Cyber Spying Laws Are Changing

As the UK  nears its final departure form the European Union (EU) a very rare thing has happened to British state spying laws: they have been tightened-up after parts of the so-called Snoopers' Charter were formally commenced into law. The UK's spy agency auditor has given public sector snoopers a clean bill of health, except for domestic surveillance by MI5. 

Now, in the US their National Security Agency (NSA) surveillance program has been ruled unlawful, seven years after it was exposed by whistleblower Edward Snowden.  The surveillance of millions of Americans' telephone records first came to light in 2013. Top US intelligence officials had publicly insisted the NSA had never knowingly collected data from private phone records, until Snowden exposed evidence to the contrary in 2013. 

The UK government’s bulk surveillance practices came under scrutiny before the Grand Chamber of the European Court of Human Rights.  This landmark hearing will consider whether two practices in particular violate the public’s right to privacy and freedom of speech:

(i) bulk interception of communications; and

(ii) intelligence sharing with foreign states such as the US. Newly commenced sections of the Investigatory Powers Act, better known as the Snoopers' Charter, will slightly restrict the ability of local councils and other such undesirables to spy on you and your business. 

Specifically, the Investigatory Powers Act 2016 (Commencement No.12) Regulations 2020, means anyone trying to spy on your communications data must now get the permission of your telco or postal service, or convince a judicial commissioner to sign off a warrant forcing disclosure.

Abuse of UK surveillance powers by local councils in particular has long been a feature of UK domestic spying laws. However, it appears that the tightening of the law explicitly excludes RIPA 2000 powers, of which a concerning number remain on the statute book.

Statutory auditor IPCO, the Investigatory Powers Commissioner's Office, issues annual reports into the use of spying powers by state agencies. Its most recent annual report concluded that all was well in state surveillance land despite some businesses, journalists, doctors, lawyers and MPs being spied upon by the public sector. 

It is currently very important that UK companies completely comprehend and engage with IT and cyber security laws that may affect their business as the UK finally leaves the EU on January 1st 2021. 

Clayden Law:    The Register:      The Register:        DPGLaw:      BBC:          Guardian:          Reuters:       

For  legal advice on Business Cyber Security and IT in the UK we recommend that you contact Clayden Law. They concentrate on advising on information technology, data privacy and cyber security law. 

You Might Also Read:

Clayden Law: GPPR Is 1-Year Old

 

« Five Things Management Must Know About Cyber Security
California & Florida Voter Websites Vulnerable To Hackers »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ON-DEMAND WEBINAR: Gen AI for Security: Adoption strategies with Amazon Bedrock

ON-DEMAND WEBINAR: Gen AI for Security: Adoption strategies with Amazon Bedrock

Watch this webinar and get a comprehensive roadmap for securely adopting generative AI using Amazon Bedrock, a fully managed service that offers a choice of high-performing foundation models (FMs).

Ripjar

Ripjar

Ripjar is a global company of talented technologists, data scientists and analysts designing products that will change the way criminal activities are detected and prevented.

Cybraics

Cybraics

Cybraics nLighten platform implements a unique and sophisticated artificial intelligence engine that rapidly learns your environment and alerts security teams to threats and vulnerabilities.

Achtwerk

Achtwerk

Achtwerk manufacture the security appliance IRMA for critical infrastructures and networked automation in production plants.

Swedish Board for Accreditation and Conformity Assessment (SWEDAC)

Swedish Board for Accreditation and Conformity Assessment (SWEDAC)

SWEDAC is the national accreditation body for Sweden. The directory of members provides details of organisations offering certification services for ISO 27001.

VIQU Recruitment

VIQU Recruitment

VIQU Recruitment was formed with the primary focus of providing 'Smarter People Solutions' to the UK’s professional IT & Cyber Security markets.

Finosec

Finosec

Finosec's mission is to change the way information security and cybersecurity are managed in banking.

CyberSafe

CyberSafe

CyberSafe is a Portuguese company with a focus on cybersecurity solutions and services including network security, managed security, incident response and forensic analysis.

Tactic Labs

Tactic Labs

Tactic Labs (part of the Avnon Group) delivers a holistic Cyber-Security Management Platform which provides military-grade protection, safeguarding critical infrastructures and mission-critical data.

GovernmentCIO

GovernmentCIO

GovernmentCIO was founded with a single purpose: to transform government IT. We are thought leaders in data analytics, machine learning, cybersecurity and IT transformation.

Nomios

Nomios

Nomios develops innovative solutions for your security and network challenges. We design, secure and manage your digital infrastructure.

Information Technology Solutions (ITS)

Information Technology Solutions (ITS)

Information Technology Solutions is a single source provider for managing and securing mission-critical IT services.

Ampcus Cyber

Ampcus Cyber

Ampcus Cyber specialize in providing comprehensive security solutions and services that are tailored to safeguard our clients' networks, infrastructure, and valuable assets.

NexusTek

NexusTek

NexusTek is a managed IT services provider with a comprehensive portfolio comprised of end-user services, cloud, infrastructure, cyber security, and IT consulting.

Tausight

Tausight

Tausight is an AI-Powered patient data security startup with a mission of reducing healthcare cyber incidents using a more proactive, risk management philosophy.

Avatar Managed Services

Avatar Managed Services

Avatar offers proven, process driven IT support to companies who want to utilize their technology to their best advantage.

Fraud.net

Fraud.net

Fraud.net operates the first end-to-end fraud management and revenue enhancement ecosystem specifically built for digital enterprises and fintechs globally.