UK Rewrites Hacking Laws to Give GCHQ Immunity

Uploaded on 2015-05-22 in NEWS-Cybersecurity News, NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW

gchq-always-listening-to-our-clients.png

The UK government has quietly passed new legislation that exempts GCHQ, police, and other intelligence officers from prosecution for hacking into computers and mobile phones.
While major or controversial legislative changes usually go through normal parliamentary process (i.e. democratic debate) before being passed into law, in this case an amendment to the Computer Misuse Act was snuck in under the radar as secondary legislation. According to Privacy International, "It appears no regulators, commissioners responsible for overseeing the intelligence agencies, the Information Commissioner's Office, industry, NGOs or the public were notified or consulted about the proposed legislative changes... There was no public debate."
Privacy International also suggests that the change to the law was in direct response to a complaint that it filed last year. In May 2014, Privacy International and seven communications providers filed a complaint with the UK Investigatory Powers Tribunal (IPT), asserting that GCHQ's hacking activities were unlawful under the Computer Misuse Act.
On June 6, just a few weeks after the complaint was filed, the UK government introduced the new legislation via the Serious Crime Bill that would allow GCHQ, intelligence officers, and the police to hack without criminal liability. The bill passed into law on March 3 this year, and became effective on May 3. Privacy International says there was no public debate before the law was enacted, with only a rather one-sided set of stakeholders being consulted (Ministry of Justice, Crown Prosecution Service, Scotland Office, Northern Ireland Office, GCHQ, police, and National Crime Agency).
According to Privacy International's legal experts, the amended Computer Misuse Act "grants UK law enforcement new leeway to potentially conduct cyber attacks within the UK." Following Snowden's leaks throughout 2013 and 2014, a cynical person might see this new legislation as something of an insurance policy: under the previous Computer Misuse Act, the courts might have found GCHQ's hacking activities within the UK to be illegal—now they're on more solid ground.
Ars Technica:  http://bit.ly/1B6dDhi

 

« Device to protect your vehicle from “Sticky bombs”
FBI Director says ISIS Could Cyberattack the US »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Allen & Overy

Allen & Overy

Allen & Overy is an international law firm. Practice areas include Cybersecurity and Data Protection.

Praetorian

Praetorian

Praetorian is an offensive cybersecurity company whose mission is to prevent breaches before they occur.

Silent Breach

Silent Breach

Silent Breach specializes in network security and digital asset protection. Services include Pentesting, Security Assessments, Incident Detection & Response, Governance Risk & Compliance.

Cybrary

Cybrary

Cybrary is an open-source cyber security and IT learning and certification preparation platform.

Fortra

Fortra

Fortra (formerly HelpSystems) is your cybersecurity ally, unified through the mission of providing solutions to organizations' seemingly unsolvable cybersecurity problems.

PrivateVPN

PrivateVPN

PrivateVPN is a Virtual Private Network services provider offering secure encrypted access to the internet.

Tutamantic

Tutamantic

Tutamantic develops software that reduces security risks and weaknesses during the architectural and design stages.

Ksmartech

Ksmartech

Ksmartech provide services related to security and authentication in all areas where the connection of people to objects, and objects and objects is necessary.

ISA Global Cybersecurity Alliance (ISAGCA)

ISA Global Cybersecurity Alliance (ISAGCA)

Objectives of the ISA Global Cybersecurity Alliance include the acceleration and expansion of standards, certification, education programs, advocacy efforts, and thought leadership.

Salvador Technologies

Salvador Technologies

Salvador Technologies provides the world’s fastest technology to recover from cyber-attacks.

SECFORCE

SECFORCE

SECFORCE is a leading information security consultancy specialising in bespoke penetration testing and red team engagements.

DNX Ventures

DNX Ventures

Based in Silicon Valley and Tokyo, DNX Ventures is an early stage VC for B2B startups in sectors including Cybersecurity.

DataFleets

DataFleets

DataFleets is a privacy-preserving data engine that unifies distributed data for rapid access, agile analytics, and automated compliance.

Dataprise

Dataprise

Dataprise is a leading IT managed services provider offering IT Management and Help Desk Support Services, Cloud Services, Information Security Solution, IT Strategy and Consulting.

Pacific Global Security Group

Pacific Global Security Group

Pacific Global Security Group offers an intelligence-driven focus on all aspects of cybersecurity for IT/ICS/OT.

Quantum eMotion (QeM)

Quantum eMotion (QeM)

Quantum eMotion is a Montreal-based advanced developer leading the way towards a new generation of quantum-safe encryption for the quantum computing age.