Read the Original Article at http://www.informationweek.com/news/showArticle.jhtml?articleID=240153755
An unpopular communications monitoring bill some critics called a "snooper's charter" has been thrown out by part of the very same administration that introduced it last June.
Clearly there is some politicking going on, with Deputy Prime Minister Nick Clegg, who leads the smaller Liberal Democrat party declaring on Friday that the Communications Data Bill is toast.
Clegg wrote in The Daily Telegraph that the bill's plan to allow the state to monitor electronic communications fails the test by allowing authorities to increase storage of personal data without solid justification for doing so. Under the bill, British-based ISPs and telcos would have been obliged to keep a record of every website a customer visited, who they communicated with on social networking sites, every voicemail made on Skype, and all emails and texts for a 12-month period.
[ Do you worry about how your personal information is used? You're not alone. Read Consumers Concerned About Online Data Privacy. ]
According to Clegg, such blanket retention of everyone's data goes too far. His party, he stated, cannot permit a significant reduction in personal privacy, based on proposals where the workability remains in question. "There is a careful balance to be struck between security and individual liberty -- a classic dilemma for all governments," he wrote. "But this Bill does not get that balance right."
Clegg contends that the impetus behind the Bill is the right one: How does Britain equip its security agencies to catch criminals populating new technologies? After all, he acknowledged, "the first duty of any government, including this one, is to keep people safe." But it seems practicality as much as political philosophies were at work in the derailing of the legislation, as Clegg pointed out: In practice, such powers would be easily avoided by the tech-savvy criminal.
He also pointed out that U.S. Internet firms like Facebook, Google, Yahoo, Twitter and Microsoft "will not readily accept laws which seemingly give us jurisdiction over their activities abroad." Clegg said these tech firms' legitimate fear is that other countries will seek to do the same as Britain under these proposals, including those less scrupulous in their use of citizens' data. Clegg added that Wikipedia has already promised that, should the changes go through, it would begin encrypting data to protect its U.K. customers. "Far better we focus our time and energy on the sensible and proportionate measures that help keep people safe," Clegg concluded.
Clegg offered an even sharper critique on his weekly London radio broadcast, describing the bill as "neither workable nor proportionate" and stating that the changes "certainly [aren't] going to happen with Liberal Democrats in government."
Other opponents of the bill praised its abandonment. Big Brother Watch claimed the legislation would have made Britain a "less attractive place to start a company and put British companies in the position of being paid by the government to spy on their customers, something that oppressive regimes around the world would have quickly copied."
Getting back to politics, however, the bill might not die in end -- it might instead just be radically altered.
The Prime Minister's office told The Financial Times Friday that internal cabinet discussions are continuing over how to best equip the state to intercept cybercrime and terrorism: "The reality is that the technology changes fast and that issue has not gone away. There are sensitive issues around this; discussions are continuing on how progress is to be made."
So was the bill's rejection a rebellion by a freedom-loving junior coalition party -- or a bit of clever PR to mask a tactical retreat? Probably a bit of both. At least some observers are predicting the return of the bill very soon, albeit in modified form.
People are your most vulnerable endpoint. Make sure your security strategy addresses that fact. Also in the new, all-digital How Hackers Fool Your Employees issue of Dark Reading: Effective security doesn't mean stopping all attackers. (Free registration required.)