show image

“The maths behind the Investigatory Powers Bill just doesn’t add up”

Maryam Ahmed is studying for a PhD at the University of Oxford, specialising in Artificial Intelligence, and is the co-founder of tech startup Cuppr. She was also the first ethnic minority President of the Oxford University Conservative Association

The Investigatory Powers Bill, or Snooper’s Charter, is back in Parliament this week for a third reading.

Therea May’s latest pet project requires telecomms providers to store records of every UK internet user’s browsing history, phone calls, text messages, social media activity and emails on a one-year rolling basis, and gives the intelligence services carte blanche to rifle through this information without a warrant.

Put simply, this Bill outlines Europe’s most ambitious state surveillance program and appears to be the product of an evening spent drunkenly throwing darts at a copy of Orwell’s collected works.

It’s been called a “world-­leading embarrassment” by Liberty and a “frankly disgraceful piece of legislation” by former Conservative leader David Davis, and rightly so.

Humanities grads drafting tech legislation

Ideological gripes aside, this Bill clearly hasn’t been drafted by anyone with even a cursory knowledge of what the internet is or how it works, is barely possible to implement, and certainly won’t help us “take the fight to the terrorists” as promised by Phil Hammond.

In fact, its only real use is to serve as a cautionary tale on the dangers of asking humanities graduates to draft a highly technical piece of legislation.

Let’s take a closer look at internet traffic in the UK, which recently hit 27 exabytes of data per year,­ that’s the equivalent of 4.4 million years of continuous Netflix streaming, 5 trillion repeat plays of Bohemian Rhapsody, or 2.7 quadrillion pages of A4 text stretching 0.1 light years into space.

All this information­ known within the scientific community as a ‘whole shedload’ would need to be processed, summarised and stored as a list of ‘Internet Connection Records’ under the Investigatory Powers Bill.

Industry leaders are a tad hazy on whether harvesting at this scale is technologically possible, or what an ‘Internet Connection Record’ actually is.­

Adrian Kennard, owner of telecomms provider Andrews & Arnold, recently wrote that most firms “do not have that data, or the equipment to generate or retain that data”.

Heck, it turns out not even Uncle Sam can handle that much data, with the NSA’s
former Technical Director admitting that searching for needles in such a huge haystack left his staff “overloaded”.

Billions needed for hardware and storage

Unsurprisingly, the budget for implementing this whole mass surveillance malarkey appears to have been formulated by a Home Office analyst who dropped the ‘E’ in PPE at the earliest possible opportunity.

Data storage on this scale calls for a whole lot of hardware­, around £2bn worth based on a conservative reading of the government’s own estimate from the failed Communications Data Bill,­ plus a casual few million per year for energy, cooling, security and maintenance.

That works out to slightly more than the government’s estimate of £174m over a
decade, raising the pertinent question of who’s expected to foot the bill.

If not the taxpayer, will telecomms providers have to cough up? EE doesn’t even have enough cash to keep subsidising half price cinema tickets and if Vodafone hikes up the cost of using Snapchat abroad by a single penny, there will be rioting on the streets.

I suspect we’re going to struggle a bit here.

But, having overcome all these trifling technical hurdles and fiscal impossibilities, surely the Investigatory Powers Bill will at least help us nab the paedophiles and terrorists that Theresa May is after? Well, no.

Nowadays, the discerning villain has at his or her disposal a huge array of tools to make them essentially untraceable online,­ from virtual private networks and encrypted messaging services like WhatsApp, to the excitingly named Dark Web.

So any bad guy worth their salt probably won’t be plotting attacks using their BT Broadband connection­ unless, of course, they’re just that supremely stupid, in which case we won’t need mass surveillance to catch them, we’ll just need to look out for the
goofball trying to buy fifty litres of bleach from his local Morrisons.

NS Tech’s guest opinions are an opportunity for expert and interesting people to put their views to the test. They do not necessarily represent the views of NS Tech