The UK government has suffered yet another defeat in the courts over a surveillance regime that critics have dubbed a ‘Snooper’s charter’.
Today the UK High Court agreed with digital and civil rights group Liberty’s crowdfunded legal challenge to a portion of the UK’s 2016 Investigatory Powers Act that gives the state the power to mandate that communications companies and service providers collect and retain web activity logs, comms metadata and location information on all their users for a full 12 months.
The provision for a blanket retention of citizens’ digital data — which can be accessed by a wide range of public bodies for all sorts of purposes — has always been controversial.
Liberty’s challenge to this section of the IP Act included the fact the retained metadata could be accessed by dozens of public bodies without independent authorization by a court of independent agency; that the bar for accessing the data was merely “crime-fighting” rather than for “serious crime”; and also that the data could be accessed — using other powers in the IP Act — for various non-crime purposes, including collecting taxes and fines; and for regulating financial services.
The court did not affirm one of Liberty’s other contentions, though — declining to find that Part 4 was unlawful on the grounds that it constituted “general and indiscriminate” retention of data. (Though EU jurisprudence likely would have reached a different conclusion on that.)
Liberty said it asked the High Court to refer questions of EU law to Europe’s top court – including the question of whether EU privacy laws apply to retention orders issued for national security purposes and whether retained data must be kept within the EU so it can be protected by EU privacy and data protection rules. But says the Court did not refer those questions because they are already set to be decided in another case pending before the CJEU.
Ministers have been given until November 1 to amend the aspects of the legislation that have been judged unlawful by the High Court — which means the government will need to change the law to require prior review by a court or independent administrative body to access the data; and — in the context of crime-fighting — to only allow access for purposes related to combatting “serious crime”.
Commenting in a statement, Martha Spurrier, director of Liberty, said: “Police and security agencies need tools to tackle serious crime in the digital age — but creating the most intrusive surveillance regime of any democracy in the world is unlawful, unnecessary and ineffective.
“Spying on everyone’s internet histories and email, text and phone records with no suspicion of serious criminal activity and no basic protections for our rights undermines everything that’s central to our democracy and freedom — our privacy, free press, free speech, protest rights, protections for journalists’ sources and whistleblowers, and legal and patient confidentiality. It also puts our most sensitive personal information at huge risk from criminal hackers and foreign spies.”
We’ve reached out to the Home Office for comment and will update this story with any response.
It’s unclear whether the government or any public bodies have actually made use of the powers since the law was passed at the end of 2016. A European Court of Justice (CJEU) ruling in December of the same year — asserting that general and indiscriminate retention of comms data is illegal — clearly dealt a major blow to its ambitions for the freshly inked legislation.
Since then the government has been trying to come up with amendment proposals to plaster over the unlawful cracks in its surveillance regime.
Liberty says the government had also conceded, prior to today’s ruling, that non-crime portions of part 4 of the IP Act contained the same flaws it’s been proposing to amend elsewhere but that it asked the court to be given a further year to keep applying it — a request the judges denied, granting half a year instead.
At the start of this year the UK Appeals Court also demolished the IP Act’s predecessor — 2014’s DRIPA, which was the ’emergency’ surveillance stop-gap the government put in place to give it time to draft the full Snooper’s charter — judging that DRIPA’s bulk collection and retention of citizens’ Internet activity and phone records had been unlawful.
There’s some pretty clear legal guidance here, in domestic and EU courts, yet the majority of UK politicians on both sides of the bench appear unable to see it. Albeit, at least where ministers are concerned, the government’s M.O. looks very much like an attempt to try to legislate as close to the limit of the law as the courts will subsequently allow, leaving the taxpayer and the rights concerned public to foot the legal bills.
Liberty is launching the second phase of its crowdfunding campaign today to finance the next round of its legal fight against other portions of the sweeping surveillance powers — including challenging bulk hacking powers; bulk interceptions of communications data; and the linking of personal data via massive ‘bulk personal datasets’.
“The Court has done what the government failed to do and protected these vital values — but today’s ruling focuses on just one part of a law that is rotten to the core. It still lets the state hack our computers, tablets and phones, hoover up information about who we speak to, where we go, and what we look at online, and collect profiles of individual people even without any suspicion of criminality. Liberty’s challenge to these powers will continue,” added Spurrier.
from iFeeltech IT News Mix4 https://techcrunch.com/2018/04/27/uk-mass-surveillance-regime-dealt-another-blow-in-court/
from
https://ifeeltechinc.wordpress.com/2018/04/27/uk-mass-surveillance-regime-dealt-another-blow-in-court/
No comments:
Post a Comment