After the Joint Select Committee slammed the Home Office for the poor quality and unjustified over-reach of the Communications Data Bill (CDB) or Snoopers' Charter, things seemed to go very quiet. We heard a little from the Home Office indicating that they were finally getting round to talking to ISPs, but the amount of news might have led one to assume it was dead. But with the publication of another Parliamentary report this week, along with estimates of the cash spent getting this far, it's clear that the Bill lives on.
A delayed reply to a parliamentary question disclosed the cost of getting this far. Responding to David Davies, James Brokenshire indicated that it's cost £405 million to get CDB this far. It's hard to conceive how that much money could have been spent, and the answer doesn't help us understand, but it suggests that the price tag associated with CDB is going to be absolutely enormous. At a time when the rest of the country is facing constant austerity measures, that sort of spending is remarkable. Someone has a charmed budgetary life.
To gain insight into exactly why so much money is being spent, one needs well-placed figures to ask good questions and publish a report of the answers. The report in question (PDF) is from Parliament's Intelligence and Security Committee (ISC), a group of legislators with security clearance to review classified information and thus ask detailed questions that actually get answers from the Home Office. The report, published Tuesday, includes useful indications of the real motivations of the security services in driving new legislation. While many of the names and numbers are redacted, it's clear the need is to gain the same level of insight into communications traffic between "persons of interest" as used to be achievable solely with phone and mail tracking.
ISC seem to be aware of the issue of the indistinct line between communications data and private content, and commented that "as technology changes, it is important to ensure that the line can still be drawn between content and data" and "the primary concern about the use of CD is how intrusive it is. The right of citizens to go about their business without interference from the state is an important principle of our way of life." They note that the sort of data the police and intelligence agencies need is now carried via digital means, and they accept that it's just not available to the security agencies any more. They conclude "it is essential that the Agencies maintain the ability to access communications data" and "we believe that the decline of available communications data will begin shortly to have a serious impact on the intelligence and security Agencies."
OK, so they support the CDB? Well, yes and no. ISC supports its intent, but has issues with the vageness of the expression of need by the Home Office, with the lack of definition of the powers sought and the consequent over-reach of the legislation. They say "we strongly recommend that more thought is given to the level of detail that is included in the Bill, in particular in relation to the Order-making power. Whilst the Bill does need to be future-proofed to a certain extent, and we accept that it must not reveal operational capability, serious consideration must be given as to whether there is any room for manoeuvre on this point: Parliament and the public will require more information if they are to be convinced."
While change to CDB is inevitable, digital rights activists are expecting some sleight of hand. Casual conversation with experienced campaigners suggests that legislation arising from civil service operations rather than from a party political agenda can be immune to real change. We can expect expert linguistic work to restructure the Bill to address the letter of the concerns of both the joint select committee and the ISC without actually affecting the substance. We have already seen a tendency of the Ministers involved to treat all criticism as the work of subversives.
But the ISC report should give pause to those Ministers and mandarins. For a Committee that can be expected to be sympathetic to the CDB, the ISC's summary statement is strongly worded and the Home Office dare not ignore it. Let's hope they will seek the help of others in groups like Privacy International and the Open Rights Group to actually get things right, rather than just trying to ram the legislation through yet again. That way we might be able to find a compromise that leaves the country defended and citizen rights intact.
Find your next job with computerworld UK jobs