from the of-course,-when-you're-the-government,-you-just-have-the-laws-changed dept
The UK’s mass surveillance programs haven’t been treated kindly by the passing years (2013-onward). Ever since Snowden began dumping details on GCHQ surveillance, legal challenges to the lawfulness of UK bulk surveillance have been flying into courtrooms. More amazingly, they’ve been coming out the other side victorious.
In 2015, a UK tribunal ruled GCHQ had conducted illegal surveillance and ordered it to destroy intercepted communications between detainees and their legal reps. In 2016, the UK tribunal declared GCHQ’s bulk collection of communications metadata illegal. However, the tribunal did not order destruction of this collection, meaning GCHQ is likely still making use of illegally-collected metadata.
A second loss in 2016 — this time at the hands of the EU Court of Justice — found GCHQ’s collection of European communications being declared illegal due to the “indiscriminate” (untargeted) nature of the collection process. The UK government appealed this decision, taking the ball back to its home court. And, again, it has been denied a victory.
The court of appeal ruling on Tuesday said the powers in the Data Retention and Investigatory Powers Act 2014, which paved the way for the snooper’s charter legislation, did not restrict the accessing of confidential personal phone and web browsing records to investigations of serious crime, and allowed police and other public bodies to authorise their own access without adequate oversight.
The three judges said Dripa was “inconsistent with EU law” because of this lack of safeguards, including the absence of “prior review by a court or independent administrative authority”.
Hey, the elimination of privacy safeguards is just the price that has to be paid when the nation’s security can only be guaranteed by rushed, liberty-violating legislation dropped onto the floor shortly before closing time. If power is going to be consolidated, it needs to be done with a little debate as possible. Built-in safeguards for citizens’ privacy is something that can be relegated to an afterthought. And that afterthought need never be brought up again.
Those powers – granted by DRIPA — have been declared illegal. That’s going to cause problems for the Snooper’s Charter, which is DRIPA’s surveillance state successor. Chances are the problem will be dealt with by erecting a few minimal privacy protections while codifying prior surveillance abuses. And since this only upholds an EU court decision, it will mean less than nothing once Britain completes its exit from the Union.
The good news is the court’s decision backs up what critics have been saying for years: bulk interception of communications violates UK law, and the supposed oversight these collections receive falls far short of what’s required to make the collections legal again.