The Government IS breaking the law by indiscriminately collecting the nation’s internet activity and phone records – meaning significant parts of its new Snoopers’ Charter are effectively unlawful.
I am a member of Liberty – the Human Rights Watch, based in the UK. When Liberty, representing Tom Watson MP, launched a legal challenge two years ago, it was because they believed the Government’s surveillance practices were breaching our human rights.
Today, the EU Court of Justice (CJEU) agreed with us: the Government is breaking the law.
How is the Government breaking the law?
Under a temporary surveillance law known as the Data Retention and Investigatory Powers Act (DRIPA), the Government forced communications companies to store details of every person’s internet activity, emails, texts and phone calls.
Hundreds of organisations and government agencies – from police forces to HMRC – were allowed to grant themselves access to this data without independent sign-off and without any suspicion of serious crime.
The CJEU has now ruled that this extremely lax access regime breached British people’s rights. In fact, by allowing for the general and indiscriminate retention of every person’s data in the first place, the Government was acting unlawfully.
What does this mean for the future?
DRIPA expires on 31 December, but the Government has been busy this year with a new surveillance law – the Investigatory Powers Act (also called the Snoopers’ Charter) – passing in November.
Today’s ruling means major parts of that new Act are in effect unlawful – and the Government will need to urgently and fundamentally amend it in order to protect the rights of the British population.
What’s more, the Snoopers’ Charter replicates and vastly expands the powers set out in DRIPA including ‘internet connection records’ (ICRs). The new regime, estimated to cost £170 million, gives the Government the power to force internet service providers to retain and generate records of all customers’ internet activity. It legislates for unprecedented bulk spying powers and the creation of huge databases containing sensitive information on millions of people.
Liberty is now preparing to challenge these powers in court and our small team of expert staff will have their work cut out. If you have a moment – and are as pasionate about the fair treatment of our fellow subjects as I am, then I really recommend that you at least subscribe to Liberty’s newsletter – their site can be found here.
- In first major post-Brexit judgment involving the UK, Court of Justice of the EU backs Tom Watson MP, represented by Liberty, in landmark challenge to Government surveillance
- Ruling effectively means significant parts of the new Investigatory Powers Act are unlawful and must be urgently changed
The Government is breaking the law by indiscriminately collecting the nation’s internet activity and phone records and letting hundreds of public bodies grant themselves access to these personal details with no suspicion of serious crime and no independent sign-off – meaning significant parts of its new Snoopers’ Charter are effectively unlawful.
Judges at the EU Court of Justice (CJEU) have today backed a challenge by MP Tom Watson, represented by Liberty, to the Data Retention and Investigatory Powers Act (DRIPA) – the temporary emergency law that covers state surveillance.
DRIPA will expire on 31 December – but the Government has since replicated and vastly expanded the same powers in its new flagship surveillance law, the Investigatory Powers Act, which passed in November.
Today’s ruling means major parts of that new Act are in effect unlawful – and the Government will need to urgently and fundamentally amend it.
Martha Spurrier, Liberty’s Director, said: “Today’s judgment upholds the rights of ordinary British people not to have their personal lives spied on without good reason or an independent warrant. The Government must now make urgent changes to the Investigatory Powers Act to comply with this.
“This is the first serious post-referendum test for our Government’s commitment to protecting human rights and the rule of law. The UK may have voted to leave the EU – but we didn’t vote to abandon our rights and freedoms.”
Tom Watson MP said:
“This ruling shows it’s counter-productive to rush new laws through Parliament without a proper scrutiny.
“At a time when we face a real and ever-present terrorist threat, the security forces may require access to personal information none of us would normally hand over. That’s why it’s absolutely vital that proper safeguards are put in place to ensure this power is not abused, as it has been in the recent past.
“Most of us can accept that our privacy may occasionally be compromised in the interests of keeping us safe, but no one would consent to giving the police or the government the power to arbitrarily seize our phone records or emails to use as they see fit. It’s for judges, not Ministers, to oversee these powers. I’m pleased the court has upheld the earlier decision of the UK courts.”
DRIPA forces communications companies to store every person’s “communications data” – the who, what, when, where and how of every email, text, phone call, and internet communication, including those of lawyers, doctors, MPs and journalists.
This data is subject to an extremely lax access regime, which lets hundreds of organisations and government agencies – from police forces to HMRC – grant themselves access for a wide range of reasons that have nothing to do with investigating serious crime.
CJEU judges have ruled this regime breaches British people’s rights because it:
- allows general and indiscriminate retention of all communications data
- does not restrict access to this data to the purpose of preventing and detecting precisely defined serious crime.
- lets police and public bodies authorise their own access, instead of subjecting access requests to prior authorisation by a court or independent body.
- does not provide for notification after the event to people whose data has been accessed.
- does not require that the data be kept within the European Union.
What this means for the Investigatory Powers Act
Since this legal challenge was launched in 2014, the Investigatory Powers Act has not only re-legislated for the powers found unlawful today, but gone much further.
The Act has dramatically expanded powers to gather data on the entire population, while maintaining the controversial lack of safeguards that resulted in this legal challenge.
Under it, the state now also has access to every person’s internet use – every website visited or app used – which service providers must generate and store for 12 months.
This creates vast databases of deeply sensitive and revealing personal information which – at a time when companies and governments are under increasingly frequent attack from hackers – creates a goldmine for criminals and foreign spies.
This data can be accessed by dozens of public authorities with no need for suspicion of criminality or prior sign-off from a judge or other independent official. These include the NHS, Department for Work and Pensions and Gambling Commission.
The Investigatory Powers Act has also legalised other unprecedented bulk spying powers – including bulk hacking, interception of phone calls and emails on an industrial scale and collection of huge databases containing sensitive information on millions of people – which could integrate records such as Oyster card logs and Facebook back-ups.
Liberty believes these indiscriminate powers are also unlawful and is preparing to challenge them in court.