It has been reported that British intelligence agency Government Communications Headquarters (GCHQ) may have been collecting personal social media data of people as part of their mass surveillance efforts. According to an Engadget report, the GCHQ has been collecting such information over years, even decades, and has been sharing this information with foreign intelligence and other law enforcement agencies. The Investigatory Powers Commissioner’s Office (IPCO), the body that oversees the activities of the GCHQ, has also been reportedly left out of the loop with regards to this. Lee Munson, Security Researcher at Comparitech.com commented below.
Lee Munson, Security Researcher at Comparitech.com:
“If GCHQ has collected a massive amount of information on every man, woman and child in the United Kingdom I do not think anyone can really be surprised.
After all, we have known for many years that former Home Secretary, and now Prime Minister, Teresa May was keen for the security services to have access to as much data as possible, via the Investigatory Powers Act 2016.
The fact that the legislation explicitly mentions bulk communications data acquisition would, I suspect, make any collection of social media, financial or health data at this time quite legal, even without any kind of court warrant being required.
Of course, the legality of any such bulk data swipes prior to 2016 are questionable, as is the collection of information from private databases, if true, but the fact remains that GCHQ almost certainly has far more information at its finger tips than many people realise.
Much of that information can be controlled though. Social networking sites, especially, are a goldmine for any individual or organisation with time or automated tools on their hands as the vast majority of people who frequent them do not stop to think what they are posting.
Thus, the moral of this story is for people to think twice about the information they share willingly with their actual or virtual friends online because, one day, whether or not they have something to hide will be irrelevant as they will have voluntarily given up all of their privacy rights anyway”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.