Hide Techdirt is off for the long weekend! We'll be back with our regular posts tomorrow.

New Documents Show UK Intelligence Agencies Hacking Computers With Little To No Oversight

from the because-of-course-they-are dept

Privacy International, which has been engaged in legal challenges over GCHQ spying for the past few years, has obtained an oversight document as a result of its litigation. What they show is the agency’s broad hacking powers and the reluctance of its oversight to condone these actions.

The Commissioner of the Intelligence Services was slow to respond to hacking. Many of the concerns the Commissioner raised in his 2014 report [published July 2015] are the subject of PI’s legal complaint, including whether it is lawful to use broad “thematic warrants” to justify the hacking of people in the UK. The Commissioner questioned this practice in depth. He was concerned that current law “does not expressly allow for a class of authorisation”, and therefore the warrants were too broad. As a result, the Commissioner was worried that the Secretary of State was unable to properly assess whether the warrant authorised activity was necessary and proportionate. [ibid, p18] This means that GCHQ could get a warrant in the UK to hack the computer of everyone in Birmingham with little meaningful oversight.

Broad warrants at home — signed by someone who may not have had any idea exactly what they were authorizing. No warrants, for the most part, for extraterritorial hacking. Testimony on behalf of the GCHQ by its director of cyber-security points out that the Secretary of State (who handles surveillance warrants) is rarely consulted when the target is foreign. The only exceptions are if the GCHQ feels the target may be “sensitive” or “politically risky.” Otherwise, the GCHQ grants itself permission to carry out these attacks.

Two other agencies that write their own hacking orders (MI5 and the Secret Intelligence Service) also do what they can to eliminate whatever minimal paper trail these actions might generate.

The Intelligence and Security Committee Report in March 2015 called MI5’s and SIS’s failure to keep accurate records of their overseas hacking activities “unacceptable”, [ISC report, p.66] as it makes effective oversight impossible [Witness Statement of Ciaran Martin, 71L].

Arguably, the oversight was never “effective” to begin with. Privacy International’s Caroline Wilson Palow points out that Parliament was never notified in the first place by these agencies about their hacking activities. The oversight of three intelligence agencies is pretty much limited to one guy (Sir Mark Waller) who engages in spot checks of warrants periodically. With none of the agencies feeling any particular urge to seek warrants for overseas surveillance, it does cut down on Waller’s workload, but it doesn’t do much to ensure they aren’t abusing their (often) self-awarded privileges.

Filed Under: , , ,
Companies: privacy international

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “New Documents Show UK Intelligence Agencies Hacking Computers With Little To No Oversight”

Subscribe: RSS Leave a comment
Wendy Cockcroft says:

Re: Re: Re:


I live in the UK and believe me, we are decent people. It’s the lobby-ist led government that’s the problem. And GCHQ is much too cozy with the security/surveillance industry for my liking. That said, the problem is global. I’d be surprised to find any government of a major power with clean hands where surveillance is concerned.

Wendy Cockcroft says:

Re: Re:

Revolution comes when people forget that violence is not a solution. We DO need regime change but that requires getting people organised under a leader we can all agree on.

The only real alternative we’ve got is the left-wing Jeremy Corbyn but I’m not sure where he stands on surveillance. His deputy Tom Watson is fairly good on digital rights but needs to go further.

Whether or not Labour has a realistic chance of winning the next election is another matter. Clinging to dinosaur politics on one side and running with the neoliberal/neocon herd on the other is causing internal divisions and none of it is doing the country any favours. I wish they’d base their policies on describing the world as it actually is but none of them appear to have any interest in doing so, which puts me off voting for them.

Alastair Carnegie says:

Medical Records.

I had a very silly lady in the Medical Records Department, telephone me, because my phone number was on my records, and then have a great giggle with her friends, reading out my Medical Records aloud to me. I wonder if that was organised by G.C.H.Q. ??? It seems a bit like one of the games the staff there would like to play for their own personal entertainment.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...