UK Forced To Backtrack on Internet ‘snooping’

Uploaded on 2015-11-04 in NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-Law

 

Highly controversial plans to allow the police and security services full access to everyone’s internet browsing history have been abandoned by ministers in what is being presented as a dramatic climb-down over online surveillance.

Amid fears in government that it would be unable to force new laws through parliament because of concerns over civil liberties, the Home Office said it had dropped several contentious proposals from the investigatory powers bill, which will be published in draft form on Wednesday.

Ministers announced in the Queen’s speech in May that the bill would aim “to maintain the ability of intelligence agencies and law enforcement to target online communications of terrorists, paedophiles and other serious criminals”. Downing Street said at the time that it would provide the authorities “with the tools to keep you and your family safe”.

But in an unexpected move that will be seen as a blow to home secretary Theresa May, government sources said they had “dropped completely” key elements of their original 2012 proposals, dubbed the “snooper’s charter” and blocked during the coalition by Nick Clegg.

In a statement, senior sources said that rather than increasing intrusive surveillance, the bill would bar police and security services from accessing people’s browsing histories – a power demanded by the security services – and that “any access to internet connection records will be strictly limited and targeted”.

They also revealed that ministers had ruled out plans to restrict or ban companies from encrypting material on the Internet that had alarmed privacy and technology campaigners. In what they said was a further change, ministers would not, as they had previously suggested, demand that UK communication service providers (CSPs) should capture and store internet traffic from companies based in the United States.

A government source said: “We’re absolutely clear that key parts of the original plans from 2012 will be dropped from the new bill. We have consulted widely … we are coming forward with a new approach.
“We know these powers are needed as technology changes and terrorists and criminals use ever more sophisticated ways to communicate. But we need to give people the reassurance that not only are they needed, but that they are only ever used in a necessary, proportionate and accountable way. That is what this bill is all about.”

The move, which Downing Street insisted had been agreed between the prime minister and home secretary following extensive consultation, was welcomed as a significant change by former Tory leadership contender and leading campaigner for civil liberties David Davis.
“This is a welcome recognition that some of the previous proposals were both spectacularly impractical and to a large extent ignored the rights of individual citizens,” he said.
“Taken at face value, this new approach by the government suggests it has learned from the important and balanced reports by David Anderson and to a lesser extent the intelligence and security committee.”

However Shami Chakrabarti, director of civil rights group Liberty, claimed that the self-proclaimed climb-down was mere spin. She suggested the government had ignored the most important safeguard, for any interception to take place only after judicial authorisation had been given.
 “It’s a traditional Home Office dance first to ask for the most outrageous, even impractical, powers, so that the smallest so-called ‘concessions’ seem more reasonable,” she said. “The frantic spinning distracts from the sleight of hand. Where is the judicial sign-off before our private communications can be collected, hacked and tapped? Where is the move back to targeted surveillance and away from the blanket collection of our private data?”
Senior Tories said ministers – bruised by last week’s defeat in the House of Lords over tax credits – feared the plans would face fierce and prolonged opposition in the Lords if the powers were seen to be too draconian. Some Tory MPs would also have rebelled, putting the government’s slim majority in danger in the Commons.

Dr Simon Moores, an IT consultant who was a critic of the previous government’s attempts to increase interception powers, gave a cautious welcome. “There was a fear that the government, in its pursuit of terrorism, might remove those freedoms and principles that people associate with the internet,” Moores explained.
 “We all thought they were going to clamp down and introduce the most restrictive environment. But the government has said ‘we’re not going to do this; we’re not going to store your web browsing history. In fact we’re going to offer a level of oversight.’

After what we’ve heard recently from the government surrounding encryption, web history, browsing and storing of data, this smacks of common sense. In this case, the threatened regulatory powers around encryption and monitoring of traffic across international networks – the forte of GCHQ – have evaporated. It’s a very positive step.
“I’m very, very encouraged to see the mention of judicial oversight in terms of being able to restrict the powers given to the intelligence agencies. This smacks of a post-Snowden era. But the final judgment has to be about what that level of oversight this will be. It is somewhat woolly.”

Guardian:http://http://bit.ly/1MbXpw1

U.S. CISA Cybersecurity Bill Passes Senate: http://ow.ly/U85r3

 

 

« EU Will Fund Car, Hospital & Airport IT Security
Stolen Credit Card Details Cost £1 Online »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Malware.lu

Malware.lu

Malware.lu is a repository of malware and technical analysis. The goal of the project is to provide samples and technical analysis to security researchers.

Concise Technologies

Concise Technologies

Concise Technologies provide specialist IT and telecoms solutions, support services, managed backup, disaster recovery, cyber security and consultancy to SME businesses across the UK and Europe.

FedRAMP

FedRAMP

FedRAMP, is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.

Aspen Insurance

Aspen Insurance

Aspen is a leading diversified specialty insurance and reinsurance company. Products offered include cyber insurance.

Ustels

Ustels

Ustels provides brand protection strategy, intelligence, monitoring and enforcement services.

Cysiv

Cysiv

Cysiv SOC-as-a-Service combines all the elements of an advanced, proactive, threat hunting SOC, with a managed security stack for hybrid cloud, network, and endpoint security.

Wolverhampton Cyber Research Institute (WCRI)

Wolverhampton Cyber Research Institute (WCRI)

Wolverhampton Cyber Research Institute builds on the strength of its members in the area of network and communication security, artificial intelligence, big data and cyber physical systems.

Onevinn

Onevinn

Onevinn's goal is to create a transparent, cost-effective security that is noticed as little as possible by the users. We simply call it "intelligent security."

Bigbee Technology

Bigbee Technology

Bigbee Technology are an IT solutions company based in Dar es Salaam founded by a group of professionals from around the globe.

Concourse Labs

Concourse Labs

Concourse Labs Security Guardrails continuously verify cloud infrastructure and workloads. Continuously assess clouds for security, resiliency, and regulatory compliance.

eaziSecurity

eaziSecurity

eaziSecurity has built an eco-system of technology and services that bring enterprise scale security solutions to the SME marketplace.

Ascent Solutions

Ascent Solutions

Ascent is built to help firms evolve their cybersecurity posture, modernize their Microsoft solutions, and accelerate their journey to the cloud.

Execweb

Execweb

Execweb are a cybersecurity executive network, comprised of 400+ security practitioners who work at Fortune 500 and SME companies.

Aeries Technology

Aeries Technology

Aeries is a technology services organization offering capabilities in Technology Services, Digital Transformation, and Business Process Management.

ConductorOne

ConductorOne

ConductorOne is building the identity security platform for the modern workforce.

Defence Innovation Accelerator for the North Atlantic (DIANA)

Defence Innovation Accelerator for the North Atlantic (DIANA)

The NATO DIANA accelerator programme is designed to equip businesses with the skills and knowledge to navigate the world of deep tech, dual-use innovation.