The Queens Speech announced new monitoring powers “to tackle terrorism”. This bill entitled the “Investigatory Powers Bill” has its roots in the “Communication Data Bill” (nicknamed “the Snooper’s Charter”) which the government intended to introduce in the 2012-13 Parliamentary session. The Snooper’s Charter was eventually dropped due to opposition from the Liberal Democrats. The details of the new bill are not fully known as yet but it is believed that it will give the police and security forces even greater powers than those set out in the 2012 draft.
What will almost certainly appear in the new bill is the requirement for Internet Service Providers (ISPs) and mobile phone operators to record the activities of subscribers. A record of texts, emails and phone call will be held for at least a year. This rule will apply to all subscribers and not just those who might be under suspicion of terrorist activity. Mobile phone operators and ISPs will need to invest in the infrastructure to support this requirement and will inevitably pass these costs on to consumers.
Another area the bill is likely to address is encryption. A number of apps allow users to encrypt messages so that third parties (who may potentially be criminals) cannot intercept and read them. The problem for the Government is that this also makes the content of the messages unavailable to the security forces. A possible solution is to legislate against the use of encryption which is so complex that it prevents government bodies breaking it. The problem with this approach is that if the security forces can break the encryption then hackers will as well.
By Professor Mike Jackson, IT and Cyber Security expert at Birmingham City University’s Business School
Bio : Mike has successfully supervised over 10 research students and has examined PhDs at a number of UK universities. He has been involved with a number of research conferences most notably the British National Conference of Database series, the Object Role Modelling Workshop and the International Conference on Pervasive Computing and Applications. He was General Conference Chair of the International Conference on Data Engineering in 1997 and Finance Chair for the Very Large Database Conference in 1999. For many years he was on the International Editorial Board of the journal “Information Software and Technology” and is currently a member of the Editorial Board of the “International Journal of Space-Based and Situated Computing”. Mike is a member of the BCS Board of Examiners and also the Academic Accreditation Committee.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.