Another non-cycling one I’m afraid.
You might have spotted an article on BBC online a few days back regarding the Communications Data Bill, which our beloved government have just published in draft form. This got all sorts of exciting debate going for a little while, as you might’ve guessed from the bill’s informal name of ‘The Snooper’s Charter’.
Theresa May has stated that the changes within this bill are vital to catch up with how criminals were using new technology, and will apparently catch rings of paedophiles red-handed. To do this, the bill requires all internet use (email, chat, forums, VOIP, gaming, etc) of everyone in the UK to be recorded for at least a year.
People who know much more about the techy side of things than me have already commented that this is going to be challenging, given the government hasn’t really spoken to anyone who understands how the internet works yet. Facebook, Google, Twitter and Blizzard have all looked on in polite bewilderment, and eventually said something along the lines of ‘well, our servers aren’t in the UK anyway, so we’ll probably just ignore all this’. Which leaves small business who are entirely based in the UK. God help you if you receive emails or have some kind of business chat function or forum and don’t have the kind of legal team that chuckle over their morning papers at such legislation. At some point you might be asked to pull out entire sheafs of correspondance from 12 months ago, on pain of, well, something pretty unpleasant.
Personally and selfishly, this doesn’t really concern me. I’m assuming (somewhat dangerously) that the bill only applies to businesses, so I’m not going to be asked to reproduce all that spam email from last August that I purged with righteous fury from my GMail account. What I am concerned about is who’ll be storing all this data that’s harvested. Consider the polite uproar last week when a load of LinkedIn passwords were lifted off their servers (change your passwords, folks). LinkedIn are a big business, who operate in the online environment and rely on the trust of their customers to survive. They have a huge interest in spending money on secure, well-protected servers and processes to keep your data safe.
And data was still stolen despite this.
So, when your local broadband firm is required to store all of your online activity for an entire year, at their own cost (well, at least initially before they pass the bill on to customers), do you reckon they’ll invest in greater security? Or do you suspect you might as well stick your online identity into a big sack and leave it out in the streets marked ‘Guys! Get your credit card and passport application data right here!’