GCHQ spying on British citizens was unlawful

Uploaded on 2015-02-11 in BUSINESS-Services-Law, GOVERNMENT-National, NEWS-Cybersecurity News

GCHQ unlawfully spied on British citizens, a secretive UK court has ruled.

GCHQThe Investigatory Powers Tribunal (IPT), the secretive court that was created to keep Britain's intelligence agencies in check, said that GCHQ's access to information intercepted by the NSA breached human rights laws. The IPT has never ruled against any intelligence agency since it was set up in 2000. It found in December that GCHQ's access to the data was lawful from that point onward. That decision is now being appealed.

But the court said that historical collection was unlawful because the rules governing how the UK could access information received from the NSA were kept secret. It concerned practices disclosed as part of documents disclosed by Edward Snowden, and related to information found through the NSA's PRISM and UPSTREAM surveillance programmes.

PRISM allegedly allowed the NSA access to data from companies including Google, Facebook, Microsoft and Skype. UPSTREAM allowed the NSA to intercept data through the fibre optic cables that power the Internet. The ruling comes after a legal challenge brought by civil liberties groups Privacy International, Bytes for All, Amnesty International and Liberty.

The Tribunal declared that intelligence sharing between the United States and the United Kingdom had been unlawful prior to December 2014, because the rules governing the UK's access to the NSA's PRISM and UPSTREAM programmes were kept secret.

Prior to December last year, the secret policy breached Article 8, the right to a private life, and Article 10, the right to freedom of expression without State interference, the tribunal said.
Yet it was only due to revelations contained in the documents leaked by Snowden that the intelligence sharing relationship became subject to public scrutiny.

The decision marks the first time that the Tribunal, the only UK court empowered to oversee GHCQ, MI5 and MI6, has ever ruled against the intelligence and security services in its 15 year history, said watchdog charity Privacy International.

The claimants in the case are Privacy International, Bytes for All, Liberty and Amnesty International. Eric King, deputy director of Privacy International, said: "The only reason why the NSA-GCHQ sharing relationship is still legal today is because of a last-minute clean up effort by Government to release previously secret 'arrangements'. That is plainly not enough to fix what remains a massive loophole in the law, and we hope that the European Court decides to rule in favour of privacy rather than unchecked State power."

http://www.independent.co.uk/life-style/gadgets-and-tech/news/

http://www.theregister.co.uk/2015/02/06/gchq_mass_surveillance_unlawful

« New Cyber Security School opening in London:
AI will not kill us, says Microsoft Research Chief »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Shavlik Protect

Shavlik Protect

Shavlik Protect is an easy-to-use security software solution that discovers missing patches and deploys them to the entire organization.

Information Commissioner's Office (ICO)

Information Commissioner's Office (ICO)

The Information Commissioner's Office is an independent authority set up to uphold information rights in the public interest.

Security Brigade

Security Brigade

Security Brigade is an information security firm specializing in Penetration Testing, Vulnerability Assessment, Web-application Security and Source Code Security Audit.

CONCERT

CONCERT

CONCERT is a Computer Emergency Response Team and cyber security information sharing network for companies, institutes and government in Korea.

IT2Trust

IT2Trust

IT2Trust is one of Scandinavia’s leading value-added distributors of business-critical IT solutions within IT security and networking.

Innotec Security

Innotec Security

Innotec Security is a Spanish company specializing in cybersecurity-as-a-service, cyber resilience and cyber risk management.

Cyber Security Jobs

Cyber Security Jobs

Cyber Security Jobs was formed to help job seekers find jobs and recruiters fill cyber security job vacancies.

MyCyberSecurity Clinic (MyCSC)

MyCyberSecurity Clinic (MyCSC)

MyCyberSecurity Clinic's main goal is toward establishing an international reference centre for excellence in the field of digital forensics and data recovery services.

Measured Insurance

Measured Insurance

Measured Insurance are bridging the gap between technology and Insurance using AI-Powered analytics that track clients’ exposure in real time to create smarter insurance products.

Uptycs

Uptycs

Uptycs combines the open source universal agent, osquery, with a scalable security analytics platform for fleet visibility, intrusion detection, vulnerability monitoring and compliance.

Wiz

Wiz

Wiz - the first cloud visibility solution for enterprise security: A 360° view of security risks across clouds, containers and workloads.

Activu

Activu

Activu makes any information visible, collaborative, and proactive for people tasked with monitoring critical operations including network security.

Dataprise

Dataprise

Dataprise is a leading IT managed services provider offering IT Management and Help Desk Support Services, Cloud Services, Information Security Solution, IT Strategy and Consulting.

Cymptom

Cymptom

At Cymptom our purpose is to enable security managers to see at a glance all urgently risky gaps  in their organizations’ security posture at any given moment.

Cognilytica

Cognilytica

Cognilytica’s Cognitive Project Management for AI (CPMAI) training and certification is recognized around the world as the best practices methodology for implementing successful AI & ML projects.

Odaseva

Odaseva

Odaseva delivers the strongest data security solution for enterprises running on Salesforce, safeguarding confidentiality and integrity of critical business information.