Download this free guide
A Computer Weekly Buyer’s Guide to Client Access
Look at how to orchestrate the variety of devices in use, and how to achieve efficient workforce mobility.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
In January 2017, Liberty called for public donations via crowdfunding platform CrowdJustice to raise funds to seek a High Court judicial review of the core bulk powers in the legislation.
The initial fundraising target was £10,000 but the appeal has raised more than £52,000, enabling Liberty to set the judicial review in motion.
Liberty is challenging the unprecedented “bulk” surveillance powers that allow the state to monitor everyone’s web history and email, text and phone records, and hack computers, phones and tablets.
The human rights campaigner said it had not received any response from the government to a formal letter sent on 20 December 2016. Liberty has now applied to the High Court for permission to proceed.
The controversial legislation received royal assent in December 2016, just days after a petition opposing it topped the 100,000 signatures that should have triggered a parliamentary debate. The number of signatories has since risen above 211,000.
The Home Office claims the legislation is necessary to protect the UK’s national security, and that it has sufficient oversight for the surveillance powers it gives. But civil rights groups have said the powers are draconian and too intrusive.
“This is our first step towards getting rid of the most intrusive surveillance regime of any democracy in history,” said Silkie Carlo, policy officer at Liberty.
“The powers we are fighting undermine everything that is core to our freedom and democracy – our right to protest, to express ourselves freely and to a fair trial, our free press, privacy and cyber security.
“But with so much public support behind us, we are hopeful we will be able to persuade our courts to restrain the more authoritarian tendencies of this government.”
Liberty will argue that the following powers breach the British people’s rights:
Bulk and “thematic” hacking: The Act lets police and agencies access, control and alter electronic devices such as computers, phones and tablets on an industrial scale, regardless of whether their owners are suspected of involvement in crime, leaving them vulnerable to further attack by hackers.Bulk interception of communications content: The Act allows the state to read texts, online instant messages and emails, and listen in on calls en masse, without requiring suspicion of criminal activity.Bulk acquisition of everyone’s communications data and internet history: The Act forces communications companies and service providers to retain and hand over records of everybody’s emails, phone calls and texts and entire web browsing history to state agencies to store, data-mine and profile at will.Bulk personal datasets: The Act enables agencies to acquire and link vast databases held by the public or private sector. These contain details on religion, ethnic origin, sexuality, political leanings and health problems, potentially on the entire population, and are ripe for abuse and discrimination.
In December 2016, the EU Court of Justice (CJEU) issued an historic judgment in a separate case brought by Labour MP Tom Watson, represented by Liberty.
The ruling was related to a case originally brought against the Data Retention and Investigatory Powers Act (Dripa) by Watson and current Brexit secretary David Davis – although Davis withdrew his name from the action after his elevation to the Cabinet in July 2016.
The CJEU ruled that the UK government was breaking the law by indiscriminately collecting the nation’s internet activity and phone records and letting hundreds of public bodies grant themselves access to these personal details with no suspicion of serious crime and no independent sign-off – effectively rendering significant parts of the Investigatory Powers Act unlawful.
Information security experts have also repeatedly raised concerns about collecting and storing communications data for 12 months, as required by the Act.
These provisions have raised concerns about how this data will be protected. “Aside from the arguments around privacy, which are extensive and valid, it is also a huge security risk,” said Ed Macnair, CEO of cloud security firm CensorNet.
Responding to news that the controversial legislation had been passed, security firm Sophos said the government had failed to address data security issues raised by security and technology firms.