Feeds

File-sharing Bill could give Government control of the internet

Law inadvertently gives keys to Mandy

SANS - Survey on application security programs

The Digital Economy Bill would give the Government the power to control the internet access of UK citizens by ministerial order, bypassing Parliament and without an adequate right of appeal, according to one legal expert.

Barrister Francis Davey has examined clause 11 of the Bill and believes that it puts extraordinary powers to control the information available to UK internet users in the hands of the Secretary of State for Business, Innovation and Skills, currently Lord Mandelson.

The Department of Business, Innovation and Skills (BIS) has rejected the interpretation of the law, claiming that the EU's E-Commerce Directive prohibits the activity described by Davey.

"Clause 11 gives the Secretary of State the power by minsterial order to make any ISP [internet service provider] take technical measures against any subscriber," said Davey.

This clause has been widely read as being designed to allow the disconnection of copyright-infringing file sharers, but Davey said its application could be far wider. "Nothing it says has anything to do with copyright infringement or even wrongdoing by the subscriber," he said. "The Secretary of State could use this to order ISPs to block access to a website or to certain kinds of files."

The Digital Economy Bill has been controversial because it gives the Secretary of State powers to order ISPs to take 'technical measures' against subscribers, such as disconnecting the access of those accused of illegal file sharing.

Davey is a barrister with a background in IT and specialises in computer and internet law. His analysis could lead to even further controversy about the Bill. He said that he does not believe that the clause is a deliberate attempt to control access, but he said that if it passes into law it will inevitably be used in that way.

"My suspicion is that this is not an intentional power grab," said Davey. "I think that it is just bad drafting. Whoever was doing it, rather than think of a subtle and complicated power that had the right effect, they have just given the broad power that would allow the Secretary of State to do what was needed."

"But we know from other laws that when a power exists it finds a way of getting used," said Davey. "Look at the asset freezing powers of anti-terrorist legislation. They were used to freeze the assets of [Icelandic bank] Landsbanki. Now that upset a lot of people in Iceland, but when you went back to the legislation it actually didn't say anything about that power only being used against terrorists."

A spokesman for BIS said that it had drawn up the legislation only with filesharing in mind.

"It is clear from clause 11 and the Bill as a whole that technical measuers are for the individual infringer and can't be applied at the network level," he said. "At the network level the law has to comply with the E-Commerce Directive."

The Directive, which became UK law as the E-Commerce Regulations, absolves ISPs of liability for illegal material on their networks as long as they do not know that it is illegal. It also absolves them of the duty to monitor networks for illegal activity.

"The Directive says that we can't draft legislation that imposes a general obligation to monitor networks," said the spokesman. "And this network level activity would require ISPs to monitor websites on their systems."

Davey said, though, that while the E-Commerce Regulations and Directive do prohibit the passing of laws that require ISPs to monitor activity, this is different to what concerns him.

"What you can't do is require an ISP to look at the traffic going over its network and find certain content. But if an ISP is asked to block an IP address they can do that," he said. "Blocking is not monitoring."

Davey also has concerns about the lack of restraints on the powers in the Bill. "It is slightly unusual because of its breadth and the fact that there is no right of appeal or obligation to publish the notices or to go through Parliament," he said.

A person affected by an order can appeal the basis of an order but not the order itself, he said. This means, for example, that if their access was cut off they could claim that they did not conduct illegal file-sharing but could not appeal the nature of the Secretary of State's action, i.e. the cutting off of internet access.

Ofcom will operate a Code of Practice in relation to the powers, but Davey said that Ofcom will not be able to restrain a Secretary of State's use of the powers.

"Ofcom governs the use of the power but can't inhibit it," he said. "The Code of Practice allows certain things to be put in it by Ofcom but it allows the Secretary of State to put things in as well."

The BIS spokesman disagreed, saying that the Bill says that "Ofcom has to consult" on powers, and that the first time the Secretary of State wants to use the powers secondary legislation will have to pass through Parliament. He conceded that after that Parliament did not have to be consulted on their use.

Francis Davey's analysis of the bill can be read here.

Copyright © 2009, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

High performance access to file storage

More from The Register

next story
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Record labels sue Pandora over vintage song royalties
Companies want payout on recordings made before 1972
Edward Snowden on his Putin TV appearance: 'Why all the criticism?'
Denies Q&A cameo was meant to slam US, big-up Russia
Judge halts spread of zombie Nortel patents to Texas in Google trial
Epic Rockstar patent war to be waged in California
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.