UK Court Rules Surveillance Under Snooper’s Charter Unlawful

Citizens of the UK concerned about privacy can breathe a sigh of relief! The UK Court of Appeal ruled the government’s mass digital surveillance program unlawful last week. In motioning to reevaluate aspects of a law once named the most extreme form of surveillance, the country took a step closer to returning the right to personal privacy and data back to their citizens. Previously, in December 2016, the EU’s highest court ruled that governmental storage of communications on a “general and indiscriminate” basis was illegal – which pushed the Snooper’s Charter back to court and ultimately lead to the current ruling.

History of the Snoopers’ Charter

When we initially reported on this legislation in 2014, the bill was referred to as the Data Retention and Investigatory Powers Act (DRIPA). This bill was introduced to the public with the justification of giving intelligence agencies broader access to data for the purpose of protecting national security and fighting terrorism. It additionally prohibited tech companies from building end-to-end encryption in devices, or required them to build encryption “backdoors” which would allow 48 security agencies access to all transmitted communications. DRIPA also included data retention provisions, requiring ISPs to collect their customers’ web history for a period of up to a year. After a single day of parliamentary discussion, DRIPA was passed in 2014 as “emergency legislation” and paved the way for the legislation as we recognize it today. The Investigatory Powers Act (also widely known/referred to as the Snoopers Charter) was enacted in 2016 and, similar to its predecessor, and expanded upon many of the previous legislation’s most invasive and concerning features.

The Court’s Decision

A legal case began when DRIPA was first introduced in 2014, and after three years of legal dispute three appeal court judges finally ruled parts of the Snooper’s Charter illegal. The judges specified the Snoopers Charter breached EU law for these reasons:

  • Allowing data to be harvested for reasons other than fighting serious crime as originally intentioned
  • Permitting a myriad of security agencies access to citizens’ private data without the need for a warrant
  • Forcing communication companies to store detailed information about the location and use of all UK citizens’ phones

The latest ruling from the UK court found two specific aspects at fault:

  • Collecting data for the “wrong purposes”
  • Collecting data without “proper sign-off”

As described by Martha Spurrier, director of Liberty, “Yet again a UK court has ruled the Government’s extreme mass surveillance regime unlawful.” … “This judgment tells ministers in crystal clear terms that they are breaching the public’s human rights. The latest incarnation of the Snoopers’ Charter, the Investigatory Powers Act, must be changed.”

Golden Frog’s Thoughts

At Golden Frog, we have always fought against mass surveillance and the warrantless collection of information! While we’re happy to see legislative powers recognize when existing legislation is violating the digital privacy of their citizens, the latest developments are still cause for concern. Although this is a positive step forward in that the UK is reevaluating aspects of the Snooper’s Charter and recognizing the concerning surveillance it enables, the legislation is highly invasive and shouldn’t have been approved in the first place. We’ll be checking back to see how the Investigatory Powers Act law changes as a result of this ruling, and which aspects of the legislation will in fact be altered. Privacy is a human right, and we will continue to fight against surveillance and for privacy for Internet users across the globe.

Sources: Wired, The Independent, The Guardian