The investigation into British surveillance, which has proved to be much the same as the actions of the National Security Agency over the past couple of decades, was centered on two different privacy violations: bulk communications data collection and bulk personal datasets creation. The data collection looked at visited websites, email metadata, and GPS locations, while the datasets creation covered biographical information like financial transactions, and communications, according to Engadget.
In both cases, the surveillance that was undertaken on a mass scale was entirely without safeguards until 2015. The IPT also discovered there were almost no codes of practice with the programs either. The lack of auditing is what made the tribunal’s work so difficult, since there were so few records on who had recorded what or looked at what data over the nearly two decades of surveillance.
The IPT’s big caveat is that it now believes safeguards put in place by the British government do protect consumers and that these schemes no longer contravene with the ECHR. Privacy International, which pushed for the creation and investigation with the IPT in the first place, claims that newly implemented safeguards do not go anywhere near far enough.
This ruling comes at a significant time in British legislature. The newly appointed — though unelected — prime minister, Theresa May, has been driving through the Investigatory Powers Bill for several years now. Although it does add some safeguards and protections for citizen’s rights, it expands the abilities of intelligence agencies to allow for hacking of hardware devices on a mass scale.
While much has been made of its privacy provisions, the bill would also allow the home secretary to sign off on warrantless surveillance in certain situations.
May has also recently taken up the torch of campaigners who wished to see the ECHR stricken from British law and a new British Bill of Rights implemented, though the specifics are rather vague still.
