Bulk data collection by intelligence agencies breached human rights law
Seventeen years of mass collection of citizens’ personal data by the UK’s security agencies has been ruled unlawful by the investigatory powers tribunal.
Spy agencies unlawfully collected massive amounts of personal data for more than a decade - Photo credit: PA
The tribunal, which hears cases against the security service MI5, the secret intelligence service MI6 and the communications security arm GCHQ, said the agencies had broken human rights laws by collecting bulk personal data without appropriate safeguards.
It was considering the agencies' activities for the 17 years up to 2015, when the government acknowledged that such practices were taking place and brought in new guidance on how to collect and use information.
It ruled that the agencies' collection of massive amounts of communications data - defined as the who, where, when and how of a communication but not its content - failed to comply with Article 8 of the European Convention on Human Rights.
Similarly, the regime for the storage of bulk personal datasets also failed to comply with ECHR principles.
The case was brought by the campaign group Privacy International, which said it was “a long overdue indictment of UK surveillance agencies riding roughshod over our democracy and secretly spying on a massive scale”, adding that the public deserved an explanation as to why personal data was collected and stored for so long without proper oversight.
However, the government said that the new regimes on storing and collecting personal data - set up in March and November 2015, respectively - did comply with the ECHR.
A government spokesperson said: “The powers available to the security and intelligence agencies play a vital role in protecting the UK and its citizens. We are therefore pleased the tribunal has confirmed the current lawfulness of the existing bulk communications data and bulk personal dataset regimes."
The spokesperson added that the Investigatory Powers Bill, which is currently making its way through parliament, would offer "greater transparency and stronger safeguards" for the use of bulk data collection.
Nonetheless, opposition MPs were critical of the government, with shadow home secretary Dianne Abbott saying that the security services "must be held to account on this".
She added that the bill puts “far too much power in the hands of the police and politicians without judicial oversight and diminishes the rights of the citizens”.
Specialist firm sought to help identify areas where security could be bolstered
An annual study has identified core technical and incident-response skills gaps
Canadian academics claim that attack on No. 10 using Pegasus software was launched from the UAE
Head of data watchdog urges public bodies to ensure ‘vigilance’ after revealing that successful phishing attacks represent an increasing number of cyber incidents