Another Word For It Patrick Durusau on Topic Maps and Semantic Diversity

March 2, 2016

Justifying the Investigatory Powers Bill – Despite a Lack of Evidence

Filed under: Government,Security — Patrick Durusau @ 8:45 pm

In UK Parliment Reports on the Draft Investigatory Powers Bill, I pointed to a number of UK Parliament reports that leave little doubt about the excesses of the proposed Investigatory Powers Bill.

Undeterred by those objections, the UK government pressed ahead with reams of poor writing to distract citizens from the lack of justification for any of the proposed Investigatory Powers Bill.

Here are links to the latest effort at obfuscation:

Investigatory Powers Bill 2015-16 – The cancer on the body politic in question. (258 pages)

Overarching Documents:

Investigatory Powers Bill: government response to pre-legislative scrutiny (web) Ref: ISBN 9781474129541, Cm 9219, same document but for printing: Investigatory Powers Bill: government response to pre-legislative scrutiny (print) Ref: ISBN 9781474129534, Cm 9219 (102 pages)

Operational case for bulk powers (47 pages)

Operational case for the retention of internet connection records (31 pages)

Comparison of internet connection records in the Investigatory Powers Bill with Danish internet session logging legislation (8 pages)

Delegated powers and regulatory reform committee: memorandum by the Home Office (31 pages)

Investigatory Powers Bill: codes of practice

National security notices: draft code of practice (19 pages)

Interception of communications: draft code of practice (101 pages)

Security and intelligence agencies’ retention and use of bulk personal datasets: draft code of practice (38 pages)

Equipment interference: draft code of practice (83 pages)

Communications data: draft code of practice (118 pages)

Bulk acquisition: draft code of practice (50 pages)

A grand total of 886 pages, none of are relevant without a justification for the powers sought.

I used to think the British educational system was the best in the world, bar none, but this batch of documents may force me to rethink that assessment.

For example:

The Operational case for bulk powers reports on the need for cyber security (page 16):


4.14. The cyber security of the UK is of growing importance to our national security, economy and society. The levels of cyber-attacks by criminals and hostile states have grown considerably; the number of nationally-significant cyber incidents dealt with by the security and intelligence agencies, for example, doubled between 2014 and 2015. Terrorists are increasingly seeking cyber capabilities in order to threaten the critical national infrastructure of the UK. The scale of the challenge is daunting: one recent cybercrime attack alone infected around 150,000 users in the UK.

4.15. The scale of the internet limits the utility of targeted powers and make bulk capabilities critical to the UK’s efforts to detect and defend against such attacks. 95% of the cyber-attacks on the UK detected by the security and intelligence agencies over the last six months were only discovered through the collection and analysis of bulk data. These have included numerous attacks against government networks and every major UK commercial sector. The security and intelligence agencies routinely share this unique intelligence with their partners in UK industry, enabling them to protect their businesses and customers from cyber-attacks.

I was quite amazed to learn users can be infected by cyber attacks:

The scale of the challenge is daunting: one recent cybercrime attack alone infected around 150,000 users in the UK.

It’s a good thing the UK still has the National Health Service. 😉

I could have sworn that computer systems and not people were infected by cybercrime. But that’s unlikely to be what the authors meant. Making it sound like people were being injured creates a sense of urgency.

Along the same lines, consider that 95% of cyber-attacks go unnoticed, save for bulk data collection:

95% of the cyber-attacks on the UK detected by the security and intelligence agencies over the last six months were only discovered through the collection and analysis of bulk data.

If 95% of cyber-attacks are so trivial and non-threatening that victims are unaware of the attacks, where is the sense of urgency?

I concede that charged with making a case out of non-existing evidence is a challenge to any writer. I offer this collection of documents as proof for that proposition.

Best wishes to everyone in the UK who is trying to stop this slide into madness.

No Comments

No comments yet.

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.

Powered by WordPress