Last week the European Court of Human Rights issued a highly anticipated blockbuster Chamber judgment in Big Brother Watch v. UK, nos. 58170/13, 62322/14, 24960/15.
This is the first mass electronic surveillance case to be decided against the UK after the Edward Snowden revelations, and it touches upon numerous issues. The judgment is nuanced, complex, and long. It addresses key questions such as the proportionality of bulk interception programmes much more directly and with greater sophistication than the recent judgment in Centrum för Rättvisa v. Sweden no. 35252/08, which was decided by a different Chamber while this case was being deliberated, and which also upheld a bulk surveillance programme (see here for Asaf Lubin’s take on Just Security).
The judgment is too rich to summarize easily, so I will only set out some key takeaways (for an extensive discussion on surveillance and privacy in the digital age, see my 2015 Harvard ILJ piece).
First, and most importantly, the judgment is a mixed bag for privacy activists: while the Court finds that the UK’s surveillance programme under the now-defunct Regulation of Investigatory Powers Act (RIPA) was deficient in important respects and in violation of Article 8 and 10 of the Convention, it at the same time normalizes such mass surveillance programmes. In particular, the Court decided that bulk interception programmes are not categorically disproportionate, as privacy activists have argued. Second, in a similar vein, the Court finds that prior judicial authorization is not indispensable for the legality of bulk interception, again contrary to what privacy activists have argued, even if prior judicial authorization could be seen as best practice (note that under the new 2016 Investigatory Powers Act the UK has moved to a double-authorization system which involves both a minister and an independent quasi-judicial commissioner).
Here are the key paragraphs (warning – extracts from the judgment make this a lengthy post):