MPs call for further 'refinement' of Government's bill on snooping


Key parts of the Government's new snooping bill are unclear and confusing, MPs have claimed.

A number of terms in the draft legislation are poorly defined - leading to uncertainties among firms over the likely scope and costs of implementing the proposed measures, according to the Commons Science and Technology Committee.

It said the Investigatory Powers Bill risks undermining Britain's technology sector and should be urgently reviewed.

The committee also raised concerns about powers to allow spies to hack into suspects' smartphones.

Conservative MP Nicola Blackwood, chairwoman of the committee, said: "We need our security services to be able to do their job and prevent terrorism, but as legislators we need to be careful not to inadvertently disadvantage the UK's rapidly growing tech sector.

"The current lack of clarity within the draft Investigatory Powers Bill is causing concern amongst businesses. There are widespread doubts over the definition, not to mention the definability, of a number of the terms used in the draft Bill."

She added: "There are good grounds to believe that without further refinement, there could be many unintended consequences for commerce arising from the current lack of clarity of the terms and scope of the legislation."

In seeking to "future-proof" the proposed legislation, the government has produced definitions of internet connection records (ICRs) and other terms which "have led to significant confusion on the part of communications service providers and others", the committee said.

A duty to store ICRs, which detail services a device connects to but not users' full browsing history or the content of a communication, for up to a year is a major new measure in the bill.

Ms Blackwood said the current draft contains "very broad and ambiguous" definitions of ICRs.

Other terms such as "telecommunications service", "technical feasibility" and "communications content" also need to be clarified, the committee said.

The Home Office estimates that the cost of retaining ICRs will amount to £174 million over 10 years and says providers' "reasonable costs" will be reimbursed.

Larger firms may be able to take "some assurance" from this commitment, the committee said, but smaller companies may not be certain if they will be served a notice to collect the records.

"The Government should reconsider its reluctance for including in the Bill an explicit commitment that Government will pay the full costs incurred by compliance," it added.

It also cited concerns from sections of the communications industry about equipment interference - which can range from remotely accessing a computer to downloading the contents of a mobile phone.

Ms Blackwood said the technique may "occasionally be necessary", but added: "The tech industry has legitimate concerns about the reaction of their customers to the possibility that electronic devices could be hacked by the security services."

The Home Office acknowledged it is important that companies do not suffer a commercial disadvantage and stressed there are no are no plans to change a long-standing position of reimbursing 100% of costs associated with data retention.

On definitions, the department said the bill needs to apply across a range of technologies in a "highly complex and fast-moving area", while there will be "strong safeguards" on equipment interference.

Security Minister John Hayes said the Government will consider the report. 

"We are mindful of the need for legislation to provide law enforcement and the security and intelligence agencies with the powers they need to deal with the serious threats to our country in the modern age, subject to strict safeguards and world-leading oversight arrangements."

The Government's final proposals will be set out in the spring.