New Times,
New Thinking.

  1. Science & Tech
4 November 2015updated 12 Oct 2023 10:40am

What surveillance powers would the state have under the Investigatory Powers Bill?

Or: who can see my browsing history?

By Barbara Speed

Home Secretary Theresa May just introduced the draft Investigatory Powers Bill to the Commons. We covered the context of the bill here, but now to the meat: what powers would the bill actually give to the government and security services if it became law?

What could the police see? 

The Bill would allow the police to look at what Cameron and May both called the equivalent of a standard phone bill: the domain visited by a web browser, but not the pages visited, content looked at, or anyone communicated with. 

Even this will be heavily restricted:

Strict limits will apply to when and how that data can be accessed – over and above those safeguards that apply to other forms of communications data. And we will ban local authorities from accessing such data.

What about the security services? 

An awful lot more. May admitted in her speech that security services have engaged in “bulk collection” of data (as revealed by Edward Snowden). Now, she wants to make this more transparent: 

Select and enter your email address Your weekly guide to the best writing on ideas, politics, books and culture every Saturday. The best way to sign up for The Saturday Read is via saturdayread.substack.com The New Statesman's quick and essential guide to the news and politics of the day. The best way to sign up for Morning Call is via morningcall.substack.com
Visit our privacy Policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications.
THANK YOU

So the Bill will make explicit provision for all of the powers available to the security and intelligence agencies to acquire data in bulk. That will include not only bulk interception provided under the Regulation of Investigatory Powers Act and which is vital to the work of GCHQ, but also the acquisition of bulk communications data, both relating to the UK and overseas.

Essentially: they’re still going to do it, but at least we know about it now. 

What data would companies have to store about you?

As expected, the bill dictates that web and phone companies must store records of all your digital activities (including the content of messages, for example) for 12 months. 

They’ll still be able to use encryption in their services, but must assist security services in bypassing this encryption if deemed necessary.

These points could actually make it more likely that communications companies could suffer hacks or leaks, as they would have to build in bypasses to encryption, plus store all that data for extended periods of time. 

Who gets to decide when intrusions of privacy can take place?

May was under pressure from all sides to introduce a “judicial oversight” in this bill – so warrants would need to be approved by judges, not just ministers.

She’s gone for a strange halfway point: intercept warrants must be approved by a minister and by a panel of seven judicial commissioners, except in “urgent” cases. May calls this a “double-lock”.

Requests from law enforcement to access limited information about browsing history will not be approved by judiciary. 

At the moment, surveillance is monitored by three “oversight commissioners”, who would be replaced under the bill with a single investigatory powers commissioner (who must also be a senior judge). 

In cases where security services wish to intercept MPs’ communications, the Prime Minister must be consulted first. 

And good news for journalists: the bill would put into statute a “requirement for all applications for all applications to access the communications data for the purpose of identifying or confirming the identity of a journalist’s source to be authorised by a Judicial Commissioner”. Sources: you’re safe. Tips to the usual address. 

Content from our partners
Can green energy solutions deliver for nature and people?
"Why wouldn't you?" Joining the charge towards net zero
The road to clean power 2030