back to article UK surveillance law raises concerns security researchers could be 'deputised' by the state

Provision in the UK's controversial surveillance laws create a potential means for the UK government to press-gang "any" UK computer expert into working with GCHQ. Computer scientists and researchers are concerned about the provision - even though the consensus is that it is unlikely to be applied in practice because it would …

  1. hplasm Silver badge
    Big Brother

    I see your warrant, GCHQ,

    And raise you my invoice. Look at all of those zeros!

    What, free? Sod off.

    1. Anonymous Coward
      Anonymous Coward

      Re: I see your warrant, GCHQ,

      GCHQ can bid on my darknet auction like everyone else.

    2. Hollerithevo Silver badge

      Re: I see your warrant, GCHQ,

      Warrant trumps invoice, I think you'll find.

      1. Doctor Syntax Silver badge

        Re: I see your warrant, GCHQ,

        "Warrant trumps invoice, I think you'll find."

        Anti-slavery legislation might trum warrant. It could be an interesting situation.

        The way to fight it is to publicise it as "HMG wants to create more WannaCries".

        1. James Ashton

          Re: I see your warrant, GCHQ,

          "Anti-slavery legislation might trum [sic] warrant. It could be an interesting situation."

          Anti-slavery legislation is just legislation, open to being overridden by subsequent legislation. We're not talking about the US where they have an anti-slavery clause in their constitution which will trump (with a small "t") any legislation.

      2. hplasm Silver badge
        Big Brother

        Re: I see your warrant, GCHQ,

        "Warrant trumps invoice, I think you'll find."

        'Sod off I don't work for nothing',trumps Warrant.

        Checkmate.

      3. StargateSg7 Bronze badge

        Re: I see your warrant, GCHQ,

        I would tell to sod-off and i would ABSOLUTE WITHOUT

        HESITATION IGNORE THE WARRANT NO MATTER WHAT!

        My info would be all public 7 seconds into the conversation

        and since I HAVE one of the BEST computer security systems

        IN THE WORLD because I went UTTERLY NUTSO designing

        and building it, they are toast!

        Custom fabbed CPU/GPU. Check!

        Custom Rad-hardened, TEMPEST-rated, EMP-proofed,

        and custom AC/DC-surge protected Motherboard and UPS

        in a Messahed Faraday and Copper Plate cage. All Check!

        Custom BIOS. Check!

        Custom Assembler and Compiler! Check!

        Custom OS and Applications! Check!

        Custom Network Hardware. Check!

        Custom Network Stack, Custom Java, HTML, Python, SQL Implementations. ALL CHECK!

        Custom Database engines. Check!

        Custom Anti-Virus. Check!

        Autonomous 500 cameras Infrared, UV, Optical, MM, Xray,

        Gamma, Acoustic, RF sensing and imaging. Check!

        Weight, Olifactory, Beam-based and Air Current Sensors. Done and Check!

        65,000+ Objects per second object detection and recognition. Been There. Done That. Check!

        .60 CAL (not .50 .... .60! ) CAL

        aka Do you Feel Lucky Punk? Go Ahead Make My Day! Check!

        No one is telling ME what to do!

  2. Your alien overlord - fear me

    How could the gov't know you've found a vulnerability until you publish it/tell the vendor? Me thinks horses, gate, bolted.

    Or if they are trying to catch up to the NSA on zero-day exploits, just subscribe to TheShadowBrokers service.

    1. Smooth Newt
      Big Brother

      How could the gov't know?

      How could the gov't know you've found a vulnerability until you publish it/tell the vendor? Me thinks horses, gate, bolted.

      Perhaps by using their surveillance powers against you.

      1. Marketing Hack Silver badge
        Big Brother

        Re: How could the gov't know?

        @Smooth Newt

        Maybe the GCHQ can make some money on the side as a security research paper proofreading service! "Yes, you used split infinitives in the second sentence of paragraph 4, page 1. And its "there" and not "their" in sentence 5, paragraph 2, page 4"

      2. John Smith 19 Gold badge
        Gimp

        "Perhaps by using their surveillance powers against you."

        So let's see

        a) Govt can spy on everyone in the UK and if necessary target security researchers looking for references to interesting results.

        b) Minister issues warrant to request the information.

        c) Govt issues gagging order so researcher cannot tell anyone they've been forced to cough it up.

        It's just a "coincidence" that all these different provisions work together to achieve this result.

        It's starting to look as if the writers of surveillance legislation (THE PATRIOT Act would be another example) seem to be using obfuscation methods akin to malware writers to evade scrutiny by AV systems. IOW

        Civil servants writing surveillance legislation --> Malware writers.

      3. Wayland Bronze badge

        Re: How could the gov't know?

        The gov might know you are capable of inserting a vuln into the code you are writing for the company. You simply have to do as they say and not tell the company you're working for.

      4. Simon Clubley
        Big Brother

        Re: How could the gov't know?

        [I'm the same person mentioned in the article. Thanks to everyone for the article and the opinions you provided.]

        Yes, this is one of the methods I was thinking of. We know GCHQ does pattern matching across Internet traffic and I strongly suspect people doing research on a vulnerability generate their own type of Internet activity pattern. How do we know GCHQ are not looking for those patterns in order to identify people of interest to them ?

        As for the opinions offered, what's alarming here is that the experts asked offered a range of opinions from maybe there's a problem here to no, it's telecoms operators only. When even the experts can't agree on what the law means then that's a law which is open to having it's scope stretched and otherwise abused in years to come.

        I'm still concerned about the wording though. Many parts of the law are very clear on what the scope of that part of the law means but this part of the law simply uses "any person" without any explicit constraint.

        1. Kiwi Silver badge
          Thumb Up

          Re: How could the gov't know?

          I'm still concerned about the wording though. Many parts of the law are very clear on what the scope of that part of the law means but this part of the law simply uses "any person" without any explicit constraint.

          Firstly, even though I am not likely to be affected by this law (wait till NZ's government looks at it, and figures out a way to come up with an even stupider version!), much thanks for taking the time, effort, and potential risk of exposing something that really could be a problem. Whistle blowers often get abused and ignored until well after the event they warned about, and even then seldom get the deserved recognition :( Often this stuff makes people think "more hassle than it's worth", so thanks for taking the time!

          Unfortunately what the "experts" quoted in the article missed is the stuff like the passwords thing "Andrew Jones 2" mentioned, and the way governments like to make a specific law to cover a small area, see how "well" it works, and expand it beyond all sense or recognition to cover other things not even remotely envisaged by the original authors of the act (or sometimes originally planned, but they knew they had to do it in stages; the public would lynch them if GPS tracking for all citizens was tried at first but GPS tracking for paedophiles, then murderers, then those with repeated violent assaults, then...). Anyway, what these people have missed is that where a law can be twisted or abused by someone on the prosecution side, it will. Where a minister can make it mean something never intended, they will. Where it can cause someone to be forced to do something they wouldn't otherwise do, it will be done. Even when the law is pretty clearly worded to exclude certain things or only include a specified limited set, those boundaries will be pushed long before the ink has dried.

          Maybe some public backlash will lead to some sorting of these things, but sadly I doubt it will get far, not without something more major in the "public backlash" - and that's not likely to happen while there's reality TV and cooking shows to be watched :(

          But thanks muchly for doing your part.

          1. Simon Clubley

            Re: How could the gov't know?

            Kiwi, thank you and you are welcome.

            As regards your laptop question, it's an interesting question and quite honestly one I had not considered.

            However, having quickly thought about it, my instinct is that even I don't think the government could get away with twisting the law to that level to target you as a private person in order to get access to equipment you own.

            However, I still have concerns about general communications networks operated by large companies and organisations because I do believe it's far easier to twist the telecommunications operator definitions I quoted above to cover them.

            1. Anonymous Coward
              Anonymous Coward

              Re: How could the gov't know?

              "As regards your laptop question, it's an interesting question and quite honestly one I had not considered."

              Or something like Asterix

              Asterisk is the #1 open source communications toolkit.

              Asterisk powers IP PBX systems, VoIP gateways, conference servers, and is used by SMBs, enterprises, call centers, carriers and governments worldwide.

    2. thames

      It sounds more like it's about telling you to keep your mouth shut about vulnerabilities than asking you to find some for them.

      For example, suppose GCHQ are exploiting a vulnerability in the telecoms gear in Berlin to monitor cabinet conversations in the German government. GCHQ know from reading the literature that you've published previous papers on related security research. They then serve a warrant on you telling you to "assist" them by running anything by them first before publishing it. If you start getting warm with regards to a vulnerability that they're using, they'll tell you to "assist" them further by stopping work in that direction and not to publish anything about it. The warrant will also forbid you to say that there's even a warrant. That protects their ongoing use of that vulnerability.

      The sort of equipment we're talking about is expensive and not in the hands of the general public, so the number of independent security researchers working on that problem domain will be very limited. Keeping them muzzled would not be difficult, given the tools described. The fact that nobody seems to know what the law actually means in practice is unlikely to be an accident, as they have an ingrained reflex against revealing that they even want to do stuff like this.

      They could be doing this right now, and there's no way for you to tell.

      1. Wayland Bronze badge

        What if your job is to fix vulns?

        So you're hired by the company to fix these problems and they tell you about areas where their systems are weak. They have got you to agree that you won't tell anyone about the problems, naturally.

        You'd have to keep your job secret from GCHQ or they will force you to spy for them. Keep your job secret from GCHQ eh?

        You'd have to resign whilst hoping the company figure out why.

        1. Simon Clubley
          Big Brother

          Re: What if your job is to fix vulns?

          It might be interesting for people to check out what a telecommunications operator is actually defined as - it's far more widely scoped than people might think.

          Section 261, paragraph 10 defines a telecommunications operator as not only the person who runs the service but also any person who has control of a telecommunication system. That latter bit would seem to me to include any vendor who has access to the system as part of (for example) normal support operations.

          The rest of that section is well worth a read as some definitions are not what you may expect.

          For example, a "telecommunication system" in defined in paragraph 13 as:

          “Telecommunication system” means a system (including the apparatus comprised in it) that exists (whether wholly or partly in the United Kingdom or elsewhere) for the purpose of facilitating the transmission of communications by any means involving the use of electrical or electromagnetic energy.

          and "Communication" is defined in paragraph 2 as:

          “Communication”, in relation to a telecommunications operator, telecommunications service or telecommunication system, includes—

          (a) anything comprising speech, music, sounds, visual images or data of any description, and

          (b) signals serving either for the impartation of anything between persons, between a person and a thing or between things or for the actuation or control of any apparatus.

          As far as I can see, that definition not only includes what a reasonable person would consider to be a telecommunications system, but also something like a messaging system running on (for example) a z/OS mainframe, which if true would also place normal mainframe systems under the scope of this part of the act.

          1. Kiwi Silver badge
            Paris Hilton

            Re: What if your job is to fix vulns?

            It might be interesting for people to check out what a telecommunications operator is actually defined as - it's far more widely scoped than people might think.

            Section 261, paragraph 10 defines a telecommunications operator as not only the person who runs the service but also any person who has control of a telecommunication system.

            “Telecommunication system” means a system (including the apparatus comprised in it) that exists (whether wholly or partly in the United Kingdom or elsewhere) for the purpose of facilitating the transmission of communications by any means involving the use of electrical or electromagnetic energy.

            Couldn't that include any computer connected to any network? For example the laptop I am typing this into is "apparatus comprised in" the internet, and it's main use is to "facilitate the transmission of communications", eg this very message.

            My reading of what you've posted would put any connected computer into that scope, though there may be limits elsewhere in the act or UK (case)law that I haven't read

    3. This post has been deleted by its author

    4. Kiwi Silver badge
      Black Helicopters

      How could the gov't know you've found a vulnerability until you publish it/tell the vendor? Me thinks horses, gate, bolted.

      Brit Whitehat to MS > "Hey, I found a serious bug that could allow remote execution. I'll give you till the end of next month to fix it before I go public"

      MS > GCHQ "You can use this to hack someone's computer, but Brit Whitehat is threatening to go public. I suggest you shut him up"

      GCHQ > Brit Whitehat "Shuttup about this or else".

      Chinese Blackhat > [snigger] "They still haven't fixed that flaw. Oh hey look, T May is about to use her government-issue credit card. Lets have some fun with this!"

  3. Anonymous Coward
    Anonymous Coward

    So can they serve the company not to fix a bug as well?

    This will not end well.

    1. phuzz Silver badge

      They can try, but non-UK companies won't care, and if this sort of thing does come to pass, nobody in their right mind will be doing security research in the UK (except GCHQ obv).

      1. Flywheel Silver badge

        Maybe we'll be seeing a brain-drain of security researchers from the UK in the next couple of years. Estonia's a nice alternative.

  4. frank ly Silver badge

    History

    "... experts had already spoken among themselves about the prospect of enforced co-operation before deciding it's unlikely to be applied in practice."

    Those who forget its lessons are doomed to have it repeated on them.

  5. James 51 Silver badge

    It won't matter if the act violates human rights. After Brexit you can bet that May has her sights set on the ECHR. Then when she has done her best to destory the checks and balances put in place by the those who faught in WW2 to stop Europe back sliding into the 1930s, she'll be able to do as she pleases.

    1. Anonymous Coward
      Anonymous Coward

      I watched the "May vs Corbyn Live the Battle for Number 10" programme and by god she is creepy as fuck with that "Oh, I'm afraid the deflector shield will be quite operational when your friends arrive." smile she put on throughout the show.

      .

      P.S. Make June the end of May.

      1. Anonymous Coward
        Anonymous Coward

        "Make June the end of May."

        Saw a neat voter TLA the other day. An "ABC" - "Anyone But Conservative".

        Having thought long and hard about it I will be gritting my teeth to vote Labour in the hope of swinging our constituency towards a hung Parliament***. Theresa May is looking like another Trump - except she has the Royal Prerogative giving her more power than a POTUS.

        *** unfortunately a pundit has suggested that a hung Parliament means Theresa May being would be kept in power by the religious fanatics in the DUP.

        1. Anonymous Coward
          Anonymous Coward

          Hung Parliament?

          Preferably by the neck.

          Guy Fawkes mask intentional.

      2. Doctor Syntax Silver badge

        "Make June the end of May."

        And do you think a Labour govt would be any less keen do use this Act? Remember, wee've been here before.

      3. John Smith 19 Gold badge
        Thumb Up

        "P.S. Make June the end of May."

        Nice.

        Time to recall the Lib Dems were runners up in 63 seats and about 37 of them went to the Conservatives, the rest to Labour and the SNP. Time to consider "going tactical" ?

        Pre Election the Conservative Party had an absolute HoC majority of 17.

        What would be a real ROTFLMFAO moment would be if the a)Lost the majority or b)Came back with a smaller one. One of those "We managed to snatch defeat from the jaws of victory" moments.

        Note however that anything short of a defeat (by however many seats) still puts "President" May in the big chair for the next 5 years.

        In theory.

        However partial success implies partial failure and the Tory party is not very sentimental or tolerant of either.

        The only question would be who gets to star as "Brutus" ?

  6. Warm Braw Silver badge

    Ken Munro ... an expert in IoT security issues

    That should keep the warrants coming...

    1. Bob Hoskins

      Re: Ken Munro ... an expert in IoT security issues

      I hope that was sarcasm.

  7. Anonymous Coward
    Anonymous Coward

    Education is key...

    Let's start by banning prime numbers in schools. And those dual-use integers.... don't even get me started on Modular Forms. Thankfully with her education cuts, she can re-create 1980s East Germany she so strongly desires.

    1. Anonymous Coward
      Anonymous Coward

      Re: Education is key...

      Downvoted for two reasons:

      1.East germany education was better than current UK education.

      2.The level of surveillance the Stasi had pales in comparison with the one we have.

      Anon for good reasons.

      1. thames

        Re: Education is key...

        "Anon for good reasons" - You only think you're anonymous, citizen.

      2. Anonymous Coward
        Anonymous Coward

        Re: Education is key...

        We know its you Fred...

  8. Christoph Silver badge

    Warrant Canaries

    I expect to see a lot of researchers putting up warrant canaries if this ever happens.

    And what happens if they are asked a direct question about vulnerabilities? Are they legally required to lie? Even knowing that people will suffer loss due to their false reassurance?

    1. Yet Another Anonymous coward Silver badge

      Re: Warrant Canaries

      Which side has the guns and prisons ?

      They make the rules

      1. Peter2 Silver badge

        Re: Warrant Canaries

        I think that just a big a question is "who issues the warrant", because if it was a real court as opposed to the kangaroo variety then the court order would be part of the public record.

        1. Doctor Syntax Silver badge

          Re: Warrant Canaries

          "a real court as opposed to the kangaroo variety"

          I suspect that if push came to shove and this ended up in a real court the real court would take a dim view of kangaroos.

          1. Yet Another Anonymous coward Silver badge

            Re: Warrant Canaries

            Wasn't part of Brexit the opportunity to welcome our imperial marsupials to replace these european mammals ?

    2. Alan Brown Silver badge

      Cores cores everywhere

      "I expect to see a lot of researchers putting up warrant canaries if this ever happens."

      If you have one up, you can expect to be given an order under IPA to keep the canary active or go to jail.

    3. James Ashton
      Big Brother

      Re: Warrant Canaries

      "I expect to see a lot of researchers putting up warrant canaries if this ever happens."

      This is not a problem for the government. Australia has already outlawed warrant canaries for some situations. If your legal system allows the government to outlaw revealing the existence of warrants then outlawing the revealing of the non-existence of warrants is but a short step.

      "And what happens if they are asked a direct question about vulnerabilities? Are they legally required to lie? Even knowing that people will suffer loss due to their false reassurance?"

      You don't have to lie; "I can't answer that for legal reasons" would probably be a legal response. If further asked what those legal reasons were then "I can't answer that for legal reasons" is, again, going to get the job done. It's going to convey much the same kind of impression as the phrase "helping the police with their enquiries".

  9. Will Godfrey Silver badge
    Unhappy

    Alice in Wonderland

    So let me see if I've got this right.

    Honest researchers trying to improve security and protect ordinary people from criminals will be silenced if they happen to stumble on vulnerabilities that the spooks are also using (I don't believe for one minute the spooks will be first to discover).

    However, criminals using such vulnerabilities will now be actively protected by spooks not wanting these made public.

    Therefore, I can only conclude that we now have a criminal government.

    1. FlamingDeath Bronze badge

      Re: we now have a criminal government

      We also have a criminal royal family that changed their surname to blend in

      The gov has been criminal for a very long time, long before you or I was born

    2. Yet Another Anonymous coward Silver badge

      Re: Alice in Wonderland

      You're lucky the law only extends to computers.

      Wait until medical researchers get the same warrants.

      We don't want you publishing anything about this real virus - we might have plans for it....

  10. Paul Hovnanian Silver badge
    Gimp

    On this side of the pond they call them National Security Letters. If 'they' need your assistance to snoop on someone, or keep quiet about existing snooping you might have come across, you can be served with such an administrative warrant.

  11. present_arms

    "GCHQ, Sorry what? do i do windows? umm no sorry but for a fee I'll learn."

    later another call

    "you want me to spy on who?" "Oh that's easy, I'll just follow the twat on Twitter, no need to wiretap the prez"

  12. Fred Dibnah

    This post has been deleted by its author

    (just in case)

  13. Dodgy Geezer Silver badge

    It is interesting to consider...

    ...WHY this proposal was made by GCHQ.

    It all harks back to the reason that we have 'state security' bodies in the first place. Why don't we just have police forces, who can be just as suitably equipped and staffed? The answer is that the Security Services and the interception networks that they use were designed to operate OUTSIDE the law.

    These bodies were set up during wartime - WW1 and later WW2. In those conditions, where a spy might be directing an invasion, there was neither the time nor the desire to go through the process of obtaining a warrant for every action. People could be arrested and retained without charge for an indefinite period. People's mail could be diverted or opened at will. If due legal process had to be followed, there was the risk of warning the suspect, or losing valuable time.

    This culture survived after WW2 into the Cold War. And so long as it was only 'Russian spies' that these powers were being used against, no one cared too much about the fact that legal principles were routinely dispensed with.

    Now the Security Services have run out of the traditional justification for their jobs, and are trying to maintain their staff and budgets by moving into straight criminal activity - the kind of thing the police ought to be doing. But they are still maintaining their 'Cold War' culture. Note that they often don't want to offer evidence 'for fear of revealing sources and techniques'. That is a WW2 justification. They operated widespread communications interception - a WW2 tactic, and had to have it retrospectively legalised when it was discovered.

    One of the lesser-known laws during WW2 was one which stated that ANY invention could be impounded by the military and suppressed or used without compensation if that were deemed necessary to the war effort. Again, a rule which makes sense in wartime. But now I see it is being revived by the Security Authorities in peacetime - 60 years after WW2 and 30 years after the Cold War ended...

    1. Anonymous Coward
      Anonymous Coward

      Re: It is interesting to consider...

      "People's mail could be diverted or opened at will."

      The Royal Mail was set up by Charles II as a monopoly to ensure that everyone's letters went through a central sorting office. The office's secret task was to open letters, copy their contents, and reseal them without any tampering being visible. Thus suspected plotters could be monitored. The Royal Mail museum apparently still has some of the original copies.

      1. Yet Another Anonymous coward Silver badge

        Re: It is interesting to consider...

        That explains the delivery speed at least

      2. Jack of Shadows Silver badge

        Re: It is interesting to consider...

        That practice predates actually winning the Revolutionary War in the US and "more limited" version continues to this day at least for the "metadata" which is collected on every letter or parcel today. I do wonder if that was the reason Benjamin Franklin created the US Postal Service.

      3. Anonymous Coward
        Anonymous Coward

        Re: It is interesting to consider...

        > The Royal Mail was set up by Charles II as a monopoly to ensure that everyone's letters went through a central sorting office.

        Ugh, sounds like a perfect way to fiddle with Postal Votes for elections then. :(

  14. Bob Hoskins

    They already do

    It's called the CHECK scheme. Look it up.

  15. Anonymous Coward
    Anonymous Coward

    An IT acquaintance was arrested by the police and his IT equipment taken away. He was targeted for a "fishing" raid because his name was in someone's address book - in an investigation that was stalled for lack of any actual evidence for its original allegations.

    He was dumbfounded while still on police bail - when he received a phone call from the same police team asking if he could help them crack a hard disk in a different investigation.

  16. Jack of Shadows Silver badge
    WTF?

    (3)A copy of a warrant may be served under subsection (2) on a person outside the United Kingdom for the purpose of requiring the person to provide such assistance in the form of conduct outside the United Kingdom.

    Mildly concerning. It's bad enough that my government can pwn* me, now the UK might be in line too? If I don't comply, does extraordinary rendition result so I do my time in your wonderful prisons? /sarc, I hope.

    *- The US Navy, despite discharging me for medical reasons and really, really not wanting me back, retains the right to recall me back to the uniform with a simple signature. That puts teeth into the extremely lengthy NDA I had to sign before leaving. It was far longer than my enlistment contract.

    1. Anonymous Coward
      Anonymous Coward

      " If I don't comply, does extraordinary rendition result so I do my time in your wonderful prisons?"

      Don't worry - that treaty only works in one direction - UK-->USA.

    2. Anonymous Coward
      Anonymous Coward

      Are you saying The Village People only gave us a small insight into The Navy then?

      This changes everything. I can no longer trust that it's fun to stay at the YMCA.

  17. Anonymous Coward
    Anonymous Coward

    I suspect I have encountered what this is about. If your working on telecoms or other infrastructure gear, and you find a vulnerability, then there are backchannel processes to report this to the vendor and all hell breaks loose if you don't obey them strictly. It also means its difficult to build a reputation for yourself which sucks on my cv but hey ho.

    I have on occasion watched those processes kick serious issues into the long grass, and I ask myself how can they continue to use that equipment in good faith with it present, I continued to make a pain in the ass of myself about them on principle, but never publically or outside the channels. Don't bite the hand that feeds.

    Lets just say knowledge of this juicy backdoor hits the spooks via responsible reporting process, and I receive a gagging order to stop me repeating myself to anyone who will listen in the company, where does that exploit fix go? who will have it to use in their armoury for free?

    There's some other key aspects of it that ring bells too, but I won't go into them for privacy reasons. Your never truly anon unless you have taken real steps, and this is my regular account, even if I ticked the post anonymous box.

  18. John Smith 19 Gold badge
    Unhappy

    "now the UK might be in line too?"

    If you're in the UK then yes.

    AFAIK the law is very general. If you're in UK jurisdiction it applies.

    Now I think things would get tricky if you were (for some reason) either reactivated by the USN or in receipt of an NS letter about something you'd found.

    AIUI the NSL would mean not only could you not tell GCHQ about your work but you could not tell them why you could not tell them about your work.

    What happens next depends on how smart the person who's dealing with your case. A smart one will kick it up the chain of command to put in a call to Fort Meade. A dumb one will think you're simply being uncooperative and things will become stressful.

    1. Anonymous Coward
      Anonymous Coward

      Re: "now the UK might be in line too?"

      Good job this applies to UK jurisdiction...if it was US jurisdiction then that means anywhere world wide that's on the internet...

      Least that always seems to be the impression given.

      Annon - just because you're paranoid.....

    2. Anonymous Coward
      Anonymous Coward

      Re: "now the UK might be in line too?"

      If you're in the UK then yes.

      AFAIK the law is very general. If you're in UK jurisdiction it applies.

      Are you sure? If you look at the page linked from the main article, subsection 3 says this:

      (3) A copy of a warrant may be served under subsection (2) on a person outside the United Kingdom for the purpose of requiring the person to provide such assistance in the form of conduct outside the United Kingdom.

  19. Andrew Jones 2

    The experts who have discussed among themselves can think what they like - and I frankly find it surprising that they are even giving the Government the benefit of the doubt here. We all saw the writing on the wall with the "don't worry, the [you must give us any passwords we ask for] law will ONLY ever be used for anti-terror" - we all knew it would be used eventually for stuff that was not even vaguely related to anti-terror and sure enough, that day came and went - with very little media coverage.

    If the UK Government have an over-reaching power, it doesn't matter what they claim it is for - it WILL be deployed on a frighteningly regular basis and it will be used for many many things that have no relation at all to the original reason they claim they needed the power in the first place.

    Along with the plans for complete internet regulation, the existing stupid bill - especially with regard to the adult entertainment industry, and now this new plan - the IT industry is going to flee the UK within the next 10 years.

  20. Anonymous Coward
    Anonymous Coward

    "the IT industry is going to flee the UK within the next 10 years."

    That;s ok by this government - they want to turn the UK back to the austerity 1950s. Won't be long before TV broadcasts will be obliged to close down for an hour on a Sunday evening so everyone can go to church.

  21. JaitcH
    WTF?

    Nothing New in the IPA 2016 - just makes what GCHQ has been doing for years Legal

    Britain, land of the allegedly 'free', has been under the thumb of the government, albeit unknown by most, for around a century and the Investigatory Powers Act 2016 simply codified their activities.

    The good thing is they can't prove knowledge - no doubt they are working on mind readers now.

    Human Rights includes privacy, Human Rights is a UN Treaty the UK signed up to. Who will protect UK citizens post-Brexit?

  22. Koconnor100

    Gagging the honest researchers trying to warn you there's a problem and letting the criminal hackers run free making problems.

    Nice.

  23. ProperDave

    Not really news?

    I believe this sort of thing has been going on for years.

    I don't want to go into too much detail in case I start getting visits from well-suited men, but my mother told me a tale from probably a decade back that a son of a former colleague of hers was a few years ahead of me in University doing a software and microelectronics degree of some sort. The lad apparently stumbled upon a way to create a repeatable power failure in hardware. He posted on a few forums on-line asking for peer review, and within a few days all his posts vanished from the forums he posted to, and he had a visit from well-dressed men. His research and equipment was confiscated, but my mother told me he was then funded for a masters and went on to 'work for the government'.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019