Spying or security? British government presents new legislation to give authorities ‘licence to operate’

Britain's government published proposals for new internet spying laws on Wednesday to keep pace with the digital age, including allowing the intelligence services partial access to a suspect's internet browsing history.

Home Secretary Theresa May hailed the draft legislation as a “world-leading oversight regime”, but a leading rights group described the proposals as a “breathtaking attack” on Britain's online security.

“Today we are setting out a modern legal framework, which brings together current powers in a clear and comprehensible way,” May told parliament. “This new legislation will underpin the work of law enforcement and the security and intelligence agencies for years to come. It is their licence to operate.”

May sought to assuage fears that the new powers would be intrusive, and rejected reports that the bill would ban encryption or force British companies to capture and retain internet traffic from abroad. Crucially for companies such as Google and Facebook, the proposals would not force foreign-based companies to meet “domestic retention obligations” for communications data.

However, the security services would be able to access Internet communication records, which show which online services were accessed by a suspect and when. This would show that a messaging service such as Facebook or WhatsApp had been used, but not the content of messages or their recipient.

The bill also allows security officials to see which websites a suspect had accessed, but not which pages were viewed within those sites.

“Some have characterised this power as law enforcement having access to people's full web browsing histories. Let me be clear: this is simply wrong,” May said. “An internet connection record is a record of a communications service that a person has used, not a record of every webpage they have accessed.”

These records would have to be held by service providers for 12 months.