85% of IT professionals surveyed by BCS, The Chartered Institute for IT, agreed that it should be a criminal offence if a professional designs and implements a system to store website history and fails to appropriately protect access to that data through the use of good practice in information security (e.g. reckless disclosure).
BCS is now urging Government to fully explore whether reckless disclosure of the public's data should be included as a criminal offence in the Investigatory Powers Bill presented by the Home Secretary.
David Evans, Director of Policy at the Institute explains: "The criminal offence around misuse of data outlined in the Bill is welcome, however we can and we must create systems which by default protect against misuse. In an area of critical national importance, it would be reckless and inexcusable for individuals to design data systems which created unnecessary risks to the public, where those risks could have been prevented through known techniques. We believe a double lock to protect against misuse of data would provide greater assurance for the public in how their information is managed in the process of protecting against serious crime.
BCS' research revealed, for the first time, how significant the disparity in views are between the general public and IT professionals when it comes to surveillance. 54% of British adults feel very or fairly comfortable with the security services and police having access to their website history, according to findings from a YouGov UK online survey, compared to just 35% of IT professionals who feel very or fairly comfortable.
David notes: "We often hypothesise about the strength of feeling against surveillance measures from the technology community versus a sanguine public opinion and we now have findings to support it. We need to spend more time discovering the reasons behind this disparity. If the technology community have legitimate concerns, they are not resonating with public feeling. As an organisation with a Royal Charter and purpose to Make IT Good for Society, I want to see Society as a whole debate the role technology has in protecting against crime and issues of proportionality."
The survey also revealed that 76% of IT professionals tend to disagree or disagree strongly that in order to protect national security, companies should weaken or defeat their own security measures to provide authorities with access to content that has been encrypted.
David adds: "Whilst government access to services is a useful tool, it is vital that citizens are able to protect themselves from both criminal and foreign state activity. Clarification within the Bill and a clear expression of principle that the security of communications for individuals collectively will not be compromised, is required.
David's concludes: "The government and its agencies should be recognised and applauded for engaging as never before in this public debate. We now urge security services and the wider government to continue their public engagement around the principles in the Bill, ensuring there is an appropriate culture set around the use of these powers, in which this law will be enacted."
The general public survey was commissioned by BCS and conducted by YouGov Plc during the period 20–21 January 2016. The sample size was 1,694 and the survey was carried out online. The figures have been weighted and are representative of all GB adults (aged 18+). The survey of IT professionals was conducted by BCS among its professional and chartered members. It was conducted online during the period 18–28 January 2016 and the sample size was 439.