BBC News

The government's data law - an attack on encryption?

Rory Cellan-Jones
Technology correspondent
@BBCRoryCJon Twitter

image copyrightGetty Images

Overdue modernisation of the way the authorities monitor criminals and terrorists - or a Snooper's Charter eroding our basic liberties? The proposal outlined in the Queen's Speech to "modernise the law on communications data" will divide opinion. But prepare for another long battle over the way that law is framed and the balance it strikes between privacy and public safety.

The row over forcing internet service providers (ISPs) to hold on to far more data about their users' online activities has stretched over three parliaments. The idea first came up under the last Labour government, when it was quashed by Conservative and Liberal Democrat opposition. Then it was resurrected by the Coalition, with Theresa May's plans - immediately dubbed the Snooper's Charter - blocked by her Liberal Democrat partners.

Now we have in the Queen's Speech what looks like a much wider proposal for a new Investigatory Powers Bill. The government says this will "provide the police and intelligence agencies with the tools to keep you and your family safe", will "maintain the ability of our intelligence agencies to target the online communications of terrorists", and will "cover all investigatory powers including communications data, where the government has long maintained that the gap in capabilities are putting lives at risk".

So it is both sweeping and vague, promising to give the authorities the tools they need to track criminals in a complex online world without specifying as yet how far they will be allowed to go.

image copyrightThinkstock

The Open Rights Group (ORG), which campaigns against increased surveillance, is convinced this is the return of the so-called Snooper's Charter, with increased powers of data collection and retention aimed at the entire population, coupled with attacks on encryption.

The ORG's executive director Jim Killock thinks the bill will have two aims - codifying existing practices by the intelligence agencies uncovered by Edward Snowden and expanding data retention by ISPs.

But he believes that the increasing use of encryption by the likes of Google and Facebook means that ordering ISPs to store their customers' data won't be enough: "There's going to be a very interesting discussion about whether government can break encryption or order companies to break it."

Those at the sharp end - the ISPs - are more circumspect in their response to the government's plans. Their trade body ISPA put out a statement welcoming the fact that the government had promised to factor in the independent Anderson review of the laws on intercepting communications data. But it warned of the need to "properly balance security, privacy, costs to industry and to preserve the UK's reputation as a leading place to do business online". The ISPs also suspect that plans to attack encryption could be on the agenda.

The government has a clear election mandate, and is under pressure from the police and intelligence agencies to give them more capabilities in their online battles. But the opposition to its plans - if they do involve cracking the codes that keep online communication secret - will be intense. And it is likely to come not so much from opposition politicians, but from the global technology giants.

Related Topics

  • Cyber-security
  • National security