Communications data – a mean, lean regulatory regime?

A Joint Parliamentary Committee examining the draft Communications Data Bill has criticised the proposal as legislation overkill and would trample on the privacy of UK citizens, in a report published today

The Bill aims to update current laws by giving the police and security services access to communications data for the purposes of tackling serious crime and terrorism. The Bill would extend the existing legal framework beyond telephone, mobile and Internet communications data to include new technologies such as social media websites, for example Twitter, and voice-over IP services such as Skype.

But the Committee Report urges government to amend the proposals so that fewer public authorities would have access to communications data and that the Bill should include new definitions of communications data, which are narrower in scope, and draw a clearer line between data and content.

When I originally blogged on the Communications Data Bill back in June 2012, I pointed out that many of the practical and academic issues being discussed were similar to those we (industry representatives) raised during the passage of the Regulation of Investigatory Powers Act 2000, or RIPA.

Two things concerned me then as now:

  • (1) no-one outside the UK Home Office and security services seems to trust government on safeguarding our privacy. Like RIPA, the Communications Data Bill seems to be a further intrusion into our own private lives and a threat to the degree of 'anonymity' we generally enjoy when browsing online, and
  • (2) the cost of any regime has to be met by customers (of those organisations retaining communications data) or the taxpayer. Can we guarantee that a new communications data regime is mean and lean?

It is absolutely right that government has the necessary legal tools to investigate serious crime and terrorism, but I do question whether some elements of the civil service have the necessary knowledge and skills in how technology works to set out these complicated legally-binding legislative proposals. We saw a similar problem in the cookies directive with legal drafters who knew not how  a website works and it appears the Committee members thought the same of the draft communication bill proposal! Online technology is dynamic, not an exact science, and international... and the law will always play catch-up. IT now has an enormous impact upon everything we do and perhaps we now need to look at other ways of addressing the difficult challenges we face rather than legislating for them.

The traditional concept of government 'control' is also changing with more power resting in the individual online user. But governments need not panic as many laws are already in place to deal with the many challenges we are now facing from the Internet Age and an electronic economy - we just need to enforce them correctly. But, as Lord Blencathra, Chair of the Joint Committee has said:

“There needs to be some substantial re-writing of the Bill before it is brought before Parliament as we feel that there is a case for legislation, but only if it strikes a better balance between the needs of law enforcement and other agencies and the right to privacy. There is a fine but crucial line between allowing our law enforcement and security agencies access to the information they need to protect the country and allowing our citizens to go about their daily business without a fear, however unjustified, that the state is monitoring their every move.”