UK data boss slams snoopers' charter law; 'secret' £1.8bn budget

The draft U.K. Communications Data Bill, dubbed the "snoopers' charter," has faced widespread criticism for its widespread surveillance powers. Now the U.K.'s data protection chief has weighed in.
Written by Zack Whittaker, Contributor

The U.K.'s data and privacy chief has warned that the draft bill, dubbed the "snoopers' charter," could end up helping police and government agencies catch "incompetent criminals and accidental anarchists," rather than the intended serious offenders the bill is intended to help catch. 

Also under scrutiny is exactly what the £1.8 billion ($2.9bn) budget set aside for implementing the bill, provided by the British taxpayer, will be spent on, something the U.K. Home Office is keen to keep under wraps. 

Introduced formally during the Queen's Speech earlier this year, the Draft Communication Data Bill will force ISPs and Web providers to collect data associated with browsing, email, and landline and mobile phone calls, allowing U.K. law enforcement to determine the communication patterns between citizens. 

Details pertaining to Web addresses visited, emails sent and received and to whom, along with the details of phone calls placed will be logged to help authorities build up a picture of a person's connections. While social network activity will be logged to an extent, only the domain names will be logged rather than each sub-domain or user's social networking page. 

The move is to help law enforcement crack down on terrorism and national security threats, along with serious crime such as fraud and premeditated violent crime.

Serious criminals 'home free'

But the U.K. Information Commissioner, Sir Christopher Graham, warned that the determined and most serious criminals could evade capture by simply modifying their online behavior, reports the BBC News.

Graham told a committee made up of a cross-bench of members of Parliament (MPs) that only the six largest companies -- which control around 94 percent of the market -- may be affected by the bill.

He also warned that serious criminals, including terrorists, could start using smaller ISPs which allow encryption-based technologies in order to avoid detection by authorities.

As the country's data and privacy chief, he also warned that the balance between civil liberties and freedom must be balanced. He noted the law, if approved, should be kept under close, ongoing review.

However, European officials have already warned of "clashes" with European law. During the introduction of the bill, the Queen's speech read that "strict safeguards" would be put in place and the bill would be "subject to scrutiny" by Parliament, seemingly noting Europe's concern and averting a diplomatic clash.

'Secret' budget at the taxpayers' expense

While the £1.8 billion price tag for the scheme is no secret, exactly what the taxpayers' money will be used for remains unclear.

Freedom of information activist Zoe O'Connell submitted a request to the Home Office, the government department responsible for the "snoopers' charter" bill. Despite confirming it had the information, the department refused to divulge exactly what the budget would be spent on "national security" grounds (PDF). 

The Home Office wrote back claiming the release of the details of the £1.8bn budget would be "likely to prejudice... the prevention or detection of crime," adding:

Information withheld includes details of how the Communications Capability Development programme intends to maintain access to communications data for the purposes of preventing and detecting crime and safeguarding national security. The information relating to UK capabilities is considered to pose an unacceptable risk to the ability of the UK to safeguard national security; the disclosure of this could be used to avoid detection.

The £1.8bn figure is the "highest cost" scenario over the next ten years -- between 2010-11 and 2020-21 -- and was approved by HM Treasury in June 2011, a month after the Queen's speech, the letter noted.

The reply added:

The business case described what needs to be done to maintain capability to access communications data before and after the introduction of new legislation.

The cost estimates in the 2010/11 business case are based on assumptions about the roles of certain technologies, law enforcement and agency capabilities and the telecommunications market. The main assumptions were informed by independent research and surveys, and best practice across the telecommunications industry.

The Home Office said that one of the main reasons was that the U.K.'s data bill continues to rise year-on-year as citizens continue to consume more data; the total volume will increase ten-fold during the decade. Also, because data must be held by communication service providers (CSPs) for 12 months, this also adds costs despite the "per unit data storage costs continue to decrease by 25 percent per annum."

Crucially, the 'snooping' technology would have to be "upgraded or renewed as appropriate on a five year cycle" in line with upgrades made by the telecoms industry. 

All in all, exactly what the £1.8bn budget will be spent on remains unclear. However, a revised estimate will be given "before the Communications Data Bill is introduced formally in [Parliament]." That said, "Parliament will then have the opportunity to consider again the latest costs and benefits of the programme enabled by the Bill," the letter reads.

The U.K. Parliament will still have to pass the bill before it becomes law, which could happen in the coming calendar year. The European Commission would also have to pass the bill in Brussels, but would likely only veto the bill if the law omits adequate safeguards by U.K. authorities. 

Editorial standards