UK tribunal rules GCHQ's NSA data-sharing deal "unlawful"

Civil liberty groups cheer court ruling, but claim there is more work to do

Surveillance

The Investigatory Powers Tribunal (IPT) has declared British intelligence services acted unlawfully by accessing the personal communications data gathered by the US National Security Agency (NSA).

The IPT, set up 15 years ago to oversee the activities of GCHQ, MI5 and MI6, ruling follows a complaint made by several civil liberties organisations, including Amnesty International, Privacy International, Bytes for All and Liberty.

The Tribunal said the way intelligence was shared between GCHQ and the NSA's Prism surveillance programme was unlawful up until December 2014, because the rules governing the practice were kept secret.

Post-December 2014, this was no longer the case, as the details of it were made public through the work of the Tribunal.

The existence of Prism came to light in a series of disclosures by NSA whistleblower Edward Snowden during the summer of 2013.

Through the programme, it's alleged the NSA was able to access data used by the a wide range of tech giants, including Microsoft, Yahoo, Google and Facebook, and share it with GCHQ if needed.

As a result of today's outcome, Privacy International and Bytes for All have asked for further clarification from the court regarding the interception and collection of their communications data.

If it transpires that their data was unlawfully collected before December 2014, the parties are set to demand its immediate deletion.

They also want to challenge the assertion that GCHQ's activities after December 2014 were lawful, and have vowed to lodge an application with the European Court of Human Rights on this point.

Eric King, deputy director of Privacy International, said the ruling should put an end to security agencies acting like they can operate outside of the law.

"We must not allow agencies to continue justifying mass surveillance programs using secret interpretations of secret laws. The world owes Edward Snowden a great debt for blowing the whistle, and today's decision is a vindication of his actions," he said.

"But more work needs to be done. The only reason why the NSA-GCHQ sharing relationship is still legal today is because of a last-minute clean-up effort by Government to release previously secret arrangements'.

"That is plainly not enough to fix what remains a massive loophole in the law, and we hope that the European Court decides to rule in favour of privacy rather than unchecked State power."

James Welch, legal director for Liberty, added: "The Intelligence Services retain a largely unfettered power to rifle through millions of people's private communications and the Tribunal believes the limited safeguards revealed during last year's legal proceedings are an adequate protection of our privacy. We disagree, and will be taking our fight to the European Court of Human Rights."

Featured Resources

BCDR buyer's guide for MSPs

How to choose a business continuity and disaster recovery solution

Download now

The definitive guide to IT security

Protecting your MSP and your customers

Download now

Cost of a data breach report 2020

Find out what factors help mitigate breach costs

Download now

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Recommended

Data breach exposes widespread fake reviews on Amazon
data breaches

Data breach exposes widespread fake reviews on Amazon

7 May 2021
TsuNAME vulnerability could enable DDoS attacks on major DNS servers
distributed denial of service (DDOS)

TsuNAME vulnerability could enable DDoS attacks on major DNS servers

7 May 2021
What are SSH keys?
cyber security

What are SSH keys?

7 May 2021
The IT Pro Podcast: Should companies spy on their employees?
privacy

The IT Pro Podcast: Should companies spy on their employees?

7 May 2021

Most Popular

KPMG offers staff 'four-day fortnight' in hybrid work plans
flexible working

KPMG offers staff 'four-day fortnight' in hybrid work plans

6 May 2021
Dell patches vulnerability affecting hundreds of computer models worldwide
cyber security

Dell patches vulnerability affecting hundreds of computer models worldwide

5 May 2021
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

29 Apr 2021