The UK home secretary, Theresa May, confirmed today that the UK government will seek to force all ISPs to retain a record of your Web browsing history for the previous year, even though the existence of tools like Tor and VPNs can make such data useless. This “Internet Connection Record” will be “a record of the internet services a specific device has connected to, such as a website or instant messaging application,” and does not include details of individual Web pages visited.
Moreover, the police will only be able to request details about accessing certain classes of website. As May explained in her statement to the House of Commons when she introduced the draft Investigatory Powers Bill: “They would only be able to make a request for the purpose of determining whether someone had accessed a communications website, an illegal website or to resolve an IP address where it is necessary and proportionate to do so in the course of a specific investigation.” She went on to explain: “If someone has visited a social media website, an Internet Connection Record will only show that they accessed that site, not the particular pages they looked at, who they communicated with, or what they said.”
On the vexed issue of encryption, May said categorically that the new Bill “does not ban encryption or do anything to undermine security of people’s data.” However, as regards requests for access to encrypted communications, she said the government expected Internet companies “to take reasonable steps to respond to that warrant in an unencrypted form,” without explaining further how they might do that, or what would happen if they failed to do so. She also confirmed that the Bill would not require UK telcos to capture and store Internet traffic originating from US companies—another controversial idea that was rumoured to be under consideration.
Read 12 remaining paragraphs | Comments