UK Forced To Backtrack on Internet ‘snooping’

Uploaded on 2015-11-04 in NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-Law

 

Highly controversial plans to allow the police and security services full access to everyone’s internet browsing history have been abandoned by ministers in what is being presented as a dramatic climb-down over online surveillance.

Amid fears in government that it would be unable to force new laws through parliament because of concerns over civil liberties, the Home Office said it had dropped several contentious proposals from the investigatory powers bill, which will be published in draft form on Wednesday.

Ministers announced in the Queen’s speech in May that the bill would aim “to maintain the ability of intelligence agencies and law enforcement to target online communications of terrorists, paedophiles and other serious criminals”. Downing Street said at the time that it would provide the authorities “with the tools to keep you and your family safe”.

But in an unexpected move that will be seen as a blow to home secretary Theresa May, government sources said they had “dropped completely” key elements of their original 2012 proposals, dubbed the “snooper’s charter” and blocked during the coalition by Nick Clegg.

In a statement, senior sources said that rather than increasing intrusive surveillance, the bill would bar police and security services from accessing people’s browsing histories – a power demanded by the security services – and that “any access to internet connection records will be strictly limited and targeted”.

They also revealed that ministers had ruled out plans to restrict or ban companies from encrypting material on the Internet that had alarmed privacy and technology campaigners. In what they said was a further change, ministers would not, as they had previously suggested, demand that UK communication service providers (CSPs) should capture and store internet traffic from companies based in the United States.

A government source said: “We’re absolutely clear that key parts of the original plans from 2012 will be dropped from the new bill. We have consulted widely … we are coming forward with a new approach.
“We know these powers are needed as technology changes and terrorists and criminals use ever more sophisticated ways to communicate. But we need to give people the reassurance that not only are they needed, but that they are only ever used in a necessary, proportionate and accountable way. That is what this bill is all about.”

The move, which Downing Street insisted had been agreed between the prime minister and home secretary following extensive consultation, was welcomed as a significant change by former Tory leadership contender and leading campaigner for civil liberties David Davis.
“This is a welcome recognition that some of the previous proposals were both spectacularly impractical and to a large extent ignored the rights of individual citizens,” he said.
“Taken at face value, this new approach by the government suggests it has learned from the important and balanced reports by David Anderson and to a lesser extent the intelligence and security committee.”

However Shami Chakrabarti, director of civil rights group Liberty, claimed that the self-proclaimed climb-down was mere spin. She suggested the government had ignored the most important safeguard, for any interception to take place only after judicial authorisation had been given.
 “It’s a traditional Home Office dance first to ask for the most outrageous, even impractical, powers, so that the smallest so-called ‘concessions’ seem more reasonable,” she said. “The frantic spinning distracts from the sleight of hand. Where is the judicial sign-off before our private communications can be collected, hacked and tapped? Where is the move back to targeted surveillance and away from the blanket collection of our private data?”
Senior Tories said ministers – bruised by last week’s defeat in the House of Lords over tax credits – feared the plans would face fierce and prolonged opposition in the Lords if the powers were seen to be too draconian. Some Tory MPs would also have rebelled, putting the government’s slim majority in danger in the Commons.

Dr Simon Moores, an IT consultant who was a critic of the previous government’s attempts to increase interception powers, gave a cautious welcome. “There was a fear that the government, in its pursuit of terrorism, might remove those freedoms and principles that people associate with the internet,” Moores explained.
 “We all thought they were going to clamp down and introduce the most restrictive environment. But the government has said ‘we’re not going to do this; we’re not going to store your web browsing history. In fact we’re going to offer a level of oversight.’

After what we’ve heard recently from the government surrounding encryption, web history, browsing and storing of data, this smacks of common sense. In this case, the threatened regulatory powers around encryption and monitoring of traffic across international networks – the forte of GCHQ – have evaporated. It’s a very positive step.
“I’m very, very encouraged to see the mention of judicial oversight in terms of being able to restrict the powers given to the intelligence agencies. This smacks of a post-Snowden era. But the final judgment has to be about what that level of oversight this will be. It is somewhat woolly.”

Guardian:http://http://bit.ly/1MbXpw1

U.S. CISA Cybersecurity Bill Passes Senate: http://ow.ly/U85r3

 

 

« EU Will Fund Car, Hospital & Airport IT Security
Stolen Credit Card Details Cost £1 Online »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Cybersecurity Philippines CERT (CSP-CERT)

Cybersecurity Philippines CERT (CSP-CERT)

Cybersecurity Philippines CERT is the national Computer Emergency Response Team for the Philippines.

BTWorks

BTWorks

BTWorks provides identity management and anti-phishing / smishing solutions for web and mobile apps.

Think Cyber Security (ThinkCyber)

Think Cyber Security (ThinkCyber)

ThinkCyber is a Tel Aviv-based Israeli company with a team of cybersecurity professionals who are experts in both information and operations technology.

Canadian Institute for Cybersecurity (CIC)

Canadian Institute for Cybersecurity (CIC)

The Canadian Institute for Cybersecurity (CIC) is a comprehensive multidisciplinary training, research and development, and entrepreneurial unit.

Digital Resolve

Digital Resolve

Digital Resolve delivers solutions that help companies maintain trust and confidence through proven and cost-effective fraud-protection and identity intelligence technology.

Wolf Hill Group

Wolf Hill Group

Wolf Hill Group, a Slone Partners company, is a national recruitment firm focused on Cybersecurity.

RealCISO

RealCISO

RealCISO is a CISO grade cloud platform to help companies understand, manage, and mitigate their cyber risk.

Ethyca

Ethyca

Ethyca builds automated data privacy infrastructure and tools for developers and privacy teams to easily build products that comply with GDPR, CCPA Privacy Regulations.

Anonomatic

Anonomatic

Anonomatic’s mission is to make data privacy secure, simple and cost effective. We are Data and Privacy Experts who are passionate about helping organizations solve PII compliance.

SafePaas

SafePaas

SafePaas is a leading Enterprise Risk Management Platform. One source of truth for all your Audit, Risk, and Compliance requirements. Complete governance across your systems.

McAfee

McAfee

McAfee is a worldwide leader in online protection. We’re focused on protecting people, not devices. Our solutions adapt to our customers’ needs and empower them to confidently experience life online.

Xact IT Solutions

Xact IT Solutions

Xact IT Solutions are a certified cybersecurity firm offering cybersecurity, compliance and managed services.

Secure Halo

Secure Halo

Secure Halo has been protecting the intellectual assets and sensitive information of the federal government and private sector for 20+ years, through our proactive approach to risk and cybersecurity.

Insane Cyber

Insane Cyber

Insane Cyber make cybersecurity easier to manage through automated, easy-to-use software and expert support and partnership.

Aztek

Aztek

Aztek is one of the UK’s leading Managed Service Providers, providing customer-focused IT, Communication and Cyber Security solutions to help transform and grow your business.

Dream

Dream

Dream is developing an AI platform that enables cyber resilience and protects nations from hostile nation-states cyber attacks.