A leading rights group is "concerned" about UK plans to compel internet providers and phone companies to install black box-type equipment on their networks to conduct surveillance.
A draft of the proposed new surveillance powers was obtained and published by the non-profit Open Rights Group earlier this month after only a select group of government-approved internet providers -- including O2, BT, BSkyB, and Vodafone -- were provided the proposed changes as part of the government's "targeted consultation" into its controversial new spy powers, the Investigatory Powers Act, which was signed into law last year.
The consultation wasn't made available on the government's website, or to wider partners in the tech industry, which would be directly affected if the new provisions were passed into law.
Since the new law (dubbed the "snoopers' charter") was first floated five years ago, UK lawmakers had planned to install "black box"-style surveillance devices across the country's telecoms infrastructure to monitor online activity, allowing authorities to log the records of every website a resident accesses -- but the measure fell short of becoming law.
Among the new proposals, the government wants internet providers and phone companies to "install and maintain any apparatus [provided by the government] for the purpose of enabling the operator to obtain or disclose communications data," another word for metadata, which includes the times and dates of calls and websites visited, but not the contents.
Under the decade-old Regulation of Investigatory Powers Act (RIPA), telecom companies were allowed to install their own interception equipment when the authorities ask for customer data with a warrant or a court order. One leading lawyer recently argued that "the same is true" of RIPA's successor, the Investigatory Powers Act, which details the "obligations relating to apparatus owned or operated by a relevant operator."
Read also: Fresh wave of mutating Qakbot malware brings down enterprise networks | Bogus movie subtitles could let hackers take over your device, warn security researchers | After the ransomware attack: Hospitals are still recovering from the WannaCry infection | Eugene Kaspersky shrugs his shoulders at use of Windows XP
But the introduction of government-provided black boxes in the proposed provisions are a "substantial departure" from both sets of laws, despite the government's long-maintained stance that the Investigatory Powers Act is "not about bringing in new powers," but instead codifies existing provisions under its decade-old predecessor.
The provisions outlining a telecom operator's obligations were "not understood as an obligation to install black box equipment," said the Open Rights Group in a detailed response to the government's consultation, which ended Friday.
The group added that the proposed provision "is similar to the Russian [state-run interception] system" that gives the authorities "direct access to private telecoms' systems."
It added that "these brand new black boxes will become central to the new surveillance regime" in the UK if the proposed provisions are passed.
"We believe that this requires a lot more explanation and extra safeguards, as there will be little a telecoms provider can do -- or know -- in case of abuse," said the group.
The group's response comes as new research suggests as many as three-quarters of all Brits are "completely unaware" of the UK's new surveillance powers -- or which UK government department can use them.
In total, 48 government agencies can access the call records of millions of Brits under the new powers, including the security services, the tax office Revenue & Customs, the Dept. for Work and Pensions, and the Food Standards Agency.
"The public and parliamentary debate about the Investigatory Powers Act was overshadowed by Brexit so it is perhaps unsurprising that many people are not aware of the Government's extreme surveillance powers," said Jim Killock, the group's executive director.