Who'd have thought? The man the prime minister appointed to assess the work of his spying agencies says everything is absolutely fine.
The interception of communications commissioner, Anthony May, published his annual report this lunchtime. The take-home summary? Nothing to see here. Move along.
The report says:
"Public authorities do not misuse their powers under Ripa [Regulatory and Investigatory Powers Act] to engage in random mass intrusion into the private affairs of law abiding UK citizens. It would be comprehensively unlawful if they did.
"The commissioner is clear that any member of the public who does not associate with potential terrorists, serious criminals or individuals who are potentially involved in actions which could raise national security issues for the UK can be assured that none of the interception agencies which he inspects has the slightest interest in examining their emails, their phone or postal communications or their use of the internet."
There's no mention of the fact GCHQ harvests millions of images of people on their webcams, a large minority of which showed them naked.
There's no mention of the internal NSA presentation which showed GCHQ using a Google tracking cookie to identify targets for "remote exploitation".
There's no mention of the fact GCHQ tasked intelligence operatives to monitor in-game communications between people playing World of Warcraft, or monitored the bookings systems of luxury hotels worldwide, or went to extraordinary lengths to make sure its use of intercept evidence never became public.
For all that, May's report states there were just 514,608 approved authorisations and notices for communications data.
May stands by his independence and the seriousness with which he approached the task, but you can find a trace of frustration when he says "the report is as detailed and open as I have been able to make it".
He cites the "unreliability and inadequacy of the statistical requirements". But the truth is all the serious stuff is happening without authorisation at all, or at least not the sort of Ripa authorisation which can be made public.
Plainly he does not have the access to the sort of information which would allow him to fulfil his functions.
The approach is different at the European level, where many countries have a fresh memory of surveillance.
This morning, the European Court of Justice declared the data retention directive - an EU law requiring telecoms firms to store citizens' communications data for up to two years - to be invalid.
The judgement reads:
"The court observes first of all that the data to be retained make it possible, in particular, (1) to know the identity of the person with whom a subscriber or registered user has communicated and by what means, (2) to identify the time of the communication as well as the place from which that communication took place and (3) to know the frequency of the communications of the subscriber or registered user with certain persons during a given period.
"Those data, taken as a whole, may provide very precise information on the private lives of the persons whose data are retained, such as the habits of everyday life, permanent or temporary places of residence, daily or other movements, activities carried out, social relationships and the social environments frequented."
In Europe and the US they are taking their citizens' privacy seriously. In Britain we just cover our head with the blanket and go back to sleep.