Thursday, 14 May 2015

UK Government quietly rewrites law so that GCHQ and other British spy agencies can avoid prosecution for hacking computers

  • Government has changed the law via an amendment to Serious Crime Bill
  • The change offers more protection to spy agencies who hack computers
  • Privacy International is challenging the legality of GCHQ's spying actions
  • The charity has called Government's 'underhand' behaviour 'disgraceful'  

The Government has surreptitiously rewritten anti-hacking laws so that GCHQ and other law enforcement agencies can avoid criminal prosecution, it has been claimed.

Details of the alteration emerged at the Investigatory Powers Tribunal - which is currently hearing a challenge to the legality of computer-hacking by the country's intelligence agencies.

The Government changed the Computer Misuse Act (CMA) two months ago to give intelligence agencies more protection - via a little-known addition to the Serious Crime Bill.

The law was brought in just weeks after the Government faced a legal challenge that GCHQ had broken the law under the CMA by hacking computers to gather intelligence.

The case was brought forward by the charity Privacy International and seven internet service providers - who claim the spy agency's actions were illegal.

[Left] Protection: The Government has surreptitiously rewritten anti-hacking laws so that GCHQ (headquarters, pictured) and other law enforcement agencies can avoid criminal prosecution.

The claims follow revelations from NSA whistle-blower Edward Snowden, who said the US and UK agencies were monitoring internet traffic on an industrial scale.

Snowden also claimed that GCHQ and its US counterpart – the National Security Agency – had the ability to infect millions of computer and mobile handsets with malware.

This would allow them to gather huge amounts of digital content from devices, while also listening in to phone calls, tracking users' locations and switching on cameras and microphones.

Privacy International launched its challenge asserting the use of malware was illegal in England and Wales under the 1990 CMA. 

Eric King, the deputy director of the charity, told The Independent: 'The underhand and undemocratic manner in which the Government is seeking to make lawful GCHQ's hacking operations is disgraceful.

'Hacking is one of the most intrusive surveillance capabilities available to any intelligence agency, and its use and safeguards surrounding it should be the subject of proper debate. 

[Left] Revelations: US intelligence whistle-blower Edward Snowden said the US and UK agencies were monitoring internet traffic on an industrial scale.

'Instead, the Government is continuing to neither confirm nor deny the existence of a capability it is clear they have, while changing the law under the radar.'

Government sources say the amendment did not alter the law as the enforcement agencies already had powers to hack under the Intelligence Services Act.

Parliamentary guidance notes explaining the amendment to the Serious Crime Bill state that its purpose was to 'remove any ambiguity over the interaction between the lawful exercise of powers … and the offence provisions.'

Privacy International say this fails to properly explain the amendment's impact.

The charity also claims that the Government failed to notify regulators, commissioners and the public of the change before it came into law, taking effect on May 3.

Privacy International added that it wasn't the first time the Government has changed the law - pointing out that in February, a code of practice for GCHQ was released which gives 'spy agencies sweeping powers' to hack people not even suspected of a crime. 

The Home Office has rejected the activists' claims and say there have been no changes made to the Computer Misuse Act 1990 by the Serious Crime Act 2015 that would affect the scope of spy agencies.  
The full hearing is expected later this year.