By Graham K. Rogers

The ways in which authorities seek to track and control users on the Internet has come in for as much scrutiny as governments would like to impose on their citizens. As well as outsiders, such as Edward Snowden who blow the whistle, having decided enough is enough, insiders too, will put the brakes on from time to time.

One of the front runners for demanding control is Britain's Teresa May, current Home Secretary (Interior Minister), whose insistence on legislation has put her at odds with many. Her most recent attempt at gaining access to the information of ordinary people, the Investigatory Powers Bill, has just received another setback.

The Science and Technology Committee, a Select Committee examining the Bill, has just published its report with a number of criticisms. Some of these criticisms have already been voiced by others and include the doubtful value of allowing access to encrypted communications.

The Select Committee report comments on this and also adds that this type of access would have serious economic effects that could damage the economy and could undermine the technology sector, "because of uncertainty about the costs of complying with the new legislation".

Some points in the report comment on costs: Select Committee pages, are

• UK businesses must not be placed at a relative commercial disadvantage to overseas competitors by the proposed measures,

• costs of implementing the additional data storing measures in the draft Bill should be fully met by Government.

Commenting on the Bill, the Chair of the Committee, Nicola Blackwood, states,

It is vital we get the balance right between protecting our security and the health of our economy. We need our security services to be able to do their job and prevent terrorism, but as legislators we need to be careful not to inadvertently disadvantage the UK's rapidly growing Tech sector.

She adds, on the Bill and the doubts that have been expressed, particularly over its ambiguous phrasing,

The current lack of clarity within the draft Investigatory Powers Bill is causing concern amongst businesses. There are widespread doubts over the definition, not to mention the definability, of a number of the terms used in the draft Bill. The Government must urgently review the legislation so that the obligations on the industry are clear and proportionate.

And on the practical nature (and desirability) of collecting and storing the huge amounts of data that the Bill would authorise, she comments,

There remain questions about the feasibility of collecting and storing Internet Connection Records (ICRs), including concerns about ensuring security for the records from hackers. The Bill was intended to provide clarity to the industry, but the current draft contains very broad and ambiguous definitions of ICRs, which are confusing communications providers. This must be put right for the Bill to achieve its stated security goals.

Summarising, the Committee report suggests that many terms are inadequately defined; the ways in which encryption might be used need clarifying and that this is undesirable in some circumstances; and that codes of practice need to be refined and set out far more clearly.

This is a hurdle in a piece of legislation that the current government has tried a number of times (in different guises) to put through. This is only a minor setback, but it clearly shows that even within government, there are major concerns about the heavy-handed approach that some politicians (or perhaps their masters in the security services) have tried to take.

The report on the Bill is available through the links on the Commons Select Committee pages.

Graham K. Rogers teaches at the Faculty of Engineering, Mahidol University in Thailand. He wrote in the Bangkok Post, Database supplement on IT subjects. For the last seven years of Database he wrote a column on Apple and Macs. He is now continuing that in the Bangkok Post supplement, Life.