The U.K. might soon get a little less friendly toward tech companies — at least, about the products they may plan to launch.
As part of the U.K. surveillance bill proposal, companies in the U.K. would have to declare what types of products they are working on prior to their official launch in order for the government to know if it can intercept data when needed.
This proposal would apply to Internet, phone and tech companies and would require them to essentially give the U.K. government a heads-up on what they are working on in order to know how the products could be cracked by government officials or police if necessary. This is just one of the many policies that’s part of the draft regulation that is bundled with the larger surveillance law updates.
“[Companies] subject to a technical capability notice must notify the government of new products and services in advance of their launch, in order to allow consideration of whether it is necessary and proportionate to require the [company] to provide a technical capability on the new service,” the policy document reads.
What this could also do, however, is have a chilling impact on innovation across the tech ecosystem as more and more companies may be less interested in producing products that the government has the power to spy on so easily. It also would ensure the U.K. could avoid the ever-controversial encryption debates that are going on in the U.S., such as between Apple and the Department of Justice.
This bill would simply limit the ability to create tech products with built-in end-to-end encryption. The current proposal is part of an overhaul that the U.K. government is doing to upgrade its regulation over the market, in large part because the policies haven’t been updated in many years.
This, of course, has drawn attention to the matter on both a local and international level. Privacy advocates have jumped quickly on the bill. U.S. tech companies have jumped on the bandwagon against this bill, arguing that it would undermine the ability to impose strong security measures and encryption for products to better protect consumers’ data (and their privacy).
The U.K. law, if passed, would apply to companies like Apple, Facebook, Google, Microsoft and Twitter, since they all have a presence in the region. “The tech companies will have little say, and the government say explicitly they have the power to bring legal action against them if they do not comply,” said Millie Graham Wood, a legal officer at Privacy International, who was quoted in a ZDNet article.
“It is not solely the lack of judicial oversight and accountability that could push companies away from the U.K.,” Graham Wood continued. “Many companies have submitted evidence to the Investigatory Powers Bill committees on the impact of having to retain communications data for up to 12 months.”
The bill is currently in draft form and could be proposed further in the next few months.