UK faces challenges to bulk spying in European Court of Human Rights

Privacy groups argue bulk data collection breaches Article 8 in landmark court case


Representatives from the UK government have appeared in front of the European Court of Human Rights (ECHR) this week after a coalition of civil rights groups brought a challenge to the policy of bulk data collection by security agencies.

Amnesty International, Big Brother Watch, Liberty, Privacy International, as well as 10 other human rights and journalistic groups in Europe, Africa and Asia sought to challenge the legality of the UK's mass surveillance and data collection, in a court hearing that started on Tuesday in Strasbourg.

Advertisement - Article continues below

The group argues that the government policy allowing UK security agencies to intercept data, which NSA whistleblower Edward Snowden's revelations brought to light, is a breach of the European Convention on Human Rights.

Three separate cases are now being brought against the UK government, namely Big Brother Watch and Others v. the United Kingdom, Bureau of Investigative Journalism and Alice Ross v. the United Kingdom, and 10 Human Rights Organisations and Others v. the United Kingdom. The hearing on Tuesday was only the initial part of the process, with an official ruling set to be made at a later stage.

In all three cases, the groups believe that due to the sensitive nature of the data they handle, their communications may have been intercepted by either the UK or US security agencies in the course of bulk data collection and data-sharing.

Advertisement - Article continues below

The practice of sharing data between agencies has been challenged by human rights groups in the past. In a controversial ruling in 2016, the Investigatory Powers Tribunal, which has jurisdiction over GCHQ, MI5 and MI6, ruled that the agreement between the UK's GCHQ and the US's NSA was unlawful, but that the full disclosure of the deal allowed for "adequate signposting" of secret policies. In other words, by revealing and exposing the practice, it complied with human rights law.

Advertisement - Article continues below

This has been challenged by human rights groups, which have now elevated the case to the ECHR in Strasbourg. The hearing on Tuesday was overseen by the court's president Linos-Alexandre Sicilianos, and judges from European countries, including the UK's Tim Eicke.

"Our organisations exist to stand up for people and challenge abuse of power," said Martha Spurrier, director of Liberty, one of the groups challenging the UK government. "We work with whistleblowers, victims, lawyers, journalists, and campaigners around the world, so confidentiality and protection of our sources is vital."

"The UK government's vast, cross-border mass surveillance regime - which lets it access millions of people's communications every day - has made those protections meaningless. No country that deploys industrial-scale state surveillance has ever remained a rights-respecting democracy. We now look to the court to uphold our rights where our government has failed to do so."

In a separate challenge, Privacy International claimed last month that bodies charged with overseeing UK spy agencies didn't actually know that the agencies were allegedly sharing people's data with foreign counterparts.

Advertisement - Article continues below

After lengthy submissions by legal teams from both sides in the ECHR on Tuesday, questions were then directed at the UK government, including asking: who monitors the facilities being used to intercept data; who is responsible for turning those facilities on or off; whether all communication services are under surveillance; and whether data stored in cloud services outside the UK should be considered external communications.

The UK government argued that existing codes, including the Code of Practice for intercepted communications, provide effective oversight of the bulk collection of data, while allowing security agencies to do their work without breaching human rights law. The UK maintains that bulk collection of data is "of critical importance" to ensure national security.

"Whilst privacy rights are, of course, of importance, and to be respected, the right to life and the safety of citizens is paramount," argued the government's legal representative. "The core problem at the heart of the applicant's case, is that they seek to conjure up, by reference to what we suggest are grossly inaccurate speculations presented as fact."

Advertisement - Article continues below

However, human rights groups argued that the bulk collection of data violates Article 8 of the European Convention on Human Rights, which guarantees the right to privacy, specifically because it is untargeted and disproportionate. They also argue that new technology has allowed the government to access even greater amounts of user data online.

The hearing lasted almost three hours before the panel retired to deliberate on the hearing. A ruling date for the case has not yet been made, although we will update the story once it has been confirmed.

Separately, Privacy International's challenge to the UK's bulk data collection practices was escalated to the European Court of Justice by the Investigatory Powers Tribunal in September, giving the court the final say over whether the UK's data collection is lawful or not. 

Featured Resources

Top 5 challenges of migrating applications to the cloud

Explore how VMware Cloud on AWS helps to address common cloud migration challenges

Download now

3 reasons why now is the time to rethink your network

Changing requirements call for new solutions

Download now

All-flash buyer’s guide

Tips for evaluating Solid-State Arrays

Download now

Enabling enterprise machine and deep learning with intelligent storage

The power of AI can only be realised through efficient and performant delivery of data

Download now



UK government may trace COVID-19 patients using mobile phone data

20 Mar 2020
General Data Protection Regulation (GDPR)

Irish data regulator racks up GDPR cases against Big Tech

24 Feb 2020
data management

EU-US data transfer tools used by Facebook ruled legal

19 Dec 2019

Arcserve UDP 9240DR review: Beef up your backups

4 Apr 2019

Most Popular

Server & storage

HPE warns of 'critical' bug that destroys SSDs after 40,000 hours

26 Mar 2020

These are the companies offering free software during the coronavirus crisis

25 Mar 2020
video conferencing

Zoom beams iOS user data to Facebook for targeted ads

27 Mar 2020
high-performance computing (HPC)

IBM dedicates supercomputing power to coronavirus research

24 Mar 2020