By now, most people in the "free" European democracies and in the US have accepted that we now live in a de facto surveillance state, as government agencies like the NSA (in the US) and MI5 and GCHQ (in the UK) hoover up reams of personal data - everything from our log logs, texts and browser history - and dump it in a giant database.
This week, a civil rights group is making the latest effort to try and hold this vast and unchecked government bureaucracy accountable by challenging MI5, the British domestic intelligence service, in the country's high court, accusing it of violating data collection and storage privileges by storing private citizens’ information in bulk without proper protections.
The suit, brought by the human rights organization Liberty, alleges that MI5 has no control of its storage of vast volumes of people’s calls, messages, web browsing history, as well as other personal data that the agency has managed to obtain on the basis of surveillance warrants, which were often issued under false pretext, according to RT.
Furthermore, MI5 routinely violates privileges obtained by the Investigatory Powers Act (IPA), which allows the security services to hack individuals computers and phones under the pretext of national security. And though the suit alleges that the agency has been aware of the breaches, it has purportedly done nothing to address them.
Liberty claims that the MI5 persistently violates privileges obtained by the Investigatory Powers Act (IPA), which allows the security services to hack individuals' computers and phones in the name of national security. The agency’s failures have been identified by the head of the Investigatory Powers Commissioner’s Office (IPCO), Sir Adrian Fulford, who is tasked with safeguarding the storage and timely deletion of bulk data. A series of 10 documents and letters from MI5 and IPCO have been shared with the court in support of the claims.
The spy agency has been aware of breaches of compliance with the IPA for at least three years but has “kept the failings secret,” according to the evidence presented. The MI5 handling of people’s data was found to be “undoubtedly unlawful”by Fulford, who accused the intelligence service of “historical lack of compliance” with IPA safeguards.
When applying for warrants to search people's data, the MI5 lied and assured the British government that the proper precautions would be taken to safely store said data, when the agency knew this wasn't the case.
"MI5 have been holding on to people's data - ordinary people's data, your data, my data - illegally for many years," Megan Goulding, a lawyer for Liberty, said. "Not only that, they've been trying to keep their really serious errors secret - secret from the security services watchdog, who's supposed to know about them, secret from the Home Office, secret from the prime minister and secret from the public."
To be clear: The issue here isn't the collection of the data - that's all legal - it's the way the data are stored that creates problems for the company.
"The storage of the data exceeded the time it was allowed to be stored, which means that the whole exercise can be rendered unlawful," Yair Cohen, a social media lawyer and the author of the book ‘The Net is Closing: Birth of the e-police.'
Specifically, the agency's unwillingness to erase the bulk data once it is no longer needed could "endanger people whose data MI5 possessed," Cohen claimed, adding that hundreds of people without authorized access to the data might easily be able to view it.
"This type of data has been kept in an insecure manner. It means that it was perhaps open for hundreds of people to view it...maybe there would have been leaks of the data to all sort of organizations that shouldn't really be accessing the data for national security reasons,” Cohen explained.
It goes back to the old fear that somewhere, in a nondescript government office bloc, a young MI5 analyst is gawking at your girlfriend's nudes.