The Investigatory Powers bill is back and as a UK based Internet company we are very interested in seeing how this progresses.
In short it proposes the following:
Taking the most contentious of these proposals the bill will require UK based ISPs to hold twelve months of history for customers and to allow agencies to request access to logs for specific periods. This will clearly increase overheads at ISPs that inevitably will be passed onto consumers.
The idea that requiring UK-based ISPs to maintain a list of ICRs (Internet Connection Records) giving agencies full visibility on UK Internet Activity is junk.
There are already VPN Companies offering products and workarounds to prevent traffic going through your ISP being loggable. This renders the bill irrelevant and for anyone with a modicum of technical experience getting and using a VPN outside of the UK is trivial and costs around $20 a month.
Because a user can easily connect and use a VPN service outside the UK the bill will have no jurisdiction over VPN providers outside of the UK. Because data will be passing through networks outside of the UK and will be encrypted the UK ISP provider will not be able to log ICRs for a user either.
Theresa May seems hell-bent on pushing this bill through parliament before the EU Referendum campaign. It is a complex bill with deep implications for the UK Internet Industry and for Civil Liberties.
It is my opinion that this bill should be thrown out. Whether I agree with tracking ICRs or not this bill will not deliver on much of what it is trying to achive. I am not convinced that the authors of the report understand the fundamentals of the Internet well enough to realise that by using a VPN outside of the UK ISPs cannot record ICRs.
The bill is expected to be given a Commons second reading on 14 March and sent to the House of Lords before the end of April in order to get it on to the statute book before a 31 December deadline.
Although the Home Office claim the bill will be compliant with the European Convention of Human Rights a legal challenge looks likely if it is a passed.
Have an update or suggestion for this article? You can edit it here and send me a pull request.
Using HashiCorp Vault with LDAP
How to use HashiCorp Vault to setup an LDAP backed secret store with read-only access for users in groups and read-write access for specific users
Linux and Unix xargs command tutorial with examples
Tutorial on using xargs, a UNIX and Linux command for building and executing command lines from standard input. Examples of cutting by character, byte position, cutting based on delimiter and how to modify the output delimiter.
Copy a file in Go
How to copy a file in Go. The ioutil package does not offer a shorthand way of copying a file. Instead the os package should be used.