UK government's draft spying powers get leaked online

Open Rights Group lifts curtain on Home Office's secretive consultation

The UK government has drawn up details of its surveillance powers and put them out for a secretive consultation without letting the public know.

The government wants to give itself the ability to monitor British people's communications and force UK firms to include encryption backdoors in their products. Under the proposed Investigatory Powers (Technical Capability) Regulations 2017, telecoms providers must allow the government to simultaneously spy on one in 10,000 of their customers at any time.

Advertisement - Article continues below

Telcos would also have to provide any information the government requests within one working day, and must notify Home Secretary Amber Rudd if there will be any changes to their service, including the development of new services - these will have to be built with the obligations and requirements of the technical capability notice in mind.

Furthermore, telecoms providers must provide backdoors to encrypted data sitting in their services so that the government can access any communications. Telecoms providers must "remove electronic protection applied by or on behalf of the telecommunications operator to the communications or data".

The notice also extends to the postal service, where the government will have the power to "open, copy and reseal any postal item" in order to inspect its contents.

Advertisement
Advertisement - Article continues below

The Open Rights Group leaked the draft yesterday on its website and highlighted that the short four-week consultation had not been publicised to the tech industry or to the public. Under Section 253 (6) of the Investigatory Powers Act, the Secretary of State is under no obligation to consult the public, but instead must consult a small selection of organisations likely to be affected by the proposals.

Advertisement - Article continues below

Concluding on 19 May, responses to the consultation can be sent to investigatorypowers@homeoffice.gsi.gov.uk.

These measures have passed through a Technical Advisory Board composed of six industry representatives from O2, BT, BSkyB, Cable and Wireless, Vodafone and Virgin Media, alongside six representatives from UK spy agencies and a neutral chair.

Open Rights Group's executive director, Jim Killock, said: "These powers could be directed at companies like WhatsApp to limit their encryption. The regulations would make the demands that Amber Rudd made to attack end-to-end encryption a reality. But if the powers are exercised, this will be done in secret.

"The public has a right to know about government powers that could put their privacy and security at risk. There needs to be transparency about how such measures are judged to be reasonable, the risks that are imposed on users and companies, and how companies can challenge government demands that are unreasonable. Selective, secret consultations have no place in open government."

Advertisement - Article continues below

The Investigatory Powers Act passed through Parliament last November despite facing strong opposition, and received Royal Assent soon after to become an act. However, large parts of it were struck down by the European Court of Justice in February over its bulk data collection plans. It was thought then that the government would seek new ways to reinstate bulk data collection.

IT Pro has approached the Home Office for comment.

Advertisement

Recommended

Visit/policy-legislation/33407/what-is-the-investigatory-powers-act-2016
Policy & legislation

What is the Investigatory Powers Act 2016?

8 Aug 2019
Visit/software/video-conferencing/355229/zoom-we-moved-too-fast
video conferencing

Zoom CEO admits company "moved too fast" as privacy issues mount

6 Apr 2020
Visit/security/internet-security/355228/mozilla-fixes-two-firefox-zero-days-being-actively-exploited
internet security

Mozilla fixes two Firefox zero-days being actively exploited

6 Apr 2020
Visit/security/hacking/355227/65-country-coronavirus-team-protects-the-technological-infrastructure-of
hacking

Cyber security experts form coronavirus taskforce to combat ransomware attacks

3 Apr 2020

Most Popular

Visit/development/application-programming-interface-api/355192/apple-buys-dark-sky-weather-app-and-leaves
application programming interface (API)

Apple buys Dark Sky weather app and leaves Android users in the cold

1 Apr 2020
Visit/data-insights/data-management/355170/oracle-cloud-courses-are-free-during-coronavirus-lockdown
data management

Oracle cloud courses are free during coronavirus lockdown

31 Mar 2020
Visit/business-strategy/flexible-working/355186/why-were-lucky-covid-19-has-come-now
flexible working

Why we’re lucky COVID-19 has come now

3 Apr 2020