The Legality of Mass Surveillance Operations

by | Feb 7, 2015

author profile picture


Andrew Wheelhouse “The Legality of Mass Surveillance Operations” (OxHRH Blog, 7 February 2015) <> [Date of Access].|Andrew Wheelhouse “The Legality of Mass Surveillance Operations” (OxHRH Blog, 7 February 2015) <> [Date of Access].|Andrew Wheelhouse “The Legality of Mass Surveillance Operations” (OxHRH Blog, 7 February 2015) <> [Date of Access].

A court which isn’t a court in name rules on the legality of a government mass surveillance program that may or may not exist. That about sums up the Kafkaesque world inhabited by the UK’s Investigatory Powers Tribunal in Liberty v GCHQ [2014] UKIPTrib 13_77-H.

This claim arose out of the revelations by former National Security Agency (NSA) contractor Edward Snowden and fell into two parts. First, that GCHQ (The UK’s signals intelligence agency) had unlawfully been supplied information obtained through the NSA’s ‘Prism’ program. Second, that GCHQ had been running its own unlawful mass surveillance program, named ‘Tempora’. A variety of civil liberty NGOs alleged that these activities breached the right to privacy under Article 8 of the European Convention on Human Rights (ECHR) and collaterally breached the right to freedom of expression under Article 10 (through the ‘chilling effect’ on organisations that believe their communications are possibly being monitored).

The British government will neither confirm nor deny the existence of Tempora. The hearing therefore proceeded, somewhat bizarrely, on the basis of ‘alleged factual premises’ for five days, with a one day closed hearing from which the claimants were excluded so that the Tribunal could consider material deemed too sensitive to be heard in public.

Surveillance and communications interception in the UK is governed by the Regulation of Investigatory Powers Act (RIPA) 2000. Under s.8(4) RIPA an interception warrant issued by a Minister is required for public authorities to carry out surveillance. Information passed to GCHQ by the NSA is governed by a hodgepodge of other statutory provisions.

The Tribunal considered that compliance with the ECHR essentially boiled down to two questions:

  • Are there publically known rules for the interception of communications whose content is sufficiently indicated?
  • Are these rules subject to proper oversight?

On the first point they were satisfied that the (classified) arrangements for implementing the statutory framework sufficiently restricted the potential for abuse of the surveillance system. Although these arrangements were not themselves known, this defect was remedied by the statutory bodies that oversee the system, namely the Intelligence and Security Committee of Parliament and the Interception of Communications Commissioner. Their reports are available to the public and indicate enough about the rules governing interception to ensure the programme’s lawfulness.

On the second point, these bodies, combined with the IPT, provide sufficient oversight of the programme to ensure its legality. Accordingly, GCHQ had, in principle, acted lawfully (or would be, hypothetically).

Prism and Tempora take us to the bleeding edge of intelligence gathering in the information age and it is highly debatable whether Article 8 permits the gathering of ‘Big Data’ for storage in vast databases. This will no doubt be tested in the separate challenge to Tempora currently before the ECtHR in Strasbourg.

Especially troubling is the use of closed hearings resulting in judgments that do not tell the whole story. British judges may well rigorously scrutinise the work of the security services, who may well be entirely candid in the evidence they present behind closed doors. We have no idea. But we note the recent abuse of RIPA by police to hack the phone records of journalists and the tendency of those tasked with scrutinising the security services to suddenly change their tune when presented with classified information.

The latter point helps explain the muted public reaction to Tempora. Who cares about GCHQ collecting your Whatsapp messages that they will probably never read when national security is at stake? The public is alarmed by the prospect of ‘lone wolf’ terrorist attacks on British soil, particularly if and when disaffected Britons currently fighting for IS return. Bluntly speaking news of Charlie Hebdo brought crowds out onto the streets. News of Tempora did not.

Secret judicial processes and mass surveillance are an affront to the idea of open justice in a free society. They are also an indictment of a society that has been unable to culturally confront home-grown Islamic extremism, leaving a vacuum filled by the authoritarian application of state power. In the aftermath of Charlie Hebdo this is changing. In the meantime, we will be forced to endure laws that undermine the very values we claim to fight for.

Editor’s Note: On Friday 6th February 2015 the IPT issued a second ruling on the legality of GCHQ’s practices in cases where intelligence was requested outside of the s.8(4) RIPA scheme. The issue is outlined briefly by the author in the comments section below and will be discussed soon in another Oxford Human Rights Hub blog post.

Share this:

Related Content

1 Comment

  1. Andrew Wheelhouse

    The essence of the second IPT mentioned in the postscript is this. There was one caveat to the finding of the IPT that the mass surveillance system was ECHR compliant. The security services mentioned that they may make requests for intelligence from the NSA that are not covered by a s.8(4) warrant, but that they reckoned such a request was lawful because it would not be a request that contravened s.8(4) or frustrated its purpose (contrary to the Padfield principle in public law) because there would be good reasons why obtaining a s.8(4) warrant was not feasible and in any case the Minister would have to consider the request personally.

    This information was disclosed in the closed part of the hearing and the Tribunal ruled in the December judgment that the information could be disclosed and that they wanted further submissions on the matter before they ruled on its ECHR compatibility.

    The most recent judgment is in light of those submissions. It concludes that there is nothing wrong with the system outlined above per se. But that in terms of making public the rules governing interception in the security services (per bullet point 1) the disclosure was essential for ensuring ECHR compliance.

    Therefore (bizarrely) before this disclosure the system breached the convention, but the fact of disclosure in and of itself cured the breach.

Submit a Comment