Charity makes legal bid against GCHQ over malware infections
Malware operations conducted by spooks violates European Convention on Human Rights


A charity has launched a legal bid to demand an investigation into claims that GCHQ deliberately infected millions of computers and smartphones with malware to collect intelligence information.
London-based charity Privacy International said documents leaked by Edward Snowden revealed that operations carried out by the spy organisation were in violation of articles 8 and 10 of the European Convention on Human Rights.
Unrestrained, unregulated Government spying of this kind is the antithesis of the rule of law
The charity filed the case to demand "an end to the unlawful hacking being carried out by GCHQ which, in partnership with the NSA"
The complaint, filed at the UK's Investigatory Powers Tribunal, is the first UK legal challenge to the use of hacking tools by intelligence services. it said the malware infection is "so invasive that it is incompatible with democratic principles and human rights standards".
The 30-page complaint filed with the tribunal details GCHQ operations that listened in on private conversations, watched through webcams, read texts, access and downloaded browser histories.It alleged that GCHQ engaged in "active SIGINT" using manipulation of the user's property with malware to collect data.
Privacy International argues that the use of such capabilities is a clear violation of Article 8 (the right to privacy) and Article 10 (right to freedom of expression) of the European Convention on Human Rights, and must end immediately.
Eric King, deputy director of Privacy International, said: "Unrestrained, unregulated Government spying of this kind is the antithesis of the rule of law and Government must be held accountable for their actions."
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
He added: "The hacking programmes being undertaken by GCHQ are the modern equivalent of the government entering your house, rummaging through your filing cabinets, diaries, journals and correspondence, before planting bugs in every room you enter."
Rene Millman is a freelance writer and broadcaster who covers cybersecurity, AI, IoT, and the cloud. He also works as a contributing analyst at GigaOm and has previously worked as an analyst for Gartner covering the infrastructure market. He has made numerous television appearances to give his views and expertise on technology trends and companies that affect and shape our lives. You can follow Rene Millman on Twitter.
-
The race is on for Higher Ed to adapt: Equity in hyflex learning
Hyflex courses can improve student wellbeing and engagement, but only with meeting technology that leaves no one behind
-
Gen Z workers are keen on AI in the workplace – but they’re still skeptical about the hype
News Younger workers could lead the shift to AI, but only think it can can manage some tasks
-
Scania admits leak of data after extortion attempt
News Hacker stole 34,000 files from a third-party managed website, trucking company says
-
Capita tells pension provider to 'assume' nearly 500,000 customers' data stolen
Capita told the pension provider to “work on the assumption” that data had been stolen
-
Gumtree site code made personal data of users and sellers publicly accessible
News Anyone could scan the website's HTML code to reveal personal information belonging to users of the popular second-hand classified adverts website
-
Pizza chain exposed 100,000 employees' Social Security numbers
News Former and current staff at California Pizza Kitchen potentially burned by hackers
-
83% of critical infrastructure companies have experienced breaches in the last three years
News Survey finds security practices are weak if not non-existent in critical firms
-
Identity Automation launches credential breach monitoring service
News New monitoring solution adds to the firm’s flagship RapidIdentity platform
-
Neiman Marcus data breach hits 4.6 million customers
News The breach took place last year, but details have only now come to light
-
Indiana notifies 750,000 after COVID-19 tracing data accessed
News The state is following up to ensure no information was transferred to bad actors