GCHQ's Surveillance of Rights Groups is Illegal

Uploaded on 2015-06-29 in NEWS-Cybersecurity News, INTELLIGENCE--Europe, GOVERNMENT-National, FREE TO VIEW

 

cb2ecdf9-a439-4c29-97c7-784c63f2eed6-460x276.png

GCHQ’s covert surveillance of two international human rights groups was illegal, the judicial tribunal responsible for handling complaints against the intelligence services has ruled. The UK’s government monitoring agency retained emails for longer than it should have and violated its own internal procedures, according to a judgment by the investigatory powers tribunal (IPT). But it ruled that the initial interception was lawful in both cases.

The IPT upheld complaints by the Egyptian Initiative for Personal Rights and the South African non-profit Legal Resources Centre that their communications had been illegally retained and examined. The tribunal made “no determination” on claims brought other NGOs, including Amnesty International, Liberty and Privacy International, implying that their emails and phone calls were not intercepted or that they were intercepted but by legal means.
The IPT ruling said: “We are concerned that steps should be taken to ensure that neither of the breaches of procedure referred to in this determination occurs again. For the avoidance of doubt, the tribunal makes it clear that it will be making a closed report to the prime minister.”

It is the first time that a court has revealed that British intelligence agencies have spied on foreign human rights groups.
The case against the monitoring agency follows revelations by the US whistleblower Edward Snowden. 
In relation to the Egyptian Initiative for Personal Rights, the IPT found that “email communications ... were lawfully and proportionately intercepted and accessed ... However, the time limit for retention permitted under the internal policies of GCHQ, the intercepting agency, was overlooked in regard to the product of that interception, such that it was retained for materially longer than permitted under those policies.”

In respect of the Legal Resources Centre, the IPT said: “Communications from an [associated] email address ... were intercepted and selected for examination ... The tribunal is satisfied that the interception was lawful and proportionate and that the selection for examination was proportionate, but that the procedure laid down by GCHQ’s internal policies for selection of the communications for examination was in error not followed in this case.”

A government spokesperson said: “We welcome the IPT’s confirmation that any interception by GCHQ in these cases was undertaken lawfully and proportionately, and that where breaches of policies occurred they were not sufficiently serious to warrant any compensation to be paid to the bodies involved.
Guardian:  http://bit.ly/1U0rQIq

 

« The Dangers Of Internet-of-Things In Healthcare
NSA Has Reverse-Engineered Consumer Anti-Virus Software To Track Users »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

AppSec Labs

AppSec Labs

AppSec Labs specialise in application security. Our mission is to raise awareness in the software development world to the importance of integrating software security across the development lifecycle.

Cybrary

Cybrary

Cybrary is an open-source cyber security and IT learning and certification preparation platform.

Luxembourg Office of Accreditation & Surveillance (OLAS)

Luxembourg Office of Accreditation & Surveillance (OLAS)

OLAS is the national accreditation body for Luxembourg. The directory of members provides details of organisations offering certification services for ISO 27001.

Women in CyberSecurity (WiCyS)

Women in CyberSecurity (WiCyS)

Women in CyberSecurity (WiCyS) is a non-profit organization dedicated to the recruitment, retention and advancement of women in the cybersecurity field.

Stratus Cyber

Stratus Cyber

Stratus Cyber is a premier Cyber Security company specializing in Managed Security Services. Our services include Blockchain Security, Pentesting, and Compliance Assessments.

C11 Cyber Security & Digital Innovation Centre

C11 Cyber Security & Digital Innovation Centre

C11 is working with local and national partners to develop talent and bring brilliant minds and brilliant businesses together.

CounterFind

CounterFind

CounterFind is turnkey technology that allows brands to find and remove counterfeit and infringing merchandise from online marketplaces and social media sites.

Illuma Labs

Illuma Labs

Illuma Labs delivers real-time voice authentication and fraud prevention solutions.

Enea

Enea

Enea is one of the world’s leading specialists in software for telecommunications and cybersecurity. Our products are used to enable services for mobile subscribers, enterprise customers and IoT.

SLVA Cybersecurity

SLVA Cybersecurity

SLVA Cybersecurity excel at delivering security-as-a-service, fit-for-purpose, within the constraints of realistic budgets and business expectations.

Red Access

Red Access

Red Access provides the first SaaS-based platform to protect web browsing from cyber threats on any browser and any in-app while ensuring frictionless user experience.

ABM Technology Group

ABM Technology Group

ABM Technology Group (formerly True IT) provide business information technology services, solutions, and consulting for small to mid-sized organizations.

StepSecurity

StepSecurity

StepSecurity provides a comprehensive security platform for GitHub Actions.

NOYB

NOYB

NOYB is a non-profit organization aiming to close the gap between privacy laws and the reality of corporate practice.

FOSSA

FOSSA

FOSSA is a leading SBOM (software bill of materials) and software supply chain risk management platform.

EasySec Solutions

EasySec Solutions

EasySec Solutions provides a cyber-security platform, based on a combination of the zero trust model and the software-defined security management.