» ISP News » 

Fears of Unlawful Bulk Internet Surveillance Data Retention by MI5

Wednesday, June 12th, 2019 (10:46 am) - Score 1,696
internet spying eye

A legal challenged brought by Liberty in the UK High Court has pointed to the “undoubtedly unlawful” bulk retention of largely innocent peoples communications data (telecoms and internet) by MI5, which stems from an apparent failure to adhere to the safeguards set out in the Government’s 2016 Investigatory Powers Act (IPAct).

The IPAct supports various measures such as targeted interceptions of communications, computer hacking for investigations and it forces telecoms providers (e.g. fixed line phone, mobile and broadband ISPs) to log the basic calls / internet activity of all their customers for up to 12 months (Internet Connection Records). However the actual content of your communications can only be accessed upon receipt of a warrant.

The new law also introduced safeguards to govern how such information should be stored and handled, which were designed to protect against the misuse of bulk data collection. Despite this Liberty’s court case has unearthed new documents, which shows that the secret service (MI5) “has been unlawfully retaining innocent people’s data for years.”

The first real confirmation of a problem came last month after the Investigatory Powers Commissioner (IPCO), Rt Hon Lord Justice Fulford, warned of “compliance risks identified by MI5,” which he later deemed to be representative of “undoubtedly unlawful” conduct.

In response the Lord sent a team to MI5 to investigate the problem and was seemingly “reassured that MI5 has taken immediate steps to introduce a series of mitigating actions .. [that should] .. provide sufficient reassurance that MI5’s handling arrangements within the particular area of concern are now satisfactory as regards warranted material.”

Liberty’s ongoing legal challenge to the IPAct has now revealed more detail from those breaches, including that “MI5 has failed to meet its legal duties for as long as the IPA has been law.”

Liberty’s Summary of the Documents

Illegal actions: The Commissioner concluded that the way MI5 was holding and handling people’s data was “undoubtedly unlawful”, setting out that: “Without seeking to be emotive, I consider that MI5’s use of warranted data… is currently, in effect, in ‘special measures’ and the historical lack of compliance… is of such gravity that IPCO will need to be satisfied to a greater degree than usual that it is ‘fit for purpose’“.

MI5 knew for three years before informing IPCO: MI5 failed to maintain key safeguards, such as the timely destruction of material and the protection of legally privileged material. This, says Lord Justice Fulford created “serious compliance gaps” in its legal duties. Shockingly, these gaps first became clear to MI5 staff in January 2016, and the MI5 board in January 2018, but were only brought to IPCO’s attention in February 2019. Even then Fulford accuses MI5 officials of continuing to use “misleading euphemism” when describing their failure.

False assurances: Warrants for bulk surveillance were issued by senior judges (known as Judicial Commissioners) on the understanding that MI5’s data handling obligations under the IPA were being met – when they were not. The Commissioner has pointed out that warrants would not have been issued if breaches were known. The Commissioner states that “it is impossible to sensibly reconcile the explanation of the handling of arrangements the Judicial Commissioners were given in briefings…with what MI5 knew over a protracted period of time was happening.

A senior official at MI5 is also understood to have told Lord Justice Fulford that at least some of the personal data collected was being stored in so-called “ungoverned spaces” (very reassuring). The legal team for MI5 further confirmed there was a “high likelihood [of material] being discovered when it should have been deleted, in a disclosure exercise leading to substantial legal or oversight failure“.

Megan Goulding, Liberty Lawyer, said:

“These shocking revelations expose how MI5 has been illegally mishandling our data for years, storing it when they have no legal basis to do so. This could include our most deeply sensitive information – our calls and messages, our location data, our web browsing history.

It is unacceptable that the public is only learning now about these serious breaches after the Government has been forced into revealing them in the course of Liberty’s legal challenge. In addition to showing a flagrant disregard for our rights, MI5 has attempted to hide its mistakes by providing misinformation to the Investigatory Powers Commissioner, who oversees the Government’s surveillance regime.

And, despite a light being shone on this deplorable violation of our rights, the Government is still trying to keep us in the dark over further examples of MI5 seriously breaching the law.”

The UK Government’s Home Secretary, Sajid Javid MP, has promised to launch an independent review of this incident and Liberty is continuing with their legal challenge of the law.

Leave a Comment
6 Responses
  1. Avatar Moses

    Does vpn mitigate this or not?

    • Avatar Mike

      They would only know you’re connected to a VPN.

    • Avatar CarlT

      Well, it might conceal from GCHQ. Whoever is monitoring the VPN’s connectivity to the wider Internet will be snooping instead.

    • Avatar Spurple

      Against GCHQ, No. Against copyright trolls, probably.

      Your VPN stands no chance against entities with the resources of a country like the UK. All it does for you is really to add a few extra hoops to the task of unmasking a user’s identity, which simply turns it into an economic question: are you valuable enough to unmask?

      Many erstwhile malicious hackers and cryptocurrency (ab)users often learn this the hard way

  2. Avatar useless

    But remember its China that is the real evil that wants to monitor, intercept and hack us all. We all live in an open, honest, democratic country….. Woops the codswallop meter has just exploded.

  3. Avatar Timeless

    no surprises at this piece of news, we were about due for another privacy scandal.

Comments RSS Feed

Javascript must be enabled to post (most browsers do this automatically)

Privacy Notice: Please note that news comments are anonymous, which means that we do NOT require you to enter any real personal details to post a message. By clicking to submit a post you agree to storing your comment content, display name, IP, email and / or website details in our database, for as long as the post remains live.

Only the submitted name and comment will be displayed in public, while the rest will be kept private (we will never share this outside of ISPreview, regardless of whether the data is real or fake). This comment system uses submitted IP, email and website address data to spot abuse and spammers. All data is transferred via an encrypted (https secure) session.

NOTE 1: Sometimes your comment might not appear immediately due to site cache (this is cleared every few hours) or it may be caught by automated moderation / anti-spam.

NOTE 2: Comments that break our rules, spam, troll or post via known fake IP/proxy servers may be blocked or removed.
Cheapest Superfast ISPs
  • Hyperoptic £19.95 (*22.00)
    Avg. Speed 50Mbps, Unlimited
    Gift: Promo Code: HYPER20
  • Plusnet £21.99 (*35.98)
    Avg. Speed 36Mbps, Unlimited
    Gift: £50 Reward Card
  • SSE £22.00
    Avg. Speed 35Mbps, Unlimited
    Gift: None
  • xln telecom £22.74 (*47.94)
    Avg. Speed 66Mbps, Unlimited
    Gift: None
  • TalkTalk £22.95 (*29.95)
    Avg. Speed 38Mbps, Unlimited
    Gift: None
Prices inc. Line Rental | View All
The Top 20 Category Tags
  1. BT (2715)
  2. FTTP (2601)
  3. FTTC (1756)
  4. Building Digital UK (1700)
  5. Politics (1605)
  6. Openreach (1563)
  7. Business (1387)
  8. FTTH (1310)
  9. Statistics (1206)
  10. Mobile Broadband (1177)
  11. Fibre Optic (1044)
  12. 4G (1013)
  13. Wireless Internet (997)
  14. Ofcom Regulation (993)
  15. Virgin Media (976)
  16. EE (671)
  17. Sky Broadband (655)
  18. TalkTalk (644)
  19. Vodafone (641)
  20. 5G (472)
Helpful ISP Guides and Tips

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms , Privacy and Cookie Policy , Links , Website Rules , Contact