Over the last couple of days, the Internet has witnessed a lot of controversy surrounding Theresa May’s snooping bill. For those not yet in the know, Theresa May (a British Conservative Party politician and Home Secretary of the UK) will return to the Commons next week with a new surveillance bill, after the previous rendition was dubbed the Snoopers’ Charter and drowned in controversy.
Reportedly, the new bill was said to allow law enforcement agencies and security services full access to every citizen’s internet browsing history for up to a year. Fortunately, due to massive pushback, and amid fears of violating civil liberties, the Home Office said that it had dropped some contentious proposals from the original bill that is said to be published in draft form this coming Wednesday.
Investigatory Powers Bill
Theresa May says that the new draft will grant law enforcement the ability to see only the websites accessed by citizens and not go past that. In essence, this means that police will see the domains you visit, but not your activity on that website (i.e. searches, visited pages, logins, etc.). For anything past establishing the initial connection, a warrant will be required.
While at first glance the draft may seem rather mild, Shami Chakrabarti, director of the civil rights group Liberty, has pointed out that it’s fairly standard practice for the Home Office to “ask for the most outrageous … powers, so that the smallest so-called “concessions” seem more reasonable.”
In her most recent conversation on monitoring communications, Theresa May has pointed out that the purpose of the bill was to allow law enforcement the ability to follow criminals into the ever advancing digital age.
May claims that monitoring website history is comparable to monitoring telephone records, stating that it’s common for people to communicate over mediums other than the telephone — for example, email and social media. She then continues to argue that this bill will allow law enforcement to keep up with the advancing communication methods.
While that might seem like a good argument, this bill completely overlooks the existence of encrypted applications such as WhatsApp or Apple’s iMessage (among many others) — where service providers are rendered powerless when it comes to decrypting user communication.
This oversight makes one wonder about who this bill is truly intended for, especially after applying May’s own assumption that criminal communication is getting smarter — and supposedly using encrypted methods of communication.
Encryption technology, such as the standards used in the aforementioned apps, has been identified as a major headache for law enforcement. Due to the nature of the encryption, law enforcement bodies are often left locked out of some areas of cyberspace.
Baroness Shields, minister for internet safety and security, has said that strong encryption plays an essential role in protecting user details, but then contradicted by adding that tech companies should be able to decrypt and hand over “targeted” data when required.
Luckily companies like Apple and WhatsApp are fighting the battle and refusing to build backdoors into their products – giving their users some hope for a more private communication medium.
Returning back to May’s Investigatory Powers Bill – it’s important to understand what this legislation if implemented, will actually mean for the average internet user. May says that the government will not “be requiring communication service providers to store third-party data,” nor will it “[give] powers to go through people’s browsing history.”
Mrs. May then followed up by saying that she would set out “very strong” oversight and authorisation arrangements for warrants to access more intrusive data.
Staying protected from prying eyes
Regardless of what the conservatives say now, nothing will be set in stone until Wednesday, when the draft goes before MPs. Until then, you can take some precautions to ensure that your data remains secure.
A good place to start would be by implementing a VPN into your browsing regiment – specifically a VPN from a provider that doesn’t keep logs. There are numerous options out there, IPVanish for example, being just one decent option.
By running IPVanish on your device, you will ensure that your website browsing history isn’t logged. Additionally, IPVanish offers a number of servers outside of the UK, which can be beneficial for UK based users looking for that extra bit of security.
Image courtesy of hin255 at FreeDigitalPhotos.net