I live in the UK and the thing that's disturbed me most about all this is how little coverage there's been and how little outrage there is about the consequences of this law. I genuinely think as a country we've given up. There's no enthusiasm for any cause and no one has any will left to stand up for the things they ought to care about. It's a weird atmosphere here now.
What frighten me most is that Labour, supposedly the official opposition to the government, refused to try to stop or improve this bill. Instead they waved it through, abstaining on key votes, and not bothering to table amendments.
All of this is despite Labour being run by figures who have a long history of opposing government authoritarianism. For example, Jeremy Corbyn didn't vote against it. Shami Chakrabarti, who spent years running Liberty, an organisation dedicated to protecting individual liberties, abstained.
What the hell is going on behind the scenes when people like that have been successfully silenced?
When a law this far-reaching and repressive is passed with a conspiracy of silence and acquiescence from both the media and the political establishment, you have to conclude that UK democracy is basically non-functional. It's over.
Yes, the lack of outrage is worrying to say the least.
What I find very disturbing is the response I've got from some people in regards to signing the petition against the legislation.
"I don't want to sign that, I will probably end up on some watchlist".
This is incredible, to admit this you are basically admitting that we no longer live in a free democracy. If you cannot sign a petition regarding basic civil liberties without ending up on a watchlist then you do not live in a free democracy. Upon me telling them this, I am usually then greeted with a shrug.
I have a feeling that UK people have decided not to care about hypotheticals, and that includes laws that technically exist but aren't inconveniencing them right now. People basically assume that the law lets the government do as it damn well pleases, or lets it off for doing so with a totally ineffectual slap on the wrist. Therefore the content of the law is irrelevant.
If the government uses the law to do bad things, people might start to raise a ruckus.
I've posted this on my facebook and I immediately got 3 people telling me that they don't have anything to hide and I'm being paranoid. They are all British.
I really think that UK suffers because it hasn't gone through a restrictive communist government that had extended surveillance and censorship - so that now, in 2016, people don't know how to recognize signs of what's coming.
As a fellow Brit, I agree and it also feels like the timing of this was conveniently done while Brexit was going on and the US election. I think we're all fatigued right now which isn't fair.
Coincidentally, 'the percentage of people who say it is “essential” to live in a democracy has plummeted, and it is especially low among younger generations.'
Stage 3: Political collapse. Faith that "the government will take care of you" is lost. As official attempts to mitigate widespread loss of access to commercial sources of survival
necessities fail to make a difference, the political establishment loses legitimacy and relevance.
Imo people need to attack the hard problem of changing the political landscape, limiting the power of the government and making it accountable. Fighting each and every overreach is way harder than limiting them in the first place. It is completely logical that the government is grabbing for more power as long as it is not incentivized to actually serve the people.
That's why people don't trust the mainstream media anymore. They've become to close to power, and they only report on things that they know aren't offensive to those on power. So they avoid talking about protests or power-grabbing laws.
Having attempted to read the legislation passed, I actually have no idea in a lot of ways what this bill does and what this bill doesn't cover. (The main thread of what it covers seems terrible).
I consider myself a quite intelligent and logical person, but I get lost halfway through reading it. It seems full of contradictions and half vague statements that could or couldn't cover something.
Are these bills purposefully confusing by design? It seems like you can interpret it in a lot of ways. Why is it not clear, concise and understandable?
"The Government is clear that, at a time of heightened security threat, it is essential our law enforcement, security and intelligence services have the powers they need to keep people safe.
The Investigatory Powers Act transforms the law relating to the use and oversight of Investigatory powers. It strengthens safeguards and introduces world-leading oversight arrangements.
The Act does three key things. First, it brings together powers already available to law enforcement and the security and intelligence agencies to obtain communications and data about communications. It makes these powers – and the safeguards that apply to them – clear and understandable.
Second, it radically overhauls the way these powers are authorised and overseen. It introduces a ‘double-lock’ for the most intrusive powers, including interception and all of the bulk capabilities, so warrants require the approval of a Judicial Commissioner. And it creates a powerful new Investigatory Powers Commissioner to oversee how these powers are used.
Third, it ensures powers are fit for the digital age. The Act makes a single new provision for the retention of internet connection records in order for law enforcement to identify the communications service to which a device has connected. This will restore capabilities that have been lost as a result of changes in the way people communicate.
Public scrutiny
The Bill was subject to unprecedented scrutiny prior to and during its passage.
The Bill responded to three independent reports: by David Anderson QC, the Independent Reviewer of Terrorism Legislation; by the Royal United Services Institute’s Independent Surveillance Review Panel; and by the Intelligence and Security Committee of Parliament. All three of those authoritative independent reports agreed a new law was needed.
The Government responded to the recommendations of those reports in the form of a draft Bill, published in November 2015. That draft Bill was submitted for pre-legislative scrutiny by a Joint Committee of both Houses of Parliament. The Intelligence and Security Committee and the House of Commons Science and Technology Committee conducted parallel scrutiny. Between them, those Committees received over 1,500 pages of written submissions and heard oral evidence from the Government, industry, civil liberties groups and many others. The recommendations made by those Committees informed changes to the Bill and the publication of further supporting material.
A revised Bill was introduced in the House of Commons on 1 March, and completed its passage on 16 November, meeting the timetable for legislation set by Parliament during the passage of the Data Retention and Investigatory Powers Act 2014. Over 1,700 amendments to the Bill were tabled and debated during this time.
The Government has adopted an open and consultative approach throughout the passage of this legislation, tabling or accepting a significant number of amendments in both Houses of Parliament in order to improve transparency and strengthen privacy protections. These included enhanced protections for trade unions and journalistic and legally privileged material, and the introduction of a threshold to ensure internet connection records cannot be used to investigate minor crimes.
Privacy and Oversight
The Government has placed privacy at the heart of the Investigatory Powers Act. The Act makes clear the extent to which investigatory powers may be used and the strict safeguards that apply in order to maintain privacy.
A new overarching ‘privacy clause’ was added to make absolutely clear that the protection of privacy is at the heart of this legislation. This privacy clause ensures that in each and every case a public authority must consider whether less intrusive means could be used, and must have regard to human rights and the particular sensitivity of certain information. The powers can only be exercised when it is necessary and proportionate to do so, and the Act includes tough sanctions – including the creation of new criminal offences – for those misusing the powers.
The safeguards in this Act reflect the UK’s international reputation for protecting human rights. The unprecedented transparency and the new safeguards – including the ‘double lock’ for the most sensitive powers – set an international benchmark for how the law can protect both privacy and security.
Home Office"
Again in their response, I have no idea what they really said. It's not clear other than some vague line on terrorism and safety. It's all a mixture of half speak and jargon.
I do find such a law quite strange though. The intention (at least for public consumption) was to help "prevent" terrorism. Not sure how the NHS or health services seeing your browser history will do that.
France already has a similar law in place so I wonder how that worked out for them by preventing the Bataclan massacre. (it didn't)
This law will probably not help in any shape or form to prevent terrorism but was merely implemented to provide some form of leverage over people.
"Do as we say or this lovely data becomes public, or you are denied healthcare because of a site you visited but never visited because it was a hidden iframe"
The truth is that authorities the world over have finally caught up with the internet. Look at it this way: they already had pretty extensive powers to monitor telephone calls and correspondence; then the internet came about, and slowly made them blind.
Until a few years ago, they compensated by treating the internet as a free-for-all where they could spy at will; as people fought back and started to demand accountability and limits, they responded with a legislative backlash that is slowly making gains everywhere. The most authoritarian-inclined states (UK, France, Italy) have passed the worst laws, but others are busy following suit.
It's an ideological battle, and they are winning it. One day we will look back at the Chinese firewall as a pioneering effort.
But just to play devil's advocate, it is possible the authorities could have prevented the Bataclan massacre but chose not to "for the greater good". There's a similar conspiracy theory around the Coventry blitz[0].
It might very well be false, I'm just suggesting there may be an alternate explanation (i.e. the French surveillance is actually working very well).
It is curious to note that if you very slowly and gradually reduce the size of the sheep pen, as long as the sheep are still fed, they won't notice until they are driven down the tunnel to the slaughter house.
It is not until they hear the captive bolt being shot through the skull of the sheep in front of them, that they finally start to panic.
This is basically national security letters with oversight. Which is part of the problem. When any of the major democracies introduces a law like this, it normalises it for the rest. Which then gives encouragement to the more oppressive countries. The whole world seems to be in a race to the bottom.
I would like the crypto-experts of HN to help understand what consequences this has. For example, I have whatsapp with E2E encryption. Can the government read my texts now?
It is impossible to read properly encrypted data. However, this law enables government to require tech firms to deliberately break cryptography in their products.
I would like to attain some decent level of privacy, but my searches on how to go about it yield a large amount of conflicting information (which I suspect is there on purpose.) Is there a sensible guide out there that some of the experts at HN would recommend?
It depends on your threat model: what do you want to hide and from who? If you simply want to avoid someone reading your messages (payload), using https everywhere, end-to-end encrypted chat clients (ie. Signal), encrypted mail (ie. PGP), maybe disk encryption (ie. VeraCrypt) should be enough to defend against non-targeted attacks and government dragnets. If you want to hide your "meta-data" from non-targeted government snooping (browsing history and who do you contact with) it gets more complicated -- in this case you also need VPN and/or Tor. Defending against targeted attacks is next to impossible, but you should not be worried about these anyway, unless you are on FBI's top list or smth. Using open-source tools and avoiding highly centralized services (Google, Facebook etc.) is generally a good idea for a privacy minded individual as well.
UK is going to get hacked into oblivion once the key gets leaked, and it will get leaked. "Hey lets cripple national security under a single point of failure in the name of security".
What technical solutions can be used to prevent this? As I understand, this mainly entails internet access logs? Would a secure, off-shore VPN defeat this?
yeah. They're just tracing what pages the ISP serves you. So if you encrypt and proxy your requests via something else they'll only know you're accessing some random server somewhere.
> "The UK government can certainly insist that a company not based in the UK carry out its orders – that situation is specifically included in the new law – but as to whether it can realistically impose such a requirement, well, that will come down to how far those companies are willing to push back and how much they are willing to walk away from the UK market."
[+] [-] boyce|9 years ago|reply
[+] [-] stupidcar|9 years ago|reply
All of this is despite Labour being run by figures who have a long history of opposing government authoritarianism. For example, Jeremy Corbyn didn't vote against it. Shami Chakrabarti, who spent years running Liberty, an organisation dedicated to protecting individual liberties, abstained.
What the hell is going on behind the scenes when people like that have been successfully silenced?
When a law this far-reaching and repressive is passed with a conspiracy of silence and acquiescence from both the media and the political establishment, you have to conclude that UK democracy is basically non-functional. It's over.
[+] [-] doc_holliday|9 years ago|reply
What I find very disturbing is the response I've got from some people in regards to signing the petition against the legislation.
"I don't want to sign that, I will probably end up on some watchlist".
This is incredible, to admit this you are basically admitting that we no longer live in a free democracy. If you cannot sign a petition regarding basic civil liberties without ending up on a watchlist then you do not live in a free democracy. Upon me telling them this, I am usually then greeted with a shrug.
[+] [-] JulianMorrison|9 years ago|reply
If the government uses the law to do bad things, people might start to raise a ruckus.
[+] [-] gambiting|9 years ago|reply
I really think that UK suffers because it hasn't gone through a restrictive communist government that had extended surveillance and censorship - so that now, in 2016, people don't know how to recognize signs of what's coming.
[+] [-] martin-adams|9 years ago|reply
[+] [-] Luc|9 years ago|reply
Coincidentally, 'the percentage of people who say it is “essential” to live in a democracy has plummeted, and it is especially low among younger generations.'
http://www.nytimes.com/2016/11/29/world/americas/western-lib...
Seems to be happening worldwide, to some degree.
[+] [-] DonaldFisk|9 years ago|reply
Or are we at stage three of Dmitri Orlov's Five Stages of Collapse (http://cleaves.zapto.org/news/attachments/nov2009/5stagescol...)?
Stage 3: Political collapse. Faith that "the government will take care of you" is lost. As official attempts to mitigate widespread loss of access to commercial sources of survival necessities fail to make a difference, the political establishment loses legitimacy and relevance.
[+] [-] ddmf|9 years ago|reply
[+] [-] EasyTiger_|9 years ago|reply
[+] [-] Nux|9 years ago|reply
[+] [-] a_imho|9 years ago|reply
[+] [-] FullMtlAlcoholc|9 years ago|reply
[+] [-] mtgx|9 years ago|reply
[+] [-] doc_holliday|9 years ago|reply
I consider myself a quite intelligent and logical person, but I get lost halfway through reading it. It seems full of contradictions and half vague statements that could or couldn't cover something.
Are these bills purposefully confusing by design? It seems like you can interpret it in a lot of ways. Why is it not clear, concise and understandable?
[+] [-] doc_holliday|9 years ago|reply
https://petition.parliament.uk/petitions/173199
"The Government is clear that, at a time of heightened security threat, it is essential our law enforcement, security and intelligence services have the powers they need to keep people safe.
The Investigatory Powers Act transforms the law relating to the use and oversight of Investigatory powers. It strengthens safeguards and introduces world-leading oversight arrangements.
The Act does three key things. First, it brings together powers already available to law enforcement and the security and intelligence agencies to obtain communications and data about communications. It makes these powers – and the safeguards that apply to them – clear and understandable.
Second, it radically overhauls the way these powers are authorised and overseen. It introduces a ‘double-lock’ for the most intrusive powers, including interception and all of the bulk capabilities, so warrants require the approval of a Judicial Commissioner. And it creates a powerful new Investigatory Powers Commissioner to oversee how these powers are used.
Third, it ensures powers are fit for the digital age. The Act makes a single new provision for the retention of internet connection records in order for law enforcement to identify the communications service to which a device has connected. This will restore capabilities that have been lost as a result of changes in the way people communicate.
Public scrutiny
The Bill was subject to unprecedented scrutiny prior to and during its passage. The Bill responded to three independent reports: by David Anderson QC, the Independent Reviewer of Terrorism Legislation; by the Royal United Services Institute’s Independent Surveillance Review Panel; and by the Intelligence and Security Committee of Parliament. All three of those authoritative independent reports agreed a new law was needed.
The Government responded to the recommendations of those reports in the form of a draft Bill, published in November 2015. That draft Bill was submitted for pre-legislative scrutiny by a Joint Committee of both Houses of Parliament. The Intelligence and Security Committee and the House of Commons Science and Technology Committee conducted parallel scrutiny. Between them, those Committees received over 1,500 pages of written submissions and heard oral evidence from the Government, industry, civil liberties groups and many others. The recommendations made by those Committees informed changes to the Bill and the publication of further supporting material.
A revised Bill was introduced in the House of Commons on 1 March, and completed its passage on 16 November, meeting the timetable for legislation set by Parliament during the passage of the Data Retention and Investigatory Powers Act 2014. Over 1,700 amendments to the Bill were tabled and debated during this time.
The Government has adopted an open and consultative approach throughout the passage of this legislation, tabling or accepting a significant number of amendments in both Houses of Parliament in order to improve transparency and strengthen privacy protections. These included enhanced protections for trade unions and journalistic and legally privileged material, and the introduction of a threshold to ensure internet connection records cannot be used to investigate minor crimes.
Privacy and Oversight
The Government has placed privacy at the heart of the Investigatory Powers Act. The Act makes clear the extent to which investigatory powers may be used and the strict safeguards that apply in order to maintain privacy.
A new overarching ‘privacy clause’ was added to make absolutely clear that the protection of privacy is at the heart of this legislation. This privacy clause ensures that in each and every case a public authority must consider whether less intrusive means could be used, and must have regard to human rights and the particular sensitivity of certain information. The powers can only be exercised when it is necessary and proportionate to do so, and the Act includes tough sanctions – including the creation of new criminal offences – for those misusing the powers. The safeguards in this Act reflect the UK’s international reputation for protecting human rights. The unprecedented transparency and the new safeguards – including the ‘double lock’ for the most sensitive powers – set an international benchmark for how the law can protect both privacy and security.
Home Office"
Again in their response, I have no idea what they really said. It's not clear other than some vague line on terrorism and safety. It's all a mixture of half speak and jargon.
[+] [-] sir-alien|9 years ago|reply
France already has a similar law in place so I wonder how that worked out for them by preventing the Bataclan massacre. (it didn't)
This law will probably not help in any shape or form to prevent terrorism but was merely implemented to provide some form of leverage over people.
"Do as we say or this lovely data becomes public, or you are denied healthcare because of a site you visited but never visited because it was a hidden iframe"
[+] [-] toyg|9 years ago|reply
Until a few years ago, they compensated by treating the internet as a free-for-all where they could spy at will; as people fought back and started to demand accountability and limits, they responded with a legislative backlash that is slowly making gains everywhere. The most authoritarian-inclined states (UK, France, Italy) have passed the worst laws, but others are busy following suit.
It's an ideological battle, and they are winning it. One day we will look back at the Chinese firewall as a pioneering effort.
[+] [-] dasboth|9 years ago|reply
But just to play devil's advocate, it is possible the authorities could have prevented the Bataclan massacre but chose not to "for the greater good". There's a similar conspiracy theory around the Coventry blitz[0].
It might very well be false, I'm just suggesting there may be an alternate explanation (i.e. the French surveillance is actually working very well).
[0] http://www.bbc.co.uk/news/uk-11486219
[+] [-] junto|9 years ago|reply
It is not until they hear the captive bolt being shot through the skull of the sheep in front of them, that they finally start to panic.
[+] [-] brokenmachine|9 years ago|reply
Terrifying? Horrific? Insidious?
[+] [-] brassic|9 years ago|reply
[+] [-] rahrahrah|9 years ago|reply
[+] [-] kbart|9 years ago|reply
It is impossible to read properly encrypted data. However, this law enables government to require tech firms to deliberately break cryptography in their products.
[+] [-] mcherm|9 years ago|reply
[+] [-] onemore|9 years ago|reply
[deleted]
[+] [-] juanre|9 years ago|reply
[+] [-] kbart|9 years ago|reply
[+] [-] vorotato|9 years ago|reply
[+] [-] rurban|9 years ago|reply
[+] [-] brokenmachine|9 years ago|reply
[+] [-] elcct|9 years ago|reply
[+] [-] reddavis|9 years ago|reply
[+] [-] rahrahrah|9 years ago|reply
[+] [-] unknown|9 years ago|reply
[deleted]
[+] [-] Chris2048|9 years ago|reply
[+] [-] Quarrelsome|9 years ago|reply
[+] [-] antouank|9 years ago|reply
If my computer makes a VPN connection with a machine outside of the UK, is the above claim still valid?
[+] [-] artofcode|9 years ago|reply
> "The UK government can certainly insist that a company not based in the UK carry out its orders – that situation is specifically included in the new law – but as to whether it can realistically impose such a requirement, well, that will come down to how far those companies are willing to push back and how much they are willing to walk away from the UK market."