UK Web Snooping Powers Are 'Undemocratic'

c542ec58-1075-11e5-_923137c.jpg

David Anderson QC

A review of phone and Internet surveillance says current "undemocratic and unnecessary" laws need a complete overhaul.
In the report, terror law expert David Anderson QC said that the government needed to do more to prove why security services should be able to monitor our web browsing histories for two years - as has been mooted.
He said that judges, rather than political figures, should issue warrants for interception.
And he recommended that they should lead a new oversight body - the Independent Surveillance and Intelligence Committee - to monitor activity.
Bulk surveillance should be more targeted and better overseen - but will continue.
Mr Anderson said: "The current law is fragmented, obscure, under constant challenge and variable in the protections that it affords the innocent. It is time for a clean slate."
Home Secretary Theresa May, in a speech to Parliament, said: "As (he) makes clear it is imperative that the use of sensitive powers are overseen and fully declared under arrangements set by Parliament. It is right that Parliament has the opportunity to debate those arrangements."
The UK Government can access the content of communications - text messages, emails - with a warrant signed by the Secretary of State.
Communications data - when and with whom your are communicating - can be accessed under RIPA, which is signed off by police forces.
How is this data gathered?
Much of the communications data is gathered through bulk interception - trawling the Internet for huge amounts of communication, which is then sifted for analysis.
Intercepted communications are handed over by phone companies, or by Internet companies; like Facebook, and this is at the request of the authorities. Currently, the latter is done on a voluntary basis.
Is everyone under surveillance, or only specific targets?
Not everyone is being monitored the whole time and GCHQ is not reading the emails of everyone in the country. However, many innocent people’s communications data is swept up by bulk intelligence. Bulk interception may be applied to the communications of specific targets to see whom they're communicating with.
Who has access to it?
Lots of government bodies have access, but it is most important to the work of the security services and police.
Is there proof that access to this data has stopped any terror attacks?
The security services and police say bulk interception is vital. 55% of the intelligence that GCHQ provides comes from bulk interception of communications data, according to the Anderson review.
The security services and police say that bulk interception has stopped terror attacks and other serious crime.
Who currently oversees this system, and are there any safeguards?
There are a variety of bodies, with the Parliamentary Intelligence and Security Committee the most prominent.
The Anderson reports suggests the creation of a new, overarching body called the Independent Surveillance and Intelligence committee, headed by a judge, not a politician. 
Why was this report commissioned?
It was a condition of emergency legislation passed last year by the government to compel phone companies to keep records for two years, after the European Court of Justice said that the existing European law was in fact unlawful.
What are the next steps for his recommendations?
The government will publish its draft surveillance bill – the so-called Snooper's charter – in the autumn. It will take into account Anderson's recommendations although they are just that: recommendations. There's no guarantee they will become law.
Sky: http://bit.ly/1Bds3lI

« The Bright Horizon For Information Security Jobs
North Korea Threatens US with Cyberattacks »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Dcoya

Dcoya

Dcoya's complete security awareness training program gives you out-of-the-box compliance with PCI-DSS, HIPAA, SOX and ISO regulations.

PrimeKey

PrimeKey

PrimeKey provides organisations with the ability to implement security solutions such as e-ID, e-Passports, authentication, digital signatures, unified digital identities and validation.

GreyCastle Security

GreyCastle Security

GreyCastle Security is a leading cybersecurity services provider dedicated exclusively to cybersecurity and the practical management of cybersecurity risks.

HacWare

HacWare

HacWare is a data driven cybersecurity awareness product that leverages machine learning and behavior analytics help IT professionals combat phishing.

cleverDome

cleverDome

cleverDome has created the first community built and proven model that redefines the standards for protecting the most confidential data and information of consumers in the cloud.

MicroSec

MicroSec

MicroSec is a company specializing in IoT security. We focus on bringing enterprise grade security to IoT and embedded systems.

Redhorse

Redhorse

Redhorse provides top-tier consulting to help clients address mission-critical government problems in National Security, Networking Technology, Energy and the Environment.

Telefonica Global Solutions (TGS)

Telefonica Global Solutions (TGS)

Telefonica Global Solutions is the technological partner of wholesalers and enterprises, helping them to achieve the digitalization they need.

Cyber Defense Networking Solutions (CDNS)

Cyber Defense Networking Solutions (CDNS)

CDNS is a global network infrastructure provider whose platforms are engineered for security, optimized for speed and designed for resiliency.

Pillar Technology Partners

Pillar Technology Partners

Pillar Technology Partners is an Information Security Company with a focus on improving Cyber Risk and optimizing the processes and technology that underpin the security of your information assets.

Locuz

Locuz

At Locuz, we’ve made it our mission to help businesses like yours create an actionable digital strategy.

Telesign

Telesign

Telesign connect, protect, and defend online experiences with sophisticated digital identity and programmable communications solutions.

CaseMatrix

CaseMatrix

Discover a new era of legal intelligence with CaseMatrix. We identify potential class action cases arising from cyber incidents and data breaches.

Bastazo

Bastazo

Bastazo provides tools for vulnerability and patch management. Focus your cybersecurity operations on vulnerabilities with the highest risk of exploitation.

Keeran Networks

Keeran Networks

Established in Edmonton in 1999, Keeran specializes in delivering comprehensive IT support and solutions aimed at optimizing technology investments for businesses.

True North Solutions

True North Solutions

True North Solutions provides a wide range of fully customized, vendor-neutral industrial engineering and OT automation solutions to companies across North America and around the world.