Glyn Moody reports:
The Investigatory Powers Tribunal (IPT), the body that hears complaints about the UK’s intelligence services, has ruled that it is legal for GCHQ to hack into systems, both in the UK and abroad, and to install spyware on them.
However, following the legal action by Privacy International and a group of seven ISPs, GCHQ for the first time has admitted that it “undertakes both ‘persistent’ and ‘non-persistent’ CNE [Computer Network Exploitation—hacking] operations, namely both where an ‘implant’ expires at the end of a user’s internet session and where it ‘resides’ on a computer for an extended period.”
Read more on Ars Technica. See also The Guardian‘s coverage of the ruling.