Home
 » ISP News » 
Sponsored

Small ISPs Launch Legal Action to Stop GCHQ UK Internet Snooping

Wednesday, July 2nd, 2014 (1:28 pm) - Score 623
fibre optic cables into united kingdom

A group of smaller ISPs from around the world, including GreenNet from the United Kingdom, have lodged a legal complaint against the UK’s intelligence agency – Government Communications Headquarters (GCHQ) – after they were last year caught tapping into at least some of the world’s 10Gbps transatlantic fibre optic cable links and snooping on the related phone and Internet traffic.

Last year’s revelations surrounding operation Tempora (here and here), which allegedly also received support from major telecoms operators like BT (“Remedy“) and Vodafone (“Gerontic“), have since seen plenty of twists and turns, but so far none of ex-NSA employee Edward Snowden‘s leaks appear to have had much of an impact on the snooping activity itself.

However a coalition of smaller ISPs, including GreenNet (UK), RiseUp Networks (USA), Mango Email Service (Zimbabwe), “Jinbonet” – Korean Progressive Network (South Korea), Greenhost (Netherlands), Media Jumpstart Inc. (USA) and the Chaos Computer Club (Germany), have decided to take matters into their own hands by lodging a formal legal complaint with the UK’s Investigatory Powers Tribunal (IPT).

The legal complaint document (Adobe PDF) highlights four key gripes against both GCHQ and the UK Government’s Secretary of State for Foreign and Commonwealth Affairs, William Hague.

The Four Main Legal Issues

1. First, in the course of such an attack, network assets and computers belonging to the internet and communications service provider are altered without the provider’s consent. That is in itself unlawful under the Computer Misuse Act 1990 in the absence of some supervening authorisation. Depending on the nature and extent of the alterations, the attacks may also cause damage amounting to an unlawful interference with the internet and communications service provider’s property contrary to Article 1 of the First Protocol (“A1P1”) to the European Convention on Human Rights (“ECHR”).

2. Second, the surveillance of the internet and communications service provider’s employees is an obvious interference with the rights of those employees under Articles 8 and 10 ECHR, and by extension the provider’s own Article 10 rights. As Der Spiegel reported in relation to a separate attack on Mach, a data clearing company, a computer expert working for the company was heavily targeted: “A complex graph of his digital life depicts the man’s name in red crosshairs and lists his work computers and those he uses privately (‘suspected tablet PC’). His Skype username is listed, as are his Gmail account and his profile on a social networking site. […] In short, GCHQ knew everything about the man’s digital life.”

It is not simply a question of GCHQ confining its interest to employees’ professional lives. They are interested in knowing everything about the staff and administrators of computer networks, so as to be better able to exploit the networks they are charged to protect.

3. Third, the exploitation of network infrastructure enables GCHQ to conduct mass and intrusive surveillance on the customers and users of the internet and communications service providers’ services in contravention of Articles 8 and 10 ECHR. Network exploitation of internet infrastructure enables GCHQ to undertake a range of highly invasive mass surveillance activities, including the application of packet capture (mass scanning of internet communications); the weakening of encryption capabilities; the observation and redirection of internet browsing activities; the censoring or modification of communications en route; and the creation of avenues for targeted infection of users’ devices. Not only does each of these actions involve serious interferences with Article 8 ECHR rights, by creating vulnerabilities and mistrust in internet infrastructure they also chill free expression in contravention of Article 10 ECHR.

4. Fourth, the use by GCHQ of internet and communications service providers’ infrastructure to spy on the providers’ users on such an enormous scale strikes at the heart of the relationship between those users and the provider itself. The fact that the internet and communications service providers are essentially deputised by GCHQ to engage in heavily intrusive surveillance of their own customers threatens to damage or destroy the goodwill in that relationship, itself an interference with the provider’s rights under A1P1.

The complaint then continues on to highlight various examples and laws as supporting evidence for their case, before seeking a declaration that “GCHQ’s intrusion into the computers and network assets of internet and communications service providers, their staff and their users is unlawful“. The ISPs have also requested an order that would require the destruction of any unlawfully obtained material and an injunction to restrain “further unlawful conduct“.

Meanwhile the UK Government continues to claim that its activity is lawful, which appears to be largely down to a clause in the original Regulation of Investigatory Powers Act (RIPA). This allows the government’s home or foreign secretary to approve the activity so long as one end of the snooped communication is abroad (i.e. international traffic).

It remains to be seen whether or not this latest legal complaint will actually make any headway. The IPT, which exists to investigate complaints about the potential conduct of various public bodies, was also established as a result of the enactment of RIPA in 2000.

Add to Diigo
Mark Jackson
By Mark Jackson
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on Twitter, , Facebook and Linkedin.
Leave a Comment
6 Responses
  1. Avatar dragoneast

    The spooks will be quaking in their boots, NOT! Get the fly swats out. National Security is a cloak to cover every sin.

    • Avatar DTMark

      Al-Qaeda. Semtex. Explosion. Training camps. Afghanistan. Bombs. Jihad, holy war, freedom fighters, secret plots, Bitcoin.

      Should give them something to do. Oh, sorry, GCHQ, have I wasted your time?

    • Oh thanks, now we’ll be blocked by the ISPs as a terrorist training site when they tag those keywords with their “sophisticated” filters :).

    • Avatar DTMark

      Must admit that didn’t occur to be. Disinformation is the way to beat surveillance 😉

      Do feel free to remove.

  2. Avatar sentup.custard

    “sorry, GCHQ, have I wasted your time?”

    Of course not – we are interested in *all* your communications. It would, however, be helpful if you would save us a bit of work by downloading the Stalin app so that a copy of everything comes to us direct instead of us having to intercept things.

    Thanks

    GCHQ
    (A perfectly legitimate official link, of course… 😉 )

Comments RSS Feed

Javascript must be enabled to post (most browsers do this automatically)

Privacy Notice: Please note that news comments are anonymous, which means that we do NOT require you to enter any real personal details to post a message. By clicking to submit a post you agree to storing your comment content, display name, IP, email and / or website details in our database, for as long as the post remains live.

Only the submitted name and comment will be displayed in public, while the rest will be kept private (we will never share this outside of ISPreview, regardless of whether the data is real or fake). This comment system uses submitted IP, email and website address data to spot abuse and spammers. All data is transferred via an encrypted (https secure) session.

NOTE 1: Sometimes your comment might not appear immediately due to site cache (this is cleared every few hours) or it may be caught by automated moderation / anti-spam.

NOTE 2: Comments that break our rules, spam, troll or post via known fake IP/proxy servers may be blocked or removed.
Cheapest Superfast ISPs
  • Hyperoptic £18.00 (*22.00)
    Avg. Speed 30Mbps, Unlimited
    Gift: Code: HYPER19
  • Vodafone £22.00 (*24.00)
    Avg. Speed 35Mbps, Unlimited
    Gift: None
  • TalkTalk £22.45
    Avg. Speed 38Mbps, Unlimited
    Gift: None
  • Direct Save Telecom £22.95 (*29.95)
    Avg. Speed 35Mbps, Unlimited
    Gift: None
  • Origin Broadband £23.00
    Avg. Speed 35Mbps, Unlimited
    Gift: None
Prices inc. Line Rental | View All
The Top 20 Category Tags
  1. BT (2413)
  2. FTTP (2009)
  3. FTTC (1599)
  4. Building Digital UK (1550)
  5. Politics (1345)
  6. Openreach (1339)
  7. Business (1182)
  8. Statistics (1045)
  9. FTTH (972)
  10. Mobile Broadband (969)
  11. Fibre Optic (944)
  12. Ofcom Regulation (882)
  13. Wireless Internet (864)
  14. 4G (851)
  15. Virgin Media (811)
  16. Sky Broadband (576)
  17. EE (558)
  18. TalkTalk (557)
  19. Vodafone (471)
  20. Security (395)
Promotion
Helpful ISP Guides and Tips
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms , Privacy and Cookie Policy , Links , Website Rules , Contact