Campaigners reveal government's secret spying regime

Intelligence services have had access to people's health, financial and communication data for 15 years

The scale of mass data surveillance in the UK is far more sweeping than the government's official proposals currently being considered by Parliament, documents have revealed.

Security services MI5, MI6 and GCHQ have used Section 94 of the Telecommunications Act 1984 to justify gathering hundreds of millions of records onBritish citizens and other UK residents for the last 15 years, Privacy International found.

Spy agency analysts can then link together these records using filters such as telephone numbers or other values, the campaign group said, after receiving the documents as it prepares for a tribunal ontheInvestigatory Powers Bill.

Section 94 has also enabled them to access data outside the protection of the existing Regulation of Investigatory Powers Act (RIPA), and even goes beyond the powers proposed in the Investigatory Powers Bill,the government's proposed legislation that would force internet service providers to collect and hold certain data on people's web browsing histories for up to a year.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

This is because section 94potentially allowed for the collection of medical and biometric data, such as blood type and hair and eye colour, though there is no indication that these kinds of information have been collected.

The existence of Bulk Personal Datasets (BPDs), as they are called, was first revealed in March 2015 in an Intelligence & Security Committee (ISC) report, however, they have existed for the past 15 years without the knowledge of the public or Parliament.

Millie Graham Wood, legal officer at Privacy International said: "The information revealed by this disclosure shows the staggering extent to which the intelligence agencies hoover up our data.

"This can be anything from your private medical records, your correspondence with your doctor or lawyer, even what petitions you have signed, your financial data, and commercial activities."

"The agencies have been doing this for 15 years in secret and are now quietly trying to put these powers on the statute book for the first time, in the Investigatory Powers Bill," she added.

Jacob Ginsberg, senior director of encryption software company Echoworx and outspoken opponent of Investigatory Powers, said: "The UK government and its intelligence agencies are watching UK citizens as if they were criminals."

Advertisement - Article continues below

"The government should not be allowed to circumvent existing laws that have been put in place to protect law-abiding citizens from potentially harmful intrusion. Having the power to sweep someone's phone records, financial data, medical records and internet communications without a warrant during bulk data collection is morally wrong," he added.

The details of the case and associated documents can be read here.

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now
Advertisement

Recommended

Visit/government-it-strategy/28305/ir35-news
Policy & legislation

Government announces review of IR35 off-payroll changes

8 Jan 2020
Visit/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/policy-legislation/data-governance/354496/brexit-security-talks-under-threat-after-uk-accused-of
data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
Visit/security/cyber-security/354468/if-not-passwords-then-what
cyber security

If not passwords then what?

8 Jan 2020
Visit/policy-legislation/31772/gdpr-and-brexit-how-will-one-affect-the-other
Policy & legislation

GDPR and Brexit: How will one affect the other?

9 Jan 2020
Visit/web-browser/30394/what-is-http-error-503-and-how-do-you-fix-it
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020