Snoops a go-go: UK gov goes mad on privacy invasion
Earlier repressive powers to be extended to more or less everybody
The UK government intends to implement sweeping extensions to the snooping powers of official bodies before its controversial Regulation of Investigatory Powers Act (RIPA) even comes into force. RIPA was bludgeoned through Parliament two years ago in the face of heavy opposition, and is to come into force later this year.
The government, however, plans to widen the list of authorities which can demand access to phone, Internet and email records to the extent that it will be quite difficult to identify the bodies that don't have the authority to obtain data on you without the aid of a court order. RIPA itself was viewed as massively intrusive, but at least focussed on giving investigatory powers to security bodies, customs and the Inland Revenue, whereas the new list adds a wide range of bodies whose need for this kind of information can at best be described as tenuous, and whose capabilities of exercising such powers without abusing them are in many cases debatable.
Take the Department of Enterprise, for example. If one concentrates very hard, one can perhaps imagine situations where records would be helpful in identifying fraudulent claimants, but it's hardly an issue of national security. Or there's every local authority in the UK, all of whom can now presumably get busy tracking down people who're not paying their local taxes. The fire authorities? It's a tough one, but there's surely some reason they're on the new list.
Essentially, the extensions (which take the form of a draft order to be debated next week) switch RIPA from covering largely security issues to a set of powers that can be used by absolutely any national or local government body to trawl for information that might be helpful in investigating almost anything they care to.
So far, the primary defence against RIPA has been the difficulty in implementing it. It allows phone companies, ISPs and postal operators to be served with notices demanding information such as names and addresses of users, phone numbers called, source and destination of emails, the identity of web sites visited or mobile phone location data. The government has not however been terribly effective in putting this into practice, and is now shooting for August. As it hasn't yet specified the level of official in the various bodies added who will have the power to require this information, the latest escalation in repression and privacy invasion could conceivably delay the whole shooting match.
Ian Brown, director of the Foundation for Information Policy Research denounced the plan to hand over power without judicial oversight to a "practically endless queue of bureaucrats.
"The difficulty that the Government has encountered in getting the right processes in place for the police should make us ultra-cautious in extending these powers to such a wide range of bodies. We don't think that there's been enough resources put into the oversight arrangements for the current proposals, let alone what will be needed for this huge extension. In practice, these bodies are going to obtain this personal data on anyone they wish, without any effective way of checking what they're doing".
Sponsored: The Nuts and Bolts of Ransomware in 2016