If you want more security, you have to give up some privacy. The familiar trade-off will be tested to new extremes in the United Kingdom in 2017 when the recently ratified Investigatory Powers Bill, a.k.a., the “Snooper’s Charter,” takes effect. Based on the levels of high-tech government surveillance of UK citizens ushered in by the bill, Britons should be very secure indeed.

Britain’s new law is the latest reflection of the struggle to balance intelligence agencies’ ability to collect data against citizens’ privacy rights. Edward Snowden, the whistle-blower who initiated a wave of government surveillance soul-searching in the United States, responded with a tweet. "The UK has just legalized the most extreme surveillance in the history of western democracy,” he tweeted. “It goes further than many autocracies." Proponents say the law limits the ability to gather information about citizens without a warrant. A judge must sign off on the most intrusive powers.

Utilising "Big Data"

The law also reflects the increasing sophistication of data-collection tools, and the value of mining tons of data for that one bit of information that could make a difference, for example, that could prevent a terrorist attack. You see the same obsession with collecting data, and appreciation of the value of analysing data, in our own industry. Talk of “Big Data” is front-and-centre at conferences and trade shows, data storage systems are hot products, and enterprise customers, in particular, are perpetually in search of data nuggets that can make a company more secure (or help it operate more efficiently).

The Investigatory Powers Bill will pave the way for the UK government to collect more data; in the process, it will demonstrate new possibilities of how the data can be used.

Scope of data collection

The scope and types of data collection under the new law are ominous. They include requiring internet and communications service providers to store top-level information about British citizens’ browsing for 12 months. This refers to the meta-data of web browsing and communications – what web site was visited and who was messaged – but not the content.

Some experts have even said that
the collection of so much data
could actually make it more
difficult for analysts to interpret it

A section of the bill called “equipment interference” allows police and intelligence officials to use methods similar to those employed by hackers and cyber-criminals, such as installing malicious software. In effect, intelligence agencies could hack into computers, mobile devices and networks without alerting the owners.

All the information will be collected and available in case it is needed in an investigation. However, only those suspected of being a security risk will be monitored. (Some experts have even said that the collection of so much data could actually make it more difficult for analysts to interpret it.)

Tackling increasing threat levels

A proposal nicknamed the “Snooper’s Charter” was debated in Parliament in 2013, but was blocked by Liberal Democrats. The current bill has been debated for 12 months and replaces the Data Retention and Investigatory Powers Act of 2014, which sunsets on Dec. 31, 2016.

Despite widespread opposition in the UK – a petition opposing the measure has 100,000 signatures – Former British Prime Minister David Cameron says the Investigatory Powers Act “goes to the heart of the government’s duty to keep the British citizens safe.” Critics say it is the most extreme surveillance laws ever passed in a democracy.

Among other things, the law is a sign of the times. It confirms the value of data as a crime-fighting and crime prevention tool. It acknowledges the increasing presence of threats on the Internet, and the use of the latest electronic tools by the bad guys. These are points our market should heed as we prepare to do our part.