UK Tribunal Says GCHQ Engaged In Illegal Telco Collection Program For More Than A Decade
from the eleven-years,-zero-accountability dept
UK's NSA -- GCHQ -- has lost legal battle after legal battle in recent years, most of those triggered by the Snowden leaks. The UK Appeals Court ruled its bulk collection of internet communications metadata illegal earlier this year. This followed a 2015 loss in lawsuit filed over the interception of privileged communications, resulting in a destruction order targeting everything collected by GCHQ that fell under that heading.
Some battles are still ongoing, with several of them spearheaded by Privacy International. PI's work -- and multiple lawsuits -- have led to the exposure of GCHQ's oversight as completely toothless and a declaration that the agency's surveillance agreement with the NSA was illegal… at least up to 2014's codification of illegal spy practices. (This codification was ultimately ruled illegal earlier this year.)
Thanks to another PI legal challenge, the Investigatory Powers Tribunal has found GCHQ engaged in even more illegal spying... for more than a decade. The expansion of surveillance powers following the September 11, 2001 terrorist attacks gave GCHQ more ways to collect data from telcos. This was supposed to be directed and overseen by the UK Foreign Secretary, but the lawsuit showed the oversight did nearly nothing and there were virtually no limits to what could be collected from phone companies.
The Investigatory Powers Tribunal (IPT) - set up to investigate complaints about how personal data is handled by public bodies - ruled that most of the directions given between 2001 and 2012 had been unlawful.
The tribunal was critical of the way the government handed on requests to GCHQ, partly because phone and internet providers "would not be in any position to question the scope of the requirement" because they "would have no knowledge of the limited basis upon which the direction had been made".
That being said, the IPT also somehow came to the conclusion GCHQ had never abused the apparently illegal privilege. It had "carte blanche" power to demand data, but the IPT saw "no evidence" it had collected more than the Foreign Secretary had approved. But that's not all that heartening (or convincing) considering the Foreign Secretary had delegated that responsibility to GCHQ, allowing the agency to determine what it needed without input or oversight.
Supposedly everything is all better now with the rules put in place in 2014. The Data Retention and Investigatory Powers Act of 2014 was a weak attempt at surveillance reforms following the steady stream of leaked documents triggered by Snowden in the summer of 2013. So weak were the reforms, the EU Court declared the act incompatible with international law, making GCHQ's collection efforts targeting other Europeans illegal everywhere else but in the UK.
The collection power was illegal, at least under previous versions of the UK's Snoopers' Charter. Whether or not GCHQ wrote itself blank collection checks with the signed checkbook handed to it by the Foreign Secretary is still an open question, despite the court's determination. It's not like surveillance agencies have ever hidden questionable collections from their oversight or found a way to avoid delivering incriminating evidence against themselves until years after issues were first contested.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: gchq, illegal surveillance, surveillance, telco collection, uk tribunal
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
People don’t understand the tech involved, and most like to delude themselves that they are autonomous, rational creatures that are not easily influenced, so it has mostly flown under the radar (less so in Europe). Also our politicians are neck-deep in internet/data-driven election-hacking scams themselves so can’t regulate organised disinformation unless they want to go back to talking about policies.
https://theconversation.com/how-the-russian-government-used-disinformation-and-cyber-warfar e-in-2016-election-an-ethical-hacker-explains-99989
[ link to this | view in chronology ]
Serious question: Are the relevant pieces of legislation designed so that there are no possible consequences for breaking them? Isn't that just openly ridiculous? Why does the judiciary go along with the charade?
[ link to this | view in chronology ]