The Intelligence and Security Committee has issued a damning verdict on the draft Investigatory Powers bill, saying that it does not provide enough transparency or do enough to protect privacy.
The cross-party group claimed that while the draft bill, published in November 2015, made some attempt to improve transparency, it had not "cover[ed] all of the Agencies’ intrusive capabilities."
"Overall, the privacy protections are inconsistent and in our view need strengthening. We recommend that an additional Part be included in the new legislation to provide universal privacy protections."
The committee also attacked the provisions on Equipment Interference, Bulk Personal Datasets and Communications data, which it described as "too broad" and lacking "sufficient clarity."
It identified several other specific aspects that it wanted to be amended, involving particular concerns over wording in categories and providing information on purposes for warrants.
On the whole, the committee does not oppose the investigatory powers that intelligence agencies are authorised to use but has concerns over the openness and transparency; its criticisms mainly focus on the complexity and lack of definition provided by the Government.
It suggests that the Bill is a "missed opportunity" and fails to provide a "comprehensive legal framework" to govern the use of investigatory powers.
"The issues we have highlighted in this Report must be addressed before any subsequent Bill is laid before the House and we would urge the Government to ensure that it takes sufficient time and care in so doing," the committee said.
The concerns were echoed by Antony Walker, deputy CEO of techUK, who said:
"Today’s report from the Intelligence and Security Committee of Parliament (ISC) again makes it clear that the bill lacks clarity on fundamental issues, such as core definitions of key terms within the draft Bill, encryption and equipment interference.
Walker criticised the bill for a lack of specification over what is meant by Internet Connection Records (ICRs) as well as how these will be gathered, stored and accessed.
"As we move towards a more connected world, security is paramount. Anything that forces companies to create or allow vulnerabilities in their systems is a huge concern and could damage public trust and have a direct impact on global perception of the UK as a home for innovation and investment."
Walker also attacked the draft Bill for including powers that "broadly and unilaterally assert UK jurisdiction overseas, infringe on the sovereign rights of other governments and risk retaliatory action against UK companies operating abroad."
"The Codes of Practice can deliver all the additional detail that the tech industry is crying out for. That’s why it’s vital these are published alongside the Bill, to provide reassurance and confidence in the UK as a world-leading digital economy.
"This Bill represents the opportunity to develop world leading legislation. As the ISC report rightly points out, proper parliamentary scrutiny is vital to delivering against this objective."