By Zoe Kleinman & Tom Singleton
BBC Technology team
The UK tech industry has deep concerns over government plans to amend a law dubbed a “snooper’s charter”.
Ministers insist their changes to the Investigatory Powers Act is intended to keep UK citizens safe.
But, in a statement, trade body techUK said the changes were neither balanced nor proportionate.
It warns that citizens’ privacy, security and safety could be put at risk.
The statement has been signed by more than a dozen bodies and individuals focused on the tech industry and human rights.
It is not the first criticism of the government’s plans to amend the law, which are due to be debated again in parliament on Monday.
In January, Apple told the BBC ministers were seeking to pre-approve new security features introduced by tech firms – something it said amounted to “unprecedented overreach”.
The Home Office said then it was seeking to “protect the country from child sexual abusers and terrorists.”
In response to the techUK statement, the government says: “We do not recognise claims made in this joint statement. The Investigatory Powers (Amendment) Bill will make urgent, targeted changes to reflect the reality of modern threats to national security whilst utilising the necessary tools to keep the public safe, underpinned by world-leading safeguards and oversight”.
A spokesperson added that the bill had been independently reviewed and will be “subject to robust debate.”
Data gathering
The act currently allows the intelligence agencies to access large amounts of data, including from electronic devices.
It also gives them the power to access messages and listen in to phone calls, and requires internet service providers to keep data about their customers’ internet browsing for one year.
This data is accessible to the police, to some government departments and some emergency services.
The proposed amendments would require messaging platforms to inform the Home Office about security updates before they are released – this applies to any firm with UK customers even if the business is not based here.
It also introduces a new category of “less sensitive data” although critics say this does not have a clear definition.
TechUK and the others says the legislation is being “rushed” and has not had “proper scrutiny.” Their statement outlines a series of concerns, saying the amendments would:
- Weaken safeguards when intelligence services collect bulk datasets, potentially enabling the harvesting of millions of facial images and social media data
- Expand the range of politicians who can authorise the surveillance of parliamentarians
- Impede companies’ ability to advance the data protection efforts expected by users, governments and regulators globally
- Make the UK the “weak link” in the chain of global online security
The signatories to the statement include the the Computer and Communications Industry Association, the Information Technology and Innovation Foundation, and the Internet Society, as well as human rights groups such as Liberty and Privacy International.
They say the bill needs to be more closely examined.
“We continue reiterating the critical need for rigorous scrutiny, to ensure all concerns are addressed, as is appropriate for a Bill with such significant impacts,” they wrote.