UK's super-cyber-snoop shopping list: Internet data, bulk spying, covert equipment tapping
'No worse than an itemised phone bill', says Home Sec
Britain's Home Secretary Theresa May revealed today that Brit spooks have, for years, been using section 94 of the 1984 Telecommunications Act to intercept bulk communications data of people in the UK.
Her comments came as the Secretary of State introduced her 299-page-long draft Investigatory Powers Bill [PDF] to the House of Commons on Wednesday.
Under the proposed law, s.94 of the Telecomms Act will be repealed and replaced with a new "Bulk Acquisition" warrant to allow spooks to intercept comms data.
May said that key aspects of the proposed legislation included the "use of equipment interference powers to obtain data covertly from computers" including the bulk slurping of such data to try to hunt down terror and criminal suspects overseas.
The Home Sec continued: "This Bill will also allow the police to identify which communications services a person or device has connected to – so-called internet connection records."
She claimed that it was wrong for such actions to be "characterised" as "having access to people’s full web browsing histories. Let me be clear – this is simply wrong."
An Internet Connection Record is a record of the communications service that a person has used, not a record of every web page they have accessed.
So, if someone has visited a social media website, an Internet Connection Record will only show that they accessed that site, not the particular pages they looked at, who they communicated with, or what they said.
It is simply the modern equivalent of an itemised phone bill.
The government had originally hoped to push the investigatory powers legislation through the Palace of Westminster before DRIPA's sunset provision expires at the end of 2016.
However, it will need to happen sooner than that now: the Data Retention and Investigatory Powers Act – which was rushed through Parliament as an "emergency" measure backed by all sides of the House in 2014 – was found to be unlawful by the High Court in July this year.
It means the government only has until March next year to rewrite DRIPA or all together replace it with fresh legislation.
One of the key things to come out of that decision was that judicial oversight of poking around and retaining netizens' web data needed to be baked into DRIPA to square it with the European Court of Justice and Blighty's High Court.
So any noise today about the government making concessions to placate privacy advocates is in fact a red herring, since it's now required by law to ensure such judicial oversight is there from the get-go.
May told MPs that she planned to publish a revised IPB in the spring, after the current draft has been scrutinised by peers and politicos. ®
Sponsored: 2016 Cyberthreat defense report