The British GCHQ has been accused of illegal Computer Network Exploitation activities by Privacy International and internet service providers.

The British intelligence is responsible of “persistent” illegal hacking of electronic devices and networks worldwide, the Investigatory Powers Tribunal (IPT) has been told.

The popular whistleblower Edward Snowden disclosed a collection of documents revealing the extent of surveillance programmes carried out by the Five Eyes alliance. Snowden revealed the existence of secret surveillance activities such as the Tempora operation and hacking platforms such as the Smurf suite.

GCHQ admitted for the first time that government monitoring station in Cheltenham carries out “persistent” and “non-persistent” Computer Network Exploitation (CNE) against targets in the UK and abroad.

In 2013, the tribunal was told, 20% of GCHQ’s intelligence reports contained information that was obtained through hacking operations.

The case has been brought in hearing at the IPT which deals with complaints against the surveillance operated by the UK intelligence. A four-day hearing is at the Rolls Building in central London.

“The [legal] regime governing CNE … remains disproportionate,” Ben Jaffey, counsel for Privacy International, told the tribunal. “Given the high potential level of intrusiveness, including over large numbers of innocent persons, there are inadequate safeguards and limitations.”

Jaffey highlighted that GCHQ’s hacking alter the targeted systems, an activity that is not considered legal by the authorities.

“What parliament did not authorise was CNE that impairs the operation of a computer …” he said.

“If state authorities are permitted to alter or impair the operation of a computer, the reliability and admissibility of such evidence will be called into question, as will the need to disclose a past CNE operation to the defence.”

The intelligence services are accused to have abused termed “thematic” warrants that don’t address specific individuals, but rely on generalised categories of people or places.

“Under section five of the Intelligence Services Act, he said, proper safeguards are being bypassed so that groups as widely defined, for example, as “all mobile telephones” in Birmingham could be targeted.” reported the Guardian.

On the other end the lawyers for GCHQ explained that Computer Network Exploitation activities carried on by the UK Agency are “proportionate”.

“Over the last year the threat to the UK from international terrorism has continued to increase,” James Eadie, QC for GCHQ, told the tribunal in written submissions.

“GCHQ and other intelligence agencies must develop innovative and agile technical capabilities to meet these serious national security challenges. Computer Network Exploitation is one such capability…”

“CNE may, in some cases, be the only way to acquire intelligence coverage of a terrorist suspect or serious criminal in a foreign country.”

Stay tuned!

Pierluigi Paganini

(Security Affairs – Surveillance, Computer Network Exploitation, CNE)