What impact will the Counter-Terrorism Bill have on our rights under the Data Protection Act?

read time: 3 mins
15.12.14

As we all know the threat of terrorism is very real, with technology such as smart phones providing instant access to platforms that are being used to promote illegal activity. Webpages and free social network groups allow terrorists to rally support amongst a large group of followers. Recent reports exposed Michael Adebowale's use of Facebook to promote terrorism, and countless stories of British jihadists travelling to Syria highlight the ever increasing threat we face in the UK.

One question does remain, however; are the British government using these stories to force some fairly draconian legislation through parliament in the form of the Counter-Terrorism and Security Bill (the "Bill"). Many view this Bill as an attempt by the government to resurrect the previously scrapped Communication Data Bill, more commonly known as the 'Snooper's Charter'.

The Bill, which was presented to Parliament on 26 November 2014, is the latest attempt to legally retain communication data in order to investigate terrorism and serious crime. Part 3 of the Bill attempts to further extend powers introduced by the highly criticised Data Retention and Investigatory Powers ("DRIP") Act that was fast tracked through parliament earlier this year as emergency legislation!

The Bill proposes that public telecommunications operators will be required to retain "relevant internet data", which includes IP addresses. It is clear that an IP address is personal data where it can be used to identify users. The new requirements under the Bill would oblige internet and phone companies who are served with a notice to generate, retain and hand over records containing this personal data to the police and security services. Logistically it will be extremely onerous for such operators to comply with this obligation as this is not currently data that they retain; there is also the added complication that IP addresses are shared by users and change (for example when a modem is switched off and then back on again).

The Bill has been criticised by privacy groups who argue that this unfairly infringes privacy and data protection rights set out in Article 7 and Article 8 of the EU Charter of Fundamental Rights. The European Court of Justice ("ECJ") have expressed previously that any rights should only be breached where the data is restricted to a particular time period, a geographical zone, persons likely to be involved in a serious crime or persons who could contribute to the investigation of serious crimes.

The Internet Services Providers Association have also criticised the Bill, stating that there has been a lack of consultation with the industry. This lack of consultation is remarkable given the significant changes that these organisations will need to comply with if the Bill becomes law.

I agree with Shami Chakrabarti that there is nothing wrong with the targeted investigation of terrorist suspects, but yet again the government is looking to introduce a mechanism by which they can carry out blanket surveillance of the entire population, other than those sophisticated criminals and terrorist organisations who no doubt will be able to continue to hide their online identities.

Is this an attempt to win more votes in next year's general election, or is it a genuine improvement to our national security?

Sign up for legal insights

We produce a range of insights and publications to help keep our clients up-to-date with legal and sector developments.  

Sign up