Home Office officials defended the Communications Data Bill they helped draft in earnest yesterday, during the opening hearing of the government inquiry into the proposed legislation.
The Joint Select Committee, a collection of six MPs and six peers charged with scrutinising the bill before it goes to Parliament, met for the first time on Tuesday afternoon to start the process of examining the contentious aspects of the proposed legislation, including its impact on privacy and its tricky technical aspects.
In its current form, the bill proposes to store all UK citizens’ communications data, including who contacted who, when and from where, but omitting the content of the conversations.
Director general of the Office for Security and Counter Terrorism in the Home Office, Charles Farr, told the Joint Committee that the proposed powers would give authorities access to 85 percent of the data they needed to carry out their work effectively.
“I am satisfied with the techniques which are being developed,” he added. “Many workarounds can be defeated.
“We are not proposing this legislation will cover 100 percent of the communications environment… [but we are confident] that by 2018 we can stem the communications gap… and get 85 percent of what we need.”
The government will not be installing black boxes at all UK ISPs to separate content from communications data, as had been speculated. TechWeekEurope was recently told the Home Office was distancing itself from that idea, which was believed to be a core part of the original plans.
Farr claimed that black boxes, or deep packet inspection technologies, were “not the cornerstone of this programme” nor “the central plank of it”. They will only be used in cases where an overseas communications provider was unwilling to work with the government on supplying requested information. In those cases, black boxes would be installed at the UK ISP the foreign provider is running through.
Farr promised that the black boxes would be checked by the government to ensure they did not reveal content, but did not say what technology would be used for separating the comms data from the content.
Despite a lack of detail on what technology would be used to separate content from communications data, Richard Alcock, director of the communications capability directorate at the Home Office, said it was “very easy” to do.
The Joint Committee also asked about the bill’s apparent allowance for police to require ISPs to store comms data for an indefinite period of time, rather than the 12 months currently stipulated under RIPA. Farr defended that aspect of the bill, saying it was essential data was “retained until court proceedings take place”.
Comms data will include all websites that a user visits, according to the Home Office. A Home Office spokesperson subsequently told TechWeekEurope that it would only be visits to a certain website that would be tracked (e.g. http://www.techweekeurope.co.uk) rather than visits to all subsequent web pages on that site (e.g. http://www.techweekeurope.co.uk/news/snoopers-charter-black-boxes-77206). That should allay some fears around what content web page URLs could reveal.
The Home Office officials also faced questions over what kinds of crimes the bill would cover, and were asked whether they would consider changing the bill so it specified when communications data could be accessed by police. Under the current proposals, it appears law enforcement would be able to acquire comms data for any crime, right down to small offences such as using a mobile phone whilst driving.
The fact that there is no single definition of ‘serious crime’ in codified British law has made matters even trickier. Peter Hill, head of the unit for pursue policy and the strategy unit in the Home Office, said that it may be wise to allow for applications for data even in apparently less serious crimes.
“You would have to find a way of managing that investigative process whereby you start with a less serious crime and end up with a very serious crime. That’s not to say it couldn’t be done,” he added.
Four bodies will be able to apply for access to comms data under the proposals, including the police, the National Crime Agency (NCA), the intelligence agencies and HM Revenue and Customs. A senior officer will have to sign off applications, but no warrant will be needed.
Are you a privacy pro? Try our quiz!
Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector
Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…
Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…
Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…
Explore the future of work with the Silicon In Focus Podcast. Discover how AI is…
Executive hits out at the DoJ's “staggering proposal” to force Google to sell off its…
View Comments
No black boxes except for overseas communications?
So that would be for all communications to Skype, Facebook, Google, Twitter, Hotmail, etc. as they have absolutely no reason to give [i]carte blanche[/i] access to [b]any[/b] communications, encrypted or otherwise. So no change whatsoever. They will be installed at all ISPs as they all have access to overseas content and we are to believe that only non-UK IP sources / destinations will be intercepted? Yeah, right. Do you really think we're that stupid?