Hacking is bad, hacking is illegal - there's a host of legislation backing up this assertion from normal criminal law to very specific sections of the UK Computer Misuse Acts. Moving outside the UK there's plenty of European privacy legislation in place to prevent hacking of devices, computers and accessing people's data without their permission. In fact many people worried about privacy across the world deliberately use a British VPN in order to utilise this legislation.
However it appears in all this legislation there's a single loophole, a way that you can bypass all this legislation and do whatever you want to anything or anyone online. The solution is to work for GCHQ and then it appears that you'll have carte blanche to hack into computers, camera, phones, install malware and keyloggers and pretty much anything else you decide you must do to fight crime and terrorism.
Some people think this is wrong, and the campaigners at Privacy International have just completed a legal challenge of these practices to the Investigatory Powers Tribunal - read about it here. It's simply a complaint that the GCHQ shouldn't be allowed to act like some State sponsored hacking organisation at least whilst it's part of a country which is supposed to uphold principles of democracy, human rights and free speech.
There's plenty of evidence pointing that GCHQ has been involved in all sorts of covert surveillance and hacking. In fact they actually admitted that their agents hack all sorts of devices both within the UK and abroad during the hearings. Although they also stated that they have changed their working practices and now adhere to the new working practices published by the Home Office recently.
It seems not to matter as Privacy International asserted that "Hacking is one of the most intrusive surveillance capabilities available to intelligence agencies", or that until they were 'outed' by Edward Snowden and the like that the practices were denied. There was little talk of guidelines and codes of conduct before GCHQ were caught and it would be no real surprise if they simply pay lip service to the advisory documents.
The practice of the State routinely and legitimately being able to hack anything or anyone they like routinely is clearly very worrying. People's online privacy is being hugely impacted by the policy of simply trawling for criminals rather than specifically investigating and targeting wrong doers online. IT's hardly surprising that the more innocent people are being spied on the more difficult it will become, with many people actively using encryption or seeking to buy proxy or VPN servers to hide their online activity.
Phillip Hammond smugly announced that the laws and practices of the UK security and intelligence services have been scrutinised by an independent body and deemed to be lawful. However it is important to remember the denial of these initial practices by GCHQ and the very real threat that allowing a democratic state to legitimise the hacking of innocent people in order to fight terrorism.