CHAPTER 11: SERVICE PROVIDERS
Some of these are also mirrored in the Reform Government Surveillance Principles.
In particular, some service providers emphasised the need for:
(a)
judicial oversight of interception;
(b)
greater controls on bulk collection;
(c)
further controls on the intrusive aspects of communications data access such
as location tracking;
(d)
increased transparency (particularly from the government);
(e)
strengthened accountability; and
(f)
government to take the lead on resolving jurisdictional conflicts.
11.30. UK companies were nevertheless generally sceptical of the prospects of a new single
international regime, as advocated in the Reform Government Surveillance Principles,
and would be concerned if it increased compliance costs or other reforms had an
impact on their competitive position.
11.31. Whilst there was no unanimity on desirable changes in oversight and approval practice,
there was an expectation that change would be required to satisfy increasing demands
for privacy.
11.32. The UK companies were generally united on a number of other points, which I discuss
below.
(a)
The current arrangements for cost recovery by companies undertaking
interception or providing data were widely applauded and, whilst there was some
wish for them to be improved from the companies’ perspective, their existence
was seen as a strength of the UK arrangements that should be preserved.
(b)
The cost recovery arrangements do not however entirely offset a widespread
concern by UK-based companies that investigatory powers arrangements could
adversely impact on their competitiveness. I was told that government
surveillance requirements do have a significant technical impact. Companies
were concerned to preserve what they would regard as a level playing field in the
market: in other words, that the burden of complying with investigators’ needs
should not fall disproportionately on UK-based providers, or certain UK-based
providers. This was one of the major concerns with the 2012 Communications
Data Bill. I was repeatedly told that it was not the job of UK companies to resolve
the challenge of encryption of communications carried on their infrastructure,
even if they could. They were therefore generally opposed to having to store
third-party data in their systems, in the way that had been proposed in the 2012
Bill. The thrust of their concerns was that the Government should by whatever
means press the OTT providers to play their full part in meeting the surveillance
requirement.
210