Surveillance laws are supposed to keep us safe and respect our privacy. The Investigatory Powers Bill does neither.
Here are our eight recommendations for surveillance laws that protect our security AND our freedom.
1. Judicial warrants
All surveillance requests must be authorised by a judge.
All surveillance requests must be granted a warrant by a judge before that surveillance takes place – including requests to intercept communications, send undercover operatives to spy on people, or hack and access our data.
And what the Home Secretary has touted as “judicial authorisation” in the IP Bill isn’t actually judicial authorisation at all. The Bill creates a new approach involving a “Judicial Commissioner”.
Ministers will continue to authorise warrants before passing them to a Commissioner – and all they’ll have the power to do is “review” the decision. Relegated to little more than glorified rubber-stampers, they’ll only be able to disagree with outrageously unreasonable requests. A huge number of democratic countries require judicial warrants for surveillance – including all the other countries involved in the Five Eyes Alliance; USA, Australia, Canada and New Zealand.
2. Respect our data
No new blanket powers forcing communications companies to store more – and more revealing types – of our data.
The Independent Reviewer of Terrorism, David Anderson, has warned that the case for a host of bulk surveillance powers has not been made. The USA and a number of other European and Commonwealth countries do not compel service providers to retain their customers’ weblogs for inspection by law enforcement, and continuing down this road will place Britain in the company of authoritarian regimes across the world.
Additionally, the track record of internet companies to keep that data safe doesn’t fill us with confidence (for example see the recent hacking of TalkTalk - four people so far have been arrested including some under the age of 16).
3. Targeted surveillance - for a reason
Surveillance should only be conducted for a number of tightly defined reasons i.e. investigating serious crime and preventing loss of life. Strong legal protection should be provided for privileged and confidential material.
There is no convincing evidence that mass surveillance is vital to save lives. Rather, the amount of data currently being collected overwhelms the security services, making us less safe. Surveillance should be conducted for a narrow range of tightly defined purposes i.e. in the targeted investigation of serious crime and other legitimate objectives such as preventing risk to life. However it is currently being used for vague and non-crime related purposes (as recognised in the High Court judgment in Liberty’s challenge to DRIPA with MPs David Davis and Tom Watson).
A targeted approach to surveillance - requests and warrants must target individuals on the basis of suspicion in criminal activity.
Liberty is calling for a targeted, as opposed to mass or 'thematic', approach to surveillance. As revealed by Edward Snowden, the Agencies have claimed powers to intercept and hack entire telecommunications systems meaning billions of innocent communications are routinely intercepted and processed.
The Bill seeks to put these powers on the statute book and expand them - new provisions allow the Agencies to acquire 'bulk personal datasets' and communications on millions of innocent people.
Retention of communications data and surveillance warrants should instead target individuals on the basis of suspicion of involvement in serious crime.
Strong legal protection for privileged and confidential material
Legislative safeguards providing additional protection for legally privileged communications, journalistic sources and parliamentarians’ correspondence should be enshrined in primary legislation.
4. Transparency and redress
All surveillance powers should be publicly disclosed and explicit safeguards set out in the IP Bill. There must be improved redress and increased transparency for people who have been spied on.
The IP Bill has introduced an element of transparency by identifying which surveillance powers the Government is using. However, the Bill is light on detail, and fails to provide necessary safeguards to protect the powers from abuse. In fact, the Bill would introduce new imprisonable offences for whistleblowers, preventing injustices becoming public.
Redress mechanisms must also be improved
A person who was the subject of intrusive and targeted surveillance methods must be told when they are no longer under suspicion (unless there is a good reason for maintaining secrecy).
Further, the Investigatory Powers Tribunal (IPT) – which hears legal challenges against the use of surveillance – must be reformed and made more transparent. Currently it isn’t required to hold oral hearings and if it finds against a complainant it can’t give its reasons for doing so. It cannot make a formal declaration, a “declaration of incompatibility”, that legislation violates the Human Rights Act.
The IPT must become more transparent and open to the public. Whilst the IPT remains so shrouded in secrecy, it is impossible to hold the security services to account for human rights abuses.
5. Use of intercept evidence in court
Intercepted communications should be admissible in criminal trials.
The bar on the admissibility of intercept evidence, if properly obtained via a judicial warrant, in criminal proceedings should be lifted. Why is this vital evidence not used to bring perpetrators to justice?
6. Fair and open international data sharing laws
The arrangements for intelligence sharing of surveillance data between the UK and other countries must be set out in law and available to the public.
Transparent and proportionate arrangements for the sharing of surveillance data between intelligence agencies should be agreed between the UK and foreign States, made publicly available and incorporated into law.
Mutual Legal Assistance Treaties (MLAT) – law enforcement tools governing the exchange of information between countries – should be improved and replace attempts to place extraterritorial obligations on foreign tech firms (as proposed in the Investigatory Powers Bill).
7. Protect our encryption standards
Safeguard our country’s security by protecting - not undermining - encryption standards.
Encryption is vital to the security of our online communications. If we weaken standards to allow Government to get its hands on more of our personal communications, that information is vulnerable to use and abuse by the bad guys too. Do we really want our iMessage communications to be less secure than those of people using the service in other countries?
8. Recognition of the unique threat mass hacking poses to our security
Hacking is a grave privacy intrusion - much more intrusive than “traditional” forms of state surveillance, including interception, and its capacity to undermine device, network and internet security can’t be overstated.
It carries unlimited and untested potential for Government to act against the security and economic interests of its own citizens, whether consciously or otherwise.
The Government's legislation allows for the mass hacking of devices, affecting potentially millions of innocent users' devices, undermining the safety of us all. Hacking should only be used in extremis as a last resort, and warrants should always specify named suspects or premises.