(Image Credit: iStockPhoto/Adam Smigielski)
First it was privacy activists, then a range of technology companies, and now even the defence industry is laying out reasons why the UK’s proposed Investigatory Powers Bill is a terrible idea.
In a submission to a parliamentary scrutiny committee overseeing the draft investigatory powers bill, a coalition formed of players from the British aerospace, defence, security and space industries warned: “Increasingly, communications service providers simply act as ‘dumb pipes’, transferring data they cannot process or understand.”
“This does not mean the legislation is not viable or needs revolutionary change; it simply means that it’s likely to have a shelf life. There are likely to be significant shifts in the technological landscape over the next few years that it will be necessary to revise the law again in the not too distant future.”
It’s a lighter warning than what a coalition of technology giants – including Google, Facebook, Twitter, Yahoo and Microsoft – issued to home secretary Theresa May in a call to reconsider substantial parts of the proposed new surveillance bill.
The document (IPB0116) provides several key points:
- User trust is essential to our ability to continue to innovate and offer our customers products and services, which empower them to achieve more in their personal and professional lives.
- Governments’ surveillance authorities, even when transparent and enshrined in law, can undermine users’ trust in the security of our products and services.
- Key elements of whatever legislation is passed by the UK are likely to be replicated by other countries, including with respect to UK citizens’ data.
- Unilateral imposition of obligations on overseas providers will conflict with legal obligations such providers are subject to in other countries.
- An increasingly chaotic international legal system will leave companies in the impossible position of deciding whose laws to violate and could fuel data localization efforts.
Activists have included the stifling of innovation as one of their key arguments for some time – with some technology companies having to avoid conducting business in the UK altogether under such encryption legislation. Other concerns raised include the invasion of privacy such a bill would cause, and how it could be used for data collection about citizens.
Vodafone, a UK telecommunications operator, joins the aforementioned companies in their argument that such a government bill would risk “significantly undermining trust” and rejected any move to require them to hand over data passing over their networks from outside the UK.
The effectiveness of mass surveillance has also been in question from the former Technical Director of the NSA, William Binney, who said: “My big objection with the NSA and GCHQ and all associated law enforcement agencies and how they deal with data fundamentally circles around the bulk acquisition of data of any type. You have to get away from bulk acquisition dumping on your analysts because it makes your analysts fail; they have failed consistently since 9/11 and even before that.”
Speaking about 6,000 analysts he oversaw in 1997 looking at phone and internet data, he says that such a large amount of data cannot be sifted through and just overloads analysts with useless information. A solution, which is no longer being used, was to create a “social network” using metadata to identify known targets and then build “zones of suspicion” around them.
“This focused data collected around known targets plus potential developmental targets and represented a much smaller set of content for analysts to look through. This makes the content problem more manageable and optimizes the probability of analysts succeeding,” Binney says.
The committee has been given just two weeks to hear evidence before making recommendations to the UK parliament. Hopefully, the bill committee will see sense before it publishes its report on February 11th
What are your thoughts about the Investigatory Powers Bill proposal? Share them in the comments below.