GCHQ by twitter.com/Mattwi1s0n at Flickr
Pressure is mounting on GCHQ to disclose its internal policies on surveillance after a tribunal ruled today it had acted unlawfully by keeping secret its rules on collection of UK citizens’ data from the US.
By failing to make public a summary of its “internal arrangements” on accessing millions of communications collected by the US National Security Agency, spy agencies broke human rights law, the Investigatory Powers Tribunal said.
Today’s ruling is the first time that the tribunal, which hears complaints against the intelligence and security agencies, has ruled against them in the court’s 15 year history.
Today’s tribunal ruling said UK authorities were now complying with the law, having released the policy summary last year during a case brought by four NGOs: Liberty, Amnesty International, Bytes for All and Privacy International.
But prior to this release, it was in breach of human rights legislation, the tribunal added.
The policy summary disclosed revealed that UK intelligence and security agencies are able, without a warrant, to obtain data that foreign governments have intercepted.
The agencies had initially resisted the disclosure on national security grounds.
Last year they were also forced to disclose a summary of policies on interception of legally privileged communications, revealing that these are treated just like any other form of intelligence and were targeted and exploited.
A spokesman for Privacy International said today’s judgment raised hopes of further disclosures.
Privacy is suing the UK government in the European Court of Human Rights over its failure to disclose the “Five Eyes agreement“, which governs intelligence sharing between the UK, US, Australian, New Zealand and Canada.
“We hope that the government will now disclose the Five Eyes agreement so that it can be held up to public scrutiny,” the spokesman said. Privacy International and several internet service providers are also challenging the UK intelligence agencies’ hacking activities.
“We do not know whether any policies exist around hacking, but if there are, we hope they will now be disclosed,” said the Privacy International spokesman.
Today, the government published consultation documents on codes of practice on “computer network exploitation” – GCHQ’s term for hacking – and interception by the intelligence agencies.
Security minister James Brokenshire said in a foreward to the document: “It is imperative that the Government is as open as it can be about these capabilities and how they are used.
The public and Parliament needs to have confidence that there is a robust statutory framework for the use of such intrusive investigative powers and that there is a strong system of safeguards in place.”
The Bureau of Investigative Journalism is currently challenging the UK government in the European courts over its mass surveillance practices on the grounds that journalists’ communications are not adequately safeguarded.
The case, which was launched last autumn, has been given priority status by the ECHR, meaning it should be heard within a year.