Bulk data collection by intelligence agencies breached human rights law

Written by Rebecca Hill on 18 October 2016 in News

Seventeen years of mass collection of citizens’ personal data by the UK’s security agencies has been ruled unlawful by the investigatory powers tribunal.

Spy agencies unlawfully collected massive amounts of personal data for more than a decade - Photo credit: PA

The tribunal, which hears cases against the security service MI5, the secret intelligence service MI6 and the communications security arm GCHQ, said the agencies had broken human rights laws by collecting bulk personal data without appropriate safeguards.

It was considering the agencies' activities for the 17 years up to 2015, when the government acknowledged that such practices were taking place and brought in new guidance on how to collect and use information. 

It ruled that the agencies' collection of massive amounts of communications data - defined as the who, where, when and how of a communication but not its content - failed to comply with Article 8  of the European Convention on Human Rights.

Similarly, the regime for the storage of bulk personal datasets also failed to comply with ECHR principles.

Related content

Review backs bulk data-interception but proposes new 'tech expert' panel 
Earning public trust in the age of cyber threats

The case was brought by the campaign group Privacy International, which said  it was “a long overdue indictment of UK surveillance agencies riding roughshod over our democracy and secretly spying on a massive scale”, adding that the public deserved an explanation as to why personal data was collected and stored for so long without proper oversight.

However, the government said that the new regimes on storing and collecting personal data - set up in March and November 2015, respectively - did comply with the ECHR.

A government spokesperson said: “The powers available to the security and intelligence agencies play a vital role in protecting the UK and its citizens. We are therefore pleased the tribunal has confirmed the current lawfulness of the existing bulk communications data and bulk personal dataset regimes."

The spokesperson added that the Investigatory Powers Bill, which is currently making its way through parliament, would offer "greater transparency and stronger safeguards" for the use of bulk data collection.

Nonetheless, opposition MPs were critical of the government, with shadow home secretary Dianne Abbott saying that the security services "must be held to account on this".

She added that the bill puts “far too much power in the hands of the police and politicians without judicial oversight and diminishes the rights of the citizens”.


Share this page



Please login to post a comment or register for a free account.

Related Articles

Nuclear clean-up agency seeks £2m-a-year partner to help improve cyber-resilience
11 May 2022

Specialist firm sought to help identify areas where security could be bolstered

Boardrooms ‘lack understanding of cybersecurity’, government report finds
5 May 2022

An annual study has identified core technical and incident-response skills gaps

Researchers detect ‘multiple spyware infections’ of Downing St and FCDO since 2020
19 April 2022

Canadian academics claim that attack on No. 10 using Pegasus software was launched from the UAE

Information commissioner: ‘Many cyber issues are preventable’
13 April 2022

Head of data watchdog urges public bodies to ensure ‘vigilance’ after revealing that successful phishing attacks represent an increasing number of cyber incidents