High Court rules DRIPA is unlawful

Government must scrap emergency surveillance legislation as it does not comply with human rights

Emergency surveillance legislation rushed through Parliament last year was ruled unlawful by the High Court this morning.

Parts of the Data Retention and Investigatory Powers Act (DRIPA) are not compatible with EU rights on privacy and the protection of personal data, the court ruled.

It marks a victory for privacy campaigners and MPs Tom Watson and David Davis, who brought the case to court seeking the judicial review with human rights organisation Liberty after DRIPA was introduced by the coalition government in 2014.

The MPs argued the legislation was ill-thought out and pointed out MPs had just one day to discuss it before it was rushed through with Royal Assent a year ago today.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

DRIPA forces communications companies to record and keep user data for one year, covering correspondence including emails, calls and texts.

Public bodies like spy agency GCHQ, but also councils, can authorise their own access to this data, with human rights group Liberty claiming half a million access requests were granted last year.

However, the High Court today found that DRIPA fails to provide clear and precise rules ensuring data can only be accessed to prevent and detect serious offences.

It also found that courts or an independent body should decide on any data access requests.

The ruling stated: "The need for that approval to be by a judge or official wholly independent of the force or body making the application should not, provided the person responsible is properly trained or experienced, be particularly cumbersome."

DRIPA will remain in force until the end of March 2016, at which time it will be scrapped and the government forced to introduce revised laws.

Advertisement - Article continues below

MP David Davis said: "The court has recognised what was clear to many last year, that the government's hasty and ill-thought through legislation is fatally flawed. They will now have to rewrite the law to require judicial or independent approval before accessing innocent people's data."

Watson added: "There must be independent oversight of the Government's data-collection powers and there must be a proper framework and rules on the use and access of citizens' communications data."

The news comes as Home Secretary Theresa May plans to revive the Snooper's Charter, a permanent piece of legislation to compel  ISPs and web firms to hold meta data on customers for at least a year.

The Investigatory Powers Bill, dubbed Snooper's Charter, blocked by the Liberal Democrats during the coalition, to bolster security services' abilities to intercept information.

Advertisement
Advertisement - Article continues below

But following the decision on DRIPA, Liberty's legal director, James Welch, said May must now commit to surveillance that respects privacy and democracy.

The Open Rights Group, which also worked on the judicial review, added its weight behind this argument, saying the High Court ruling means the Investigatory Powers Bill (the new Snooper's Charter bill) must respect human rights.

Advertisement - Article continues below

Executive director Jim Killock said: "Now that the High Court has agreed that DRIPA does not comply with EU law, we hope that the Government will listen to these concerns.

"In autumn, the Government will present the Investigatory Powers Bill to parliament. This should not be, as rumoured, an attempt by the Home Secretary to re-introduce the Snoopers' Charter, but an opportunity to introduce an effective surveillance law that is compatible with human rights."

The Home Office told IT Pro the government will appeal against the review's findings.

Security Minister John Hayes said: "We disagree absolutely with this judgment and will seek an appeal.

"Communications data is not just crucial in the investigation of serious crime. It is also a fundamental part of investigating other crimes which still have a severe impact, such as stalking and harassment, as well as locating missing people, including vulnerable people who have threatened to commit suicide.

"The effect of this judgment would be that in certain cases, communications data that could potentially save lives would only be available to the police and other law enforcement if a communications company had decided to retain it for commercial reasons. We believe that is wrong."

Featured Resources

Digital Risk Report 2020

A global view into the impact of digital transformation on risk and security management

Download now

6 ways your business could suffer if you don’t backup Office 365

Office 365 makes it easy to lose valuable data regularly, unpredictably, unintentionally, and for good

Download now

Get the best out of your workforce

7 steps to unleashing their true potential with robotic process automation

Download now

8 digital best practices for IT professionals

Don't leave anything to chance when going digital

Download now
Advertisement

Recommended

Visit/data-insights/data-management/354423/eu-us-data-transfer-tools-used-by-facebook-ruled-legal
data management

EU-US data transfer tools used by Facebook ruled legal

19 Dec 2019
Visit/backup/33385/arcserve-udp-9240dr-review-beef-up-your-backups
backup

Arcserve UDP 9240DR review: Beef up your backups

4 Apr 2019

Most Popular

Visit/mobile/28299/how-to-use-chromecast-without-wi-fi
Mobile

How to use Chromecast without Wi-Fi

5 Feb 2020
Visit/operating-systems/27717/how-to-fix-a-stuck-windows-10-update
operating systems

How to fix a stuck Windows 10 update

12 Feb 2020
Visit/security/34616/the-top-ten-password-cracking-techniques-used-by-hackers
Security

The top ten password-cracking techniques used by hackers

10 Feb 2020
Visit/security/cyber-security/354827/mcafee-researchers-trick-tesla-autopilot-with-a-strip-of-tape
cyber security

McAfee researchers trick Tesla autopilot with a strip of tape

21 Feb 2020