GCHQ Spying Wasn't Illegal, it Just ‘Lacked Transparency’…

UK data surveillance programs, including the bulk collection of data from ISPs, have been declared legal by a parliamentary committee. However, it also found them "overly complicated" and lacking in transparency. The report from the Intelligence and Security Committee (ISC) probed GCHQ initiatives that tapped massive amounts of emails and other private "upstream" data, often in conjunction with the NSA's PRISM program. The extent of the UK's involvement in that program was revealed by whistleblower Edward Snowden in 2013.

The committee declared that "we are satisfied that the UK's intelligence and security Agencies do not seek to circumvent the law." But it immediately qualified that by saying "however, that legal framework has developed piecemeal, and is unnecessarily complicated. We have serious concerns about the resulting lack of transparency, which is not in the public interest."
Despite that slap down, the finding contradicts a court decision that found the program flat-out "unlawful." That decision carried some legal teeth, even allowing you to fill out a form and find out if the GCHQ ever spied on you using NSA data. However, the parliamentary committee declared that:
Our Inquiry has shown that the Agencies do not have the legal authority, the resources, the technical capability, or the desire to intercept every communication of British citizens, or of the internet as a whole: GCHQ are not reading the emails of everyone in the UK.

The report went on further to say that bulk collection programs "operate on a very small percentage" of Internet users, from whom only "a certain amount of material is being collected." Ironically, however, the actual percentages of users and data requests were redacted in the final document, meaning the public can't tell what "very small" means, exactly. The report added that targeting an individual in the UK still requires a warrant "signed by a Secretary of State."
In the end, the government said that data collection activities in the UK were still on shaky ground. It recommended the development of a "new, transparent legal framework" -- likely to fend off further unfriendly court decisions. But it also emphasized the need for the spying, saying "we do not subscribe to the point of view voiced by some of our witnesses that it is preferable to let some terrorist attacks happen rather than to allow any form of bulk interception. " 
endgadget http://ow.ly/KfEMx

« A Theory About MH370: 'Putin ordered plane to be flown to Kazakhstan'
CIA 'tried to crack security of Apple devices' »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Optimum Insurance

Optimum Insurance

Optimum's Cyber Risk & Data Protection Insurance policies are designed to protect against cyber exposures that arise when a company’s data and customer information is breached or stolen.

Devel

Devel

Devel is a LATAM cybersecurity company specialized in providing red, blue and purple team services for the financial sector.

Jobsora

Jobsora

Jobsora is an innovative job search platform in the UK and more than 35 other countries around the world. Sectors covered include IT and cybersecurity.

Ampliphae

Ampliphae

Ampliphae gives you an easy-to-deploy, sophisticated and affordable cloud-discovery, security and compliance platform.

Echosec Systems

Echosec Systems

Echosec Systems is a data discovery company delivering social media and dark web threat intelligence. Our web based security software delivers critical information for situational awareness.

Cyber Risk Institute (CRI)

Cyber Risk Institute (CRI)

CRI is a not-for-profit coalition of financial institutions and trade associations working to protect the global economy by enhancing cybersecurity and resiliency through standardization.

Cord3

Cord3

Cord3 delivers data protection, even from trusted administrators – or hackers posing as administrators – with high privilege.

Adarma Security

Adarma Security

Adarma are specialists in threat management including SOC design, build & operation.

Berezha Security Group (BSG)

Berezha Security Group (BSG)

BSG is a cybersecurity consulting firm specializing in all aspects of application security and penetration testing.

Cyber Security Canada

Cyber Security Canada

Cyber Security Canada is an accredited Certification Body for government-backed Cyber Security Certification Programs, designed specifically for small and medium-sized Canadian businesses.

Appsian Security

Appsian Security

Appsian provides powerful solutions that help organizations take control of their business critical data and financial transactions.

Grove Group

Grove Group

Grove provides businesses with the tools that work best for their unique operations, through cybersecurity and cloud services, custom software development and our big data analytics expertise.

Atomic Data

Atomic Data

Atomic Data is an on-demand, always-on, pay-as-you-go expert extension of your enterprise IT team and infrastructure.

Trovent Security

Trovent Security

Trovent was founded with a clear goal: to support medium-sized companies in significantly increasing their IT security level.

Amiosec

Amiosec

Amiosec is a British cyber innovation business specialising in delivering simple-to-use solutions to the complex problems of the modern world.

Sansec Technology

Sansec Technology

Sansec Technology is dedicated to the research and development of cryptographic products and solutions for cyber security.