A leaked draft of proposed regulations shows that the UK government is after greater communication surveillance powers, and that in order to get them, it will legally require UK communications companies to provide the technical capabilities.
The regulations would compel UK postal, phone and ISP companies to provide real-time access to targeted customers’ communications, and this includes providing backdoors into encrypted ones (if the encryption capability is provided by the operator).
“[The telecom operators would be obligated] To provide and maintain the capability to disclose, where practicable, the content of communications or secondary data in an intelligible form and to remove electronic protection applied by or on behalf of the telecommunications operator to the communications or data, or to permit the person to whom the warrant is addressed to remove such electronic protection,” the draft says.
Also, “To provide and maintain the capability to simultaneously intercept, or obtain secondary data from, communications relating to up to 1 in 10,000 of the persons to whom the telecommunications operator provides the telecommunications service to which the communications relate.”
The real-time surveillance capabilities would, under this legislation, have to be made available by the operators within one working day from the release of the warrant (authorized by the Secretary of State, and a judge appointed by the prime minister).
The draft of the regulations has been already approved by the UK Technical Advisory Board, which includes representatives of six of the biggest telecom companies (O2, BT, BSkyB, Cable and Wireless, Vodafone, Virgin Media), as well as representatives of UK government agencies that would take advantage of these surveillance powers.
“This is a ‘targeted consultation’ – and has not been publicised to the tech industry or public. The Secretary of State is in fact not under any obligation to consult the public,” noted the Open Rights Group, a UK privacy and free speech rights organization that leaked the document.
Consultation for the draft concludes on May 19, and the members of the public that wish their voice to be heard on it are directed to send their opinions to firstname.lastname@example.org.
The final version of the regulations will be laid before Parliament for approval.
Source: Help Net Security – News @ May 5, 2017 at 03:48AM