GCHQ in Cheltenham, Gloucestershire Ministry of Defence/Wikipedia

The UK's cyber surveillance agency GCHQ has "taken advantage" of its ability to hack phones and computers and set a "dark precedent" around the world, privacy campaigners have claimed.

All and any material obtained from the agency's ability to hack into devices should be destroyed and the scheme, which was first disclosed in documents leaked by Edward Snowden, should be declared unlawful, according to Privacy International.


The charity is today taking GCHQ to court over the suggested development and deployment of malware, created alongside the US National Security Agency (NSA).

It is claimed by the privacy campaigning group that the hacking abilities of GCHQ include accessing computer cameras and mobile phones.

Read next You can now make encrypted video calls with Signal You can now make encrypted video calls with Signal

The opening day of the tribunal has seen the publication of an open witness statement from Ciaran Martin, the director general for cyber security.

Martin said there was a "growing importance" for hacking in the "protection of the UK" and that "ubiquitous encryption" had made it harder to access information by other means. Without hacking powers GCHQ's abilities "would be badly diminished", Martin claimed.


However, Privacy International said that public acknowledgement and codes of practice around government hacking were not "sufficient". "Government hacking remains a troubling and intrusive power, with serious security ramifications, that the draft IP Bill would permit in far too wide a range of circumstances," the charity said in a statement.

Government hacking remains a troubling and intrusive power, with serious security ramifications Privacy International

"If made law, this would set a dark precedent globally and green-light similar practices in nations both friendly and unfriendly to the United Kingdom."

Read next WIRED Awake: 10 must-read articles for February 13 WIRED Awake: 10 must-read articles for February 13

In his witness statement Martin said hacking powers were needed by the agency as terrorists outside the country now used "strong encryption", adding that directly accessing devices was the only way to get information from them.


But for those outside the UK specific warrants to authorise hacking are not needed. Such operations fall under a "class authorisation", which do not need to "name or describe a particular piece of equipment, or an individual user", Martin explained.

The spread of encryption has impeded intelligence service access to communications Ciaran Martin, Director general for cyber security, GCHQ

When a class approval has been signed off by the secretary of state it is then possible for an internal GCHQ staff member to approve individual operations in that class. The 23 page witness statement explained how GCHQ uses login credentials for those it is targeting, phishing attacks, and even getting those with access to a computer to insert infected USB memory sticks.

The security boss defended GCHQ's hacking powers by saying that while they were "highly intrusive" they were "not in general any more intrusive than other operations," such as those where listening devices are put into the homes of residents.

Read next WIRED Awake: 10 must-read articles for December 13 WIRED Awake: 10 must-read articles for December 13

Hacking of devices, officially known as computer network exploitation (CNE), has been a largely unregulated, but attempts have been made to legitimise the practice after Snowden's leaks and through the creation of the government's draft Investigatory Powers Bill (IP Bill).

Court documents, released by the privacy group, will ask judges to declare the "intrusion into computers and mobile devices" was unlawful and against the human rights to privacy and freedom of expression.

If made law, this would set a dark precedent globally and green-light similar practices in nations both friendly and unfriendly to the United Kingdom Privacy International

The documents, which will be used as part of a four-day hearing at the Investigatory Powers Tribunal, also demand that materials obtained under any hacking practices be destroyed and an injunction be granted to prevent any unlawful conduct. The hearing marks the culmination of the legal challenge, which was first launched by the privacy advocates in May 2014.

In March a report produced by the Intelligence and Security Committee confirmed that GCHQ uses zero-day attacks -- that exploit unknown security issues -- as part of its work.

Read next Snowden dismisses 'distorted' US report on mass surveillance disclosures Snowden dismisses 'distorted' US report on mass surveillance disclosures

Snowden, the former NSA contractor, has repeatedly said it is possible for GCHQ and other agencies to access phones without their owners knowledge.

In an interview with the BBC in October he reiterated a "Smurf Suite" -- named after the cartoon characters -- was used by GCHQ to "own your phone". The hacking powers contained the ability to turn a phone on or off, turn a devices microphone on and listen to surroundings, and a geo-location tool for detailed user tracking, Snowden said.

Privacy International

GCHQ has rebuffed Privacy International's claims as "simply untrue", adding that there are strict procedures in place to ensure they are regulated.

The wider context of the court case comes as the government attempts to reform the surveillance powers available to GCHQ, including provisions for hacking devices. In May GCHQ spies were given immunity from prosecution under alterations to the Computer Misuse Act..


A code of practice, which outlines the "basis for lawful equipment interference activity" was also published in November. It detailed the equipment that may be hacked when laws are suspected to have been broken, including "computers, servers, routers, laptops, mobile phones and other devices".

The code was published as part of the IP Bill -- nicknamed the "snooper's charter" by critics -- and publicly sets out the ability for security services to do so.

Documents with the draft law state: "Equipment interference encompasses a wide range of activity from remote access to computers to downloading covertly the contents of a mobile phone during a search."