Latest posts by Alvin Bryan (see all)
- Millionaire Tyupkin Malware ATM Hackers May Come to US, India After Hitting Europe - October 23, 2014
- BitLicense Will Allow Bitcoin Spying in New York - October 22, 2014
- Australians are Fighting Data Retention Laws - October 22, 2014
has filed a case against the top British intelligence group because the GCHQ hacked telecoms. Six Internet service providers joined the suit, which is an uncommon move. The legal action targets the agency for its illegal hacking of computers belonging to the ISPs. It aims to stop the GCHQ from continuing to hack system administrators so they can perform mass spy activities on ISP networks.
GCHQ Hacked Telecoms, PI Takes Action
The lawsuit was filed by UK non-profit organization Privacy International in the Investigatory Powers Tribunal of the UK. This agency handles complaints against government entities. The case against the GCHQ began after reports surfaced that the agency had gained illegal entry into the network of Belgacom. Belgacom is a private Belgian telecom. The GCHQ hacked telecoms like Belgacom to gain control of company routers so they could conduct surveillance on smartphone sunscribers. The case rests on a violation of the European Convention on Human Rights and the 1990 Computer Misuse Act. It also names the Secretary of State for Foreign and Commonwealth Affairs as liable for committed violations.
Supporting evidence that GCHQ hacked telecoms illegally include statements that the GCHQ targeted Belgacom employees. These employees were not terrorist threats and indeed were not any kind of threat to national security. They were simply in positions within the private telecom that would allow the GCHQ unfettered access. The complaint also mentions the involvement of the NSA in targeting Belgacom Internet exchange points. The Internet exchange points of German providers Cetel, IABG and Stellar were targeted as well. These intrusions are against international laws.
Others who joined the legal action against the GCHQ are Germany non-profit Chaos Computer Club, UK company GeenNet, Netherlands company Greenhost, South Korean company Jinbonet, US companies Riseup and May First (People Link), and Zimbabwe company Mango Email Service. These companies have no evidence that the NSA or GCHQ hacked telecoms through targting their employees or their networks. But they are filing to prevent intrusive mass surveillance from affecting them and others in the future.
Privacy International Statement
Privacy International Deputy Director Eric King commented that the actions of the GCHQ and the NSA jeopardize the Internet. He calls the Internet a tool for free expression and democracy. The spy agency attacks furthermore destroy the trust that people have put in the Internet, the Internet economy, and Internet service providers worldwide. Their behavior is a threat to the rights of Internet users everywhere.
The group points out that hacking a private company system involves making changes to that system without express permission from the owners. This creates holes in company security that can be abused by other attackers as well. This violates the 1990 Computer Misuse Act. The group explains that the European Convention on Human Rights is also violated because of the intrusions into company systems through employees. At the very least, it violates the privacy of those employees who were targeted, and that of all the IPS subscribers they conducted mass surveillance on.
The GCHQ has known for years that their spy activities are unlawful, according to documents shared by Snowden. Yet they continued to spy on these ISPs. Under the European Convention on Human Rights, mass surveillance alone is already a threat to individuals’ privacy and freedom of expression and communication, which are protected by British law. This is the first time that private ISPs have joined to fight against mass surveillance. The farthest they have come in the past is to make public statements against the practice and demanding the right to tell their customers about government surveillance activities.