Investigatory Powers bill’s security backdoors ‘won’t make iPhone illegal’

Encryption backdoors survive proposed House of Lords amendments

Accessing people's data via security backdoors will form a key part of the Investigatory Powers Bill, despite arguments it could make the new iPhone illegal, it emerged in Parliament this week.

The government's deputy leader in the House of Lords, Earl Howe, was adamant the bill must require telecoms companies to break or remove their own encryption to give government agencies access to people's personal data.

Debating the bill, he said: "If we do not provide for access to encrypted communications when it is necessary and proportionate to do so, we must simply accept that there can be areas online beyond the reach of the law, where criminals can go about their business unimpeded and without the risk of detection."

Howe added: "Enforcement and the intelligence agencies must retain the ability to require telecommunications operators to remove encryption in limited circumstancessubject to strong controls and safeguardsto address the increasing technical sophistication of those who would seek to do us harm."

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

He was defending the backdoor element of the bill from proposed amendments 92, 102 and 103, which would have removed this section of the legislation.

"They are an [sic] irresponsible proposals, which would remove the government's ability to give a technical capability notice to telecommunications operators requiring them to remove encryption from the communications of criminals, terrorists and foreign spies," Howe said.

However, one proponent of the amendments, the Liberal Democrats' Lord Paul Strasburger, suggested the Investigatory Powers' backdoors are incompatible with IT companies' use of end-to-end encryption.

"The implication of what he is saying is that no one may develop end-to-end encryption," he said. 

"He seems to be implying that providers can use only encryption which can be broken and therefore cannot be end to end, so the next version of the Apple iPhone would, in theory, become illegal."

Howe denied this, instead insisting that "there will be circumstances where it is reasonably practicable for a company to build in a facility to de-encrypt the contents of communication".

Advertisement - Article continues below

None of the above amendments were made to the bill. Its passage through Parliament continues with debate in the House of Lords, after the House of Commons voted it through with 444 MPs in favour.

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now
Advertisement

Recommended

Visit/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/policy-legislation/data-governance/354496/brexit-security-talks-under-threat-after-uk-accused-of
data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
Visit/security/cyber-security/354468/if-not-passwords-then-what
cyber security

If not passwords then what?

8 Jan 2020
Visit/policy-legislation/31772/gdpr-and-brexit-how-will-one-affect-the-other
Policy & legislation

GDPR and Brexit: How will one affect the other?

9 Jan 2020
Visit/web-browser/30394/what-is-http-error-503-and-how-do-you-fix-it
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020