Liberty News

 2012: July-Sept



  Clean IT...

Leak shows plans for large-scale, undemocratic surveillance of all communications


Link Here 25th September 2012

clean it project logo A leaked document from the CleanIT project shows just how far internal discussions in that initiative have drifted away from its publicly stated aims, as well as the most fundamental legal rules that underpin European democracy and the rule of law.

The European Commission-funded CleanIT project claims that it wants to fight terrorism through voluntary self-regulatory measures that defends the rule of law.

The initial meetings of the initiative, with their directionless and ill-informed discussions about doing something to solve unidentified online terrorist problems were mainly attended by filtering companies, who saw an interesting business opportunity. Their work has paid off, with numerous proposals for filtering by companies and governments, proposals for liability in case sufficiently intrusive filtering is not used, and calls for increased funding by governments of new filtering technologies.

The leaked document contradicts a letter sent from CleanIT Coordinator But Klaasen to Dutch NGO Bits of Freedom in April of this year, which explained that the project would first identify problems before making policy proposals. The promise to defend the rule of law has been abandoned. There appears never to have been a plan to identify a specific problem to be solved – instead the initiative has become little more than a protection racket (use filtering or be held liable for terrorist offences) for the online security industry.

CleanIT wants binding engagements from internet companies to carry out surveillance, to block and to filter (albeit only at end user - meaning local network - level). It wants a network of trusted online informants and, contrary to everything that they have ever said, they also want new, stricter legislation from Member States.

CleanIT (terrorism), financed by DG Home Affairs of the European Commission is duplicating much of the work of the CEO Coalition (child protection), which is financed by DG Communications Networks of the European Commission. Both are, independently and without coordination, developing policies on issues such as reporting buttons and flagging of possibly illegal material. Both CleanIT and the CEO Coalition are duplicating each other's work on creating voluntary rules for notification and removal of possibly illegal content and are jointly duplicating the evidence-based policy work being done by DG Internal Market of the European Commission, which recently completed a consultation on this subject. Both have also been discussing upload filtering, to monitor all content being put online by European citizens.

Key measures being proposed:

  • Removal of any legislation preventing filtering/surveillance of employees' Internet connections
  • Law enforcement authorities should be able to have content removed without following the more labour-intensive and formal procedures for 'notice and action'
  • Knowingly providing links to terrorist content (the draft does not refer to content which has been ruled to be illegal by a court, but undefined terrorist content in general) will be an offence just like the terrorist
  • Legal underpinning of real name rules to prevent anonymous use of online services
  • ISPs to be held liable for not making reasonable efforts to use technological surveillance to identify (undefined) terrorist use of the Internet
  • Companies providing end-user filtering systems and their customers should be liable for failing to report illegal activity identified by the filter
  • Customers should also be held liable for knowingly sending a report of content which is not illegal
  • Governments should use the helpfulness of ISPs as a criterion for awarding public contracts
  • The proposal on blocking lists contradict each other, on the one hand providing comprehensive details for each piece of illegal content and judicial references, but then saying that the owner can appeal (although if there was already a judicial ruling, the legal process would already have been at an end) and that filtering such be based on the output of the proposed content regulation body, the European Advisory Foundation
  • Blocking or warning systems should be implemented by social media platforms -- somehow it will be both illegal to provide (undefined) Internet services to terrorist persons and legal to knowingly provide access to illegal content, while warning the end-user that they are accessing illegal content
  • The anonymity of individuals reporting (possibly) illegal content must be preserved... yet their IP address must be logged to permit them to be prosecuted if it is suspected that they are reporting legal content deliberately and to permit reliable informants' reports to be processed more quickly
  • Companies should implement upload filters to monitor uploaded content to make sure that content that is removed -- or content that is similar to what is removed -- is not re-uploaded
  • It proposes that content should not be removed in all cases but blocked (i.e. make inaccessible by the hosting provider -- not blocked in the access provider sense) and, in other cases, left available online but with the domain name removed.

 

 Offsite Article: Keeping the Government Out of Your Smartphone...


Link Here 19th September 2012
Smartphones are packed with private information. Unsurprisingly, law enforcement agencies now routinely seize and search phones. This occurs at traffic stops, during home or office raids, and during stops at the border.

See article from aclu.org

 

 Update: The UK is the New Iran...

Wikipedia founder criticises the government's Snooper's Charter


Link Here 6th September 2012

Wikipedia logo Jimmy Wales, the founder of Wikipedia, has sharply criticised the government's snooper's charter , designed to track internet, text and email use of all British citizens, as technologically incompetent .

He said Wikipedia would move to encrypt all its connections with Britain if UK ISPs were mandated by the government to keep track of every single page accessed by UK citizens.

The entrepreneur said he was confident there would be a general move to encryption across the internet if British-based communication service providers were required to collect and store data for 12 months from overseas companies, such as Google and Facebook, for possible access by the police and security services.

He said the British government would have to resort to the black arts of hacking to break encryptions: It is not the sort of thing I'd expect from a western democracy. It is the kind of thing I would expect from the Iranians or the Chinese and it would be detected immediately by the internet industry, he told MPs and peers.

 

 Offsite Article: This is not surveillance as we know it...


Link Here 31st August 2012
The anatomy of Facebook messages. Will the government peek at the message data that it has to decode to get at the recipient data that it claims it needs?

See article from privacyinternational.org

 

 Update: A Legacy of Suspicion...

Big Brother Watch publishes report on a decade of council snooping


Link Here 23rd August 2012  full story: Council Snooping...Concil snooping for trivial reasons

legacy of suspicion The latest Big Brother Watch report, A legacy of surveillance , looks at how the Regulation of Investigatory Powers Act has been used by both local and public authorities in recent years.

A decade on and more than three million authorisations later, Big Brother Watch research found how there is still a great deal of uncertainty about how and why the powers are being used -- and a clear need for the Coalition to go further to protect civil liberties.

While the Coalition has changed the law to require local authorities to seek a magistrates warrant for RIPA surveillance and only to use it for serious crimes, this is not the end of the matter.

The issue is of course that councils and public authorities don't have to say what they are up to, why, how often and even whether they have convicted anyone as a result. It takes groups like Big Brother Watch to dig up the figures -- the next step is for the Government to take action and make this data publicly reported.

Secondly, the Coalition has started down the right path in limiting how councils can use these powers. Now it's time for a full and frank review of how RIPA functions -- before the landscape is complicated even further with any more surveillance legislation that fiddles with the law in an effort to patch up existing failings.

Finally, judicial authorisation of surveillance should be the norm, not the exception.

 

 Extract: The new totalitarianism of surveillance technology...

24/7 tracking of citizens via biometrics


Link Here 16th August 2012

facial recognition A software engineer in my Facebook community wrote recently about his outrage that when he visited Disneyland, and went on a ride, the theme park offered him the photo of himself and his girlfriend to buy -- with his credit card information already linked to it. He noted that he had never entered his name or information into anything at the theme park, or indicated that he wanted a photo, or alerted the humans at the ride to who he and his girlfriend were -- so, he said, based on his professional experience, the system had to be using facial recognition technology. He had never signed an agreement allowing them to do so, and he declared that this use was illegal. He also claimed that Disney had recently shared data from facial-recognition technology with the United States military.

...Read the full article

 

  Giving the Police the Finger...

West Midlands police get mobile fingerprint testing devices


Link Here 14th August 2012

fingerprints West Midlands police are now able to ID crime suspects on the street after hi-tech fingerprint devices have been rolled out across the force.

The scanners are satellite linked to the national fingerprint database and will instantly alert police if the scanned prints belong to a convicted criminal. Police will then be able to cross reference the information against the Police National Computer to find out if the person is wanted by the police or courts.

It is incredibly important that police officers using this technology have reasonable suspicion that an individual has committed a crime before they are stopped. This appears to be an extension of stop and search powers already held by police officers and it is a cause for concern that this could lead to an increase in innocent individuals being stopped by police.

 

 Offsite Article: In Your Face!...


Link Here 12th August 2012  full story: Harrow Council Prudes...Nutter council gets all stuffy about nude art
Europe Already Has Draft Standard For Real-Time Government Snooping On Services Like Facebook And Gmail

See article from techdirt.com

 

 Offsite Article: The Biggest New Spying Program You've Probably Never Heard Of...


Link Here 31st July 2012
The US quietly changes the rules to enable the creation of a central database of everything that the governments knows about people currently held in non centralised databases

See article from aclu.org

 

 Extract: Clearing The Air On Skype...

Most of what you read was inaccurate, but there are still reasons to worry


Link Here 28th July 2012

SkypeOver the last few days there's been something of a firestorm of people claiming that Skype was letting police listen in on your calls.

...

So, to summarize:

  • Skype did make some infrastructure changes recently, but those changes likely were to increase the quality of the product, and had little to do with law enforcement/surveillance.

  • Skype has always had a program to provide available information to law enforcement if legally required to do so, but appears not to have made any major change to that program in quite some time. That program does not appear to include the ability to listen to calls.

  • Skype to phone (or phone to Skype) calls have always been tappable, because they touch the public telephone network, where they can be intercepted.

  • Skype to Skype calls remain encrypted, making it more difficult to tap them. However, because of the way Skype likely handles encryption keys, this does not mean that governments can't intercept the calls (or impersonate certain parties via Skype).

  • In the end, then, it appears that much of this discussion is a whole lot of fuss about nothing particularly new -- but it is worth noting that your Skype calls probably were never quite as secure as you thought they were, even if they're somewhat more secure than some other offerings with little or no encryption and a central server. But if you're looking for 100% secure communications, Skype isn't it -- but that's not because of any change. It's likely always been that way.

...Read the full article

 

  YouView WeSnoop...

A very worrying aspect to internet TV


Link Here 24th July 2012

YouView logoA new internet television service which allows viewers to catch up on shows from the BBC, ITV, Channel 4 and Channel 5 will change all that. Chaired by Lord Sugar, YouView allows broadcasters and their commercial partners to know exactly which programmes you are watching, and when.

An internet connection from the box to the outside world tracks individual choices and reports the data back to the company. YouView will use the material to build up a profile of each user. And to help some of the company's employees previously worked for Phorm, a US technology firm accused of developing advertising spyware.

Prospective viewers, however, may not be aware that the technology will record each channel being viewed. Each time you change channels or start/stop recording a programme, YouView reports back to headquarters via the internet connection, telling the company what it is you are watching and what you are doing with the box.

YouView, which publishes its data-usage policy in a click-through link at the bottom of its website, has been reluctant to answer detailed questions about privacy. The company unconvincingly told The Independent that the data from each box would be anonymised and only relates to the device and is mainly technical in nature. Information will apparently be passed to third-party companies, allowing the introduction of advertising targeted at certain postcodes.

Other likely applications are features such as What's hot in your area showing what neighbours are watching, eg 40% are watching Downton Abbey, 31% Strictly Come Dancing and 3% shows on gambling or pornography.

 

 Offsite Article: Mobile Phone Surveillance by the Numbers...


Link Here 17th July 2012
US phone companies have hundreds of staff dedicated to serving snooping requests by the authorities.

See article from aclu.org