The UK government is planning even more intrusive powers than those expected to follow the passing of the Snoopers’ Charter, including the mass surveillance of citizens in near real-time, according to a leaked document.
The Open Rights Group (ORG) was handed a draft of the Home Office proposals, dubbed the Investigatory Powers (Technical Capability) Regulations 2017.
It outlines a plan to force ISPs and network operators to provide access to all communications of suspects within one working day, and to do so for 1 in 10,000 customers, which reportedly equates to around 6500 Brits at any one time.
That’s nothing short of real-time mass surveillance, although there are some checks and balances in place; for example each order will require approval from a secretary of state and then a judicial commissioner appointed by the Prime Minister.
The question remains how these aims will be achieved in practice given that many users will be on end-to-end encryption protected services like WhatsApp.
The current order will oblige comms operators:
“To provide and maintain the capability to disclose, where practicable, the content of communications or secondary data in an intelligible form and to remove electronic protection applied by or on behalf of the telecommunications operator to the communications or data, or to permit the person to whom the warrant is addressed to remove such electronic protection.”
It’s difficult to see how the government could enforce such measures, or even ban end-to-end encryption services outright, given most are operated from the US and firms like Apple have firmly refused to engineer backdoors in the past.
However, the way in which the government is ‘consulting’ over the proposed powers would indicate it’s hoping to force them through with minimal public scrutiny.
The document was not publicly available before ORG published it and has been circulated only with the government’s “technical advisory board”, which effectively means the country’s major ISPs/telecoms operators and intelligence officials.
A Privacy International statement sent to Infosecurity Magazine claimed the draft regulations would “undermine the security of all of our communications and computers”.
It added that limiting the distribution of these new draft regulations undermines the government’s claim that the Snoopers’ Charter provides world-leading insight and transparency and has faced “unprecedented scrutiny”:
“The Regulations themselves reveal little that could be considered sensitive or was not already revealed during debate surrounding the Investigatory Powers Bill. There seems no reason, therefore, to limit their distribution, especially when they are clearly of such public concern. But that secrecy will only be replicated once these powers are put to use by the UK government, as the service providers will be prohibited from telling their users, or anyone else, that they are subject to government orders to undermine our security.”
The ORG is urging the public to tell the Home Office what it thinks by May 19 with an email to investigatorypowers@homeoffice.gsi.gov.uk