The Snooper’s Charter will afford those in power even more leeway to go through your shit
This week, the government finally opened up about massive changes in the pipeline for the powers of surveillance available to the police and intelligence agencies. In a draft bill dubbed “The Snooper’s Charter”, Theresa May, the Home Secretary, revealed how she plans to bring spying laws into the 21st century.
Now there’s definitely a balance to be struck between protecting our privacy and ensuring that we’re all kept safe. But where exactly is the line? And what does this mean for us in our daily lives?
This morning we caught up with Carly Nyst, a human rights lawyer and independent consultant working on technology and human rights. She was previously the legal director of Privacy International, a London-based charity that defends the right to privacy across the world. We asked her whether these new proposals were anything to worry about, and what, if anything, we can do to protect our privacy. Here we look at why this is actually really fucking terrifying and why you should care.
WHAT’S THE OVERALL PICTURE?
According to Carly, the government has placed, in very clear terms, what are “very frightening powers, far greater surveillance powers than any other western democracy, and indeed potentially any country in the world.”
“There’s nothing specifically to separate this from the types of mass surveillance we’ve seen from authoritarian governments,” she argues. “They can intercept emails, hack into apps on bulk, or go into your device and access information on you smartphones you never intended to even put online.”
We’re talking texts, emails, messages, phone calls and a whole lot more here. Targeted interception of all these ways we communicate is already legal, that’s to say, if the cops or GCHQ wanted to spy on you directly, they already can. This won’t change under the new law, but some things will.
Before now there was no law that allowed the Government to hack into our devices. Now there is. That’s smartphones, computers, tablets. This means private materials, including stuff you never planned on putting online, will all be accessible to authorities.
YOUR BROWSING HISTORY
We all look at things online we probably don’t want the world to know about. Whether it’s porn, weird medical things, or an online shop filled with legal highs. This is probably the most tangible data that we’ll be worried about. So, what does this new law mean?
Looking through this new bill, your internet providers (either mobile phone companies, or home internet suppliers like BT and TalkTalk) will have to keep a record of all your browsing for a year. Whether it’s Amazon, Facebook, weird porn or Silkroad, our footprints will be available for the police and intelligence agencies to look through. Just think, your last 10 Google searches can give anyone an accurate picture of what’s going on in your life.
Carly argues this isn’t just the concerning if you’re anxious about the cops and intelligence agencies knowing what you’re up to. “What happens when someone hacks in to their systems?” she asks. “You only need to look at the TalkTalk hack this week.” So it’s not just the Government, but hackers and cyber criminals, who soon might be seeing what you’ve been searching for.
There are some other big changes set to come in new powers too, that will allow the Government to collect data about us en masse. These bulk powers can be split into four categories. It’s useful to know about them, but there’s basically fuck all you can do about it. This is where your calls, emails, texts etc. come into play.
Bulk Interception of Data – Edward Snowden already showed us this was happening, but it’ll be put it into law. The cables that carry data in and out of the UK are tapped, which means all of our communications, that’s phone calls, texts, emails and more, can be harvested all at once.
Bulk Acquisition of Data – We found out yesterday the Gov’t has been doing this for a decade already. This means they can go to a phone company, and ask for all the records they hold on everybody, for the last year. Every single person. This is now considered unconstitutional in the United States, for perspective.
Bulk Equipment Interference (hacking) – This is for foreign targets only but they could, for example, send a piece of malware to everybody who has Angry Birds around the world, and then exploit that malware to hack into any phone at any time. This is huge.
Bulk Personal Data Requests - This will affect companies that have nothing to do with communications, lets say insurance companies, the NHS, or border agencies. The Government will be able to take their entire data sets in one sweep.
“For these bulk powers, there’s no need to have a suspect, or any suspicion, or even a target,” Carly explains. Sounds grim, right?
DO WE NEED TO BE MORE CAREFUL?
Carly reckons so. “I’m definitely a person who would say we have to strike a balance between convenience and privacy”, she tells me. “We want to make use of apps that make life easier, you know, storing credit card data on Amazon is convenient! But on the other hand, we need to be incredibly careful that we’re not providing our data that isn’t challenging for agencies to get hold of.” Using Whatsapp is a start, although Carly reckons more and more companies will create similar protected ways for us to communicate.
BUT I’VE DONE NOTHING WRONG!
Doesn’t matter really. Remember here’s no need to be a suspect, or remotely involved in criminal activity, to be of interest to the police, and have your data accessible. Let’s say you were near a crime, or someone called you who also called someone who is a suspect, then your data comes into play. Maybe someone at GCHQ has just taken a dislike to you. Everything is fair game!
IS THERE ANY PROTECTION OR OVERSIGHT?
We usually rely on the courts to keep the government in check, and with surveillance it’s no different. The police can’t send us to prison until we’ve been found guilty in a trial, so what protection do we get for the state tracking our every move in Big Brother gone all real life?
The government has introduced the idea of a judicial commissioner, judges with some oversight, which Carly argues is a “step in the right direction.” The problem is that these judges are gutted of any real powers. The police officer or agent who wants bulk access to some data needs to go to their boss to sign off on it, and then it goes to a judge. This judge can only check whether the correct process has been followed, they have no power to question the merits of the case. As long as the officer has ticked all the right boxes, then they can get hold of everything they want, no matter whether it’s reasonable. So, in short, the answer is no there’s no protection.
WHAT CAN WE DO TO PROTECT OURSELVES THEN?
Carly reckons there are a few things. You could use a VPN (virtual private network) that’s based in another country; which means your internet is provided aboard. Problem is this bill suggests Britain could serve warrants on foreign companies too. It sounds pretty complicated, and there’s no guarantee it would work.
The biggest protection we do have is encryption; services like Whatsapp and iMessage are already encrypted end to end, this means the messages being sent can’t be read, even if they get intercepted. This is your best bet for getting in touch with your dealer now.
“The British Government is proposing the most expansive surveillance powers of any country in the world. Unless those are curtailed in the next few months, before this becomes law, we’ll all wake up next year realising we live in a society where our every single move is recorded and tracked. It’s scary. But now it’s a draft, we all can engage and feedback, there’ll be an open consultation, you can express opinions online. We can’t let ourselves sleepwalk into this surveillance society.”