New Code of Practice: "Equipment Interference" to give the intelligence and security agencies direct access to computers to by-pass encryption and to use "remote access" to "obtain information.. in pursuit of intelligence requirements" or to "remove or modify software"
- the code applies to "any interference (whether remotely or otherwise)"
- to "locate and examine, remove, modify or substitute equipment hardware or software"
- to "enable and facilitate surveillance activity by means of the equipment" (p5)
In language strikingly similar to GCHQ;'s 4Ds (p2, pdf) "Deny/Disrupt/Degrade/Deceive" the Home Office Security Minister said on 6 February 2015 the purpose was to: identify, track and disrupt the most sophisticated targets.
See: Codes of practice under Pursuant to section 71 of the Regulation of Investigatory Powers Act 2000:
- Equipment Interference Code of Practice (pdf)
- Interception of Communications Code of Practice (pdf)
- Regulation of Investigatory Powers Act 2000 Consultation: Equipment Interference and Interception of Communications Codes of Practice (pdf)
Tony Bunyan, Statewatch Director, comments:
"The adoption of such sweeping new surveillance powers should be the subject of primary legislation and not sneaked through in a Code of Practice under RIPA 2000 - which is not limited to terrorism and serious crime but covers all crime. They would allow the intelligence and security agencies to access any computer or smartphone not just to carry out surveillance but also to alter and/or change its content..
The wealth of examples from the Snowden revelations concerning GCHQ, the finding of the Investigatory Powers Tribunal of the unlawful data exchange with the NSA, the judgment by the Court of Justice of the European Union in April 2014 that the Mandatory Data Retention Directive was unlawful since it was adopted in 2006 (and we still await any response from the European Commission) and, DRIPA 2014 which legalised the gathering of IP address - confirms the view of seasoned observers that governments are not in control of their intelligence and security agencies, that the agencies will use all available technologies even if there is no legal basis, and that when court judgments find against present practices the law is simply changed to make the "unlawful lawful"
And what guarantees are there that that these new surveillance powers will only be used against terrorists and serious organised criminals and that "function creep", which has happened time and again since 2001, will not see them used against all suspected crimes or targets?"
See on law enforcement agencies use of "remote access" Statewatch analysis: EU agrees rules for remote computer access by police forces but fails, as usual, to mention the security and intelligence agencies by Tony Bunyan (pdf) and EU: Welcome to the new world of the interception of telecommunications (Statewatch database)
See also: Security services capable of bypassing encryption, draft code reveals (Guardian. link)
Support our work by making a one-off or regular donation to help us continue to monitor the state and civil liberties in Europe.
Search our database for more articles and information or subscribe to our mailing list for regular updates from Statewatch News Online.
We welcome contributions to News Online and comments on this website. Please feel free to get in touch.
Home | News Online | Journal | Observatories | Analyses | Database | SEMDOC | About Statewatch
© Statewatch ISSN 1756-851X. Personal usage as private individuals/"fair dealing" is allowed. We also welcome links to material on our site. Usage by those working for organisations is allowed only if the organisation holds an appropriate licence from the relevant reprographic rights organisation (eg: Copyright Licensing Agency in the UK) with such usage being subject to the terms and conditions of that licence and to local copyright law.