UK Forced To Backtrack on Internet ‘snooping’

Uploaded on 2015-11-04 in NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-Law

 

Highly controversial plans to allow the police and security services full access to everyone’s internet browsing history have been abandoned by ministers in what is being presented as a dramatic climb-down over online surveillance.

Amid fears in government that it would be unable to force new laws through parliament because of concerns over civil liberties, the Home Office said it had dropped several contentious proposals from the investigatory powers bill, which will be published in draft form on Wednesday.

Ministers announced in the Queen’s speech in May that the bill would aim “to maintain the ability of intelligence agencies and law enforcement to target online communications of terrorists, paedophiles and other serious criminals”. Downing Street said at the time that it would provide the authorities “with the tools to keep you and your family safe”.

But in an unexpected move that will be seen as a blow to home secretary Theresa May, government sources said they had “dropped completely” key elements of their original 2012 proposals, dubbed the “snooper’s charter” and blocked during the coalition by Nick Clegg.

In a statement, senior sources said that rather than increasing intrusive surveillance, the bill would bar police and security services from accessing people’s browsing histories – a power demanded by the security services – and that “any access to internet connection records will be strictly limited and targeted”.

They also revealed that ministers had ruled out plans to restrict or ban companies from encrypting material on the Internet that had alarmed privacy and technology campaigners. In what they said was a further change, ministers would not, as they had previously suggested, demand that UK communication service providers (CSPs) should capture and store internet traffic from companies based in the United States.

A government source said: “We’re absolutely clear that key parts of the original plans from 2012 will be dropped from the new bill. We have consulted widely … we are coming forward with a new approach.
“We know these powers are needed as technology changes and terrorists and criminals use ever more sophisticated ways to communicate. But we need to give people the reassurance that not only are they needed, but that they are only ever used in a necessary, proportionate and accountable way. That is what this bill is all about.”

The move, which Downing Street insisted had been agreed between the prime minister and home secretary following extensive consultation, was welcomed as a significant change by former Tory leadership contender and leading campaigner for civil liberties David Davis.
“This is a welcome recognition that some of the previous proposals were both spectacularly impractical and to a large extent ignored the rights of individual citizens,” he said.
“Taken at face value, this new approach by the government suggests it has learned from the important and balanced reports by David Anderson and to a lesser extent the intelligence and security committee.”

However Shami Chakrabarti, director of civil rights group Liberty, claimed that the self-proclaimed climb-down was mere spin. She suggested the government had ignored the most important safeguard, for any interception to take place only after judicial authorisation had been given.
 “It’s a traditional Home Office dance first to ask for the most outrageous, even impractical, powers, so that the smallest so-called ‘concessions’ seem more reasonable,” she said. “The frantic spinning distracts from the sleight of hand. Where is the judicial sign-off before our private communications can be collected, hacked and tapped? Where is the move back to targeted surveillance and away from the blanket collection of our private data?”
Senior Tories said ministers – bruised by last week’s defeat in the House of Lords over tax credits – feared the plans would face fierce and prolonged opposition in the Lords if the powers were seen to be too draconian. Some Tory MPs would also have rebelled, putting the government’s slim majority in danger in the Commons.

Dr Simon Moores, an IT consultant who was a critic of the previous government’s attempts to increase interception powers, gave a cautious welcome. “There was a fear that the government, in its pursuit of terrorism, might remove those freedoms and principles that people associate with the internet,” Moores explained.
 “We all thought they were going to clamp down and introduce the most restrictive environment. But the government has said ‘we’re not going to do this; we’re not going to store your web browsing history. In fact we’re going to offer a level of oversight.’

After what we’ve heard recently from the government surrounding encryption, web history, browsing and storing of data, this smacks of common sense. In this case, the threatened regulatory powers around encryption and monitoring of traffic across international networks – the forte of GCHQ – have evaporated. It’s a very positive step.
“I’m very, very encouraged to see the mention of judicial oversight in terms of being able to restrict the powers given to the intelligence agencies. This smacks of a post-Snowden era. But the final judgment has to be about what that level of oversight this will be. It is somewhat woolly.”

Guardian:http://http://bit.ly/1MbXpw1

U.S. CISA Cybersecurity Bill Passes Senate: http://ow.ly/U85r3

 

 

« EU Will Fund Car, Hospital & Airport IT Security
Stolen Credit Card Details Cost £1 Online »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

eSentire

eSentire

eSentire is the authority in Managed Detection and Response Services, protecting the critical data and applications of organizations from known and unknown cyber threats.

Luxar Tech

Luxar Tech

Luxar's network visibility products enable enterprises and service providers to monitor network traffic, improve security and optimize efficiency.

Finnish Information Security Cluster (FISC)

Finnish Information Security Cluster (FISC)

FISC is an organization established by major Finnish information security companies to promote their activities nationally and internationally.

SBS CyberSecurity

SBS CyberSecurity

SBS CyberSecurity is a premier cybersecurity consulting and audit firm.

Quadrant Information Security

Quadrant Information Security

Quadrant Information Security is a consulting firm committed to supporting organizations in all vertical markets and protecting their sensitive data.

vdiscovery

vdiscovery

vdiscovery is a provider of proprietary and best-in-breed solutions in computer forensics, document review, and electronic discovery.

Combis

Combis

COMBIS is a regional high-tech ICT company focused on the development of application, communication, security and system solutions and the provision of services.

ArcusTeam

ArcusTeam

ArcusTeam is at the forefront of the firmware and applications security industry, with a mission to increase the level of security on all IoT devices and applications.

Arkose Labs

Arkose Labs

Arkose Labs' Fraud and Abuse Platform combines Telemetry and adaptive Enforcement Challenges to break down the ROI of fraudsters and protect digital businesses.

Cyber Security Canada

Cyber Security Canada

Cyber Security Canada is an accredited Certification Body for government-backed Cyber Security Certification Programs, designed specifically for small and medium-sized Canadian businesses.

Cisco Networking Academy

Cisco Networking Academy

Cisco Networking Academy is the world's largest classroom, bringing technology education, 21st-century skills, and improved jobs prospects since 1997.

Alpha Omega Integration

Alpha Omega Integration

Alpha Omega creates new possibilities through intelligent end-to-end mission-focused government IT solutions.

Data Defenders

Data Defenders

Data Defenders provide information security technology solutions that empower consumers, businesses and governments with safe and secure IT and cybersecurity infrastructures.

Ampsight

Ampsight

Ampsight specializes in enabling cloud integration, securing data, and navigating complications that drive critical-mission success.

NeoGuardian

NeoGuardian

NeoGuardian offer robust solutions to protect your data and systems against cyber threats, with an innovative and fully business-focused approach.

Quantum Flagship

Quantum Flagship

Quantum Flagship's goal is to consolidate and expand European scientific leadership and excellence in the research area of quantum technology.