This is not the first time I have expressed very deep concern over plans in the UK to monitor Internet and web communications. From the time of my last missive, these plans have evolved into a draft called Protecting the Public in a Changing Communications Environment, that is up for a public consultation in the UK until 20th July. I noted one year ago that,
It’s also unclear as to how invasive this technology will be. Clearly, if it only records emails SENT or RECEIVED, there’s huge gaping security loophole in the form of DRAFT emails. Simply share an account / password combination over coffee and voila, you have a totally secure form of email communications without ever sending an email (simply update each other’s drafts). It’s also unclear whether this database will tap into instant messaging and if so, just how? What about Skype VOIP that’s encrypted? And how about Blackberry’s? Or the walled gardens of social networks and the IM systems they employ?
It’s clear with the new draft that some of my earlier questions and concerns have been addressed. The biggest assurance and change is that there will not be a central database of information pertaining to the Internet and web communications of UK’s citizens and others in the country (for the system to work, it must extend beyond citizens to anyone who access a ‘net connection in the UK, incl. transit passengers in air and ship terminals, students, off-the-shelf SIM cards and mobile accounts, international roaming customers etc).
As noted by the BBC report on this,
Existing legal safeguards under the Regulation of Investigatory Powers Act would continue to apply. Requests to see the data would require top level authorisation within a public body such as a police force. The Home Office is running a separate consultation on limiting the number of public authorities that can access sensitive information or carry out covert surveillance.
There are serious concerns though. As the same BBC report notes,
Guy Herbert of campaign group NO2ID said: “Just a week after the home secretary announced a public consultation on some trivial trimming of local authority surveillance, we have this: a proposal for powers more intrusive than any police state in history.
My worry is not so much the Orwellian society this can create in the UK and its consequential implications for and arguably serious erosion of data privacy norms, data retention policies, access to this information and the nature of public participation in democracy through the Internet and web et al, but how repressive governments will now use this proposed legislation as an imprimatur of legitimacy for their own survellience mechanisms to clamp down on dissent. While the case for monitoring Internet and web communications to prevent terrorist attacks is, prima facie, indubitably good, the devil is in the details especially for countries like Sri Lanka where the imcumbent Government has brutally and with impunity clamped down of dissent and free expression.
As I have noted in the past, ostensibly benevolent surveillence such as pornography filters can be the harbinger of more aggressive mechanisms to monitor and shut down dissent.
This is why the the UK’s proposed actions are of interest to a wider global community, and why legislation in this regard could be a model for other countries to follow suit, for their own parochial ends.