Snoopers' charter - changes are not enough

The government's controversial Internet surveillance bill has been dubbed the "snoopers' charter" by opposition peers' leader Lord Strathclyde as RIP (Regulation of Investigatory Powers) continues its rocky ride through the house of Lords.

The government -- taken by surprise by the huge level of controversy RIP has attracted -- moves this week to amend the bill rather than face defeat in the Lords. It follows criticism from the British Chamber of Commerce, the Institute of Directors and numerous political, industry and civil liberties voices.

Lord Strathclyde is clear that the Lords will not accept the "snoopers' charter" in its present form. "We want to make sure it protects the legitimate interests and freedom of individuals and that the balance between police, who have to do a legitimate job as well, is right," he says. "It is a bungled and shambolic bill which will work against the interests of British industry, and in particular the new industries which New Labour tells us they are so keen on."

The Lords are not the only ones unimpressed by the changes proposed by government. Richard Clayton, advisor to the Foundation for Information Policy Research -- which has led the fight against RIP -- believes a lot of the amendments -- particularly the controversial part III which deals with seizure of encryption keys -- are merely "window dressing". "A cynic would call it spin," he says. "The government has changed the way in which part III is presented but people can still demand keys. There is still government access to keys."

Clayton believes it is this fact which will ultimately put businesses off trading electronically in the UK. "If businesses know that the government can seize its keys, that is very damaging. Government can't even tell us the circumstance under which it would demand the keys," he says. He thinks this perception that the UK is anti-cryptography will drive firms aways.

In Ireland the government's e-commerce bill makes it clear that authorities cannot seize keys for matters connected with e-commerce. In Germany the government has presented itself as being pro-cryptography. "That is not the message we are currently sending out," says Clayton.

Among the changes the government has proposed for RIP is a removal of the clause which civil liberties experts describe as reversing the burden of proof. It will now fall to the prosecution to proof that individuals had access to keys. Previously it was down to the user to proof he/she didn't have the key. Clayton welcomes this but thinks it is too little, too late. "People that have forgotten their keys will now get a fair trial but it is a shame it wasn't done a year ago," he says. There are also concessions to business, which government is keen to court. Employees asked to hand over encryption keys will now be able to inform their bosses.

However the two most controversial parts of RIP -- the cost and just how much the information the authorities will be given access to -- are yet to be addressed. The government has promised concessions on who will bear the costs of installing snooping equipment but has not yet announced what these will be.

The government is also working on a new definition of communications data. Critics have argued that under the current definition of communication data the government has license to snoop on everything we do online, including monitoring the URLs people use and checking email logs. FIPR argues that this monitoring should be done only on the issue of a warrant. In the current bill, this information can be intercepted without a warrant from the Home Secretary

What do you think? Tell the Mailroom. And read what others have said.