Facebook, Google, Microsoft, Twitter and Yahoo Balk At UK's Investigatory Powers

Mark Wilson writes: The Investigatory Powers Bill may only be in draft form at the moment, but the UK government has already received criticism for its plans. Today, scores of pieces of written evidence, both for and against the proposals, have been published, including input from the Reform Government Surveillance (RGS) coalition. Five key members of the coalition are Facebook, Google, Microsoft, Twitter and Yahoo. In their written evidence, the quintet of tech companies express their concerns about the draft bill, seek clarification from the UK government, and issue warnings about the implications of such a bill. The evidence (document IPB0116) says that any surveillance undertaken by the government need to be 'targeted, lawful, proportionate, necessary, jurisdictionally bounded, and transparent'. The coalition notes that many other countries are watching to see what the UK does.

stupid uk gov vs big bad corps. which is worse?

[sittingnut]

the curious thing about uk bill is that is is explicit in its intrusive powers. western govs, in past and at present, have been getting these same companies to do what they want without such explicit powers.
they makes a fuss only when all these are publicly exposed. but are quite corporative privately.

Re:stupid uk gov vs big bad corps. which is worse?

[Opportunist]

My guess is that the bill would let the UK demand user data, which is what the five would rather want to sell than to give out for free.

Re:stupid uk gov vs big bad corps. which is worse?

[AmiMoJo]

The problem with the UK system of government is that once a party gets a majority they can pretty much do what they like, and so there isn't really much to stop them just grabbing whatever powers and data they want now. Plus, it is likely that they are using the usual tactic of asking for extreme powers and then "compromising" on the only slightly milder powers they really wanted. Hay, look, they are listening to our concerns!

The written submissions are interesting reading. For example, Trading Standards wants access to enforce trade marks. They want the ability to sift through your metadata to enforce commercial trademarks. This is just to start with, we haven't even had the mission creep yet, and they want to use this hugely invasive tool that other oppressive regimes can only dream about for the relatively mundane purpose of enforcing commercial trade marks. Not paedophiles, not terrorists, companies using branding without permission.

Then they ask if it is really necessary to have judicial review of Trading Standard's requests, because hay they can monitor themselves for abuse and save a bit of time and money. Oh, and anyone who doesn't cooperate should go to jail, because this is Trading Standards, those trade marks are life or death!

It gets worse from there. The Police Chief's council is concerned that hacking will be limited to serious cases only. Even ignoring the flimsy justification, it's a really, really stupid idea because the more police malware is used the easier it will become to get samples, detect and block it. I somehow doubt that foreign anti-virus companies are going to add exceptions for the UK police to target the phones of people posting revenge porn.

Naturally they are worried that the retention term might be reduced from 12 months too, because they prefer to record things forever, e.g. their vast DNA database.

The CPS claims that evidence acquired by hacking will be usable in prosecutions. This is rather worrying. Once a device or computer has been hacked it will be extremely easy to plant evidence on it. The accused will find themselves in the position of having to pay for independent experts to give evidence that the prosecution could have planted incriminating files or metadata, or just written their own log files. They must be planning ways to get around people claiming that they were framed when hacked evidence is used, which is extremely alarming.

The Local Government Association simply lies in their submission. They point out that under existing legislation only 19 out of 6000 data access requests were rejected by courts, but of course don't mention that many of those granted were later found out to be abuses or unwanted mission creep.

Basically government agencies are rubbing their hands with glee at the thought of being able to pry into people's lives, while everyone else is extremely alarmed and vowing to resist.

Re:stupid uk gov vs big bad corps. which is worse?

[IamTheRealMike]

Were quite cooperative. Not any more.

Years ago, companies like Facebook and Google had fairly cordial relationships with police departments around the western world. If a government came and said we need access to account X because we think it's engaged in child porn or terrorism, the companies asked them to fill out the right paperwork and then got on it. Sometimes they'd even tip governments off, if they spotted someone doing stuff that was clearly criminal. It wasn't really an adversarial relationship. There was an assumption of good faith on both sides. The UK was especially dependent on this kind of relationship because it has comparatively little influence over these companies, none of whom have major engineering centers or fixed assets there (the London development offices of Google and Facebook only got reasonably big very recently indeed and neither are critical to the firms).

That all changed post Snowden. You can read about this change in UK newspapers. Post Snowden these companies stopped assuming good faith and started doing everything they could to slow things down, because they were understandably upset that governments had been secretly hacking their systems and intercepting their fibre connections. Google in particular encrypted all the inter-datacenter traffic that GCHQ had been intercepting, which made the intelligence agencies dramatically less useful, as so much of the data they wanted was hosted there. Whereas previously these firms might have not worried too much if the i's and t's weren't dotted and crossed, now they insisted on it as a matter of principle. They started challenging everything automatically. Most seriously of all they started saying "the data for this account is under the control of our US subsidiary so you need to get an MLAT to access it". An MLAT is a Mutual Legal Assistance Treaty and is a process for one country to formally request legal help from another. The MLAT process is extremely slow and bureaucratic so Silicon Valley's newfound insistence that it always be used effectively put a halt to most of the snooping that the UK had been doing.

So now the UK wants their old powers back. What they REALLY want, of course, is for Google/Facebook/Yahoo/Apple to decrypt their wires and devices so GCHQ can go back to snaffling all of it. They know they probably can't get that though, but an automatic "we say jump, you say how high" process with no safeguards and no mutual legal assistance treaties is the next best thing.

The risk here, for the UK, is that the UK needs Silicon Valley more than SV needs the UK. It'd be very easy for Google, Facebook, Twitter etc to simply shut down their offices in London and offer the engineers a relocation package. The sales staff can be rehired elsewhere. They'd rather not do this as it'd be disruptive, but nothing in their business requires a presence in London. It's not like most companies where they have factories and other immovable assets. Google can sell services into the UK from Ireland just fine and did so for years. If the UK pushes these companies too hard there's a risk they'll simply leave. UK isn't going to block these websites. It's clear from comments by Tim Cook especially that this isn't some abstract business decision for these firms, the CEOs see it as a moral issue. Now the Twitter CEO went back to being Dorsey it's possible he'll see things the same way too. Not sure about Facebook but the cultures are fairly similar.

Re:stupid uk gov vs big bad corps. which is worse?

Your description of the United Kingdom's system of government is inaccurate. The majority can't simple "grab whatever powers" it wants. Great Britain has laws and the equivalent of a Constitution (it doesn't exist as a single document, but the equivalent of it exists). The main advantage of having the majority appoint the leader is that they don't have gridlock -- in other words, the elected leadership can actually govern.

But all of that is irrelevant because, just like in the US, these spying powers have widespread among the majority and minority parties, left, right and center.

Re:stupid uk gov vs big bad corps. which is worse?

[thegarbz]

You know what, I'd be happier with someone monetizing my information and giving me something in return than someone else taking it for the sole purpose of oppressing the public and then charging them through the taxation system in the process.

Re:stupid uk gov vs big bad corps. which is worse?

[whoever57]

The idea was that the Lords would keep the Commons in check, unfortunately, the Lords voted themselves into irrelevance a few years ago.

Re:stupid uk gov vs big bad corps. which is worse?

Not a single black person has ever walked this Earth who was not better than you in every conceivable way.

Balance of power

[spiritplumber]

At this point if the UK government annoyed Facebook+Google+Twitter+Microsoft+Yahoo into withdrawing their services from the country, it would damage the government more than it would damage those companies -- the government would blink first.

Re:Balance of power

[sumdumass]

Nah. The government wouldn't blink at all. They didn't in China. BlackBerry got a government to blink though. But none of them pulled out of China and even have a history of sticking around like with the right to be forgotten crap.

The UK is just to big of a market for them to drop.

Re:Balance of power

[91degrees]

The shareholders would blink first. The chairman would be replaced about 30 seconds after suggesting doing something so reckless.

Re:Balance of power

[greenfruitsalad]

UK is a BIG english-speaking market, where people buy more goods online than in any other country in the world ( http://www.telegraph.co.uk/new... ). right now, these companies are just trying to save faces before they start applying lubricant to all orifices. by the time UK government says "bend over", they'll be waiting in line with pants around their ankles.

Re:Balance of power

[Required+Snark]

So now the UK and People's Republic of China are on the same page when it comes to surveillance. They both want 24/7 access to all information on anyone or any organization. It makes you wonder how similar they are on other aspects of power and control.

Of course, here in the US it's actually worse. They go to great lengths to spy on everyone and they don't bother with pesky issues like the constitution or the rule of law. They just do what they want to do and get all the money they need to do it without any debate or oversight. And they lie their teeth out over what they do. I bet the PRC is jealous.

Re:Balance of power

[serviscope_minor]

UK is a BIG english-speaking market, where people buy more goods online than in any other country in the world

The inter-EU trading rules are such that business within the EU is supposed to be very easy. I wonder as a thought experiment, what if they (say) operated the UK business entirely from nearby European countries. They presumably would not be bound by UK law, since they're not operating from there.

I wonder what the costs of decamping would be, and how infeasible it is. Amazon certainly managed just fine when there were big tax implications about not making sales through the UK or anywhere with reasonable levels of VAT.

Re:Balance of power

[Jahta]

The shareholders would blink first. The chairman would be replaced about 30 seconds after suggesting doing something so reckless.

Not necessarily. At the moment the companies have generic products they can offer worldwide. If the UK manages to establish a precedent for getting special treatment, then other countries will be quick to produce their own wish lists. That means a lot of extra cost (and lower profit) when they could simply pull out of the UK and keep offering services to UK residents from beyond the British legal jurisdiction.

The UK will hold a referendum later this year on whether or not to remain in the EU. A lot of big companies have already indicated that they will do exactly that; i.e. pull out of the UK if the UK pulls out of the EU. The UK government don't have as much clout as they think they do.

Re:Balance of power

[Anonymous+Cow+Ward]

UK is a BIG english-speaking market, where people buy more goods online than in any other country in the world ( http://www.telegraph.co.uk/new... ).

Your statement is inaccurate. What your source says is that a higher proportion of Britons buy things online than any other OECD country, but the UK does not buy more goods online than any other country. Per capita, possibly (although the graph didn't show amount spent, only proportion who bought anything), but the US still spends far more as a whole. Furthermore, these five companies - with the exception of Microsoft - don't really sell much *to* people. They'd lose money pulling out of the UK, certainly, but it might still be more cost-effective in the long run.

Re:Balance of power

[IamTheRealMike]

what if they (say) operated the UK business entirely from nearby European countries. They presumably would not be bound by UK law, since they're not operating from there.

They effectively do. Google and Facebook sell to the whole of the EU from Ireland, not the UK. The only presence these companies have in the UK is offices in London and (I think for Google) Cambridge. So, some employees, basically. But that's optional. They could fire all of them and continue selling ads into the UK without issue.

Re:Balance of power

[thegarbz]

Nah. The government wouldn't blink at all. They didn't in China.

The "please vote for us" form of government reacts to such things very differently to the "shut-up peasant!" form of government.

Re:Balance of power

"I often wonder whether we do not rest our hopes too much upon constitutions, upon laws and upon courts. These are false hopes these are false hopes. Liberty lies in the hearts of men and women; when it dies there, no constitution, no law, no court can save it; no constitution, no law, no court can even do much to help it." — US judge and judicial philosopher Learned Hand (1872-1961).

Re:Balance of power

[wyHunter]

Don't forget the USA. We're #1!

Re:Balance of power

[erapert]

The only way to get the former instead of the latter is for the citizens to have weapons. Otherwise, if the government is the only armed entity, there's no way to make them respect the laws that constrain them (the constitution).

Buy guns. Get all your friends to buy guns. Be an honest, careful, and responsible citizen. But buy guns.

Re:Balance of power

[thegarbz]

The only way to get the former instead of the latter is for the citizens to have weapons.

Yeah because your government is a shining example of democracy for the rest to follow. Which makes me wonder if you all believe in your bullshit then why hasn't anyone risen up against your government yet. I mean they are shitting on your constitution as fast as their dietary fibre will push, but you have a gun so you're clearly in control.

Grow up. This isn't directed at you. It's directed at 319 million of my fellow people living on this planet.

Re:Balance of power

[whoever57]

For tax filings Google and Facebook sell to the whole of the EU from Ireland, not the UK.

FTFY

Google has employs plenty of people in the UK with job titles that include "sales". That the "sales" take place in Ireland is merely the way it is reported for tax purposes.

Re:Balance of power

[sumdumass]

If the please vote for us government isn't worried about openly spying on citizens i doubt a couple companies threatening to pull out would scare them. The issue can be spun as they are enabling the bad guys and support them which is obvious by not letting government monitor and catch them.

But it won't come to that. The market is just to big and profitable for the companies to abandon so outside of making noise, it won't come to it. Just like with China and the government knows this.

Here, let me fix that last quote

[93+Escort+Wagon]

"... many other countries are watching to see what the UK can get away with."

Petitions, hah!

So the coalition of tech companies is submitting a petition. Because that always works.

It's not like the effectiveness of petitions was debunked in 1425 BC by Rekhmira, Vizier of Tutmose III... oh, wait.

Hate the uk

[liqu1d]

Although I'm born and bred here I cannot stand the utter lunacy display by the governments. They seem complete Luddites. Any criminals caught by such sweeping powers will be nothing more than token victories. This will do absolutely nothing to touch the ones whom we should worry about. They're supposed to be our leaders not our oppressors.

Re:Hate the uk

[erapert]

Considering that the citizens of the UK aren't armed there's no reason for the government to respect them. Oh, you don't like it? What are you going to do about it, vote? Don't be ridiculous. What proof do you have that the vote isn't rigged? Even if it isn't rigged why should they respect the vote? Again: the citizens can't do jack shit if they can't force the government to obey. If the citizens aren't armed how can they force anything?

Wait for the first CEO

... members of the coalition are Facebook, Google, Microsoft, Twitter and Yahoo.

Normally, the government can wait for the first CEO to stick his neck out, then make an example of him. But pissing-off 5 corporations at once can easily put the UK government under cross-hairs. Normally, government rules are just the cost of doing business but no business can tolerate what is essentially government-sanctioned stealing of their property. These multinational corporations can run a smear campaign at the next election but the new masters will probably want to indulge in the same grand larceny. Another option is creating a new revenue stream, such as their subscriber's wallets. While not leaving the country, the cost to the UK would be immense, while a $40/month (per corporation) subscription fee would compensate Facebook and friends for the hundreds of lost page-views. With a good PR campaign, UK politicians will be left to answer why something that was free, now costs $160/month (eg. Facebook, Microsoft OutLook/OneDrive, Google Calendar/HangOuts, Twitter)

Re: Wait for the first CEO

Said PR campaign from the spying industry would also have to explain to the great unwashed, using simple 5 year old language with words of no more than 2 syllables, how their business model works. After the ensuing great switch off it would be a bit of a pyrrhic victory for them

End-To-End Encrytion is the Issue

[jaa101]

The big issue with the law is that it seems to be banning end-to-end encryption. Right now, when the FBI comes to Apple and says "give us this person's iMessages in clear text" Apple can just respond "we made it so that we have no way to comply". Apple likes it that way, mostly because customers hate being spied on so it's a selling point. The UK is ramping up to say "make it so you can comply in future or else big fines and gaol". And it's going to be hard for Apple to do this just for the UK. You can bet the UK is going to be of the view that they need to be able to see the comms of foreign citizens on UK soil, and of UK citizens overseas. It's just like how California car emission laws have consequences for the whole of the US. In this case a UK law could outlaw strong encryption for ordinary consumers in the whole developed world.

Re:End-To-End Encrytion is the Issue

[johanw]

And then what? There is a lot of free open-source e2e encryption software where no payment processors can be put under pressure. If the UK government demands backdoors from GnuPG, Signal or SMSSecure and they respond with "nuts", there is nothing the UK government can do. They could try to block Signal but that would probably result in them finally making work of a decentralized server setup.

Re:End-To-End Encrytion is the Issue

[AHuxley]

Privacy and anonymity is very hard to recover. Privacy is captured as a plain text message is entered and before it is encrypted at any consumer software level.
Anonymity on average is difficult given every internet connection and cell phone is "networked" back to some company that has to know who is using and paying for network access.
The UK"s telecommunications laws and expectations over the digital generation where formulated from the GCHQ's experiences in Ireland. Every call domestically and in/out of Ireland was collected in full. Special interest went to all US/Ireland communications links using only trusted UK staff, hardware and software.
No company or brand selling in the UK today has escaped that long term, total access responsibility if it wants to sell any networking product or service in the UK.

Re:End-To-End Encrytion is the Issue

[110010001000]

The thing is: no one (less than 1%) uses the free e2e encryption software. People use iMessage, Gmail, etc. So you are hitting 99% of the population.

Re:End-To-End Encrytion is the Issue

They also don't like perfect forward secrecy. End to end is OK, if they can use rubber hose cryptanalysis to obtain the keys and open up the archive of stuff they have intercepted. If perfect forward secrecy is used then getting the key state now doesn't help to get the past data.

Re:End-To-End Encrytion is the Issue

[aethelrick]

Firstly I'd like to go on record and say, I value my privacy and I advocate against the government having the power to bulk-snoop on the country because their bound to upload their findings to a notebook and leave it on a train or something equally stupid. I also appreciate that being able to conduct warranted surveillance of known (or at least reasonably suspected) criminals in order to bring them to justice is a useful tool for our law enforcement agency.

However, regarding your assertion that the law "seems to be banning end-to-end encryption", I would say, go read the draft bill. They actually explicitly rule out looking at communication data content, they are explicitly interested in the point-to-point connection data i.e. who spoke/typed/mailed who and when, not what was actually communicated. They also go as far to state that this should only be possible if you have a warrant issued by an non-political, vetted, transparent, independent authority who's job it is to thwart those who overstep the bounds.

While I agree with the sentiment of your post and I certainly don't want to live in a society where the privacy of it's citizens is routinely invaded. I don't think you're helping the debate by posting spurious assertions

Re:End-To-End Encrytion is the Issue

[aethelrick]

I just read the draft bill... they don't seem to be demanding back-doors to anything, in fact they seem to be saying that they are interested in understanding connection logs rather than communication content. i.e. they want to see something like an itemized phone bill showing who called who, when and for how long. This applies to email and IM as well and also they want to see a big list of sites you visited and when.

I personally object to any information like this being gathered in bulk. I'm less bothered by having this sort of probing done on a case by case basis where a warrant is issued.

Re:End-To-End Encrytion is the Issue

[BitterOak]

And then what? There is a lot of free open-source e2e encryption software where no payment processors can be put under pressure. If the UK government demands backdoors from GnuPG, Signal or SMSSecure and they respond with "nuts", there is nothing the UK government can do. They could try to block Signal but that would probably result in them finally making work of a decentralized server setup.

The key word here software. Yes, there is lots of free open source e2e encryption software, but that doesn't do you a bit of good if your hardware has backdoors! Once they have a backdoor in your hardware, keyloggers can get your passphrases and memory scans can get your encryption keys. Secure software is useless on insecure hardware or insecure operating systems, and that's what this debate is all about: hardware and operating systems.

Bulk data collection is the big issue

Banning end to end encryption is just one small effect. Small because most of them don't offer end to end encryption anyway for most of their products.

The big fat issue here is bulk data collection.

The judiciary in this brave new world, no longer approve individual warrants for individual searches, they approve classes of warrant for a bulk data feed. Similar to the crap the FISA court has been up to.

So instead of approving a warrant for "Abdul and people who communicated with Abdul", they propose that a judge will approve access to Gmail to let GCHQ or police or whatever look for data on Abdul. They then get access to BULK data and are trusted to self police themselves, with minimal oversight.

Really they go fishing, all the targets of their fishing have no access to judicial challenge because they're unaware. The judge is unaware if they've complied with the law. Google would not know, because Google has to hand everything over. The basic protections are removed.

A politician essentially sets the surveillance against the people or opposition or political groups or newspapers or judges or whatever. The judge approves the data feed for a different purpose, but once the data is there, he's out of the loop. And the judicial process can never protect the privacy right because the data is collected in bulk long before it is searched. Instead of Parliament deciding what data can be accessed by what group with force of law, a judge issues a warrant to permit the data, (he can permit or not each individual data grab).

So their demand for this law talks a lot about ISPs and their PR department pretends that an ISP is someone who provides your internet connection. But then there's this "must strip encryption" thing, your ISP does not do the encryption, that's the website. So this law also really applies to the Googles, Facebooks and a million other sites here. It applies to your email provider, to your searches, your discussion forums, banking, medical, everything. As you point out, a site cannot offer end to end encryption because of this law, so your email cannot be end to end encrypted because your email ISP can be required to decrypt it.

Also it exceeds the UK jurisdiction, they seem to believe they should be the world police, but of course every other country, Russia and China will demand the same. So those assholes will:

a) Prevent us getting end to end encryption, as you pointed out.
b) Remove the judicial check from the searches, people's stuff is searched in bulk and in secret.
c) Expose all out stuff to foreign powers who will demand the same access.

Of that b) is the biggest threat to democracy. c) is the biggest threat to business and political freedom, and a) is an obstacle to the proper fix for privacy.

Really, we know what its about. GCHQ has been doing the "bulk data warrants" thing, it fears a legal challenge, it's been lobbying to get a law that establishes the right to define access to bulk ongoing data sets in a warrant (as opposed to a law created by Parliament who have repeated rejected Snoopers Charter), and so we have this grab for power.

IPB0116

Funny the results that come up with you Google IPB0116.....

https://goo.gl/4nVc9M

Why did UK politicians even comment?

[AHuxley]

The UK gov and mil has had total control over all communications systems since 1914.
From the Defence of the Realm Act 1914 https://en.wikipedia.org/wiki/... to every phone line domestically and in and out of Ireland to all calls on Intelsat via CSO Morwenstow/GCHQ Bude.
The ability to collect all and then use parallel construction over the decades was never really fully worked out by the press, lawyers, human rights campaigners, tech experts or academics.

All MI5/6 and the GCHQ had to do in closed courts was to ensure a protected "witness" could be presented to confirm what "collect it all" had originally found.
Legal experts would assume someone had been turned and offer immunity or a deal. Few in public really understood the collaboration between the US, UK tech sectors, academics and the UK gov over decades.
All the UK political experts should have said was that VPN, US consumer grade cryptography, onion routing was a complex issue that the government was spending money on trying to understand over time.

Generations of interesting people would have continued to be fooled into using fully tracked VPN services, gov malware ready cell phones, tracked telecommunications products, junk consumer grade encryption, IP reporting onion routing applications. All networking would have been under full UK gov observation with only hints that sock puppets could have been used to counter.

Projects like Tempora https://en.wikipedia.org/wiki/... would have given the UK the world if UK politics would have just been more vague about global collection.
Why did the UK intelligence services even allow UK political talking points to the formulated and talked about on topics like trapdoors, backdoors, new gov keys to all UK encryption?
Academics and software developers to help to trapdoor crypto by design and sharing of extra keys with the UK gov?

Now everyone knows "Designed in the UK" is code for the UK gov and mil listening in by default over all generations of UK products and brands.
Local manufacture is now synonymous with hardware tracking and default backdoors out of the box.
If only decades of clever policy surrounding crypto ambiguity had been allowed to continue.

China does it so why not?

UK is seeking parity with China. Isn't it only fair that "freedom loving" western civilization give its "rulers" the absolute and iron-fisted ability to oppress that China uses to suppress "freedom" or "economic growth". The two aren't connected, right? Absolute monarchies, despite their textbook economic inefficiencies are great for centralized power and singleness of vision. England has a monarchy, and just wants to return absolute power to it as an example of how Europe can return to feudalism, right? Bah humbug. This isn't going to make anyone safer. This is going to be abused. This is also going to be hacked, and a third (or fourth, or fifth) party is going to siphon that refined resource - amazingly detailed information about citizens, and as a nation-state use it against the best interests of the UK. Only arm your enemy with weapons you can fight against. If you can't beat the Neutron bomb or the MIRV, then do not give it to them.

not massively helpful

So the big opposition comes from a gaggle of American mega companies who shuffle money around to display a paper profit of zero in the UK so they don't pay corporation tax. They are of course completely right in principal, but not the most clean handed lobbying group. The politicians are quite keen to spin it as them screwing over Facebook, Google, Microsoft, Twitter and Yahoo because of terrorism, rather than the reality of screwing over the population of the UK because of nothing.

Not a compelling defense

'targeted, lawful, proportionate, necessary, jurisdictionally bounded, and transparent'.

1. Oh its targeted
2. lawful, we're passing the law right now,
3. proportionate, necessary - we're elected god dammit, we'll decide.
4. jb, its a UK law, what your government chooses to introduce is up to them
5. Transparent, we telling you up front what we're about to do.

If this is their defense I think their SOL.

Re:Not a compelling defense

[nukenerd]

'targeted, lawful, proportionate, necessary, jurisdictionally bounded, and transparent'.

2. lawful, we're passing the law right now

Being from the UK I did not understand that point. If it is introduced as a new law, then anything done under it will be lawful by definition. These companies are USA based and don't seem to realise that there is no higher law in the UK; for better or worse there is no equivalent to the US Constitution. It would have been better if they had left that point out as it only reveals misunderstanding of the way UK law works, raising the question of how they are qualified to comment.

Re:Not a compelling defense

" If it is introduced as a new law, then anything done under it will be lawful by definition"

Perhaps you missed the point, Theresa May admitted they're ALREADY doing it back in November. The 2009 "Mastering the Internet" project went ahead, despite the law that would enable it (aka Snoopers Charter), being rejected by Parliament.

https://en.wikipedia.org/wiki/Mastering_the_Internet

There *is* a higher UK law, the Human Rights Act, both in UK law and a version at EU level. Bulk mass surveillance isn't legal either in UK law or at these higher levels. The police creation of a DNA database was declared illegal because it was mass untargetted (and also no such law was ever passed by Parliament, the police created it because nobody stopped them).

So you basically wanted him to shut-up, but your reason (his failure to understand UK law) was basically bollocks.

Re:Not a compelling defense

[wyHunter]

And our fourth amendment in the USA prevents it too - but it still happens.

Please provide links

[MrKaos]

Would it be possible to provide a link to the draft bill in these stories please?

Re:Please provide links

[AHuxley]

http://www.parliament.uk/busin... is the background.
UK mass surveillance 'totalitarian' and will 'cost lives', warns ex-NSA tech boss (06 Jan 16 )
http://www.wired.co.uk/news/ar... has some more background with the pdf:
Re link to the draft bill https://www.gov.uk/government/...

Re:Please provide links

[MrKaos]

Thank you!

Re: stupid uk gov vs big bad corps. which is worse

Actually the few UK employees Google has would almost be guarenteed a job elsewhere in the industry immediately. And as those yank leeches dodge paying taxes here, good riddance. The only people who really benefit from Googles UK are Google.

Repeat of History

Look, UK Government. Your asses got handed to you in the Revolutionary war. Don't think to yourself anything has changed since then. Your asses will be handed to you yet again.

So what

It is time to kill the new Robber Barons / Oligarchs.

Zucky and company in front of the wall....