Ever get the feeling that the more you learn the less you know (Linda Harrison writes?
It seems an appropriate sentiment when faced with the Government's planned Internet security law, the Regulation of Investigatory Powers (RIP) Bill.
Yesterday, politicians, solicitors, civil rights groups and business representatives gathered at the Scrambling for Safety 2000 conference at the London School of Economics to discuss the Bill. Government representatives were quizzed, but few solid answers were forthcoming. Indeed, the conference seemed to find even more holes in the proposed law.
Concerns were raised in the three main areas: human rights, the threat to e-commerce, and the feasibility of the proposals.
Charles Clarke, MP, Minister of State at the Home Office, tried to rally the crowd with a pro-Bill speech in which he described the Government's approach to human rights as "a sea change in our attitude".
According to Clarke, the Bill is seen by the Government to be in accordance with the European Convention on Human Rights. But he added: "Our responsibility is to accept law enforcement's need to be proactive in the protection of that right." He expressed concern that "the small minority who misuse their right to privacy on the Net are able to evade detection".
The minister also mentioned "lots of ongoing work with ISPs", regarding the interception plans in the Bill - the Government wants every ISP to have interception capabilities.
But what percentage of British users was the Government expecting to target with these devices? In other words, how many people in the UK are considered to be drug barons, etc? Clarke didn't know, but said he would "think carefully" about it.
His speech brought home the huge number of issues still to be resolved, even though the Bill is already in its second week of the committee stage.
Burden of proof
ISPs are concerned about how much they will be expected to pay - no amount or percentage of costs for the interception devices has yet been stated. They want the Government to pay, which in turn means taxpayers will have to cough up for their own correspondence to be intercepted.
There are also still huge gaps in the encryption plans. People who fail to turn over their decryption key could face up to two years in prison - a big worry for human rights activists. There were queries regarding how someone could prove they had lost genuinely their key. Clarke dodged the question. Oliver Heald, Tory front-bench spokesman on RIP, said the Conservatives still wanted to completely re-write this "burden of proof" section of the Bill.
Heald also said "a decent technical solution hasn't so far been found" for the interception plans, a claim endorsed by Richard Clayton, a technical engineer for Thus, and formerly of Thus-owned ISP, Demon Internet.
A representative for AT&T asked Clarke about company responsibilities to customers. Under the Bill, companies will be forced to give keys and information to the Government on their clients, in the process breaking their own contract to protect security. And all this would be without the customer ever being told. Would the Government pay his companies' liability if something went wrong and the information was leaked?
There were also concerns that this part of the Bill would scare off foreign investment.
Chris Farrimond and Richard Riley, part of the Home Office team responsible for RIP, were present at the conference. According to Farrimond, the Select Committee is only up to Clause 6 in the Bill, and he had found another 60 amendments sitting on his desk yesterday morning. The two were unable to supply any more details about the Bill than Clarke.
"We hope that the Government is listening," said Caspar Bowden, director of the Foundation for Information Policy Research (FIPR). "They must realise that the legislature defines all our rights and freedoms." ®