Fifteen reasons the Communications Data Bill is the wrong approach

i paperThe Home Office still appears to be pressing ahead with it’s plans to monitor the internet and many of our supporters have asked for an update of what is happening. Simply, we do not know. The process remains as it began – closed, without public consultation and driven by desire to implement the same pre-determined solution we have seen for nearly a decade. So, as we are unable to say what is happening, we can summarise the wide range of arguments – many of which were not considered by the Joint Committee on the draft Bill – why the Bill is the wrong approach at the wrong time.

  1. The policy is based on the argument that less data is available now. This is plainly untrue. Far, far more data is available now, however it is unclear if the police are able to make best use of this new data.
  2. It tries to force the internet into the framework of landline telephones.
  3. The cost of the plan – £2bn – will be taken from front line policing budgets to pay for another massive Whitehall IT project, instead of funding more specialist officers and better training.
  4. It has been formulated without public consultation, while one company – Detica – is apparently both providing advice on what is feasible, while also selling the consultancy and hardware required to implement the law.
  5. Encrypted communications will not be captured, at a time when businesses are moving to more encryption. The policy risks driving the uptake of secure communications, reducing even further the amount of data available.
  6. The policy involves paying private companies to create and store data about how their customers use the internet, when they have no reason to do so other than the state demanding it.
  7. It also allows for service providers to be ordered by the Government to collect data about third party services, including foreign companies.
  8. Less democratic regimes will be at liberty to monitor the emails and internet use of every citizen under the guise of ‘we are doing what Britain is doing’. This destroys decades of foreign policy work on maintaining a free and open internet.
  9. It puts Britain at a major competitive disadvantage internationally – small companies will not want to start here in fear of growing large and being slapped with an Order from the Home Office, while those served will be hamstrung by the technical specifications imposed on them by Whitehall and the need to divert resources to comply with the requirements
  10. It will do nothing to improve the ability of law enforcement agencies to access data held by foreign companies, who co-operate voluntarily.
  11. Equally, it does nothing to speed up the legal process for international requests for data
  12. It retains a model of the police self-authorising access to data, without independent or judicial oversight
  13. As soon as the data is collected, the list of people with access will grow. From the Health and Safety Executive to divorce lawyer, as with every previous law of this type the number of people who have access will only grow.
  14. It risks introducing security vulnerabilities into communications networks that form a core part of our critical national infrastructure.
  15. There is a risk of legislating too soon to fix a perceived problem that turns out to be the wrong approach, without considering a wider range of approaches. (Remember how the Digital Economy Act turned out?) The Home Office decided on this approach a decade ago and have barely revised their approach since the 2009 consultation that ruled out a central database.

In summary, this is an out-dated, poorly formulated policy and risks doing more harm than good. No wonder then that the Home Office don’t seem keen to talk about it or undertake any kind of public consultation.