Hacking of computers, smartphones and networks in the United Kingdom or abroad by the Government Communications Headquarters (GCHQ) is LEGAL, the UK's Investigatory Powers Tribunal (IPT) ruled.

So, the UK is giving clean chit to its intelligence agency to spy on its people as well as people living abroad.

Now, How is that okay?

The British spying nerve center GCHQ has won a major court case in defense of the agency's persistent hacking programs.

After revelations by NSA whistleblower Edward Snowden about the extent of spying by the US and the UK, Privacy International and seven Internet Service Providers (ISPs) launched a legal challenge against the GCHQ's hacking operations.

The case alleged that the British spying agency was breaking European law and violating fundamental warrant protections by its too intrusive and persistent surveillance actions.

GCHQ Admitted its Hacking Practices

Though GCHQ "neither confirm nor deny" the existence of such operations, the case made headlines in December last year when GCHQ admitted to its persistent hacking programs, "within and outside the UK," for the first time during the case hearings.

However, a panel of five members of the IPT handed down the judgment on Friday, ruling that the computer network exploitation that may involve activating microphones and cameras on devices remotely without the owner's knowledge is legal and does not breach human rights.

According to the senior judges, GCHQ's hacking efforts had "raised a number of serious questions," but a "proper balance" has been struck between the privacy of individuals and the need of the intelligence agency to investigate crimes.

Here's what the lengthy ruling [PDF] from the Investigatory Powers Tribunal (IPT) reads:
"The use of computer network exploitation by GCHQ, now avowed, has obviously raised a number of serious questions, which we have done our best to resolve in this Judgment.
Plainly it again emphasises the requirement for a balance to be drawn between the urgent need of the Intelligence Agencies to safeguard the public and the protection of an individual's privacy and/or freedom of expression."

GCHQ's Hacking Power

The agency's hacking efforts had allowed the agents to tap into almost any electronic equipment, including computers, servers, routers, laptops, mobile phones and even Internet of Thing (IoT) devices such as smart toys, smart TVs and more.

GCHQ also said it had:
  • Installed malware
  • Remotely turned ON cameras and microphone
  • Installed Keylogger that records every pressed key on a keyboard
  • Tracked suspects' locations via GPS
  • Remotely stole documents from target devices
Privacy International, which brought the case, is, of course, very disappointed with the ruling, and so are we. How could a country decide spying people outside its country?

The group will be challenging the decision on the grounds that it fragmented the European Convention on Human Rights when it comes to spying people within but outside of the UK.
"This case exposed not only these secret practices but also the undemocratic manner in which the Government sought to backdate powers to do this under the radar," Scarlet Kim, legal officer at London-based Privacy International said in a statement.

"Just because the Government magically produces guidelines for hacking should not legitimize this practice."

British Foreign Secretary: Ruling is Fair

However, British Foreign Secretary Philip Hammond, welcomed the ruling, saying the ruling was fair and took into account invasive actions that are necessary for the security of UK.
"Once again, the law and practice around our Security and Intelligence Agencies' capabilities and procedures have been scrutinized by an independent body and been confirmed to be lawful and proportionate," Hammond said.
So, once again the threat of terrorism saved the GCHQ's ass, as the judgement says the capabilities operated by the agency lie "at the very heart of the attempts of the State to safeguard the citizen against terrorist attack."

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.