How the Investigatory Powers Bill could affect the way we browse and do business
It’s December 2017. Imagine you’re buying Christmas presents online, a rather innocent pursuit. You have also got YouTube on in the background and you’re listening to a rather outspoken rock group. Then you check your smartphone and find somebody has sent you a risque picture on Snapchat. Normally, you would think nobody is watching you. But from March 2017 (several months before this scenario), this could happen, thanks to the Investigatory Powers Bill.
Today, the UK’s Investigatory Powers Bill has been granted Royal Assent, after being passed in both Houses of Parliament. In a nutshell, this means anything you do and say on the internet can be taken down and used as evidence. Internet connection records of each user, by their IP address and Internet Service Provider will be retained for a year.
It has been claimed by Home Secretary, Amber Rudd (Conservative, Hastings and Rye) that “the internet presents new opportunities for terrorists and we must ensure that we have the capabilities to confront this challenge”.
The Investigatory Powers Bill will grant backdoor access to computers, networks, mobile devices, and servers. This will apply if an equipment interference warrant has been granted by the Secretary of State. Under an equipment interference order, keyloggers and spyware can be added to your PC or mobile device. This will be available to police forces and intelligence services.
Furthermore, bulk data sets will be obtainable by intelligence agencies. This enables them to hack into data from overseas related communications (i.e, websites hosted outside the UK or UK-related communications from overseas), if national security is the case.
There will also be two new positions created, both chosen by the Prime Minister: the Investigatory Powers Commissioner and Judicial Commissions. The former would be a senior judge.
Internet Connection Records
The most controversial part of the Investigatory Powers Bill regards internet connection records. At present, Internet Service Providers are not obliged to keep a record of every customer’s site visits. From the 01 March 2017, BT, Virgin Media, Sky, et al, will be required to keep a record of internet connection records for a year. Each entry would be kept by means of the following fields, as this example shows:
- Who? (the customer or IP address): A Browser;
- What? (description of website): Net Sixty Six SEO;
- When? (date and time): 15 November 2016, 10:04:43;
- Where? (place or GPS reading): Todmorden.
Therefore, even browsing the least controversial of websites could land you in trouble if, for example, you are accused of plotting a crime. The use of one’s public WiFi in a chain pub could assume the user has drink problems. Your purchasing and search history could be used against you, not only in a criminal investigation but also, potentially, if you’re trying to claim state benefits.
Not only that, 48 public authorities could have access to your internet connection records. Not only GCHQ, also the Department for Work and Pensions, the British Transport Police, and the Competition and Markets Authority.
For SEO, bulk hacking could have an effect on social media campaigns. With the number of clients that search engine consultancies and design agencies have, would their internet connection records be queried?
One thing for sure is the Investigatory Powers Bill could have ramifications for the way we do business. There may be fewer tweets or status updates on social media sites. As for privacy, more or less dead. Unless you revert to typewriters, hand delivering written correspondence, and refuse to use a smartphone.
- Wired Magazine: It’s Official, The Snooper’s Charter is Becoming Law: How the IP Bill Will Affect You: Matt Burgess, 29 November 2016;
- Home Office: The Investigatory Powers Bill 2016 – 17: HM Government, 29 November 2016;
- The Register: Queen signs the Investigatory Powers Act Into Law Alexander J. Martin, 29 November 2016.
Net Sixty Six SEO, 29 November 2016.