GCHQ uses Cyber Techniques Outlawed in US

Uploaded on 2015-06-16 in NEWS-Cybersecurity News, INTELLIGENCE--Europe, GOVERNMENT-National, FREE TO VIEW

dink_cartoon_gchq_snoop_big.jpg?x=648&y=429&crop=1

In a fresh legal claim filed at the Investigatory Powers Tribunal (IPT), the campaign group calls for an end to the harvesting of information about those who have no ties to terrorism and are not suspected of any crime.
The IPT is the judicial body that hears complaints about the intelligence services and surveillance by public organisations. The tribunal has received dozens of submissions in the wake of Edward Snowden’s revelations about interception of Internet traffic by the US National Security Agency (NSA) and Britain’s GCHQ.

The latest claim is partially aimed at highlighting a disparity between US and UK surveillance practices that has emerged, Privacy International (PI) points out, following divergent responses by legislators in Washington and Westminster.

The passing of the USA Freedom Act last week curtailed so-called “section 215” bulk collection of phone record metadata – information about who called whom, and timings, but not the content of conversations. It was a victory for the libertarian cause and a restriction of state surveillance powers.

By contrast, UK privacy campaigners say, parliament’s Intelligence and Security Committee (ISC) has confirmed that GCHQ is still collecting datasets relating to “a wide range of individuals, the majority of whom are unlikely to be of intelligence interest.”

The coalition government also passed the emergency Data Retention and Investigatory Powers Act (DRIPA) last summer to preserve powers that would otherwise have been undermined by a European Court of Justice judgment. Two prominent MPs, Labour’s Tom Watson and the Conservative David Davis, were in the London high court recently challenging the legislation’s legitimacy.

Commenting on PI’s new claim, its deputy director Eric King said: “Secretly ordering companies to hand over their records in bulk, to be data-mined at will, without independent sign-off or oversight, is a loophole in the law the size of a double-decker bus.
“That the practice started, and continues, without a legal framework in place, smacks of an agency who sees itself as above the law. How can it be that the US is so much further ahead on this issue? With the USA Freedom Act now passed, the equivalent NSA power has now been curtailed before the debate this side of the pond has even begun.
“Bulk collection of data about millions of people who have no ties to terrorism, nor are suspected of any crime, is plainly wrong. That our government admits most of those in the databases are unlikely to be of intelligence value… shows just how off-course we really are.”

PI says bulk data sets retained by intelligence agencies may include a great variety of information, including telephone and Internet records, credit reference reports, medical records, travel records, biometric details and even loyalty card schemes. Their claim also calls for the destruction of “any unlawfully obtained material”.

A YouGov poll commissioned by Amnesty International released last week showed 56% of UK adults believed that Snowden, who worked for the US National Security Agency up until 2013, should have revealed classified information exposing US and UK government monitoring activities.

GCHQ always makes a clear distinction between intrusive “mass surveillance”, which it insists it does not undertake, and “bulk interception” of electronic communications, which says is necessary in order to carry out targeted searches of data in pursuit of terrorist or criminal activity.

In response to an earlier IPT ruling earlier this year, GCHQ said: “By its nature, much of [our] work must remain secret. But we are working with the rest of government to improve public understanding about what we do and the strong legal and policy framework that underpins all our work.”
Guardian:  http://bit.ly/1G7Lvf8

« ‘Don’t Risk IT – Cyber Secure IT’
Russia Hacked The German Parliament »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Cloud Industry Forum (CIF)

Cloud Industry Forum (CIF)

Cloud Industry Forum is a non-profit industry body that champions and advocates the adoption and use of Cloud-based services by businesses and individuals.

Bsquare

Bsquare

Bsquare DataV software and engineering services help enterprises implement business-focused Internet of Things systems.

ControlScan

ControlScan

ControlScan is a Managed Security Services Provider (MSSP) - our primary focus is protecting your business and securing your sensitive data.

SecureDevice

SecureDevice

SecureDevice is a Danish IT Security company.

Celestya

Celestya

Celestya is dedicated to providing the most advanced and cost effective systems for human behavior education on cybersecurity awareness training.

Puleng Technologies

Puleng Technologies

Puleng provides customers with a client-centric strategy to manage and secure the two most valuable assets an organisation has - its Data and Users.

Rublon

Rublon

Rublon protects endpoints, networks and applications by providing trusted access via two-factor authentication (2FA).

u-blox

u-blox

u-blox deliver leading wireless technology to reliably and securely locate and connect people and devices.

Westminster Insight - Cyber Security Conference

Westminster Insight - Cyber Security Conference

Join colleagues this December for Westminster Insight’s Cyber Security Conference, as you’ll assess how new technologies such as AI can secure your organisation against future threats.

CyberSecJobs.com

CyberSecJobs.com

CyberSecJobs.com is a career site and job fair company providing services and resources to the cyber security community.

Center for Education & Research in Information Assurance & Security (CERIAS)

Center for Education & Research in Information Assurance & Security (CERIAS)

CERIAS is one of the world’s leading centers for research and education in areas of information and cyber security.

Netragard

Netragard

Netragard has an established reputation for providing high-quality offensive and defensive security services.

Neosecure

Neosecure

NeoSecure is a specialist Cybersecurity Solutions and Managed Services provider in Latin America.

CliftonLarsonAllen (CLA)

CliftonLarsonAllen (CLA)

CLA exists to create opportunities for our clients through industry-focused advisory, outsourcing, audit, tax, and consulting services.

ORS Consulting

ORS Consulting

ORS Consulting is a specialist provider of risk management advisory services supporting asset-intensive industries such as chemicals, energy, power and utilities, defence and maritime.

ImmuneBytes

ImmuneBytes

ImmuneBytes is a cutting-edge security startup that aims to provide a secure blockchain environment for a dependable and open Web3 ecosystem.