Home Office refuses to reveal Theresa May’s internet history - says request is “vexatious”

Profile picture for user ddpreez By Derek du Preez December 27, 2015
Summary:
An FoI request asking to reveal details of the Home Secretary’s browser history has been denied by the Home Office, claiming it would be vexatious. Oh the irony…

theresa may
Home Secretary Theresa May

One of the UK’s national newspapers, the Independent, has pulled a rather entertaining stunt to highlight the problems pertaining to the government’s proposed Investigatory Powers Bill. The paper submitted a Freedom of Information request to the Home Office asking for Home Secretary Theresa May’s browsing history for the last week of October (excluding any information relating to security matters).

Their argument being: if Theresa May wants extensive access to the general public’s browser history under the new legislation, can we also have access to hers?

Unsurprisingly, the request was denied by the Home Office, which said that the Independent was being vexatious - which is one of the key reasons to deny an FoI and in legal terms means “an action that is brought without sufficient grounds for winning, purely to cause annoyance to the defendant”.

Under the newly proposed Investigatory Powers Bill the government will require web and phone companies to store the records of every citizen for at least a year, so that the police and security services could access it if required.

Not only this, but companies will be obliged to assist the government with bugging phones or computers or helping it bypass encryption to access message information.

Although the Home Office didn’t respond to the Independent’s Freedom of Information request within the required legal timeframe, it did eventually deny the information by stating:

We have considered your request and we believe it to be vexatious. Section 14(1) of the Act provides that the Home Office is not obliged to comply with a request for information of this nature.

We have decided that your request is vexatious because it places an unreasonable border on the department, because it has adopted a scattergun approach and seems solely designed for the purpose of fishing for information without any idea of what might be revealed.

I’m sure many would argue that the government’s approach to data surveillance (i.e. bulk collection without any idea of what might be revealed) could also arguably be considered ‘vexatious’ by many law-abiding British Citizens, but that doesn’t seem to be a concern to the Home Office at this point in time.

The crux of the problem

However, as entertaining as the Independent’s stunt is (the Home Office rejecting the request has actually done the paper a favour, as it reinforces its point), the main issue here is that there is a proper governance system in place to appeal and review the decision pertaining to the Freedom of Information request - which is arguably not the case for the proposed Investigatory Powers Bill.

The Freedom of Information Act states that anyone issuing a request has the right to appeal the decision to deny by a public body, by issuing a complaint to the Information Commissioner’s Office. Although these appeals have proven to take time and not be terribly efficient, they have been upheld in the past and are an effective ‘control’ that has been put in place to ensure that the government is being held to account.

Is the same true of the Investigatory Powers Bill? Can it be held to account for its decisions to access huge swaths of personal data? Whilst many believe that some sort of powers need to be given to the government to allow for surveillance, controls are absolutely critical to ensure privacy for citizens.

The draft legislation states that the law “strengthen safeguards and introduce world-leading oversight arrangements”. It continues that the Investigatory Powers Bill will:

Introduce a ‘double-lock’ for interception warrants, so that, following Secretary of State authorisation, these – and other warrants – cannot come into force until they have been approved by a judge. And it will create a powerful new Investigatory Powers Commissioner (IPC) to oversee how these powers are used.

Sounds promising, right? Well, others disagree. Deputy leader for the opposition party, Tom Watson, has fiercely argued that the current proposals do not protect the average law-abiding citizen’s privacy.

Watson recently took the government to court over current surveillance legislation, arguing that the powers were not compatible with British public’s right to respect for private life and communications, which was seen as a big blow to the Home Secretary and her plans.

Watson is again arguing that the draft legislation for the Investigatory Powers Bill doesn’t go far enough to protect the public’s privacy, claiming that the current review processes put in place are nowhere near adequate. Writing for politics.co.uk, he said:

Most people agree that we need to rethink the statutory framework that governs the police and security services' access to communications data. We know how hard this is, and that it's a battle to stay one step ahead of those who wish to do us harm. But it's a false choice to say these massive extensions of state power must be introduced without checks and balances. It's a false choice to say we either have security or privacy and accountability. We can have both.

Take the example of judicial oversight. The reports advised this, the Tories promised this, but actually what we've been given is a very limited review of Home Secretary's warrants by a judge appointed by a Commissioner who is appointed by the prime minister.

That isn't judicial oversight – it's a fob. And it shows that that the Tories view vital constitutional checks and balances as an inconvenience to be overcome rather than a democratic necessity to be protected and enhanced. Labour must and will continue to press the Tories on this and other weaknesses as legislation goes through parliament.

Backlash from Apple

It’s also worth highlighting that the government is not only facing challenges to the draft bill from

privacy-please
opposition MPs, but also from the almighty Apple. In a submission to the bill committee, the technology giant said:

We believe it would be wrong to weaken security for hundreds of millions of law-abiding customers so that it will also be weaker for the very few who pose a threat. In this rapidly evolving cyber-threat environment, companies should remain free to implement strong encryption to protect customers.

Apple’s complaint pertains to passages in the bill that it claims would give the UK government the power to demand that Apple alters the way that it’s popular iMessage service works, that it would weaken encryption and enable security services to eavesdrop on iMessage for the first time.

Apple added:

The creation of backdoors and intercept capabilities would weaken the protections built into Apple products and endanger all our customers. A key left under the doormat would not just be there for the good guys. The bad guys would find it too.

My take

Some surveillance powers are obviously needed. In a world where communication and networks are mostly facilitated online, it makes sense that the government needs some powers to intercept data that could pose a threat to our national security. However, this interception needs to be validated by an independent judicial system that is at arms length from both the Home Office and the Prime Minister’s office. Otherwise we are basically relabelling ‘approved by chums’ with ‘judicial oversight’ - and that’s not right, especially given what is at stake.

I’ll leave this here: