mass data slurping ruled illegal – AGAIN

Another blow for Snooper's Charter

The UK’s Court of Appeal has ruled that the government’s unfettered slurping of citizens’ data broke the law.

In a judgment handed down this morning, judges backed a challenge brought by deputy Labour leader Tom Watson in a long-running battle against state surveillance rules.

These laws allow for ISPs and telcos to retain communications data for up to a year and for public authorities to get access to this information. But campaigners have argued it fails to properly restrict this retention and access.

Today's ruling refers to the Data Retention and Investigatory Powers Act, which expired at the end of 2016, but will have significant implications for its successor, the Investigatory Powers Act.

The so-called Snoopers’ Charter was already under pressure following a landmark 2016 ruling from the Court of Justice of the European Union, and today’s judgment adds weight to this.

In the document, the judges also note: “As [Ben] Jaffey QC, on behalf of the first respondent, pointed out in the course of his oral submissions, that the fact that DRIPA has been repealed does not make this a pointless exercise”.

Their ruling was that DRIPA “was inconsistent with EU law” because it did not limit access to retained communications data solely to the purpose of fighting serious crime.

It also broke the law because police forces and public authorities could themselves grant access to retained data – rather than access being subject to prior review by a court or an independent administrative authority.

This cements the CJEU’s opinions, with Martha Spurrier - director of Liberty, which represented Watson in the case - saying that it “tells ministers in crystal clear terms that they are breaching the public’s human rights”.

web snoop admits Investigatory Powers Act illegal under EU law


The government has already been forced to admit that chunks of the Investigatory Powers Act are illegal, issuing a set of amendments it hoped would plaster over the faults and bring it into line.

But Liberty described these as “half-baked plans [that] do not even fully comply with past court rulings requiring mandatory safeguards” - even without today’s decision.

Of particular concern from privacy activists was the plan to lower the threshold for “serious crime” to six months (rather than three years) in prison - effectively making it easier for the government to slurp up people’s data.

Big Brother Watch’s response to the consultation also picked apart the government’s reading of the CJEU judgment, criticising the assertion that the government’s data retention regime isn't "general and indiscriminate”.

It also expressed disappointment that the proposed Office of Communications Data Authorisations – which will sign off on communications data requests instead of the public bodies themselves – would not be a judicial body.

In addition, Big Brother Watch said the fact the proposed rules also allow for “urgent requests” to be signed off internally without retrospective assessment by the OCDA weakened safeguards in these cases.

Today’s judgement did not consider whether the CJEU’s decision should refer to national security - predictably, the government says no and campaign groups say yes - and instead stuck to the matters of serious crime.

The judges said that it was not necessary for that court to come to a conclusion on this because it was to be considered by the Investigatory Powers Tribunal and is now subject to a further reference to the CJEU. ®

Similar topics

Other stories you might like

  • Chip shortage forces temporary Raspberry Pi 4 price rise for the first time

    Don't worry, only the 2GB model is affected: Increasing by ten bucks to $45

    The price of a 2GB Raspberry Pi 4 single-board computer is going up $10, and its supply is expected to be capped at seven million devices this year due to the ongoing global chip shortage.

    Demand for components is outstripping manufacturing capacity at the moment; pre-pandemic, assembly lines were being red-lined as cloud giants and others snapped up parts fresh out of the fabs, and the COVID-19 coronavirus outbreak really threw a spanner in the works, so to speak, exacerbating the situation.

    Everything from cars to smartphones have felt the effects of supply constraints, and Raspberry Pis, too, it appears. Stock is especially tight for the Raspberry Pi Zero and the 2GB Raspberry Pi 4 models, we're told. As the semiconductor crunch shows no signs of letting up, the Raspberry Pi project is going to bump up the price for one particular model.

    Continue reading
  • Uncle Sam to clip wings of Pegasus-like spyware – sorry, 'intrusion software' – with proposed export controls

    Surveillance tech faces trade limits as America syncs policy with treaty obligations

    More than six years after proposing export restrictions on "intrusion software," the US Commerce Department's Bureau of Industry and Security (BIS) has formulated a rule that it believes balances the latitude required to investigate cyber threats with the need to limit dangerous code.

    The BIS on Wednesday announced an interim final rule that defines when an export license will be required to distribute what is basically commercial spyware, in order to align US policy with the 1996 Wassenaar Arrangement, an international arms control regime.

    The rule [PDF] – which spans 65 pages – aims to prevent the distribution of surveillance tools, like NSO Group's Pegasus, to countries subject to arms controls, like China and Russia, while allowing legitimate security research and transactions to continue. Made available for public comment over the next 45 days, the rule is scheduled to be finalized in 90 days.

    Continue reading
  • Global IT spending to hit $4.5 trillion in 2022, says Gartner

    The future's bright, and expensive

    Corporate technology soothsayer Gartner is forecasting worldwide IT spending will hit $4.5tr in 2022, up 5.5 per cent from 2021.

    The strongest growth is set to come from enterprise software, which the analyst firm expects to increase by 11.5 per cent in 2022 to reach a global spending level of £670bn. Growth has fallen slightly, though. In 2021 it was 13.6 per cent for this market segment. The increase was driven by infrastructure software spending, which outpaced application software spending.

    The largest chunk of IT spending is set to remain communication services, which will reach £1.48tr next year, after modest growth of 2.1 per cent. The next largest category is IT services, which is set to grow by 8.9 per cent to reach $1.29tr over the next year, according to the analysts.

    Continue reading

Biting the hand that feeds IT © 1998–2021