizen from "red" countries. But today a few bad actors out of 1 billion Muslims demand privacy violations of EVERYBODY?!??
That's the official spin, in reality they have been wanting these powers for many many years, but now they have a few moments of fear again to feast upon and abuse to get this bullcrap through.This has nothing to do with efficient anti-terrorism measures.
Glassed Silver:ios
The paper, first reported by The Register ('https://www.theregister.co.uk/2017/05/04/uk_bulk_surveillance_powers_draft/'), also states that technology companies would be required to remove encryption from private communications and provide the raw data "in an intelligible form" without "electronic protection".
Why don't they require a gallon of rainbow unicorn milk to be served in a thimble on the eighth day of every week while they're at it?
'So just break encryption that takes thousands of years to break within one day yeah, because we're asking you to OK?'
:rolleyes:
It's scary they're even asking, but it won't really go anywhere because it can't.
Anyone who requires/desires unbreakable encryption enough will still be able to get it, so what is the point of breaking it for everyone else? All it would do would be to weaken encryption for the average innocent person.
Again, if you outlaw encryption, the only ones with encryption will be the outlaws. You can't un-invent the encryption we have, and they shouldn't want to. Idiocy.
Access must be granted by a judge and others before a request is made for the data. And that's how it is now. They'll just get more of it faster unencrypted and they'll be able to act faster on terrorists and peodophiles etc. If you want total security and anonymity without these acts to gain access to the data, then you MUST accept that this will also be given to terrorists and peodophiles etc etc in the same way. Something that some on here seem more then comfortable with :eek:
It's not about being comfortable with bad guys having the same tech that currently protects us all. It's about leaving the bad guys as the only ones to still have the protection.
A judge cannot command maths to be discarded anymore than Canute could command the tide to turn. Bad guys who are happy to break the law doing whatever will surely not care they are breaking the law to keep using outlawed encryption products, but all law-abiding citizens will be under greater threat of ID theft, fraud and various other nasty things that encryption protects us from.
Not at the expense of mine and everyone else's right to privacy it doesn't. Who are they trying to kid here. Lone ranger attacks will happen regardless of mass surveillance of the population.
Just for clarification, the use of secure encryption is *not* being outlawed. There is nothing wrong with people in the UK using encryption products without government-mandated backdoors. You just can't rely on any products and services from UK-based companies anymore.
Otherwise I agree with you.
I think I see the technical distinction you are making, but I think they effectively are wanting to do just that (outlaw secure encryption), at least in terms of anything that involves communications in the UK.
All I see is the usual 'American' scaremongering because you'd sooner trust a serial killer then your own government...
Their is a HUGE difference in attitudes towards this with the UK and the US, and you ARE essentially going to be comfortable with peodophiles rings and terrorists using the same services you are, it's a fact, but you don't want laws in place to catch them and you'd rather those types of people had the same protection as you do...
I mean you lot go nuclear mental at the mere thought of a Police officer having the right to force you to use your finger and unlock your phone... ignoring the fact they would have to have probable cause to make you do that in the first place....
Terrorists etc can drive in cars, let's ban cars...? Terrorists etc also breath air, let's ban air so that they can't breathe...? Where does it end?
The problem you seem to miss, along with many politicians, is you can't filter the innocent people and bad guys when it comes to strong, secure encryption. We either all have it, or no-one does. And on balance, it's better that we have it than we don't, because luckily the innocent many outnumber the small number of bad guys.
I want laws in place to catch the bad guys you mention, but not laws that turn the world into an ineffective fascist police state where those bad guys would still get away with stuff anyway but the innocent are unprotected from not only those bad guys but other bad guys we currently have some measure of protection against!!
To put it another way, yes I'd rather have encryption that can stop a lot of fraud, ID theft, domestic violence, bullying, intimidation, economic damage, wars(!), corruption... even if that means it's harder to track down the portion of terrorists and pedophiles who also use encryption.
Because the alternative is you try to catch more terrorists and pedophiles by compromising encryption, but they would surely just use other methods of communication (offline/alternate encryption that isn't back-doored), and meanwhile you've opened up everyone who uses the internet to greater risk of fraud, ID theft, domestic violence, bullying, intimidation, economic damage, wars and corruption. So why do that?
Any sane, humane person wants to stop terrorists and pedophiles from committing their horrible acts. But it's far from clear that having backdoors in encryption (whether just communications or more widely) would achieve that. I'd say it would potentially actually do the opposite, and make it less likely we catch such people. All the while making many other crimes more likely.
And it's not about not trusting the government in an ethical sense - more that even if you trust them to be doing it with good intentions, if they have access to backdoors etc, then sooner or later that access would leak to... guess who? Your proverbial terrorists and pedophiles, along with everyone else who could misuse such access.