Link

Emergency surveillance bill clears Commons

Emergency surveillance bill clears Commons:

This ‘emergency’ follows the European Court of of Justice finding that mass data retention laws in Europe are illegal. In response, the UK government is passing a localized data retention and surveillance bill.

Significantly, the government has stated that:

The government has insisted the ruling throws into doubt existing regulations, meaning communications companies could begin deleting vital data. Ministers claim the bill only reinforces the status quo and does not create new powers.

At issue is that the existing status quo has been deemed illegal. And yet, in response, Parliament has decided to pass more – still illegal – legislation. And so civil liberties groups will bring this into court, spend years fighting, only to have the legislation overturned. And after which, government will likely pass similar, still illegal, legislation. And the wheel of politics will turn on and on and on…

Quote

At a more domestic level, UK communications providers are worried that they could be exposed to legal action because of the unlawful mass surveillance that they were party to – even though on the whole they wanted no part of it.

Well, more precisely, many comms providers wanted no part of it unless the government picked up all the costs (older readers familiar with US law may recall the CALEA legislation that forced communications companies to make their technology wiretap friendly – with much the same response from companies).

There is a view that if the liability for unlawful surveillance rested entirely with the government, there would be no appetite for this legislation. Britain long ago elevated its institutional vandalism of EU legal rights from a science to an art, and then to a sport.

* Simon Davies, “ Britain takes the Uganda Road to legalise and extend state surveillance”
Quote

In the UK, the public, press, and politicians vigorously debated the Communications Data Bill, a law that would require ISPs and telecommunications providers to keep metadata records for 12 months (as of this writing, the bill has been withdrawn). The US had no discussion of such a bill; something more draconian simply happened through a secret interpretation of the law.

* Susan Landau, “Making Sense from Snowden
Quote

Although some of the core supporters of that group are prone to violence and criminal behaviour, Catt has never been convicted of criminal conduct in connections to the demonstrations he attended. Nonetheless, Catt’s personal information was held on the National Domestic Extremism Database that is maintained by the National Public Order Intelligence Unit. The information held on him included his name, age, description of his appearance and his history of attending political demonstrations. The police had retained a photograph of Mr Catt but it had been destroyed since it was deemed to be unnecessary. The information was accessible to members of the police who engage in investigations on “Smash EDO”.

In the ruling the Court of Appeal departs from earlier judgments by mentioning that the “reasonable expectation of privacy” is not the only factor to take into account in determining whether an individual’s Article 8 (1) right has been infringed. In surveying ECtHR case law, the Court noted that it is also important to check whether personal data has been subjected to systematic processing and if it is entered in a database. The rationale to include consideration of the latter two categories is that in this way authorities can recover information by reference to a particular person. Therefore, “the processing and retention of even publicly available information may involve an interference with the subject’s article 8 rights.” Since in the case of Catt, personal data was retained and ready to be processed, the Court found a violation of Article 8 (1) that requires justification.

The removal of Mr. Catt’s data from these databases is a significant victory for him and all those involved in fighting for citizens’ rights. However, the case acts as a clear lens through which we can see how certain facets of the state are actively involved in pseudo-criminalizing dissent: you’re welcome to say or do anything, so long as you’re prepared to be placed under perpetual state suspicion.

Link

This is not surveillance as we know it: the anatomy of Facebook messages

There are a lot of issues related to ‘wiretapping the Internet.’ A post from Privacy International, from 2012, nicely details the amount of metadata and data fields linked with just a Facebook message and the challenges in ‘just’ picking out certain fields from large lists.

As the organization notes:

Fundamentally, the whole of the request to the Facebook page must be read, at which point the type of message is known, and only then can the technology pretend it didn’t see the earlier parts. Whether this information is kept is often dismissed as “technical detail”, but in fact it is the fundamental point.

We should be vary of government harvesting large amounts of data and then promising to dispose of it; while such actions could be performed, initially, once the data is potentially accessible the laws to legitimize its capture, retention, storage, and processing will almost certainly follow.

Quote

At least Britain sort of got it half right. There, to make life easier for stores selling age-restricted items there’s a “Challenge 21″ programme, so anyone looking 21 or under is asked for ID, even if the products are restricted to over-18s. Tesco and other large chain stores championed a “Challenge 25″ programme just in case someone slipped through the net. Finally some idiot in the seaside resort of Blackpool came up with the idea of “Challenge 30″, which is roundly lambasted across Britain.

But at least these outlets demand high-integrity forms of ID such as driving licences. In the US you can show a picture of your dog pasted on the back of a chocolate biscuit and they’re likely to accept it.

That’s because no-one really knows why they are asking for ID in the first place, and no-one up the chain tells them – mainly because they don’t know either. Everyone just goes through the motions. There’s no way to verify the validity of ID, so everyone just plods along with the security theatre.

Quote

The [intelligence] professionals’ task is therefore to keep judgements anchored to what the intelligence actually reveals (or does not reveal) and keep in check any predisposition of policy-makers to pontificate … of trying to make nasty facts go away by the magical process of emitting loud noises in the opposite direction.

* Sir David Omand, “Reflections on Secret Intelligence”
Link

Former GCHQ Head Calls for Greater Social Media Surveillance

There genuinely are bad people in the world, individuals and agents who largely exist to cause serious harm to citizens around the world in democratic states. These individuals cannot, however, be permitted to destabilize an entire population nor operate as reasons for totalizing mass surveillance. In the UK an incredibly senior and prominent security and intelligence expert, Sir David Omand, has nevertheless called for the following:

In a series of recommendations to the government, Sir David – the Cabinet Office’s former Security and Intelligence co-ordinator – said out-dated legislation needed to be reformed to ensure an ethical and legal framework for such intelligence gathering, which was clear and transparent.

The report recommends that social media should be divided into two categories, the first being open source information which public bodies could monitor to improve services while not identifying individuals without permission.

On the more contentious category of monitoring private social media, Sir David said it needed to be properly authorised – including the need for warrants when it was considered “genuine intrusion” –  only used as a last resort when there was substantial cause and with regard to “collateral damage” to any innocent people who might have been in contact with a suspect.

It must repeatedly, and emphatically, be stated that ‘transparency’ in the intelligence world does not mean that citizens will actually know how collected data is used. Neither does codifying surveillance practices in law minimize citizens’ concerns around surveillance. No, it instead operates as a legal shield that protects those engaged in oft-times secretive actions that are inappropriately harmful to innocent citizens. Such changes in law must be incredibly carefully examined by the public and opposed or curtailed whenever there is even the slightest possibility of abuse or infringement of citizens’ reasonable normative expectations of privacy from state intrusion and surveillance.

The Nature of UK Rendition Processes

The Guardian has an excellent bit of coverage on UK-led rendition practices. These practices entailed collaborating with Libya and China to turn over members of the Libyan Islamic Fighting Group, an anti-Gaddafi organization. Ian Cobain, the journalist, precisely notes the kinds of experiences that UK and American agents subjected members of the organization to during their capture and transit to Libya.

It’s a harrowing read, but important, as it details the significance and associated dangers of the state’s secret extension of powers. It also recognizes that states will ‘turn’ on individuals and groups that they had once supported on the basis of building economic relations with a new ‘friend’. Perhaps most ominously, the article outlines how the secret court processes – where neither the accused nor their counsel are permitted to view or argue about evidence against the accused – have had their rulings ignored. Even the judges in these secret cases cannot impose their power on the state, indicating that arms of the government are entirely divorced from the accountability required for democratic institutions to (normatively) survive.

The only way to stop these kinds of practices is for the public to stop quietly ignoring the erosion of their democracies, civil liberties, and basic freedoms. It remains unclear how this can be done, but given the expansion of the state’s perception of its executive powers, it is imperative that citizens vigorously and actively begin protecting their democracies before the last shreds of democracy are truly lost.

On Cell Phone Bill Comparisons

Canadians often state that they are hurt by high cell phone bills and point to other jurisdictions to insist that other markets enjoy far lower prices. With cost concerns in mind, I suspect we’ll soon see reporting that, on T-Mobile’s UK network, customers can get unlimited Internet access, texts, and calls between T-Mobile users and 2000 minutes to talk with other, non-T-Mobile, customers for just under $57/month.

It should be noted, of course, that ‘unlimited Internet access’ under most T-Mobile plans is quite limited: 500MB of streaming content and upload/downloads of files are included, though browsing, social media (barring uploads and downloads of files), and email is (more or less) ‘unlimited.’

While costs are arguably higher in Canada, doing a close comparative analysis to divine cost structures across jurisdictions is fraught with difficulties, especially when quality of the network and their relative speeds are taken into consideration as well. Still, I’d love to see a default in Canada where long distance across Canada vanishes and basics like voice mail and call display are free to each and every plan. That I pay for such basic services is absolutely shameful and not something you routinely see in the US and UK.