icon bookmark-bicon bookmarkicon cameraicon checkicon chevron downicon chevron lefticon chevron righticon chevron upicon closeicon v-compressicon downloadicon editicon v-expandicon fbicon fileicon filtericon flag ruicon full chevron downicon full chevron lefticon full chevron righticon full chevron upicon gpicon insicon mailicon moveicon-musicicon mutedicon nomutedicon okicon v-pauseicon v-playicon searchicon shareicon sign inicon sign upicon stepbackicon stepforicon swipe downicon tagicon tagsicon tgicon trashicon twicon vkicon yticon wticon fm
14 Jan, 2016 14:34

‘Suspicionless surveillance’: Cafes, universities may be forced to retain Wi-Fi users’ data

‘Suspicionless surveillance’: Cafes, universities may be forced to retain Wi-Fi users’ data

New snooping powers contained in Britain’s draft Investigatory Powers Bill could force cafes, libraries and universities to hand over customers’ confidential data to government authorities.

Wi-Fi networks belonging to such outlets will likely be targeted under the legislation, which has been sharply criticized by privacy rights advocates and human rights groups. During a two-hour grilling by Britain’s joint parliamentary scrutiny committee on Wednesday, Home Secretary Theresa May answered a number of questions regarding the bill.

The controversial legislation requires telecommunications firms to hand over data to security services and gives police, GCHQ, MI5 and MI6 unfettered access to the records of Britons’ web use.

Scall-scale networks targeted

Probed on the legislation’s scope, May said small-scale internet providers would not be exempt from the requirement to store their customers’ web browsing records for up to a year.

“I do not think it would be right for us to exclude any networks,” she told MPs and peers. “If you look at how people do their business these days, it is on the move.”

May revealed the bill, nicknamed the snoopers’ charter, will likely cost far more than the government’s official estimate of £240 million (US$345 million). She also told the scrutiny committee that discussions had begun with web and phone companies over the costs of implementing the legislation and their ability to deliver on the measures.

May said the talks had been initiated after she was informed that mobile phone companies Vodafone, O2 and EE had said they could each spend £240 million alone if they were to implement the proposed surveillance legislation.

Members of the joint committee have accused the government of rushing the laws by refusing to give MPs more time to examine its proposals. After the bill was published in November, the committee was given only 10 weeks to complete its scrutiny of the draft legislation.

'A blank check'

Outgoing director of human rights group Liberty, Shami Chakrabarti, has called upon reporters to challenge the bill, warning it offers the state “a blank check” to snoop on citizens and threatens investigative journalism.

Speaking at a crowded debate on press freedom in London earlier this week, Chakrabarti said the bill could “turn all of us into suspects” if written into law. Challenged on the need for surveillance to protect citizens against the threat of terrorism, she said police officers always had the power to tap phones and search properties.


However, Chakrabarti warned Britain has embarked on a path of “blanket surveillance” in the absence of sufficient public debate, knowledge, consent or parliamentary involvement. She said this scenario has turned “all of us into suspects.”

On Wednesday afternoon, MPs and peers also questioned the home secretary on how the government planned to force global tech firms such as Apple, Facebook, Google and Twitter to store their customers’ confidential data for up to a year and hand it over to British spies and police upon request.

May’s response was ambiguous, claiming the government is still examining jurisdictional concerns. She attempted to reassure the scrutiny committee that judicial commissioners, who had been appointed to operate a “double-lock” authorization process on individual and bulk interception warrants, would have flexibility in examining such snooping orders.

However, Harmit Kambo, director of campaigns and development at Privacy International, previously argued it is likely many intrusive powers contained in the bill will be exercised without judicial approval.

“While Home Secretary Theresa May is promising a reassuring sounding ‘double lock’ system – whereby her warrant approval would then be signed off by a judge – at closer inspection, this is anything but reassuring,” he said.

“Let’s be clear – what the government is proposing is not judicial authorization. The newly created Investigatory Powers Commission (IPC) will be little more than auditors.

“The IPC would only be checking that the home secretary has been following correct procedures, when what we actually need is for them to independently examine the warrant application themselves and decide whether it should be approved or not based on their legal expertise.”

'Permanent suspicionless surveillance'

Kambo said the Snoopers’ Charter would give Britain’s police and intelligence agencies the power to access people’s emails, text messages and phone calls, and even hack into their computers and smartphones.

“If Parliament passes the bill, in essence our personal data will no longer be personal – the state will be able to access it whenever it decides to,” he said.

“The government will be routinely collecting and retaining the data of people who are not suspected of any crime.”

Kambo called upon UK residents to stringently oppose the legislation, saying it will ultimately give the government the power to put each and every citizen under “permanent suspicionless surveillance.”

Prior to May’s grilling, the Information Commissioner’s Office condemned the draft bill as an assault on citizens’ privacy. The privacy watchdog was particularly critical of the provision in the bill that would force communication providers to erode or break their data encryption in the face of government requests.

It further stated that encryption is essential in protecting peoples’ privacy and ensuring personal data remains secure.