Tag Archives: Surveillance

Research finds that ‘surveillance technologies yield neither the secure utopia nor the police state dystopia promised by their supporters’

Science Magazine published a piece today about the recent book by Keith Guzik, a sociologist at the University of Colorado Denver, “Making Things Stick: Surveillance Technologies and Mexico’s War on Crime”.

Guzik examines Mexico in order to understand how surveillance technologies impact security policy around the world. We could hardly find a more ‘spot on’ theme for general public policy these days.

With Mexico’s War on Crime as the backdrop, Making Things Stick offers an innovative analysis of how surveillance technologies impact governance in the global society. More than just tools to monitor ordinary people, surveillance technologies are imagined by government officials as a way to reform the national state by focusing on the material things—cellular phones, automobiles, human bodies—that can enable crime. In describing the challenges that the Mexican government has encountered in implementing this novel approach to social control, Keith Guzik presents surveillance technologies as a sign of state weakness rather than strength and as an opportunity for civic engagement rather than retreat.

The book is available under an Open Access license following this link: http://www.luminosoa.org/site/books/detail/12/making-things-stick/. Enjoy the read!

And this is the conclusion of the author, according to Science Mag:

“The failed experiment of the Mexican security programs demonstrates that state surveillance technologies yield neither the secure utopia nor the police state dystopia promised by their supporters and opponents“.

 

Advertisements

The Data Surveillance State in the US and Europe

by Joel Reidenberg

Abstract: 

The democracies on both sides of the Atlantic are trying to balance the legitimate needs of the law enforcement and intelligence communities to access online transactional data with the basic rights of citizens to be free from state intrusions on their privacy.
From the recent revelations of massive collection of telecommunications data by the US government to the disclosures of the UK tapping transatlantic telecommunications cables, and of the Swedish government’s warrantless wiretap rules, national data surveillance seems to have few boundaries that the law has effectively protected.
American law has generally focused on access restraints for government to obtain privately held information, ignored the collection and storage of data, and granted special privileges to national security actors. By contrast, Europe emphasizes rules related to the collection and retention of data and focuses less on due process obstacles for government access, while also giving government easier access for national security.
In each system, the elusive linkage between retention and access, the privatization of state surveillance activity, and flawed oversight for national security create extensive transparency of citizen’s data and undermine values of democracy including the presumption of innocence, the state’s monopoly on law enforcement, and the zone of individual freedom.
In effect, government data surveillance law in both Europe and the United States has reached a turning point for the future of information privacy online. Three proposals can help to secure privacy that is necessary to preserve democratic values: stricter retention limits must be combined with stronger access controls; government access to personal information must be logged and transparent to citizens; and government officials must be personally liable for over-reaching behavior.

Wake Forest Law Review forthcoming

Full-text paper (draft) HERE.

Why be upset?! National security exemptions for personal data processing are all over the EU data protection legal framework

The Rapporteur for the EU Data Protection Regulation in the European Parliament, MEP Jan Philipp Albrecht, relesead today a concise and clear opinion on the link between US Surveillance leaks and the ongoing reform process of the EU data protection reform.

Among other comments, he also underlined that “The leaks hit the public in the middle of ongoing negotiations and debates in the European Parliament on the Data Protection Regulation. The draft of this regulation, sent in November 2011 by Justice Commissioner Viviane Reding to her colleagues, already contained a provision that would make it a condition for the disclosure of user data to authorities in third countries to have a legal foundation such as a mutual legal assistance agreement and an authorisation by the competent data protection authority.This Article disappeared after strong lobbying from the US administration, and only a very weak Recital remained.” Which is a valid point. You can read all of his statement HERE.

My problem with this debate in general is that, legally speaking, if the state in this mass surveillance revelations were a EU member state, and not the US, we (EU citizens) could have little to argue against it based on current (and future, for that matter) EU law. Article 3(2) of Directive 95/46 on the protection of personal data states that:

2. This Directive shall not apply to the processing of personal data:

– in the course of an activity which falls outside the scope of Community law, such as those provided for by Titles V and VI of the Treaty on European Union and in any case to processing operations concerning public security, defence, State security (including the economic well-being of the State when the processing operation relates to State security matters) and the activities of the State in areas of criminal law.

A similar provision exists in the proposed draft Regulation, at art. 2:

This Regulation does not apply to the processing of personal data:
(a) in the course of an activity which falls outside the scope of Union law, in particular concerning national security;

You could argue that Directive 95/46 is the framework Directive (applying only on matters which used to fall under the former first pillar of the communities) and that in criminal law matters (the former third pillar) the current EU legal framework is defined by Council Framework Decision 2008/977/JHA. And indeed this is true. However, the material scope of the Decision is defined as follows, in art. 1:

4. This Framework Decision is without prejudice to essential national security interests and specific intelligence activities in the field of national security.

And if you think that in the proposed directive for data processing in criminal matters, which will replace the framework decision, the national security rule is sweetened in favor of the data subject with additional safeguards, think again (and read art. 2):

3.           This Directive shall not apply to the processing of personal data:

(a)     in the course of an activity which falls outside the scope of Union law, in particular concerning national security;

But, you would say, these are only secondary sources of EU law. We could look higher for protection. We have a fundamental right to private life and a fundamental right to the protection of personal data, guaranteed in the European Charter of Fundamental Rights, which from December 1, 2009, has binding effect on the EU Member States. That is also true. However, the scope of the Charter, according to art. 51, is limited to situations in which Member States are implementing Union law (such as transposing a directive, applying the resulted national law, or applying a regulation). Moreover, to make things clearer,  art. 51(2) provides that “this Charter does not establish any new power or task for the Community or the Union, or modify powers and tasks defined by the Treaties”. And national security measures of a Member State are definitely outside the powers of the EU. So, even if the institutional system of the EU goes upside down and we would be able to file complaints directly to the Court of Justice of the European Union, as individuals, the Court would have little to say about the conformity of such surveillance practices with the Charter.

What to do then? We should leave the EU system of protection and look towards the one created by the Council of Europe. Article 8 of the European Convention on Human Rights protects the right to respect for private life. However, Article 8(2) states that:

There shall be no interference by a public authority with the exercise of this right except such as is in accordance with the law and is necessary in a democratic society in the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of the rights and freedoms of others.”

The national security exemption, all over again. But don’t get too disappointed. The ECHR, at least from what I’ve read in their up to date case-law on Article 8, would never find mass surveillance a proportionate measure, and hence would never declare it as necessary in a democratic society. In fact, there are several decisions made by the ECHR against CoE member states in the context of their intelligence activity and its clash with art. 8 of the Convention (see, for instance, Rotaru v. Romania).

Great. But how could you get your case in front of the ECHR? First, you would have to file a complaint against the institution which breaches your fundamental right to private life in one of your national courts, basing your claim in a national provision. Only if your national court does not give a favorable decision, and after that you exhaust all the national judicial review possibilities, you would be able to go to the ECHR and complain that your state has not respected your fundamental right to private life. If the ECHR finds in your favor, then you would probably be compensated with an amount of money (which usually does not exceed 10.000 euro). But that would only be your individual case. There are no class cases before the ECHR. And there is no competence of the ECHR to invalidate a national law. A change in the national law could happen only if the state will want to make it. Thus, it is difficult to predict whether it would happen or not. And the whole process I described usually lasts several years (4-5-6). 

Oh, remember, the whole analysis from above was made considering the state with mass surveillance habits is a member of EU and a member of CoE! If it is a third country and if it operates trough legal persons under its own jurisdiction and while only your data find themselves in an extraterritorial position, then, legally speaking, your actual actions are most likely “frozen”.  {This is why clouds must be approached by themselves, from a regulatory perspective, establishing their own architecture as a territory to be subject to a certain law. But even if such an idealistic thing would happen, national security (just like that, without further safeguards or proportionality provisions) is always an exception. The analysis we went through together showed that this kind of mass surveillance can be sanctioned only for not being proportional with the aim it pursues. But for that to happen, we would need a court to decide so. A recognized court by all the parties involved, which can make enforceable decisions in such a context. Global governance sounds all of a sudden more interesting and ever closer to you, doesn’t it?}

A comment

It is important to note that the national security exemptions in data protection law, as long as the intrusions are proportionate and necessary in a democratic society, are accepted by the people as part of their social contract with their state. What makes the people (at least in Europe) uncomfortable about the whole Prism story is that the processing of their data under the national security exemption is performed by a state with whom they do not have a social contract. What are they getting back in exchange for their privacy? They look at their “states” for protection (by which I mean the national state and EU), but which are the mechanisms for their states to afford such a protection in the international law paradigm?

Conclusion? 

Should the national security exemption be reconsidered, especially with regard to surveillance? Should it be made subject to safeguards such as proportionality embedded in the law? Is that too dangerous? Or is that necessary to protect personal freedom? Should such rules be constitutionalized? And if so, at what level should them be constitutionalized? And which court or which other mechanism should safeguard its “constitutionality”? I think this can be the effective part of the debate we should have after the recent developments. And we should also work on finding better questions to answer within this debate.

(Source of the photo: http://3.bp.blogspot.com)

Privacy International: Human rights organisations file formal complaints against surveillance firms Gamma International and Trovicor with British and German governments

Privacy International, Press release:

Privacy International, the European Center for Constitutional and Human Rights, the Bahrain Center for Human Rights, Bahrain Watch and Reporters without Borders filed formal complaints with the Organisation for Economic Cooperation and Development (OECD) in the UK and Germany against two surveillance companies on Friay 1st February. The British and German National Contact Points are being asked to investigate Gamma Internationaland Trovicor respectively with regards to both companies’ potential complicity in serious human rights abuses in Bahrain.

The complainants argue that there are grounds to investigate whether surveillance products and services provided by Gamma International and Trovicor have been instrumental in multiple human rights abuses in Bahrain, including arbitrary detention and torture, as well as violations of the right to privacy, freedom of expression and freedom of association. They allege that there is evidence that information gathered from intercepted phone and internet communications may have been used to systematically detain and torture political dissidents and activists and to extort confessions from them. If the allegations are upheld, the companies are likely to be found to be in breach of the OECD Guidelines for Multinational Enterprises, recommendations addressed by governments to multinational enterprises that set out principles and standards for responsible business conduct.

The UK’s NCP is based at the Department for Business Innovation and Skills and the German NCP is based at the Federal Ministry of Economics and Technology. If the NCPs accept the complaints against Gamma and Trovicor, they will then:

  • investigate the extent of the defendants’ complicity in human rights abuses in Bahrain;
  • mediate between complainants and defendants;
  • issue final statements on whether OECD Guidelines have in fact been breached;
  • provide recommendations to the defendants on how to avoid further breaches; and
  • follow up in order to ensure that they comply with those recommendations.

Big Brother is getting bigger

Big Brother is getting bigger and bigger. I bet Orwell’s self esteem would have had a boost if he were to live today. The guy truly was a visionary.

The Economist writes about the several techniques of surveillance and face recognition functioning today and reading about them can bring chills on one’s spine.

“As for businesses, Quividi, a French marketer, can measure the age and gender of passers-by who linger at an advert; advertisers vary their offerings based on who is looking. A service called SceneTap gives similar information on the crowd in Chicago bars. The smiles of employees at Keihin Electric Express Railway in Japan are assessed by computer. Facebook, a social network, recognises uploaded photos. The latest smartphones can spot their users.”

But the thing is governments are more and more interested in using these technologies. Read the whole report HERE.

Embrace your surveilled persona

 

 

 

 

Source: /www.adcet.edu.au

I’ve made a note a few days ago about an article I stumbled upon, which is called “Should we do away with privacy?”, so I decided to finally post about it. Its main idea is that the surveillance society reached a point in which, in order to be free, the individual should embrace his surveilled persona.

The basic line is stop fighting the process of giving up your privacy and start using in your favor the results of you being watched and transformed in data.

This idea is very interesting. I am currently writing a paper about how literature anticipated the emergence of the surveillance society and I’ve been reading a lot about this topic. I strongly feel that there is no way of putting an end to the surveillance society, no way of tempering it and it occurred to me that, possibly, the emergence of the surveillance society is as natural as the evolution of humankind.

Cindy Gallop’s idea is that “If you identify exactly who you are and what you stand for, what you believe in, what you value, and if you then only ever behave, act and communicate in a way that is true to you, then you never have to worry about where anybody comes across you or what you’re found doing.

Now, this is something to think about. As far as the social reality goes, this statement cannot be countered. As far as the philosophy of human rights goes, it is obvious that such an attitude would be exactly what Bentham was looking for in his Panopticon theory: correct behaviors due to permanent surveillance. The discussion can be endless, and it doesn’t suit a blog. Therefore, I invite you to read the article and make your own opinion about it:

 

 

http://www.bbc.co.uk/news/magazine-15167917

DC Circuit Court Grants Access to Cell Phone Surveillance Records

epic.org writes that The Circuit Court for the District of Columbia has ruled that the Department of Justice must release information regarding government surveillance of cell phone location data.

Photo Source: http://cdn.techpp.com

The American Civil Liberties Union had filed a Freedom of Information Act request for information regarding current and past cases where the Department of Justice had accessed cell phone location data without a warrant.

The agency sought to keep this information secret, claiming that releasing cell phone tracking data could implicate privacy of investigation subjects.

The court, however, disagreed, stating, “The disclosure sought by the plaintiffs would inform this ongoing public policy discussion by shedding light on the scope and effectiveness of cell phone tracking as a law enforcement tool.”

I can only observe that data protection and privacy advocates start to be seriously taken into account.

Gallery

I'll be watching you

This gallery contains 1 photos.

Photo source: http://cube.soup.io/post/155436349/Image