More like this

Security

Tech's big dogs snarl at UK.gov over Snoopers' Charter

Improve the law, say Apple, Facebook, Google, Microsoft, Twitter, and Yahoo!

IPB The biggest internet businesses in the free world have written to the British government to politely urge that its Investigatory Powers Bill is improved.

Written evidence submitted to the committee looking over the Investigatory Powers Bill, from Apple, Facebook, Google, Microsoft, Twitter, and Yahoo!, has been published today.

In a joint statement, the businesses laid open their belief that the government could “go further to improve the provisions of the Bill without jeopardising its effectiveness."

It was the companies' position that there were "important amendments" that needed to be made to the legislation, which is likely to be mimicked around the world, to ensure it is worthy of such emulation "and does not further exacerbate the challenges communications companies outside the UK face, while also protecting the user trust that is essential to the modern data-driven economy.”

Among their concerns was the British government's “unilateral assertions of extraterritorial jurisdiction” which could oblige companies to comply with conflict legal obligations.

The businesses also noted how Home Secretary Theresa May “affirmed in a statement to the House on 1st March 2016, that 'a warrant can only be served on a person who is capable of providing the assistance required by the warrant, and that the duty to comply with the warrant can only be enforced against a person who is capable of complying with it'."

This position is not reflected in the legislation. Currently civil enforcement is available against UK employees of non-UK CSPs. The Bill restates the government’s position and unilaterally asserts UK jurisdiction overseas in seven of the eight major powers in the Bill.

This is contradictory to stated Government policy and will likely be replicated abroad, putting overseas based employees of UK CSPs at risk. We do not believe that the government intends to legitimize this heavy-handed practice.

They followed this up to "agree with the recommendation of Sir Nigel Sheinwald and others" that democracies should work on developing an international framework "to establish a common set of rules to resolve these conflicts across jurisdictions."

The legislation's approach to cryptography needed to be clarified too, the companies said, advising that it needed to amended "so that there is an explicit threshold: where a service is encrypted end-to-end, the Bill should recognise it will not be reasonably practicable to provide decrypted content, rather than leave this to be established on a case-by-case basis."

Transparency

The businesses, who all have various forms of transparency reporting, stated that, as a general rule, "users should be informed when the Government seeks access to account data" though this is currently prohibited by the legislation.

"It is important both in terms of transparency, as well as affording users the right to protect their own legal rights" noted the companies.

"Our users range from individual consumers to large media organizations to large public sector entities. While it may be appropriate to delay notice in exceptional cases, in those cases the burden should be on the Government to demonstrate that there is an overriding need to protect public safety or preserve the integrity of a criminal investigation," the joint statement added. ®

Sponsored: Magic quadrant for enterprise mobility management suites