The United Kingdom unveiled some hardline cyber-snooping legislation last week which will make it mandatory for Internet companies to store users’ web history for at least one year. The bill is aimed at boosting the country’s anti-terrorism capabilities.
Security services and law enforcement will receive new surveillance powers. And, under the provisions of the Investigatory Powers Bill draft that was announced by UK home secretary Theresa May earlier this spring, these new powers will allow officials to access and search users’ personal Internet history.
May told the House of Commons that, “The task of law enforcement and security and intelligence agencies has become vastly more demanding in this digital age. It is right that those protecting us have the powers they need to do so but it is the role of government and Parliament to ensure there are limits to those powers.”
The bill proposes to require communications firms, such as broadband companies, to hold and store basic details of the services that individuals have accessed online. The proposed stored details include schedules of websites that people visit and the identity and frequency people visit apps accessed through tablets and smartphones.
What the government has not said is how expensive it will be to implement this law. Consumers’ broadband bills will go up exponentially – thereby essentially paying for the government to spy on them.
In fact, experts from various Internet services providers (ISP) told government officials that the implementation cost to make ISPs store communications data for up to one year is likely to be much more than the government’s budgeted $266 million.
The chief executive of ISP Gigaclear, Matthew Hare, and the chair of the Internet Service Providers’ Association (ISPA), James Blessing, also warned the Commons’ science and technology committee of the technical hurdles and challenges the government would have to overcome to implement the bill.
Hare stated that, “On a typical 1 gigabit connection we see over 15TB of data per year passing over that connection … If you say that a proportion of that is going to be the communications data, it’s going to be the most massive amount of data that you’d be expected to keep in the future. The indiscriminate collection of mass data is going to have a massive cost.”
When asked about the feasibility of the collection regime, Blessing responded that ISPs would “find it very feasible – with an infinite budget.”
He further added that, “The bill appears to be limiting the amount of funds available to a figure that we don’t recognize would be suitable for the entire industry to do it. The ongoing costs of looking after the data … will have to come out of price-rises.”
In addition to the costs that consumers will have to cough up, Shaw also warned that, “for UK-based companies that serve non-UK customers, there’s some evidence, from what is happening to Microsoft right now in the US, that that can really undermine the trust of non-UK customers” in the ability of the UK companies to work without the government’s interference.”
Hare echoed those sentiments, “If I was a software business, I would be very worried my customers would not buy my software, because [they] would be worried that there was a backdoor built into this software that would allow the UK to look into my software.”