Brexit will harm UK's ability to combat cyber attacks, say experts

Greater collaboration is needed for national governments to combat cyber attacks and protect individual rights, cyber forensic experts have warned.

Earlier this week Prime Minister David Cameron warned that peace in Europe could be at risk if Britain votes to leave the European Union.

Cameron's comments came just days after two former intelligence chiefs said leaving the EU would make the UK 'less safe'.

Benjamin Donnachie, associate director of business consultancy Navigant, has now warned that the UK's ability to combat cyber attacks will be harmed if it leaves the EU.

Donnachie said that due to the mass of intelligence sharing between member states, a vote for Brexit would 'make the UK's cross-border cooperation more difficult'.

Robert Anderson Jr, managing director of Navigant, added: 'The more countries that are sharing intelligence, especially in cyber, the better.'

Anderson, the former executive assistant director of the criminal, cyber, response and services branch of the FBI, worked on the recent and high-profile San Bernardino terrorist attack.

He told Solicitors Journal that the FBI's unlocking of an iPhone belonging to the San Bernadino gunman highlighted the need for a change in approach in similar future cases.

'To ensure that all rights are looked after on both sides, there needs to be a joint cooperation between private industry and law enforcement so that their concerns are highlighted throughout the process,' he said.

'This isn't going to be a one off. Everybody's constantly evolving technology so we're going to run into these issues more and more.'

Striking a balance

Simon McKay, a barrister specialising in surveillance law and author of covert policing law and practice believes cyber attacks are difficult to pinpoint and highlighted the risk of using mass surveillance to combat the threat.

'The difficulty tends to be the legislative framework and how authorities investigate and generate the evidence. In the respect of mass surveillance, there are clear vulnerabilities.'

Currently, the Regulation and Investigatory Powers Act (RIPA) grants various powers to public bodies to ensure acts of cyber attacks are prevented, but McKay told SJ that such powers have been found wanting in the Investigatory Powers Tribunal and a number of pending challenges in the European Court of Human Rights (ECtHR).

'Two European decisions in the last 12 months, Szabo v Hungary and Zakharov v Russia, would suggest the current wording of the existing legislation, but moreover, the Investigatory Powers Bill (IP Bill), isn't sufficiently precise to meet minimum legal standards.'

In November 2015, the government published the IP Bill, which aims to consolidate existing powers already available to law enforcement and intelligence agencies to obtain or intercept communications.

The 'Snooper's Charter' has been roundly criticised by human rights groups, lawyers, and parliament's intelligence and security committee for a lack of clarity and transparency over its far-reaching powers.

'The legislation as it is currently drafted is very poor, ridiculously complex, invasive, far-reaching, but moreover, it's been rushed through parliament,' argued McKay.

'If the ECtHR is to strike a balance between the need to protect national security, but also the need to protect the contracting states' population from arbitrary interference with their privacy rights, then the current approach to the IP Bill is not effective.'

Matthew Rogers is an editorial assistant at Solicitors Journal @sportslawmatt matthew.rogers@solicitorsjournal.co.uk