BCS, The Chartered Institute for IT, is now urging Government to fully explore whether reckless disclosure of the public’s data should be included as a criminal offence in the Investigatory Powers Bill presented by the Home Secretary. A members’ survey found that many agreed that it should be a criminal offence if a professional designs and implements a system to store website history and fails to appropriately protect access to that data through the use of good practice in information security (e.g. reckless disclosure).
David Evans, Director of Policy at the Institute says: “The criminal offence around misuse of data outlined in the Bill is welcome, however we can and we must create systems which by default protect against misuse. In an area of critical national importance, it would be reckless and inexcusable for individuals to design data systems which created unnecessary risks to the public, where those risks could have been prevented through known techniques. We believe a double lock to protect against misuse of data would provide greater assurance for the public in how their information is managed in the process of protecting against serious crime.
BCS’ research found, for the first time, how significant the disparity in views are between the general public and IT professionals when it comes to surveillance. About half, 54pc of British adults feel very or fairly comfortable with the security services and police having access to their website history, according to findings from a YouGov UK online survey, compared to just 35pc of IT professionals who feel very or fairly comfortable.
David says: “We often hypothesise about the strength of feeling against surveillance measures from the technology community versus a sanguine public opinion and we now have findings to support it. We need to spend more time discovering the reasons behind this disparity. If the technology community have legitimate concerns, they are not resonating with public feeling. As an organisation with a Royal Charter and purpose to Make IT Good for Society, I want to see society as a whole debate the role technology has in protecting against crime and issues of proportionality.”
The survey also found that 76pc of IT professionals tend to disagree or disagree strongly that in order to protect national security, companies should weaken or defeat their own security measures to provide authorities with access to content that has been encrypted.
David adds: “Whilst government access to services is a useful tool, it is vital that citizens are able to protect themselves from both criminal and foreign state activity. Clarification within the Bill and a clear expression of principle that the security of communications for individuals collectively will not be compromised, is required.
“The government and its agencies should be recognised and applauded for engaging as never before in this public debate. We now urge security services and the wider government to continue their public engagement around the principles in the Bill, ensuring there is an appropriate culture set around the use of these powers, in which this law will be enacted.”
About the surveys
The general public survey was commissioned by BCS and conducted by YouGov Plc during January 20-21, 2016. The sample size was 1694 and the survey was carried out online. The figures have been weighted and are representative of all GB adults (aged 18+). The survey of IT professionals was conducted by BCS among its professional and chartered members. It was conducted online during January 18-28, 2016 and the sample size was 439.
