Government publishes draft 'snooping Bill', estimated cost: £1.8bn
'China and Iran will be delighted,' says Open Rights Group
The government has published a draft of the controversial Communications Data Bill, which aims to allow unparalleled interception of data about UK citizens' online communications and voice calls.
The Bill is still to be examined and approved, but as currently drafted would allow GCHQ to gain access to online communications and calls data, something that home secretary Theresa May has described as "vital".
Without it, May claimed there is "a serious and growing risk that crimes enabled by email and the internet will go undetected and unpunished".
The Home Office has also revealed that the Bill could lead to an increase in public expenditure of up to £1.8bn over 10 years. However, it claimed that the benefits from this investment are estimated to be between £5bn and £6.2bn over the same period.
It is not clear how these figures have been calculated.
New elements of the draft Bill include a proposed filtering system that is to be operated by the Home Office.
But Sarah Needham, senior associate at law firm Taylor Wessing, said that this could mean the Home Office may retain more data than is necessary.
"If officers who are yet to be designated by the Home Office are unsure whether it is necessary or proportionate to get access to certain data, then the Home Office will use a filtering system to act as an intermediatery with the ISPs," she said.
"However, it would perhaps make more sense for a service provider to do the job because it means that the Home Office is in possession of quite a lot of information."
According to the draft, the secretary of state will make sure that appropriate arrangements are put in place to ensure ISPs will be compensated for their costs.
But Needham said that a lack of further detail begs the question of whether some service providers may still end up out of pocket.
In an acknowledgement of the Bill, the Intelligence and Security Committee (ISC), which examines the policy, administration and expenditure of GCHQ, issued the following statement, attributed to MP Malcolm Rifkind.
"The government has today published a draft Communications Data Bill which aims to update the current legislation that allows public bodies – including the intelligence and security agencies and the police – to access information relating to communications data," he said. "The Bill will now be subject to pre-legislative scrutiny by a Joint Committee of Parliament.
"Given the importance of communications data to the work undertaken by the intelligence agencies, the ISC has begun its own investigation into this area. We will take evidence and examine the rationale behind the proposals and how rigorous the safeguards are to ensure the privacy of individuals."
Privacy and freedom of speech campaigners have slammed the proposals for aiming to collect data about everyone's communications, and thus implicitly regard every UK citizen as a potential crime suspect, and potentially put legitimate journalistic enquiry at risk.
With the stated aim of catching terrorists, cyber criminals and paedophiles, anti-Bill campaigners have also warned that the very people the legislation aims to catch are the ones most likely to evade detection, suggesting that the government may end up gathering masses of data about innocent people and then seek to detect evidence of criminal behaviour within it.
Government publishes draft 'snooping Bill', estimated cost: £1.8bn
'China and Iran will be delighted,' says Open Rights Group
The additional scrutiny the Bill will face in parliament will allow campaigners, including the Internet Services Providers' Association (ISPA) to address its key points, according to its secretary general Nicholas Lansman.
"We welcome the additional scrutiny the Bill will face in parliament and we will be seeking to address our key points during this process," he said. "ISPA will be working closely with its members over the coming months to ensure that the full breadth and range of industry is heard. We want to ensure that the proposals are clear, proportionate and fit for purpose."
The Bill was initially introduced by the previous Labour government in 2008 and strongly opposed by both the Conservatives and Liberal Democrats.
Commenting on the published draft of the Bill, Jim Killock, executive director of not-for-profit organisation, Open Rights Group, said: "The government's notes confirm that this is exactly what we expected; black boxes to intercept people's traffic data, and poorly supervised police powers to get access to it.
"Bluntly these are as dangerous as we expected, and represent unprecedented surveillance powers in the democratic world; China and Iran will be delighted."
Another body set to be affected by the Bill is the Information Commissioner's Office (ICO) as it could be undermined in its role as guardian of data protection and privacy standards. In light of this, the ICO has said that it needs further powers.
"If the information commissioner is to be in a position to ensure compliance with the Data Protection Act, in respect of security of retained personal information and its destruction after 12 months, the ICO will need appropriately enhanced powers and the necessary additional resources," it said in a statement.
In April, the ICO deflected the issue of the Bill as a matter for the Home Office, but a spokesperson told Computing that widespread criticism of the plans was "a concern" to the ICO.
In its latest statement, it has again suggested that it is for parliament to decide if the proposals are a proportionate response.
The ICO has said that its role will be to contribute to the Joint Committee's consideration of the Bill, with a focus on the adequacy of the proposed safeguards and limitations.
• Additional reporting Chris Middleton