The Investigatory Powers Act was passed by politicians in December 2016, to much controversy. Nicknamed the Snooper’s Charter, it has been created to reform the way surveillance can be used, and gives the government much greater authority to access data from personal devices and web records. The aim of the bill is to give the government increased powers to combat terrorism.
It extends the powers of government and public bodies like the Government Communications Headquarters (GCHQ) around what they can legally hack and collect covertly through surveillance.
Concerns have been raised around the issue of privacy, with a case already having been taken to court by David Davis MP, backed by the human rights group Liberty about privacy and wholesale hacking of data.
The European Court of Human Rights ruled that “General and indiscriminate retention” of data such as emails and messages etc. by governments is illegal.
There were also fears about privacy invasion, where phone records, electronic communications and web records can be collected on mass when there is no suspicion of any serious crime taking place.
After the ruling, the Investigatory Powers Act has had to be amended to change the following:
1. Restricting the use of communications to serious crime only
2. Requests by public bodies, such as the Police, for data to be restricted to crimes which carry at least a six-month prison sentence.
3. The creation of the Office for Communications Data Authorisations to allow for independent authorisation of data requests.
4. Mandatory rules brought in to protect the data that is retained by security services.
5. The situations that communications data can be accessed have been clarified to ensure these rules are clear and cannot be misinterpreted.
What does the bill cover?
In essence, the Investigatory Powers Act covers the ability for government security services to access your phone records, any electronic communications you sent, and any web records you have stored.
Security services have the legal power to get a warrant to bug phone services and computers, and phone and web companies are legally obliged to assist them to access these.
The same services can also access bulk data collections such as hacking in a foreign region where there is a known or suspected terrorist. Data can be gathered from a large number of devices within the region which means that some people, who are not likely to be terrorists, will also have their data hacked.
Security services can also access bulk data from medical records, such as NHS records. The revising of the Act meant that this should only ever be in “exceptional and compelling” situations.
Web and phone companies must keep all of your records to websites for 12 months so that public bodies like the police and security services can access them if need be.
For messaging services that are encrypted, such as WhatsApp and Apple’s iMessage service, the government have the powers under the act to force companies to remove electronic encryption. However, this would involve a potentially lengthy and costly court battle which could result in them losing because of the global implications.
Protections in place
When the Act was revised following the court’s ruling, it meant that there were some concessions made which provided some reassurance.
The protection of privacy was made clearer, in that actions such as surveillance and hacking should not be undertaken if the information could be gathered in other ways. Warrants should not be issued in these cases.
This new clause in the Act makes it clear that anyone misusing these powers will receive severe penalties.
The Investigatory Powers Commissioner and Judicial Commissioners will be appointed by the serving Prime Minister, and will independently uphold the law, with regard to privacy. They will undertake audits and ensure compliance to uphold privacy to individuals where possible.
What does this mean for you?
In essence, it means that if you are suspected of a serious crime, there is a chance that your mobile phone records, any messages you’ve sent in the last 12 months and any web browsing history could be passed on to one of the following:
The police forces - which includes military and naval police and British Transport Police
Security services - including the Secret Intelligence Service and GCHQ
Department of Health
Ministries of Justice and Defence
National Crime Agency
Her Majesty’s Revenue and Customs
Departments for Transport, and Work and Pensions
NHS Trusts which provide an ambulance service
Competition and Markets Authority
Bodies such as the Financial Conduct Authority, Food Standard Agency, Gambling Commission, Gangmasters and Labour Abuse Authority, the Health and Safety Executive
Independent Police Complaints Authority
Scottish, Welsh and Northern Ireland equivalents
Warrants have to be applied to access bulk data, and this should only be in extreme circumstances so data like your medical records is unlikely to be accessed in this way.
Crimes have to be serious to issue a warrant for surveillance, so it’s unlikely that you’ll find your privacy invaded in this way.
247 Detectives have an encryption certificate on our site, so you can be assured your data is safe with us. We pride ourselves on being discrete and protecting customer privacy. Contact us [https://www.247detectives.com/get-in-touch.php] today for assistance with covert surveillance, tracing and investigation services.