Any extension of state powers of surveillance are — rightly — hotly contested. The current Data Communications Bill is no exception. There are problems with this bill — but maybe not the ones you’ve heard of.
Almost universally, it has been labelled the ‘snoopers charter’ by its opponents, representing an enormous encroachment of state spying into the lives of innocent citizens. Journalists are outbidding each other in their vitriol toward it, usually calling on Orwell. One example from many is Index’s Mike Harris in the Independent: “This proposed scale of state surveillance will add the UK to the ranks of countries such as Kazakhstan, China and Iran.”
This, to me, is misleading. Yes, China, Iran, and Kazakhstan use “Deep Packet Inspection”, which this Bill proposes. But we also bug citizens’ homes — far more intrusive. What matters is the way it is regulated. There is a difference between governments that pass surveillance laws through a vote of elected representatives of those that will be monitored, and governments that do not.
Nor is it about mass surveillance by the state. This Bill is asking/demanding/paying communications companies to collect and retain data on the existence of people’s communications for 12 months, so that in the event that a request is made for that information, it is available.
Crucially, the state only accesses this information when a successful application is made through the existing Regulations of Investigatory Powers Act 2000. This does not include the content of a communication — which has to go through a more stringent process of access. In that respect, not so much has changed, because this all happens already, it’s just that rather often, the information the police want is not there. (And in case no-one noticed, little brother is already miles ahead of what Big Brother is doing.)
That is not to say that the bill is perfect. Four changes would improve it considerably.
First: clarity. All infringements on our civil liberties need to be based on some kind of public understanding and consent that the measures being taken are proportionate and necessary. But the Bill is vague, the technology complicated, some specifics necessarily secretive. Is should be far more explicit: this would allow for at least an informed debate about whether the measures proposed are necessary and proportionate.
Second, given the value of the Internet to the economy and society (something RIPA is pledged to defend); and the potential misuse of modern technology – including the difficulty of splitting content from communication — only the very strictest system of oversight and redress will do here. More is needed.
Third, the root of RIPA is that the more serious the intrusion, the fewer agencies can do it, and for fewer purposes. RIPA makes a distinction between content and communications data — the latter being considers far less intrusive, and so much easier to obtain. But when RIPA was passed, communications data used to be mainly be about who you phoned and when. Now it means what websites you visit, where you are, and whom you email. Therefore a new category for this ‘use’ data may need to be created. The authorisation for accesses should be higher than the current bill proposes, but lower than the Home Secretary signing if off, as with content intercept, ideally a warrant from an independent magistrate.
The final problem troubles me most. It is now far easier for the state to access personal information that we citizens happily put into the public domain. Twitter can be mined in real time, open source Facebook groups can be monitored, networks and relationships contructed: all outside the RIPA legislation. None of this is mentioned in the new bill — but I think it is this that worries the public and many journalists. As I argued in #intelligence this type of widespread, mass social media monitoring needs to regulated, limited, and put on a legal footing. The bill is a chance to tackle this tricky problem: otherwise it could make the current furore seem like a minor skirmish.
Jamie Bartlett is Head of the violence and extremism programme at the UK think-tank, Demos, and Director of the Centre for the Analysis of Social Media. Follow him @JamieBartlett
DEBATE: Index’s Mike Harris on the Comms Data Bill and surveillance
In Britain, the government is proposing legislation (the Communications Data Bill) that will grant the Home Secretary the power to blanket retain data on every citizen for an undefined purpose. It won’t require judicial approval — but potentially every text message, every Facebook message, every phone call, every email from everyone in Britain would be stored on behalf of Her Majesty’s Government. If the Bill passes, companies will have to collect data they don’t currently collect and the Home Secretary will be able to ask manufacturers of communications equipment to install hardware such as ‘black boxes’ on their products to make spying easier. This proposed scale of state surveillance will add the UK to the ranks of countries such as Kazakhstan, China and Iran. This total population monitoring would break the fundamental principle that a judge and court order is required before the state invades the privacy of its citizens by holding their personal data.