Security News > 2020 > March > UK spy auditor gives state snoops a big pat on the back for job well done – except MI5
The UK's spy agency auditor has given public sector snoopers a clean bill of health - except for domestic surveillance specialists MI5, whose cloud data storage blunder is still under investigation.
In its annual report for 2018, published this week, the Investigatory Powers Commissioner's Office concluded once again that all is broadly well in the murky world of British state surveillance, where everyone from eavesdropping agency GCHQ to council binmen is legally allowed to spy on you.
MI5 hadn't locked down access to what appears to have been a cloud server; as IPCO put it, the domestic spy agency had an "Inconsistent approach to controls around the extent to which users were able to copy data and place it into storage areas within the environment".
Otherwise, despite the introduction of the so-called "Double lock," where a former judge signs off on spying warrants that were first rubber-stamped by a cabinet minister, IPCO broadly ruled all was well and most public sector organisations were abiding by the Snooper's Charter, the law that allows them to rifle through your digital dustbins more or less at will.
IPCO did publish how it carries out its audits, which includes snap inspections; targeted, in-depth audits of specific spying operations; close looks at the public sector body's justification for spying; and looking at internal documents.