The Privacy International, an international NGO, published a press release stating that the UK’s intelligence agency, MI5, has admitted unlawfully collecting and examining private data from the Privacy International or their staff members through two of their surveillance programmes, Bulk Communications Data (BCD) and Bulk Personal Datasets (BPD). Privacy International’s executive director, Gus Hosein, sent a letter to the Home Secretary and Investigatory Powers Tribunal (IPT), expressing concern and requesting urgent action over the documents revealed during the course of Privacy International’s challenge to the BPD and BCD powers, which show that Privacy International was part of MI5's investigations because its data was part of the UK intelligence agencies vast databases. The case is currently pending before the IPT. In the letter, the NGO also asks about the changes to be made in the Investigatory Powers Act, the so-called Snoopers’ Charter, provisions as a result of the recent ECHR judgment.
Privacy and data protection are two interrelated Internet governance issues. Data protection is a legal mechanism that ensures privacy. Privacy is usually defined as the right of any citizen to control their own personal information and to decide about it (to disclose information or not). Privacy is a fundamental human right. It is recognised in the Universal Declaration of Human Rights, the International Covenant on Civil and Political Rights, and in many other international and regional human rights conventions. The July 2015 appointment of the first UN Special Rapporteur on the Right to Privacy in the Digital Age reflects the rising importance of privacy in global digital policy, and the recognition of the need to address privacy rights issues the the global, as well as national levels.