Facebook Twitter Google+ Shout YouTube SoundCloud RSS

UK: Encryption Under Further Attack With ‘Technical Capability Notices’

21st Century Wire says…

A lot of people saw this coming. In the aftermath of the Westminster attack and then Amber Rudd‘s comments about WhatsApp, it was only a matter of time before another encroachment on encryption and privacy would occur.

What could be presently done illegally, is now being pushed to be made ‘legal’ through this extension within the Investigatory Powers Act. So if real time interception i.e. live monitoring can happen within a 24 hour period, then this ‘dripping data’ bulk collection of the telecom providers will now become useful.

In a previous analysis and report we discussed former MI5 officer Annie Machon’s argument that security services are ‘drowning in data’ and this is preventing them from doing their work. We argued that in fact, where are the security services or Home Office complaining about this? Naturally so, they’re continuing to adopt what the Government are pushing for, towards them. Are the security services biting off more than they can chew with bulk data collection? It’s becoming increasingly evident that they embracing such new powers being drawn up alongside their work.

If agencies will be given the power to live monitor up to 6,500 individuals across the United Kingdom at any given moment, then this clearly debunks previous reports that security services couldn’t possibly monitor or keep track of between e.g. 7-10,000 ‘dangerous’ and returned Islamic terrorists in Great Britain.

If smartphone technology, specifically its hardware and/or software is designed with backdoors in mind for police and security services, or companies are selling their customers down the river by allowing these breaches in privacy, then Julian Assange said it right that end to end encryption of data is pointless when a device is compromised from the get go.

We’ve mentioned before that we’re talking about people, namely US and UK spy agencies who’ve stolen encryption keys from the leading sim card maker, Gemalto.

One could ask, ‘is there actually anything private left…

More on this report from The Register…

Register
(Image courtesy of The Register)

Kieren McCarthy
The Register

The UK government has secretly drawn up more details of its new bulk surveillance powers – awarding itself the ability to monitor Brits’ live communications, and insert encryption backdoors by the backdoor.

In its draft technical capability notices paper [PDF], all communications companies – including phone networks and ISPs – will be obliged to provide real-time access to the full content of any named individual within one working day, as well as any “secondary data” relating to that person.

That includes encrypted content – which means that UK organizations will not be allowed to introduce true end-to-end encryption of their users’ data but will be legally required to introduce a backdoor to their systems so the authorities can read any and all communications.

In addition, comms providers will be required to make bulk surveillance possible by introducing systems that can provide real-time interception of 1 in 10,000 of its customers. Or in other words, the UK government will be able to simultaneously spy on 6,500 folks in ‘Blighty’ (United Kingdom) at any given moment.

According to the draft, telcos and other comms platforms must “provide and maintain the capability to disclose, where practicable, the content of communications or secondary data in an intelligible form and to remove electronic protection applied by or on behalf of the telecommunications operator to the communications or data.”

The live surveillance of individuals will require authorization from secretaries of state, overseen by a judge appointed by the prime minister. And there are a few safeguards built into the system following strong opposition to earlier drafts of the Investigatory Powers Act.

CLOSED DOORS

What will concern many, however, is how the draft paper and its contents are being handled.

The technical capability notices paper has only been provided to a select few companies – mostly ISPs and telcos – on a short four-week consultation, but a copy of the draft found its way to the Open Rights Group, which popped it online today.

According to the document, it has already passed through the UK’s Technical Advisory Board, which comprises six telco representatives – currently O2, BT, BSkyB, Cable and Wireless, Vodafone and Virgin Media – plus six people from the government’s intercepting agencies, and a board chairman.

That means that the contents have already been largely agreed to by most of the organizations that have been included in the closed consultation.

It is unclear whether the Home Office intends to make it available for public comment after that time or whether it will seek to push it through the legislature before anyone outside the consultation group has an opportunity to review it.

The rules will have to be formally approved by both houses of Parliament before becoming law.

YOU AIN’T SEEN ME, RIGHT?

The process and the approach seem to be purposefully obscure. The rules come under Section 267(3)(i) of the Investigatory Powers Act – a one paragraph section that refers back to Section 253, which covers “Technical capability notices.”

There is no mention of the technical capability notices paper existing either on the Home Office website or on the Gov.uk consultation website. And the only reason we know about it is presumably because someone at one of the few companies that have been sent the draft rules decided to tell Open Rights Group about it.

But what the nine-page document does is provide the government with the legal authority to monitor anyone in the UK in real time, as well as effectively make strong and unbreakable encryption illegal.

This act of stripping away safeguards on people’s private data is also fantastic news for hackers, criminals, and anyone else who wants to snoop on Brits. The seals are finally coming off.

This lays bare the extreme mass surveillance this Conservative government is planning after the election,” Liberal Democrat President Sal Brinton told us in a statement.

It is a full frontal assault on civil liberties and people’s privacy. The security services need to be able to keep people safe. But these disproportionate powers are straight out of an Orwellian nightmare and have no place in a democratic society…

Continue this report at The Register

READ MORE SURVEILLANCE NEWS AT: 21st Century Wire SURVEILLANCE Files

SUPPORT OUR WORK BY SUBSCRIBING & BECOMING A MEMBER @21WIRE.TV