The government’s due to announce new legislation that will allow the police to monitor all of our online communications. In this guest Conversation, Privacy International argues that this is a step too far.
At Privacy International HQ last week, we were receiving frantic calls from our advisors and colleagues across government, industry and human rights groups about rumours of new legislation in the UK being considered for the next Queen’s Speech.
The Home Office wants to establish new ways of spying on our communications and internet activities in order to prevent, detect, and investigate crime and terrorism.
‘Something must be done’
The idea of a ‘modern’ surveillance law was first floated by the Labour government in 2008. Their line of argument was as follows:
1. When BT ran all the networks and we all used landlines, the police could get access to who it was we were calling and when, and our location at the time..
2. When internet service providers and mobile phone companies came along, this allowed the police to access new forms of information held by these companies: who we were emailing and which websites we were visiting.
3. But the internet doesn’t work like way anymore: people use Gmail rather than BT internet addresses, and people chat on Facebook as much as by text. This data no longer resides in the UK, but on servers all over the world. So something must be done to make it accessible to the British government.
When in opposition, senior members of the current government clearly stated, when this policy was first floated in 2009, that this form of surveillance was unacceptable. Now the same old policy is emerging, accompanied by the same old arguments.
The government’s original idea was to store all this information in a central government database. The last government abandoned this as being ridiculously complex and an invasion of privacy.
So they instead proposed to install technology at every internet provider and phone company that will intercept all your communications to pull out information about who you’re emailing, who your friends are, and a multitude of other pieces of information.
The UK would be the first democratic country to install such a system, but there are at least three reasons why others have not moved in this direction.
1. Intercept everything
This system would require the interception of every communication in Britain. How can the government know that you’re browsing a social network, reading the news or emailing a friend?
They would have to require internet service providers (ISPs) to interfere with each and every bit of communication to see what you’re doing and then compel ISPs to record specific notes on each interaction, and then store this for up to two years.
The current law on communications interception requires that a) a person be suspected of a serious crime, and b) a warrant be signed by the Home Secretary. Now everyone’s communication will be intercepted, without a warrant or indeed any judicial or executive oversight.
However, the police will only be able to get hold of the actual content of your communications with a court order; but will continue to get lightly regulated access to communications data, like who you’re talking to, where, when, and who are your friends.
2. Low confidence to keep our data safe
This would be the first time we compelled companies to collect information on innocent people that they would not normally collect for the purpose of doing business. Yes, the police can access our financial records and even our medical records, but at least these records exist for good reason: the functioning of the banking and healthcare systems.
This time, the government is asking internet providers and mobile phone companies to actively spy on the entire population of the UK.
As the Leveson inquiry is demonstrating, once information is collected it can be abused by others – the precise degree of police complicity in the illegal access to information remains to be seen.
And with regards to hacking, it seems there is a new story every fortnight on how some large corporate database or other has been maliciously hacked. This information, once collected, can never be adequately secured, no matter how many promises are made.
3. It would be too costly
At a time when the public sector is being subjected to stringent cuts and police budgets are being slashed, the government wants to spend billions on a system that is diametrically opposed to the public interest.
Do you really want your money to be spent on a project that will partially align Britain with regimes that conduct warrantless mass surveillance abroad?
Which? Conversation provides guest spots to external contributors. This is from Gus Hosein of Privacy International – all opinions expressed here are their own, and not that of Which?