Tech firms and privacy campaigners have criticised the final version of the Investigatory Powers Bill, arguing that many of the changes from the draft edition published last year, which was also heavily criticised, are minor.
Among the chief concerns are the requirement for internet service providers (ISPs) to store the internet history of customers for up to a year and the strengthening of police powers to access personal information.
Jim Killock, executive director of the Open Rights Group
“The Home Office is treating the British public with contempt if it thinks it’s acceptable to rush a bill of this magnitude through parliament. MPs and peers need sufficient time to consider the fundamental threats to our privacy and security posed by the Investigatory Powers Bill. Many have their minds elsewhere, dealing with important decisions about Europe.
“On first reading, the revised bill barely pays lip service to the concerns raised by the committees that scrutinised the draft bill. If passed, it would mean that the UK has one of the most draconian surveillance laws of any democracy, with mass surveillance powers to monitor every citizen’s browsing history.”
Renate Samson, chief executive of Big Brother Watch
“The government is squandering a golden opportunity to create a law fit for the digital age. By publishing hundreds of pages of clauses and codes of practice less than a month after the proposals were so roundly criticised by three parliamentary committees, the Home Office has shown a complete disregard for the process of parliamentary scrutiny.
“This bill should be divided to deal with the sunset clause on our communications data quickly, leaving the more detailed, intrusive powers for proper consideration over a longer period of time.
James Blessing, chair of the Internet Service Providers Association (ISPA)
“With the Joint Committee publishing its report a mere nineteen days ago to conclude the pre-legislative parliamentary scrutiny, ISPA is disappointed that the Home Office has moved forward with a revised bill in such a short space of time. It is widely agreed that a new legislative framework is needed that balances the interests of privacy, security and the impact on the internet industry.
“The prime minister himself said that it ‘is one of the most important bills that this parliament will pass and it is vital that it is scrutinised and debated properly’ we now hope that parliament is given sufficient time to properly scrutinise the bill in order to get a bill that is proportionate and workable.
“Whilst we welcome the publication of further information alongside the revised bill, including the associated draft codes of practice, the Home Office has pledged a number of changes to the bill that will require close scrutiny. For example, as more work is undertaken to better understand internet connection records, the powers have been extended, and there are still questions to be answered around the use of technical capability orders and definitions used in the bill.”
Anthony Walker, deputy CEO of techUK
“The test now is to understand if the amendments made address the very serious concerns that have been laid out by the tech industry and three parliamentary committees.
“This is a complex bill, with significance for all of us. Parliamentarians must have time necessary to subject it to the ‘maximum parliamentary scrutiny’ the Home Office has promised. As more details emerge, tech companies are urgently seeking to understand what is being asked of them and the implications for their business, their customers and the security of our digital economy.”
Nigel Hawthorn, Skyhigh Networks
“Using the argument of national security as a battering ram, the government is once again taking an approach that will cause more harm than good for businesses. Encryption is a key capability that makes business traffic safe from prying eyes, and asking companies to weaken, restrict or introduce backdoors is a sure fire way to ensure that sensitive data will find its way into the wrong hands.
“At a time when countries and businesses are panicking about the security of their information, restricting encryption will only make the situation worse.
“The technology versus national security debate is already in full swing due to the ongoing Apple vs FBI situation and, after this announcement, expect to see more companies and the average man on the street siding with Apple. Everyone has a right to privacy, but the government is doing its utmost to take that away.”
Eli Katz, chair of the Internet Telephony Service Providers Association (ITSPA)
“Whilst ITSPA generally accepted the main principles of the bill on its original draft publication in November, we did agree with the three parliamentary committee reports that more needed to be done to ensure the balance and proportionality around security, privacy and feasibility were maintained. The devil will be in the detail but we welcome some of the changes that have been included to help resolve some of the concerns.
“Specifically, the addition of six codes of practice to set out how security services will use powers in the bill is a welcome inclusion. Additionally, the clarification that a pragmatic approach to encryption, whereby communications providers will only be required to decrypt communications that they have added themselves and only when practicable, is welcome. What happens in practice still remains to be seen.
“The Home Office’s approach to this bill has been much improved since its predecessor in 2012 and they have generally communicated with industry in an effective manner. We do now urge government to continue that engagement process to address remaining areas of ambiguity in the bill and stress the need for enough parliamentary time to ensure the legislation is reviewed properly.”
Security vendor Flashpoint debuts partner programme following $28m funding
Complex buying journeys and sprawling partner networks hampering customer experience, says Accenture
Datacentre provider Cyxtera says launch is “milestone in our go-to-market strategy”
Ensono highlights importance of mainframes still to major industries
Security vendor VASCO looks to replicate UK and German set up across EMEA
Splunk details investment in Partner+ programme at .conf2017