Search
Content type: Long Read
This piece was originally published in Lawfare in May 2017.
This post is part of a series written by participants of a conference at Georgia Tech in Surveillance, Privacy, and Data Across Borders: Trans-Atlantic Perspectives.
Cross-border law enforcement demands have become increasingly important to law enforcement in the digital age. Digital evidence in one jurisdiction—such as the United States—is often necessary to investigate a crime that has effects in another jurisdiction…
Content type: Long Read
Disclaimer: This piece was written in April 2017. Since publishing, further information has come out about Cambridge Analytica and the company's involvement in elections.
Recently, the data mining firm Cambridge Analytica has been the centre of tons of debate around the use of profiling and micro-targeting in political elections. We’ve written this analysis to explain what it all means, and the consequences of becoming predictable to companies and political campaigns.
What does…
Content type: Long Read
Introduction
A growing number of governments around the world are embracing hacking to facilitate their surveillance activities. Yet hacking presents unique and grave threats to our privacy and security. It is far more intrusive than any other surveillance technique, capable of accessing information sufficient to build a detailed profile of a person, as well as altering or deleting that information. At the same time, hacking not only undermines the security of targeted systems, but also has…
Content type: Long Read
This piece was written by Ashley Gorski, who is an attorney at the American Civil Liberties Union, and PI legal officer Scarlet Kim and originally appeared in The Guardian here.
In recent weeks, the Hollywood film about Edward Snowden and the movement to pardon the NSA whistleblower have renewed worldwide attention on the scope and substance of government surveillance programs. In the United States, however, the debate has often been a narrow one, focused on the…
Content type: Long Read
On 17 October 2016, the Investigatory Powers Tribunal handed down judgment in a case brought by Privacy International against the Foreign Secretary, the Home Secretary and the three Security and Intelligence Agencies (MI5, MI6 and GCHQ).
The case concerned the Agencies’ acquisition and use of bulk personal datasets (‘BPD’) – datasets that contain personal data about individuals, the majority of whom are unlikely to be of intelligence interest, such as passport databases and finance-related…
Content type: Long Read
This week, Privacy International, together with nine other international human rights NGOs, filed submissions with the European Court of Human Rights. Our case challenges the UK government’s bulk interception of internet traffic transiting fiber optic cables landing in the UK and its access to information similarly intercepted in bulk by the US government, which were revealed by the Snowden disclosures. To accompany our filing, we have produced two infographics to illustrate the…
Content type: Long Read
Privacy International’s case on Bulk Personal Datasets and Bulk Communications Data comes to a head with a four-day hearing in the Investigatory Powers Tribunal which commenced on 26 July 2016.
The litigation has brought to light significant revelations about the use of section 94 of the 1984 Telecommunications Act to obtain bulk communications data.
Large amounts of disclosure have shed new light on this hitherto secret power and explained confusing aspects of the Government’s Response to…
Content type: Long Read
This piece originally appeared here.
On both sides of the Atlantic, we are witnessing the dramatic expansion of government hacking powers. In the United States, a proposed amendment to Rule 41 of the Federal Rules of Criminal Procedure would permit the government to obtain a warrant, in certain circumstances, to hack unspecified numbers of electronic devices anywhere in the world. Meanwhile, across the pond, the British Parliament is currently debating the Investigatory…
Content type: Long Read
1984: A broad law, a broad power and a whole lot of secrecy
In the wake of litigation brought by Privacy International (‘PI’) and as the Government prepared to introduce the Draft Investigatory Powers Bill (‘IP Bill’) in November 2015, there was a cascade of ‘avowals’- admissions that the intelligence agencies carry out some highly intrusive surveillance operations under powers contained in outdated and confusing legislation.
It is disappointing that it has been almost six months since…
Content type: Long Read
The Investigatory Powers Tribunal (“IPT”) today held that GCHQ hacking of computers, mobile devices and networks is lawful, wherever it occurs around the world. We are disappointed that the IPT has not upheld our complaint and we will be challenging its findings.
Our complaint is the first UK legal challenge to state-sponsored hacking, an exceptionally intrusive form of surveillance. We contended that GCHQ hacking operations were incompatible with democratic principles and human rights…
Content type: Long Read
Few revelations have been been as troubling for the right to privacy as uncovering the scope of the Five Eyes alliance. The intelligence club made up of Australia, Canada, New Zealand, the United Kingdom and the United States has integrated its collection efforts, staff, bases, and analysis programs. Yet the legal rulebook governing how the agencies ensure the most comprehensive joint surveillance effort in the history of mankind remains secret.
The little that is known suggests a…
Content type: Long Read
As Privacy International celebrates Friday's victory against Britain’s security services - the first such victory this century - we cannot help but feel the success is bittersweet.
After all, we may have convinced the Investigatory Powers Tribunal that GCHQ was acting unlawfully in accessing NSA databases filled with billions of emails and messages, but with a few technical adjustments the intelligence services have managed to insure themselves against any further challenge, at least in…
Content type: Long Read
Modern day government surveillance is based on the simple concept of “more is more” and “bigger is better”. More emails, more text messages, more phone calls, more screenshots from Skype calls. The bigger the haystack, the more needles we can find.
Thanks to Edward Snowden, we know that this fundamental idea drives intelligence agencies like the NSA and GCHQ - the desire to collect it all, to generate gigantic haystacks through which to trawl. In the almost two years since the first of Snowden…
Content type: Long Read
Many people imagine intelligence sharing to be a practice whereby men in trench coats silently slide manilla envelopes containing anonymous tip-offs or intelligence reports marked TOP SECRET across tables in smoke-filled rooms.
While such practices certainly exist, they represent only a tiny slice of intelligence sharing activities, and are vastly overshadowed by the massive exchange of bulk unanlysed (raw) intelligence data that takes place between the UK and its Five Eyes allies.…
Content type: Long Read
Privacy International in October 2014 made a criminal complaint to the National Cyber Crime Unit of the National Crime Agency, urging the immediate investigation of the unlawful surveillance of three Bahraini activists living in the UK by Bahraini authorities using the intrusive malware FinFisher supplied by British company Gamma.
Moosa Abd-Ali Ali, Jaafar Al Hasabi and Saeed Al-Shehabi, three pro-democracy Bahraini activists who were granted asylum in the UK, suffered variously…
Content type: Long Read
Bad analogies about surveillance technology pervade newspaper reports, politicians’ speeches, and legal arguments. While it’s natural to want simple explanations to understand complex technology, it does us a disservice when governments, the media, or the courts mislead us through analogies that are inadequate. It is even worse if these analogies are used as a basis for policy change.
Privacy International’s legal challenge against GCHQ’s mass surveillance rests…
Content type: Long Read
Today, Privacy International lodged a legal challenge to GCHQ's extensive and intrusive hacking of personal computers and devices. Below, we answer a few questions about the law underlying our complaint, and why it matters.
Is hacking legal?
As a result of the Snowden revelations, we have learned that GCHQ, often in partnership with the NSA, has been using malicious software to intrude upon our computers and mobile devices.
This type of activity, often called "hacking," is a…
Content type: Long Read
The recent revelations, made possible by NSA-whistleblower Edward Snowden, of the reach and scope of global surveillance practices have prompted a fundamental re- examination of the role of intelligence services in conducting coordinated cross-border surveillance.
The Five Eyes alliance of States – comprised of the United States National Security Agency (NSA), the United Kingdom’s Government Communications Headquarters (GCHQ), Canada’s Communications Security Establishment Canada (CSEC), the…
Content type: Report
The recent revelations, made possible by NSA-whistleblower Edward Snowden, of the reach and scope of global surveillance practices have prompted a fundamental re-examination of the role of intelligence services in conducting coordinated cross-border surveillance.
The Five Eyes alliance of States – comprised of the United States National Security Agency (NSA), the United Kingdom’s Government Communications Headquarters (GCHQ), Canada’s Communications Security Establishment Canada (CSEC), the…
Content type: Long Read
Privacy International filed formal complaints with the Organisation for Economic Cooperation and Development (OECD) in the UK against some of the world’s leading telecommunication companies, for providing assistance to British spy agency GCHQ in the mass interception of internet and telephone traffic passing through undersea fibre optic cables.
According to recent reports, BT, Verizon Enterprise, Vodafone Cable, Viatel, Level 3, and Interoute granted access to their fibre optic…
Content type: Long Read
Britain's spy agency, GCHQ, is secretly conducting mass surveillance by tapping fibre optic cables, giving it access to huge amounts of data on both innocent citizens and targeted suspects, according to a report in the Guardian.
Mass, indiscriminate surveillance of this kind goes against an individual's fundamental human right to privacy. The scope and scale of this program, which monitors the entire British public and much of the world, is neither necessary nor proportionate and thus,…
Content type: Long Read
Spy agencies have long sought to turn the technologies that improve all our lives against us. From some of the very first forms of remote communications such as telegraph cables, to modern-day means like Skype: if the spies can exploit it, they will.
And, as we’ve learnt over the last few months, the computer and mobile devices that millions of us own and carry around with us every day are no exception to this rule.
The smart phones, laptops, and devices that have changed how we communicate…
Content type: Report
This report was submitted to the Joint Committee on Human Rights. Under the current version of the draft Communications Data Bill, records of every person or entity with whom any given individual has communicated electronically would be collected continuously and stored for one year. These records would include the time of the communication and the location from which it originated.
The Communications Data Bill raises a number of concerns with regards to the right to privacy under Article 8…
Content type: Report
This report was submitted to the Joint Committee on Human Rights. Under the current version of the draft Communications Data Bill, records of every person or entity with whom any given individual has communicated electronically would be collected continuously and stored for one year. These records would include the time of the communication and the location from which it originated.
The Communications Data Bill raises a number of concerns with regards to the right to privacy under Article 8 of…
Content type: Report
This report investigates the probable effect of the proposed UK national Identity Card system on people who are marginalised, who suffer social disadvantage or exclusion, and those who are disabled. The work focuses on the biometrics element of the government’s proposals (specifically facial recognition, ngerprinting and iris scanning).
The Report provides a specific assessment of the recently published biometrics trial conducted by the UK Passport Service (UKPS), and compares these…
Content type: Report
This report investigates the probable effect of the proposed UK national Identity Card system on people who are marginalised, who suffer social disadvantage or exclusion, and those who are disabled. The work focuses on the biometrics element of the government’s proposals (specifically facial recognition, fingerprinting and iris scanning).