GCHQ spying on British citizens was unlawful

GCHQ unlawfully spied on British citizens, a secretive UK court has ruled.

GCHQThe Investigatory Powers Tribunal (IPT), the secretive court that was created to keep Britain's intelligence agencies in check, said that GCHQ's access to information intercepted by the NSA breached human rights laws. The IPT has never ruled against any intelligence agency since it was set up in 2000. It found in December that GCHQ's access to the data was lawful from that point onward. That decision is now being appealed.

But the court said that historical collection was unlawful because the rules governing how the UK could access information received from the NSA were kept secret. It concerned practices disclosed as part of documents disclosed by Edward Snowden, and related to information found through the NSA's PRISM and UPSTREAM surveillance programmes.

PRISM allegedly allowed the NSA access to data from companies including Google, Facebook, Microsoft and Skype. UPSTREAM allowed the NSA to intercept data through the fibre optic cables that power the Internet. The ruling comes after a legal challenge brought by civil liberties groups Privacy International, Bytes for All, Amnesty International and Liberty.

The Tribunal declared that intelligence sharing between the United States and the United Kingdom had been unlawful prior to December 2014, because the rules governing the UK's access to the NSA's PRISM and UPSTREAM programmes were kept secret.

Prior to December last year, the secret policy breached Article 8, the right to a private life, and Article 10, the right to freedom of expression without State interference, the tribunal said.
Yet it was only due to revelations contained in the documents leaked by Snowden that the intelligence sharing relationship became subject to public scrutiny.

The decision marks the first time that the Tribunal, the only UK court empowered to oversee GHCQ, MI5 and MI6, has ever ruled against the intelligence and security services in its 15 year history, said watchdog charity Privacy International.

The claimants in the case are Privacy International, Bytes for All, Liberty and Amnesty International. Eric King, deputy director of Privacy International, said: "The only reason why the NSA-GCHQ sharing relationship is still legal today is because of a last-minute clean up effort by Government to release previously secret 'arrangements'. That is plainly not enough to fix what remains a massive loophole in the law, and we hope that the European Court decides to rule in favour of privacy rather than unchecked State power."

http://www.independent.co.uk/life-style/gadgets-and-tech/news/

http://www.theregister.co.uk/2015/02/06/gchq_mass_surveillance_unlawful

« New Cyber Security School opening in London:
AI will not kill us, says Microsoft Research Chief »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Information Security Research Group - University of South Wales

Information Security Research Group - University of South Wales

The Information Security Research Group has an international reputation in the areas of network security, computer forensics and threat analysis.

Blue Ridge Networks

Blue Ridge Networks

Blue Ridge offers a suite of solutions that enable secure remote access to the enterprise network with protection and control of endpoints.

Internet Storm Center (ISC)

Internet Storm Center (ISC)

ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with ISPs to fight back against the most malicious attackers.

SCIPP International

SCIPP International

SCIPP’s courses are based on internationally recognized best business practices for security awareness, for both technical and non-technical staff and to comply with regulatory mandates.

Teramind

Teramind

Teramind provides a user-centric security approach to monitor employee behavior in order to identify suspicious activity, detect possible threats, monitor efficiency, and ensure industry compliance.

CSO GmbH

CSO GmbH

CSO GmbH provide specialist consultancy services in the area of IT security.

exceet Secure Solutions

exceet Secure Solutions

exceet Secure Solutions is your experienced specialist for Internet of Things (IoT), Heath Telematics, electronic signatures and timestamps and IT security.

Recovery Point Systems

Recovery Point Systems

Recovery Point is a leading national provider of IT secure and compliant infrastructure and business resilience services.

Accelerator Frankfurt

Accelerator Frankfurt

Accelerator Frankfurt is an independent go-to-market program focused on Fintech, Cybersecurity and Digital B2B startups.

Angoka

Angoka

Angoka provide hardware-based solutions for managing the cybersecurity risks inherent in machine-to-machine communication networks.

Blok Cyber Security

Blok Cyber Security

Blok provide small businesses and sole traders, with affordable, managed Cyber Security Packages that offer immediate protection and peace of mind.

SpeQtral

SpeQtral

SpeQtral offers commercial space-based Quantum Key Distribution (QKD) founded on technology developed at the National University of Singapore.

National Cybersecurity Agency (ACN) - Italy

National Cybersecurity Agency (ACN) - Italy

The ACN is the National Authority for Cybersecurity in Italy. the Agency promotes public-private initiatives to strengthen the national cybersecurity and resilience posture.

Secjur

Secjur

Secjur is a provider of AI-based compliance tools that aim to put compliance, data protection, information security and whistleblowing on autopilot.

Replica

Replica

Replica creates authentic virtual environments that ensure identities and assets are always protected no matter where or what work needs to get done.

CYNC Secure

CYNC Secure

CYNC boosts cybersecurity remediation by consolidating fragmented data and optimizing operational processes.