Seven telecoms companies, including BT and Vodafone, are facing legal action under the Human Rights Act, for allowing GCHQ to tap their undersea fibre optic cables for citizens' private data.
Privacy International has sent letters to the companies asking for further details about their involvement, and has warned them they face being added to action it is already bringing against GCHQ over its involvement in the Prism spying scandal.
The Prism data hoovering operation is controlled by the US National Security Agency, and GCHQ is said to have accessed the data gleaned from it for security reports. Prism came to light from documents leaked by former US security contractor Edward Snowden - now granted political asylum in Russia.
Last week Germany’s Suddeutsche Zeitung newspaper published the identities of the companies providing GCHQ with access to their undersea fibre optic cables, as part of GCHQ's "Tempora" spying programme. They were named as BT, Verizon Business, Vodafone Cable, Level 3, Global Crossing (now owned by Level 3), Viatel and Interoute.
Until last week the companies involved had not been named and had been given codenames by GCHQ, although any telecoms and/or security watcher would have assumed the likes of BT and other prominent undersea cable firms would have allowed access to the security services when asked to do so.
A condition in their licenses is said to allow the government to get access to their cables and other equipment under certain conditions.
In a "pre-action letter" issued to the companies, Privacy International demands the companies provide details on their relationship with GCHQ. This includes outlining company policies for assessing the lawfulness of government requests, and describing any requests they received from authorities to intercept information, any steps taken to oppose or resist such orders, and the amount they have been paid for their cooperation with governments.
Eric King, head of research at Privacy International, said: "Tempora would not have been possible without the complicity of these undersea cable providers. Despite the companies' obligation to respect human rights standards, particularly when governments seek to violate them, spy agencies are being allowed to conduct mass surveillance on their systems.
"Human rights obligations are especially important when the government requests are made without public scrutiny, and are governed by secret law. These companies are the last line of defence for customers against the government's intrusion into our private lives."
He said: "What the public deserve to know is this: To what extent are companies cooperating with disproportionate intelligence gathering, and are they doing anything to protect our right to privacy?"
Privacy International argues that telecoms companies have a human rights obligation, under Article 8 of the European Convention on Human Rights, to take reasonable steps to protect customers’ privacy, including from intrusion by governments.
"By complying with government requests, companies are unlawfully participating in mass and indiscriminate surveillance and are in breach of Article 8,” said Privacy International.
In July, Privacy International brought a claim in the Investigatory Powers Tribunal (IPT), challenging Tempora and GCHQ's access to the Prism programme.
"Unless the companies provide a satisfactory response, Privacy International will be adding them as respondents to its IPT claim," it said.
For their part, when their identities were made public in relation to Tempora, a number of the telecoms companies last week said they complied with all UK and international laws when it came to data protection.