Is The Snooper’s Charter Good For UK Tech?

Surveillance

Snooper’s Charter appears to be revived, but with some predicting a tech exodus from the UK, what impact will have?

Last week, the new Convervative government detailed plans to revive the controversial Investigatory Powers bill, or Snooper’s Charter.

Previous attempts to introduce the charter had been thwarted by the Conservatives’ former Liberal Democrat coalition partners. But now emboldened by the party’s victory at the 2015 General Election last month, in which it won a majority, Home Secretary Theresa May has put the bill firmly back on the agenda.

The bill includes not only the previously blocked snooper’s charter, which allows the tracking of people’s web and social media use, but also includes measures that will strengthen the ability of the security service for the bulk interception (via search warrants) of the content of communications.

But what impact will this have on the UK technology industry and is the bill an invasion of our privacy?

Preston Byrne, COO of Eris Industries

Mobile hacking spy eye“Eris Industries’ business is industrial cryptography. This legislation, if passed, is likely to prevent our technology’s use in myriad industrial applications, including financial services, which need reliable, open-source cryptography desperately if they are to stay competitive in a digital age.

“The fact is, however, that cryptography overwhelmingly protects legal businesses and ordinary people, not criminals and terrorists, from harm. Strong cryptography should therefore remain entirely free and legal. If this Bill is passed into law, we are likely to see a mass exodus of tech companies and financial services firms alike from the United Kingdom. We are happy to lead by example.

“Attempting to curtail progress and free expression in the manner the UK Government proposes to do is a struggle it is certain to lose.”

Antony Walker, deputy CEO of techUK

“We don’t yet know exactly what will be in the Investigatory Powers Bill. Whilst there is a clear need to update the existing law, any extension of current powers must be the subject of proper scrutiny and detailed consultation.

“The challenge here is to keep the UK safe, whilst also protecting our fundamental democratic values. That requires the creation of a legal framework that provides clarity and certainly for both the public and the companies that provide communications services. The measures proposed in the bill must be practical, proportionate and workable, with effective democratic oversight.

“This is not an unobtainable objective, but it’s important that government works closely with, and listens to, stakeholders to get the detail right.”

Dr Guy Bunker, senior vice president of products at Clearswift

“As a process the Snooper’s Charter is unworkable in practice. Companies are already leaving the country based on the potential for it coming into force. I suspect more will consider relocating if operating under UK (& EU) law puts them at a disadvantage on the world stage.

“From the tech perspective, if there is a need for ‘back doors’ or excessive data retention, then there is an additional cost – as well as a potential conflict of interests. It definitely creates a significant draw for hackers. But for many organisations their customer databases and information around them already are a draw, so I don’t think this is a great change. Any database with private information needs to be properly protected and monitored for anomalous behaviour.

“Today the people who want to do ‘bad’ things are not stupid, they use one-time credit cards, pay as you go phones and internet cafes to cover their tracks. Many of the ideas behind the Snoopers charter do not take into account the sophistication of the determined extremist – and instead penalise the law abiding individual and the companies who need to comply.

Tony Anscombe, AVG Technologies

Privacy security gagging order hush retro © Everett Collection Shutterstock“There are already technical solutions available to avoid having data collected about us – for example, using encryption and proxying through servers that are outside of the UK borders makes it harder for meaningful data to be collected, which of course can include voice calls made over the internet.

“The people that want to hide will know that these technologies exist and will most likely be using them already to cover their tracks. This means the chances that ‘malicious users’ have already obscured their data, so the question we should be asking is, ‘Whose data is being collected under the Charter and for what purpose?’

“There is an increase in risk when retaining large amounts of data that potentially contains personally identifiable information, not just from cybercriminals but also the ability to profile and target the user as a result of the companies holding the data.

“Currently many companies do not give consumers transparency over their data retention or data archiving policies so the data is likely already collected and stored. What the Snoopers Charter does is simply highlight those practices. In many aspects, the honeypot for cybercriminals may already be in existence.”

Sergio Galindo, GFI Software

“Yes, there is a legitimate role for this kind of legislation, but it can’t be rushed into and it needs a clear level of oversight in place to ensure that privacy is not infringed on or abused without due process, and to ensure the wider IT industry does not abuse the data it is retaining for government monitoring purposes. That will go at least some way to ensuring public confidence in any such legislation and in the communications providers.”

Neil Cook, CTO, Cloudmark

“’No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence’. That’s from the UN Declaration of Universal Human Rights. Who you choose to communicate with is a private matter, and unless the government has good reason to suspect you of criminal activities, they should not have access to that data.

“There is no evidence that any mass data collection in the US or the UK has made us any safer. It’s just making the haystack bigger without giving any help to finding the needles. The genuine bad actors can easily find secure channels to communicate –  that are outside the reach of this sort of data collection. I believe traditional intelligence methods are a far better means of protecting our security.”

Jacob Ginsberg, Echoworx

clouseau france spy surveillance“No-one can argue with the fact that if the police were able to access and look inside all houses, they would catch more criminals. But is this going too far? Is the value gained from this type of intelligence worth watching citizens as if they were criminals? We also have to consider how this may be putting people at risk. History has shown that the government is subject to attacks just as much, if not more so than other parties.

“All of the data collected by the government will need to be stored somewhere, what’s top stop someone hacking into and exposing that data? No-one is arguing whether we would catch more criminals, but there’s a fine line and this would be crossing it. There is a balance that needs to be struck. I’m looking forward to hearing more about the specific details of the bill as the government moves forward. We will also be looking to make sure there’s appropriate judicial oversight balancing the use of these powers.”

Garry Newe, technical director, F5 Networks

“Personally I am not sure if the Snoopers Charter / Comms Data Bill is a good thing or not. I think that there are enough laws in place to allow police and other law enforcement agencies to get information. What happens when all the information is encrypted? How will they be able to see the content then? At the moment UK police make a meta data request to the mobile companies every 2 seconds so they already make use of existing methods.”

Are you a pedant on privacy? Try our quiz!