Thursday, 10 July 2014

Quick laws are bad laws


News that the government is seeking to rush through an emergency data law is a deeply troubling example of that 'breakneck government' which we thought we'd left behind in the Coalition's first, frenetic days of 'action'. The actual measures are not, in principle, particularly objectionable, for they simply confirm laws that have been there already. Since 2009, telephone companies and Internet Service Providers have had to keep limited billing data on UK citizens (who they phoned, how long for, who they emailed, and so on) for twelve months. With a warrant, the authorities can then look at the top-level data - though not its content. So they can tell who people 'phoned, but not what about.

The European Court of Justice didn't like this (not surprisingly), and threw it out back in April. With court cases pending about police and security service practices, the Government has moved to shore up its legal position - at least for now. But in so doing they've managed to announce a law that'll be in effect by next week, after closed doors talks between the three main party leaders. And it's here that they've set yet another worrying parliamentary precedent - because they've not subjected any of such an important law to proper scrutiny.

It's a bit like the banking system. Somewhere out there (probably in China), there's a great big hole in the banking system. You don't know where it is. We don't know where it is. But it's there, somewhere. That's why the Bank of England is busy stress-testing the banking system - in so doing probably fighting the last financial war all over again (as most regulation tends to do), but still engaging in worthwhile work to try to game out what could go wrong. These new Data Regulations needed that stress testing, because there's probably some nasty legislative barbed wire in here that the House of Commons will not get to think about until it's all on the statute book.

There'll of course be the inevitable 'independent reviews' - today's great panacea for governments that don't know what to do, and who know that they're not particularly trusted by the general public. There's a 'sunset clause', meaning that we can reassemble and think again in 2016. It's no 'snooper's charter', the one-size-fits-all monitoring law that would have gone much further, and kept almost all UK web-browing and content data stored for up a year.

But the way this has been handled is just not good enough. Much more effective would have been a single, one or two-line Bill asking data providers not to delete their data for a specific period until a proper Bill can be debated, in the usual way. Hundreds of MPs are now away from Westminster, and they have been given no chance at all even to look at the published Bill. If we don't delay, with the proper transitional safeguards in place, the whole thing will just not have been thoroughly thrashed out. It'll be like the legislation we're now promised, in a panicky legal give-away unlikely to get any faster to the truth, to make 'responsible' figures in every single organisation in the land report any suspicions they may have about child abuse to the police. Good luck trying to define who 'consciously knew' what in each case, Parliamentary drafters. It'll be like the infamous Dangerous Dogs Act, which the government has tried to beef up, rather than jettisoning altogether - as it should have done. At a time when the civil service has lost many of its older and wiser heads, and most departments are just about keeping their heads above water, asking Whitehall to engineer such a radical (albeit continuing) set of measures without tripping up just seems too much to ask.

It's quick law. And it's bad law. Somewhere, in an unthought, shadowy, implication of one or other of the baggily-drafted clauses everyone's now supposed just to accept, we'll all come to regret it.