Concerns Over The Passing of New ‘Hacking on Demand’ Law

Written by Pronetic

Pronetic is a leading provider of core IT support for ISO 27001, Cyber Essentials and Cyber Essentials Plus compliance.

March 17, 2016

A recent article in Computer Weekly has highlighted how the Investigatory Powers Bill could see IT companies being forced by law to use hacking on demand to help the UK government with aspects surveillance or face serious criminal charges!
Most people in the UK would find it difficult to deny that we as a country face many different kinds of threats at home and worldwide. What is causing some surprise however is the extent, scope and potential impact of a new UK law that could grant the UK government unprecedented powers over IT Companies and their customers.

What Law?

The Investigatory Powers Bill also known by its critics as “Snoopers’ Charter” is a new law that is has been introduced by the Home Secretary Theresa May. The government say that the legislation which will grant them an unprecedented amount of Internet surveillance powers will help them to fight terrorism, organised crime and paedophilia. The new law which was passed on the 3rd attempt by the government to grant itself far reaching surveillance powers follows on from the rejected Communications Data Bill and the compromise version of the Data Retention and Investigatory Powers Act.
In the lead up to the law being passed in the House of Commons concerns had been expressed also that MPS were given only 2 weeks to read an additional 1,200 pages of accompanying documentation prior to having to vote on it

What Is The Problem?

Some of the main concerns that IT companies have with the legislation centre upon the fact that it could be used to force them to essentially hack on demand on behalf of the government. The legislation also includes some potentially serious penalties for individuals at IT companies who fail to co-operate with or disclose the fact that they have been given surveillance requests by the government. Some parts of the law that are causing concern among IT professionals include:

  • Any UK ICT business can be secretly forced to carry out equipment interference and make changes to their products and systems to allow security protection to be broken, and to allow their “bulk personal datasets” to be stolen and added to intelligence systems.
  • IT companies could be made to push malware code to devices e.g. disguised as fake updates.
  • Universities, schools and businesses could be served with hacking notices.
  • Simply disclosing the fact that you have received a notice by the government to act on their behalf in this way could result in maximum jail term of 5 years.
  • IT start-ups could be required to build in government hacking or interception systems from the start.
  • There may be no safeguards for companies or IT staff who take part in e.g. hacking or the planting of malware.

What Does This Mean For Your Business?

This could of course mean that, depending what kind or organisation you work for you could be asked to take part in hacking and surveillance activities. Your details could be collected covertly as part of this legally enforced surveillance, and you could be using IT products and software that could no longer be described as being completely secure. On the positive side of things, if the law is used well and successfully to counter e.g. terrorism and organised crime there could be wider benefits for all in our daily lives.

You May Also Like…

0 Comments

Why Choose Pronetic

We Are ISO 27001 & Cyber Essentials Plus Certified

Be reassured that we have been externally audited. You can have complete peace of mind that the team managing your IT systems and safeguarding your data are independently vetted annually.

Seamless & Comprehensive IT Support

Our investment in people, tools and processes, continuously improved, ensures that we don’t just deliver exceptional I.T. support but include your compliance to Cyber Essentials or ISO 27001 “baked-in”. Yes, that means no more annual headaches and stress when your certification comes round.

Expert Support Money Back Guarantee

We're confident in the value we deliver. That's why we offer a 90-day, no-quibble money-back guarantee. If, for any reason, you're not completely satisfied with our IT support services, we'll provide a full refund and cancel your contract without any hassle.

Book Your Free IT Strategy Call Now!

Simply Fill In The Form Below To Receive Your Free IT Strategy Call:

By submitting this form, you consent to us using your personal information to contact you. For more information please see our privacy policy.