Is the ‘Snooper’s Charter’ a balanced approach to national cyber security?

Since the opening of Parliament, there has been plenty of questions raised over the Communications Data Bill, also known as the ‘Snooper’s Charter’, which would require phone and internet companies to maintain records of people’s internet, email and mobile phone activity, for up to 12 months.

Home Secretary Theresa May originally hoped to introduce the bill in the 2012-13 legislative session, but facing opposition from Deputy Prime Minister Nick Clegg and the Liberal Democrats, the bill was withdrawn.

Now that the Conservatives have a majority in Parliament, the Home Secretary is re-introducing the bill, which Prime Minister Cameron has vowed to pass as part of a ‘more comprehensive approach‘ to combatting terrorism.

Exact details of the legislation to be submitted are not yet available, but the general contents may be surmised based on the draft that circulated in 2012. In addition to requiring Communication Service Providers to archive customer metadata for 12 months, the bill would also allow the government to use ‘black boxes’ to intercept any traffic not made available by CSPs. This technology, according to the Office of Security and Counter-Terrorism, is already ‘used as a matter of course.

The bill would also establish arrangements for law enforcement and security teams to examine and correlate data from different sources. For example, it would be possible to collect a suspect’s mobile phone data, landline phone data, Facebook data, and other types of communications so security teams could gain a more complete picture of the suspect’s activities and connections.

Why is this bill needed? According to Home Secretary May, between 25% and 40% of the time police made requests for communications data, their work ends up saving lives.

‘The aim of this is to ensure our law enforcement agencies can carry on having access to the data they find so necessary operationally in terms of investigation, catching criminals and saving lives,’ she told a special committee of MPs and peers in 2012.

This bill is one of several new security laws passed in Europe intending to give governments and their intelligence and security agencies greater access to data that can help them uncover and stop terrorist plots.

In the U.S., the legislative trend is heading the other way. The NSA is broadly seen as having overreached its charter in its mass collection of telephone metadata. Consequently, a bill reauthorising the NSA’s data collection failed to win support in Congress.

A weaker provision passed instead; the USA Patriot Act has now given way to the USA Freedom Act. But this new act is far from toothless. In fact, it calls for telecommunications companies to store records and make them accessible to government agencies in a manner similar to that prescribed for CSPs in the Snooper’s Charter.

Which suggests, perhaps, that the Snooper’s Charter is the path of moderation.

Security is always a compromise. For public safety, it’s a compromise between privacy and security, whereas in the enterprise it’s between security and productivity.

> See also: Two years after Snowden, the game is up for mass spying, says human rights group

Our nation faces an unprecedented challenge from an asymmetric enemy that is technically savvy and highly distributed. A balancing act between liberty and privacy is always going to be very hard to achieve for any government.

Any future terrorist strike will result in the usual outcry for why better intelligence did not get gathered, understood, or acted on, but until then, those arguing for less scrutiny and greater liberty will shout loudest.

So let the balancing act continue. Perhaps as important as the particulars of the legislation itself, is the democratic process that brings any sort of charter into effect and that monitors its results. Should abuses occur, they must be noted and corrected.

Should operational lapses occur, vigilance must be increased. Should new technologies become available, they should be considered and applied with prudence and insight.

Avatar photo

Ben Rossi

Ben was Vitesse Media's editorial director, leading content creation and editorial strategy across all Vitesse products, including its market-leading B2B and consumer magazines, websites, research and...