The U.K. government’s proposed “snooper’s charter” is already scaring tech firms around the world with its threat of forcing them to help break encryption in their communications services, but here’s a wrinkle that’s received little attention until now: It would also force them to give the country’s spies a heads-up about upcoming product launches and upgrades.
This detail is included in a draft code of practice attached to the Investigatory Powers Bill, flagged up by Privacy International.
According to the document, major communications service providers (think companies like Facebook, Google, and Apple) “must notify the Government of new products and services in advance of their launch, in order to allow consideration of whether it is necessary and proportionate to require the [provider] to provide a technical capability on the new service.”
Get Data Sheet, Fortune’s technology newsletter.
“Technical capability”? That refers to the ability for communications over the service to be monitored or intercepted by surveillance systems and agents.
“There is no independent judicial oversight or authorization, nor a process for effective independent review of technical capability notices and their requirements,” Privacy International noted. “The tech companies will have little say and the government say explicitly they have the power to bring legal action against them if they do not comply.”
Other exciting elements of the proposed new law include spies being able to legally hack people’s computers in bulk, forcing broadband companies to keep records of which sites everyone visits, and compelling organizations to hand over bulk datasets about their customers.
For more on privacy and surveillance, watch:
Many experts, including the U.N.’s top privacy official, have pointed out that the bill would be illegal under European privacy law, which forbids mass, untargeted surveillance.
