Challenge Over UK Bulk Hacking Powers Taken to European Court of Human Rights

Activist group Privacy International and five Internet and communications providers lodged an application before the European Court of Human Rights to challenge the United Kingdom's use of bulk hacking powers abroad. “The European Court of Human Rights has a strong track record of ensuring that intelligence agencies act in compliance with human rights law. We call on the Court to hold GCHQ accountable for its unlawful bulk hacking practices,” said Scarlet Kim, legal officer at Privacy International. The application has been made with UK-based non-profit GreenNet, the Chaos Computer Club from Germany, Jibonet from South Korea, US internet service provider May First, and communications provider Rise Up. Privacy International is challenging whether the UK's interpretation of the Intelligence Service Act for using bulk hacking powers complies with the European Convention of Human Rights (ECHR).

“As currently practiced, GCHQ’s hacking powers are neither in accordance with law nor proportionate, both of which they must be in order to satisfy Articles 8 and 10 [of the ECHR]. Our case focuses on the in accordance with law requirement, which says that if an intrusive surveillance practice like hacking is to be used, it must have an explicit legal basis that makes its use foreseeable and must be accompanied by stringent safeguards,” said Privacy International General Counsel Caroline Wilson Palow.