ISPs sue UK spooks over network spying

The complaint is based on Snowden's revelations

A coalition of ISPs and communication providers from around the world filed a legal complaint against the U.K. Government Communications Headquarters (GCHQ), calling for an end to its alleged attacking and exploitation of network infrastructure to gain access to potentially millions of people's private communications.

The complaint was lodged on Wednesday with the U.K.'s Investigatory Powers Tribunal (IPT), a court that can investigate complaints about any alleged conduct by, or on behalf of, the British intelligence services.

The case was filed by U.S. campaigning organizations Riseup and May First/People Link, as well as by U.K. ISP GreenNet, Dutch hosting service Greenhost, Mango from Zimbabwe, the South-Korean Jinbonet, along with the German Chaos Computer Club and Privacy International who said exploiting network infrastructure to gather information is unlawful.

Their complaint draws on the revelations in a series of articles published by German news magazine Der Spiegel and investigative website The Intercept, based on documents provided by former NSA-contractor Edward Snowden.

Der Spiegel for instance reported in September that GCHQ had targeted the employees of the Belgian telecommunication company Belgacom to gain access to important network infrastructure using a malware attack.

"While the claimants were not directly named in the Snowden documents, the type of surveillance being carried out allows them to challenge the practices in the IPT because they and their users are at threat of being targeted," the organizations said.

Belgacom reported the attacks on its infrastructure to Belgian police. Privacy International spokesman Mike Rispoli could not say whether the company was invited to join the U.K. legal action. Due to the interconnectedness of the Internet, the surveillance described in the articles could be carried out against any ISP or communications provider, he added.

Another report by The Intercept based on documents provided by Snowden showed in March that the U.S. National Security Agency (NSA) has been working on expanding its ability to infect computers with surveillance malware and creating a command-and-control infrastructure capable of managing millions of compromised systems at a time. GCHQ appears to have played an integral role in developing this, according to the publication.

In their lawsuit, the communications providers claim that by allegedly interfering with network assets and computers belonging to the network providers, GCHQ has contravened the U.K. Computer Misuse Act and the European Convention of Human Rights (ECHR), which guarantees the individual's peaceful enjoyment of their possessions, they said.

Furthermore, conducting surveillance of the network providers' employees is in contravention of article 8 of the ECHR which covers the right to respect for private and family life, and article 10, which covers freedom of expression, they said. Surveillance of the network providers' users that is made possible by exploitation of their Internet infrastructure is also in contravention of those articles, the complainants said.

Moreover, by diluting the network providers' goodwill and relationship with their users, GCHQ could also have violated the ECHR, they added.

Privacy International already filed two other complaints with the Tribunal over the Snowden revelations. The first one was filed last July and concerns alleged mass surveillance on U.K. citizens via GCHQ's Tempora and the NSA's Prism program. A week-long public hearing for that case is set to begin on July 14, Rispoli said.

A second case was filed in May over GCHQ's and NSA's alleged ability to infect computers and mobile devices with malware, giving them control over the devices to switch on users' microphones or cameras, listen to phone calls and track locations. That case is still pending, Rispoli said.

Loek is Amsterdam Correspondent and covers online privacy, intellectual property, open-source and online payment issues for the IDG News Service. Follow him on Twitter at @loekessers or email tips and comments to

Join the CSO newsletter!

Error: Please check your email address.

Tags Privacy InternationalJinbonetGreenNetsecurityCivil lawsuitslegalRiseupprivacygreenhostChaos Computer Club

More about GCHQIDGNational Security AgencyNSAPrismPrivacy InternationalSpiegel

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Loek Essers

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place