Privacy International writes:
The Government has quietly ushered through legislation amending the anti-hacking laws to exempt GCHQ from prosecution. Privacy International and other parties were notified of this just hours prior to a hearing of their claim against GCHQ’s illegal hacking operations in the Investigatory Powers Tribunal.
In its legal filings, sent to Privacy International only the day before the hearing began, the Government notified claimants that the Computer Misuse Act was rewritten on 3 March 2015 to exempt the intelligence services from provisions making hacking illegal.
Beginning in May 2014, Privacy International, along with seven internet and communications service providers, filed complaints with the IPT challenging GCHQ’s hacking activities. The claimants asserted that GCHQ’s actions were both unlawful under the Computer Misuse Act (CMA), which criminalises hacking, and that there was not sufficiently detailed legal authority to make GCHQ’s hacking “in accordance with law”, as any violation of privacy is required to be by Article 8 of the European Convention on Human Rights.
Yesterday, the parties were notified that, only a few weeks after the claim was filed, the Government quietly introduced legislation on 6 June 2014 that would amend the CMA to provide a new exception for law enforcement and GCHQ to hack without criminal liability. The change not only affects Privacy International’s claim, but also grants UK law enforcement new leeway to potentially conduct cyber attacks within the UK.
Read more on Privacy International.