British Intelligence Agencies Collected Personal Data Unlawfully For Over A Decade

surveillance, spyware, hacking

The Investigatory Power Tribunal found the government’s digital snooping activities to be a breach of the European Convention of Human Rights

British intelligence agencies have been bulk collecting UK citizens’ phone and Internet data illegally for over a decade, a ruling by the Investigatory Power Tribunal (IPT) has revealed.

Addressing a case levied at the government intelligence agencies by Privacy International, the IPT ruled that the collection of bulk communications data (BCD) and personal information datasets from 1998 to November 2015 was illegal under Article 8 of the European Convention of Human Rights.

The issue stems from a lack of oversight into the data being collected and failure to explain the data collection to Parliament for the scrutiny of such actions. Nor had the government publicly avowed the snooping until early 2015.

Illegal data collection

smart meter“We are not satisfied that, particularly given the fragmented nature of the responsibility apparently shared between the commissioners, there can be said to have been an adequate oversight of the BCD system, until after July 2015,” noted the judgment.

“It seems difficult to conclude that the use of BCD was foreseeable by the public, when it was not explained to Parliament.”

The IPT found that British intelligence agencies had been collecting BCD since 2006, meaning there was nearly a ten-year period between the collection happening and government avowing it; bringing it to the public’s attention and enshrining it in British law.

This also meant that for years BCD collection had been going on without suitable oversight on who was accessing the data and how, meaning the privacy of millions of British citizens could have been breached.

“There is no procedure for notifying victims of any use or misuse of bulk communication data so they can seek an appropriate remedy,” noted the IPT, though it did not reveal what was to be done with the harvested BCD now that the collection of such data is now legal.

This was not well received by Millie Graham Wood, legal officer at Privacy International: “The public and Parliament deserve an explanation as to why everyone’s data was collected for over a decade without oversight in place and confirmation that unlawfully obtained personal data will be destroyed.”

“It is unacceptable that it is only through litigation by a charity that we have learned the extent of these powers and how they are used.”

While the governmental snooping may not have been public, others have speculated that government all over the world parse their citizens’ data. And this situation could be increases, especially when the likes of Switzerland have made snooping operation legal in a bid to combat terrorism.

How much do you know about keeping your data safe online? Take our privacy quiz and find out!