How frightening it is to see the country which pioneered so many civil liberties take such a profound step towards eroding them. Just as worryingly, almost nobody will do anything to fight against it, nor make any attempt to understand its implications. It is no wonder that Edward Snowden, a man who’d know a thing or two about snooping, called Britain’s new Investigative Powers Bill, which was passed into UK law this week, ‘the most extreme surveillance in the history of western democracy’.
Ordinarily, one would not expect a conservative government to approve such legislation. But Theresa May’s appalling record on freedom of speech and assembly, which includes proposing statutory rules to force universities to ban extremist speakers, provides a telling backdrop to the passing of the Bill, seemingly crowning her authoritarian, anti-freedom campaign. The IP Bill gives the British government, police forces and intelligence services unprecedented powers to spy on citizens and hack into cyber devices.
There is a reason it has been dubbed the ‘Snooper’s Charter’. Despite the Home Office’s insistence that the Bill will strengthen the country’s national security, it represents a wholesale degradation of our online private lives, legitimising the undermining of individual privacy on a scale unseen in the west before.
Whilst it is true that police and intelligence services do not have the time or the resources to pry into all your online activities – unless, of course, you are a terror suspect – there must stand firm a principled objection to inappropriate state encroachment on the private lives of citizens. As the government well knows, we now operate an increasing proportion of our lives, both public and private, within the confines of the online world.
Under the terms of the new Bill, passed now in both parliamentary houses, the government will radically reform its ability to hack and store data, allowing an array of agencies and departments in Whitehall to access the private information of any British person they request to track. The list of organisations concerned is really quite staggering. The Ministry of Defence, HMRC, the Food Standards Agency and the Gambling Commission are just some of the public authorities that will be permitted to hack into personal devices and store your private information. Try as I might, I am yet to understand why the Food Standards Agency would need such information at all.
In part 5, chapter 2 of the Investigatory Powers Bill, a clear precedent is set out for a practice known as ‘equipment interference’. This involves, for the first time ever, security services being allowed to hack (and even bulk hack) into personal servers, mobile devices and computers. This may include retrieving data from stolen items or installing software designed to track the keyboard letters that are pressed on just about any laptop.
Naturally, warrants will need to be issued for such activities, but this cannot prevent us from asking important questions. How easily will warrants be issued? How are we to protect ourselves against having one issued against us if we are suspected of a crime that we have not been proven guilty of? How will others, perhaps innocents who are connected with suspects, fare if private conversations are stored for criminal or intelligence purposes? The cyber world is now so deeply interconnected that it would seem impossible to suggest that security services will not, in storing data and monitoring individuals, invade the privacy of others who are unlucky enough to be caught up in the crossfire.
But the Investigatory Powers Bill goes further than hacking. Per the needs of both intelligence and police services, internet and communications providers will be forced to store the activity and browsing history of consumers for up to a year, logging what devices were used to access certain sites or material, and precisely when and for how long it was done so. Again, warrants will be required for records to be accessed, and will be provided by an Investigatory Powers Commissioner and judicial commissioners, selected by the current and future Prime Minister(s). But how confident are you in the ability of your internet provider to prevent hackers accessing the entirety of your data?
The Data Retention and Investigatory Powers Act of 2014 expires on December 31st of this year, so new legislation was expected, and Amber Rudd will do all she can to convince people that it is in the national interest to keep tags on those the government suspects of wrongdoing. But are all these fancy new powers necessary in tackling the terror threat in Europe? What, if anything, will Theresa May do to address the tech bosses who have expressed dissatisfaction at being forced to snoop into the private affairs of their customers? How worried should we all be about the threat of data leaks, or of the intelligence services themselves being vulnerable to online attack or hacking? And what comes next? If the people see the Bill (and its subsequent ramifications for personal liberty) as a necessary tool to combat the threats that we face, then what other kinds of legislation are around the corner? How far must the war on freedom go before the state becomes too powerful?
The Investigatory Powers Bill is a wolf dressed in sheep’s clothing. After two years of exhausting terror exploits on the continent, the British government is determined to appear proactive in the fight against extremism. But there’s just one catch: your very privacy and civil liberty is at stake.
Oliver Norgrove is a media analyst. He tweets @OliverNorgrove.