Government admits: security services can do what they like - claims Privacy International

clock

Court documents indicate that the intelligence services are out of control, according to pressure group

The government has admitted that its intelligence services have the broad power to hack into personal phones, computers, and communications networks, and claims they are legally justified to hack anyone, anywhere in the world, even if the target is not a threat to national security nor suspected of any crime.

That is the claim of pressure group Privacy International, following admissions by the government in a court document published today by the organisation. It follows two court cases initiated last year against GCHQ that challenge what Privacy International claims is invasive state-sponsored hacking that was revealed by Edward Snowden.

In the document, the government outlines the broad authority it has given UK intelligence services to infiltrate personal devices, the internet, and social media websites. In addition, government lawyers claim that while the intelligence services require authorisation before they are allowed to hack into the computer and mobile phones of "intelligence targets", GCHQ is equally permitted to break into computers anywhere in the world, even if they are not connected to a crime or a threat to national security.

"Such powers are a massive invasion of privacy. Hacking is the modern equivalent of entering someone's house, searching through filing cabinets, diaries and correspondence, and planting devices to permit constant surveillance in future," commented the organisation.

"If mobile devices are involved, the government can obtain historical information, including every location visited in the past year and the ongoing surveillance will capture the affected individual wherever they go."

The court document relies heavily on a draft code on "equipment interference", according to the pressure group, which was quietly released to the public on the same day that the Investigatory Powers Tribunal found that GCHQ had engaged in unlawful information sharing with the US National Security Agency (NSA).

For the past decade, GCHQ has been involved in state-sponsored hacking without this code being available to the public, claims Privacy International, which means that they have almost certainly been acting against the law. Indeed, the draft code has not even been approved by Parliament yet, and remains open for public comment until 20 March.

Privacy International has been involved in two separate complaints to the Investigatory Powers Tribunal, one filed on its own that challenges the UK security services' presumed rights to attack any computer devices in the perceived pursuit of its work; the other is with seven internet service providers and communications companies, which calls for GCHQ to be stopped from attacks against communications networks.

"The government has been deep in the hacking business for nearly a decade, yet they have never once been held accountable for their actions. They have granted themselves incredible powers to break into the devices we hold near and dear, the phones and computers that are so integral to our lives," said Eric King, deputy director of Privacy International.

He continued: "What's worse is that without any legitimate legal justification, they think they have the authority to target anyone they wish, no matter if they are suspected of a crime. This suspicionless hacking must come to an end and the activities of our intelligence agencies must be brought under the rule of law."

You may also like
Regulation has made EU firms less data-hungry

Legislation and Regulation

GDPR has cut storage and processing

clock 21 February 2024 • 2 min read
NHS England challenged over redacted Palantir contract

Privacy

NHS must respond this month

clock 20 February 2024 • 3 min read
Encryption backdoors violate human rights, says EU court

Privacy

Implications for EU's own efforts to regulate encryption

clock 16 February 2024 • 3 min read

More on Security

You need to lock down cyber-physical systems: Here's how and why

You need to lock down cyber-physical systems: Here's how and why

Cybersecurity should focus on OT as well as IT

Samara Lynn
clock 27 March 2024 • 3 min read
China Crisis: Government blames China for Electoral Commission cyberattack

China Crisis: Government blames China for Electoral Commission cyberattack

Also accuses Chinese state-affiliated actors of trying to hack MPs emails

Penny Horwood
clock 26 March 2024 • 5 min read
A cyber-focused attorney on why 'Data is the hot potato'

A cyber-focused attorney on why 'Data is the hot potato'

Shawn Tuma, partner and co-chair of the data privacy and cybersecurity practice group at Spencer Fane LLP, shares some tips on cybersecurity for companies to follow.

Samara Lynn
clock 26 March 2024 • 3 min read