1. The Investigatory Powers Act 2016
HNC in Computing and Systems Development
Unit Number and Name
Lecturer Name: Tim Jackson
Date of Presentation: 28/11/2016
Brandon Skerritt (J893694)
Ashleigh Bhandari (J893691)
Francesca Beddingfield (J893950)
2. Contents
• Introduction
• What is it?
• How business should be preparing
• Key Impacts on E-commerce
• Privacy is so 2016
• How can businesses fight back?
• Who cares?
• Conclusion
• Bibliography
4. What is it?
The Investigatory powers bill, dubbed snoopers charter,
will allow the government to obtain all communication,
digital or not.
The three main facts are:
•All communication is monitored
•It’s harder to get a warrant to an interception warrant
•Ensure the government Is fit for the digital age
(“Investigatory Powers Bill – Gov.uk”)
5. How business should be preparing
• A complete review of every use of encrypted
• Having procedures in place for dealing with enquiries
• Training their employees on how to react to a encryption key request
• Reviewing their third party contacts and make sure they aren’t in
breach.
• Analysing how easy it will be to comply with the regulators request.
• Considering how the regulators may use the encryption data
6. • It forces internet and communication companies to retain
any of their customers browser history for up to a year.
(Roi Perez, 2016)
• Weakening the encryption and storing costumers
information could affect any e-commerce if they have a
data breach.
• Companies should prepare to put IP in place otherwise
they can face serious conscious.
• Companies can be asked to decrypt data on demand.
(Roi Perez, 2016)
• The government must be notify when any new security
feature in a product are added before lunching
(Roi Perez, 2016)
Key impacts on e-commerce
12. Bibliography
Web sites - citations
Services.parliament.uk. (2016). Investigatory Powers Act 2016 — UK Parliament . [online] Available at:
http://services.parliament.uk/bills/2015-16/investigatorypowers.html [Accessed 4 Dec. 2016].
Computerweekly(June 2000 ) Regulation of Investigatory Powers Bill: the story so far:
http://www.computerweekly.com/feature/Regulation-of-Investigatory-Powers-Bill-the-story-so-far (01/12/2016).
Roi Perez, C. (2016). The Investigatory Powers Bill is now set to become law. [online] SC Magazine UK. Available at:
http://www.scmagazineuk.com/the-investigatory-powers-bill-is-now-set-to-become-law/article/573616/ [Accessed 1 Dec. 2016].
ComputerWeekly. (2016). Regulation of Investigatory Powers Bill: the story so far. [online] Available at:
http://www.computerweekly.com/feature/Regulation-of-Investigatory-Powers-Bill-the-story-so-far [Accessed 1 Dec. 2016].
McGoogan, C. (2016). What is the Investigatory Powers Bill and what does it mean for my privacy?. [online] The Telegraph. Available at:
http://www.telegraph.co.uk/technology/2016/11/29/investigatory-powers-bill-does-mean-privacy/ [Accessed 1 Dec. 2016].
Editor's Notes
My names brandon, this is Francesca, this is Ashleigh.
Please if you have any questions, apart from Tim, keep them to the any questions slide as this is quite a long presentation
The investigatory powers bill, dubbed Snoopers Charter by the media, will allow the gobernment to obtain all communication whether it is digital or not.
It’s harder to get an interception warrant, but what does that mean? It’s harder for the ‘powers’ which consists of every government organisation to actually look at your data. In order to do this, not only do they need to apply for a warrant like they normally would but the secretary of state, which includes people like Thersa May, Boris Johnson, Jeremy hunt.
The last point may be seen as unusual, because on one hand the government does need to be fit for the digital age, but on the other hand the text specifically
“This will restore capabilities that have been lost as a result of changes in the way people communicate.” from the same document sounds like that they have always been monitoring us.
I would like to mention, encase the government is listening, that Orwell’s 1984 is a fictional book and not a guide book.
DON’T READ THIS PART
Dycotonmy is a split dichoctomy – theres a division of opinons as to why this is being implemented
A complete review of every use of encrypted technology and a detailed report of what the encryption is protecting and why.
Having procedures in place for dealing with possible Investigatory Power enquiries, ranging from police to Customs & Excise.
Making sure their employees aware of how to handle a request for the key to an encrypted transmission is received (this also includes document with electronic signatures)
Reviewing Any security or confidentially agreement in place with third party contacts, that could be breached by the regulators being given their encryption key and the potential impact and any future agreements
Analysing how easy it will be to comply with the regulators request. (e.g. how will be holding the eruption key, will be key be in an intelligible form, what would be a cost of non-compliance, what happens once they’ve finished using it?)
Considering how the regulators may use the encryption data and whether it is safe under RIP (will the key be misused) are sufficient.
Reference
Computerweekly(June 2000 ) Regulation of Investigatory Powers Bill: the story so far: http://www.computerweekly.com/feature/Regulation-of-Investigatory-Powers-Bill-the-story-so-far (01/12/2016).
By companies having to do this could create a problem between the trust of the customer and the company as they are holding information against their will. This can cause sales to drop for the company as the customers may not appreciate their browser history being stored for over an year.
This could be a massive impact on the e-commerce especially if they just came into e-commerce and their data got breached because of weak encryption.
This means companies who fail to provide the key to encrypt the data will face a criminal offence carrying a maximum penalty of two years imprisonment or an unlimited fine
This could be a huge impact on the e-commerce as they will be breaking the data protection act been the company and the customers.
If the government does not approve of the new security in the product this could have a massive impact of the companies sales and profit if the product gets rejected and has been produced widely.
The next slide features some primary research carried out by Brandon
The IP bill is forcing all manufacturers of any encrypted products to hand over the keys to the kingdom. Who needs privacy, right?
Foreign companies such as Private Internet Access and Proton Mail are allowed to keep their encryption keys since thye are based in foreign countries.
But obviously this isn’t going to stop the Orwellian government, sorry, UK Government, from requesting and forcing people hand over the keys to encryption.
Earlier this year, Whatsapp enabled the Signal protocol. An end to end, open source protocol loved by many cryptonerds.
It was the biggest mass encryption of its kind, over 1 billion people were automatically encrypted, end to end.
Signal has been implemented in Facebook, Whatsapp, Red Phone and many other applications. Is this the end for Signal? Only time will tell.
In the meantime, all business information will no longer be secured. If the government wanted to find out what your staff are working on, they’re legally allowed to. Not to mention that the NSA has recetnyl gained a new super power, the ability to hack any and all machines in the entire world, regardless of countrie protection.
Email your MP’s, encrypt EVERYTHING, cover your webcams. There are plenty of online guides out there which detail, very specifically, how to protect against this new act. But I guess, in a few years, talking about protecting yourself from this act will become illegal as its breaking the law.
Who cares?
Not out local MP Roger Gale. I emailed him, several paragraphs, of why the IP bill is wrong. What did he reply with? He does not share my opinion. Nice.
The investigatory powers act is an act which could not only affect e-commerce but will affect our everyday lives. I thank you for listening to this paramount speech about the bill, and as always (next slide)