- Review: Tyler Perry’s ‘A Fall From Grace’ is both nonsensical and utterly predictable Friday 6:48 PM
- Is Hulu censoring the Iran episode of Anthony Bourdain’s ‘Parts Unknown’? Friday 6:05 PM
- Trump admin celebrates Michelle Obama’s birthday by proposing rollback of her signature initiative Friday 4:01 PM
- TSA apologizes after agent grabs indigenous woman’s braids, says ‘giddyup’ Friday 3:28 PM
- Blue Bell ice cream licker pleads guilty Friday 2:54 PM
- 7 fortune-telling sites for when you’re bored Friday 2:21 PM
- Governor bans sex puns on free condom wrappers Friday 2:16 PM
- Is Justin Bieber’s ‘Yummy’ video secretly about Pizzagate? Friday 1:01 PM
- Woah Vicky rips out her hair in botched cultural appropriation attempt Friday 12:30 PM
- Here’s an exclusive look at ‘Weathering With You’ Friday 11:57 AM
- TikTok dudes are dipping their balls in soy sauce for ‘science’ Friday 11:49 AM
- Pete Buttigieg’s denial of fixing bread prices becomes its own meme Friday 11:10 AM
- Houston Astros get torched with buzzer memes after new revelation Friday 10:41 AM
- Teens are eating cereal out of each other’s mouths for clout Friday 10:34 AM
- Did Martha McSally plan her ‘liberal hack’ viral moment? Friday 10:32 AM
U.K. surveillance bill would effectively ban strong encryption
The Conservative government says it’s necessary to protect U.K. citizens.
The United Kingdom may soon force companies to bypass strong encryption, effectively banning the primary tool that allows users to fully protect their online data and communications, according to a new proposal from the Conservative government published on Wednesday.
A sweeping new 299-page proposal from U.K. Home Secretary Theresa Mays would grant national police new legal abilities to track and hack U.K. citizens without a warrant. It would also require companies to assist in several key ways, including by keeping records on the websites visited by customers for a year and assisting security services in hacking targets.
The new ban on strong encryption will be the strongest action by a Western government so far in a growing political battle over cryptography that stretches from Washington to London and beyond.
The bill would also allow the bulk collection of data from websites—but not, according to Mays, every specific Web page—visited by customers. This type of online bulk collection is not allowed in any other Western country. Mays calls it “simply the modern equivalent of an itemized phone bill.”
Programs like Apple‘s iMessage and Facebook‘s WhatsApp, both of which use encryption by default, would fall under the new proposal’s rules. Apple lawyers have said they cannot provide iMessage data to any authorities because the encryption is beyond their ability to decipher.
The new law would ban such strong encryption.
I would like to see Apple refuse to sell iPhone in UK if gov’t bans end-to-end encryption. Does Parliament dare be that stupid?
— Jimmy Wales (@jimmy_wales) November 3, 2015
Encryption tools have become increasingly popular around the world since Snowden leaked documents to journalists concerning secret surveillance programs spearheaded by the National Security Agency and its British counterpart, Government Communications Headquarters.
Two years after Snowden revealed the bulk communications collection that the GCHQ is engaged in, the new proposal allows the agency to continue to practice of bulk collection, even against people not suspected of a crime.
The new bill does provide some checks and balances on surveillance. Interception warrants will be given by “double-lock” that allows a panel of seven retired judges to veto. When spying takes place against elected politicians in Parliament, the U.K. prime minister himself will need to consent. Other “sensitive professions” will be subject to special protections. These professions include medical doctors, lawyers, journalists, Members of Parliament and the devolved legislatures, and Ministers of Religion.
The new draft of the investigatory powers bill is the culmination of a years-long political saga reignited by the deadly attacks on Charlie Hebdo in January 2015. In days following that attack, U.K. Prime Minister David Cameron criticized strong encryption and argued that an effort to “modernize” the country’s police meant they should not allow communication that cannot be read by security services during an emergency.
“There should be no area of cyberspace which is a haven for those who seek to harm us, to plot, poison minds, and peddle hatred under the radar,” Mays said in a statement on Wednesday. “But I am also clear that the exercise and scope of investigatory powers should be clearly set out and subject to stringent safeguards and robust oversight, including ‘double-lock’ authorisation for the most intrusive capabilities. This bill will establish world-leading oversight to govern an investigatory powers regime which is more open and transparent than anywhere else in the world.”
Opposition politicians in the U.K. have had various reactions.
David Winnick from the Labour Party says the proposal could be a “bitter blow to civil liberties.” Nick Clegg from the Liberal Democrats argued this proposal is “much improved” from the original 2012 proposal, which he was instrumental in defeating.
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.