UK Government admits to “suspicionless hacking”


Regulatory news

UK Government admits to “suspicionless hacking”

We were alarmed by the news that broke late last week that the British Government has admitted its intelligence services have the power to and historically have hacked into the personal equipment (phones, computers, networks) of anyone anywhere in the world, even where the ‘target’ is not a threat to national security or suspected of a crime. This has raised obvious concerns amongst privacy advocates and indeed the general public regarding the immense scope of the surveillance powers these organisations have.

25 March 2015

[caption id="attachment_135" align="alignleft" width="128"]Paul Paul Heritage-Redpath, Product Manager[/caption]
We were alarmed by the news that broke late last week that the British Government has admitted its intelligence services have the power to and historically have hacked into the personal equipment (phones, computers, networks) of anyone anywhere in the world, even where the ‘target’ is not a threat to national security or suspected of a crime. This has raised obvious concerns amongst privacy advocates and indeed the general public regarding the immense scope of the surveillance powers these organisations have. This information was discovered within a Government court document published by Privacy International and the admissions were made in response to two court cases filed against GCHQ last year following the Edward Snowden revelations. A press release from Privacy International states: “Buried deep within the document, Government lawyers claim that while the intelligence services require authorisation to hack into the computer and mobile phones of “intelligence targets”, GCHQ is equally permitted to break into computers anywhere in the world even if they are not connected to a crime or a threat to national security.” It continues: “What’s worse is that without any legitimate legal justification, they think they have the authority to target anyone they wish, no matter if they are suspected of a crime. This suspicionless hacking must come to an end and the activities of our intelligence agencies must be brought under the rule of law.” What are the two court cases about? The first case was brought by Privacy International challenging GCHQ’s and the US National Security Agency's (NSA) power to infect millions of computers with malicious software that enables them to gather immense amounts of content and even access and turn on the user’s camera and microphones; track locations and listen in to phone calls. The second case is especially relevant to partners as it was filed by 7 ISPs and CPs from all over the world (including the UK) and requests the end of ‘exploitation of network communications infrastructure’ (i.e. hacking the infrastructure to gain access to private communications). This is the first time CPs have tackled GCHQ collectively. One of the most interesting factors to arise from this is the draft code regarding ‘equipment interference’ that the Government agencies' actions rely heavily on. This was quietly released to the public on the same day the IPT (Investigatory Powers Tribunal) declared GCHQ had previously acted unlawfully when sharing information with the NSA. This code has not yet been approved. The news that the Government and its agencies have such wide-reaching and invasive powers is indeed alarming. Whilst we understand the need for surveillance to investigate potential terrorism and serious crime, the fact that these activities can - and reportedly have been - conducted even where the ‘target’ was not suspected of a crime is gravely concerning. We have previously covered the ongoing debate and concern over DRIPA but this goes even further and the secretive nature and subsequent quiet release of the draft code only fuels the fire of suspicion and concern. We will be interested to see the results of the two cases that have been brought to the IPT and the potential impact this may have on existing and new legislation - especially in a General Election year! Have your say! Do you think the Government/GCHQ’s actions were justified? Should they have the widespread power to intercept all communications in the interests of national security? Or should they be forced to adhere to legislation such as DRIPA? Let us know your thoughts, opinions and concerns by leaving us a comment below. Related articles Further information [subscribe2]