UK government plans to let more agencies access internet connection records with Investigatory Powers Act expansion

The Investigatory Powers Act was passed in 2016 and mandated that internet service providers and mobile data providers in the UK store internet connection records for twelve months. Internet connection records include the metadata that are tied to all internet connections – examples include the internet activity timestamps, internet history, IP addresses used, etc. Dubbed the “Snooper’s Charter,” the Investigatory Powers Act is a great example of supposedly first world countries looking with envy on the civil liberties violating internet control in authoritarian countries like China. While the Investigatory Powers Act has actually been ruled against by UK court, the government is now seeking to expand access to their internet surveillance trove.

New entities to be allowed to access internet connection records originally intended only for anti-terrorism use

The British Government is seeking approval to add five more governmental entities to the long list of non police organizations that can access your internet activity with just a rubber stamp. These five new organizations are:

• The Civil Nuclear Constabulary
• The Environment Agency
• The Insolvency Service
• UK National Authority for Counter Eavesdropping (UKNACE)
• The Pensions Regulator

It’s worth recalling that there are already plenty of organizations that have been allowed to utilize the mass amounts of internet activity scooped up by the Investigatory Powers Act. According to the IB Times, the existing organizations that have access to your internet connection records include:

• Metropolitan police force
• City of London police force
• Police forces maintained under section 2 of the Police Act 1996
• Police Service of Scotland
• Police Service of Northern Ireland
• British Transport Police
• Ministry of Defence Police
• Royal Navy Police
• Royal Military Police
• Royal Air Force Police
• Security Service
• Secret Intelligence Service
• GCHQ
• Ministry of Defence
• Department of Health
• Home Office
• Ministry of Justice
• National Crime Agency
• HM Revenue & Customs
• Department for Transport
• Department for Work and Pensions
• NHS trusts and foundation trusts in England that provide ambulance services
• Common Services Agency for the Scottish Health Service
• Competition and Markets Authority
• Criminal Cases Review Commission
• Department for Communities in Northern Ireland
• Department for the Economy in Northern Ireland
• Department of Justice in Northern Ireland
• Financial Conduct Authority
• Fire and rescue authorities under the Fire and Rescue Services Act 2004
• Food Standards Agency
• Food Standards Scotland
• Gambling Commission
• Gangmasters and Labour Abuse Authority
• Health and Safety Executive
• Independent Police Complaints Commissioner
• Information Commissioner
• NHS Business Services Authority
• Northern Ireland Ambulance Service Health and Social Care Trust
• Northern Ireland Fire and Rescue Service Board
• Northern Ireland Health and Social Care Regional Business Services Organisation
• Office of Communications
• Office of the Police Ombudsman for Northern Ireland
• Police Investigations and Review Commissioner
• Scottish Ambulance Service Board
• Scottish Criminal Cases Review Commission
• Serious Fraud Office
• Welsh Ambulance Services National Health Service Trust

Why is the UK expanding the Investigatory Powers Act?

According to the memorandum sent out as justification for the expansion of the list of entities that have access to the surveillance data:

“These regulations include the addition of five public authorities who will gain the power to obtain communications data as they are increasingly unable to rely on local police forces to investigate crimes on their behalf.”

Right off the bat, it’s worth repeating that the police shouldn’t have rubber stamp access to the internet connection records, but they have since 2016. Now that they do have that power, it’s being pushed that other agencies need that power to be able to snoop on citizen internet use for investigatory purposes and the stated reason is because it’s not enough that the police have warrantless access. It’s a wet dream of any government agency to be able to snoop around and do their job without having any judicial oversight. The Insolvency Service specifically tried to justify their access to internet connection records by stating the obvious:

“IP addresses and underlying e-mail account details will also be increasingly useful lines of enquiry to solve crimes within their remit.”

Sure, any entity could theoretically do their job better if they’re able to violate the privacy of all the citizens they’re supposed to serve – this has been the case long before technology allowed for easy mass surveillance. However, civil liberties which are supposed to be protected by the government are supposed to stand in the way of exactly this type of gross misuse of government powers. The mass surveillance regime shouldn’t even exist in the first place – but it does.

Remember that the Investigatory Powers Act was originally touted as an anti-terrorism precaution. As privacy advocates have long warned, that is always the beginning. Now that the government has all this data on internet activity – it’s inevitable that its use gets expanded into activities that don’t even remotely involve countering terrorism or protecting national security. It’s a slippery slope and governments around the world are already on it – picking up speed.