Proposals to update the UK’s spying regime for the digital age have received cautious approval from a committee of MPs and peers, paving the way for security services to gain access to the private communications of millions of Britons.
On Thursday, the parliamentary committee scrutinising the draft investigatory powers bill recommended that some of its more controversial aspects should become law.
But the lawmakers also made 86 recommendations for changes to the bill and suggested much more work needed to be done.
The select committee said law enforcement agencies had successfully made the case to make UK communications companies, such as BT, Virgin Media and Sky, store internet records for 12 months.
The MPs and peers added that other provisions, such as measures for security services and law enforcement to obtain information from technology groups “in bulk” and a legal duty that could require them to hack the accounts of customers, were acceptable.
However, Silicon Valley groups appear to have secured support for concessions on issues such as the breaking of encryption on communications services such as Apple’s iMessage and Facebook’s WhatsApp.
The MPs also suggested exceptions to prevent interception of communications of lawyers and journalists.
The proposals try to replace the communications data bill, dubbed the “snoopers’ charter” by critics and ditched in the last parliament.
“There is much to be commended in the draft bill, but the Home Office has a significant amount of further work to do before parliament can be confident that the provisions have been fully thought through,” said Lord Murphy of Torfaen, chairman of the joint committee.
But others on the committee attacked the bill. Lord Strasburger, the Liberal Democrat peer on the scrutiny committee, said Ms May had not enough to move beyond the previous proposals. “The Home Office doesn’t do privacy,” he said.
He also pointed to strong criticism earlier in the week by MPs on the intelligence and security committee (ISC) that the bill was too invasive.
Tech industry executives also said they were disappointed with the report, with one Silicon Valley staffer describing the politicians findings as “weak” and not going far enough to clarify the powers being gained by the security services.
The bill would, for the first time, comprehensively codify the authority of MI5, MI6, GCHQ and police forces to access Britons’ communications.
When Theresa May unveiled the bill last November, the home secretary said the changes were necessary to tackle the growing online threat posed by terrorists and organised crime cartels, while providing “some of the strongest protections and safeguards anywhere in the democratic world”.
On Thursday, a Downing Street spokeswoman said: “Our first priority is to keep those living in our country safe and make sure the police and intelligence agencies have the powers to do that.
“We welcome the fact that the committee says this draft bill establishes firm foundations for further legislation. We will need time to look at its conclusions along with the ISC report earlier this week.”
But weeks since it was unveiled, some aspects of the proposed law have been fiercely attacked by IT groups, privacy campaigners, broadband companies and other governmental bodies.
Proposals include giving the police and security services access to the records of every UK citizen’s internet use without the need for judicial authorisation. However, should agencies want the content of communications, they would need the authority of the home secretary and a panel of judicial commissioners.
The government has already made several concessions, such as a “double lock” for the use of interception warrants.
This means that security agencies would typically be granted the right to see only the precise content of phone calls, emails or messages sent via social media after approval from the home secretary and then by a senior judge.
The committee said the role of judicial commissioners role needed to be strengthened and needed further independence — such as being appointed and fired by the lord chief justice rather than the prime minister.
Tech industry executives have argued that big changes are needed because the UK law will serve as a precedent to other countries, such as China and Russia, which are looking to adopt similar legislation.
“The Home Secretary called this draft bill a ‘gold standard’ but no one in this country but her seems to believe it,” said Gus Hosein, executive director of Privacy International.
“Go back to the drawing board and bring back a true gold standard for democracies across the world.”
(Published by Financial Times - February 11, 2016)