Sign up to Newsletter

Hacking Safeguard 3 Necessity and Proportionality

Prior to carrying out a hacking measure, government authorities must, at a minimum, establish:

  1. A high degree of probability that:

    1. A serious crime or act(s) amounting to a specific, serious threat to national security has been or will be carried out;

    2. The system used by the person suspected of committing the serious crime or act(s) amounting to a specific, serious threat to national security contains evidence relevant and material to the serious crime or act(s) amounting to a specific, serious threat to national security interest alleged;

    3. Evidence relevant and material to the serious crime or act(s) amounting to a specific, serious threat to national security alleged will be obtained by hacking the target system

  2. To the greatest extent possible, the identity of the person suspected of committing the serious crime or act(s) amounting to a specific, serious threat to national security and uniquely identifying details of the target system, including its location and specific configurations;

  3. All less intrusive methods have been exhausted or would be futile, such that hacking is the least intrusive option;

  4. The method, extent and duration of the proposed hacking measure;

  5. Data accessed and collected will be confined to that relevant and material to the serious crime or act(s) amounting to a specific, serious threat to national security alleged and the measures that will be taken to minimise access to and collection of irrelevant and immaterial data;

  6. Data will only be accessed and collected by the specified authority and only used and shared for the purpose and duration for which authorisation is given;

  7. The potential risks and damage to the security and integrity of the target system and systems generally, as well as of data on the target system and systems generally, and how those potential risks and damage will be mitigated or corrected, so as to enable an assessment of the proportionality of the proposed hacking measure against its security implications.

 

Featured Campaigns

Credit - Santiago Paulós

The End of Privacy in Public

We’re facing the end of privacy in public, because of the unchecked rise of facial recognition
Read more
More Campaigns

Related Content

Advocacy
Two kites with eyeballs flying in blue sky

PI response to UK Government consultation on Technical Capabilities Notices

Continue reading
Video
Video: Government Hacking 101

Video: Government Hacking 101

A short video explaining how governments compromise the security of our devices and infrastructure to feed their surveillance objectives.
Read more