Politics are something we usually avoid on this blog. Unless something involves a rocketship, pint sized genewrought soldiers, elves or the odd six shooter, they're not the stuff we cover; but for this there had to be an exception. However, there's a matter here which I felt required me to throw in my two cents.
The British government, in their latest effort to better integrate themselves with the internet, is introducing an act known as the Investigatory Powers Bill. Intended to help hunt down terrorists, sexual deviants and anyone they find threatens them, this act will bar internet firms from retaining unbreakable encryption. Instead, the government is to have full access to all records of anyone using any system from up to a full year ago. While it has been stated that this won't go into exact specifics in some cases, it has been confirmed that this will track which websites you visit. Through this the government hopes to track down the main chat rooms, websites and links helping to connect terrorists; and as a result shut down the a few major recruitment and communication lines for threats within the UK.
Like so many things, the government doesn't fully understand what it's doing. It doesn't comprehend, or even care, the long term damage this will do to internet businesses. Let's make this clear to start with: The idea of having a system to track and shut down threats like this? Fine, no problems with that in the slightest. This however, is badly thought out, poorly managed and quite frankly is open such an incredible degree of abuse it makes the NSA's antics look tame by comparison.
The first real warning light which comes into play is, when you take notice of who would be in control here. When suggested or implemented for other countries, the main governing body always put forwards were those directly involved in law, specifically oversight via a tribunal of judges. In this case, the bill has been written to limit their power as much as possible, or even their basic decision making process. Internet service providers are, under this decree, required to provide any information required about anyone on demand. However, the bill makes it clear that the judges are required in turn to approve more or less any and all warrants under almost any circumstance.
Terms can be worked in just about any way needed, and given their limited power under this bill it leaves the politicians in control. This means it could be used to look into any part of your history they desire, effectively on a whim. Everything from who you have called to the internet searches you've made, even your movements, all would be an open book to these people for more or less any reason. To be blunt, it could be used to track almost any part of your life and these people barely need an excuse in order to do so. This is also assuming that said judges even understand the very task they are being put in charge of. The judges themselves planned for this role are figures long since retired, so you can imagine the kind of problems that will cause.
The main argument against any possibility of corruption has been the promise of up to a two year prison sentence should a politician be found guilty of abusing these powers. Given some of the broad terms involved, that's already a big if, but then you have to focus upon the first part of that threat "up to a two year prison sentence". People abusing this power could get away with far less, limiting the sentence to perhaps months or even weeks given the right lawyers. It's a wrist slap at best and a blunt sword of Damocles at worst; a measure which will have little to no effect in the long run.
Still, let's be generous and assume that parliament is trustworthy. Let's enjoy some fantasy for a moment where the people in charge of running the country can be trusted to do that. Instead you have just have to worry about their staggering incompetence and how their narrow mindedness will make things so much easier for the very threats they hope to stop. Everyone knows about the disastrous TalkTalk hacking incident recently, where hundreds of thousands of customers had their financial details stolen. Imagine that event but happening every week. Imagine if every big provider, upon being hacked, could have your details stolen by almost anyone. It would be heaven for those wanting to commit identity theft, for stalkers, for those looking to track down specific individuals for, well, let's just say less than scrupulous reasons. Even if the government doesn't need back-doors for this, it's all but openly handing every criminal a key for online crime.
Then, atop of everything listed so far, remind yourself of the sorts of people the government have targeted in the past. Remind yourself of the previous actions they have taken in the name of security, and how authority has been abused in the name of protection. As you might have guessed, none of this is about security. All of it is simply about power, and having that little bit more to help stay in control, and beat down anyone who they feel affronts them.
I'll freely admit this is a layman's view on the subject. I'll freely admit that I can only offer a general perspective rather than that of an expert well versed in law or telecommunication. However, unlike Home Secretary Theresa May, I can at least admit that rather than pushing forwards laws governing something I lack a total understanding of.
I'm really surprised this is something they're pushing for, but it just goes to show you just need one nut to ruin everything for everyone. Something I'd also like to point out is that this bill keeps track of view history and it's the companies responsibility for tracking this, not anything else like any sort of recording what somebody might do on the page, which sounds like they're trying to make a "Guilty by association" argument.
ReplyDeletePersonally I don't think this is going to go through (as far as I've heard it hasn't yet) and even if it somehow does the backlash it's going to get from pretty much everyone will have it gone fairly soon. At the very least it's things like these that make me glad I don't live in the UK.
Incidentally, according to the Independant (I don't know how trustworthy they are) the data that was stolen was actually left unencrypted, and to give it credit the bill isn't supposed to show what you do on a page and since it's the companies job to track this they're supposed to retain full encryption, though how much you believe that is left up to how much you trust politicians and the companies they'll be working with.
Well, the sad thing is this is a lot of stuff they're either doing or trying to do most of the time. Most of what's being done here is to officially establish and sanction these acts, and give politicians the excuse to personally do it. In all honesty, it seems less like a determined effort to hunt down terrorists and more of an excuse to fight back against any journalist or force investigating them, so they can dig up dirt on them. Call it paranoia, but we've seen worse from them over the years.
DeleteThe bigger problem is that most people actually support this. There's a staggering number of people in the UK who just don't comprehend exactly what this is going to do and just see it as hunting down terrorists. Half of those i've spoken with had the massive problems go right over their hear, and it seems as if they really don't understand this will be TalkTalk times a hundred. Also, thank you for that minor correction on them having unencrypted info.