Many tech companies — Twitter, Yahoo and Google, to name three — have a policy of notifying users when it’s suspected that a state-level actor is attempting to hack into their account.
Specifically, UK ministers want to make it a criminal offence for tech firms to warn users of requests for access to their communication data made by security organizations such as MI5, MI6 and GCHQ (the Government Communications Headquarters).
A June report by David Anderson QC, the independent reviewer of terrorism legislation, revealed that Twitter’s policy requires it to notify its users of requests to access their data
“unless persuaded not to do so, typically by a court order.” But a note to the bill would make this illegal.
The note says it “will ensure that a communication service provider does not notify the subject of an investigation that a request has been made for their data unless expressly permitted to do so.”