techUK Calls for Clarity and Accountability as Home Office seeks to update RIPA laws
· Clear, legal framework must underpin relationship between government and industry
- Unclear definitions risk confusion and difficulty in implementation
- Thorough and detailed consultation essential for ensuring public trust
20 January 2015, techUK, the leading voice of the UK technology industry, has today responded to the Government’s Consultation on the Regulation of Investigatory Powers Act (RIPA). techUK’s response raises specific concerns to the Home Office about the lack of clarity in the draft Codes of Practice, and the way in which the process has been undertaken.
Technology plays an important part in helping the authorities to protect our national security, and techUK and its members take their legal obligations to support the security services extremely seriously.
Antony Walker, Deputy CEO of techUK, said: “Sir John Sawers today called for a new relationship between industry and security services, but this has to be firmly rooted in law. In a democratic society, the only way to protect security, freedom and trust is through the creation of an appropriate, proportionate and transparent legal framework. In order to achieve this, further changes are required to the current draft Codes of Practice.”
techUK’s response highlights three areas that risk causing confusion and difficulty when if the Codes of Practice are implemented in their current form:
· Lack of clear definition of what constitutes a Communications Service Provider (CSP)
- Failure to clearly define the extensions to the categories of data to be retained
- No clear guidance on how specific professions, such as journalists or lawyers, would be identified or handled; failure to provide any further definition on what constitutes a journalist; or any special consideration for whistleblowers
Antony Walker, Deputy CEO of techUK, continued: “It’s right that we ensure that legislation keeps pace with changes in technology and that where appropriate, legislation is updated. However, when this happens, it’s essential that time is given to allow for effective consultation and parliamentary scrutiny. Without that there is real risk that public confidence will be undermined. We hope that when new legislation is bought forward in 2016, sufficient time will be allowed for informed discussion and debate on an issue that goes to the heart of the value of a democratic society.”
techUK has made a number of detailed comments and recommendations on both the Codes of Practice for the ‘Acquisition and Disclosure of Communications Data’ and the ‘Retention of Communications Data’. The full response can be read here: http://www.techuk.org/insights/news/item/3219-techuk-calls-for-clarity-and-accountability-in-response-to-ripa-consultation
The UK’s previous data retention regime was based on the 2009 EU Data Retention Directive. The Court of Justice of the European Union ruled that the Directive was invalid as its broad scope was incompatible with the EU Convention on Human Rights (ECHR) and the EU Charter of Fundamental Rights. It is unclear whether the replacement Data Retention and Investigatory Powers Act (DRIPA, 2014) and the Data Retention Regulations are themselves compatible with the ECHR and Charter of Fundamental Rights and they are therefore subject to a legal challenge.
techUK represents the companies and technologies that are defining today the world that we will live in tomorrow.
More than 850 companies are members of techUK. Collectively they employ more than 500,000 people, about half of all tech sector jobs in the UK. These companies range from leading FTSE 100 companies to new innovative start-ups. The majority of our members are small and medium sized businesses.
 Comments made at the launch of the Edelman Trust Barometer in London