Privacy International spokesman Mike Rispoli said: "This latest news brings forth the very serious question of whether GCHQ's attacks on servers hosting chatrooms is lawful. There is no British policy in place to initiate cyber attacks. There has been no debate in parliament as to whether we should be using cyber attacks. There is no legislation that clearly authorises GCHQ to conduct cyber attacks.
Campaign group Privacy International is also worried.
"There is no legislation that clearly authorises GCHQ to conduct cyber-attacks," said head of research Eric King.
"So, in the absence of any democratic mechanisms, it appears GCHQ has granted itself the power to carry out the very same offensive attacks politicians have criticised other states for conducting."
The current legal framework governing intelligence activities in the UK is unfit for purpose in the modern digital era, and reform is urgently needed.
Anna Fielder, Trustee and Board Chair at Privacy International, said, "Political will is crucial at this stage. The snail pace of the discussions in the EU Council is nothing short of scandalous - one step forward two steps backwards during the last six months of the Lithuanian Presidency. This lack of progress is to the detriment of people's rights."
"Transparency reports for a long time were really insightful tools for us to see what governments were asking the tech companies," Privacy International's Mike Rispoli told the BBC.
"Now we know that the game has changed.
"Governments do not need to go to companies to get user data - they can directly intercept it. They do not need to go through the front door anymore, they have kicked down the back door."
While revelations about NSA mass surveillance dominated the news in late 2013, a less well-publicised scandal was engulfing the Australian intelligence services, which had just raided the offices of a lawyer representing the small nation of East Timor in an international case against Australia.
Over the past half year, Privacy International has been investigating the sale of surveillance technology made by South African company VASTech to Libya and what role the government had in promoting and developing the system. Unfortunately, the government has been slow to respond to our questions and has offered only vague answers.
The latest Snowden document revelation, which shows how GCHQ and the NSA are conducting broad, real-time monitoring of YouTube, Facebook, and Blogger using a program called "Squeaky Dolphin," is the most recent demonstration of the immense interception capabilities of intelligence services.
"The anti-Snowden discourse is no more than a reflection of the perverse attachment to secrecy and obfuscation that dominates intelligence agencies and undermines the fundamental principles of transparency and accountability," Carly Nyst, legal director at Privacy International, told DW in an email.
"Given the public uproar over the mass surveillance programs revealed by Snowden, discussions such as these are blatant attempts by authorities to deflect attention away from themselves and their illegal spying operations," she added.
Caroline Wilson Palow, Legal Officer, Privacy International said:
Edin Omanovic, a surveillance technology specialist at Privacy International, says that the expansion of the control list represents progress, but that more work needs to be done to curtail access to such technologies.
“We have to think of ways for [governments] to enforce the controls,” he says. “It’s always going to be the case that some of these technologies are intangible and very easy to export, which presents unique enforcement challenges that conventional arms don’t.”
But London officials close to the WA changes told Privacy International researcher Edin Omanovic it was the intention of WA participants to focus on tools such as the German made FinFisher spy tool to restrict only platforms marketed and used by law enforcement and governments for lawful interception.
Big data consists mainly of data that is openly available, created and stored. It includes public sector data such as national health statistics, procurement and budgetary information, and transport and infrastructure data. While big data may carry benefits for development initiatives, it also carries serious risks, which are often ignored. In pursuit of the promised social benefits that big data may bring, it is critical that fundamental human rights and ethical values are not cast aside.
The reforms announced today, while positive in some respects, are completely inadequate to address the heart of the problem. Privacy International welcomes steps to minimise the data collected and retained on non-Americans, and the call to increase transparency around requests made to communications service providers.
Privacy International Legal Office Caroline Wilson Palow offered this by way of comment: “It is clear that mass surveillance programs like Tempora have a disproportionate impact on those who live outside the country, since foreigners’ phone calls, emails, or internet searches currently receive even fewer legal protections than the communications of those who reside in the UK. It is wrong and we argue illegal for the UK to discriminate without any reasonable basis between UK and non-UK nationals when spying on their communications.
"Every country owes the same obligation to each individual whose communications pass through their territory: not to interfere with those communications, subject to permissible limitations established by law," Privacy International commented in a separate statement. "People who have had their communications intercepted, no matter their location or nationality, should be able to object to that interference in the courts and tribunals of the country that carried out the interception."
Mike Rispoli, Communications Manager of Privacy International told PinkNews: ”Just because it is information that can be accessed, it is unjustifiable for this company to collect and share information without my consent. People make choices every day about what they share, to whom, and on what platforms. On one site, I may share my sexual orientation, but not my political beliefs. On another, maybe I’ll share the school I attended but not my home address. In the end, its about our choice and agency over what information we give out.
The other signatories to the letter to the OGP, included: Privacy International, the Global Network Initiative, Oxfam International, the Centre for Law and Democracy, Indian political and social activist Aruna Roy, former journalist and Global Voices Online founder Rebecca MacKinnon, and Hong Kong In-Media.
The organisations that have signed up include Oxfam, Privacy International and the Open Rights Group, and the individuals include Satbir Singh of the Commonwealth Human Rights Initiative and Indian social activist Aruna Roy.
Privacy International's Edin Omanovic speaks with the Danish Broadcasting Association at Milipol 2013.
UK parliamentary select committees are charged with overseeing the work of government in relation to particular topical issues or the work of particular departments. When it comes to UK Government policy on arms, it’s the Committees on Arms Export Controls (CAEC) that's responsible: a conglomeration of four select committees made up of serving Members of Parliament that collects evidence and conducts an inquiry into developments in export control policy and the preceding years’ exports of military and dual-use goods.
Privacy International's partner organisation, Bytes for All, has filed a complaint against the Government, decrying the human rights violations inherent in such extensive surveillance and demonstrating how the UK's mass surveillance operations and its policies have a disproportionate impact on those who live outside the country.
Want to work for a small charity that holds governments and companies to account on surveillance? We are excited to announce three new openings at Privacy International.
Nine months ago, Privacy International, together with the European Centre for Constitutional and Human Rights (ECCHR), the Bahrain Center for Human Rights, Bahrain Watch and Reporters without Borders, filed complaints with the OECD against Gamma International, a company that exported the FinFisher intrusive surveillance system and
A complaint filed with the Organisation for Economic Cooperation and Development (OECD) against Trovicor GmbH, a German company accused of selling surveillance technology to Bahrain, has been rejected on almost every count, the German National Contact Point (NCP) for the OECD announced.
Privacy International is currently engaged in a joint project on export controls with the Open Technology Institute and Digitale Gesellschaft. The blog post below was co-written by Edin Omanovic and Tim Maurer and is also available on the OTI blog.
Export controls have something of a bad reputation in technology circles, and not without good reason.
In the same week that the Advocate General of the European Court of Justice labelled the retention of electronic communications data throughout Europe as a “serious interference with the right to privacy”, the French National Assembly has
New technologies may hold great benefits for the developing world, but without strong legal frameworks ensuring that rights are adequately protected, they pose serious threats to populations they are supposed to empower.