The draft bill will allow the police and security services — including intelligence agency GCHQ — to collect data for the purposes of preventing crime and terrorism. The bill promises judicial oversight and transparency following the public outcry that followed ex-CIA worker Edward Snowden's revelations that the US National Security Agency and Britain's GCHQ had tapped communications data for years in secret.
However, critics believe the mass collection of data — even under the new proposed law — will still be a breach of human rights, following a ruling by the European Court of Justice that the existing EU Directive on data retention was invalid because it was so sweeping in its interference with individual privacy rights.
Now lawmakers on the Science and Technology Committee have warned that UK businesses must not be placed at a relative commercial disadvantage to overseas competitors by the proposed measures and the costs of implementing the additional data storing measures in the draft Bill should be fully met by the government.
Nicola Blackwood MP, Chair of the Science & Technology Committee said:
"It is vital we get the balance right between protecting our security and the health of our economy. We need our security services to be able to do their job and prevent terrorism, but as legislators we need to be careful not to inadvertently disadvantage the UK's rapidly growing Tech sector."
Poorly Defined Law
"The current lack of clarity within the draft Investigatory Powers Bill is causing concern amongst businesses. There are widespread doubts over the definition, not to mention the definability, of a number of the terms used in the draft Bill. The government must urgently review the legislation so that the obligations on the industry are clear and proportionate," Blackwood said.
The lawmakers are concerned that a number of terms are poorly defined in the Bill, giving rise to uncertainties over the likely scope and costs associated with implementing the proposed measures. The government claims that the only substantially new requirements provided for in the draft Bill relate to the retention of so-called 'internet connection records' (ICRs).
However, the nature of ICRs and the true extent of the Bill's "removal of electronic protection" and "equipment interference" powers are the subject of uncertainty and concern from business due to lack of clarity in the draft Bill.
Blackwood said: "So called 'equipment interference' may occasionally be necessary for law enforcement agencies to do their job effectively, but the Tech industry has legitimate concerns about the reaction of their customers to the possibility that electronic devices could be hacked by the security services."