Ask the Expert: Coffin Mew

Here, Mark O’Halloran, Partner at Coffin Mew provides you with the answers you need…

Should I be concerned about the Investigatory Powers Bill?

There has been a lot of noise about the Investigatory Powers Bill and it is certainly aimed at being a game changer to enable the police and security services to obtain web histories and call logs and many other data sets more easily. It is also deeply flawed and unlikely to assist in defending UK citizens from any but the most incompetent criminals and terrorists.

As is typical with legislation that has been rushed through, the Bill doesn’t really understand the nature of what it’s trying to regulate. The idea that all encrypted services should include a ‘backdoor’ is very 1980s (think the original War Games) but it poses major issues with the security of public key encryption systems which are based on very large prime numbers.

Whilst there are methods of implementing a backdoor (such as the Clipper chip developed in the US), researchers at the University of Pennsylvania have reported that trap doored primes could make even 1,024-bit keys susceptible to being hacked. So, the security services can unlock the encryption and criminals have an easier time cracking it.

Citizens will be concerned that their web histories are being monitored and recorded – and not just for the police and security services. There are a range of public bodies that have rights under the bill, which may lead to people avoiding the internet.

Over 100,000 people have signed a petition against the Bill. Most people will agree the police and security services need enhanced surveillance powers and many people will accept this as a price worth paying. Criminals and terrorists will simply switch to illegal, fully encrypted apps and communications systems, and pay-as-you-go disposable smart phones, and may not find themselves particularly inconvenienced.