GCHQ acted unlawfully when accessing millions of people’s personal messages, a tribunal has ruled.
Citing a lack of transparency, the IPT (Investigatory Powers Tribunal) ruled that the security service had breached human rights laws because the public had been misled.
But following a change in the law made in December 2014, the snoopers’ agency is now legally compliant.
While today’s ruling is a small victory for pressure groups including Privacy International and Bytes For All – among those who had initially brought the case against GCHQ – campaigners intend to step up the pressure on the British security agency.
An appeal for the European Court of Human Rights, to challenge the December 2014 ruling is being made in order to end unlimited warrantless access to bulk NSA data.
Through its controversial PRISM programme, the NSA has gained access to the data and content handled by some of the world’s largest Internet companies, including Google, Apple, Microsoft, Facebook, YouTube, Skype, Yahoo and AOL.
Eric King, deputy director of Privacy International, said: The only reason why the NSA-GCHQ sharing relationship is still legal today is because of a last-minute clean-up effort by Government to release previously secret “arrangements”.
“That is plainly not enough to fix what remains a massive loophole in the law, and we hope that the European Court decides to rule in favour of privacy rather than unchecked State power.”
Will Europe batter TEMPORA?
Elsewhere, the Open Rights Group along with Big Brother Watch and the English PEN has an application pending with the European Court to challenge the legality of TEMPORA, a UK-based operation that collects data on Internet subscribers on a massive scale.
Elizabeth Knight, legal director at Open Rights Group said: “This ruling is a very welcome first step. However, the IPT has not gone far enough. These flimsy policies are not enough to comply with the requirements of human rights law, even now they are public.
“And GCHQ’s own TEMPORA programme of mass interception is clearly both unlawful and disproportionate. We hope the European Court of Human Rights will go further than the IPT and find that mass surveillance breaches our human right to privacy.”
On December 5, 2014 the IPT ruled that TEMPORA is lawful in principle.
In addition to TEMPORA, the UK Government is proposing a new Counter-Terrorism and Security Bill which will require UK ISPs to store and hand over data relating to customer’s IP addresses to police and security services.