The Investigatory Powers Bill (IP Bill) has passed its third reading in the House of Lords. The 300 page document has completed its Parliamentary process, and is expected to become law by the end of 2016.
The House of Lords has ‘suggested' some amendments to the Bill, which means it will be thrown back to the House of Commons for a final ‘look over'. The House of Lords will then vote on any amendments put forward by the Commons until both house are happy to proceed. Once this process is over, the bill will receive Royal Assent and officially become law.
Of the 377 amendments from the House of Lords passed back to the Commons, amendment 15 is among the most important, with Jacob Rees-Mogg MP highlighting in the chamber that the amendment goes against the Sewel Convention.
Other suggestions included are amendments proposed by Baroness Hollins, which seek to govern the relationship between government, law enforcement agencies and the press in the UK. This is seen as a reaction to the outcome of the Leveson Report, however this was labelled a “distraction from the important aim of the bill” by Ben Wallace MP who said that the purpose of the IP Bill was to provide a “strong framework of laws for modern law enforcement and intelligence agencies.”
Introduced by the then-Home Secretary Theresa May back in November 2015, the Bill has been heavily criticised by human rights groups and privacy campaigners alike, as the Bill is seen to herald over-reaching, draconian and intrusive spying powers for the UK intelligence agencies. The Bill was consequently dubbed The Snoopers' Charter.
The Home Office's representatives who are in charge of the law have said on many occasions that the powers which the new Bill is set to give to intelligence agencies are needed to help protect the country's national security and give more oversight, while bringing in new judicial processes and checks to ensure the law isn't misused by those in government.
This view was echoed by ex-Foreign Secretary Lord Hague, who, while speaking at InfoSecurity's 2016 conference, took the stance of "you'll just have to trust us" when it comes to surveillance.
Hague said: “The need for intelligence is crucial for law enforcement”, arguing that authorities cannot catch the ‘bad guys' without it. And unfortunately that's “bound to include some invasion of privacy”.
It is due to this “invasion of privacy” that an overhaul was found to be needed in mass surveillance and that comes in the form of the IP Bill. However, to describe the IP Bill as a Snoopers' Charter is "ridiculous", Hague said. Although he approves of a “healthy suspicion from the general public”, most of the public would ‘get it' if they could see the process, but obviously can't.
“The government does not want to ban encryption, we don't want back-doors, we don't want weakening of encryption,” he said, adding: “We're huge advocates of all of these things.” Despite his pro-encryption view, however, Hague said he's coming at it from the perspective of a person who used to approve surveillance warrants and sees the kind of horrible things they could prevent. And it is for this reason he argues that there is no “absolute right to privacy” in our modern lives. But we do have a right to protections.
Despite these protections, however, last month, the Interception of Communications Commissioner's Office issued a report which claims that multiple mistakes were made by security services in 2015 with intercepted communications data, which led to 17 wrongful arrests. Sir Stanley Burnton, the Interception of Communications Commissioner, described a 20 percent rise in errors made by security services since the previous year.
The report claims that a range of errors were committed, including “over-collection and unauthorised selection or examination of material to the interception of the wrong communications identifier or failure to cancel an interception”.
The report says 145 public authorities had access to confidential data in 2015. Overall, 761,702 items of communications data were acquired by the security services in 2015. The report details how 1,119 errors were made by security services and their use of the data.
Open Rights Group's executive director, Jim Killock, responded to the news on the organisations website saying: “The UK is one step closer to having one of the most extreme surveillance laws ever passed in a democracy. Despite attempts by the Lib Dems and Greens to restrain these draconian powers, the Bill is still a threat to the British public's right to privacy.”
Kilock added: “However, the new Bill fails to restrain mass surveillance by the police and security services and even extends their powers. Once passed, Internet Service Providers could be obliged to store their customers' web browsing history for a year. The police and government departments will have unprecedented powers to access this data through a search engine that could be used for profiling. The Bill will also allow the security services to continue to collect communications data in bulk and could see Internet security weakened by allowing mass hacking.”
And the the UN's privacy chief appears to agree with these points as well. Speaking back in March, Joe Cannataci said the UK's planned surveillance laws go against privacy judgements passed in Europe and that ramifications could be felt in other countries.
Cannataci, whose focus is the right to privacy, criticised the UK government's approach to the creation of the IP Bill, saying that certain provisions of the Bill - particularly those of bulk hacking and bulk interception of data - "run counter to the most recent judgements of the European Court of Justice and the European Court of Human Rights, and undermine the spirit of the very right to privacy."
Jacob Ginsberg, senior director at Echoworx told SCMagazineUK.com: “The analysis of metadata is just as intrusive as the analysis of content from web pages or social media. It may appear innocuous but it has the potential to expose the life histories of individuals over time, both personally and professionally. Party politics aside, this is an invasion of people's privacy. For businesses, this is cause for concern and will encourage them to think about jurisdictional shopping, and storing their data in countries that this bill cannot influence.
Ginsberg added: “Another issue is the inevitability that data will leak. What happens when this treasure-trove of metadata is made publically available by a malicious attacker? We need to think longer and harder about the implications of unavoidable outcomes and the impacts they will have on people's lives, whether it's discrimination over an insurance policy or an outright attack on privacy.”