Senior judges at a UK court have ruled that the way in which British intelligence agencies collected information on the British public for the last 17 years was illegal. The decision was made by the Investigatory Powers Tribunal (IPT), a court whose job it is to preside over cases involving GCHQ, MI5, and MI6.
The tribunal is the only court in Britain that ever rules over matters related to the UK’s most elite security agencies. On this occasion, the court found in favor of UK citizens.
Among the data that the IPT has deemed was illegally collected from the British public is financial information, communications data, and vast amounts of other illegally amassed confidential records. In addition, the court found that UK intelligence had been wrongfully tracking personal phone and web use records of British citizens, without the proper legal authorization of a UK judge.
The ruling is the single biggest reprimand of UK agencies’ activities since the Edward Snowden revelations back in 2013. The IPT found that those agencies had been failing to adhere to the European Convention of Human Rights (ECHR) Article 8.
Article 8 states that all citizens have the right to privacy, and that any invasion into that private life must be legal and necessary. The UK tribunal has found that UK security agencies failed to comply with the rules of Article 8 from its inception in 1998, until 4 November 2015 (although the court did find that for the last year proper legal oversight has been in place).
Incredibly, those Bulk Public Datasets (BPD) are also believed to have illegally contained confidential data that includes: travel information; medical and tax records; commercial and financial records and even personal biographical information. From the ruling:
‘The BPD regime failed to comply with the ECHR principles which we have above set out throughout the period prior to its avowal in March 2015. The BCD regime failed to comply with such principles in the period prior to its avowal in November 2015, and the institution of a more adequate system of supervision as at the same date.’
Sadly, the timing of the Investigatory Powers Tribunal’s (IPT) ruling and the proximity to the House of Lords debate over the final stages of the Investigatory Powers Bill (IPB), seem rather contrived (and way too good to be true). It almost seems like an attempt by the government to prop up its coming decision to legalize surveillance with the IP Bill.
The IP Bill (which is popularly known as the Snoopers Charter) is legislation that will allow UK agencies to continue legally amassing the very data that the IPT has just decided was being collected illegally for 17 years!
In fact, the Snoopers Charter will significantly extend the amount of agencies that are allowed to legally spy on UK citizens data. If Theresa May gets her way, and she will, the Snoopers Charter could enable local police forces, the RAF, and even the taxman (among many others) to look into private British records. This includes 12 months’ worth of web browsing histories (in metadata form), which will have to be retained by British ISPs.
Anger from privacy advocates
Shadow home secretary, Diane Abbot, went on the record shortly after the IPT ruling to tell members of the House of Lords that the decision is “a sharp reminder” that the contents of the Snoopers Charter should be updated before the legislation is passed. According to Abbot, the ‘draconian’ law needs to be altered to stop it handing over vast – unnecessary – surveillance powers to a collection of British agencies.
Sadly, the shadow home secretary’s opinion did not stop Labour peers from voting in favor of the Snoopers Charter yesterday. Thanks to this vote in the House of Lords, that legislation will now go forth and formally legalize the surveillance activities of British agencies.
The proximity of yesterday’s decision – in favor of the Snoopers Charter – to the findings of the IPT, has infuriated privacy campaigners. Jim Killock, the Director of the Open Rights Group has made the following statement,
‘Labour did not table any serious amendments to this draconian legislation in the House of Lords. Labour is simply failing to hold the government to account.
The Labour Lords had an opportunity to improve the IP bill and make it closer to becoming a surveillance law fit for a democracy not a dictatorship. They could have called for proposals to record UK citizens’ web browsing history to be scrapped or demanded that the police need independent authorisation to access our data.’
The Lord’s decision is a stark reminder that the British public ought to be taking the necessary steps to protect its digital footprints. Digital privacy is massively important, and the amount of personal information that it involves is staggering.
With the Snoopers Charter now a done deal, UK citizens need to take personal responsibility for the protection of their private data. If not, they will be accepting their every digital move being hoovered up by just about every British agency out there.
As such, the British public must look to protect itself with encryption, using services such as VPNs. These offer protection against the Snoopers Charter by encrypting all web browsing data between them you and your VPN provider (which should be based outside the UK). The outcome is that regular folks take control of their digital footprint, stopping ISPs from having the ability to retain web browsing histories on behalf of the government.
Under the circumstances, and with the Snoopers Charter now just round the corner, there has never been a better time to subscribe to a VPN service. Finally, despite the findings of the IPT, it is not yet clear whether the illegally amassed data will now be deleted.
Millie Graham Wood, the legal officer at Privacy International, made the following comment,
‘The public and parliament deserve an explanation as to why everyone’s data was collected for over a decade without oversight in place and confirmation that unlawfully obtained personal data will be destroyed.’