Cyber Spying Laws Are Changing

Uploaded on 2020-11-02 in INTELLIGENCE--USA, INTELLIGENCE--Europe, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-Law

As the UK  nears its final departure form the European Union (EU) a very rare thing has happened to British state spying laws: they have been tightened-up after parts of the so-called Snoopers' Charter were formally commenced into law. The UK's spy agency auditor has given public sector snoopers a clean bill of health, except for domestic surveillance by MI5. 

Now, in the US their National Security Agency (NSA) surveillance program has been ruled unlawful, seven years after it was exposed by whistleblower Edward Snowden.  The surveillance of millions of Americans' telephone records first came to light in 2013. Top US intelligence officials had publicly insisted the NSA had never knowingly collected data from private phone records, until Snowden exposed evidence to the contrary in 2013. 

The UK government’s bulk surveillance practices came under scrutiny before the Grand Chamber of the European Court of Human Rights.  This landmark hearing will consider whether two practices in particular violate the public’s right to privacy and freedom of speech:

(i) bulk interception of communications; and

(ii) intelligence sharing with foreign states such as the US. Newly commenced sections of the Investigatory Powers Act, better known as the Snoopers' Charter, will slightly restrict the ability of local councils and other such undesirables to spy on you and your business. 

Specifically, the Investigatory Powers Act 2016 (Commencement No.12) Regulations 2020, means anyone trying to spy on your communications data must now get the permission of your telco or postal service, or convince a judicial commissioner to sign off a warrant forcing disclosure.

Abuse of UK surveillance powers by local councils in particular has long been a feature of UK domestic spying laws. However, it appears that the tightening of the law explicitly excludes RIPA 2000 powers, of which a concerning number remain on the statute book.

Statutory auditor IPCO, the Investigatory Powers Commissioner's Office, issues annual reports into the use of spying powers by state agencies. Its most recent annual report concluded that all was well in state surveillance land despite some businesses, journalists, doctors, lawyers and MPs being spied upon by the public sector. 

It is currently very important that UK companies completely comprehend and engage with IT and cyber security laws that may affect their business as the UK finally leaves the EU on January 1st 2021. 

Clayden Law:    The Register:      The Register:        DPGLaw:      BBC:          Guardian:          Reuters:       

For  legal advice on Business Cyber Security and IT in the UK we recommend that you contact Clayden Law. They concentrate on advising on information technology, data privacy and cyber security law. 

You Might Also Read:

Clayden Law: GPPR Is 1-Year Old

 

« Five Things Management Must Know About Cyber Security
California & Florida Voter Websites Vulnerable To Hackers »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

6cure

6cure

The 6cure Threat Protection solution eliminates malicious traffic to critical services in real time and protects against DDoS attacks.

Trust in Digital Life (TDL)

Trust in Digital Life (TDL)

TDL is a membership association comprising companies, SMEs, universities and research institutes who exchange experience and insights to make digital services in Europe trustworthy and safe.

StationX

StationX

StationX is a leading provider of cyber security training, consultancy and services.

Oneconsult

Oneconsult

Oneconsult provides cyber security services focusing on penetration tests / ethical hacking, ISO 27001 security audits and incident response & IT forensics.

Swiss Cyber Storm

Swiss Cyber Storm

Swiss Cyber Storm is a non profit organization hosting the international Swiss Cyber Storm Conference and running the Swiss part of the European Cyber Security Challenges.

Achtwerk

Achtwerk

Achtwerk manufacture the security appliance IRMA for critical infrastructures and networked automation in production plants.

Secude

Secude

SECUDE is an established global security solutions provider offering innovative data protection for SAP users.

Mvine

Mvine

Mvine's primary business is authoring and selling Cyber-Secure Platforms for Collaboration Portals and for Identity Management as well as delivering cloud support services.

Rentalworks

Rentalworks

Rentalworks is a leading provider of Internet-of-Things (IoT) Asset Lifecycle Management Services including secure data erasure and disposal.

High Wire Networks

High Wire Networks

High Wire Network’s Overwatch Managed Security Plaform-as-a-Service offers organizations end-to-end protection for networks, data, endpoints and users.

CyNam

CyNam

CyNam is a platform for enabling the growth and development of people and organisations within Cheltenham’s flourishing cyber technology ecosystem.

Infuse Technology

Infuse Technology

Infuse Technology provide the highest level of cybersecurity support, implementing practical solutions to protect against cyber-attacks, from simple phishing scams to complex data security breaches.

Liminal

Liminal

Liminal is a boutique strategy advisory firm serving digital identity, fintech, and cybersecurity clients, and the private equity / venture capital community.

Hook Security

Hook Security

Setting a new standard in security awareness. Hook Security is a people-first company that uses psychological security training to help companies create security-aware culture.

Internet Initiative Japan (IIJ)

Internet Initiative Japan (IIJ)

IIJ is one of Japan's leading Internet-access and comprehensive network solutions providers.

Trustmi

Trustmi

Trustmi is a leading fintech cybersecurity solution designed to prevent financial losses from fraud and errors, 24/7.