
UK Government is breaking the law by collecting everyone's internet data - NiallIain
https://www.liberty-human-rights.org.uk/news/press-releases-and-statements/government-breaking-law-collecting-everyones-internet-and-call
======
diafygi
There's a great talk, Haunted by Data, by Maciej Ceglowski about how tech
companies are making a mistake by wanting to collect more and more data on
their users, because governments are just going to want to come in and take
it.

    
    
        I want you to go through
        a visualization exercise
        with me. Really imagine
        it.
        
        Nixon's in your datacenter.
        He's got his laptop open.
    
        He's logged in! He's got
        root! What does he find?
    
        If you didn't break into a
        cold sweat at the thought,
        congratulations. You are a
        good steward of data.
    
        But if Tricky Dick in your
        data center scares you,
        then consider what you're
        doing.
    

Slides:
[http://idlewords.com/talks/haunted_by_data.htm](http://idlewords.com/talks/haunted_by_data.htm)

Video:
[https://youtube.com/watch?v=GAXLHM-1Psk](https://youtube.com/watch?v=GAXLHM-1Psk)

~~~
CaptSpify
Wouldn't that be the ideal place for companies? If a government is dependent
on a company to collect data, wouldn't that government support the company in
hard times? Sure, if it was a choice between surviving and throwing the
company under the bus, the government would choose the later, but if given the
choice, wouldn't the government try to keep one of it's most powerful tools?

~~~
cryptarch
It works in Russia, China, and less so (perhaps) America (e.g. telcos). It's
similarly practical for a government to have unlimited intelligence on its
populace.

That doesn't mean its good for anyone not working for the government,
explicitly (as an employee or contractor) or implicitly (as a data collecting
company which can be forced to share).

IMO a) collecting data on users and b) doing it in a way that does not
preserve user privacy makes you complicit to mass surveillance.

Edit: directly -> explicitly

~~~
CaptSpify
> That doesn't mean its good for anyone not working for the government
> directly or indirectly.

I totally agree. I'd argue that it's objectively bad for anyone not working
for the government. But I'm talking about from the company's point of view.

------
probablybroken
It is very good news that this is being challenged; I was appalled when it
passed through parliament almost unchallenged, and it's heartening to see that
there is actually a plan by the opposition to do something about it.

~~~
PaulKeeble
Should be noted that opposition in this case is the Liberal Democrats, SNP and
Greens and the people supporting Liberty, its not the political oppoosition
(the Labour party) who voted for it.

~~~
peteretep
I was going to write something snarky, but I will simply say:

Tom Watson, the MP who brought the case, is deputy leader of Labour.

~~~
chippy
Tom Watson actually voted FOR the recent mass surveillance law / snoopers
charter. Do not praise him.

Davis, the Tory, didn't vote.

~~~
_joel
Who now (Davies) is our 'Brexit' minister. Oh, the irony.

------
jamescun
It should be noted that this ruling is related to the predecessor (DRIPA) to
the current Investigator Powers Act (IPA), however it sets a precedent for the
IPA to be challenged.

The ECJ has agreed with the British High Court's previous ruling on DRIPA, so
should still carry weight regardless of Britain's status within the EU (unless
further legal amendments are made post departure, such as the replacement of
the Human Rights Act).

------
kristofferR
It's important to note that this ruling also invalidates all other customer
traffic storage laws in the EU.

In Sweden Telenor immediately seized saving traffic data:
[http://press.telenor.se/pressreleases/telenor-upphoer-med-
la...](http://press.telenor.se/pressreleases/telenor-upphoer-med-lagring-av-
trafikuppgifter-efter-att-eu-domstolen-underkaenner-svensk-lag-1703229)

------
djhworld
Interestingly one of the MPs who brought this to the European courts was David
Davis, the cabinet minister who has the title 'Secretary of State for Exiting
the European Union'

~~~
jeremysmyth
He has since withdrawn from the case.

~~~
OJFord
Because he can't be seen to oppose it from cabinet.

I don't think his position makes it any more interesting though, this issue
has little to do with the EU - other than it being the location of the
appropriate court for as long as we remain in the Union.

------
OJFord
> _Under [the new Investigatory Powers Act], the state now also has access to
> every person’s internet use – every website visited or app used – which
> service providers must generate and store for 12 months._

"App used"? How? I understand that "website visited" is clearly 'public' even
if not recorded by ISPs for the state, but I don't understand how,
technically, "app used" is known - unless it means "web application visited",
which is of course exactly the same as "website visited".

I saw a very interesting hearing when the Bill was still at committee stage,
discussing concerns raised by small and community-run ISPs that although they
of course have every intention of complying with the law, it's so non-
technical and under-specified that it's not at all clear to them what they
need to actually do: precisely what to record, how to store it, what
guarantees they need to be able to make (e.g. are they liable if data is
corrupted? If they're hacked?) etc.

~~~
doc_holliday
I would imaging they are simplifying slightly, by using the term app. They
wouldn't know for completely offline apps.

They probably mean for instance the Gov would know when you use Instagram,
Facebook etc on your phone.

As the iOS or Android app will be sending requests to Instagram, Facebook etc
IP and the Gov will log this.

~~~
gutnor
Indeed, the simplification is probably for reader: so they don't think they
can avoid being monitored by simply using the facebook app rather than
facebook in a browser.

~~~
shubb
However, this is a law, and laws must be written to be read very litterally.

They could have made the law more general by talking about 'messages' or
'accesses a server'.

They said app used. That genuinely could compel Google or Apple to hand over
your usage metrics.

------
noja
If you would like to support Liberty, donate here: [https://www.liberty-human-
rights.org.uk/support-us/donate](https://www.liberty-human-
rights.org.uk/support-us/donate)

------
hacker_9
I can imagine Theresa May plotting to bring forward Brexit now, so she can get
her surveillance bills passed within her term.

------
CommanderData
Illegal according to EU law. Which the UK is trying so hard to break away
from.

~~~
rwmj
The Human Rights Act (1998) translates those rights into primary UK
legislation.

Now the problem is that the current government is desperate to get rid of the
HRA, because of a mixture of authoritarianism and ridiculous and often plain
false tabloid stories about criminals supposedly getting away with crimes
because of "human rights".

~~~
vidarh
Thankfully, the current cabinet has at least one minister - David Davis,
ironically in charge of Brexit, - that's been a firm defender of the HRA to
the extent of in the past staking his position on it.

Now, if he's booted from or leaves cabinet, we should be worried as in that
case it's a good sign May is about to take her authoritarianism one step
further.

~~~
toyg
David Davis is also one man with basically no power-base in the party. It's
not a coincidence that he was handed the hottest seat in cabinet this time
around, the one most likely to fail no matter what he does.

------
_pdp_
I am totally opposed to the idea of complete state surveillance but I would
like to share an alternative point of view. Perhaps DRIPA and IPA will push
technology forward so that encryption becomes widely adopted to the point
where it is no longer practical to collect and process data at mass. While the
state will still be able to target (not good but happens anyway) privacy will
simply shift in another realm through adoption of better hardware and software
encryption technologies, P2P networks, Bitcoin, etc. In such environment the
security industry will flourish.

~~~
gpderetta
Untill unlicensed encryption becomes illegal.

Seeking a technological solution to a political problem is not going to end
well.

~~~
_pdp_
History has shown that the only solution to political problems was technology.

~~~
toyg
I'm curious to learn what the technological solution was to the XVI century
religious wars across Europe.

~~~
wu-ikkyu
Not sure about a technological solution, but the technological cause of the
16th religious wars was arguably the printing press.

~~~
toyg
Yup, _the cause_. The solutions were _all_ political.

------
tomtompl
All I hear from British co-workers is "I don't have anything to hid", "it's
ok, I am not doing anything wrong".

:(

~~~
newscracker
Show them John Oliver's segment on government surveillance, privacy and dick
pics? [1]

[1]:
[https://www.youtube.com/watch?v=XEVlyP4_11M](https://www.youtube.com/watch?v=XEVlyP4_11M)

------
Proof
What I would like to know is: how does it help fellow EU states? I live in
Finland, would these new changes be carried over to stop UK from targeting
Finns or must EU courts pursue to restrain UK in similar fashion as its
citizens attempting now?

I guess for now EU members can still use VPNs and the like.

~~~
75398731
If banned they damage the economy. VPNs are required for many jobs and
systems.

------
heraclmene
So the emergency ruling has been classed as illegal, but the 'Investigatory
Powers' act has not.

~~~
noir_lord
They can only rule on the matter before them, Snoopers Charter isn't law yet
but will likely end up in front of the same court.

~~~
Silhouette
The new law received royal assent at the end of November and is now a done
deal, though it hasn't actually come into effect yet and there will inevitably
be legal challenges.

~~~
k-mcgrady
>> "it hasn't actually come into effect yet"

I believe some of it has already come into effect. According to s. 272[1]
several sections come into effect on the day the Act is passed and another few
after a period of two months.

[1]
[http://www.legislation.gov.uk/ukpga/2016/25/section/272/enac...](http://www.legislation.gov.uk/ukpga/2016/25/section/272/enacted)

~~~
Silhouette
Fair point, though IIRC those sections are the technicalities about
definitions and the like. The real substance isn't due to start doing anything
until some next year, as I understand it.

~~~
k-mcgrady
I just looked through it and you're right, it's mainly definitions and
technicalities. Nothing substantial.

------
tomelders
Looks like the government will have to get this through parliament again.

We've got a second chance to fight this. Give em both barrels everyone!

------
antoaravinth
What I'm curious about is why the people of UK don't challenge this more
themselves through revolts. It's a very serious issue. Couldn't people easily
mobilize through social media?

~~~
DanBC
No one cares. Why should they care? There's far worse stuff happening. For
example, the massive TV licence database; the massive police DNA database; the
huge numbers of poorly regulated CCTV.

------
nepotism2016
Alexa...tell GCHQ to sod off

~~~
akerro
Request rejected. Your voice, command, location and all digital history were
logged and sent to authorities. Please calm down and stay on place. Thank you
for cooperation Jim.

------
pentium10
Have they actually begun collecting it? Maybe this non-sense could be stopped
in its tracks.

~~~
ff10
They actually did collect the information in question before it became a law.

------
pinkrooftop
Oppressing UK citizenry hasn't really ever had great success

~~~
xorxornop
Correct, but in this case they haven't even figured out that they are being
oppressed yet. Or that terrorism isn't then reason such policy was
implemented,for that matter.

