British Court Rules Against Intelligence Agencies's Bulk Hacking

Uploaded on 2021-01-13 in TECHNOLOGY--Hackers, INTELLIGENCE--Europe, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-Law

The High Court in London has ruled that British security and intelligence services can no longer rely on ‘general warrants’ to authorise the hacking of large numbers of computers and phones belonging to UK citizens.

Bulk hacking has been exploited by the UK’s intelligence services to access electronic devices represent an illegal intrusion into the private lives of millions of people, the High Court has been told. The use of bulk surveillance by the intelligence and security services first came to the public attention after the Snowden revelations of 2014, prompting a rearguard effort by the government to shore up the status quo in which officials argued that it would be lawful in principle to use a single warrant to hack every device in a UK city.   

The government relied on the issuing of “general warrants” under section 5 of the Intelligence Services Act 1994 to do so.
The Court referred to cases dating back to the 18th century, which demonstrate the common law’s insistence that the Government cannot search private premises without lawful authority even in the context of national security. Because general warrants are by definition not targeted (and could therefore apply to hundreds, thousands or even millions of people) they violate individuals’ right not to not have their property searched without lawful authority, and are therefore illegal. 

As the Court emphasised: “The aversion to general warrants is one of the basic principles on which the law of the United Kingdom is founded. As such, it may not be overridden by statute unless the wording of the statute makes clear that Parliament intended to do so.”

Privacy International legal director, Caroline Wilson Palow, argued the ruling brought legal precedent into the modern age, where searching “property” could mean remotely spying on users’ digital lives. “General warrants are no more permissible today than they were in the 18th century. The government had been getting away with using them for too long. We welcome the High Court's affirmation of these fundamental constitutional principles,” she said.  "Today's victory rightly brings 250 years of legal precedent into the modern age. General warrants are no more permissible today than they were in the 18th century. The government had been getting away with using them for too long. We welcome the High Court's affirmation of these fundamental constitutional principles." 

However, some government hacking powers are now governed by a newer law, the controversial Snooper’s Charter, or Investigatory Powers Act. There are also various legal challenges underway to this legislation. In October last year,  the Court of Justice of the European Union (CJEU) ruled that bulk collection and retention of citizens’ data must be brought into line with EU privacy law, even in cases of national security.

The UK has a vested interest in rowing back from its position on bulk surveillance, as it seeks an “adequacy decision” from the EU on data handling that is vital to seamless cross-border data flows in the new post-Brexit era.

Privacy International:        Infosecurity Magazine:        Guardian:      Computing:        Computer Weekly:  

You Might Also Read: 

The Impact Of Brexit On British Cyber Security:

 

« Solving Mr. Biden’s Wicked Cyber Problem
Amazon, Apple & Google Cancel Parler »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Bericon Forensics

Bericon Forensics

Bericon is one of the longest established forensic science consultancies in the UK. Activities include computer and mobile phone forensics.

Georgia Cyber Center

Georgia Cyber Center

Georgia Cyber Center is dedicated to training the next generation of professionals through education and real-world practice while also supporting innovation in new technologies for online defenses.

XTN Cognitive Security

XTN Cognitive Security

XTN is focused on the development of security, Fraud and Mobile Threat Prevention advanced behaviour-based solutions.

Vuntie

Vuntie

Vuntie blend European craftsmanship, performance and open-source technology to deliver cybersecurity services including penetration testing, incident response, training and consultancy.

ADL Process

ADL Process

ADL Process offer secure data destruction, certified product destruction and responsible electronics recycling services to businesses and institutions.

ChaosSearch

ChaosSearch

ChaosSearch is a massively scalable ELK-compatible log analysis platform delivered as a fully managed service with high-performance and low cost.

ByteSnipers

ByteSnipers

ByteSnipers specialize in penetration testings and secure development services. Our focus is on your security.

Great American Insurance Group

Great American Insurance Group

Great American's Cyber Risk Division offers cyber solutions for small and medium-sized businesses.

MailChannels

MailChannels

MailChannels protects companies against malicious email threats. Used by 750+ hosting providers around the world.

Amazon Web Services (AWS)

Amazon Web Services (AWS)

Amazon Web Services is the world’s most comprehensive and broadly adopted cloud platform, offering fully featured services from data centers globally.

Heron Technology

Heron Technology

Heron Technology are a technology solutions consultancy with core competencies in the areas of Cyber Security and Digital Aviation.

IONOS

IONOS

IONOS is a leading provider of cloud infrastructure, cloud services, and hosting with more than 8.5 million customers contracts.

Auriga

Auriga

Auriga create innovative software and have become a benchmark for high quality banking software including cyber security solutions to protect business critical devices.

Kodem Security

Kodem Security

Our mission is to make AppSec simple. Meet the world’s first dynamic software composition analysis platform. Only Kodem uses runtime intelligence to determine application risk.

Hexiosec

Hexiosec

Hexiosec (formerly Red Maple Technologies) is a technical consultancy and product company founded and run by engineers from the UK Intelligence and Defence communities.

WBM Technologies

WBM Technologies

WBM Technologies is a Western Canadian leader in the provision of outcomes-driven information technology solutions.