The British government is seeking new powers to remove encryption and force phone networks and internet service providers (ISPs) to give real-time access to a named individual’s content within one working day. ‘Secondary data’ relating to any suspect would also have to be handed over.
The draft paper, which was leaked to digital freedom campaigners Open Rights Group, could be made law and included as part of the much-criticized Investigatory Powers Act. “The public has a right to know about government powers that could put their privacy and security at risk,” said the group’s executive director, Jim Killock, on the decision to publish details of the white paper.
Currently intelligence services can only surveil one in every 10,000 users of a given service at a time. Simultaneous surveillance could occur in bulk, but be limited to one in every 10,000 users of a given service – a maximum of roughly 900 of telecoms giant BT’s 9 million British broadband customers, for instance.
Experts think the plans could be dangerous and would potentially give hackers ‘backdoor’ access to users’ information. Many would not be aware that their details had been shared with the authorities, as the Investigatory Powers Act – dubbed the snoopers’ charter by critics – demands that telecom groups carry out their work in secret.
“It seems very clear that the Home Office intends to use these to remove end-to-end encryption – or more accurately to require tech companies to remove it,” University of Bristol legal expert Dr Cian Murphy told the BBC. “I do read the regulations as the Home Office wanting to be able to have near real-time access to web chat and other forms of communication.”
The measures would have to be sanctioned by government officials and a judge appointed by Prime Minister Theresa May. Consultation on the paper is reportedly due to end on May 19, but the Home Office denied any attempts to expand the Investigatory Powers Act were taking place.
The government has no legal obligation to advise on draft regulations such as the white paper leaked to Open Rights Group. But the document seems to suggest that the regulations have already been seen by Britain’s Technical Advisory Board. A British Telecom (BT) spokesman also confirmed the company had received “a copy of draft regulations, to be made under the Investigatory Powers Act 2016, in relation to technical capability notices.”