Lawyers and web experts attack UK’s fast-tracking of surveillance legislation

The World Wide Web Foundation and the U.K. Law Society have both strongly criticized the British government for attempting to fast-track the new Data Retention and Investigation Powers (DRIP) Act, which is meant to keep existing surveillance powers going but which will actually expand them greatly.
According to the World Wide Web Foundation, which is headed up by web inventor Tim Berners-Lee, the British government’s assertion that the bill needs to be rushed through as emergency legislation “seems at best incompetent, and at worst manipulative,” as the law could easily have been debated over recent months. The Law Society, which represents British lawyers, warned that history shows emergency laws tend to be “used for purposes for which they were not intended.”

DRIP drama

The DRIP Bill is ostensibly a reaction to a ruling by Europe’s top court back in April, which struck down the EU Data Retention Directive for having insufficient privacy safeguards. That directive underpinned U.K. regulations that forced telcos and other communications service providers to retain customer call and email metadata so law enforcement can look through it, and the DRIP Bill makes sure those elements of the regulation can continue, with some new safeguards.
However, sections 4 and 5 of the bill also hugely expand the scope of the U.K. authorities’ surveillance powers, despite government insistence that this is not the case. Section 4 would allow authorities to demand customer data from overseas providers, and section 5 would sweep new kinds of communications data into the fold, potentially including that for social networks, forums and instant messengers. In addition, the government would be able to expand its powers further by regulation, instead of having to draw up new legislation.
The World Wide Web Foundation and the Law Society both commented on the speed with which this new legislation will be passed – probably within a week – rather than the new powers it would give the government. But that’s rather the point: I and others noted the expanded powers through very hasty reading on Thursday, and parliamentarians and civil society should have time to properly analyze the legislation and its effects, even if the act has a sunset clause for the end of 2016.

“History of emergency legislation not exemplary”

Noting that the Court of Justice of the European Union’s judgement came 3 months ago, the Foundation said it fundamentally disagreed with the “lack of consultation and the speed with which the Bill will be rushed through”:

“Full and frank public debate that informs the legislative process should have occurred by now – after all, these issues have been making headlines for over a year and the relevant ECJ judgment was delivered in April. Suggesting that this Bill comes in response to a genuine emergency seems at best incompetent, and at worst, manipulative.”

The Law Society, meanwhile, said any new law that “affects the privacy and freedoms of the individual should, whenever possible, be subject to full parliamentary scrutiny.” According to Society president Andrew Caplen:

“We are concerned that introducing emergency legislation does nothing to enhance the rule of law or address the fact that we are increasingly becoming a ‘surveillance society’. The history of emergency legislation is not exemplary, with laws being used for purposes for which they were not intended. Today’s news is particularly worrying, given the emergency legislation will go against a court judgment on human rights. There needs to be a public debate about how to strike the right balance between security, freedom and privacy. We need to simplify and clarify a complex and confusing legal framework and ensure that it protects human rights.”

A Financial Times editorial also weighed in with a similar opinion, as have campaigners including the Open Rights Group, No2ID, the Pirate Party U.K. and privacy expert Simon Davies.