Liberty News

The use of 'mobile phone extraction' tools enables police forces to download all of the content and data from people's phones. This can apply to suspects, witnesses and even victims -- without their knowledge.

With no clear policies or guidance on the use of this technology, individuals are unaware of their legal rights in terms of:

• whether data is only taken when necessary and proportionate;

• getting the police to delete this data when there is no legal reason to retain it, particularly if they are innocent of any crime;

• ensuring data is held securely to prevent exposure of their personal data as a result of loss of records, misuse or security breach.

As the use of this technology is unregulated, we don't know how this data is used, how it is stored and secured, and if it's ever even deleted.

Privacy International is calling for:

• the use of this intrusive technology is properly regulated, with independent oversight so that abuse and misuse does not go undetected;

• a proper warrantry regime to be implemented, so that the technology cannot be used arbitrarily;

• people to be informed of their rights if the police want to search their phone.

Dutch voters have rejected a law that would give spy agencies the power to carry out mass tapping of Internet traffic.

Dubbed the 'trawling law' by opponents, the legislation would allow spy agencies to install wire taps targeting an entire geographic region or avenue of communication, store information for up to three years, and share it with allied spy agencies.

The snooping law has already been approved by both houses of parliament. Though the referendum was non-binding prime minister Mark Rutte has vowed to take the result seriously.

On Thursday, the US House approved the omnibus government spending bill, with the unscrutinised CLOUD Act attached, in a 256-167 vote. The Senate followed up late that night with a 65-32 vote in favor. All the bill requires now is the president's signature.

U.S. and foreign police will have new mechanisms to seize data across the globe. Because of this failure, your private emails, your online chats, your Facebook, Google, Flickr photos, your Snapchat videos, your private lives online, your moments shared digitally between only those you trust, will be open to foreign law enforcement without a warrant and with few restrictions on using and sharing your information. Because of this failure, U.S. laws will be bypassed on U.S. soil.

As we wrote before, the CLOUD Act is a far-reaching, privacy-upending piece of legislation that will:

Enable foreign police to collect and wiretap people's communications from U.S. companies, without obtaining a U.S. warrant.Allow foreign nations to demand personal data stored in the United States, without prior review by a judge.Allow the U.S. president to enter executive agreements that empower police in foreign nations that have weaker privacy laws than the United States to seize data in the United States while ignoring U.S. privacy laws.Allow foreign police to collect someone's data without notifying them about it.Empower U.S. police to grab any data, regardless if it's a U.S. person's or not, no matter where it is stored.

And, as we wrote before, this is how the CLOUD Act could work in practice:

London investigators want the private Slack messages of a Londoner they suspect of bank fraud. The London police could go directly to Slack, a U.S. company, to request and collect those messages. The London police would not necessarily need prior judicial review for this request. The London police would not be required to notify U.S. law enforcement about this request. The London police would not need a probable cause warrant for this collection.

Predictably, in this request, the London police might also collect Slack messages written by U.S. persons communicating with the Londoner suspected of bank fraud. Those messages could be read, stored, and potentially shared, all without the U.S. person knowing about it. Those messages, if shared with U.S. law enforcement, could be used to criminally charge the U.S. person in a U.S. court, even though a warrant was never issued.

This bill has large privacy implications both in the U.S. and abroad. It was never given the attention it deserved in Congress.

Thailand's popular resort of Phuket has an ambition to turn the island into a 'smart city', according to Thailand's digital economy minister.

The province may also develop an electronic wristband system for foreign tourists so their identity and location would be known in case of untoward incidents, said Digital Economy and Society Minister Pichet Durongkaveroj.

He said the province has planned to develop the uses of wristbands to track tourists and to use Big Data to analyse information about tourists' habits.

He said the Phuket command centre would also link to all CCTVs on the island to work with face-recognition software to guard against crimes as well as to collect the data of tourists who use public boat services.

Comment: Alienation

19th March 2018. Thanks to Dave

Why are the Thai Authorities doing everything they can to Alienate Tourists and Expats.

Raiding Darts Clubs, Bridge Clubs, putting them in Gaol for Smoking on the Beach.

The Police are constantly stopping Tourists on Scooters looking for international Driving License's, which were never needed before.

Now wristbands to track Tourists movements, registering Mobile Phones with your Passport.

Thailand is turning into another North Korea, The sooner we have Elections and get rid of the Army the better.

The convenience store 7-Eleven is rolling out artificial intelligence at its 11,000 stores across Thailand.

7-Eleven will use facial-recognition and behavior-analysis technologies for multiple purposes. The ones it has decided to reveal to the public are to identify loyalty members, analyze in-store traffic, monitor product levels, suggest products to customers, and even measure the emotions of customers as they walk around.

The company announced it will be using technology developed by US-based Remark Holdings, which says its facial-recognition technology has an accuracy rate of more than 96%. Remark, which has data partnerships with Alibaba, Tencent, and Baidu, has a significant presence in China.

The rollout at Thailand's 7-Eleven stores remains unique in scope. It could potentially be the largest number of facial-recognition cameras to be adopted by one company. No corporate entity is so entrenched in Thai lives, according to a report from Public Radio International. And that may be crucial not only to the success of facial recognition in 7-Eleven stores in Thailand, but across the region.

EFF and 23 other civil liberties organizations sent a letter to Congress urging Members and Senators to oppose the CLOUD Act and any efforts to attach it to other legislation.

The CLOUD Act ( S. 2383 and H.R. 4943 ) is a dangerous bill that would tear away global privacy protections by allowing police in the United States and abroad to grab cross-border data without following the privacy rules of where the data is stored. Currently, law enforcement requests for cross-border data often use a legal system called the Mutual Legal Assistance Treaties, or MLATs. This system ensures that, for example, should a foreign government wish to seize communications stored in the United States, that data is properly secured by the Fourth Amendment requirement for a search warrant.

The other groups signing the new coalition letter against the CLOUD Act are Access Now, Advocacy for Principled Action in Government, American Civil Liberties Union, Amnesty International USA, Asian American Legal Defense and Education Fund (AALDEF), Campaign for Liberty, Center for Democracy & Technology, CenterLink: The Community of LGBT Centers, Constitutional Alliance, Defending Rights & Dissent, Demand Progress Action, Equality California, Free Press Action Fund, Government Accountability Project, Government Information Watch, Human Rights Watch, Liberty Coalition, National Association of Criminal Defense Lawyers, National Black Justice Coalition, New America's Open Technology Institute, OpenMedia, People For the American Way, and Restore The Fourth.

The CLOUD Act allows police to bypass the MLAT system, removing vital U.S. and foreign country privacy protections. As we explained in our earlier letter to Congress, the CLOUD Act would:

• Allow foreign governments to wiretap on U.S. soil under standards that do not comply with U.S. law;

• Give the executive branch the power to enter into foreign agreements without Congressional approval or judicial review, including foreign nations with a well-known record of human rights abuses;

• Possibly facilitate foreign government access to information that is used to commit human rights abuses, like torture; and

• Allow foreign governments to obtain information that could pertain to individuals in the U.S. without meeting constitutional standards.

You can read more about EFF's opposition to the CLOUD Act here .

The CLOUD Act creates a new channel for foreign governments seeking data about non-U.S. persons who are outside the United States. This new data channel is not governed by the laws of where the data is stored. Instead, the foreign police may demand the data directly from the company that handles it. Under the CLOUD Act, should a foreign government request data from a U.S. company, the U.S. Department of Justice would not need to be involved at any stage. Also, such requests for data would not need to receive individualized, prior judicial review before the data request is made.

The CLOUD Act's new data delivery method lacks not just meaningful judicial oversight, but also meaningful Congressional oversight, too. Should the U.S. executive branch enter a data exchange agreement--known as an "executive agreement"--with foreign countries, Congress would have little time and power to stop them. As we wrote in our letter:

"[T]he CLOUD Act would allow the executive branch to enter into agreements with foreign governments--without congressional approval. The bill stipulates that any agreement negotiated would go into effect 90 days after Congress was notified of the certification, unless Congress enacts a joint resolution of disapproval, which would require presidential approval or sufficient votes to overcome a presidential veto."

And under the bill, the president could agree to enter executive agreements with countries that are known human rights abusers.

Troublingly, the bill also fails to protect U.S. persons from the predictable, non-targeted collection of their data. When foreign governments request data from U.S. companies about specific "targets" who are non-U.S. persons not living in the United States, these governments will also inevitably collect data belonging to U.S. persons who communicate with the targeted individuals. Much of that data can then be shared with U.S. authorities, who can then use the information to charge U.S. persons with crimes. That data sharing, and potential criminal prosecution, requires no probable cause warrant as required by the Fourth Amendment, violating our constitutional rights.

The CLOUD Act is a bad bill. We urge Congress to stop it, and any attempts to attach it to must-pass spending legislation.

The UK's mass digital surveillance regime preceding the snoopers charter has been found to be illegal by an appeals court.

The case was brought by the Labour deputy leader, Tom Watson in conjunction with Liberty, the human rights campaign group.

The three judges said Data Retention and Investigatory Powers Act 2014 (Dripa), which paved the way for the snooper's charter legislation, did not restrict the accessing of confidential personal phone and web browsing records to investigations of serious crime, and allowed police and other public bodies to authorise their own access without adequate oversight. The judges said Dripa was inconsistent with EU law because of this lack of safeguards, including the absence of prior review by a court or independent administrative authority.

Responding to the ruling, Watson said:

This legislation was flawed from the start. It was rushed through parliament just before recess without proper parliamentary scrutiny. The government must now bring forward changes to the Investigatory Powers Act to ensure that hundreds of thousands of people, many of whom are innocent victims or witnesses to crime, are protected by a system of independent approval for access to communications data. I'm proud to have played my part in safeguarding citizens' fundamental rights.

Martha Spurrier, the director of Liberty, said:

Yet again a UK court has ruled the government's extreme mass surveillance regime unlawful. This judgement tells ministers in crystal clear terms that they are breaching the public's human rights. She said no politician was above the law. When will the government stop bartering with judges and start drawing up a surveillance law that upholds our democratic freedoms?

Matthew Rice of the Open Rights Group responded:

Once again, another UK court has found another piece of Government surveillance legislation to be unlawful. The Government needs to admit their legislation is flawed and make the necessary changes to the Investigatory Powers Act to protect the public's fundamental rights.

The Investigatory Powers Act carves a gaping hole in the public's rights. Public bodies able to access data without proper oversight, and access to that data for reasons other than fighting serious crime. These practices must stop, the courts have now confirmed it. The ball is firmly in the Government's court to set it right.