Snooper’s Charter fails to protect privacy, warn MPs

Intelligence and Security Committee criticises Investigatory Powers Bill

The Investigatory Powers Bill would fail to protect UK citizens from mass surveillance, according to a Parliamentary committee's damning report on the government's proposed new law.

The Intelligence and Security Committee (ISC) today demanded "substantive amendments" to the bill, also known as the Snooper's Charter.

If passed in its current guise, the bill would see internet service providers forced to store people's internet connection records (ICRs) for 12 months, while security products would have compulsory backdoors built in for government spies to access data.

MPs and peers on the committee claimed that those behind the legislation appeared not to know what the bill is meant to achieve.

"Overall, the privacy protections are inconsistent and in our view need strengthening," said the report, adding that the bill itself was a "significant missed opportunity" and took a "piecemeal" approach to protecting privacy.

The committee said that privacy should be "an integral part of the legislation rather than an add-on".

It added that checks and balances must be set up to oversee security services' powers to collect bulk data from internet users. 

The report also focused on rules that force companies to build backdoors into encrypted services, saying the bill was unclear on how warrants to access the backdoors might work, and that the committee was "not convinced as to the requirement for them".

Dominic Grieve, the Conservative chairman of the ISC, said: "Taken as a whole, the draft bill fails to deliver the clarity that is so badly needed in this area."

"The issues under consideration are undoubtedly complex, however, it has been evident that even those working on the legislation have not always been clear as to what the provisions are intended to achieve."

He added: "The draft bill appears to have suffered from a lack of sufficient time and preparation."

Antony Walker, deputy CEO of industry trade body techUK, said that the bill lacks clarity on fundamental issues, such as core definitions of key terms, encryption, and equipment interference.

"Our members are unsure exactly what is meant by internet connection records (ICRs), how they will be gathered, stored and accessed. This kind of detail is crucial to understanding the impact of the proposed bill," he said.

Walker said anything that forces companies to create or allow vulnerabilities in their systems is a huge concern and could damage public trust and have a direct impact on global perception of the UK as a home for innovation and investment.

"These concerns are reinforced by the ISC report, which calls for clarity on the effect on end to end encryption, and we urge the Home Office to take its findings on board," he added.

Featured Resources

The ultimate law enforcement agency guide to going mobile

Best practices for implementing a mobile device program

Free download

The business value of Red Hat OpenShift

Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShift

Free download

Managing security and risk across the IT supply chain: A practical approach

Best practices for IT supply chain security

Free download

Digital remote monitoring and dispatch services’ impact on edge computing and data centres

Seven trends redefining remote monitoring and field service dispatch service requirements

Free download

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans
Laptops

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

11 Oct 2021
HPE wins networking contract with Birmingham 2022 Commonwealth Games
Network & Internet

HPE wins networking contract with Birmingham 2022 Commonwealth Games

15 Oct 2021