Search
Content type: News & Analysis
A year after the Eyes Wide Open program was launched here at Privacy International, we are just beginning to scratch the surface of the processes and justifications that agencies like GCHQ use to make their spying legally compliant. Tocqueville, a great philosopher of law stated:
“If they prize freedom much, they generally value legality still more. They are less afraid of tyranny than of arbitrary power, and provided the legislature undertakes of itself to deprive men of their independence,…
Content type: Long Read
Modern day government surveillance is based on the simple concept of “more is more” and “bigger is better”. More emails, more text messages, more phone calls, more screenshots from Skype calls. The bigger the haystack, the more needles we can find.
Thanks to Edward Snowden, we know that this fundamental idea drives intelligence agencies like the NSA and GCHQ - the desire to collect it all, to generate gigantic haystacks through which to trawl. In the almost two years since the first of Snowden…
Content type: News & Analysis
In the wake of tragic attacks in France, politicians from across the world are calling for dramatically expanded surveillance powers, to spy on our phonecalls, ban encrypted communications such as WhatsApp and iMessage, and store details about our international travels for years on end.
If it feels like you've heard this story before, it's because you have. With each violent attempt by extremists to terrorise society, our political leaders dust off old, failed proposals such as the UK…
Content type: Long Read
Many people imagine intelligence sharing to be a practice whereby men in trench coats silently slide manilla envelopes containing anonymous tip-offs or intelligence reports marked TOP SECRET across tables in smoke-filled rooms.
While such practices certainly exist, they represent only a tiny slice of intelligence sharing activities, and are vastly overshadowed by the massive exchange of bulk unanlysed (raw) intelligence data that takes place between the UK and its Five Eyes allies.…
Content type: News & Analysis
In the last two days multiple security vendors, newspapers and experts have weighed in on the existence of the “Regin" malware, among the most sophisticated ever discovered, and its possible origins at GCHQ and the NSA. The Intercept has now confirmed Regin was the malware found on infected internal computer systems and email servers at Belgacom, the Belgian telecommunications company. Last year, documents leaked by Edward Snowden established that it was GCHQ that had committed the attack on…
Content type: News & Analysis
The following appeared in the Daily Telegraph, and was written by Carly Nyst, Legal Director of Privacy International:
"Robert Hannigan, the new head of GCHQ, announced his arrival this week with a call for “greater co-operation” with security forces by tech companies. Hannigan’s article in the Financial Times illustrated vividly the destructive ideology that has driven the infiltration by the British and American intelligence agencies into every aspects of the digital realm – an…
Content type: News & Analysis
Thousands of innocent people in London have had their communications spied on and collected through the use of invasive mobile phone surveillance technology, called IMSI Catchers, according to a recent report by the Times.
IMSI Catchers are no longer, and have not been for a while, a law enforcement secret. They have been featured crime dramas like the Wire and in movies such as Zero Dark Thirty. For years, the German Parliament has publicly received the number of IMSI Catcher…
Content type: News & Analysis
The following piece by Privacy International Legal Officer Adriana Edmeades appeared in openDemocracy:
In 2012, Citizen Lab, a think-tank operating out of the Munk School of Global Affairs at the University of Toronto, came across evidence suggesting that Gamma International, a multinational technology corporation with offices across the world, sold a form of malware called FinFisher to Bahrain. Bahraini activists, amongst others, were seriously concerned: FinFisher gives its operator complete…
Content type: News & Analysis
As privacy and free expression advocates hail the demise of the Data Retention Directive at the hands of the European Court of Justice, one large question is looming in the midst of celebration.
Now what?
More specifically, what will be its impact of the national laws of the European Union countries? What steps should EU governments be taking to ensure the Court’s decision is given effect? What are the implications for communications service providers who have been…
Content type: Press release
Britain's intelligence services do not need a warrant to receive unlimited bulk intelligence from the NSA and other foreign agencies, and can keep this data on a massive searchable database for up to two years, according to secret internal policies revealed today by human rights organisations.
Details of previously unknown internal policies, which GCHQ was forced to reveal during legal proceedings challenging their surveillance practices in the wake of the Snowden revelations, reveal…
Content type: News & Analysis
Jaafar Al Hasabi, Mohammed Moosa Abd-Ali Ali, and Saeed Al-Shehabi each fled Bahrain for the United Kingdom with one goal: to be safe.
These men, activists in the pro-democracy movement in Bahrain, were variously subject to torture, arbitrary detention, harassment, and psychological trauma in their home country. They thought coming to the UK, and living in exile, would at least mean they would be outside the reach of the Bahraini government.
Despite the nearly 4,000 miles between their homes…
Content type: Long Read
Bad analogies about surveillance technology pervade newspaper reports, politicians’ speeches, and legal arguments. While it’s natural to want simple explanations to understand complex technology, it does us a disservice when governments, the media, or the courts mislead us through analogies that are inadequate. It is even worse if these analogies are used as a basis for policy change.
Privacy International’s legal challenge against GCHQ’s mass surveillance rests…
Content type: News & Analysis
Last year, UK-based surveillance company Gamma TSE sold the Indonesian military US$ 6.7 million worth of equipment as part of the military's weapons modernisation effort. As early as 2005, Indonesian officials were soliciting the advice of a close partner of Gamma, Germany-based Elaman, to create technical surveillance unit (TSU), according to a white paper published as part of the WikiLeak SpyFiles and found in the Surveillance Industry Index.
Gamma and Elaman are…
Content type: News & Analysis
The following is an excerpt from an op-ed that appeared in the Daily Telegraph written by Carly Nyst, Legal Director of Privacy International:
One of the most shocking discoveries from Edward Snowden's disclosures was that GCHQ, the British intelligence agency, is tapping undersea cables to harvest the communications of people from all around the world. This top-secret programme, nicknamed Tempora, sucks up petabytes of data from tapped cables off the coast of Cornwall and is capable…
Content type: News & Analysis
Despite having over three months to introduce legislation responding to the Court of Justice of the European Union striking down the Data Retention Directive , an 'emergency' surveillance bill is being rammed through Parliament this week.
Not only does the Data Retention and Investigatory Powers Bill (DRIP) fail to address the privacy concerns laid out in the Court's judgment, it also drastically expands spying powers of the State. Worringly, just this afternoon, the fast track…
Content type: News & Analysis
From Monday 14 to Friday 18 July, the British intelligence agencies and the Ministers responsible for them will be under the spotlight in an historic case to determine whether GCHQ's mass communications surveillance activities are a violation of Britain's human rights obligations.
Privacy International, along with Amnesty International, Liberty, the American Civil Liberties Union, Pakistani organisation Bytes for All and others, have brought the case before the Investigatory Powers Tribunal (…
Content type: News & Analysis
We have learnt a lot in the last year about the dirty games GCHQ and NSA are playing to infiltrate the networks, tools and technologies we all use to communicate. This includes forcing companies to handover their customers’ data under secret orders, and secretly tapping fibre optic cablesbetween the same companies’ data centers.
Not content with that, we know now GCHQ are targeting companies systems administrators, exploiting the routers and switches in their networks to…
Content type: News & Analysis
The following is an excerpt from an Op-Ed written in the New Zealand Herald by Privacy International's Legal Officer Anna Crowe:
Since the release of documents by Edward Snowden nearly a year ago, New Zealand has often been seen as a passive participant in the Five Eyes intelligence-sharing alliance, not unlike a good kid hanging out with the wrong crowd.
However, Snowden documents released last month and the news that New Zealand appears to be sharing intelligence…
Content type: Long Read
Today, Privacy International lodged a legal challenge to GCHQ's extensive and intrusive hacking of personal computers and devices. Below, we answer a few questions about the law underlying our complaint, and why it matters.
Is hacking legal?
As a result of the Snowden revelations, we have learned that GCHQ, often in partnership with the NSA, has been using malicious software to intrude upon our computers and mobile devices.
This type of activity, often called "hacking," is a…
Content type: News & Analysis
After two years of pressing the Government to come clean on what, if anything, they are doing to investigate the potentially illegal export of the spyware FinFisher, a ruling today by the Administrative Court in Privacy International’s favour marks a significant turning point in our long-running campaign to bring more transparency and accountability to the surveillance industry.
The High Court slammed Her Majesty’s Revenue and Customs for not disclosing whether it was investigating…
Content type: News & Analysis
May Day serves as a timely reminder that across their history, intelligence services have targeted trade unions and other organisations working for progressive social change.
Intelligence agencies have sought to justify expanded surveillance capabilities on the basis of pressing national security threats, particularly terrorism; however, as the Snowden revelations have highlighted, intelligence agencies actually often use these capabilities to monitor organisations that promote human…
Content type: Press release
In response to the ruling against David Miranda over his detention at Heathrow, Privacy International Executive Director Dr. Gus Hosein said:
Schedule 7 of the Terrorism Act of 2000 is a law intended to fight terrorism, and was not drafted to target people like David Miranda. In this instance however the government used it to seize the devices of journalists to intimidate and obstruct the reporting of mass and unlawful surveillance practices of the British government. To equate journalism…
Content type: News & Analysis
In the ongoing story about the possible surveillance of the Garda Siochana Ombudsman Commission in Ireland, a number of new details have emerged from Verrimus, the security consultancy agency tasked with investigating the spying. A recent Irish Independent report levelled a number of criticisms at Verrimus, saying that Verrimus in fact detected their own UK phones during their sweep and that they erroneously claimed this to be evidence of a UK IMSI Catcher.
In response to the Independent’s…
Content type: Press release
After challenging HMRC's blanket refusal to release information about the potentially unlawful export of Gamma International's FinFisher surveillance technology, the court has said that the case should proceed to trial and the grounds of Privacy International's challenge are of public importance.
Privacy International in February filed for judicial review of a decision of HMRC, the body responsible for enforcing export regulations, claiming the department is acting unlawfully in its refusal to…
Content type: News & Analysis
The current legal framework governing intelligence activities in the UK is unfit for purpose in the modern digital era, and reform is urgently needed.
With this in mind, today Privacy International responded to the Intelligence and Security Committee’s call for evidence, addressing the question, “Whether the legal framework which governs the security and intelligence agencies’ access to the content of private communications is ‘fit for purpose’, given the developments in information technology…
Content type: News & Analysis
The latest Snowden document revelation, which shows how GCHQ and the NSA are conducting broad, real-time monitoring of YouTube, Facebook, and Blogger using a program called "Squeaky Dolphin," is the most recent demonstration of the immense interception capabilities of intelligence services.
Despite the program's cute name, "Squeaky Dolphin" is shocking in its ability to intercept raw data, which includes sensitive personal and location information, and keep tabs on people across the world who…
Content type: News & Analysis
Privacy International's partner organisation, Bytes for All, has filed a complaint against the Government, decrying the human rights violations inherent in such extensive surveillance and demonstrating how the UK's mass surveillance operations and its policies have a disproportionate impact on those who live outside the country.
Bytes for All, a Pakistan-based human rights organization, filed its complaint in the UK Investigatory Powers Tribunal (IPT), the same venue in which Privacy…
Content type: News & Analysis
UK parliamentary select committees are charged with overseeing the work of government in relation to particular topical issues or the work of particular departments. When it comes to UK Government policy on arms, it’s the Committees on Arms Export Controls (CAEC) that's responsible: a conglomeration of four select committees made up of serving Members of Parliament that collects evidence and conducts an inquiry into developments in export control policy and the preceding years’ exports of…
Content type: News & Analysis
New technologies may hold great benefits for the developing world, but without strong legal frameworks ensuring that rights are adequately protected, they pose serious threats to populations they are supposed to empower.
This is never more evident than with the rapid and widespread implementation of biometric technology. Whilst concerns and challenges are seen in both developed and developing countries when it comes to biometrics, for the latter they are more acute due the absence of laws or…
Content type: News & Analysis
Update:
After an initial discussion with technical and government experts involved in drafting and negotiating the new controls on “intrusion software”, some of our initial questions have been clarified. To read what they had to say, go here.
One of the major dangers of imposing export controls on surveillance systems is the risk of overreach. While you want the scope of the systems being controlled and the language to be wide enough to catch the targeted product and its…