back to article UK spies broke law for 15 years, but what can you do? shrugs judge

The Investigatory Powers Tribunal has reruled that GCHQ, MI5 and MI6 engaged in indiscriminate and illegal bulk cable-tapping surveillance for 15 years – and has once again refused to do anything about it. In a 113-paragraph judgment handed down today filled with assurances that he was "anxious to assist in achieving …

  1. steelpillow Silver badge
    WTF?

    So that's the big deal

    Sloppy admin. We've all done illegal stuff without realising it. Woken up and driven to work while our blood alcohol was still a tad over the limit, cycled up a one-way street without noticing the sign, let an almost-adult kid watch a dodgy movie without their parents' express consent, whatever. Now it's the Home Secretary's turn to illegally delegate powers. What can you do, slap the spooks for doing what their political masters expected because they were too lazy to do it themselves?

    Look, a horse just bolted from that stable over there, better go and lock the door quick.

    Roll on ubiquitous encryption and open democracy, I say.

    1. Primus Secundus Tertius Silver badge

      Re: So that's the big deal

      @Steelpillow

      Roll on ubiquitous encryption and open democracy, communist and religious conspiracies, and a closed dictatorship of communists or religious nutters.

      FTFY

    2. bombastic bob Silver badge
      Black Helicopters

      Re: So that's the big deal

      well, I'd be MORE concerned if the slurped info lead to convictions later on. But as it's just "being snoped on" it's something to be concerned about, but nothing to be paranoid about. yet.

      USA is going through some similar problems, with the alleged "meta-data only" NSA snooping.

      I'm sure 'bad guys' already just assume they're being snooped on and use some kind of code [and "burn phones"], which calls into question the validity of such snooping in the FIRST place, right?

      1. Paul Hovnanian Silver badge

        Re: So that's the big deal

        "I'm sure 'bad guys' already just assume they're being snooped"

        The smart ones do. The stupid ones, not so much. Which results in a bias in removing bad guys from the streets in favor of leaving the smarter ones in business.

        The problem is that the case based on an illegal search that turns up a dead body in the trunk (boot) getting thrown out penalizes society in terms of not punishing the murderer and then the officer conducting that search. We have to live with a criminal among us, while the police only take a hit in their arrest statistics.

        1. Britt Johnston
          Thumb Down

          Re: the big deal - taxes pay for this misuse

          Another negative - the public servants who would be in the best position to make info handling secure are the ones actively undermining it

          1. Anonymous Coward
            Anonymous Coward

            Re: the big deal - taxes pay for this misuse

            "the public servants who would be in the best position to make info handling secure are the ones actively undermining it"

            Hence the earlier question about whether one particular individual has any special significance in this current context:

            http://www.dailymail.co.uk/news/article-2241645/Theresa-May-spy-tipped-mandarin--love-glamorous-aide.html (article from 1 Dec 2012, but he's been around much longer ... find the name, follow the history, see where it leads. E.g. it will lead to the dark figures behind the "snooper's charter" and probably more).

      2. Jack of Shadows Silver badge

        Re: So that's the big deal

        One of the more interesting things about the GWOT is that exchanging mobile phones, often with a family member or other nobody as the new custom. . I can recall one of our intelligence leaders saying, "We kill by. IMEI number." Build a better mousetrap, catch a better mouse.

      3. eldakka Silver badge

        Re: So that's the big deal

        > well, I'd be MORE concerned if the slurped info lead to convictions later on.

        And what are you basing this on?

        How do you know that there have been no convictions based on this snooping? Or that it hasn't led to "extraordinary renditions"? Because the government has said so? That same government who are on record as lying to a court?

        The agencies also had to amend their witness statements several times after it became obvious that their original contents, claiming they and the Foreign Secretary obeyed the law in full, were simply not true;

      4. scrubber

        Re: So that's the big deal

        We are the "bad guys" again?

        1. scrubber

          Re: So that's the big deal

          I meant "who" but "we" kind of works as well.

      5. Britt Johnston

        Re: So that's the big deal - extralegal processes undermining security, and paid for from taxes

        There is a further problem: public servants undermining information security systemically, when they would be among the best-informed groups to help improve and secure it.

    3. John Smith 19 Gold badge
      FAIL

      So, as suspected the IPT is basically a blind, toothless watchdog

      This sort of nod-and-a-wink behavior is an all too common part of British politics.

      OMFG William Hauge as possibly the first Home Secretary to actually look at the stuff he was signing.

      1. Archtech Silver badge

        Re: So, as suspected the IPT is basically a blind, toothless watchdog

        "OMFG William Hague was possibly the first Home Secretary to actually look at the stuff he was signing".

        Either because he was so smart, or because he was so dumb.

        Sir Humphrey would certainly advise his minister NOT to read some of the instruments he routinely signs. Some people are uncomfortable about lying, and do it badly. So it's better that they actually believe it when they say, "I never saw that in my life before".

      2. Mark 65 Silver badge

        Re: So, as suspected the IPT is basically a blind, toothless watchdog

        Given this statement

        His successor in 2014, Philip Hammond, tightened this up to ensure the spies gave him a detailed review of what they wanted and why every six months before he would sign it off, giving him direct control over what types of bulk data they were slurping.

        I'm not sure that we can really say anything was tightened up. If you just sign shit off anyway does it matter that you requested details? This is merely ticking a box and continuing the carte blanche directive.

        I'm afraid that the UK is now fully a police state. Bipartisan support for national security nonsense that allows Stasi++ level monitoring of everything from everyone everywhere will absolutely no ability to do anything about it whatsoever. IPT investigates and says "yeah, whatever". Brilliant. It is an Orwellian wet dream. Don't even mention anything about Brexit as this clearly demonstrates you're all fucked whether you're in the EU or not.

    4. Archtech Silver badge

      Re: So that's the big deal

      Nice example of sloppy, woolly thinking and sloppy, woolly ethics, sloppily and woollily expressed.

      The most important fact that your post ignores and obfuscates is that there is a huge difference between a private citizen, perhaps unconsciously, committing a marginal breach of a law that many other citizens (and government employees) often break - and a key government department quite deliberately breaking the law in order to spy on citizens.

      As for the subsidiary question of whom to hold responsible (and prosecute, and punish to the full extent of the law), that's obfuscation too. Someone is certainly responsible when a government breaks its own laws, and it seems most unlikely that no one knew that. If you don't wish to blame "the spooks" for breaking the law, then blame their bosses. If necessary, indict the Prime Minister of the time. (Although isn't there a legal maxim about ignorance of the law being no excuse?)

      If you are in any way uncertain about the difference between a government and its citizens, here are a couple of important things to remember.

      1. The government works for the citizens - not vice versa.

      2. The government and all its employees are paid by the citizens.

      3. The government is accountable to the citizens.

      Lastly,

      "When the people fear their government, there is tyranny; when the government fears the people, there is liberty".

      - Thomas Jefferson

      1. Fatman Silver badge

        Re: So that's the big deal

        How dare you quote

        that

        traitor.

        As expressed by someone still sore that those dammed Colonies got away from the Crown so long ago.

  2. Giovani Tapini

    I would hardly expect precise targetting

    even in the private sector things are deliberately obfuscated.

    Imagine your corp sending out an email saying, no more private share dealing on stock for YGRT. You would immediately infer that a takeover was in progress or some other sort of "secret" action. Therefore these lists contain a fair bit of fluff over the top so you can't use the blocked lists to work our who our clients are.

    Same goes for spy slurping, you need to hide your targets in some noise operationally, even if not expressly legally.

    They would be better off saying that almost anyone could have their comms captured and assessed on this basis, however the lack of any useful oversight of how data is used and harvested is the real concern here. The oversight body having only the power to say its a bid disappointed means it is a waste of expense accounts.

    Fortunately I don't believe GCHQ could genuinely monitor everything regardless of the tin foil hat brigades comments.

    1. Peter2 Silver badge

      Re: I would hardly expect precise targetting

      Same goes for spy slurping, you need to hide your targets in some noise operationally, even if not expressly legally.

      You don't need to hide that information from the person authorising the warrant though.

      Fortunately I don't believe GCHQ could genuinely monitor everything regardless of the tin foil hat brigades comments.

      Probably not. But the fact remains that they are doing a dammed good job of trying, and the spy agencies do not have any meaningful or effective oversight, and there is evidently nobody to hold them to account when they are engaged in misconduct.

      1. pɹɐʍoɔ snoɯʎuouɐ

        Re: I would hardly expect precise targetting

        You don't need to hide that information from the person authorising the warrant though.

        with the amount of dipshittery that goes on in Westminster, I would argue that they should, just in case said idiot walks down downing street waving at the photographers with 50mpix cameras focused on the documents on show detailing the terrorist targets they are about to round up.....

        and its no joke.... its already happened at least once ...

        1. JohnG Silver badge

          Re: I would hardly expect precise targetting

          "with the amount of dipshittery that goes on in Westminster, I would argue that they should, just in case said idiot walks down downing street waving at the photographers with 50mpix cameras focused on the documents on show detailing the terrorist targets they are about to round up.....

          and its no joke.... its already happened at least once ..."

          But that judgement is not within the remit of the intelligence agencies or other civil servants. For better or worse, we have a democracy and the civil servants work for the government, not the other way around.

          British intelligence agencies have form for getting way out of line: MI5 spied on Harry Wilson when he was prime minister, because they believed him to be too left wing and possibly in contact with the KGB.

          1. Anonymous Coward
            Anonymous Coward

            Re: I would hardly expect precise targetting

            "British intelligence agencies have form for getting way out of line: MI5 spied on Harry Wilson when he was prime minister, because they believed him to be too left wing "

            Allegedly, it went further than that - plans were drawn up for a military coup, a dry run for which was a set of military exercises securing airports, etc, led by Lord Mountbatten in 1974.

            1. Anonymous Coward
              Anonymous Coward

              Re: I would hardly expect precise targetting

              >Allegedly, it went further than that - plans were drawn up for a military coup, a dry run for which was a set of military exercises securing airports, etc, led by Lord Mountbatten in 1974.

              Given current events in Westminster, I hope those plans have been updated and they are ready to roll...

              1. Roj Blake Silver badge

                Re: I would hardly expect precise targetting

                Lord Mountbatten is unfortunately unavailable, but Lord Blair of Basra would be well up for it.

    2. tiggity Silver badge

      Re: I would hardly expect precise targetting

      @ Giovani Tapini

      But they can keyword / phrase search stuff, record URLS visited - and if you trigger enough red flags, watchlist ahoy.

      Problem is doing something useful with that data, end up with many suspects but too few resources - search around for number of cases where perpetrator of a "terrorist act" was known to the authorities in some way.

      Too many people on watchlists due to prejudice (e.g. lots of animal rights activists closely tracked purely because a few ALF extremists had a bombing campaign a decade ago)

      1. Primus Secundus Tertius Silver badge

        Re: I would hardly expect precise targetting

        @tiggity

        A few years ago I happened to be on the High Street when an Animal Rights demonstration march took place, under heavy police supervision.

        Any cat or dog would have run a mile from any of those marchers.

        1. Anonymous Coward
          Anonymous Coward

          Re: I would hardly expect precise targetting

          "Any cat or dog would have run a mile from any of those marchers."

          And how many of those "animal rights protesters" were actually undercover police?

          See e.g.

          https://www.telegraph.co.uk/news/2018/02/20/undercover-police-officer-took-part-release-mink-fur-farm-infiltrating/

          That particular undercover exploit was just before this chap took over at the UK's finest anti-terrorist police chiefs, e.g

          https://www.telegraph.co.uk/news/uknews/1559321/Andy-Hayman-profile.html

          This chap:

          http://www.dailymail.co.uk/news/article-500915/The-police-chief-text-messages-married-blonde-truth-Stockwell-shooting-fiasco.html

          This chap:

          https://www.telegraph.co.uk/news/uknews/phone-hacking/8649410/Phone-hacking-MPs-criticise-unprofessional-Andy-Hayman.html

          A very British coup? If only...

    3. teknopaul Bronze badge

      Re: I would hardly expect precise targetting

      "Fortunately I don't believe GCHQ could genuinely monitor everything regardless of the tin foil hat brigades comments."

      Google "full take". You dont have to believe tin foil hat brigade you just had to take your fingers out of your ears during Snowdens revelations.

  3. alain williams Silver badge

    What to do about it ?

    we can't change the past, but we can change the future. Make it so that the spooks and Home Secretary do what they are supposed to.

    Impose penalties on the spook heads & Home Secs who ignored the law, removal of pensions would be about right. Then any of these in the future who think about ignoring the law will decide that their own financial security is more important than some illegal request.

    It won't happen of course but it is measures such as this, rather than well intentioned hand-wringing, that will stop repeats of violations of human rights.

    1. An nonymous Cowerd

      Re: What to do about it ?

      Korea has done what it can

      Imprisoned their lying prime minister/president who abused/was bribed by the spooks

      imprisoned the spooks

      and written the rules such that the spooks are no longer able to perform sock puppetry etc in the public sphere, for election fraud etc

      https://www.dw.com/en/south-koreas-park-geun-hye-given-more-jail-time-over-spy-funds/a-44757713 [Deutsche Welle]

      http://m.yna.co.kr/mob2/en/contents_en.jsp?cid=AEN20180720001252315 [YonHap news agency, I can't find the desktop url - but this mobe site still works]

  4. Jellied Eel Silver badge

    Sloppy legislation

    The legislation was kicking around since before 1984, and law makers would have had their opportunity to scrutinise drafts and table amendments. That didn't happen until relatively recently when people realised the '84 Act was a bit.. vague. Especially given rulings around what privacy could be expected under EU and other legislation.

    So now we have new legislation which more tightly defines what can be slurped, and who can access the data. And perhaps most importantly, creates additional privacy expectations for politicians, even though they're probably more corruptable than us oiks.

    1. Anonymous Coward
      Anonymous Coward

      Re: Sloppy legislation

      >So now we have new legislation which more tightly defines what can be slurped, and who can access the data.

      And still doesn't meet the requirements of GDPR...

      1. Jellied Eel Silver badge

        Re: Sloppy legislation

        GDPR? Sure it does-

        (16) This Regulation does not apply to issues of protection of fundamental rights and freedoms or the free flow of personal data related to activities which fall outside the scope of Union law, such as activities concerning national security.

        And a lot of GDPR relates to activities carried out by an 'enterprise', ie private entities rather than public. Which I guess could make some PFI deals interesting if GDPR exemptions can't be outsourced. And like a lot of legislation, it may be open to interpretation, which lawyers will no doubt argue for an agreeable fee.

        But like much stuff in civil societies, it's about trust, and checks/balances. So it would be a strange situation if terrorists could argue their privacy is infringed, and they should be free to plot in private. Especially when jihadis are known to use networks to recruit and share information. Previous UK legislation was too vague, the current legislation makes it clearer what the security services can do to collect and share bulk data.. And that now has more restrictions and oversight.

  5. Steve Graham

    typo

    The closed judgement is described as "non-private", when clearly you meant "non-public".

  6. Version 1.0 Silver badge

    GCHQ, MI5 and MI6 can fix the problem overnight ...

    Just buy Facebook, then it's all legal.

    1. pɹɐʍoɔ snoɯʎuouɐ

      Re: GCHQ, MI5 and MI6 can fix the problem overnight ...

      Just buy Facebook, then it's all legal.

      they could not afford it,,

    2. Swarthy Silver badge
      Trollface

      Re: GCHQ, MI5 and MI6 can fix the problem overnight ...

      Just buy subpoena Facebook, then it's all legal.
      If they bought Facebook, it would then be illegal for FB to collect all that they do.

      So, yeah, they spooks should buy FB.

  7. Warm Braw Silver badge

    There is no legal way to appeal against an IPT ruling

    That pretty much rules out any claim it might have to being a judicial body.

  8. Doctor Syntax Silver badge

    Things come to a head when HMG tries to get an equivalency ruling from the EU for data exchange post-Brexit. They're going to have to take steps to show that they've cleaned things up and they don't have much time to do it. More critically, they don't have much time to realise they have to do it. Even if they did the EU would be well advised to demand inspection rights by their own staff. That'd go down well with the Brexiteers. Not that any of those noise-makers would have anything to lose by the UK not having a Privacy Figleaf of its own; any of them with business interests likely to be affected will have moved them out of the UK by then.

  9. Wolfclaw Silver badge

    I bet if I mentioned a certain agency and a trigger words that go boom, I would soon be target no. 1 regardless that I have not commited or plan to commit any crimes, just a algorithm for a computer to analyse !

    1. steelpillow Silver badge
      Trollface

      I bet...

      "I bet if I mentioned a certain agency and a trigger words that go boom, I would soon be target no. 1"

      Any real terrorist uses codewords. I bet the spooks long ago followed Google's ancient dumping of HTML keywords as worthless, and would not give a flying f*ck for your keywords neither. </wanders off muttering about script kiddies>

  10. Thoguht Silver badge

    Be you ever so high, the Law is above you.

    Rev. Preb. Thomas Fuller, 1608 - 1661

  11. Jason Bloomberg Silver badge
    Angel

    They're okay by me

    Can I just remind GCHQ and friends that the people you need to be watching are above and below and elsewhere. No need to waste your time spying on me. Thank you. You're doing a great job.

  12. RobertLongshaft

    Freedom is slavery, ignorance is strength. This is 1984 just as Orwell predicted it.

    1. pɹɐʍoɔ snoɯʎuouɐ
      Big Brother

      This is 1984 just as Orwell predicted it.

      Orwell wrote 1984 as a warning.... its just a shame that the governments of the world use it as a guide book...

      1. Roj Blake Silver badge

        At times it feels at least as Kafkaesque as Orwellian.

  13. Teiwaz Silver badge

    that legal oversight of GCHQ's bulk spying regime was fit for purpose. It also failed to have the agencies' dragnet surveillance practices declared incompatible with Article 8 of the EU Convention on Human Rights, which is a privacy right.

    Not for much longer, which if you ponder it for a moment it becomes clear what this whole Brexit drive is really about.

    The inevitable slide toward Airstrip One - some cabal are really taking 1984 as a manual - the interest in another runway at Heathrow may only be a sign that some of them never actually bothered to read the book, but a hoping they got the right idea...

  14. fidodogbreath Silver badge

    Protection racket

    Who protects us from our self-described "protectors?" Apparently, no one.

    1. Marketing Hack Silver badge

      Re: Protection racket

      "That's some nice data you got there. It would be a shame if something were to happen to it. A man ought to take care of his data."

    2. Jellied Eel Silver badge

      Re: Protection racket

      Well, there's the IPT. Then I guess Jeremy Hunt, and finally one could try petitioning the Crown.

    3. JohnG Silver badge

      Re: Protection racket

      "Who protects us from our self-described "protectors?" Apparently, no one."

      This is a very old problem - Quis custodiet ipsos custodes?

  15. cantankerous swineherd Silver badge

    govt to plebs: laws are for the little people.

    1. Anonymous Coward
      Anonymous Coward

      Unless the plebs decide to follow the example of their overlords.

      And there lies anarchy.

      But hey, do the overlords give a flying xxxx?

      :(

      1. Anonymous Coward
        Anonymous Coward

        Re: there lies anarchy

        So, who remembers what brought a swift end to the Poll Tax a few years ago?

        And who remembers what brought an end to routine use of animals in unnecessary and inappropriate testing of drugs, cosmetics, etc?

        Plenty of other examples, if you go back far enough.

        It frequently wasn't democracy that got the required action, it was direct action. November 5th seems such a long way away. So does democracy :(

        "do the overlords give a flying xxxx"

        They might. Hopefully we'll know the answer soon enough.

        echelon_tags: green bush in red pot

        1. werdsmith Silver badge

          Re: there lies anarchy

          So, who remembers what brought a swift end to the Poll Tax a few years ago?

          Poll tax got reworked and dressed up differently to become community charge but it amounts to the same thing.

          And who remembers what brought an end to routine use of animals in unnecessary and inappropriate testing of drugs, cosmetics, etc?

          I'll just correct the wording:

          And who remembers what brought an end to pushed overseas to less regulated territories routine use of animals in unnecessary and inappropriate testing of drugs, cosmetics, etc?

          1. strum Silver badge

            Re: there lies anarchy

            > it amounts to the same thing

            Twaddle. Poll Tax targeted the person. Community Charge targets the dwelling.

            >I'll just correct the wording:

            So that it becomes another lie. There has been a drastic reduction in unnecessary animal testing, worldwide.

  16. Anonymous Coward
    Anonymous Coward

    You see the problem here

    Retroactively deciding that though something was blatantly illegal, because Government its fine.

    This is like retroactively deciding that the car driving past "might" have pr0ndrugb0mbz in it, stopping the car then "accidentally" slip a baggie or 2 into the glove compartment while breath testing/etc the driver, thus justifying further action and often a confession or 3.

    Same with evil-maid attacks, once you lose positive control of the laptop etc all bets are off because you can never be sure what is added before the "real" cops get their hands on it.

    I've heard of operatives having a dozen or more drives with preloaded patched image(s) for the most common machines then deleting the ones that aren't needed once the drive is swapped, cloning data using low level tool that copies at >USB3 speed using the optical drive/HDMI and no-one is ever the wiser because they have an "agreement" with M$ not to deactivate the OS for a set time even if the keys no longer match up.

    The original drive is then bagged and scanned properly, most likely having first cross imaged the firmware during swap with a manufacturer's disk so the serial numbers match.

    Phones are even worse as the vast majority of them have more bugs than a kerbside sofa and can be imaged inside of two minutes. Yes even iOS.

    Probably going to get Deep Sixed for this but people need to know what they are up against.

    1. Prst. V.Jeltz Silver badge
      Big Brother

      Re: You see the problem here

      I'm sorry what now? they carry around drives with "images" on and swap them out so they can take the original home? That seems a ridiculously convoluted and and borderline impossible way of stealing data.

      I lost you (more) on the later paragraphs , but sounds like you've been watching too many "Bourne" movies.

      1. Anonymous Coward
        Anonymous Coward

        Re: You see the problem here

        "sounds like you've been watching too many "Bourne" movies."

        I think the "government within a government" stuff in the Bourne stories in large part now seem more plausible than they did a few years ago, certainly more plausible than the techno-babble about "drive imaging using HDMI" or whatever other technobabble was being suggested in the earlier post.

        1. Anonymous Coward
          Anonymous Coward

          Re: You see the problem here

          Well the modern machines are a nightmare to take apart: some sort of high speed imaging system would be a logical step where speed is of the essence.

          Using HDMI would have the advantage that it is a one way high speed bus essentially.

          Also using all the USB ports at the same time is an interesting method as only active data needs to be copied, which is normally a lot less intensive than a byte level copy eg clone.

          Verification that the data is in the same physical location on the recipient drive is all that is required, depending on exactly what level the data is (eg about an imminent attack) so getting *any* copy is the aim, decisions get made which method is to be used depending on the skill level of the target.

          Evidentiary due process can be carried out on the removed drive when it is seized later and proof that files have been intentionally overwritten or keys deleted will then be enough to ensure a conviction.

          I actually did my own experiments along these lines and found that many drives have undocumented manufacturer only modes that aren't normally accessible over conventional SATA/2/3 bus.

          Its possible that if fragmentation is low 200+GB can be copied in a matter of minutes, a barely noticeable delay eg at baggage handling.

          1. Anonymous Coward
            Anonymous Coward

            Re: (oh no, more technobabble)

            A word in your ear guvnor: when you're in a hole, and getting dangerously deeper, stop digging.

            I hope you're not a police "forensic analyst" or "expert witness" (as advertised so effectively on Radio 4 a few weeks ago, e.g. https://www.bbc.co.uk/programmes/b0b5t824).

  17. Anonymous Coward
    Anonymous Coward

    Government by the people, for the people.

    Oh, and the UK is just resuming its rendition program to get people it doesn't like executed.

    Britain - a nation of laws.

    Don't make me laugh.

  18. Anonymous Coward
    Anonymous Coward

    Re. habeas corpse

    Is democracy now officially dead in the UK?

    Next step: Assange goes to US, Extreme Rendition Edition.

  19. DeKrow
    Pirate

    The example that the Government sets...

    Is the standard to which the people should aspire.

    How many ways to get what you want

    I use the best

    I use the rest.

    I use the enemy

    I use anarchy.

    'Cause I wanna be Anarchy.

    Is this the M.P.L.A. or

    Is this the U.D.A. or

    Is this the I.R.A.?

    I thought it was the U.K.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019