The UK Plans to Retain All Citizens' Web History
If this new bill is made into law, it will force UK internet service providers to retain the web browsing history of every customer for up to one year.
UK Parliament. Image: Screengrab, parliamentlive.tv
On Wednesday, the UK's Home Secretary Theresa May announced the Draft Investigatory Powers Bill, which, if made into law, will force internet service providers to retain the web browsing history of every customer for up to one year. Those records can then be requested by law enforcement.
Police will only be able to request details about certain types of websites that a user has accessed such as social media, illegal sites, or a specific site based on an IP address, Ars Technica UK reports.
The bill also explains how warrants for such data are handled, in what the bill describes as a "double-lock" system. This means that first the Secretary of State authorizes it, and then the warrant must be approved by a judge before it comes into effect. In urgent cases, the warrant can be authorized immediately, but a judge then reviews the decision and can reverse it.
As for what crimes this data might be used for, they cover everything from drugs, guns, child abuse, organised crime and terrorist attacks, according to the bill.
"It is not mass surveillance," May said in a comment at the House of Commons.
"An Internet Connection Record is a record of the communications service that a person has used, not a record of every web page they have accessed," May said. "So, if someone has visited a social media website, an Internet Connection Record will only show that they accessed that site, not the particular pages they looked at, who they communicated with, or what they said."
Regardless, that is a treasure trove of data that can be used to map out an individual's thoughts, activities, and associations to a highly specific degree, especially when that data has been retained for up to 12 months.
The Guardian notes that the practice of retaining internet browsing histories might be illegal in the US, Canada, Australia and Europe because of its intrusiveness. It is also banned in Britain under the 2015 Counter-Terrorism and Security Act, the Guardian says.
"This bill will redefine the relationship between the state and the public for a generation," said Jim Killock, executive director of the Open Rights Group in an emailed statement. "The government needs to get it right and made [sic] sure that the UK's law enforcement and security agencies can fight serious crime while upholding all of our human rights."
"However, at first glance, it appears that this bill is an attempt to grab even more intrusive surveillance powers and does not do enough to restrain the bulk collection of our personal data by the secret services. It proposes an increase in the blanket retention of our personal communications data, giving the police the power to access web logs."
This draft bill has been a long time coming. Back in June 2012, the Draft Communications Bill was published, a proposed piece of legislation that also aimed to retain the internet browsing histories of all British citizens, amongst other powers. However, it was quickly dubbed the 'Snoopers Charter' by media and some politicians, and was eventually axed by the then-coalition government.
After this, a plethora of documents released by Edward Snowden to journalists revealed that Government Communications Headquarters (GCHQ), the UK's version of the National Security Agency (NSA), is already engaged in wiretapping the internet's backbone, and scooping up emails, Skype calls, and social media messages, amongst other things.
When the Conservatives won the general election earlier this year, it was made clear that the Snooper's Charter, or at least something very similar in approach, would be revived, bringing us to this latest bill.
The bill is not law yet: after being looked over by a Joint Committee of Parliament, a revised bill will be presented in the spring. It is her intention to have it made into law before the end of next year, May said.