UK Tribunal Says GCHQ Engaged In Illegal Telco Collection Program For More Than A Decade

from the eleven-years,-zero-accountability dept

UK's NSA -- GCHQ -- has lost legal battle after legal battle in recent years, most of those triggered by the Snowden leaks. The UK Appeals Court ruled its bulk collection of internet communications metadata illegal earlier this year. This followed a 2015 loss in lawsuit filed over the interception of privileged communications, resulting in a destruction order targeting everything collected by GCHQ that fell under that heading.

Some battles are still ongoing, with several of them spearheaded by Privacy International. PI's work -- and multiple lawsuits -- have led to the exposure of GCHQ's oversight as completely toothless and a declaration that the agency's surveillance agreement with the NSA was illegal… at least up to 2014's codification of illegal spy practices. (This codification was ultimately ruled illegal earlier this year.)

Thanks to another PI legal challenge, the Investigatory Powers Tribunal has found GCHQ engaged in even more illegal spying... for more than a decade. The expansion of surveillance powers following the September 11, 2001 terrorist attacks gave GCHQ more ways to collect data from telcos. This was supposed to be directed and overseen by the UK Foreign Secretary, but the lawsuit showed the oversight did nearly nothing and there were virtually no limits to what could be collected from phone companies.

The Investigatory Powers Tribunal (IPT) - set up to investigate complaints about how personal data is handled by public bodies - ruled that most of the directions given between 2001 and 2012 had been unlawful.

The tribunal was critical of the way the government handed on requests to GCHQ, partly because phone and internet providers "would not be in any position to question the scope of the requirement" because they "would have no knowledge of the limited basis upon which the direction had been made".

That being said, the IPT also somehow came to the conclusion GCHQ had never abused the apparently illegal privilege. It had "carte blanche" power to demand data, but the IPT saw "no evidence" it had collected more than the Foreign Secretary had approved. But that's not all that heartening (or convincing) considering the Foreign Secretary had delegated that responsibility to GCHQ, allowing the agency to determine what it needed without input or oversight.

Supposedly everything is all better now with the rules put in place in 2014. The Data Retention and Investigatory Powers Act of 2014 was a weak attempt at surveillance reforms following the steady stream of leaked documents triggered by Snowden in the summer of 2013. So weak were the reforms, the EU Court declared the act incompatible with international law, making GCHQ's collection efforts targeting other Europeans illegal everywhere else but in the UK.

The collection power was illegal, at least under previous versions of the UK's Snoopers' Charter. Whether or not GCHQ wrote itself blank collection checks with the signed checkbook handed to it by the Foreign Secretary is still an open question, despite the court's determination. It's not like surveillance agencies have ever hidden questionable collections from their oversight or found a way to avoid delivering incriminating evidence against themselves until years after issues were first contested.

Reader Comments

Subscribe: RSS

View by: Time | Thread

  • identicon
    Anonymous Coward, 27 Jul 2018 @ 4:15am

    the UK has become a less and less democratic nation, less and less of an upholder of human rights and freedom and more and more of the likes of Iran and N.Korea, oh, and the USA!!

    reply to this | link to this | view in chronology ]

    • icon
      Ninja (profile), 27 Jul 2018 @ 7:05am


      I'd say that, with a few exceptions, this is a global trend.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 27 Jul 2018 @ 6:47pm

        Re: Re:

        It is not an accident. Closed societies are economically weak and have few allies. It is in the in interests of certain rival nation states to encourage authoritarianism in the west. See the link below for some ways this is done. Because it is very cheap to do culture hacking operations these days, as well as nation states, all sorts of scummy oligarchs are dumping money into it to supplement their traditional lobbying efforts too.

        People don’t understand the tech involved, and most like to delude themselves that they are autonomous, rational creatures that are not easily influenced, so it has mostly flown under the radar (less so in Europe). Also our politicians are neck-deep in internet/data-driven election-hacking scams themselves so can’t regulate organised disinformation unless they want to go back to talking about policies. e-in-2016-election-an-ethical-hacker-explains-99989

        reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 27 Jul 2018 @ 6:55pm

    I keep reading about how the actions of government agencies are found to be illegal. But no one seems to ever be jailed, or fined, or even lose their jobs. I can think of at least a couple of times when the worst offenders are actually promoted.

    Serious question: Are the relevant pieces of legislation designed so that there are no possible consequences for breaking them? Isn't that just openly ridiculous? Why does the judiciary go along with the charade?

    reply to this | link to this | view in chronology ]

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: Techdirt Logo Gear
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.