Government 'must be held to account' over illegal Snooper's Charter

Gov should be given until April to make changes to the Investigatory Powers Act, court told

Aerial shot of GCHQ's building

The High Court has been urged to give MPs until July 2018 to rewrite sections of the Investigatory Powers Act after they were deemed "incompatible" with European law.

Powers that forced communication companies to collect and store data on the UK population, including phone records and internet activity, were ruled illegal in January as they granted spy agencies access to user data for purposes other than fighting crime, and without court approval.

Digital rights group Liberty argued that ministers had been exercising these powers in the 14 months since the introduction of the Investigatory Powers Act (IPA), and has now demanded that they urgently rewrite the laws to comply with European legislation, as reported by the News & Star newspaper.

Barrister Martin Chamberlain told the High Court on Tuesday that the government should be given a deadline of 31 July 2018 to change the laws around data retention in order to provide an "effective remedy", at which point groups such as Liberty could then seek further court action.

However, the government argued that the "vast majority" of the collected data would never be accessed by the government as most cases don't pertain to any criminal investigation.

James Eadie QC, representing the government, said that it had already proposed amendments to the IPA in November last year, though there have yet to be any legislative changes, despite the ruling in January.

He also argued that as the government has already begun the process of making changes, it should be given until April 2019 to allow it time to agree to new laws and introduce a "fully independent authorisation regime".

January's ruling ended a long-running case brought against the government by Labour's Tom Watson in 2014, which argued that sections of the Data Retention and Investigatory Powers Act (DRIPA) were unlawful. Those same sections were translated to the Investigatory Powers Act when DRIPA expired in 2016 and as such it has now been argued that the government needs to rewrite those provisions to comply with the EU.

Speaking before Tuesday's hearing, Liberty director Martha Spurrier said: "Our message to the Government is straightforward you're not above the law. Stop ignoring the courts, stop knowingly violating people's rights and get on with building a targeted surveillance system that protects our safety, our cybersecurity and our rights."

30/01/2018: Court rules that UK's digital surveillance powers are illegal

The UK government's broad digital surveillance tactics, first defined under old legislation, are unlawful, judges ruled today.

The ruling concerns a legal challenge brought by Labour MP Tom Watson against the government's defunct Data Retention and Investigatory Powers Act (DRIPA) legislation that set out mass surveillance laws in 2014.

Judges unanimously found that section one of DRIPA was inconsistent with EU law because it granted spy agencies and law enforcement access to UK citizens' phone records and internet activity for purposes other than fighting serious crime, without seeking or getting approval from a court or independent authority.

DRIPA forced communications companies to store detailed information on people's mobile phone data, as well as their emails, texts and internet communications.

The Investigatory Powers Act (also known as the 'Snooper's Charter') replaced DRIPA when it expired at the end of 2016, and effectively incorporated the DRIPA legislation amid other measures. Consequently, Watson said the government will need to make changes to this legislation as well to comply with the appeal court's ruling.

Watson, who first brought his challenge to DRIPA in 2014, said: "This legislation was flawed from the start. It was rushed through Parliament just before recess without proper parliamentary scrutiny.

"The government must now bring forward changes to the Investigatory Powers Act to ensure that hundreds of thousands of people, many of whom are innocent victims or witnesses to crime, are protected by a system of independent approval for access to communications data."

Martha Spurrier, director of digital rights group Liberty, which represented Watson, added: "This judgement tells ministers in crystal clear terms that they are breaching the public's human rights. The latest incarnation of the Snooper's Charter, the Investigatory Powers Act, must be changed."

The government opened a consultation on the Investigatory Powers Act in November last year, admitting that independent oversight is necessary, and proposing safeguards around data retention.

However, this consultation also rejected the accusation that its data retention regime is "general and indiscriminate".

Open Rights Group Scotland director Matthew Rice said: "The Investigatory Powers Act carves a gaping hole in the public's rights: public bodies able to access data without proper oversight, and access to that data for reasons other than fighting serious crime.

"These practices must stop, the courts have now confirmed it. The ball is firmly in the government's court to set it right."

Security minister Ben Wallace said in a statement emailed to IT Pro: "Communications data is used in the vast majority of serious and organised crime prosecutions and has been used in every major Security Service counter-terrorism investigation over the last decade. It is often the only way to identify paedophiles involved in online child abuse as it can be used to find where and when these horrendous crimes have taken place.

"This judgment relates to legislation which is no longer in force and, crucially, today's judgement does not change the way in which law enforcement agencies can detect and disrupt crimes.

"We had already announced that we would be amending the Investigatory Powers Act to address the two areas in which the Court of Appeal has found against the previous data retention regime. We welcome the fact that the Court of Appeal ruling does not undermine the regime and we will continue to defend these vital powers, which Parliament agreed were necessary in 2016, in ongoing litigation."

Today's decision comes after Watson won his initial High Court challenge in 2015.

When the government appealed the Court of Appeal referred the case to the European Court of Justice, which upheld the High Court's decision, and set out safeguards the government must introduce in the Investigatory Powers Act, which critics claim aren't reflected in the government's consultation.

Liberty is challenging Investigatory Powers' mass surveillance regime in a separate case after crowdfunding a 50,000 legal fund.

Pictur courtesy of Defence Images

Featured Resources

Digital document processes in 2020: A spotlight on Western Europe

The shift from best practice to business necessity

Download now

Four security considerations for cloud migration

The good, the bad, and the ugly of cloud computing

Download now

VR leads the way in manufacturing

How VR is digitally transforming our world

Download now

Deeper than digital

Top-performing modern enterprises show why more perfect software is fundamental to success

Download now

Recommended

Webhose and Signal Corp boost data breach detection
Security

Webhose and Signal Corp boost data breach detection

7 Oct 2020
ICO to relax GDPR enforcement during coronavirus economic downturn
General Data Protection Regulation (GDPR)

ICO to relax GDPR enforcement during coronavirus economic downturn

16 Apr 2020
The NHS teams up with Apple and Google on coronavirus tracking app
privacy

The NHS teams up with Apple and Google on coronavirus tracking app

14 Apr 2020
Health sites are 'unlawfully' sharing medical data with Facebook and Google
data protection

Health sites are 'unlawfully' sharing medical data with Facebook and Google

7 Apr 2020

Most Popular

The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

5 Oct 2020
The enemy of security is complexity
Sponsored

The enemy of security is complexity

9 Oct 2020
What is a 502 bad gateway and how do you fix it?
web hosting

What is a 502 bad gateway and how do you fix it?

5 Oct 2020