GCHQ, MI5 decisions can now be challenged in court

Supreme court decision brings secretive Investigatory Powers Tribunal into scope of appeals court

Aerial shot of GCHQ's building

Decisions relating to the UK's security agencies will now be open to challenge after supreme court justices ruled that the secretive Investigatory Powers Tribunal could no longer be exempt from legal appeals.

In accordance with the Investigatory Powers Act 2016, government intelligence and security agencies such as GCHQ, MI5 and MI6 can invoke permissions to hack into internet services to gain intelligence relating to illegal activity such as anti-terror and other matters of national security.

Instances of government surveillance are sometimes questioned and receive complaints which are dealt with by the Investigatory Powers Tribunal (IPT) which acts as a mediator for the agencies. Any complaints against the agencies are ruled upon behind closed doors, decisions which the government has maintained could not be challenged in the High Court.

However, following a 4-3 majority, the supreme court ruled that the scope of GCHQ's powers should be open to judicial review, effectively allowing decisions by the IPT to be openly challenged.

The case follows a ruling made by the IPT in 2016, which stated that the hacking of computers, smartphones and networks in the UK or abroad didn't breach human rights. The case was originally appealed by Privacy International and Liberty at the high court, and then later at the court of appeals, both of which ruled in favour of the IPT. The case was eventually escalated to the supreme court, which sided with the civil rights groups.

"It is ultimately for the courts, not the legislature, to determine the limits set by the rule of law to the power to exclude review," said Lord Carnwath, who delivered the majority judgment.

"The legal issue decided by the IPT is not only one of general public importance, but also has possible implications for legal rights and remedies going beyond the scope of the IPT's remit," he added. "Consistent application of the rule of law requires such an issue to be susceptible in appropriate cases to review by ordinary courts."

The investigatory powers used by government agencies first drew attention after the Snowden leaks in 2015, which sparked outrage from privacy and human rights advocates alike.

Snowden said GCHQ had the power to deploy smurf' tools which would grant the agency access to a smartphone's location while also being able to turn the phone off and monitor conversations made over the device.

Speaking to The Guardian in response to the supreme court ruling, Caroline Wilson Palow, Privacy International's general counsel, said it was a "historic victory for the rule of law" and "it ensures that the UK intelligence agencies are subject to oversight by the ordinary UK courts".

The ruling will now set a legal precedent in the UK whereby any and all IPT rulings will theoretically be subject to challenge and legal appeal.

"The Investigatory Powers Tribunal forms an important part of this oversight and, through the Investigatory Powers Act, we strengthened this by introducing a statutory route of appeal, said a government spokesperson. "We will now consider the implications of the court's decision carefully."

Featured Resources

Digital document processes in 2020: A spotlight on Western Europe

The shift from best practice to business necessity

Download now

Four security considerations for cloud migration

The good, the bad, and the ugly of cloud computing

Download now

VR leads the way in manufacturing

How VR is digitally transforming our world

Download now

Deeper than digital

Top-performing modern enterprises show why more perfect software is fundamental to success

Download now

Recommended

Microsoft spearheads industry-wide charter against AI cyber attacks
Security

Microsoft spearheads industry-wide charter against AI cyber attacks

23 Oct 2020
Weekly threat roundup: Chrome, Citrix and WordPress
Security

Weekly threat roundup: Chrome, Citrix and WordPress

23 Oct 2020
IT services giant Sopra Steria falls victim to Ryuk ransomware
Security

IT services giant Sopra Steria falls victim to Ryuk ransomware

23 Oct 2020
CMS platforms succumb to KashmirBlack botnet as businesses rush online
Security

CMS platforms succumb to KashmirBlack botnet as businesses rush online

22 Oct 2020

Most Popular

Why you should prioritise privileged access management
Sponsored

Why you should prioritise privileged access management

9 Oct 2020
IT services giant Sopra Steria falls victim to Ryuk ransomware
Security

IT services giant Sopra Steria falls victim to Ryuk ransomware

23 Oct 2020
The enemy of security is complexity
Sponsored

The enemy of security is complexity

9 Oct 2020