His concerns were frightening prescient, if drily expressed. "National laws regulating what would constitute the necessary, legitimate and proportional state involvement in communications surveillance are often inadequate, or non-existent."

The UN's special rapporteur on freedom of expression and privacy, Frank La Rue, was presenting his report on privacy and surveillance last week to the human rights council. I had gone there to debate the issues in a panel discussion. Usually meetings in basement conference rooms in Geneva are something I seek to avoid.

I'm so pleased I went, if only to see for myself how even the experts have been caught unawares by the revelations of the US and UK programme of mass surveillance. Originally a human rights lawyer in Guatemala – a place that has known a thing or two about arbitrary state action – La Rue is one of the most experienced voices on this subject.

His message is simple: international laws and norms have failed to keep up with technology. Both governments and corporations have been working it out as they go along. The original cyber-utopians saw the internet as a new space, freed from the shackles of national law and boundaries. For a few years that may have been the case, but it did not take long for the state to catch up and indeed – as we now realise – outwit even the sharpest minds in Silicon Valley, from whose talented pool it has presumably recruited.

Even more worrying is the blithe ignorance of most of our legislators. With a few notable exceptions (I can count them on the fingers of one hand), British MPs almost wear their technophobia with pride. Ask them about global internet governance or regulation and they imply they are above such geekery. It therefore came as no surprise to see a well-prepared William Hague, the foreign secretary, waft over a House of Commons that struggled to pose him a single informed question. Trust me, was his message, and trust him they were delighted to do. If further proof was needed of a lack of effective scrutiny in this most complex of areas, Monday's parliamentary non-session provided it.

Even though MPs might not grasp it, there is a fundamental difference between specific, narrowly drawn requests made by security services to internet and phone companies, and the giant dragnet that Prism has exposed. Are users really comfortable with their email, phone and social media traffic open for not just the spooks, but all government agencies to see? The fact that they might give away too much privacy to companies might in itself be a problem, but it is not the same thing.

Put aside for one moment domestic civil liberties concerns (shared by a minority, but probably a significant minority), and look at other policy ramifications of the story. The fact that the Americans and the British are apparently employing surveillance techniques not dissimilar to the Russians and Chinese makes a laughing stock of their otherwise admirable policy of promoting free expression and an open internet around the world. One can already hear the chortles of President Putin. One can only imagine the schadenfreude of the Chinese president, Xi Jinping, as he met Barack Obama in California last weekend.

What is needed is a determined effort to bring international human rights law up to date to meet the many, and changing, opportunities and dangers posed by the internet. Spooks thrive on uncertainty and on grey areas of law. The current free-for-all is perfect for them to operate with impunity, knowing that they can outfox politicians in Washington and Westminster with consummate ease. And it seems now they are even outsmarting the folk in Silicon Valley too.