UK government's draft spying powers get leaked online

Open Rights Group lifts curtain on Home Office's secretive consultation

The UK government has drawn up details of its surveillance powers and put them out for a secretive consultation without letting the public know.

The government wants to give itself the ability to monitor British people's communications and force UK firms to include encryption backdoors in their products. Under the proposed Investigatory Powers (Technical Capability) Regulations 2017, telecoms providers must allow the government to simultaneously spy on one in 10,000 of their customers at any time.

Advertisement - Article continues below

Telcos would also have to provide any information the government requests within one working day, and must notify Home Secretary Amber Rudd if there will be any changes to their service, including the development of new services - these will have to be built with the obligations and requirements of the technical capability notice in mind.

Furthermore, telecoms providers must provide backdoors to encrypted data sitting in their services so that the government can access any communications. Telecoms providers must "remove electronic protection applied by or on behalf of the telecommunications operator to the communications or data".

The notice also extends to the postal service, where the government will have the power to "open, copy and reseal any postal item" in order to inspect its contents.

Advertisement
Advertisement - Article continues below

The Open Rights Group leaked the draft yesterday on its website and highlighted that the short four-week consultation had not been publicised to the tech industry or to the public. Under Section 253 (6) of the Investigatory Powers Act, the Secretary of State is under no obligation to consult the public, but instead must consult a small selection of organisations likely to be affected by the proposals.

Advertisement - Article continues below

Concluding on 19 May, responses to the consultation can be sent to investigatorypowers@homeoffice.gsi.gov.uk.

These measures have passed through a Technical Advisory Board composed of six industry representatives from O2, BT, BSkyB, Cable and Wireless, Vodafone and Virgin Media, alongside six representatives from UK spy agencies and a neutral chair.

Open Rights Group's executive director, Jim Killock, said: "These powers could be directed at companies like WhatsApp to limit their encryption. The regulations would make the demands that Amber Rudd made to attack end-to-end encryption a reality. But if the powers are exercised, this will be done in secret.

"The public has a right to know about government powers that could put their privacy and security at risk. There needs to be transparency about how such measures are judged to be reasonable, the risks that are imposed on users and companies, and how companies can challenge government demands that are unreasonable. Selective, secret consultations have no place in open government."

Advertisement - Article continues below

The Investigatory Powers Act passed through Parliament last November despite facing strong opposition, and received Royal Assent soon after to become an act. However, large parts of it were struck down by the European Court of Justice in February over its bulk data collection plans. It was thought then that the government would seek new ways to reinstate bulk data collection.

IT Pro has approached the Home Office for comment.

Featured Resources

Preparing for long-term remote working after COVID-19

Learn how to safely and securely enable your remote workforce

Download now

Cloud vs on-premise storage: What’s right for you?

Key considerations driving document storage decisions for businesses

Download now

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Transforming productivity

Solutions that facilitate work at full speed

Download now
Advertisement

Recommended

Visit/policy-legislation/33407/what-is-the-investigatory-powers-act-2016
Policy & legislation

What is the Investigatory Powers Act 2016?

6 Jul 2020
Visit/security/ransomware/356292/university-of-california-gets-fleeced-by-hackers-for-114-million
ransomware

University of California gets fleeced by hackers for $1.14 million

30 Jun 2020
Visit/security/cyber-security/356289/australia-announces-135b-investment-in-cybersecurity
cyber security

Australia announces $1.35 billion investment in cyber security

30 Jun 2020
Visit/cloud/cloud-security/356288/csa-and-issa-form-cybersecurity-partnership
cloud security

CSA and ISSA form cyber security partnership

30 Jun 2020

Most Popular

Visit/mobile/google-android/356373/over-2-dozen-additional-android-apps-found-stealing-user-data
Google Android

Over two dozen Android apps found stealing user data

7 Jul 2020
Visit/laptops/29190/how-to-find-ram-speed-size-and-type
Laptops

How to find RAM speed, size and type

24 Jun 2020
Visit/cloud/356260/the-road-to-recovery
Sponsored

The road to recovery

30 Jun 2020