Our very own Snoopers Charter expert and COO Jay George was interviewed by Alexis Conran on his weekly show, The Radio Hustle, regarding the recently passed Investigatory Powers Act. The Act was granted royal assent just before Christmas, cementing it in UK law and legitimising state surveillance powers and bulk data capture on an unprecedented scale.
Privacy advocates have come out in force against the powers which go as far as allowing law enforcement agencies to hack devices en masse if they see fit in the course of their investigations, which could lead to the installation of backdoors on company networks. With the ever-increasing sophistication of cyber attacks seen lately, it takes no huge leap of the imagination to consider the possibility that these law enforcement agencies aren’t the only people who will be able to locate and covertly access these backdoors.
We’ve been tracking the law since its inception and have watched its progress from the Draft Communications Data Bill way back in 2012 through to its current, and final incarnation. As the bill progressed through the Houses, there came calls for weakened encryption on communications, and the law as it stands allows a simply staggering list of government agencies access to our personal data – as Jay elucidated on Saturday’s programme.
“We can’t just say that ‘the data I have isn’t going to get hacked,’ because it clearly does – it happens all the time.” – Jay George, COO at Commissum
Other aspects of the bill were put under scrutiny by Alexis and Jay, including the law’s requirement that communications providers maintain ‘internet connection records’ on all their customers – a bank of data that could easily be used to construct a comprehensive picture of an individual’s personal details, including their pain points and worries, which theoretically could be used to exploit them for financial gain or leverage.
The show can be listened to on the talkRADIO website in podcast form. You can listen to the interview with Jay below.
Commissum are experts in compliance and cybersecurity. Whether it’s the Investigatory Powers Act, GDPR, ISO 27001, or any other aspect of cybersecurity legislation or certification, we can assist in all aspects of preparing your organisation to ensure it stays secure as laws and threats shift and evolve.