Flickr: George Rex. Some rights reserved.

The United Nations delivered a searing rebuke to the digital mass surveillance practices of the United States in a report that systematically picks apart many of the legal justifications employed by government officials defending US and UK spying activities. The secret Five Eyes spying alliance, which enables the US and UK to share vast amounts of surveillance with Australian, Canadian and New Zealand intelligence agencies, faces an existential threat if some of the conclusions in the report gain traction in national courts and legislatures.
 
The report, commissioned by the UN General Assembly in response to the political fallout of Edward Snowden’s revelations of American and British mass surveillance programmes, is the strongest condemnation of modern surveillance techniques that any international authority has appropriated to date. The release of the report couldn’t be more timely; the US is in the midst of debating surveillance reforms, and in the UK, emergency legislation granting government new spying powers was rammed through Parliament in the same week the courts considered challenges to surveillance laws .

A line in the sand

For more than a year we have listened as officials in the US and UK defended the mass surveillance programs revealed by Edward Snowden. No one is reading your email, they’d say. No one is looking at the content of your communication. Don’t worry, it’s only the bad guys over there that we’re interested in. We are completely in compliance with international law.
Navi Pillay, the UN High Commissioner of Human Rights, disagrees. She has issued a salvo of attacks on the legal excuses advanced by States that have sought to justify bulk collection under international law.
 
Even if the government isn’t actually reading emails, they are tampering with individuals’ privacy. The very existence of a bulk collection program, such as PRISM in the United States or the United Kingdom’s TEMPORA program, fundamentally interferes with privacy. Even where bulk collection programs serve a legitimate aim and have been approved through clear legal framework, they may still be unlawful because of the disproportionate impact of collecting metadata upon privacy rights.
 
And, perhaps most significantly, laws which discriminate between the protections given to US and non-US persons have been shot down. Where the US interferes with communications infrastructure, by tapping cables or demanding access to data held by US internet services, they are obliged to consider the human rights of any person whose privacy they interfere with, and cannot discriminate against foreigners on the basis of their nationality or location–counter to the entire premise upon which FISA is based.
 
Taken to its logical conclusion, this stance may spell the end of the carefully crafted legal loop-holes that the NSA relies on to maintain foreign surveillance activities. 

An end to unaccountable intelligence-sharing? 

The report also creates an existential crisis for intelligence-sharing arrangements, such as the Five Eyes alliance of the US, UK, Canada, Australia and New Zealand. In providing some of the most robust analysis by any authority to date on the relationship between foreign intelligence and human rights, Ms Pillay suggests that any effort by governments to coordinate surveillance practices in order to “outflank the protection provided by domestic legal regimes” is unlawful. As a British court heard last week in a case against UK foreign intelligence agency GCHQ, this is precisely the purpose of the Five Eyes arrangement. 

There is no clear and accessible legal regime that specifies the circumstances in which, Five Eyes authorities can request access to signals intelligence from, or provide such intelligence, to another Five Eyes authority. Each of the Five Eyes states have broad, vague domestic laws that purport to warrant the sharing of and access to shared signal intelligence, but fail to set out minimum safeguards or provide details of or restrictions upon the nature of intelligence sharing.

Moreover, the domestic legal frameworks implementing the obligations created by the Five Eyes agreement are carefully constructed to provide differing levels of protections for internal versus external communications, or those relating to nationals versus non-nationals. These frameworks attempt to circumvent national constitutional or human rights protections governing interferences with the right to privacy of communications that, states contend, apply only to nationals or those within their territorial jurisdiction.

In the UK, the Intelligence and Security Committee–in charge of overseeing the actions of the UK intelligence agencies, including GCHQ–responded to the Snowden leaks remarking

“It has been alleged that GCHQ circumvented UK law by using the NSA’s PRISM programme to access the content of private communications […] and we are satisfied that they conformed with GCHQ’s statutory duties. The legal authority for this is contained in the Intelligence Services Act 1994.”

Yet the chair of the ISC has in fact admitted to confusion about whether “if British intelligence agencies want to seek to know the content of emails can they get round the normal law in the UK by simply asking an American agencies to provide that information?” When the head of the committee charged with overseeing the lawfulness of the actions of intelligence services is unsure as to whether such agencies have acted lawfully, there is plainly a serious dearth in the accessibility of law, calling into question the rule of law.

The UN’s report also takes umbrage at the “secret rules” and FISC-like “secret judicial interpretations” of laws. Any legal framework that gives executive authorities­–such as security and intelligence services–excessive discretion will be unlawful under international law, according to the UN. It is difficult to imagine how the Five Eyes intelligence sharing arrangement could ever pass muster if this is the threshold.

The original Five Eyes agreement demanded secrecy, stating “it will be contrary to this agreement to reveal its existence to any third party unless otherwise agreed” resulting in modern day references to the existence of the agreement by the intelligence agencies remaining limited. The existence of the agreement was not acknowledged publicly until March 1999; it was not until 2010, that the US and UK declassified numerous documents, including memoranda and draft texts, relating to the creation of the agreement. Generally the Five Eyes States and their intelligence services have been far too slow in declassifying information that no longer needs to be secret, resulting in the absence of the arrangement on any government website until recently.

All eyes on the Five Eyes

This report should inform every debate on surveillance being held in the public domain, government assemblies or court. It debunks every legal excuse advanced by the US and UK governments to justify the activities revealed by Edward Snowden, and undermines the flimsy idea that bulk collection is entirely legitimate given the nature of the security threat. It fundamentally changes the discourse around digital surveillance and raises numerous questions that the Five Eyes must front
 
The world’s leading authority on international law and human rights reviewed all the justifications the US and UK make to protect their surveillance practices and swiftly denounced these processes and the self-serving legal frameworks propping them up. It would be an even greater wrong if we do not take heed of their findings.