UK Surveillance Bill Version 2.0 is Just as Dangerous

By Anthony Mills

UK Home Secretary Theresa May has unveiled a ‘revised’ version of the government’s proposed surveillance legislation, the Investigatory Powers Bill, after an initial draft was criticised by no less than three parliamentary oversight committees. The government says the bill is designed to update British surveillance legislation dating back 15 years or so and to enshrine in law the surveillance activities of Britain’s spy agencies.

The new draft is just as dangerous.

Two of the most contentious components – mass gathering of phone and Internet data for bulk analysis, and the storing of individual web browsing histories for a year – remain untouched. It’s not just the spooks who will have access to the latter but the police too, and in the case of regular citizens they won’t need permission from a judge. The potential for abuse is high, in great part because one of the key parliamentary oversight recommendations it pays only lip service to is the inclusion of a substantive review process or ‘sunset clause’.

The bill now simply says that all the Secretary of State has to do is, after six years, draft a report and give it to the British parliament. For a start, six years is far too long a review period in the context of the rapid technological change inherent to the digital era. Second of all, there’s no mention of an ‘independent’ oversight entity charged with regular independent review – a pre-requisite if the citizenry are to be even reasonably represented in all of this – and with independent authority to draw conclusions such as: this element isn’t working, or is being abused, and should be adapted or scrapped. In short, the absence of any real, independent review entity and process deprives the bill of its democratic legitimacy. Whether or not one subscribes to the Orwellian view that all democracies tend towards security-services-driven totalitarianism, or the Panoptic view, espoused by Foucault, that the perception of ubiquitous surveillance necessarily results in self-censorship, in the absence of transparent, democratic checks and balances, even for those who operate in the shadows, the possibility of abuse is magnified.

Speaking of abuse, if the police want to access journalists’ records they will need the signature of a judge, but this may in certain instances simply amount to rubber stamping. Whistle-blowers and confidential sources enjoy no such protections. And what about those police officers who decide to circumvent the judge because, for instance, they want to identify a leak. There are plenty of other possibilities for ‘the end justifies the means’ approaches to surveillance.

Can’t happen, you say?

In 2015, Britain’s Metropolitan Police allegedly abused anti-terror legislation to spy on journalists’ phones, because they wanted the identity of a confidential source[1]. A year earlier the police were found to have been routinely spying on UK reporters who covered protests, for years[2]. And documents unveiled by whistleblower Edward Snowden, released in 2015, showed that journalists’ emails from the BBC, Reuters, The Guardian, The New York Times, Le Monde, The Sun, NBC and the Washington Post had been sucked up by British spying agency GCHQ[3]. In Ireland it recently emerged that the police had secretly accessed journalists’ phone records in a quest to identify the source of police leaks to the press.[4] In Scotland, meanwhile, less than a year ago, two separate police forces were found to have misused surveillance law to spy on a journalist in an effort to identify confidential sources.[5]

The ability of the police to use and abuse surveillance has in fact been expanded in version 2 of the bill, which explicitly authorises electronic hacking by police – as opposed to the intelligence agencies (as had been the case thus far) – in specific instances. Again, where there is power, it can be abused.

Such precedent for abuse is why the media, human rights activists and other observers are so concerned about the central elements of the revised bill, despite public proclamations by Home Secretary May that the government does not intend to “undermine the security of people’s data”[6] and that the new draft “is both clearer and stronger in protecting privacy.”[7]

The revised bill continues to threaten fundamental human rights such as the right to freedom of expression, the right to privacy, and the right to media freedom.

Virtually all of the main tenets of criticism of the bill by the three parliamentary committees have been ignored despite apparent acquiescence to a couple of committee suggestions such as the proposal that a verbal pledge to forego any demand for “back doors” into encrypted communication be written into the legislation. The now-written pledge carries the vague proviso that demands for circumvention of encryption must be “practicable.”[8]

The bill remains replete with such vague wording: the police are allowed to use heavy surveillance in the case of “serious crimes” or when the “economic wellbeing of the country” is at stake.

The Science & Technology Committee had warned of the threat the bill posed to the tech industry. The powerful Intelligence & Security Committee which said the legislation appeared to be hastily thought through and ill-conceived, and went nowhere near far enough in safeguarding the right to privacy of ordinary citizens, terming it a “missed opportunity”. Committee member Dominic Grieve, a Conservative MP, said: “We had expected to find universal privacy protections applied consistently throughout . . . Instead, the draft bill adopts a rather piecemeal approach, which lacks clarity and undermines the importance of the safeguards associated with these powers.”[9]

And then came the report from a third powerful committee, which said the government had “not made a conclusive case” for the new spying powers outlined in the bill.[10] The committee chair, former Labour Northern Ireland Secretary Lord Murphy, said: “The fact that we have made 86 recommendations shows that we think that part of the bill is flawed and needs to be looked at in greater detail. There is a lot of room for improvement.”[11] Committee members strongly criticised the 12-month web browsing history storage proposal, which former Deputy Prime Minister Nick Clegg, who when in government scuppered a previous attempt to pass a version of the bill, said was akin to the data “dragnet” employed by Russia to “collect everything on everyone”.[12] The committee members also said judicial oversight needed to be strengthened, with the judicial commissioners appointed not by the prime minister but by the Lord Chief Justice, and endowed with the power to initiate their own investigations. They also urged the writing into the bill of stronger protection of legally and journalistically privileged material.

Liberal Democrat peer Lord Strasburger, a member of the committee, said: “Sadly, the Home Office has not learnt the lessons of the snooper’s charter, which the Lib Dems scuppered during the coalition. Three parliamentary committees have concluded that the new bill, like the last one, is vague and confusing and has many other faults. The government has a lot of work to do to get this important bill into shape.

“Parliament must not stand for loosely worded legislation. The Home Office has a bad habit of exploiting badly drafted acts to create highly intrusive powers without bothering to get explicit approval for them or even mentioning them to parliament. That must never be allowed to happen again.”[13]

These committee members are unlikely to be placated by the cosmetic changes masking Home Secretary May’s stubborn determination to force the bill through.

Open Rights Group Executive Director Jim Killock said: “On first reading, the revised Bill barely pays lip service to the concerns raised by the committees that scrutinised the draft Bill. If passed, it would mean that the UK has one of the most draconian surveillance laws of any democracy with mass surveillance powers to monitor every citizen’s browsing history.”

[1] http://www.dailymail.co.uk/news/article-3170190/Met-used-terror-law-spy-reporters-phones-Plebgate-scandal-Three-journalists-launch-legal-action-claims-human-rights-violated.html

[2] http://www.dailymail.co.uk/wires/ap/article-2843470/UK-police-spied-reporters-years-docs-show.html

[3] http://www.theguardian.com/uk-news/2015/jan/19/gchq-intercepted-emails-journalists-ny-times-bbc-guardian-le-monde-reuters-nbc-washington-post

[4] http://www.irishtimes.com/news/crime-and-law/garda-bodies-query-gsoc-s-surveillance-of-civilians-1.2498822

[5] http://www.theguardian.com/media/greenslade/2015/aug/04/political-row-in-scotland-over-police-snooping-on-journalist

[6] http://www.ft.com/intl/cms/s/0/60e82316-cf26-11e5-831d-09f7778e7377.html#axzz3zqouQvWN

[7] http://www.bbc.com/news/uk-politics-35689432

[8] http://www.bbc.com/news/uk-politics-35689432

[9] http://www.ft.com/intl/cms/s/0/60e82316-cf26-11e5-831d-09f7778e7377.html#axzz3zqouQvWN

[10] http://www.theguardian.com/world/2016/feb/11/ministers-not-conclusive-case-web-snoopers-charter

[11] http://www.theguardian.com/world/2016/feb/11/ministers-not-conclusive-case-web-snoopers-charter

[12] http://www.theguardian.com/politics/2016/feb/11/nick-clegg-russia-style-dragnet-surveillance-continue-snoopers-charter-privacy