Government broke data privacy rules
The British intelligence agency GCHQ (Government Communications Headquarters) did not follow the correct data privacy procedures when gathering information.
The action was brought forward by a variety of non-government organisations (NGOs), including Amnesty and Privacy International, who accused the intelligence agencies of intercepting their communications.
In most cases, the following tribunal found that if any data was viewed, the communications had been lawfully intercepted. However, in the case of the ‘Egyptian Initiative for Personal Rights’ (EIPR) data was acquired legally, but had been stored for a longer period of time than it should have. The tribunal also stated that there had not been any material damage to the organisation, therefore no compensation had to be paid. The Tribunal ruled that GCHQ had to confirm that within 14 days the relevant information had been deleted.
A government spokesman said: “We welcome the IPT’s confirmation that any interception by GCHQ in these cases was undertaken lawfully and proportionately, and that where breaches of policies occurred they were not sufficiently serious to warrant any compensation to be paid to the bodies involved.”
He added: “GCHQ takes procedure very seriously. It is working to rectify the technical errors identified by this case and constantly reviews its processes to identify and make improvements.”