|Editions | myCNN | Video | Audio | Headline News Brief | Feedback||
U.K. pulls back on cybersnoop bill
(IDG) -- In the face of increasing pressure from privacy groups, business groups and Internet service providers (ISPs), the U.K. government is backing away from some of the more controversial aspects of its e-mail surveillance bill currently under consideration in the House of Lords.
The Home Office, which proposed and is overseeing the Regulation of Investigatory Powers (RIP) bill on behalf of the government, will send amendments on the bill to the House of Lords on Monday or Tuesday for discussion on Wednesday, a spokesman for the Home Office told the IDG News Service.
The bill, which has already passed the House of Commons, would give the U.K. government sweeping powers to access e-mail and other encrypted Internet communications.
"Yes, we've been listening to suggestions being made by the British Chambers of Commerce (BCC) and others, and with the amendments, we are trying to offer reassurances to industry while trying to maintain the balance of the bill," the Home Office spokesman said.
The government spokesman denied that Home Secretary Jack Straw is attempting to avert a revolt in the House of Lords, or that the move is a significant change of tactics for the government. "We've been making amendments to the bill throughout the process, as we do with any bill," he said.
The RIP bill -- to get a second reading by the House of Lords at the end of the month -- would require ISPs in the U.K. to track all data traffic passing through its computers and route it to the Government Technical Assistance Center (GTAC). The GTAC is being established in the London headquarters of the U.K. secret service office, MI5 -- the equivalent to the Federal Bureau of Investigation (FBI) in the U.S.
Under the provisions of the RIP bill, the U.K. government -- specifically the Home Office and its head, the Home Secretary -- can demand encryption keys to any and all data communications with a prison sentence of two years for those who do not comply with the order.
Furthermore, if a company official is asked to surrender an encryption key to the government, that individual is barred by law from telling anyone -- including their employer, be it senior management or security staff -- that they have done so. Guidelines for this "tipping off offense," as it is known, could leave an international company completely unaware that what it assumes is secure company data may be under investigation by MI5.
While U.K. employees are protected against the consequences of passing encryption keys or encrypted data to the government, that protection does not extend outside the U.K. to other jurisdictions, such as that of the parent company.
The RIP bill already has 229 amendments which must be addressed by the House of Lords, but the government's new amendments are meant to address the more controversial aspects of the bill, the Home Office spokesman said.
"We want to make the definitions clearer. For example, we can request a list of Web sites visited from an ISP, just as we can ask the telephone company for a record of a person's phone calls. But if open up those URL and see how a person has interacted with that site, that is very different, and it has never been our intention to obtain that sort of data," the Home Office spokesman said.
The government is not looking to back down from those aspects of the RIP bill which are coming under attack but wishes to clear up any confusion that may be causing concern within the business community, he said.
"The 'tipping off offense' is not something we envision being used frequently or widely, but it is necessary. There are times when our investigations are covert. But we fully understand the importance of those keys, and it is more important to reassure business and industry that the keys will be kept very secure," the spokesman said.
Civil liberty organizations are worried that the government's e-mail interception bill would grossly encroach on privacy, while businesses fear the law will force e-commerce companies to move operations to other countries, such as Ireland, which do not have such restrictions. And ISPs in the U.K. are concerned that the costs of establishing the technology required by the RIP bill would be crippling.
The BCC has estimated that implementing the RIP bill will cost industry 46 billion pounds (US$69.9 billion) over 5 years, a claim that Jack Straw vehemently denied in a letter sent to the Financial Times on June 14 and posted on the Home Office Web site.
Concern over U.K. e-mail surveillance bill grows
RELATED IDG.net STORIES:
Concern over U.K. e-mail surveillance bill grows
The British Chambers of Commerce
|Back to the top||
© 2001 Cable News Network. All Rights Reserved.|
Terms under which this service is provided to you.
Read our privacy guidelines.