RIP conjures up a picture of confusion

e-vangelist David Taylor reports on the implications of the Regulation of Investigatory Powers Act

It was once the Government’s claim that the UK would become the most e-friendly country in the world. But an unlikely coalition of computer techies, Internet users and human rights campaigners believe that the new Regulation of Investigatory Powers Act – appropriately abbreviated to RIP – has laid that particular myth to rest.

Control, regulation and the law of the Internet are difficult issues, and I am sure the principles behind the bill are honourable.

However, the RIP bill is a typical example of how few in legislative circles really understand the new business world. The RIP bill is a mess and, taken together with other proposals and legislation aimed at corporate security, guidelines and HR responsibilities, creates a picture of utter confusion. HR directors need guidelines on what their role is in this minefield. This needs to happen fast and the key word is clarity. I believe there are a number of issues that employers need to be aware of.

The Government recently gave employers the green light to access staff e-mails and to monitor workers’ phone calls.

But it failed to help clarify directors’ responsibilities regarding both the process of interception and the law. The HR community must seek clarification from the Government on what this really means.

There is a special centre being installed at MI5’s London headquarters, to access all e-mail traffic. Home secretary Jack Straw says MI5 will need a warrant to read an e-mail, but he seems unaware aware that the technology is very different from, say, tapping a telephone.

This will mean that MI5 will have unregulated access to the logs of the Web sites staff access, discussion groups they belong to and addresses of all those with whom they correspond.

What are the implications for employers surrounding the protection of their people given this scrutiny proposed by the Government? Individuals in multi-national organisations may find themselves at greatest risk.

If an employee is served with an order to release highly sensitive encryption keys, they are also likely to be served with a gagging order. Many business leaders I have spoken to have expressed open disquiet about this bill.

Of course, I realise that there is a need to prevent and expose terrorist, paedophile and illegal activity, in all walks of life.

However, when I raised this issue with Jack Straw recently he was unable to explain how such a wide blanket of surveillance would achieve this.

Control, regulation and law of the Internet are difficult issues, and I am sure the principles behind the bill are honourable.

However the RIP Bill is a typical example of how few in legislative circles really understand the new business world.

David Taylor is president of the association of IT directors, Certus. david.taylor@dtaltd.co.uk