The law should be strengthened to protect private data about individuals' email communications, telephone messages and web searches from unjustified state surveillance, Britain’s most secretive court has heard.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Law enforcement agencies can indiscriminately trawl data on British citizens’ phone calls and emails – including email subject lines, where and when messages are sent and the contents of web searches – the Investigatory Powers Tribunal (IPT) heard.
This information, known as metadata, is more valuable to intelligence agencies than the actual contents of phone calls and emails, as it enables investigators to build up a profile of an individual – their interests, contacts and associates.
But the protection offered by the UK against indiscriminate surveillance may fall short of European case law, which sets a precedent for a higher degree of privacy for individuals and offers strong protection for the privacy of metadata, the tribunal heard.
Matthew Ryder QC, speaking for the human rights group Liberty, made the claims in the final day of a week-long hearing into complaints that GCHQ’s mass surveillance of internet communications violates human rights law.
What is metadata?
Metadata is generated when people make phone calls, send emails or use instant messaging and other forms of electronic communication.
It includes names and locations of senders and recipients of telephone calls and emails, as well subject lines of emails and web search terms.
He told the tribunal that legal safeguards prevent the security services from searching the content of phone calls, emails or instant messages for information that could identify a British citizen.
But there is no equivalent safeguard for metadata, which means that surveillance officers can trawl indiscriminately for information.
The case has been brought by leading human rights groups, including Liberty, Privacy International, Amnesty International, the American Civil Liberties Union and other overseas groups.
It follows revelations by Edward Snowden that the UK’s electronic intelligence agency, GCHQ, is monitoring internet communications on a huge scale by tapping into fibre optic cables.
Carly Nyst, legal director of Privacy International, said the IPT needs to recognise that metadata should receive at least as much legal protection as the content of messages and phone calls.
“It is critical that the court rejects the government’s argument that metadata is less valuable, and thus deserving of lower protection, than communications content,” she said, speaking after the hearing.
Intelligence officers confirm importance of metadata
Former officers of the US electronic intelligence agency, the NSA, including a former NSA director Bill Binney, speaking in an interview with Computer Weekly, have confirmed that metadata about emails and phone calls provides more valuable intelligence than the content of those calls and emails.
“Metadata tells you everything about somebody’s life. If you have enough metadata, you don’t really need content,” he said.
And general Michael Hayden, former director of first the NSA and then the CIA, told a university debate: “We kill people based on metadata.”
UK lagging in protection of metadata
Britain risks being put at odds with progress made by other countries if the IPT judges do not recognise the value of metadata, said Privacy International's Nyst.
More on legal aspects of surveillance
“Deciding otherwise will not only entrench fundamental violations of the right to privacy, it will place Britain as an outlier amongst the many other western democracies whose courts and parliaments are giving increasing recognition to the notion that communications content and data deserve equal processions."
Case law from the European Court of Human Rights has led to the development of a set of stringent guidelines, known as the Weber criteria, designed to prevent abuses of power during surveillance.
They include specifying which offence categories may give rise to an interception order, types of people liable to have their phones tapped, and for how long. They also require specifications for procedures used for storing, circulating and destroying data.
Privacy International argues that the UK’s own statute law falls short of these minimum safeguards.
Other countries also offer stronger protection to metadata than the EU, the pressure groups argue. In June, the Canadian Supreme Court, for example, ruled that internet users have a reasonable expectation of privacy and anonymity online.
GCHQ pressed for Tempora disclosure
The human rights groups bringing the case are pressing GCHQ to confirm the existence of its Tempora interception programme, which was revealed in the Snowden documents.
They also seek to establish whether or not GCHQ has access to intelligence collected by the US under its Prism social media collection and Upstream phone line tapping programmes.
Tempora’s compatibility with the rights to privacy and freedom of expression under the European Convention on Human Rights is key to the case.