UK Government to scrutinise all new communications products under Snoopers Charter clause

Government Surveillance

Yet another worrying new element of the UK Government’s Investigatory Powers Act has emerged.

Usually, scrutiny of Government legislation takes place before it comes into law. But such was the distraction of the Brexit debate and subsequent referendum result, that the frighteningly intrusive Snoopers Charter barely touched on the public consciousness until it was much too late to do anything about it.

We have written about the main powers the new law hands over to UK intelligence agencies at some length before. But new scrutiny of the numerous associated documents connected to the Bill has revealed a further new power, previously unreported.

Another hidden power

The Interception of Communications Code of Practice includes a new policy which will require all tech companies to inform the UK Government of any new products or major changes to existing products which may impact on the ability of the UK Intelligence Agencies monitoring and intercepting data from it.

The full clause states that companies must “notify the Government of new products and services in advance of their launch, in order to allow consideration of whether it is necessary and proportionate to require the [company] to provide a technical capability on the new service.”

The potential impact of this new power stretches far further than those who drafted it could have imagined.

Firstly, the law will apply to any tech companies operating in the UK. The requirement is unlikely to go down well with many overseas companies, not least the likes of Apple, Facebook, Google, Microsoft, and Twitter, all of whom made submissions opposing the new legislation.

Technical Capability Notices

The power is part of the new Technical Capability Notices provision. These are the means by which the UK Government will impose requirements on tech companies to facilitate their surveillance programmes.

When technical changes are made to existing products or new products are launched, the company will either have to agree on a small change to an existing Technical Capability Notice or agree on a variation which has to be approved by the UK Home Secretary.

In theory, this could mean that the UK Government could veto the launch of the new product in the UK if they don’t think they can access the communications data it will contain.

There are huge concerns about how these Technical Capability Notices will work too. The tech companies, including those mentioned above, have argued that they will undermine encryption in their products.

Products which offer end-to-end encryption cannot be easily decrypted. The requirement to do so is likely to see various legal battles between the UK Government and the likes of Apple; similar to these witnessed in the past couple of years in the USA.

No oversight or transparency

Then there is the issue of a lack of independent oversight. Essential this does not exist for Technical Capability Notices. There is no judicial oversight and no independent reviewer who can assess the power the Government has granted itself and how it is being applied.

There is also no opportunity for the tech companies themselves to have a say on the new powers. They are not even allowed to publicly discuss the fact that there is a Technical Capability Notice in place. But if the Government thinks they are not complying with the new laws, they will still be able to sue them.

Despite the UK Government arguing that the new Snooper’s Charter would bring new levels of transparency to their online surveillance programme, the reality is that it has granted the intelligence agencies a whole raft of sweeping, disproportionate powers, with no transparency or oversight whatsoever.

The battle between tech companies and the UK Government is likely to take place in court, and Government lawyers are also bracing themselves for a whole host of legal challenges to the new powers from privacy campaigners.

But for now, with the law about to come into force, UK internet users are strongly advised to sign up for a reliable VPN such as IPVanish or ExpressVPN to ensure that their data doesn’t come under the prying eyes of the newly emboldened British intelligence agencies.

Leave a Reply

Your email address will not be published. Required fields are marked *