UK government wants to send tech companies officials to jail for disclosing snooping details on users
Under a new sweeping law, many tech companies like Twitter, Yahoo and Google may face prison if they tip off their customers about spying operations by police and the security services. These tech giants have a policy of notifying users when it’s suspected that a state-level actor is attempting to hack into their account. Twitter, Facebook and Google had previously assured their users that they would also warn them of any potential government spying.
However, the UK ministers specifically aren’t happy about this and are lobbying to make it a criminal offense for tech firms to warn users of requests for access to their communication data made by security organizations such as MI5, MI6 and GCHQ (the Government Communications Headquarters). They are trying to push for a bill to that effect that will see the bosses of any company face up to two years in prison.
David Anderson QC, the independent reviewer of terrorism legislation had prepared a report in June that revealed Twitter’s policy requires it to notify its users of requests to access their data “unless persuaded not to do so, typically by a court order.” However, a note to the bill would make this illegal.
The note says it “will ensure that a communication service provider does not notify the subject of an investigation that a request has been made for their data unless expressly permitted to do so.”
The move, included in the controversial draft Investigatory Powers Bill and dubbed as the snooper’s charter, was unveiled by home secretary Theresa May in November will further stoke tensions between the authorities and the communications companies, who officials say have become less co-operative in the wake of the Edward Snowden leaks.
Part of the proposed legislation would require communications firms to store details of the public’s use of the internet and apps for 12 months, including a record of every internet site visited, and allow government agencies unrestricted access to the data.
The note says: ‘While in many cases it would be detrimental to the investigation if a communication service provider notified the subject of an investigation that a request for their data had been made, there are cases where this would not be the case.
‘The legislation provides for communication service providers to notify the customer in such circumstances where the public authority is content for them to do so.’
While the bill is being put forward as a deterrent against terrorism, online monitoring at this level has been banned in the US, Canada, and every other European nation.
The bill could also allow the UK government to demand that companies weaken the encryption on messaging services such as WhatsApp and iMessage to allow agencies to snoop on conversations, a proposal that Apple is strongly against. “We believe it would be wrong to weaken security for hundreds of millions of law-abiding customers so that it will also be weaker for the very few who pose a threat,” Apple said. “In this rapidly evolving cyber-threat environment, companies should remain free to implement strong encryption to protect customers.”