Today, the UK government has published a report on digital privacy supporting the compulsory mass collection of data for both domestic and “extra-territorial” web traffic.
The government tasked David Anderson, an independent UK lawyer, to investigate how the country's anti-terrorism and espionage laws work in practice and what needs to change. The report titled A Question of Trust supports the bulk collection of internet traffic and user data, including information held on servers outside of the UK.
An excerpt reads:
“Pending a longer-term and more satisfactory solution, the extraterritorial effect in DRIPA s4 should be maintained.”
The “extra-territorial effect” is later described as follows:
“In respect of interception warrants, under RIPA s11(4), any person is obliged to take steps to give effect to a warrant served on them whether or not the person is in the United Kingdom.”
The report acts as a green-light for the Data Retention and Investigatory Powers Act of 2014 (DRIPA2014), often dubbed the “Snoopers' Charter.”
The DRIPA 2014 bill has previously been blocked by the left-wing coalition partners in the last UK government. However, now with the 2015 election restoring a right-wing majority, opposition to the law is likely to be low.
Explaining how he sees future legislation taking shape, Anderson outlines a set of recommendations, including “maintaining, subject to legal constraints, existing capabilities relating to compulsory data retention as provided for by DRIPA 2014 and formerly under an EU Directive.”
For businesses in the UK, the proposed rules are worrying as they outline how the government can request encryption keys. In light of this, London based cryptography startup Eris Industries has already moved its operations to the United States, where the legal environment is less burdensome.
“If this Bill is passed into law, we are likely to see a mass exodus of tech companies and financial services firms alike from the United Kingdom. We are happy to lead the charge,” explained Preston Byrne, COO and general counsel for Eris Industries.
In an interview with Cointelegraph, Byrne also stated:
“This is a red line for us, and should be for every blockchain firm. Distributed systems don't work without secure cryptography.”
The bill introduces obstacles for companies that rely on strong cryptography for their services, many of which are part of London's booming FinTech sector that already employs over 44,000 people.
The report also cites Bitcoin both as the supporting currency of the Silk Road marketplace and also as a technology powering the growth of the decentralized internet. It reads:
“The purpose of a project called Ethereum is to ‘decentralise the web’: it seeks to do this by using the technology behind the Bitcoin currency and applying it to a variety of services. Maidsafe provides a decentralised internet platform by using the spare space on users’ hard drives to store data rather than the servers of large tech companies.”
The report does not make recommendations about how the government should approach the growth of the decentralized web, only noting the challenges it creates for the work of the security services.