The Facts of the Investigatory Powers Bill - And Why They Matter

Liberty has long campaigned for a fundamental reform of the laws governing surveillance in the UK. We awaited this Bill with bated breath, knowing it represents a once-in-a-generation chance for parliamentarians to lay spying powers and crucial human rights safeguards down in law. Unfortunately, as it stands, the draft Bill isn't just a wasted opportunity - it's an astonishing assault on the internet security of everybody in our country.

If you've been following the headlines around the Government's new surveillance law over the past few days, you may well be feeling more than a little confused.

"Theresa May forced to backtrack on internet snooping plans", declared Sunday's papers - days later we read that "spy agencies will be given power to access your internet history". "Judges get right to veto anti-terror operations" trumpeted The Times' front page on Wednesday - but only a few hours afterwards Conservative MP David Davis was pointing out that this so-called "judicial authorisation" was not, in fact, judicial authorisation at all.

This week, the Home Secretary unveiled the long-awaited draft Investigatory Powers Bill - a deceptively innocuous title for a law that has immense implications not just for the privacy and safety of every person reading this blog, but for that of generations to come.

So it's vital people know what this Bill, as published, will actually do, what it means for them and what they stand to gain or lose. With the Government spin juggernaut in full motion, that's no easy task.

Surveillance is complicated, and the patchwork of legislation currently governing it in the UK even more so. It's packed with acronyms (try asking anyone in your local pub the difference between the IPC, ISC, IPT and IoCC). And it doesn't help that Ministers persist in speaking in euphemisms and jargon - "equipment interference", for example, is straightforward hacking to you and me.

So, here are the facts - and why they matter.

Liberty has long campaigned for a fundamental reform of the laws governing surveillance in the UK. We awaited this Bill with bated breath, knowing it represents a once-in-a-generation chance for parliamentarians to lay spying powers and crucial human rights safeguards down in law.

Unfortunately, as it stands, the draft Bill isn't just a wasted opportunity - it's an astonishing assault on the internet security of everybody in our country.

No real judicial oversight

When a public body wants to intercept our communication, their requests are currently signed off by a senior Minister - a role Liberty believes should lie with a judge. But don't just take it from us - there's a growing consensus on this that includes MPs across the political spectrum, former spy chiefs and the Independent Reviewer of Terrorism Legislation.

So the Home Secretary knew she was up for a fight - and, ahead of the Bill's publication, she heralded "world-leading oversight" as a "cornerstone of the new legislation".

Let's make this clear: this Bill does not contain powers for substantive judicial approval of spying warrants. At most, it gives judges a highly limited role in a rubber-stamping exercise. The Home Secretary called it a "double-lock" - but the judge doesn't actually get to have the key.

Hacking

The Government quietly admitted for the first time in February that our security services have been busily hacking for some time. Now it wants to make it legal.

The Bill allows spies to hack into our devices and networks, extends those powers to all police forces, and places obligations on service providers to assist with hacking warrants.

There's been no public debate on State use of hacking - but it's the most intrusive form of surveillance imaginable. It can be undertaken on an industrial scale, and is capable of turning mobile phones into spying cameras and listening devices.

It also has the potential to do unlimited damage to device and network security. Think of it as a burglar breaking into your home, then leaving the lock broken and a sign outside inviting other burglars in - all without you realising you were ever broken into in the first place.

Far from recognising the unique security threats posed by hacking, the draft Bill fails to provide any exceptional safeguards and allows for routine mass hacking that has the potential to do much more harm than good.

Mass surveillance

The Bill aims to legalise the breathtakingly broad spying powers exposed by Edward Snowden - the same mass, speculative surveillance that allowed the Government to spy on human rights organisations such as Amnesty International and capture webcam pictures of 1.8 million Yahoo users, many of which were sexually explicit. Liberty is currently challenging these powers at the European Court of Human Rights. Yesterday, Snowden himself branded the Bill "the most intrusive and least accountable surveillance regime in the west".

It's crucial spies are able to use surveillance to target suspected criminals and protect lives. But far from creating a more targeted, effective system, this Bill is riddled with broad and disproportionate powers that fundamentally alter the relationship between individual and state - mass interception, mass acquisition of communications data, mass hacking and retention of databases on huge swathes of the population.

Weblogs

The Bill would require service providers to retain every person's "internet connections records" - to translate, that's records of apps you open on your phone, photos you upload to iCloud and every website you visit.

We live more and more of our lives online - so records of our internet use, pieced together, create a detailed and personal picture. Forcing companies to keep these details on every one of us, regardless of whether we're suspected of anything, is incredibly intrusive.

Which is why compulsory retention of internet connections isn't allowed in any other EU or Commonwealth country or in other democracies like the USA and Canada. In Australia, it was recently explicitly banned in law.

Recent history shows us the way in which the State misuses its powers to place us under surveillance. But even if you trust the State not to access these records without justification, the recent TalkTalk hack shows how vulnerable we all are when our personal details are sitting on a database.

We can change this

Frightening stuff - but this Bill is a long way from being law. We will be fighting every step of the way to make sure the final legislation strikes the right balance between surveillance and freedom, but we can't do it alone.

The Government is banking on a combination of scare-mongering, spin and public apathy to help it get this Bill through. We need to show them that we're not falling for it, that we know what's at stake - and we need to tell them how we want the final legislation to look.

Liberty has created an eight-point plan detailing clear, practical safeguards, and we'll urge parliamentarians to push for their inclusion in this Bill - real prior judicial authorisation of all surveillance requests, no blanket powers forcing communications companies to store more personal data, targeted surveillance conducted for tightly defined reasons.

Security and privacy are not mutually exclusive, though it's the line we've been fed for years. Let's show the Government we want, deserve and can have both. The more of you we have behind our campaign, the bigger our collective voice is - and the harder it is to ignore.

Sign and share Liberty's Eight-Point Plan for a secure and private Britain.

Sara Ogilvie is a policy officer at Liberty

Close

What's Hot