Previous 61 / 204 Next
Normal view
BIG BROTHER WATCH AND OTHERS v. THE UNITED KINGDOM JUDGMENT

189. A series of new Codes of Practice, including a new Interception of
Communications Code of Practice, entered into force on 8 March 2018 (see
paragraph 102 above).
190. Part 4 of the 2016 Act, which came into force on 30 December
2016, included a power to issue “retention notices” to telecommunications
operators requiring the retention of data. Following a legal challenge by
Liberty, the Government conceded that Part 4 of the 2016 Act was, in its
existing form, inconsistent with the requirements of EU law. Part 4 was not
amended and on 27 April 2018 the High Court found Part 4 to be
incompatible with fundamental rights in EU law since, in the area of
criminal justice, access to retained data was not limited to the purpose of
combating “serious crime”; and access to retained data was not subject to
prior review by a court or an independent administrative body.
II. RELEVANT INTERNATIONAL LAW
A. The United Nations
191. Resolution no. 68/167, adopted by the General Assembly on
18 December 2013, reads as follows:
“The General Assembly,
...
4. Calls upon all States:
...
(c) To review their procedures, practices and legislation regarding the surveillance
of communications, their interception and the collection of personal data, including
mass surveillance, interception and collection, with a view to upholding the right to
privacy by ensuring the full and effective implementation of all their obligations under
international human rights law;
(d) To establish or maintain existing independent, effective domestic oversight
mechanisms capable of ensuring transparency, as appropriate, and accountability for
State surveillance of communications, their interception and the collection of personal
data ...”

B. The Council of Europe
1. The Council of Europe Convention for the Protection of Individuals
with regard to Automatic Processing of Personal Data 1981
192. The Convention, which entered into force in respect of the United
Kingdom on 1 December 1987, sets out standards for data protection in the
sphere of automatic processing of personal data in the public and private
sectors. It provides, in so far as relevant:

60

Select target paragraph3

  • Uwazi is developed by uwazi

    in Kenya, Ecuador, Spain, Germany and USA.

  •  
  • Surveillance Oversight Database
  •  
  • Library
  • Login