Last Friday - 27 April 2018 - the High Court delivered its judgment in a challenge brought by human rights organisation Liberty against the mass surveillance powers of the Investigatory Powers Act.
The Investigatory Powers Act was the Government’s answer to the expiry of DRIPA, the infamous emergency surveillance legislation rushed through Parliament in a matter of days back in 2014. DRIPA automatically expired at the end of 2016, so the Government ensured that most of the powers it contained were written into permanent legislation with the Investigatory Powers Act.
Liberty launched their challenge following the Court of Justice of the European Union’s judgment against DRIPA, in which the Court had ruled that the bulk and non-targeted surveillance powers found in DRIPA were not compatible with EU law.
In their judgment last Friday, the High Court agreed with some of the points the CJEU had raised in their ruling, and judged that parts of the Investigatory Powers Act were similarly unlawful under EU law because:
- Access to retained data was not limited to the purposes of combating “serious crime”; and
- Access to retained data was not subject to prior review by a court or administrative body.
The Court issued the Government with a deadline of 1 November 2018 to ensure that the Investigatory Powers Act’s surveillance provisions were brought into line with EU law.
As can be seen from the wording of the points above, the Court mostly took issue with the fact that data which had been collected under the surveillance regime could be accessed without proper safeguards, and did not condemn the collection of the data in the first place.
The Court rejected Liberty’s argument that the Investigatory Powers Act amounted to mass surveillance of the sort that the CJEU had ruled unlawful in Watson:
"In the light of this analysis of the structure and content of Part 4 of the 2016 Act, we do not think it could possibly be said that the legislation requires, or even permits, a general and indiscriminate retention of communications data."
We are disappointed that the Court stopped short of ruling that the indiscriminate collection of surveillance data was unlawful. The CJEU have been quite clear in their opinion that the mass retention of data and the associated chilling effects result in a disproportionate intrusion into human rights.
While the Court claims that the powers found in the Investigatory Powers Act do not mandate indiscriminate retention of internet records, the reality is that the UK already has in place the indiscriminate retention of telecoms records for all major providers, and one of the functions of the IPA is to expand this to internet records.
The Courts need to curtail the abilities of the Government to use their powers to retain all internet and phone records by returning to the original CJEU ruling and taking on board the CJEU’s advice on how to do so.
For a closer look at the High Court’s recent ruling, Graham Smith has written a fantastic blog post on the topic.
This recent ruling offers some promise, but is only a minor victory and the battle against mass surveillance is far from over. Liberty are currently crowdfunding for the next stage of their legal challenge.