Advertisement

UK report says GCHQ spying wasn't illegal, but lacked transparency

UK data surveillance programs, including the bulk collection of data from ISPs, have been declared legal by a parliamentary committee. However, it also found them "overly complicated" and lacking in transparency. The report from the Intelligence and Security Committee (ISC) probed GCHQ initiatives that tapped massive amounts of emails and other private "upstream" data, often in conjunction with the NSA's PRISM program. The extent of the UK's involvement in that program was revealed by whistleblower Edward Snowden in 2013.

The committee declared that "we are satisfied that the UK's intelligence and security Agencies do not seek to circumvent the law." But it immediately qualified that by saying "however, that legal framework has developed piecemeal, and is unnecessarily complicated. We have serious concerns about the resulting lack of transparency, which is not in the public interest."

Despite that slapdown, the finding contradicts a court decision that found the program flat-out "unlawful." That decision carried some legal teeth, even allowing you to fill out a form and find out if the GCHQ ever spied on you using NSA data. However, the parliamentary committee declared that:

Our Inquiry has shown that the Agencies do not have the legal authority, the resources, the technical capability, or the desire to intercept every communication of British citizens, or of the internet as a whole: GCHQ are not reading the emails of everyone in the UK.

The report went on further to say that bulk collection programs "operate on a very small percentage" of internet users, from whom only "a certain amount of material is being collected." Ironically, however, the actual percentages of users and data requested was redacted in the final document, meaning the public can't tell what "very small" means, exactly. The report added that targeting an individual in the UK still requires a warrant "signed by a Secretary of State."

In the end, the government said that data collection activities in the UK were still on shaky ground. It recommended the development of a "new, transparent legal framework" -- likely to fend off further unfriendly court decisions. But it also emphasized the need for the spying, saying "we do not subscribe to the point of view voiced by some of our witnesses that it is preferable to let some terrorist attacks happen rather than to allow any form of bulk interception. "