show image

Lords ask: what now for Investigatory Powers following Brexit vote?

“techUK asserts that the bill threatens to undermine trust in the UK’s digital economy, with its 1.5 million jobs and 15 per cent of GDP,” so highlighted Labour’s Lord Beecham in the House of Lords’ second reading of the Investigatory Powers Bill.

“To what extent, therefore, will the government, including the Treasury and BIS, engage with the industry and indeed with the EU on these issues, and will they consider bringing forward amendments in these areas?”

Along with the well-documented concerns around citizens’ rights, both business and Brexit got a fair hearing during the debate last night.

The proceedings would have looked truly different had last week’s events ‘gone to plan’. No doubt many speeches were added to in haste over the weekend.

Lord Rosser, as flabbergasted as the rest of the nation that no plans appear to be in place, noted that Brexit had never even been considered as the bill passed through the Commons.

“What happens if the present level of co-operation is scaled down? If it were scaled down, would it happen only from the day we left the European Union or would it start to happen earlier?

“The resignation of our European commissioner does not suggest that our involvement with and influence in the European Union and European organisations will continue at the present level until the necessary negotiations on our withdrawal have been completed.”

Echoing this, Baroness Hayter of Kentish Town asked if the bill would need to need to be amended to reflect our new situation.

“Given that we will leave the EU, are changes now needed to the Bill to retain the close working relationship we have with those allies, with whom we will now be in a slightly different relationship?”

Liberal Democrat Lord Strasburger raised an even graver concern post-Brexit.

“The events of the last few days have demonstrated how volatile our politics have become and how quickly ruthless politicians can replace more moderate leaders. That means that we must be even more careful about what powers we give the government to spy on us.

“Make no mistake — this is not an exaggeration — as it is currently drafted, and in the hands of an extreme Government, the Investigatory Powers Bill would be a toolkit for tyranny. The powers in it and the data that would be collected on all of us would be a grave threat to our freedom and our democracy if exploited by those who would oppress us.”

Responding to these newly raised issues, the Home Office spokesperson Lord Elie simply assured peers that it is “not considered that that will be an issue for the Bill as it proceeds”.

“Of course, negotiations will take place over the coming weeks and months with regard to our situation and the EU, and these will clearly need to take account of our security and the need for cross-border co-operation in the area of security and the need for further co-operation beyond that.

“But let us remember that we already co-operate with many countries beyond the European Union in matters of security. Noble Lords will be familiar with the “Five Eyes”, which includes the United States, Canada, Australia and New Zealand.”


The Lords counts a former chairman of PayPal Europe, Lord Birt, and the current CEO of TalkTalk, Baroness Harding of Winscombe, Dido Harding, among its ranks.

Indeed, Lord Paddick, once the UK police’s most senior openly gay police officer, used TalkTalk as an example in his criticism of the new power to retain ‘Internet Connection Records’.

He pointed out that, while he was married to his former wife and exploring the idea that he might be gay, his web browsing history would be stored, could potentially be used against him and that may have discouraged him from seeking advice online.

“Even if the police were to be trusted completely, massive pools — oceans — of data in the custody of private companies such as TalkTalk, one of the internet service providers that will be asked to store such data, would be sitting ducks for hackers, criminals, blackmailers and hostile foreign powers.”

He also pointed to the fact that security services have not actually requested this power, accusing the government of overreaching in order to avoid criticism later on.

Lord Strasburger was likewise critical of the desire for website visit data to to logged and stored for 12 months.

“The only new power in the Bill, as has already been said, concerns internet connection records, which are highly intrusive, difficult and expensive to implement and of no interest whatever to the security services. They were abandoned in 2014 in Denmark, the only country that has tried to do this before, because they failed to deliver the expected benefits.”

He also took aim at bulk surveillance powers, which are currently being independently reviewed by David Anderson QC. When they were used in the US, Lord Strasberg argued, they “were found to have made no serious contribution to detecting and preventing crime, and were discontinued”.

The peer criticised two new clauses added to protect people’s privacy at the request of the Intelligence and Security Committee for still not being clear enough.

He also pointed to loopholes exploited by governments in previous legislation, calling them “buffet clauses” or “help-yourself provisions”, and urged his fellow members to ensure these did not exist in the Investigatory Powers Bill.

Home Office spokesperson, Lord Elie, condemned the evidence of his fellow peers.

“What I will say is this: clearly, the data are retained by the service provider and those service providers are bound by various data protection obligations with regard to the security of those data, and that will continue to be the case.

“As regards the period of retention — 12 months — that reflects the requirements of the police in the context of the sorts of investigations that are carried out by reference to these kinds of data; that is, telephonic communications data and the like,” he added.

Speaking to his experience at PayPal, Lord Birt flagged the need to tackle online fraud as a key component of attempts to tame the internet.

“We do not know the full cost to the UK economy, and others, of online fraud but, from my own experience, I suspect that it runs into tens of billions,” he said. “During my 10 years at PayPal, I saw multiple attempts to persuade governments to tackle fraud, and they come to naught.”


Lord Paddick was keen to highlight the cost and perhaps ever more onerous requirements for tech companies implementing such systems:

“Internet service providers reckon that this will cost more than £1 billion in set-up costs alone. The measure may not provide the police with the website someone has visited because it is so easy to conceal it.

“It will not give the police any information about whether, or with whom, someone was communicating without making further inquiry of other companies such as Facebook, because almost all online communication is encrypted.”

Baroness Harding of Winscombe, the head of TalkTalk, echoed the concern about how much tech companies might have to shell out.

“A number of domestic communication service providers, including my own, have questioned the Home Office’s cost estimates,” she said.

The figure cited by Lord Paddick was, however, disputed by Lord Elie. 

“So far as cost is concerned, the noble Lord, Lord Paddick, cited a figure of £1 billion. I know not where that figure came from, but the considered opinion of the Government is that the cost will be in the region of £174 million over 10 years.

“Of course, that cost is not to the service providers but will be met by the Government where it is reasonably occurred by the service providers when and if they are required to retain the relevant data.”

Conservative peer Baroness Harding said she was, overall, happy with the provisions outlined so far.

“In principle, it is feasible for communication service providers to store internet connection records,” she said.

“It is, however, a non-trivial task, and the Government will have to work closely with them for some time to ensure it is achieved in a proportionate, practical and cost-effective way.

“Different businesses’ networks are configured in different ways, so the flexibility the bill allows for different approaches is a practical and pragmatic way forward.”

She said there was “more work to do” to help companies understand their obligations, as well as the cost implications,

“But this is to be expected with new obligations, and the bill as drafted provides the industry with the right safeguards that businesses need.”

The government spokesperson did not appear terrifically moved by issues raised by peers on behalf of business, particularly given the new situation we find ourselves in.

Now, more so than ever, risk and cost will be increasingly difficult to predict.