Blanket surveillance - everything you need to know
Today, in a victory for the battle against blanket surveillance, the Investigatory Powers Tribunal (IPT) has ruled that GCHQ – the UK’s eavesdropping agency – has unlawfully intercepted and accessed the private communications of human rights groups.
What with so many ongoing legal cases – not to mention independent reviews, new laws, and promises of more legislation – we thought it’d be useful to break down the detail, and summarise what’s actually going on when it comes to Snowden, surveillance and privacy…
What’s the background to all this?
In 2013, the Snowden leaks revealed that GCHQ has access to transatlantic cables which carry the world’s communications – and is intercepting and processing billions of these communications every day, and sharing information with the US.
What do you mean by ‘communications’?
This includes phone calls, emails, social media postings, and internet searches – all without the public’s knowledge.
Blimey. Anything else?
Snowden’s leaks also suggested that US authorities have similarly breathtaking direct access to global communications, via the world’s biggest internet companies – and that the UK enjoys access to this data, too.
So is this where the legal cases come in?
Absolutely. In response to the Snowden revelations, we at Liberty launched two legal cases, using our Human Rights Act, to challenge what the likes of GCHQ are getting up to.
Firstly, we issued a claim – together with Privacy International and Amnesty International – in the IPT, arguing that our electronic communications may have been unlawfully accessed by GCHQ.
What’s happening with that?
In February, the IPT held that GCHQ did indeed act unlawfully by accessing millions of private communications, as collected in bulk in the US, prior to December 2014 – because until then rules governing the UK’s access to such communications were kept secret.
It was the first time the Tribunal has found against the intelligence services in the court’s 15-year history.
Hang on – isn’t Liberty now heading to Strasbourg in that case?
Yes – that’s right. The IPT also decided that UK and US intelligence sharing was lawful from December 2014 onwards – because those previously secretive rules have now been made public (which only happened thanks to our legal case).
We don’t agree that the limited safeguards revealed are enough to make such activities lawful, and compliant with human rights law, so we’re challenging the decision at the European Court of Human Rights.
So how does today’s judgment fit in?
As well as that first case, we launched another claim – on behalf of our international partners – in response to the Snowden revelations, arguing that British intelligence services have monitored those organisations’ private communications.
Today the IPT has ruled that GCHQ acted unlawfully in the way it handled intercepted communications of two of those groups – the Egyptian Initiative for Personal Rights (EIPR); and the Legal Resources Centre (LRC) in South Africa.
What about the other claimants – was it only the EIPR and LRC?
No – definitely not. The IPT may not have made any determinations in favour of the other claimants, but that doesn’t mean their private communications weren’t intercepted and examined – only that, if GCHQ did so, the Tribunal thinks it did so lawfully.
Gotcha. But what’s all this got to do with David Davis and Tom Watson?
Good question! That’s a third, separate legal case we’re currently involved in on surveillance. It’s a challenge to the Government’s “emergency” surveillance law – the Data Retention and Investigatory Powers Act 2014 (DRIPA) – on behalf of Mr Davis and Mr Watson.
We’re arguing that DRIPA is incompatible with our Human Rights Act – in particular Article 8, the right to respect for private and family life – and Articles 7 and 8 of the EU Charter of Fundamental Rights, respect for private and family life and protection of personal data.
The case was heard by the High Court earlier this month, and we’re now awaiting the judgment.
Hang on – what’s DRIPA, again?
DRIPA was passed last year, after a behind-the-scenes agreement between the three main party leaders. It does two main things:
1. It allows the Government to continue to demand blanket retention of our communications data by UK companies for 12 months. This flies in the face of a Court of Justice of the EU judgment, which held that such indiscriminate retention breaches human rights.
2. It also contains new and unprecedented powers for the UK to require overseas companies to comply with interception warrants and communications data requests – and build interception capabilities into their own products and infrastructure.
Hold up – that sounds like the Draft Communications Data Bill! Didn’t that get dropped?
It certainly does! It seems that those who failed to make the case previously for the Draft Communications Data Bill, which was dropped after much opposition, have sought to achieve some of the very same objectives via DRIPA.
What’s more, this ‘emergency’ legislation was rushed into law inside a matter of days – making proper scrutiny, amendment and debate impossible, and showing contempt for the rule of law by seeking to overrule a Court judgment.
You mentioned something about a review…?
Indeed. DRIPA did at least provide that a review, examining the effectiveness of existing surveillance legislation, should take place – and, earlier this month, the Independent Reviewer of Terrorism Legislation, David Anderson QC, published a major 300-page report.
In it, he calls for a fundamental overhaul of laws governing State surveillance – condemning the status quo as ‘undemocratic, unnecessary and – in the long run – intolerable’.
He also calls for it to be replaced with a comprehensive new law that can be properly understood – and which demands compliance with international human rights standards and prior judicial authorisation for all interception warrants and some communications data requests.
But why does all of this matter? Aren’t the spooks simply trying to keep us safe?
We take no issue with the use of intrusive surveillance powers per se – and we don’t dispute the importance of targeted surveillance by the security services and law enforcement agencies to prevent and detect serious crime.
Nor do we dispute the role that lawful and proportionate intelligence sharing between states can play in furthering that aim. Intrusive surveillance can be perfectly justifiable if it’s in accordance with law and necessary and proportionate.
Unfortunately, the current regime doesn’t provide sufficient safeguards to meet this test. There’s also increasing evidence, as unearthed by our legal cases, that even the existing limited protections are insufficient to protect communications between completely innocent people and groups.
So what’s next?
The need for reform of the surveillance framework has never been more pressing. You can find out more via our No Snoopers’ Charter campaign page.