The Pathology of Mass Surveillance: The UK, Bulk Interception and the European Court of Human Rights
It’s fitting that the same society that produced George Orwell with his warnings of a totalitarian dystopia stacked with all-prying monitors, surveillance and paranoia should yield up some of the most invasive surveillance regimes imaginable. While some states have found the revelations from Edward Snowden the sort that should initiate, at the very least, modest changes, the United Kingdom preferred the opposite approach. It had, after all, been an indispensable ally to the US National Security Agency, its equivalent GCHQ always intent on going one better.
In 2016, the Snooper’s Charter, a name so innocuous as to imply impressive cuddliness, found its way onto Britain’s law books after two failed efforts. That instrument’s more officious, and appropriate title, was the Investigatory Powers Act, deemed by Snowden “the most extreme surveillance in the history of western democracy.” As Paul Bernal suggested in The Conversation on its passage, “It is not a modernisation of existing law, but something qualitatively different, something that intrudes upon every UK citizen’s life in a way that would even a decade ago have been inconceivable.”
Various efforts in Britain have been mounted against the all-consuming beast of mass surveillance. The UK Court of Appeal did find in 2015 that the Data Retention and Investigatory Powers Act (DRIPA) failed to place adequate restrictions upon police officers in their attempts to access personal information, including web browsing history and phone records. The discerning judges noted the absence of an independent overseer and appropriate safeguards that might have saved the legislation.
Last Thursday, the European Court of Human Rights took a rather different view from the national security boffins in the case of Big Brother Watch and Others v the United Kingdom. The legality of three different surveillance forms featured in the complaint by 16 applicants, launched in the immediate aftermath of Snowden’s disclosures: the bulk interception of communications; the sharing of intelligence with foreign governments; the obtaining of communications data from communications service providers.
While the applicants did not shun all forms of bulk interception, the relevant claim was that such a regime could hardly be seen to have “the quality of law because it was so complex as to be inaccessible to the public and to the Government” lacking “clear and binding legal guidelines” and “sufficient guarantees against abuse.”
The submission by the UK government was predictably heavy on the issues of threat, security, and danger. The greatest temptation of tyrants is the claim that what is being combated is new, fresh and entirely modern. National security threats abound like a miasmic phenomenon, and not just that old nagging matter of terrorism. There was a degree of “sophistication” terrorists and criminals had adopted in communicating over the Internet so as to avoid detection. Encryption was being used; the volume of communications was so vast as to enable concealment.
By five votes to two, the Chamber found that the bulk interception regime violated Article 8 of the European Convention on Human Rights covering the respect for private and family life, home and correspondence. The failing here was a conspicuous lack of oversight in selecting Internet bearers for targets of interception. There was also an inadequate system in filtering, searching and selecting any salient intercepted communications; and there was a pronounced lack of pertinent safeguards concerning “related communications data.” Bulk interception did not, in of itself, violate the Convention; but clearly defined criteria was the essence of validity.
By six votes to one, the Chamber found that obtaining communications data from those in the communications industry also breached the protections of Article 8. Article 10 of the Convention covering freedom of expression, holding opinions, and the imparting and receipt of information was also found to have been offended by both the bulk interception regime and obtaining communications from service providers.
The judges noted that the second and third applications involved “investigative journalists who have reported on issues such a CIA torture, counterterrorism, drone warfare, and the Iraq war logs [accepting] that they were potentially at risk of having their communications obtained by the United Kingdom authorities.”
The judges did, however, fail to bite on several fronts. Sharing intelligence with foreign governments could not be considered a violation of either Article 8 or 10. (This, in of itself, raises a set of problems given Britain’s security ties with various unsavoury states who might be all too happy to receive the UK’s bounty.) On the issue of whether the surveillance regime breached Article 6 (covering the right to a fair trial), and the inadequacy of domestic processes in challenging surveillance measures suggesting a violation of Article 14 (prohibiting discrimination), the court remained unmoved.
The response of the UK government has been one of readjustment and sweetening. Whilst “careful consideration” would be given to the ruling, a new “double lock” oversight process, according to a spokesperson, had been introduced in the 2016 legislation. The process involved agreement between an independent judicial commissioner and the authorising secretary of state in executing search warrants. It is precisely such measures that must be regarded as the mandatory softeners in otherwise extreme security measures that never do what they claim to.
Despite the recent horror of her premiership, Prime Minister Theresa May, a figure instrumental in building the new British security state, can take comfort from Brexit in one fundamental respect: At the very least she might be able to prize Britannia away from the clutches of a European human rights court that continues to correct wayward member states obsessed with surveillance.
If you're interested in writing for International Policy Digest - please send us an email via firstname.lastname@example.org