Skip to navigation
Latest News

Revealed: British government's legal loophole to read your Facebook

GCHQ

By Jane McCallion

Posted on 17 Jun 2014 at 11:22

The government has revealed that it uses a legal loophole to justify the mass surveillance of British activity on services such as Twitter, Google, Facebook and YouTube.

The policy was made public in a witness statement from Charles Farr, the director general of the Office for Security and Counter Terrorism at the Home Office, delivered in response to a legal challenge brought by a group of civil liberties organisations.

According to the document, almost all internet activities carried out by British citizens can be monitored without a warrant, as they are classified as "external communications" as defined by the Regulation of Investigatory Powers Act (RIPA).

British citizens will be alarmed to see their government justifying industrial-scale intrusion into their communications

This covers "common factual scenarios involving the use of the internet, such as a Google search, a search of YouTube for a video, a 'tweet' on Twitter, or the posting of a message on Facebook," according to Farr.

This is because the intended recipient of the "message" is a server based outside the UK. However, it does not cover email messages sent between two or more British citizens, even if they use webmail services such as Gmail or Outlook.com, as the intended recipient is the other British citizen, making it an "internal" communication under RIPA.

Privacy International, one of the joint claimants in the case, said Farr's evidence "suggests that GCHQ believes it is entitled to indiscriminately intercept all communications in and out of the British Isles".

Privacy International said the government's statement suggests it not only thinks it is entitled to scan our messages, but in fact does intercept them. The evidence from Farr suggests that "GCHQ is intercepting all communications - emails, text messages, as well as communications sent via 'platforms' such as Facebook and Google – before determining whether they fall into the 'internal' or 'external' categories."

Accountable?

Eric King, the organisation's deputy director, said: "Intelligence agencies cannot be considered accountable to Parliament and to the public they serve when their actions are obfuscated through secret interpretations of Byzantine laws."

Michael Boschenek, senior director of international law and policy at Amnesty International, another of the co-claimants, added: "British citizens will be alarmed to see their government justifying industrial-scale intrusion into their communications. The public should demand an end to this wholesale violation of their right to privacy."

The revelations come as Microsoft, supported by other tech firms, is battling to stop the US government from extracting emails from its Dublin data centre, claiming "the US government ... [shouldn't] have the power to search the content of email stored overseas" if it does not have the power to search properties overseas.

Subscribe to PC Pro magazine. We'll give you 3 issues for £1 plus a free gift - click here
User comments

Inconsistent

Massive lack of consistency there.

'[Social Network messages can be read] because the intended recipient of the "message" is a server based outside the UK. However, it does not cover email messages sent between two or more British citizens, even if they use webmail services such as Gmail or Outlook.com, as the intended recipient is the other British citizen, making it an "internal" communication under RIPA.'

Yes, when I post on Facebook and Twitter, the 'intended recipient' is that server outside the UK. Not all my British friends, on Facebook.

Since Snowden has there been much progress with the government re-evaluating GCHQ's data snooping?

By AntAntAnt on 17 Jun 2014

Re: inconsistent

@AntAntAnt

I think maybe it's an oversimplification of the issue on their part, tbh. A search query is definitely between an individual and the search engine's servers.

A tweet, meanwhile, is basically a public broadcast. FB is somewhere in the middle, depending on your privacy settings.

So in the second scenario, I'm not really sure how much internal/external comes into it.

By Jane_McCallion on 17 Jun 2014

The real story...

...is that Dublin, which is the European headquarters many of these US tech corporations (Apple, Google, Facebook, Microsoft, Adobe), is being used to bypass the data protection and privacy laws of both Ireland and EU for ALL EU citizens. This is being done with the knowledge and complicity of the Irish Data Commissioner, Bill Hawkes, who has consistently failed to do his job since taking office in 2007.

By twatkiller on 19 Jun 2014

and.... it's your cloud data too.

Where does NSA/GCHQ accessing all your cloud transactions (and cloud backups of course) leave your security eh??

By geomath on 20 Jun 2014

Leave a comment

You need to Login or Register to comment.

(optional)

advertisement

Most Commented News Stories
Latest Blog Posts Subscribe to our RSS Feeds
Latest ReviewsSubscribe to our RSS Feeds
Latest Real World Computing

advertisement

Sponsored Links
 
SEARCH
Loading
WEB ID
SIGN UP

Your email:

Your password:

remember me

advertisement


Hitwise Top 10 Website 2010
 
 

PCPro-Computing in the Real World Printed from www.pcpro.co.uk

Register to receive our regular email newsletter at http://www.pcpro.co.uk/registration.

The newsletter contains links to our latest PC news, product reviews, features and how-to guides, plus special offers and competitions.