HOME     MENU     SEARCH     NEWSLETTER    
NEWS & INFORMATION FOR TECHNOLOGY PURCHASERS. UPDATED 14 MINUTES AGO.
You are here: Home / Network Security / British Spy Agency Sued for Malware
Privacy Group Sues British Spy Agency over Use of Malware
Privacy Group Sues British Spy Agency over Use of Malware
By Seth Fitzgerald / NewsFactor Network Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
MAY
08
2014

Britain's spy agency, GCHQ, is being targeted by Privacy International for what the grou considers to be illegal spy techniques. The privacy group filed a lawsuit Tuesday against GCHQ after documents reportedly from former U.S. National Security Agency contractor Edward Snowden revealed the extent to which both GCHQ and the NSA spy on civilians.

With leaked documents in hand, Privacy International alleges that the British spy agency has violated and continues to violate articles 8 and 10 of the European Convention on Human Rights. Article 8 deals with privacy and since the GCHQ may have used malware to intentionally infect devices, privacy laws would have been broken.

First Lawsuit

Just as widespread surveillance in the U.S. has met with strong criticism, British organizations say the tapping of wireless devices or computers should not be allowed. This argument has been met with legal opposition, but given the existence of wiretap laws and warrant requirements, Privacy International may have a legitimate claim against the GCHQ on behalf of British citizens.

The lawsuit, filed with the UK's Investigatory Powers Tribunal, is the first against GCHQ to be filed since January, when a series of Snowden documents showed how the NSA and GCHQ used mobile apps to spy on individuals. With the suit, Privacy International hopes to bring "an end to the unlawful hacking being carried out by GCHQ."

GCHQ said it would not comment on the lawsuit.

According to the privacy group, this is the first case in the UK's history that directly challenges the use of malware and other hacking tools by intelligence services. With the exception of a failed class-action lawsuit brought in the U.S. by Sen. Rand Paul, R-Kentucky, there have not been lawsuits against the NSA for its use of similar tools.

Malware

Privacy organizations and individuals are not pleased with phone surveillance or metadata collection but those spy techniques are harder to combat in a legal setting. With this in mind, Privacy International is targeting the use of malware and hacking, since those tools are invasive and potentially illegal.

In the group's 21-page lawsuit the existence of malware with names like Warrior Pride and Gumfish is mentioned. According to information in the leaked documents, the malware is placed in phones and computers so that the GCHQ can log keystrokes, collect data and even tap into cameras.

Privacy International argued that the use of cameras is no different from "entering someone's house, searching through his filing cabinets, diaries and correspondence, and planting devices to permit constant surveillance in future, and, if mobile devices are involved, obtaining historical information including every location he had visited in the past year."

The use of malware when collecting data on groups of British citizens has unintended consequences as well. Even after the GCHQ is no longer actively spying on someone, the malware has compromised the security of the phone or computer, leaving it open to other malicious attacks. Privacy International is not sure how many devices have been affected by these programs, but it is entering the lawsuit with the knowledge that millions of devices could have been compromised.

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY INTEREST YOU
Barium Ferrite Is The Future Of Tape: Barium Ferrite (BaFe) offers greater capacity, superior performance, and longer archival life compared to legacy metal particle (MP) tape. Click here to learn more.
MORE IN NETWORK SECURITY
Product Information and Resources for Technology You Can Use To Boost Your Business

NETWORK SECURITY SPOTLIGHT
An easily avoided security lapse -- failure to use two-factor authentication on a single server -- is being blamed for the massive computer breach that hit JPMorgan Chase this past summer.
© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.