Home Office could force delays in tech security fixes under 'short-sighted’ proposals

When it’s not making disastrous decisions around the housing of migrants on barges found to contain Legionella, the Home Office is reviewing the 2016 Investigatory Powers Act and considering a proposal to require telecoms operators to notify the government of “technical changes” to their services before they are implemented – something which has been slammed as “catastrophically short-sighted”.

Between 5 June and 31 July, the Home Office consulted on revising the legislation passed by Theresa May’s government, with one of the planned changes relating to “notification requirements” placed on businesses.

The consultation document reads: “We propose to make changes that would support cooperation between government and industry by setting clear expectations about the circumstances in which operators might be expected to notify the Secretary of State of planned changes to their service that could have a negative impact on investigatory powers and, where necessary, mandating notification of planned changes.

“This would be intended to facilitate early engagement between operators and the government so that, where necessary, appropriate steps can be taken in good time to ensure that any negative impact on investigatory powers is fully considered, and so that we can ensure continuity of lawful access to data against a background of changing technology.”

However, it was a news article from Just Security on Tuesday which reignited concerns that the UK Government is about to do something “ultimately unsafe”.

The piece explains: “While the proposal does not specify what technical changes would require notification, these may include changes in the architecture of software that would interfere with the UK’s current surveillance powers.

“As a result, an operator of a messaging service wishing to introduce an advanced security feature would now have to first let the Home Office know in advance.

“Accordingly, the Secretary of State, upon receiving such an advance notice, could now request operators to, for instance, abstain from patching security gaps to allow the government to maintain access for surveillance purposes.”

If the idea of Suella Braverman being able to halt security fixes so the government can continue to spy on people doesn’t fill you with dread, we’re not sure what will.

While the Home Office goes on to add in its consultation document that there is a proposed requirement for the home secretary to “consider the necessity and proportionality” of imposing such a duty on businesses, Twitter/X users remain fairly troubled by the prospect:

The Investigatory Powers Act, which was dubbed “the snooper’s charter” by critics when it was first proposed, is separate to the Online Safety Bill, which the government is still trying to pass through parliament.

Sign up to our free Indy100 weekly newsletter

Have your say in our news democracy. Click the upvote icon at the top of the page to help raise this article through the indy100 rankings.