A legal challenge by Labour MP Tom Watson against the UK government’s
own digital mass surveillance legislation laws introduced in 2014 has led to a court deciding that the laws were illegal.
The legislation that was successfully challenged in court was the Data Retention and Investigatory Powers Act (DRIPA), which was actually replaced at the end of 2016 by The Investigatory Powers Act, also known as the Snooper’s Charter.
What Was Wrong With DRIPA?
DRIPA required communications companies to store detailed personal information e.g. people’s mobile phone data, their emails, texts and internet communications.
Tom Watson has been reported as saying that, back in 2014, DRIPA was rushed through Parliament just before recess, and therefore lacked proper parliamentary scrutiny. This meant that one section was inconsistent with EU law. It was this section that UK judges agreed was illegal because it granted spy agencies and law enforcement access to UK citizens’ phone records and internet activity for reasons other than using the details to fight serious crime, all without seeking or getting approval from a court or independent authority.
What Difference Does This Make?
Even though DRIPA is defunct, many of those who objected to DRIPA have said that in the light of the court’s ruling, the current Investigatory Powers Act should be changed accordingly, and that a system of independent approval for access to communications data needs to be put in place.
Digital rights Charity Liberty is reported as saying that the judgement tells ministers that they are breaching the public’s human rights, and that the latest incarnation of the Investigatory Powers Act must now be changed.
Already Heading That Way Says The Government
The Security minister Ben Wallace is reported as saying that the government had already announced that it would amend the Investigatory Powers Act to address the two areas in which the Court of Appeal found against the previous data retention regime.
Current Snooper’s Charter In Crowdfunded Challenge
The current Investigatory Powers Act is being challenged separately by the charity Liberty with the help of £50,000 crowdfunding. Liberty wants to challenge the Charter on the argument that surveillance of everybody in the UK may not be lawful or necessary, and that whistle-blowers and experts have warned that the powers would actually make it more difficult for security services to do their jobs effectively.
There are also the arguments that the new law puts too much power in the state’s hands, could be an invasion of privacy, and that the government’s storing of large amounts of sensitive information about each of us could in itself be irresponsible and a security risk.
Some critics have also expressed suspicions about the motives of the UK government for introducing the law e.g. to censor and control rather than to protect.
What Does This Mean For Your Business?
The ruling by the European Court of Justice back in December 2016 that DRIPA was unlawful, coupled with this latest agreement by judges with Tom Watson’s challenge will strengthen the need for the UK government to act quickly to make changes to what has been controversial legislation.
Most people would probably agree that people in the UK need to be protected from terrorist attacks, and that children and young people need to be protected from predatory behaviour and the activities of paedophiles online. Although the Investigatory Powers Act may include measures that could help with that, many people and businesses (communications companies, social media companies, web companies etc) are uneasy with the extent of the legislation and what it forces companies to do, how necessary it is, and what effect it will have on businesses publicly known to be snooping on their customers on behalf of the state. The 200,000+ signatures on a petition calling for the repeal of the Investigatory Powers Act after it became law, and the £50,000 crowdfunding raised from the public in less than a week to fight the bill, both emphasise the fact that UK citizens value their privacy and take the issues of privacy and data security very seriously.