BIG BROTHER WATCH AND OTHERS v. THE UNITED KINGDOM JUDGMENT
providing any meaningful additional protection of individuals’ fundamental
rights.
306. Furthermore, according to the intervening Government, it was still
relevant to distinguish between content and communications data, as the
content of communications was likely to be more sensitive than
communications data. The intervening Government also agreed with the
Chamber that it was wrong automatically to assume that bulk interception
constituted a greater intrusion into the private life of an individual than
targeted interception, since with targeted interception it was likely that all,
or nearly all, of the intercepted communications would be analysed. This
was not true of bulk interception, where restrictions on the examination and
use of data determined the intrusiveness of the interception on the
individuals’ fundamental rights.
307. Finally, the intervening Government submitted that any
requirement to explain or substantiate selectors or search criteria in the
authorisation would seriously restrict the effectiveness of bulk interception
in view of the high degree of uncertainty regarding the source of a threat.
Ex post oversight provided sufficient safeguards.
(c) The Government of the Kingdom of Norway
308. The Norwegian Government submitted that with regard to the
decision of States to introduce and operate some form of bulk interception
regime for national security purposes, the margin of appreciation had to be
wide. This was because intelligence services had to keep pace with the rapid
advances in information and communications technology. Hostile actors
changed their devices and digital identities at a pace which made it difficult
to track them over time. It was also difficult to discover and counteract
hostile cyber operations in a timely manner without tools capable of
discovering anomalies and relevant signatures. It was therefore without
doubt that modern capacities like bulk interception were needed in order to
find unknown threats operating in the digital domain, and to enable the
services to discover and follow relevant intelligence threats.
309. In the view of the Norwegian Government, the Court’s oversight
should be based on an overall assessment of whether the procedural
safeguards against abuse were adequate and sufficient. It should avoid
absolute requirements. It should also not apply criteria that would
undermine indirectly the wide margin of appreciation afforded to States in
deciding to operate a bulk interception regime for national security reasons.
A “reasonable suspicion” or “subsequent notification” requirement would
have this effect.
310. Finally, the intervening Government encouraged the Court to
refrain from importing concepts and criteria from the CJEU. First of all, at
the relevant time nineteen Council of Europe Contracting States were not
members of the European Union. Secondly, while the Convention and the
94