The Joint Committee on the Draft Investigatory Powers Bill invites any "interested individuals and organisations" to submit evidence to this inquiry. Written evidence should arrive no later than 21 December 2015. Here are the four main questions:
No, the powers are not necessary, because they are based on the idea that mass surveillance works. It doesn't.
No, the powers are not legal: both the Court of Justice of the European Union and the European Court of Human Rights have said mass surveillance is illegal.
No, they are not workable, because the idea of an Internet Connection Record makes no sense. UK's biggest telecoms confirmed the plan is unworkable.
No, the powers are not supervised because the "double-lock" authorisation is a sham: the judge does not check whether the authorisation was justified, only whether the procedure was correctly followed.
Also worth noting that the distinction between "content" and "communications data" is meaningless: metadata is actually more revealing than content, because it is already parsed in a computer-readable form that allows it to be combined with billions of other pieces of metadata.
Creating huge databases of metadata will create huge honeypots that will be irresistible to criminals and foreign governments. Stealing the metadata will give them valuable information that can be used for identity theft or blackmail.
Finally, it is worth pointing out that the whole idea of "equipment interference" is really stupid. If agencies are given permission to break into people's systems, they can plant anything there, and make changes to things like browser histories. As a result, any computer evidence in a trial is suspect, since it could easily have been planted using "equipment interference" without anyone noticing. As computer-based evidence becomes more important, "equipment interference" would seriously undermine the UK's legal system. It should be the very rare exception, not part of a standard toolset.
This is a really important consultation: please respond by Monday.
Are the powers sought necessary?Weirdly, you are not allowed to publish your submission until you are given permission:
Has the case been made, both for the new powers and for the restated and clarified existing powers?
Are the powers sought legal?
Are the powers compatible with the Human Rights Act and the ECHR? Is the requirement that they be exercised only when necessary and proportionate fully addressed? Are they sufficiently clear and accessible on the face of the draft Bill? Is the legal framework such that CSPs (especially those based abroad) will be persuaded to comply? Are concerns around accessing journalists’, legally privileged and MPs' communications sufficiently addressed?
Are the powers sought workable and carefully defined?
Are the technological definitions accurate and meaningful (e.g. content vs communications data, internet connection records etc.)? Does the draft Bill adequately explain the types of activity that could be undertaken under these powers? Is the wording of the powers sustainable in the light of rapidly evolving technologies and user behaviours? Overall is the Bill future-proofed as it stands?
Are the powers sought sufficiently supervised?
Is the authorisation process appropriate? Will the oversight bodies be able adequately to scrutinise their operation? What ability will Parliament and the public have to check and raise concerns about the use of these powers?
Evidence which is accepted by the Committee may be published online at any stage; when it is so published it becomes subject to parliamentary copyright and is protected by parliamentary privilege. Submissions which have been previously published will not be accepted as evidence. Once you have received acknowledgement that the evidence has been accepted you will receive a further email, and at this point you may publicise or publish your evidence yourself. In doing so you must indicate that it was prepared for the Committee, and you should be aware that your publication or re-publication of your evidence may not be protected by parliamentary privilege.So, let me give a summary of my answers to the questions:
No, the powers are not necessary, because they are based on the idea that mass surveillance works. It doesn't.
No, the powers are not legal: both the Court of Justice of the European Union and the European Court of Human Rights have said mass surveillance is illegal.
No, they are not workable, because the idea of an Internet Connection Record makes no sense. UK's biggest telecoms confirmed the plan is unworkable.
No, the powers are not supervised because the "double-lock" authorisation is a sham: the judge does not check whether the authorisation was justified, only whether the procedure was correctly followed.
Also worth noting that the distinction between "content" and "communications data" is meaningless: metadata is actually more revealing than content, because it is already parsed in a computer-readable form that allows it to be combined with billions of other pieces of metadata.
Creating huge databases of metadata will create huge honeypots that will be irresistible to criminals and foreign governments. Stealing the metadata will give them valuable information that can be used for identity theft or blackmail.
Finally, it is worth pointing out that the whole idea of "equipment interference" is really stupid. If agencies are given permission to break into people's systems, they can plant anything there, and make changes to things like browser histories. As a result, any computer evidence in a trial is suspect, since it could easily have been planted using "equipment interference" without anyone noticing. As computer-based evidence becomes more important, "equipment interference" would seriously undermine the UK's legal system. It should be the very rare exception, not part of a standard toolset.
This is a really important consultation: please respond by Monday.