IP, Technology & Data

The Home Secretary Theresa May has announced the Government’s intention to introduce legislation in next month’s Queen’s Speech which will extend the capabilities of law-enforcement agencies to intercept and store electronic communications (including telephone calls, instant messages, texts, social networking and online gaming).

The Government claims the extension is necessary in order to assist the police and the Security Service and “other authorised bodies” (ie GCHQ and the Secret Intelligence Service) in countering terrorism and investigating serious crime.

Is this sort of interception not occurring already?

The short answer is that it’s quite hard to tell! If you watched Spooks then you might well assume that this has been going on for years.

Since 2001 a plethora of national security measures have eroded civil liberties, and given the oft-quoted statistic that the UK has more CCTV cameras per head of population than any other country on Earth, it wouldn’t be unreasonable to assume that interception and monitoring of electronic communications in the UK is already in full swing.

The official legal position under the Regulation of Investigatory Powers Act 2000 (“RIPA”) is that it is only legal to intrude on private communications if you have a warrant, or both the sender and recipient of information agree that it is acceptable.

However this has only been the case since 2011. The Government was forced to scale back powers of interception under RIPA because the European Commission was contemplating legal proceedings against the UK for failing to properly implement the two Directives aimed at protecting privacy (the Privacy and Electronic Communications Directive (E-Privacy Directive) and the Data Protection Directive).

Details of any new legislation are hard to predict

It’s believed that the plans would give law-enforcement agencies the right to know “who speaks to whom on demand and in real time” – but it’s not clear how this would or could work in reality.

An extension of powers has certainly been on the fringes of Governmental policy for some while. It was first proposed by the Labour Government in 2008 under its Intercept Modernisation Programme. Under the Coalition Government the IMP appears to have been rebranded as the Communications Capabilities Development Programme.

Further, the Government’s Strategic Defence and Security Review, signed by Cameron and Clegg, and published in October 2010, stated the Government’s intention to “legislate to put in place the necessary regulations and safeguards to ensure that our response to [the] technology challenge is compatible with the Government’s approach to information storage and civil liberties”.

The main innovation may well be that internet service providers (ISPs) will have to supply all communications to the authorities, permitting analysis of who an individual is in contact with and the websites that they’re visiting. Clearly, such a system could be expensive for ISPs to develop and maintain. It’s not clear whether these are costs that ISPs will have to absorb themselves – but you can expect lobbying from ISPs on this and other issues. Under the previous Labour Government’s proposals, these costs were put at £2 billion over ten years.

The new legislation may also be drafted to re-extend RIPA in a European Commission-compliant fashion – perhaps by making warrants easier to obtain.

But either way, it is likely to involve the retention of vast swathes of personal information about people. It’s also likely that criminals and others targeted by the legislation will quickly find ways of working around the measures by using proxies and encryption, meaning that the measures are unlikely to achieve their desired effect.

Of course, you can console yourself with the thought that blanket storage and analysis of such scale is surely beyond GCHQ’s current capabilities, unless Barack promised Dave his new toy. Just remember Dave: Love means nothing in tennis.

Follow me