Britain unveils plan for new Internet spying laws

Internet firms will have to store customer usage data for a year under new laws unveiled by British Home Secretary Theresa May on Nov 4, 2015.
Internet firms will have to store customer usage data for a year under new laws unveiled by British Home Secretary Theresa May on Nov 4, 2015. PHOTO: AFP/PRU

LONDON (AFP) – Britain’s government published proposals for new Internet spying laws on Wednesday (Nov 4) to keep pace with the digital age, including allowing the intelligence services partial access to a suspect’s Internet browsing history.

Home Secretary Theresa May hailed the draft legislation as a “world-leading oversight regime”, but a leading rights group described the proposals as a “breath-taking attack” on Britain’s online security.

“Today we are setting out a modern legal framework, which brings together current powers in a clear and comprehensible way,” May told parliament. “This new legislation will underpin the work of law enforcement and the security and intelligence agencies for years to come. It is their licence to operate,” the interior minister said.

May sought to assuage fears that the new powers would be intrusive, and rejected reports that the bill would ban encryption or force British companies to capture and retain Internet traffic from abroad.

Crucially for companies such as Google and Facebook, the proposals would not force foreign-based companies to meet “domestic retention obligations” for communications data.

However, the security services would be able to access Internet communication records, which show which online services were accessed by a suspect and when.

This would show that a messaging service such as Facebook or WhatsApp had been used, but not the content of messages or their recipient.

The bill also allows security officials to see which websites a suspect had accessed, but not which pages were viewed within those sites.

“Some have characterised this power as law enforcement having access to people’s full web browsing histories. Let me be clear: this is simply wrong,” May said.

“An Internet connection record is a record of a communications service that a person has used, not a record of every webpage they have accessed.” These records would have to be held by service providers for 12 months.

The plans also propose a new system of oversight for investigatory powers and a new way of authorising warrants for data interception.

Currently, warrants for such data requests are issued by May, but in future these must also be approved by a judge.

In the case that access to the Internet data of a British parliamentarian is sought, Prime Minister David Cameron must also be consulted.

“This will place a double lock on the authorisation of our most intrusive investigatory powers,” May said.

Civil liberties groups worry that the bill’s powers will lack sufficient oversight and be used unnecessarily, and could lead to the kind of blanket surveillance revealed by US whistleblower Edward Snowden.

“After all the talk of climbdowns and safeguards, this long-awaited bill constitutes a breath-taking attack on the Internet security of every man, woman and child in our country,” said Shami Chakrabarti, director of civil rights group Liberty.

“We must now look to parliament to step in where ministers have failed and strike a better balance between privacy and surveillance.” The proposals will be scrutinised by a committee of lawmakers, allowing changes to be made before it is formally debated by parliament.

British officials say it was partly due to concerns raised by Snowden that they have updated surveillance legislation, and also because current laws date as far back as 1995, before the rise of the Internet.

The draft bill will reduce three current supervisory bodies – one on communications interception, one for intelligence agencies and one for law enforcement – to one body led by a senior judge.