GCHQ now has the power to legally hack anyone
Intelligence agency GCHQ has begun using bulk equipment interference to hack foreign groups at will, it has been discovered.
In a letter filed in the House of Commons library Ben Wallace, security minister, stated that the “GCHQ’s position on the authorisation of equipment interference operations has evolved since the Investigatory Powers Act”, specifying “Since the passage of the Bill, the communications environment has continued to evolve, particularly in terms of the range of hardware devices and software applications which need to be targeted.”
In the letter, Wallace points to the Investigatory Powers Act (more commonly known as the Snooper’s Charter) as providing a theoretical warrant for bulk equipment interference, with the further permissions to enact it provided by recent warrant applications. He also states that Investigatory Powers Commissioner Adrian Fulford has recommended safeguards for the hacks — although all are post-facto, so may have limited effect.
This warrant would allow GCHQ to effectively carry out hacks at will, as opposed to gaining specific warrants for each individual hack.
Bulk equipment interference lets intelligence groups commit widespread hacks at different swathes of targets. Instead of simply infiltrating a target’s phone or laptop, this type of hack would allow agencies access to devices, communications networks, and vital infrastructure. According to intelligence groups, the widespread use of encryption makes targeted hacking largely useless, and so widespread hacking is necessary to gain information.
Many charities and organisations have already spoken out against this bulk equipment interference, including Liberty and Privacy International, calling it a threat to individuals’ privacy and security. Not only can the GCHQ view private information, but could be convinced to trade UK citizens’ information in exchange for information on others’, warned someone from Liberty.
While citizens are used to having their data openly accessible, from tech firms’ trade in user information to frequent massive data hacks and breaches, GCHQ’s hacks would be different. These hacks wouldn’t gain data for monetary gain, but to spy on and monitor citizens — which is even more sinister than targeted advertising.