Experts Reaction On Home Office Tests Web-Spying Powers With Help Of UK Internet Firms

Two UK internet providers have been helping the Home Office and National Crime Agency track the websites visited by customers. A trial of new powers granted by the controversial Investigatory Powers Act of 2016 has been going on for months. It involves the internet providers creating internet connection records (ICRs), which can be used to show which websites a person visited and when. Digital rights campaigners have raised privacy concerns. 

Subscribe
Notify of
guest
3 Expert Comments
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Paul Bischoff
Paul Bischoff , Privacy Advocate
InfoSec Expert
March 12, 2021 1:19 pm

<p>The Investigatory Powers Act allows the UK government and ISPs to violate the privacy of internet users through extremely invasive bulk data collection. This bulk surveillance records the websites visited by as many or as few people as authorities wish. This is mass surveillance of the UK\’s own people, as invasive as the NSA spying uncovered by Edward Snowden in 2013. The Act grants too much power without transparency to authorities, and will no doubt have a chilling effect on free internet use in the UK.</p> <p> </p> <p>Collection of these ICRs is just one way that the Investigatory Powers Act emboldens government authorities to invade the privacy of citizens who are not suspected of any wrongdoing. Companies operating in the UK must decrypt data on demand and must notify the government before launching new security features. Intelligence agencies like the GCHQ are legally allowed to hack into citizens\’ devices under the law.</p> <p> </p> <p>I strongly recommend internet users in the UK employ a VPN to keep their browsing histories private.</p>

Last edited 1 year ago by Paul Bischoff
Chris Hauk
Chris Hauk , Consumer Privacy Champion
InfoSec Expert
March 12, 2021 1:21 pm

<p>Full-blown surveillance of users\’ online activities should be illegal in all countries, but unfortunately many governments (like the UK) hide behind the shield of investigating criminal and terrorist activities. Instead, this offers the government the wide-ranging ability to tell any ISP in the UK to save logs and other information related to all customers\’ online activities for up to a year. This results in providing the ability to track all users\’ online visits, whether they were browsing recipes or watching porn. </p> <p> </p> <p>This is why I always urge online users in any country to use a mo-logs Virtual Private Network to cover their online tracks. A VPN encrypts your internet connection, preventing ISPs and anyone else from tracking your online travels.</p>

Last edited 1 year ago by Chris Hauk
Brian Higgins
Brian Higgins , Security Specialist
InfoSec Expert
March 12, 2021 1:23 pm

<p>UK Law enforcement agencies and other authorities have long been able to legally request Communications Data from service providers, although it has historically been in relation to mobile phone records. The fact that these powers are now being transferred to cover internet communications is simply a recognition that legacy legislation was not appropriate in order to investigate modern criminality. Neither old nor new legislation has ever allowed investigators to access message content. They are simply allowed to request what is commonly referred to as ‘Traffic Data’; the numbers called or websites visited. </p> <p> </p> <p>Similarly, mobile service providers have traditionally been required to retain this ‘business data’ for 12 months to allow effective investigations to take place. The new Act is simply an extrapolation of existing regulations and powers to modernise the law and reflect contemporary internet use in society. </p> <p> </p> <p>Obviously, there are those who do not agree with such civil protections but I would suggest that the fact these powers are being tested so comprehensively ought to be a point of reassurance, not criticism. </p>

Last edited 1 year ago by Brian Higgins
Information Security Buzz
3
0
Would love your thoughts, please comment.x
()
x