
UK mass digital surveillance regime ruled unlawful - robin_reala
https://www.theguardian.com/uk-news/2018/jan/30/uk-mass-digital-surveillance-regime-ruled-unlawful-appeal-ruling-snoopers-charter
======
turc1656
_" Yet again a UK court has ruled the government’s extreme mass surveillance
regime unlawful. This judgement tells ministers in crystal clear terms that
they are breaching the public’s human rights."_

So the question then remains...where are the handcuffs?! I ask this question
constantly when it comes to government wrongdoing and there is almost never
anyone charged with anything. If the government has been acting in a manner
that has been found in a court of law to violate human rights, then multiple
people should be going to jail.

Before you drop the "well now we know for sure - we shouldn't be punitive and
punish people who thought they were doing their job properly" crap, think
about this. Whenever the government applies a law in a new and untested way
against a civilian the case is watched very closely and if that civilian is
found guilty they never get the benefit of the "well it's been settled and now
we know" argument and get let off lightly. So I argue the same should apply
here. The government has grossly violated the rights of citizens on a mass
scale and everyone at the top of the food chain involved in these programs
should be rotting in a jail cell.

~~~
lucozade
> Yet again a UK court has ruled the government’s extreme mass surveillance
> regime unlawful

Except that's not what happened. Not legally anyway. What happened is that the
Court of Appeal ruled that a Parliamentary Act did not contain sufficient
safeguards to be compliant with the Human Rights Act.

So there's, at least, 2 problems you've got. One is that it's not,
technically, government legislation. It's the Crown's legislation as enacted
by Parliament. Secondly, and slightly less importantly, the Court of Appeal
isn't the final arbiter here. One can either argue that it's the European
Court of Justice or, and this is where it gets fun, Parliament.

Now, you can of course make a case for banging the Queen away. It's not like
that hasn't been tried in the past with some of her predecessors. Or you could
make a cases for locking up some or all of both Houses of Parliament. Or they
could enact an amendment to correct the problem.

Of course, if it turns out that anyone was actually affected by the
legislation as it stands then that should be dealt with as a matter of
urgency. While the internet happily chunters on.

~~~
mtgx
The ECJ has ruled less awful laws than this to be invalid under the
fundamental charter of rights. I wouldn't be worried about them. It's the UK
courts you have to worry about when deciding such cases, especially when the
UK doesn't even have a constitution and they kind of play it by ear.

~~~
lucozade
Not sure a constitution necessarily helps. In this case, the Human Rights
legislation is acting like a constitution in the sense that it's a benchmark
that laws are being held to.

A constitution can sometimes be a fairly negative thing. You regularly see US
decisions being made against the Constitution where it blatantly isn't
applicable. You rarely (ever?) see SCOTUS saying that the Constitution doesn't
apply so it needs to go back to Congress for a more applicable law. In other
words a Constitution starts to resemble a religious document that has the
answer to every conceivable problem if only a priest can interpret it.

~~~
jkaplowitz
What would it mean for the US Constitution not to apply to a law within the
US?

For a federal law, either it's within Congress's specifically enumerated and
limited powers (as interpreted by SCOTUS) and therefore valid, or else the law
is invalid.

For a state law, the US Supreme Court will only base their ruling on the US
Constitution if anything legally binding at the federal level (including but
not limited to the Constitution) forbids or allows that state law.

Otherwise, SCOTUS and every other court will defer on state law to the state
Constitution as interpreted by state courts, but from a federal constitutional
perspective, states can pass whatever laws aren't federally forbidden.

~~~
lucozade
As an obvious example, the 5th Amendment blatantly didn't have anything to do
with passwords. The whole idea is a bit silly. The sensible thing to do would
be to say that the Constitution has nothing much to say on many issues
relating to modern technology and deal with it accordingly.

Same goes with guns. If you want everyone to be armed then fine. That's your
prerogative. But the Constitution clearly didn't mean for everyone and their
mom to be tooled up with semi-automatic weaponry. I mean, just how legal are
militias in the US? Because they're the reason you should be carrying.

It was clearly a document of its time. And one of international importance.
But the religious zeal to which it is adhered to is highly questionable.

Now, it's not like we're perfect in the UK or anything. But if someone tried
to justify something to do with smartphones or terrorism by referencing Magna
Carta or the Bill of Rights, we'd probably take a step back and give them a
napkin for the mouth frothing.

------
Quarrelsome
Biggest problem IMO with this is that they left the data collection and
storage to each ISP individually without any support. This results in a large
surface area for security failure and the inevitable leak of this data into
the public domain. I wrote my MP with these concerns but they wanted it on the
cheap and forced it through.

I don't like that they're storing the data in general as even if they
centralised it and secured it properly it'd still probably leak but they've
more or less chosen the worst approach on top of recording information that
they shouldn't be recording in the first place. Also its linked to billing
account which is a lossy way to deriving who is actually looking at what and
begs the question: "do you actually know what websites your children are
visiting?". Because now those sites come up as places YOU (the bill payer) are
going to. I'm looking forward to the "scandal" when MPs are "found" to
visiting dubious sites when its really someone else in their household.

and everyone going anywhere vaguely dark with half-decent tech knowledge just
switches to VPN undermining the whole premise. My MP was _very_ interested in
that bit without realising that even if you close that loop hole we just
invent another.

~~~
nickjackson
Yep. TalkTalk can't even keep their customers key details secure, and now they
are expected to keep browser history as well? It's a joke.

[http://www.independent.co.uk/news/business/news/talktalk-
fin...](http://www.independent.co.uk/news/business/news/talktalk-fine-data-
breach-theft-customers-information-stolen-record-penalty-a7346316.html)

------
benevol
What we have learned thanks to Snowden is this:

You can never trust your government.

Mass surveillance was conducted illegally before and continues to this day.
Does anyone really think some "law" will change this?

~~~
gnocchi
Good point, but if we can't rely on the law to help us what will be left?

I wonder if one can make a request for information (Freedom of Information
Act) about data personally held from the government?

~~~
krapp
> Good point, but if we can't rely on the law to help us what will be left?

The only options remaining, when you can't trust the laws or the systems that
create the laws, are attrition (pervasive encryption and decentralizing of
networks to deny governments access to information coupled with aggressive
leaking and whistleblowing to limit their effectiveness), violence (which
serves the interests of authoritarians and extremists) or acceptance of the
status quo.

------
mabbo
I know of very few British MPs, being a Canadian who watches occasionally
British panel shows, but I do hear about Tom Watson fairly frequently and
almost always for things I am in favor of. Now here he is championing the
fight against mass surveillance as well.

British folks: is this guy eventually going to replace Corbyn? He seems
likeable enough to. And he has a sense of humor- the first time I heard of him
was when he was doing comedy bits with Five Second Films[0].

[0][https://youtu.be/Z4oNjTuTz-8](https://youtu.be/Z4oNjTuTz-8)

~~~
matthewmacleod
Tom Watson has agreeable views in a number of areas, but he's unlikely to be a
candidate for the leadership any time soon. Quite aside from anything, Corbyn
is unfortunately unassailable at the moment.

~~~
mabbo
> Corbyn is unfortunately unassailable at the moment

But... Why? I don't have a horse in this race at all, but Corbyn just doesn't
seem to be able to win. He seems so uncharismatic. The last election wasn't so
much him gaining seats as it was May losing them.

With a minority government, May's days are numbered. It feels to me like the
time to replace Corbyn is now, before the next election.

~~~
guiriduro
> I don't have a horse in this race at all

Yeah right, you come only to bury caesar. I'll admit my bias, I'm a fan. And I
don't think you can write off Corbyn's coming from well behind, daily attacks
from all the centre and rightwing press as if he were the antichrist or some
antisemitic Stalinist, as well as attacks from the Blairite dead in his own
party, to beat all the critics and deprive "strong and stable" May of her
majority, leaving her weakly needing to bribe the Northern Irish in order to
stay in government. That's no small achievement given the hatchetjobs he's had
to overcome.

Labour under Corbyn look much more like a government than the Tories, frankly.

~~~
Silhouette
_Labour under Corbyn look much more like a government than the Tories,
frankly._

But again, how much of that is just because May has been such a disaster?

Corbyn's Labour might look like the government-in-waiting by default, but
that's partly because they've got very good at either not committing on
controversial subjects or having policies that have a very visible upside that
they've promoted while they gloss over serious downsides. None of that will be
sustainable if they actually form a government.

------
nkkollaw
What is the real reason behind surveillance?

The government(s)'s excuse is terrorism, but terrorism in Europe doesn't kill
a big enough amount of people to justify these drastic measures. I would argue
also that no one has proven that it's efficient at preventing terrorist
attacks.

There must be a reason, I don't get it. Is it just because governments can, so
they do it? It is to create the basis for some initiative that is planned for
the future when technology improves..?

~~~
Cthulhu_
> I would argue also that no one has proven that it's efficient at preventing
> terrorist attacks.

What if arrests in terrorist investigations are kept under wraps though? If
the public would hear of thwarted terrorist attacks on a regular basis, either
they'd feel more and more unsafe - that is, the terrorists win - or the
terrorists find out about other cells and find ways to circumvent detection.

~~~
ChrisSD
So arrests but no trials? Or are the trials secret too?

~~~
mseebach
Neither. Successful anti-terrorism is about nipping this stuff in the bud
before the potential perpetrators get close to having specific plans. You can
easily think of tactics that would disrupt recruiting, financing and supply
chains quietly, all the way down to simply having a "friendly" chat with
someone (and/or their mother).

The extend to which this happens and to what degree surveillance helps with
this is difficult to ascertain, of course.

~~~
naasking
Humint is always more effective than sigint at these efforts. Far too much
noise in the former case.

------
listentojohan
I'm not exactly convinced this will change anything. It's the same for
Denmark, and even though it was also ruled unlawful, it just continues. They
are even planning on expanding it, and sharing data across public inst.
without approval.

------
matt4077
The judges invoked EU privacy laws, so I guess this one of those cases of „the
yoke of Brüssel imperialism“ that the UK may soon(ish) be liberated from.

------
dm319
Can anyone point to countries which are not going down this same route? In my
head Europe is doing better with protecting privacy, but maybe that's just an
impression. Canada? Not Australia. Japan?

~~~
skrause
Here is a good overview:
[https://en.wikipedia.org/wiki/Internet_censorship_and_survei...](https://en.wikipedia.org/wiki/Internet_censorship_and_surveillance_by_country)

~~~
ninkendo
I took one look at that article and the fact that the U.S. is literally
painted the same color as China as having an equal amount of internet
censorship would be hilarious if it weren’t so egregiously misleading.

There’s internet censorship and there’s China. Nobody else is in the same
league.

The only explanation I can think of is if censorship and surveillance are just
being casually lumped together, but people understand that they’re not
synonyms, right? Right?

~~~
Sean1708
> The only explanation I can think of is if censorship and surveillance are
> just being casually lumped together

The chart is literally titled "Internet censorship and surveillance by country
(2014)" with categories that don't differentiate between censorship and
surveillance, so I'm relatively certain that the two have been lumped
together.

~~~
ninkendo
Sure, but that doesn’t imply that there’s an equivalency between the two, or
that the grading scale should be course-grained enough to show no difference
between the U.S. and China.

If I made an article called “human rights violations and numbers of reality tv
shows by country” and painted Saudi Arabia and Germany the same color, it
should rightly raise some eyebrows.

~~~
Sean1708
All I was saying was that you didn't need to speculate, not that it was the
right way to present the data.

------
mtgx
_> The court of appeal ruling on Tuesday said the powers in the Data Retention
and Investigatory Powers Act 2014, which paved the way for the snooper’s
charter legislation, did not restrict the accessing of confidential personal
phone and web browsing records to investigations of serious crime, and allowed
police and other public bodies to authorise their own access without adequate
oversight._

This was such a massive power grab by the authoritarians like Theresa May and
David Cameron and they were so transparent about it. Of course such powers
should never be allowed in any democrat. But they thought they'd get away with
it anyway, because "people don't care about privacy". But this is going to end
up badly for UK citizens if they're allowed to operate mass surveillance at a
policeman's or taxman's level.

------
tonylemesmer
The article makes it sound a little like rights are respected if the controls
are to be put in place. However, bulk collection is still going to carry on is
it not?

------
TorKlingberg
> The three judges said Dripa was “inconsistent with EU law” because of this
> lack of safeguards, including the absence of “prior review by a court or
> independent administrative authority”.

I imagine the government knows exactly how to take care of the pesky little
problem of EU law giving people rights.

------
evilmoo
Oh no, now the government won't have access to my browsing history _.

_ Apart from GCHQ as part of TEMPORA & NSA as part of UPSTREAM.

------
therealmarv
Brexit, problem solved, everything legal for the UK government.

------
tastythrowaway
Can we get some of this for the US? Asking for a friend.

------
ahamedirshad123
Aadhaar in India, hopefully!

~~~
goombastic
Aadhaar in India is far worse.

99% of the data has leaked multiple times already. It also seems to sport all
the classic signs of an amateur project. Post facto design changes,
unauthenticated mails, unprofessional mobile apps, leaky access to all of the
data irrespective of your need, terrible code (same hard coded passwords for
everyone), cludgy design increments making the problems worse while not
acknowledging existing issues, logical errors (like beign unable to reset
passwords if you have lost mobile device) and the deaths of people unable to
access hospitals and food in some areas, Police cases against people reporting
on vulnerabilities, ... ...

It's a kafkaesque nightmare and I am surprised no one mentions it on HN much.
Probably because it's a slow motion train wreck.

I am not sure how the Indian courts are even going to justify continuing with
the system anymore given the absolutely callous handling of the data thus far
by their Aadhaar agency.

In the end, India's aadhaar is actually not a government project, it is a
private project run by a bunch of companies run by some ex infosys top shots
who have time and again proven to only look after their own interests.

~~~
ahamedirshad123
Funny thing is NRIs, who don't have to enroll, are writing opinions to defend
this.

------
ben_w
Well that was predictable. Shame the government didn’t listen to people like
me who literally told them that while it was still a Bill not an Act.

