This session started with an attack on F-Secure, one of the conference sponsors for over-promising on their adverts and then looked at the difference in response to the Snowden leaks between the US, UK and the rest of the EU. In the US, they are beginning to win the right to publish transparency reports even in the light of super-injunctions and while the so called Freedom Bill has hit a road block, US legislators on the whole are responding to the Snowden leaks by re-establishing citizen’s (constitutional) rights. The problem for the rest of the world is that the US Constitution only protects citizens and that excludes a lot of the US Datenkraken’s customers.
Tag Archives: surveillance - Page 2
I have finally been published on my employer’s web site blog. The article, Conflicting Data Requirements: Privacy versus Transparency looks at the countervailing tendencies by governments legislating for citizen privacy and tax transparency. The article concludes with a series of technical challenges to meet the needs of both political initiatives. The article was syndicated on the Tabb Forum, and you can read that here. The article was originally provoked by a Gartner Press Release which suggests that location and the need for specific jurisdictional compliance will reduce as costs and
Off to the International Anthony Burgess Museum for the Don’t Spy on Us fringe meeting on Privacy. The speakers were Ewan Macaskill of the Guardian, Carley Nyst of Privacy International, Claude Moraes MEP, Jim Killock of the ORG and chaired by Mike Harris of #dontspyonus. The first speaker was Ewan Macaskill who started by saying he’s glad they i.e. the spooks are there, but like me in fact, supposed that they were targeting maybe 5-15% of the population which would be say 400,000 people. What is shocking is the ambition, to spy on everyone who uses the internet. The fact they’re aiming at everyone, including lawyers and doctors is worrying to say the least.
I and others have written about the spy’s pursuit of meta data. It’s not a problem, it’s not the content you know. This is an image from voice comms; once known as telephone conversations. If you believe this, I suggest you watch “The Wire”. Meta data means “about data”, and consists of the from where, to whom, at what time. With mobile phones, your location can be tracked whether making a call or not. This is meant to be fine, because they don’t review content, i.e. what was said; so that’s OK then. However, the spies think that meta data is the person. An important and wilfully forgotten fact is that with email you can’t separate meta data from content. With web mail, the real meta data is all about the mail provider and maybe the mail client, which is a piece of software; again the meta data they want doesn’t exist as meta data, it is content!
The debate continues. The Government and some on Labour’s front bench insist it’s not an extension of powers. The point at detail is whether their new definition of “telecommunication service” extends legitimate targets for warrants beyond that which it was previously understood be, to include webmail providers such as Google. It is clear that the new law extends the ability to issue warrants to overseas entities such as Facebook. I thought they were tapping email at the ISP’s mail forwarding queues so why they need this is unclear. The Tories insist it’s not an extension, it merely restates the status quo; but since they think that what GCHQ have been doing is legal then taking the opportunity to clarify the grey areas is not a problem to them. What troubles me is the ease with which the Labour & LibDem front benches agreed.
The Court of Justice of the European Union has declared the blanket retention of data by the ISPs to be illegal. The status quo is thus illegal, even if GCHQ were behaving inside the rules set down by RIPA, which we will discover when it gets to court. The Tories and securocrats should note that their idea that it ain’t surveillance if it’s not seen by people is controversial; it is not an agreed truth. Is this just another securocrat stampede as was the Official Secrets Act, RIPA & the Prevention of Terrorism Act or is there a specific fear? Is it the US use of British intelligence to target drone strikes? And what happened to the legality of spying in the economic interests of the British economy? Did that stay in?
Better change that then! In April, the Court of Justice of the EU, ruled that its 2004 Data Retention Directive mandating Information System Services Providers to store all their records for 12 months was declared incompatible with the EU’s Fundamental Charter of [Citizen’s] Rights. It and all the national laws implementing the Directive need to be reviewed to see if they remain legal. Last week, the Government announced that it planned to introduce new laws to plug the gap. This is to be called the Data Retention and Investigatory Powers Bill/Act. (DRIP) which they plan to pass in less than ½ a week using emergency provisions and the agreement of the Labour front bench.
How awesome! The US Military having already made Batman’s surveillance machine, is now looking to recreate Iron Man.
At Don’t Spy on Us’ Day of Action, I attended the seminar/panel “Changing the Law to uphold our privacy”. Amongst the speakers were Ross Anderson, Claude Moraes and Mark Stephens. Ross Anderson works at the University of Cambridge, where he is Professor of Security Engineering. He blogs at “Light Blue Touchpaper”. To me the most memorable contribution, was from Anderson, where he shared his views developed while researching and writing his paper, “Privacy versus government surveillance: where network effects meet public choice”.
The European Parliament, last Wednesday voted on a resolution coming from its Civil Liberties committee which determines the European Parliament’s response to the NSA’s democratic over reach. As Glyn Moody points out in his Techdirt article, in order to become binding, it will need to be agreed by the Council of Ministers where their votes are directed by the Governments of the EU member states.
I have just spent the evening at the London #Cryptoparty, called on #thedaywefightback. The night was originally planned as an ORG planned Cryptoparty, an un-seminar on how to use your computer and the internet safely and minimize your chances of being spied upon, but the campaign, “Don’t Spy On Us” has been launched by English Pen, the Open Rights Group, Liberty, Article 19, Privacy International and Big Brother Watch. The campaign watchword is their 1st principle, “No surveillance without suspicion”.
Parliament’s All Party Parliamentary Group on Drones, chaired by Tom Watson MP as received QC’s advice on the legality of British Intelligence’s mass surveillance, reported here in the Guardian and the lawyer says the programmes are probably illegal and that any warrants signed by politicians will be in breach of UK Law, the European Convention on Human Rights (ECHR) and the EU Acquis. Watson points at this article from his blog here. The legal justification is based on RIPA, the Regulation of Investigatory Powers Act and Jemima Stanford QC states that it is not fit for purpose given the changes in technology in the last 10 years.