Home Secretary May Improve Privacy Protections in Snooper’s Charter

Home Secretary Theresa May is set to make more concessions on the controversial Investigatory Powers Bill which could boost privacy protections for UK citizens, ahead of a parliamentary debate on the proposed legislation next week.

May is set to include a new clause in the bill which will ensure any authorizations for intrusive surveillance and the like will only be granted if the information cannot be obtained by less intrusive means.

There will also be clarification that a judicial commissioner will only allow the surveillance of journalists to identify sources if there is an overriding pubic interest case to be made, according to The Guardian.

MPs’ communications and devices can only be hacked or monitored if the Prime Minister’s explicit consent is given, and bulk personal datasets and medical information will only be fair game for the intelligence services in “exceptional and compelling” cases, according to the new concessions.

The move is designed to appease opposition parties ahead of what is likely to be a heated two-day debate in the Commons next week.

May has already agreed to establish an independent review into the proposed powers of bulk collection of data as set out in the bill – one of Labour’s demands.

The Snoopers’ Charter, as it is often called, has several controversial elements. It seeks to enshrine the powers of bulk collection of data and hacking of personal devices by the authorities and will force ISPs to store web browsing records of every citizen for 12 months so they can be accessed by law enforcers if necessary.

There’s also a potentially unworkable section which could give the authorities the power to effectively ban end-to-end encryption if they’re not given access to communications.

The concessions from May also come after reports from the Human Rights Committee and Intelligence and Security Committee which both demanded amendments to better prevent abuse of power.

The former claimed in its report that it “does not consider the bulk powers in the Bill to be inherently incompatible with the right to privacy,” but that the independent reviewer of terrorism legislation, David Anderson, should review the operational case for using this power now and every five years.

It also argued that “clauses concerning the subject matter of targeted interceptions and targeted equipment interference warrants are too broadly drafted.”

“The description in the warrant must be sufficiently specific to enable any person unknown to be identified and to prevent the possibility of large numbers of people being potentially within the scope of a vaguely worded warrant,” it added.

The committee also recommended that any major changes to warrants be only allowed after approval by a judicial commissioner.

Talal Rajab, head of programme for Cyber and National Security at trade body techUK, argued that the proposed amendments are a step in the right direction and will help bolster consumer trust in digital products and services.

“But we’re not out of the woods yet. Many of the concerns raised by the tech industry, particularly around Internet Connection Records, encryption and the extraterritorial application of the bill, require further scrutiny and clarity,” he added.

“Failure to do so will make it harder for government to achieve its aim of delivering world-leading legislation – one which underpins rather than undermines the UK’s world-leading digital economy.”

What’s Hot on Infosecurity Magazine?