Earlier this month the UK Government passed a new piece of legislation that gives authorities unprecedented access to our internet habits and could bring about far-reaching implications in the realm of data privacy. Dubbed the Snooper's Charter, the parliamentary bill extends the level of access police and intelligence agencies have to citizen's communications data and allows them to collect information on people's phone calls, text messages and social media conversations upon request.
The main focal point of the Snooper's Charter – officially called the Investigatory Powers Bill – is the extension communications data that authorities will be able to access, which now includes internet connection records (ICRs). Under the Investigatory Powers Act 2000, 28 government organisations could request access to certain communications data if deemed to be in the interest of national security.
Under the new Investigatory Powers Bill, this has now been extended to 48 organisations which now also have the power to snoop on citizen's browsing histories.
The full list has been laid out by Chris Yiu, general manager for Scotland and the North East at Uber, and has been taken from Schedule 4 of the Investigatory Powers Act 2016. As well as national police, intelligence and military forces, the powers also extend to the Food Standards Agency, the Gambling Commission and HM Revenue & Customs.
Snooper's Charter: Who can see my browsing history?
- Metropolitan police force
- City of London police force
- Police forces maintained under section 2 of the Police Act 1996
- Police Service of Scotland
- Police Service of Northern Ireland
- British Transport Police
- Ministry of Defence Police
- Royal Navy Police
- Royal Military Police
- Royal Air Force Police
- Security Service
- Secret Intelligence Service
- Ministry of Defence
- Department of Health
- Home Office
- Ministry of Justice
- National Crime Agency
- HM Revenue & Customs
- Department for Transport
- Department for Work and Pensions
- NHS trusts and foundation trusts in England that provide ambulance services
- Common Services Agency for the Scottish Health Service
- Competition and Markets Authority
- Criminal Cases Review Commission
- Department for Communities in Northern Ireland
- Department for the Economy in Northern Ireland
- Department of Justice in Northern Ireland
- Financial Conduct Authority
- Fire and rescue authorities under the Fire and Rescue Services Act 2004
- Food Standards Agency
- Food Standards Scotland
- Gambling Commission
- Gangmasters and Labour Abuse Authority
- Health and Safety Executive
- Independent Police Complaints Commissioner
- Information Commissioner
- NHS Business Services Authority
- Northern Ireland Ambulance Service Health and Social Care Trust
- Northern Ireland Fire and Rescue Service Board
- Northern Ireland Health and Social Care Regional Business Services Organisation
- Office of Communications
- Office of the Police Ombudsman for Northern Ireland
- Police Investigations and Review Commissioner
- Scottish Ambulance Service Board
- Scottish Criminal Cases Review Commission
- Serious Fraud Office
- Welsh Ambulance Services National Health Service Trust
What will each organisation be able to see?
Under the act, communications providers will be required to store ICRs on every UK citizen for up to 12 months, and hand them over to any of the 48 listed organisations upon request. While this doesn't amount to a full log of a person's browsing history and their activity within each website, it does include the record of each website visited and the services accessed during an internet session.
Critics have labelled the Snooper's Charter "draconian", with civil rights group Big Brother Watch calling the act "an intrusive record of our lives". The act will be signed into UK law by the end of 2016.
"Our online searches can reveal more about us than we realise. They can reveal our health and finances, our sexuality, race, religion, age, location, family, friends and work connections," Big Brother Watch said in a statement. "They can also reveal our internal thoughts, anxieties and desires, information we won't even share with the people we trust the most.
"Our basic browsing history is considered to be personal information. Intrusion into this data could potentially breach Article 8 and Article 10 of the Human Rights Act, namely a right to respect for private life and the right to freedom of expression and information."
Most recently, the Open Rights Group launched a petition calling for the Investigatory Powers Bill to be repealed.
Executive director Jim Killock said: "The IP Bill was debated and passed while the public, media and politicians were preoccupied by Brexit. Now that the bill has passed, there is renewed concern about the extent of the powers that will be given to the police and security agencies.
"In particular, people appear to be worried about new powers that mean our web browsing activity can be collected by Internet Service Providers and viewed by the police and a whole range of government departments.
"Parliament may choose to ignore calls for a debate but this could undermine public confidence in these intrusive powers. A debate would also be an opportunity for MPs to discuss the implications of various court actions, which are likely to mean that the law will have to be amended. "