IPB still not fit for purpose, say tech firms

Companies and trade bodies reiterate their concerns on day of Second Reading

Houses of Parliament

The tech industry has once again hit out at the UK's Investigatory Powers Bill (IPB), ahead of its Second Reading in the House of Commons today.

The proposed legislation, also known as the Snooper's Charter, has come in for heavy criticism from tech companies and civil rights campaigners alike, who have claimed its powers are too broad, it is an invasion of privacy and that what it requires is not technically feasible.

While the Bill was revised following extensive investigations by two select committees, which heard from numerous witnesses across these groups, many are still unhappy with the current wording.

John Shaw, VP of product management at Sophos, said that while his company is supportive of the concept of the IPB, he and his colleagues are "disappointed to see that in the revised Investigatory Powers Bill, although the government has made some small improvements, all our fundamental concerns remain".

Advertisement
Advertisement - Article continues below

Shaw listed these concerns as weak definitions, leading to very broad interpretations of the bill; putting data at risk; the tech credentials of the proposed Judicial Commissioners; a continued potential for backdoors into encryption; and putting UK content service providers at a disadvantage, as the law will only apply to them.

"We agree it is critical that the government get this bill right. Rushing it through in its current form will be a mistake. We fear the Bill will be rejected, causing even greater delay to getting a proper regulatory framework in place, or even worse it will be passed into legislation. If it does become law, it will undermine both the security and privacy of UK citizens and impact the competitiveness of UK Internet Service Providers," said Shaw.

ISPA, the trade body representing ISPs in the UK, sounded a similar note of concern.

Chairman, James Blessing, said: "ISPA supports reform of investigatory powers through a new Bill, but we are a long way from having a Bill that is clear and workable.

"Government needs to address concerns around its intentions, definitions and costs to enable industry to make a proper assessment of the Bill and help Parliament scrutinise the complex proposals. Getting this right is essential for the UK digital economy and user trust in services."

ISPA said that, as it stands, the current bill "does not do what the Home Office says it does".

"On numerous occasions, there is a disconnect between what can be found on the face of the Bill and what the Government says the Bill will be used for. Given that the Bill is highly intrusive, the Government must put all of its intentions for how it plans to use the powers on to the face of the Bill," the organisation said.

"Reliance on speeches and non-legislative documents, such as codes of practice, to make clear what the Bill explicitly intends is unsatisfactory," it added.

ISPA also said significant questions remain over costs, definition of key terms and concepts, including Internet Connection Records and even data, how ISPs can recover costs from the government -- if, indeed, they can at all.

Parliament should be given sufficient time to scrutinise the Bill, ISPA said, as it is, in the words of the Prime Minister, "one of the most important bills [the House of Commons] will discuss".

Advertisement
Advertisement - Article continues below

Erka Koivunen, security advisor at F-Secure, took an even stronger tone, saying: "Let us be clear on the British Government's intentions and the consequences of those actions. 'Equipment interference' is hacking. There is a reason there is a very large security industry dedicated to protecting businesses and their digital assets -- because hacking damages businesses."

"No company wants their own government or government of a friendly partner to break into their systems or undermine the security of their services. We would encourage the Government to pause and consider the implications of its intentions before it irreparably damages British businesses," Koivunen concluded.

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks.

Download now
Advertisement

Recommended

Visit/government-it-strategy/28305/ir35-news
Policy & legislation

Businesses urged to continue IR35 preparations despite Conservative review pledge

3 Dec 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019
Visit/backup/33385/arcserve-udp-9240dr-review-beef-up-your-backups
backup

Arcserve UDP 9240DR review: Beef up your backups

4 Apr 2019

Most Popular

Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/cloud/amazon-web-services-aws/354223/what-to-expect-from-aws-reinvent-2019
Amazon Web Services (AWS)

What to expect from AWS Re:Invent 2019

29 Nov 2019
Visit/business/business-strategy/354252/huawei-takes-the-us-trade-sanctions-into-its-own-hands
Business strategy

Huawei takes the US trade sanctions into its own hands

3 Dec 2019
Visit/hardware/354237/five-signs-that-its-time-to-retire-it-kit
Sponsored

Five signs that it’s time to retire IT kit

29 Nov 2019