UK Surveillance Bill Advances

Emergency Legislation Clears First Hurdle, Despite Criticism
UK Surveillance Bill Advances

A controversial U.K. data-retention bill has been passed by the House of Commons after just one day of debate. The House of Lords could vote on the measure by week's end.

See Also: The Ultimate PIA and DPIA Handbook for Privacy Professionals

The Data Retention and Investigatory Powers Bill, introduced July 10 by the British government, was fast-tracked by the House of Commons July 15 and advanced to the House of Lords for debate, and the government is pushing for that chamber to vote later this week. If passed by the House of Lords, any amendments to the bill would be debated, after which it could become law.

The government says the "emergency" bill is urgently required to make U.K. telecommunications providers store information relating to their customers' e-mails, texts and calls for 12 months, for potential access by law enforcement and intelligence services.

Telecommunications providers and ISPs have already been retaining that data. But in April, the European Court of Justice ruled that the EU data retention law - on which the existing U.K. regulation was based - violated human rights, thus leaving telecommunications firms in legal limbo. Reportedly, some threatened to begin deleting the data, lest they run afoul of the Court of Justice ruling.

Committee Questions Timing

Yet it's not clear how the House of Lords will now vote on the bill. Its influential Constitution Committee published a report July 16 noting that while "fresh legislation is urgently required" to replace the now-invalid regulation, it's not clear why the government called for the bill to be fast-tracked. "The contrast between the time taken by the government to consider their response and the time given to Parliament to scrutinize the bill is a matter of concern, not least because of suspicions that are naturally aroused when legislation is fast-tracked," it says.

The committee also questioned why the government included in the bill amendments for the Regulation of Investigatory Powers Act. Those amendments would make it clear that telecommunications companies based outside the United Kingdom must still comply with RIPA, which allows authorizes to gain access to the content of any communications. But the committee says the government has failed to justify why those RIPA amendments should suddenly need to be fast-tracked, given that a Parliament committee warned of related compliance problems as far back as December 2012.

Delay Reflects Debate

Tory MP David Davis says the delay in the bill being introduced reflected a debate between the Tory and Liberal Democrat parties that comprise Britain's coalition government. "My understanding is there was an argument inside government between the two halves of the coalition and that argument has gone on for three months, so what the coalition cannot decide in three months this house has to decide in one day," Davis, who formerly served as Shadow Home Secretary, told the House of Commons while the measure was being debated, the Guardian reported.

"This seems to me entirely improper because the role of Parliament, we have three roles. One is to scrutinize legislation, one is to prevent unintended consequences and one is to defend the freedom and liberty of our constituents," Davis said. "This undermines all three and we should oppose this motion."

Debate has also centered on U.K. Home Secretary Theresa May's claim that the bill "will merely maintain the status quo." In a July 15 open letter, for example, more than a dozen "U.K. Internet law academic experts" argue that May's "position is false."

"In fact, the bill proposes to extend investigatory powers considerably, increasing the British government's capabilities to access both communications data and content," they write. "DRIP is far more than an administrative necessity; it is a serious expansion of the British surveillance state."

Privacy Groups Cry Foul

The proposed legislation also faced fierce criticism from a coalition of U.K. privacy and civil rights groups - including Privacy International, Open Rights Group, and Big Brother Watch - who accused the government of having "rammed through Parliament" the new surveillance powers. The group had called on MPs to make the bill "sunset" not in 2016, as the government proposed, but the end of 2014. "Given what we have learned over the past year about state surveillance, and the public's growing discomfort with its secretive nature, the public deserve an open debate about how and under what conditions our agencies can spy on us," they argued.

In fact, Labor party MP Tom Watson led a multi-party effort to add the end-of-the-year expiration date to the bill, but the move was defeated in a 454 to 56 vote. The bill later passed 436 to 49, after the government said it would prepare a review of all surveillance legislation before the next election, in May 2015, as well as require reviews of the law by a surveillance commissioner every six months, which the Labor party demanded.

But the UN High Commissioner for Human Rights, Navi Pillay, questioned on July 16 whether the bill would comply with the European Court of Justice ruling, which allows targeted data retention, but outlaws blanket retention. "The United Kingdom is one of the most well-established democracies in the world, so it is a surprise to me they have not undergone a public dialogue on these key issues," she said in Geneva.


About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.