Watchdog: MI5 was ‘unlawful’ in using personal data

According to the Investigatory Powers Commissioner’s Office, the UK’s MI5 security service used large amounts of personal data in an “undoubtedly unlawful” manner.

The watchdog claimed that data collected under warrants was stored for too long and not securely enough from potential hackers.

Civil rights group, Liberty, further claimed MI5’s infringement also included the “mass collection of data of innocent citizens” and revealed that MI5 was aware of the problems in 2016 but did nothing to bring the issues to public awareness.

Lawyer for Liberty, Megan Goulding, said: “MI5 have been holding on to people’s data – ordinary people’s data, your data, my data – illegally for many years.

“Not only that, they’ve been trying to keep their really serious errors secret – secret from the security services watchdog, who’s supposed to know about them, secret from the Home Office, secret from the prime minister and secret from the public.”

Liberty criticised MI5 in High Court on Tuesday, challenging parts of the Investigatory Powers Act under which MI5 can obtain warrants from judges to access people’s data – location, phone calls, text messages, and internet browsing history.

The Act, however, calls for the appropriate safeguarding of such information, which the security services failed to heed. Lord Justice Sir Adrian Fulford, the Investigatory Powers Commissioner, said that MI5 had a “historical lack of compliance” with the law, and in a ruling stated that the services would be under greater scrutiny going forward, especially for its application for warrants in the future.

The court heard that the Home Office and the Prime Minister were told of the breaches in April this year, but should have been alerted three years ago when MI5 became aware of the problems.

However, Home Secretary Sajid Javid has said that MI5 has now taken “immediate and substantial steps” to mitigate the “existence of serious compliance risks”.

Contact us

hSo ISO 9001 Seal
hSo ISO 14001 Seal
hSo ISO 20000 Seal
hSo ISO 27001 Seal
Cyber Essentials logo
Internet Service Providers Association logo
Internet Telephony Service Providers Association logo
LINX logo
RIPE logo
AWS Partner Network logo
Microsoft Partner logo
Crown Commercial Service supplier logo