GCHQ's Surveillance of Rights Groups is Illegal

Uploaded on 2015-06-29 in NEWS-Cybersecurity News, INTELLIGENCE--Europe, GOVERNMENT-National, FREE TO VIEW

 

cb2ecdf9-a439-4c29-97c7-784c63f2eed6-460x276.png

GCHQ’s covert surveillance of two international human rights groups was illegal, the judicial tribunal responsible for handling complaints against the intelligence services has ruled. The UK’s government monitoring agency retained emails for longer than it should have and violated its own internal procedures, according to a judgment by the investigatory powers tribunal (IPT). But it ruled that the initial interception was lawful in both cases.

The IPT upheld complaints by the Egyptian Initiative for Personal Rights and the South African non-profit Legal Resources Centre that their communications had been illegally retained and examined. The tribunal made “no determination” on claims brought other NGOs, including Amnesty International, Liberty and Privacy International, implying that their emails and phone calls were not intercepted or that they were intercepted but by legal means.
The IPT ruling said: “We are concerned that steps should be taken to ensure that neither of the breaches of procedure referred to in this determination occurs again. For the avoidance of doubt, the tribunal makes it clear that it will be making a closed report to the prime minister.”

It is the first time that a court has revealed that British intelligence agencies have spied on foreign human rights groups.
The case against the monitoring agency follows revelations by the US whistleblower Edward Snowden. 
In relation to the Egyptian Initiative for Personal Rights, the IPT found that “email communications ... were lawfully and proportionately intercepted and accessed ... However, the time limit for retention permitted under the internal policies of GCHQ, the intercepting agency, was overlooked in regard to the product of that interception, such that it was retained for materially longer than permitted under those policies.”

In respect of the Legal Resources Centre, the IPT said: “Communications from an [associated] email address ... were intercepted and selected for examination ... The tribunal is satisfied that the interception was lawful and proportionate and that the selection for examination was proportionate, but that the procedure laid down by GCHQ’s internal policies for selection of the communications for examination was in error not followed in this case.”

A government spokesperson said: “We welcome the IPT’s confirmation that any interception by GCHQ in these cases was undertaken lawfully and proportionately, and that where breaches of policies occurred they were not sufficiently serious to warrant any compensation to be paid to the bodies involved.
Guardian:  http://bit.ly/1U0rQIq

 

« The Dangers Of Internet-of-Things In Healthcare
NSA Has Reverse-Engineered Consumer Anti-Virus Software To Track Users »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Potomac Institute for Policy Studies

Potomac Institute for Policy Studies

Potomac Institute undertakes research on key science, technology, and national security issues facing society, Study areas include cybersecurity.

Celestya

Celestya

Celestya is dedicated to providing the most advanced and cost effective systems for human behavior education on cybersecurity awareness training.

Cyber 2.0

Cyber 2.0

Cyber 2.0 is the only system in the world that blocks all forms of cyber attack within the organization, including new and unfamiliar attack methods.

Atempo

Atempo

Atempo is a leading independent European-based software vendor with a global presence. We provide solutions to protect, store, move and recover all your data.

CloudVector

CloudVector

CloudVector's API Detection & Response platform is the only API Threat Protection solution that goes beyond the gateway to provide Shadow API Prevention and Deep API Risk Monitoring and Remediation.

Britive

Britive

The Britive Platform is a cloud-native security solution built for the most demanding cloud-forward enterprises.

Resilience Cyber Insurance Solutions

Resilience Cyber Insurance Solutions

Resilience Cyber Insurance combines insurance expertise with cybersecurity and data talent to deliver clear, effective solutions to protect you for the cyberrisks of today—and tomorrow.

Lightspin

Lightspin

Lightspin is a contextual cloud security platform that continuously visualizes, detects, prioritized, and prevents any threat to your cloud stack.

Broadcom

Broadcom

Broadcom is a global technology leader that designs, develops and supplies a broad range of semiconductor and infrastructure software solutions.

ARIA Cybersecurity Solutions

ARIA Cybersecurity Solutions

The ARIA ADR Automatic Detection & Response solution was designed to find, verify, and stop all types of attacks - automatically and in real time.

Zaviant Consulting

Zaviant Consulting

Zaviant Consulting is a leading data security and privacy consulting firm assisting organizations comply with constantly evolving security frameworks and privacy regulations.

Trenton Systems

Trenton Systems

Trenton Systems are committed to providing high-performance computing solutions to customers running mission-critical applications in harsh settings worldwide and across various industries.

Memcyco

Memcyco

Memcyco is a provider of cutting-edge digital trust technologies to empower brands in combating online brand impersonation fraud, and preventing fraud damages to businesses and their clients.

endpointX

endpointX

endpointX is a preventative cyber security company. We help companies minimize their risk of breach by improving cyber hygiene.

Frontier Technology Inc. (FTI)

Frontier Technology Inc. (FTI)

Frontier Technology Inc provides the technology and deep data expertise to drive the best defense and intelligence solutions.

ITUS Secure Technologies

ITUS Secure Technologies

ITUS offer fully outsourced cybersecurity solutions working with leading security vendors, providing next-gen solutions.