Letters prove GCHQ bends laws to spy at will. So what's the point of privacy safeguards?
Something to bear in mind as Snoopers' Charter looms
IPB Letters between GCHQ and an official overseeing the spy agency shed new light on how Blighty's eavesdroppers interpret laws to suit their surveillance efforts.
The memos were obtained by campaign group Privacy international and handed to The Register today.
Although the letters date from 2004, they show how the agency is willing to bend the rules – a fact that is highly relevant right now as Parliament mulls a new law granting fresh powers to UK spies.
The fear is that if GCHQ has been flexing previous regulations to carry out blanket surveillance of innocent people, of what use are any of the safeguards in the new rules, seeing as they, too, could be neatly sidestepped?
The memos revealed this week were sent between Sir Swinton Thomas, the then-Interception of Communications Commissioner, and the intelligence services. They show that not only did Thomas seemingly not know the laws he was supposed to be enforcing, but that he didn't care much about that fact either.
"One of the problems of working in the outposts of the Empire is that one tends not to be informed of changes in the law, and has to rely on bumping into them by chance - as here!" Thomas jokes, after being informed of a point of law.
The correspondence discusses how GCHQ collects and handles citizens' personal information without falling foul of the European Court of Human Rights. It shows that, despite the introduction of the Regulation of Investigatory Powers Act (RIPA) in 2000, the intelligence services were still using the 1984 Telecommunications Act to slurp people's private data.
Section 94 of the latter act allows the intelligence services to collect huge reams of telecommunications data on people based solely on the purview of the UK Home Secretary. GCHQ argue this is preferable to using RIPA, since it means an elected politician makes the decision to authorize an investigation rather than a civil service official, and for one other reason:
"The only practical difference between the two sets of provisions is if Chapter II [of RIPA] were used, a new notice would need to be issued every month ... involving a fresh consideration of the necessity and proportionality issues. This would not be the case under section 94," GCHQ stated.
So, under the powers in the 1984 Act, GCHQ can neatly sidestep troublesome routine oversight of its powers and operations. Thomas said he was "content" with that.
A spokesman for the UK's Interception of Communications Commissioner's Office said in response to the letters released today:
We readily gave permission for a series of 12-year old correspondence between Home Office lawyers and a former Interception of Communications Commissioner (from 2004) to be disclosed in open as part of proceedings currently before the Investigatory Powers Tribunal (IPT). We did not seek to redact or edit any part of the correspondence from 2004 as it is important that all of the facts are before the IPT.
The statement continued: "We welcome and support Privacy International’s proposal for oversight bodies to be supported by public interest advocates and their calls for further transparency in these matters. In our March 2015 report we set out the significant work we have undertaken to improve transparency and accountability and highlighted that our office would benefit from additional legal and technical resource.
Caroline Wilson Palow, general counsel at Privacy International, said: "The documents revealed today demonstrate the government's troubling history of bending the rules to expand its surveillance powers while minimising safeguards.
"MPs are about to vote on the most important surveillance legislation in a generation. Privacy International, and experts from across academia, civil society and the oversight bodies themselves have been calling for much stronger oversight powers. This latest revelation should give MPs food for thought."
You can read the letters here [PDF]. ®
Sponsored: Becoming a Pragmatic Security Leader