GCHQ spying on British citizens was unlawful

GCHQ unlawfully spied on British citizens, a secretive UK court has ruled.

GCHQThe Investigatory Powers Tribunal (IPT), the secretive court that was created to keep Britain's intelligence agencies in check, said that GCHQ's access to information intercepted by the NSA breached human rights laws. The IPT has never ruled against any intelligence agency since it was set up in 2000. It found in December that GCHQ's access to the data was lawful from that point onward. That decision is now being appealed.

But the court said that historical collection was unlawful because the rules governing how the UK could access information received from the NSA were kept secret. It concerned practices disclosed as part of documents disclosed by Edward Snowden, and related to information found through the NSA's PRISM and UPSTREAM surveillance programmes.

PRISM allegedly allowed the NSA access to data from companies including Google, Facebook, Microsoft and Skype. UPSTREAM allowed the NSA to intercept data through the fibre optic cables that power the Internet. The ruling comes after a legal challenge brought by civil liberties groups Privacy International, Bytes for All, Amnesty International and Liberty.

The Tribunal declared that intelligence sharing between the United States and the United Kingdom had been unlawful prior to December 2014, because the rules governing the UK's access to the NSA's PRISM and UPSTREAM programmes were kept secret.

Prior to December last year, the secret policy breached Article 8, the right to a private life, and Article 10, the right to freedom of expression without State interference, the tribunal said.
Yet it was only due to revelations contained in the documents leaked by Snowden that the intelligence sharing relationship became subject to public scrutiny.

The decision marks the first time that the Tribunal, the only UK court empowered to oversee GHCQ, MI5 and MI6, has ever ruled against the intelligence and security services in its 15 year history, said watchdog charity Privacy International.

The claimants in the case are Privacy International, Bytes for All, Liberty and Amnesty International. Eric King, deputy director of Privacy International, said: "The only reason why the NSA-GCHQ sharing relationship is still legal today is because of a last-minute clean up effort by Government to release previously secret 'arrangements'. That is plainly not enough to fix what remains a massive loophole in the law, and we hope that the European Court decides to rule in favour of privacy rather than unchecked State power."

http://www.independent.co.uk/life-style/gadgets-and-tech/news/

http://www.theregister.co.uk/2015/02/06/gchq_mass_surveillance_unlawful

« New Cyber Security School opening in London:
AI will not kill us, says Microsoft Research Chief »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Davis Wright Tremaine (DWT)

Davis Wright Tremaine (DWT)

Davis Wright Tremaine is a full-service law firm with offices throughout the US and in Shanghai, China. Practice areas include Technology, Privacy & Security.

Blue Ridge Networks

Blue Ridge Networks

Blue Ridge offers a suite of solutions that enable secure remote access to the enterprise network with protection and control of endpoints.

RIPS Technologies

RIPS Technologies

RIPS Technologies delivers automated security analysis for PHP applications as platform independent software or highly scalable cloud service.

NinjaJobs

NinjaJobs

NinjaJobs is a community-run job platform developed by information security professionals. We focusing strictly on cybersecurity positions.

Council of Europe Convention on Cybercrime

Council of Europe Convention on Cybercrime

The Council of Europe helps to protect societies worldwide from the threat of cybercrime through the Convention on Cybercrime.

IEEE Cyber Science and Technology Congress (CyberSciTech)

IEEE Cyber Science and Technology Congress (CyberSciTech)

CyberSciTech provides a platform for scientists, researchers, and engineers to share their latest ideas and advances in the broad scope of cyber-related science, technology, and application topics.

Project Moore

Project Moore

Project Moore is an Amsterdam law firm specialising in IT-law and privacy.

Conatix

Conatix

Conatix was formed to apply recent advances in AI and other fields of technology to insider fraud, one of the most intractable problems in cybersecurity.

IT Acceleration

IT Acceleration

IT Acceleration is a full-service IT management and support, IT compliance and Digital Forensics company.

1Password

1Password

1Password combines industry-leading security with award-winning design to bring private, secure, and user-friendly password management to everyone.

Stratus Technologies

Stratus Technologies

Edge Computing solves the inherent challenges of bandwidth, latency, and security at edge locations to enable IIoT devices and data acquisition.

Moss Adams

Moss Adams

Moss Adams is a fully integrated professional services firm dedicated to assisting clients with growing, managing, and protecting prosperity.

CYSIAM

CYSIAM

CYSIAM provides world-leading expertise in offensive security and critical incident response. We train our clients to be able to protect themselves and respond to attacks and breaches when they occur.

AMSYS Innovative Solutions

AMSYS Innovative Solutions

AMSYS is a full-service, 24/7/365 IT solutions, Cybersecurity & Managed Service Provider.

ShieldIO

ShieldIO

ShieldIO Real-Time Homomorphic Encryption™ enables your organization to reach regulatory compliance without compromising data availability.

Digital.ai

Digital.ai

Digital.ai empowers organizations to scale software development teams, continuously deliver software with greater quality and security.