Snoopers’ Charter Revisions ‘Don’t Fix Flaws’

The revised draft Investigatory Powers bill, to be published on Tuesday, contains stronger privacy safeguards that reflect the concerns of the three parliamentary committees that have been reviewing it since its initial publication before Christmas, according to reports.

The committees made a total of 129 recommendations in reports published over the past three weeks, and the new draft takes the majority of them into account, according to unnamed sources cited by a number of media outlets, including The Guardian and the BBC.

Encryption provisions

However, the most fundamental change demanded by privacy advocates – the establishment of judicial oversight for investigators’ access to personal data – reportedly isn’t addressed.

The bill is also unlikely to please IT firms, as it requires them, if asked, to remove encryption that they themselves have applied, where it is “practicable” for them to do so. Firms such as Apple have said that such a statute would mean weaker security for ordinary people.

The revised draft also does little to appease Internet and telephone service providers, who are to be obliged to store users’ internet and telephone records for a period of 12 months. The government has promised to cover all costs related to this data storage, but companies have said the financial and technical provisions are ill-defined.

The bill is intended to provide the government with a firm legal foundation for surveillance practices including access to internet records and the hacking of digital devices, which are already in use but have been contested by privacy advocates.

In order to provide these practices with legitimacy, the revised bill reportedly introduces controls including six codes of practice covering areas such as personal communications data, computer hacking and bulk acquisition of data.

New privacy controls

The revised draft reportedly requires a senior judge to approve access to a journalist’s communications data, in order to ensure the willingness of sources to provide information to journalists.

It reportedly requires a warrant from the home secretary for access to the content of emails, with an Investigatory Powers Commission able to veto such requests.

“This is world-leading legislation, setting out in unprecedented detail the powers available to the police and security services to gather and access communications and communications data, subject to a robust regulatory regime,” Home Office sources said in a statement.

Critics said the changes fail to address “significant flaws”, and said the bill is being rushed through to meet a 31 December deadline.

“We are gravely concerned that the significant flaws within the bill will not have been addressed,” stated the Don’t Spy on Us coalition.

Are you a security pro? Try our quiz!