- What the Investigatory Powers Act means for you
With the passing of the Investigatory Powers Act, previously secret illegal surveillance practice revealed by Edward Snowden will now be entrenched in law, alongside new powers not used in any western democracy.
Below are some of the key ways the IPA might affect you.
Your Internet history can be logged
Every website you visit, the fact of every communication you make, and every mobile app that connects to the internet can now be logged, recorded and made accessible to the Government.
Logs of your Internet activity, dubbed “Internet Connection Records” by the Investigatory Powers Bill doesn’t already exist, and companies will be forced to spy on their customers to create the records from scratch. They are imprecisely defined, and different companies will be forced to apply the vague standards in different ways. With everything from your fridge to your car being connected online, the scope of this power, and the number of records created about your life will only grow.
Location and phone call history will be recorded
Every time you make a phone call or send a text message, your location and who you are communicating with will be logged by your mobile phone provider. This can be requested and made accessible to the Government.
The broad nature of these powers have already been struck down by the courts, but the Investigatory Powers Bill tweaks them to try and sidestep the courts ruling.
Police will have a new data-mining super search
A new data mining super search will allow police to combine your Internet history alongside your mobile phone location and call records as well as any other data the police may hold. No judicial warrant will be needed before the police or the intelligence agencies can use ‘the filter’. Instead, the requesting body will internally authorise such access.
Your phone can be hacked even if you’re not of interest
For the first time the police will be able to hack your phone, take photos using the camera, nosy through anything stored on the phone and remotely switch on the microphone – even when the phone is turned off.
Remarkably, hacking powers will be able to be used against people who “are not of intelligence interest in their own right” meaning even if you are not suspected of committing a crime of any other wrong doing you phone could still be compromised.
The intelligence agencies will have specific powers to hack in bulk including for everyone in a particular location. While the power is intended to only be focussed outside the UK, loopholes mean it can be used at home in the UK too.
You might never be able to trust your computer again
One of the ways the police will undertake their hacking operations will be to enlist technology companies to do the hacking for them. Whether it’s an app developer, internet service provider or hardware company, the Government can now force them to assist. This means software updates pushed out to customers might be booby trapped with government backdoors.
How can you tell the difference between a backdoored software update and a legitimate one? You can’t.
Your private information is less safe
Newly created massive databases to create, and store your Internet Connection Records in one place are attractive targets for cyber criminals and other attackers. The question isn’t whether they will tried to be hacked, but when.
Whats worse is that companies products may not be as safe and secure as they’d like them to be. When served with a notice, companies may be forced to remove encryption which keeps data safe, or re-architect their systems to be less secure so that law enforcement can get the information they think they need. The problem is that this could weaken the security of the companies products for every single person in the world.
Mass surveillance of communications will continue
None of the capabilities revealed during the Snowden revelations will end. Instead, they are being placed onto a legal footing so they can’t be challenged as easily in the courts.
This means that on top of all the powers already listed, a further 50 billion communications events will be captured by GCHQ every single day. As there are only seven billion of us in the world, and three billion of us who have access to the internet, the intelligence services are subjecting as many people in the world to surveillance as their computers can handle. This includes programs like Optic Nerve, which stored nude images from millions of Yahoo! webcam users.
What can you do?
Any successful campaign needs resources, whether it be for educational material, undertaking investigations, or mount legal challenges. Any donations you are able to make to NGOs can help fight back against mass surveillance and the intrusion into your private life.
You can read up on the Bill and educate your friends and family as to the concerns and dangers. Other articles about what the IPBill means have been published by the Guardian, the Verge, Wired, or Computer World among many others.
You can help ensure that your communications are technically protected by practicing good operational security – and teaching others how to do this. There are great guides out there to get yourself up to speed or help double check what is good practice.