The Regulation of Investigatory Powers Bill, introduced into the House of Commons in February last year, is now law. Introduced to protect public safety, the act increases the power of law enforcement and security agencies in such areas as surveillance of website visits.
On the surface it is a much needed way to police cyberspace, and meet the goring needs of regulation that so many feel is needed by the speed, scale and scope of internet growth.
Sadly, the act is flawed, and a growing number of groups, MPs and professional bodies are realising this. From The Guardian to Amnesty International, from professors at universities to leading IT directors, and from trade unions to The Internet Society, the opposition is large, and growing.
One of the reasons for opposing the RIP Act, is the total confusion it brings. This at a time when the government is proclaiming the UK to be at the very centre of e-world activity. In short, the RIP Act is at complete odds to the often stated policy to make Britain ‘the most e-friendly country in the world’.
Here are its main flaws:
There is a need to prevent and expose terrorist, paedophile and illegal activity, however the RIP Act is a classic sledge-hammer to crack a nut.
The volume of monitoring, additional resources and time consuming effort is huge. The idea of the internet is speed, with communications, knowledge and activity moving fast. We need a speedy solution to respond to this, and several groups have put forward clearer alternatives.
So where does this leave organisations, and what does the RIP Act mean for you? Quite simply, email and internet regulation works best with clear boundaries and self-regulation.
Beware of these areas in your company, on your website and email traffic.
My advice is to put in place a code of conduct. If you do, you will be less liable as a company but despite numerous inquiries, I have never had this confirmed, or denied.
Electronic communications through sites and email are no different from every other form, and there should be no need for complex guidelines, rules and restrictions. As long as everyone is clear on company policy, none of these potential dangers will grow out of hand. People must take personal ownership of their information and emails, even after sending.
Control, regulation and law of the internet is a difficult issue, and I am sure the principles behind the bill are honourable. However the RIP Act threatens the very future, freedom and success of UK plc, while failing to fulfil what it sets out to achieve.
YOUR ONLINE CODE SHOULD COVER:
Information on other companies
Detail can be used in courts of law. Do not use email to discuss competitors, acquisitions or mergers, or to give opinions on another company. The word ‘confidential’ does not apply to electronic communication as it can always be accessed.
Information on individuals
Take great care, even with the facts. Also, avoid providing references by email.
Personal behaviour
This should cover access to website types (pornography, those deemed not to be in the best interests of UK). Let people use common sense. Many companies are concerned about the volume of non-work related email. The key words are guidelines and trust. Put in place a policy that gives freedom, but people know their boundaries on time and content. Control people, by giving them ownership and responsibility.