The British government is under fire for what critics are calling an “undemocratic” change to legislation that appears to have granted the Government Communications Headquarters (GCHQ) – a state-run intelligence and security organization – the power to hack into computers and mobile devices in the UK indiscriminately.
Privacy advocates and digital campaigners had lodged an appeal earlier to the Investigatory Powers Tribunal, complaining that GCHQ was conducting illegal hacks on British Internet users’ computers and smart devices.
The privacy activists, fronted by a pressure group called Privacy International, is claiming that the government then ushered through legislation in March this year that amended British anti-hacking laws, thus exempting the GCHQ from prosecution – just weeks after the legal charges had been lodged.
Activists have pointed out that the Computer Misuse Act, originally passed in 1990, was amended as part of an unpublicized clause passed through Parliament in an unrelated bill, the Serious Crime Bill, only a matter of days after legal action was launched.
Eric King, the Deputy Director of Privacy International, announced, “The underhand and undemocratic manner in which the Government is seeking to make lawful GCHQ's hacking operations is disgraceful. Hacking is one of the most intrusive surveillance capabilities available to any intelligence agency, and its use and safeguards surrounding it should be the subject of proper debate.”
King added, “Instead, the government is continuing to neither confirm nor deny the existence of a capability it is clear they have, while changing the law under the radar, without proper parliamentary debate.”
Critics also pointed out that neither regulators nor the Information Commissioner's Office were informed about the proposed legislative changes and slammed the lack of public debate in the government’s decision.
The outcry comes in the wake of revelations made by American intelligence whistle-blower Edward Snowden that both GCHQ and the United States’ National Security Agency (NSA) are currently able to launch malware applications onto millions of computers and smart devices, allowing them to gather digital data, remotely operate microphones and cameras on users’ devices, tap and record voice calls, intercept messages and track users’ locations.
However, it seems that not all digital experts are taking exception to the new ruling. A senior director from digital security analysis firm SensePost told the media, “The law actually prevents law enforcement and agencies from investigating. They are being handcuffed from doing that.”
Further amendments have also been made to British cyber security law, it has been revealed, with the penalty for illegal hacking extended up to a possible life sentence. The changes passed into British law on May 3.
By Timothy Daniel