Cameron: re-elect me and MI5 can snoop on all emails

Call for greater surveillence powers by intelligence agencies strengthened in the wake of Paris killings.

Cameron: re-elect me and MI5 can snoop on all emails
Cameron: re-elect me and MI5 can snoop on all emails

Data privacy is set to become a key election battleground issue after David Cameron promised that if he's re-elected then a new law will give UK spies the power to read all messages sent over the internet.

The Prime Minister made the vow after last week's terrorist attacks in Paris, but Deputy Prime Minister and Lib Dem leader Nick Clegg immediately hit back, saying “the right to invade the privacy of terrorists should not mean invading the privacy of every single person in the UK”.

Speaking at an event in the Midlands on 12 January, the PM promised post-election to bring in a "comprehensive piece of legislation that does not allow terrorists safe space to communicate with each other”.

The law would increase the authorities' power to access both the details of online communications and their content.

Cameron recognised such powers were "very intrusive", but said they were justified by the recent killings in France and the growing threat to the UK - as long as proper legal safeguards are in place.

He asked: “In our country, do we want to allow a means of communication between people which we cannot read?” – pointing out that MI5 and GCHQ can access letters and phone calls.

Observers have asked whether this means Cameron wants to ban - or introduce backdoors into - encrypted communications which the security services cannot read even if they have a warrant, such as services like WhatsApp, Snapchat, Apple's iMessage or FaceTime.

Meanwhile, echoing Cameron's sentiments, a joint declaration on Monday by the interior ministers of 11 EU countries – including UK Home Secretary Theresa May – called for great co-operation from the internet service providers to “swiftly report and remove material that aims to incite hatred and terror”.

But Nick Clegg insisted in a Radio 4 interview on Tuesday that allowing the UK Government to record the web browsing history and social media interactions of UK citizens is not a “proportionate” approach to fighting terrorism.

Clegg was also due to say in a speech later on Tuesday that this would mean “a new indiscriminate power for governments to record every man, woman and child's web history, emails and social media interactions”.

The two government partners have already clashed over this issue. Last year's planned Communications Data Bill - the so-called "snoopers' charter" – would have forced comms companies to store for 12 months' details of all messages sent on social media, via webmail or voice calls over the internet.

But Clegg's Lib Dems vetoed this when the new DRIP (Data Retention and Investigatory Powers) was brought in.

Cameron has now pledged to toughen up this Act when it is expires on 2016.

Meanwhile, Labour leader Ed Milliband is also in favour of more powers for the security services, as long as they are combined with stronger oversight.

However, cyber-security experts have questioned the technical feasibility and wisdom of the proposals.

BH Consulting's Brian Honan told SCMagazineUK.com: “Practically and technically it's not feasible to introduce government backdoors or methods for governments to bypass encryption without undermining the overall security of that encryption solution.

“If the police can use a backdoor to get into my encrypted communications, then any criminals, activists, commercial companies or foreign spy agencies will all be able to use those same backdoors. And it's not a matter of if they will use them, it will be more a matter of when.

“Plus, how can the UK impose laws on every security manufacturer in the world and open-source software to allow that type of access into the systems? It's not workable.”

Professor John Walker, director of CSIRT and cyber forensics at Cytelligence Ltd, also said any new powers would be largely ineffective.

He told SCMagazineUK.com: “Europol last year said 96 percent of the dark web is unindexed, so basically there's all this stuff that we don't know about. How can you track what you don't know exists?

“Yes, be able to monitor people who are easy to access, but please let's not fool ourselves that we're going to get access to the serious people because it's a significant challenge.

“On top of that you've got the fact that law enforcement isn't up to speed with the technical capabilities today and they don't have the resource – they can't even man the front bench at police stations, let alone put up some elaborate cyber-sleuth campaigns.”

Cameron said: "I am confident the powers we need, whether it is on communications data or the content of communications, I am very comfortable they are absolutely right for a modern liberal democracy."

The moves also follow a call for more surveillance powers for the intelligence agencies, made by head of MI5, Andrew Parker, in a speech made on 8 January but prepared prior to the Paris shootings, a repeat of the call made previously by the new head of GCHQ, Robert Hannigan.

The US is seeing similar call for greater surveillance powers by the intelligence community and on Thursday UK premier David Cameron will visit US president Obama  to discuss, among  a number of issues, cyber-security amid concerns about the rising number of security breaches including in the financial services sector.

However, at a recent speech at the Federal Trade Commission, Obama also unveiled proposals designed to protect consumers' personal and financial information. This would require companies to report within 30 days after discovering a data breach, along with other proposals for student data protection.