GCHQ's Surveillance of Rights Groups is Illegal

Uploaded on 2015-06-29 in NEWS-Cybersecurity News, INTELLIGENCE--Europe, GOVERNMENT-National, FREE TO VIEW

 

cb2ecdf9-a439-4c29-97c7-784c63f2eed6-460x276.png

GCHQ’s covert surveillance of two international human rights groups was illegal, the judicial tribunal responsible for handling complaints against the intelligence services has ruled. The UK’s government monitoring agency retained emails for longer than it should have and violated its own internal procedures, according to a judgment by the investigatory powers tribunal (IPT). But it ruled that the initial interception was lawful in both cases.

The IPT upheld complaints by the Egyptian Initiative for Personal Rights and the South African non-profit Legal Resources Centre that their communications had been illegally retained and examined. The tribunal made “no determination” on claims brought other NGOs, including Amnesty International, Liberty and Privacy International, implying that their emails and phone calls were not intercepted or that they were intercepted but by legal means.
The IPT ruling said: “We are concerned that steps should be taken to ensure that neither of the breaches of procedure referred to in this determination occurs again. For the avoidance of doubt, the tribunal makes it clear that it will be making a closed report to the prime minister.”

It is the first time that a court has revealed that British intelligence agencies have spied on foreign human rights groups.
The case against the monitoring agency follows revelations by the US whistleblower Edward Snowden. 
In relation to the Egyptian Initiative for Personal Rights, the IPT found that “email communications ... were lawfully and proportionately intercepted and accessed ... However, the time limit for retention permitted under the internal policies of GCHQ, the intercepting agency, was overlooked in regard to the product of that interception, such that it was retained for materially longer than permitted under those policies.”

In respect of the Legal Resources Centre, the IPT said: “Communications from an [associated] email address ... were intercepted and selected for examination ... The tribunal is satisfied that the interception was lawful and proportionate and that the selection for examination was proportionate, but that the procedure laid down by GCHQ’s internal policies for selection of the communications for examination was in error not followed in this case.”

A government spokesperson said: “We welcome the IPT’s confirmation that any interception by GCHQ in these cases was undertaken lawfully and proportionately, and that where breaches of policies occurred they were not sufficiently serious to warrant any compensation to be paid to the bodies involved.
Guardian:  http://bit.ly/1U0rQIq

 

« The Dangers Of Internet-of-Things In Healthcare
NSA Has Reverse-Engineered Consumer Anti-Virus Software To Track Users »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CSA Events

CSA Events

Cloud Security Alliance conducts a series of conferences around the world. This listing provides a link to details of upcoming events.

ID Quantique (IDQ)

ID Quantique (IDQ)

ID Quantique is a world leader in quantum-safe crypto solutions, designed to protect data for the long-term future.

Certis

Certis

Certis is a leading advanced integrated security organisation that develops and delivers multi-disciplinary security and integrated services.

Cog Systems

Cog Systems

Cog Systems offer an embedded solution built on modularity, proactive security, trustworthiness, and adaptability to enable highly secure connected devices.

ISEC7 Group

ISEC7 Group

ISEC7 Group is a global provider of mobile business services and software solutions. The company was one of the first movers in mobilising company and business processes.

ISTC Foundation

ISTC Foundation

ISTC Foundation is one of the leading innovation centers in Armenia, founded by joint initiative of IBM, USAID, Armenian Government and Enterprise Incubator Foundation.

Enso Security

Enso Security

Enso is the first Application Security Posture Management (ASPM) solution, helping security teams everywhere eliminate their AppSec chaos with application discovery, classification and management.

Corellium

Corellium

Corellium are dedicated to supporting our peers in the ARM community who seek to build more secure, performant, and accessible software and devices.

Pristine InfoSolutions

Pristine InfoSolutions

Pristine InfoSolutions is a global IT services and Information Security Company focused on delivering smart, next-generation business solutions.

Astrill VPN

Astrill VPN

Astrill VPN is a Seychelles based Virtual Private Network(VPN) Company.

Utimaco

Utimaco

UTIMACO develops on-premises and cloud-based hardware security modules, solutions for key management, data protection and identity management as well as data intelligence solutions.

Curatrix Technologies

Curatrix Technologies

Curatrix Technologies is a Managed IT Service provider based in Hampshire, UK, providing high quality and reliable Managed IT Services since 2015.

BLOCX

BLOCX

BLOCX is designed to address the ever-growing challenges of managing and securing digital devices, from personal computers to corporate networks.

ETI-NET

ETI-NET

ETI-NET is the worldwide leader in managing critical data for industries that never stop.

Cybit

Cybit

Cybit is the one-stop-shop for digital transformation that scales in line with your growth.

Beazley Security

Beazley Security

Beazley Security is a global cyber security firm committed to helping clients develop true cyber resilience: the ability to withstand and recover from any cyberattack.