Giving government spies unfettered access to everyone's wireless communications is not such a good idea after all Credit: Peter Sayer/IDGNS The French Constitutional Council has taken another look at a new security law it waved through in July 2015, and found it wanting.A key clause of last year’s Surveillance Law essentially allowed security agencies to monitor and control wireless communications without the usual oversight applied to wiretapping operations.This is unconstitutional as the lack of oversight is likely to result in a disproportionate invasion of privacy, the council ruled Friday. It was responding to a complaint filed by La Quadrature du Net (LQDN), an association campaigning for online rights, the ISP French Data Network (FDN) and the Federation of Non-Profit ISPs.The complainants welcomed the decision, saying it “deprived intelligence services of a legal cover unleashing all kinds of illegal surveillance measures,” and showed how precise and persistent work can still change the law even after an unfortunate vote. “This is an encouragement to keep fighting for the protection of freedoms and the rule of law,” they said. The spies needn’t worry just yet, however: Rather than strike out the offending clause immediately and put an end to the bulk collection of radio communications, the council has given the government over a year in which to pass new legislation making their operations legal. In the meantime, the spies will have to keep the National Commission for the Control of Surveillance Measures informed of the scope and nature of any surveillance operations conducted under the offending clause.LQDN said it regretted the extended time given to the legislator to conform to the decision. In reaching its decision, the Constitutional Council was concerned that the bulk collection of data would allow the unauthorized identification of individual conversations or communications. In addition, the council noted that although the law gave the spies new powers “necessary to protect the fundamental interests of the country,” it did not prohibit them from using those powers for other purposes. Finally, the council objected to the way the law granting the new powers contained no definitions of the surveillance and control measures allowed, nor any means for monitoring or challenging their application. Related content news UK government plans 2,500 new tech recruits by 2025 with focus on cybersecurity New apprenticeships and talent programmes will support recruitment for in-demand roles such as cybersecurity technologists and software developers By Michael Hill Sep 29, 2023 4 mins Education Industry Education Industry Education Industry news UK data regulator orders end to spreadsheet FOI requests after serious data breaches The Information Commissioner’s Office says alternative approaches should be used to publish freedom of information data to mitigate risks to personal information By Michael Hill Sep 29, 2023 3 mins Government Cybercrime Data and Information Security feature Cybersecurity startups to watch for in 2023 These startups are jumping in where most established security vendors have yet to go. By CSO Staff Sep 29, 2023 19 mins CSO and CISO Security news analysis Companies are already feeling the pressure from upcoming US SEC cyber rules New Securities and Exchange Commission cyber incident reporting rules don't kick in until December, but experts say they highlight the need for greater collaboration between CISOs and the C-suite By Cynthia Brumfield Sep 28, 2023 6 mins Regulation Data Breach Financial Services Industry Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe