27 November 2015

Time to ‘Accept’ the Investigatory Powers Bill


Speaking on BBC’s Radio 4 Today show, three days after the terror attacks in Paris, David Cameron said “I think we should look at the timetable” of the planned draft of the Investigatory Powers Bill. The comment hints at a possible fast-tracking of the law, which currently is due to be debated next year, coming into effect in 2017.

Updating the surveillance laws is, it is argued, necessary for security. As Theresa May has pointed out, it seems wrong that criminals should be able to hide communication from police by using social media rather than a phone.

Granting the government the power to collect bulk web records of internet pages everyone has visited, how long for and whether they contain any medical information is obviously unsettling. It definitely feels like a breach of privacy.

But all the cries of “snooper’s charter!” and a “breath-taking attack on internet security!” have forgotten a few crucial facts.

To start with, the government already has access to this information. May told us herself: in the last year 6 terrorists plots have been stopped already because the security services have the ability to intercept communication through the internet, even on encrypted apps and software.

But more importantly, I am willing to bet that the people getting into such a flap about government surveillance powers being extended have all clicked ‘Accept’ without reading or caring about the Ts&Cs of mobile apps like WhatsApp and Uber.

A quick disclaimer: I think the apps are brilliant ideas, well executed and have made life considerably more convenient for several people.

But why exactly does WhatsApp need access to my phone book? To get market data on the number of mobile phone users also using their internet based-messenging… maybe. Why does it need my location though? And as for Uber – how is access to my camera, photos/media and files necessary for the successful functioning of a taxi business?

It isn’t. Even if I agree to hand over my information, I’m volunteering data on everyone I have saved as a contact, including those who might not agree to these apps keeping tabs on them.

But all of these companies do it, and we all ‘Accept’. Why are we willing to trust these faceless and unaccountable organisations but not the government?

Businesses are gathering huge amounts of consumer data, whether they plan to use it themselves or sell it on. Theresa May could have got all the information she needed by taking the money she intends to spend on hiring 1,900 new spooks and paying it directly to WhatsApp. Or she could have just inserted a small extra tick-box that 500,000,000 impatient smartphone users will charge through on their mission to download the latest version of Instagram.

I am, obviously, glad that she didn’t. But it shows how much happier we are to exchange our data for the convenience of hailing a cab rather than life-or-death security.

The final reason to stop panicking about this bill is that it is actually in our favour. It increases transparency, and provides a legal framework for surveillance to be challenged and held in check. Rather than “enshrining in law the previously covert activities of GCHQ”, the laws draw a line in the sand of how far into your private life the government can hack. If officers want to mount more intrusive spying operations, including tapping phones, they will still need a warrant from the home secretary or another senior minister. Additionally, the draft bill proposes giving a new panel of judges, known as the Investigatory Powers Commission, the ability to veto such requests.

Most promisingly, the bill will mean that checks and balances on private data collection will filter down through the legal system to other organisations currently running free with your identity, contacts, location, SMS, media files, camera, Wi-Fi connection and information, device ID, call information… and everything else they can get their hands on.

Does the draft law “gives our spies all the powers they need to fight terrorism“, as one security consultant has claimed? Unfortunately, individuals and organisations really set on causing terror in the UK are probably not going to be massively impacted by the government’s legal backing to read their private Facebook messages. So will it have any affect on future terrorists then? It might. It certainly won’t make things easier for them.

Olivia Archdeacon is CapX Assistant Editor