1 Comment

Summary:

Small, activist-friendly providers from around the world have joined Privacy International in suing GCHQ over its malware-aided surveillance of telecommunications networks.

GCHQ "doughnut" building in Cheltenham, UK
photo: GCHQ

The British civil rights group Privacy International has filed yet another lawsuit over GCHQ’s surveillance programs, this time alongside a bunch of small, activist-friendly internet service and communications providers from around the world.

Privacy International (PI) has already sued the British government over its Tempora program, which involves the tapping of major internet cables around the world, as well as its use of data from the NSA’s PRISM program. It also helped a Pakistani human rights group called Bytes4All join that suit, which has at least forced U.K. spy chiefs to reveal some of their legal reasoning. PI has also taken its case to the Organization for Economic Cooperation and Development (OECD).

The new suit was filed on Wednesday alongside the U.S. communications providers Riseup and May First/People Link, the U.K.’s GreenNet, the Dutch Greenhost, Zimbabwe’s Mango, South Korea’s Jinbonet, and Germany’s Chaos Computer Club (whose spokeswoman Constanze Kurz is also involved in a separate surveillance case that’s currently with the European Court of Human Rights). All the providers cater to activists and organizers, who may be prime targets for surveillance.

According to the suit, the communications providers feel that GCHQ’s tapping constitutes attacks that damage trust in security and privacy, on which these providers rely. They also want to protect their users.

The plaintiffs are using Edward Snowden’s revelations as their evidence, particularly those regarding the TURBINE tool for mass malware infections, GCHQ’s malware-enabled hacking of Belgacom’s administrators (and thus the network), and other efforts to tap into internet exchange points.

According to the suit, the claimants can take their case to the Investigatory Powers Tribunal (IPT) even though they were not named in the Snowden documents, because they are likely targets. This is similar to the argument used by Bytes4All when it joined PI’s legal assault on GCHQ.

As GreenNet’s Cedric Knight put it in a statement:

“Our long established network of NGOs and charities, or simply individuals who value our independent and ethical standpoint, rely on us for a level of integrity they can’t get from mainstream ISPs. Our entire modus operandi is threatened by this illegal and intrusive mass surveillance.”

You’re subscribed! If you like, you can update your settings

Comment

Community guidelines
Thursday, August 28, 2014
Avatar you are commenting using your account. Sign out / Change

Comment using:

Or comment as a guest

Be sure to review our Community Guidelines. By continuing you are agreeing to our Terms of Service and Privacy Policy.

1 Comment

  1. Rufo Guerreschi Wednesday, July 2, 2014

    If you read it carefully, the suing doc imply that attacks are (at least partly) successful. Successful for Turbine may mean all your client have been trusting a broken promise! That is huge disaster!
    Therefore we should get into hardware-level security, including manufacturing oversight. Which as a community or small mixed joint venture we can do with few tens of millions only if we aim for extreme minimization of all sw and hw involved…