An independent review of the UK's mass surveillance system might not make online libertarians happy, but lands somewhere in the middle by criticising the broad, unregulated nature of the GCHQ's surveillance. It comes at a good time, too -- close to when new legislation will potentially expand surveillance powers.
The review, conducted by QC David Anderson, supports the practice of mass surveillance -- provided there are sufficient checks to the system in place, and they are sufficiently transparent. While this isn't the win that internet security advocates would be hoping for, it still brands the current system as one of reckless overreach.
Crucial to the recommendation is that every interception should require a warrant, authorised by a newly created government body. The report also specifies when metadata should be used, and calls for tighter definitions on what targeted surveillance will be used for, to minimise language loopholes that effectively allow operators to surveil whatever they want.
In the words of Anderson:
Firm limits must also be written into law: not merely safeguards, but red lines that may not be crossed.
The GCHQ is one of the most aggressive intelligence-gathering organisations in the world, and its lead has just widened with the US Congress actually making moves to roll back its surveillance powers. Backed by libertarians, Senator Rand Paul even filibustered the renewal of the Patriot Act.
TechCrunch reports that Anderson also had opinions on encryption, and seems to support the government's ability to find workarounds to access peoples' information, though doesn't outright support a ban on encryption. As for other methods like hacking hard drives and working together with network providers to access data when it's in transit, Anderson says that while "some methods of CNE may be appropriate, many are of the view that there are others which are so intrusive that they would require exceptional safeguards for their use to be legal."
Image via Shutterstock