Home Office officials defended the Communications Data Bill they helped draft in earnest yesterday, during the opening hearing of the government inquiry into the proposed legislation.
The Joint Select Committee, a collection of six MPs and six peers charged with scrutinising the bill before it goes to Parliament, met for the first time on Tuesday afternoon to start the process of examining the contentious aspects of the proposed legislation, including its impact on privacy and its tricky technical aspects.
In its current form, the bill proposes to store all UK citizens’ communications data, including who contacted who, when and from where, but omitting the content of the conversations.
Director general of the Office for Security and Counter Terrorism in the Home Office, Charles Farr, told the Joint Committee that the proposed powers would give authorities access to 85 percent of the data they needed to carry out their work effectively.
“I am satisfied with the techniques which are being developed,” he added. “Many workarounds can be defeated.
“We are not proposing this legislation will cover 100 percent of the communications environment… [but we are confident] that by 2018 we can stem the communications gap… and get 85 percent of what we need.”
The government will not be installing black boxes at all UK ISPs to separate content from communications data, as had been speculated. TechWeekEurope was recently told the Home Office was distancing itself from that idea, which was believed to be a core part of the original plans.
Farr claimed that black boxes, or deep packet inspection technologies, were “not the cornerstone of this programme” nor “the central plank of it”. They will only be used in cases where an overseas communications provider was unwilling to work with the government on supplying requested information. In those cases, black boxes would be installed at the UK ISP the foreign provider is running through.
Farr promised that the black boxes would be checked by the government to ensure they did not reveal content, but did not say what technology would be used for separating the comms data from the content.
Despite a lack of detail on what technology would be used to separate content from communications data, Richard Alcock, director of the communications capability directorate at the Home Office, said it was “very easy” to do.
The Joint Committee also asked about the bill’s apparent allowance for police to require ISPs to store comms data for an indefinite period of time, rather than the 12 months currently stipulated under RIPA. Farr defended that aspect of the bill, saying it was essential data was “retained until court proceedings take place”.
Comms data will include all websites that a user visits, according to the Home Office. A Home Office spokesperson subsequently told TechWeekEurope that it would only be visits to a certain website that would be tracked (e.g. http://www.techweekeurope.co.uk) rather than visits to all subsequent web pages on that site (e.g. http://www.techweekeurope.co.uk/news/snoopers-charter-black-boxes-77206). That should allay some fears around what content web page URLs could reveal.
The Home Office officials also faced questions over what kinds of crimes the bill would cover, and were asked whether they would consider changing the bill so it specified when communications data could be accessed by police. Under the current proposals, it appears law enforcement would be able to acquire comms data for any crime, right down to small offences such as using a mobile phone whilst driving.
The fact that there is no single definition of ‘serious crime’ in codified British law has made matters even trickier. Peter Hill, head of the unit for pursue policy and the strategy unit in the Home Office, said that it may be wise to allow for applications for data even in apparently less serious crimes.
“You would have to find a way of managing that investigative process whereby you start with a less serious crime and end up with a very serious crime. That’s not to say it couldn’t be done,” he added.
Four bodies will be able to apply for access to comms data under the proposals, including the police, the National Crime Agency (NCA), the intelligence agencies and HM Revenue and Customs. A senior officer will have to sign off applications, but no warrant will be needed.
Are you a privacy pro? Try our quiz!
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…
View Comments
No black boxes except for overseas communications?
So that would be for all communications to Skype, Facebook, Google, Twitter, Hotmail, etc. as they have absolutely no reason to give [i]carte blanche[/i] access to [b]any[/b] communications, encrypted or otherwise. So no change whatsoever. They will be installed at all ISPs as they all have access to overseas content and we are to believe that only non-UK IP sources / destinations will be intercepted? Yeah, right. Do you really think we're that stupid?