UK government plans to spy on email, web and internet phone use

CCTV and laptopThe British government is proposing new legislation which would allow the police and secret service to monitor internet users’ email and web activity.

Unsurprisingly, privacy campaigners are up in arms about the plan which would force internet service providers to give British intelligence agencies’ real-time access to electronic communications.

However, the authorities argue that it is necessary for national security and to fight terrorism, online child abuse and organised crime.

Presently, ISPs keep details of which websites users visit, and who they send and receive emails and internet phone calls from, for 12 months. This information can be accessed retrospectively by investigators, provided the correct legal hoops (such as being granted a warrant from a magistrate’s court) were jumped through.

Sign up to our free newsletter.
Security news, advice, and tips.

Under the new proposals, ISPs would install hardware from GCHQ – the Government’s electronic snooping agency – allowing investigators to tap into a real-time feed of data, and examine when communications were sent, and who to, in order to build up intelligence on criminal activity.

It’s important to realise that what’s *not* being talked about is third parties being able to read your emails. For one thing, seasoned criminals may very well be strongly encrypting their emails anyway – making them impenetrable.

Instead, spooks would be able to snoop on who sent an email, who its intended recipient was, when it was sent and geographic locations.

Nevertheless, there’s still a lot you could glean from such information.

Nick Pickles, director or the campaign group Big Brother Watch, condemned the proposals, comparing them to surveillance in China and Iran:

"[This is an] unprecedented attack on privacy online and it is far from clear this will actually improve public safety, while adding significant costs to internet business. No amount of scare-mongering can hide the fact that this policy is being condemned by MPs in all political parties."

There is likely to be widespread anger about the proposals, from civil liberties groups, internet companies, the online community and politicians (who will fear that backing the plans may hurt them in the ballot box), believing that surveillance in the UK has gone too far.

It remains to be seen whether the legislation will successfully make its way through parliament, but if you are worried that access to the data will not be properly controlled, or simply find the idea deeply troubling, then you may wish to take steps now to protect your communications.

For instance, if you communicate via a web-based service – such as GMail or Facebook – rather than an email client then you may wish to ensure that your communications are encrypted by enabling HTTPS.

Enable HTTPS on Gmail

That way, your ISP will only know that you’ve visited, for example, GMail and Facebook, but won’t know what you did while you were there. The authorities would need to demand information from Google and Facebook to uncover that information.

Furthermore, you may wish to turn to anonymising proxies and Virtual Private Networks to have a much tighter level of control over who can see who you are communicating with, and which websites you are visiting.

I fear that the very people that snooping plans are intended to uncover – serious organised criminals gangs, the high-rolling fraudsters, the child abuse networks – are the very ones who are already using technology to avoid being snooped upon.

There may be some criminals who are caught through such government powers – but at what cost to freedom and privacy?

Image credit: Shutterstock

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.