Privacy International and others v United Kingdom: Hacking Admissibility Decision and the Risk of ‘Deference Ping Pong’

By Daniella Lock (Doctoral Candidate and Teaching Fellow, UCL Faculty of Laws, University College London)

Last month, the European Court of Human Rights (ECtHR) handed down a decision that the application regarding the compatibility of the exercise of UK hacking powers made in Privacy International and others v United Kingdom was inadmissible. This was on the basis that the applicants had not exhausted domestic remedies. The Court reached this conclusion despite a case having been brought to the UK Investigatory Powers Tribunal (IPT), in Privacy International and Greennet v Secretary of State for Foreign and Commonwealth Affairs and ors, and a fifty-six page judgment being issued on the lawfulness of hacking (referred to ‘Computer Network Exploitation’ or CNE). This post sets out the reasoning of the Court and argues that while the decision itself is understandable, the reasoning underpinning it risks creating a process of ‘deference ping pong’. Deference ping pong – an ingenious phrase gratefully borrowed from Professor Colm O’Cinneide after a discussion on this issue – refers to a process by which the domestic courts and Strasbourg repeatedly defer to each other on key issues, usually with the consequence that substantive scrutiny of the state is ultimately avoided.

Continue reading