UK Web Snooping Powers Are 'Undemocratic'

c542ec58-1075-11e5-_923137c.jpg

David Anderson QC

A review of phone and Internet surveillance says current "undemocratic and unnecessary" laws need a complete overhaul.
In the report, terror law expert David Anderson QC said that the government needed to do more to prove why security services should be able to monitor our web browsing histories for two years - as has been mooted.
He said that judges, rather than political figures, should issue warrants for interception.
And he recommended that they should lead a new oversight body - the Independent Surveillance and Intelligence Committee - to monitor activity.
Bulk surveillance should be more targeted and better overseen - but will continue.
Mr Anderson said: "The current law is fragmented, obscure, under constant challenge and variable in the protections that it affords the innocent. It is time for a clean slate."
Home Secretary Theresa May, in a speech to Parliament, said: "As (he) makes clear it is imperative that the use of sensitive powers are overseen and fully declared under arrangements set by Parliament. It is right that Parliament has the opportunity to debate those arrangements."
The UK Government can access the content of communications - text messages, emails - with a warrant signed by the Secretary of State.
Communications data - when and with whom your are communicating - can be accessed under RIPA, which is signed off by police forces.
How is this data gathered?
Much of the communications data is gathered through bulk interception - trawling the Internet for huge amounts of communication, which is then sifted for analysis.
Intercepted communications are handed over by phone companies, or by Internet companies; like Facebook, and this is at the request of the authorities. Currently, the latter is done on a voluntary basis.
Is everyone under surveillance, or only specific targets?
Not everyone is being monitored the whole time and GCHQ is not reading the emails of everyone in the country. However, many innocent people’s communications data is swept up by bulk intelligence. Bulk interception may be applied to the communications of specific targets to see whom they're communicating with.
Who has access to it?
Lots of government bodies have access, but it is most important to the work of the security services and police.
Is there proof that access to this data has stopped any terror attacks?
The security services and police say bulk interception is vital. 55% of the intelligence that GCHQ provides comes from bulk interception of communications data, according to the Anderson review.
The security services and police say that bulk interception has stopped terror attacks and other serious crime.
Who currently oversees this system, and are there any safeguards?
There are a variety of bodies, with the Parliamentary Intelligence and Security Committee the most prominent.
The Anderson reports suggests the creation of a new, overarching body called the Independent Surveillance and Intelligence committee, headed by a judge, not a politician. 
Why was this report commissioned?
It was a condition of emergency legislation passed last year by the government to compel phone companies to keep records for two years, after the European Court of Justice said that the existing European law was in fact unlawful.
What are the next steps for his recommendations?
The government will publish its draft surveillance bill – the so-called Snooper's charter – in the autumn. It will take into account Anderson's recommendations although they are just that: recommendations. There's no guarantee they will become law.
Sky: http://bit.ly/1Bds3lI

« The Bright Horizon For Information Security Jobs
North Korea Threatens US with Cyberattacks »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

SecureWorks

SecureWorks

SecureWorks provides intelligence-driven security solutions for organizations to prevent, detect, rapidly respond and predict cyberattacks.

AET Europe

AET Europe

AET Europe is specialised in creating technological solutions for user identification and authentication.

CSI

CSI

CSI is a Managed Service Provider (MSP) delivering Hybrid Multi-Cloud, Data Protection, and Cyber Security solutions to highly regulated industries.

Assured Enterprises

Assured Enterprises

Assured Enterprises provides comprehensive cyber risk identification, management and mitigation across all platforms.

LATRO Services

LATRO Services

LATRO Services is a complete solution provider to discover, locate, and eliminate telecom fraud.

TechBeacon

TechBeacon

TechBeacon.com is a digital hub by and for software engineering, IT and security professionals sharing practical and passionate guidance to real-world challenges.

Liberty Mutual

Liberty Mutual

Liberty Specialty Markets offers specialty and commercial insurance and reinsurance products, including Cyber, across the USA, Europe, Middle East and other international locations.

Maven Security Consulting

Maven Security Consulting

Maven Security Consulting helps companies secure their information assets and digital infrastructure by providing a wide range of customized consulting and training services.

PreCog Security

PreCog Security

PreCog Security is a US based cybersecurity risk mitigation company. We specialize in helping you find, minimize and manage vulnerability risk within your product, network and process.

Automation Workz

Automation Workz

Automation Workz has been ranked as a top 10 Cybersecurity Bootcamp in the US by Career Karma.

ALSCO

ALSCO

ALSCO is dedicated to bringing first class IT services, technical support, and solutions to goverment, companies and organizations worldwide.

Oasis Technology

Oasis Technology

Oasis Technology are experts in cyber security. In addition to pioneering the game-changing TITAN anti-hacking device, we provide extensive cyber security consulting services.

FusionAuth

FusionAuth

FusionAuth is the customer authentication and authorization platform that makes developers' lives awesome.

Certcube Labs

Certcube Labs

Certcube Labs provide a broad range of services in the areas of Assessments, Development, Risk Advisory, Blockchain, Forensics Investigations, Managed Security Solutions, and IT Security Trainings.

Autobahn Security

Autobahn Security

Autobahn Security is a growing team of 80+ experts from 25+ nationalities, established in 5 countries. We’re working hard to make Autobahn Security the No. 1 solution for improved hacking-resilience.

Post-Quantum Cryptography Alliance (PQCA)

Post-Quantum Cryptography Alliance (PQCA)

The alliance seeks to address cryptographic security challenges posed by quantum computing by producing high-assurance software implementations of standardized algorithms.