Liberty News

2018: July-Sept

Liberty News Control Freaks
Privacy News Bollox Britain
2008   2009   2010   2011   2012   2013   2014   2015   2016   2017   2018  
Jan-March   April-June   July-Sept   Oct-Dec   Latest  


 

UK Surveillance Regime Violated Human Rights...

EFF report on The European Court finding against the UK's mass snooping scheme


Link Here 25th September 2018

On September 13, after a five-year legal battle, the European Court of Human Rights said that the UK government's surveillance regime--which includes the country's mass surveillance programs, methods, laws, and judges--violated the human rights to privacy and to freedom of expression. The court's opinion is the culmination of lawsuits filed by multiple privacy rights organizations, journalists, and activists who argued that the UK's surveillance programs violated the privacy of millions.

The court's decision is a step in the right direction, but it shouldn't be the last. While the court rejected the UK's spying programs, it left open the risk that a mass surveillance regime could comply with human rights law, and it did not say that mass surveillance itself was unlawful under the European Convention on Human Rights (a treaty that we discuss below).

But the court found that the real-world implementation of the UK's surveillance--with secret hearings, vague legal safeguards, and broadening reach--did not meet international human rights standards. The court described a surveillance regime "incapable" of limiting its "interference" into individuals' private lives when only "necessary in a democratic society."

In particular, the court's decision attempts to rein in the expanding use of mass surveillance. Originally reserved for allegedly protecting national security or preventing serious threats, use of these programs has trickled into routine criminal investigations with no national security element--a lowered threshold that the court zeroed in on to justify its rejection of the UK's surveillance programs. The court also said the UK's mass surveillance pipeline--from the moment data is automatically swept up and filtered to the moment when that data is viewed by government agents--lacked meaningful safeguards.

The UK Surveillance Regime

In the UK, the intelligence agency primarily tasked with online spying is the Government Communications Headquarters (GCHQ). The agency, which is sort of the UK version of the NSA, deploys multiple surveillance programs to sweep up nearly any type of online interaction you can think of, including emails, instant messenger chats, social media connections, online searches, browser history, and IP addresses. The GCHQ also collects communications metadata, capturing, for instance, what time an email was sent, where it was sent from, who it was sent to, and how quickly a reply was made.

The privacy safeguards for this surveillance are dismal.

For more than a decade, the GCHQ was supposed to comply with the Regulation of Investigatory Powers Act 2000 (RIPA). Though no longer fully in effect, the law required Internet service providers to, upon government request, give access to users' online communications in secret and to install technical equipment to allow surveillance on company infrastructure.

The UK directly collected massive amounts of data from the transatlantic, fiber-optic cables that carry Internet traffic around the world. The UK government targeted "bearers"-- portions of a single cable--to collect the data traveling within, applied filters and search criteria to weed out data it didn't want, and then stored the remaining data for later search, use, and sharing. According to GCHQ, this surveillance was designed to target "external" communications--online activity that is entirely outside the UK or that involves communications that leave or enter the UK--like email correspondence between a Londoner and someone overseas. But the surveillance also collected entirely "internal" communications, like two British neighbors' emails to one another. This surveillance was repeatedly approved under months-long, non-targeted warrants. Parts of this process, the court said, were vulnerable to abuse.

(In 2016, the UK passed another surveillance law--the Investigatory Powers Act, or IPA--but the court's decision applies only to government surveillance under the prior surveillance law, the RIPA.)

A Failure to Comply with Human Rights Laws

The suit's results can be looked at as a disconnect between the domestic laws allowing government surveillance in the UK and the UK's international human rights obligations.

The court took issue with the UK's failure to comply with the European Convention on Human Rights--an international treaty to protect human rights in Europe, specified in the convention's "articles." The European Court of Human Rights (ECtHR), a regional human rights judicial body based in Strasbourg, France, issued the opinion.

Though the lawsuit's plaintiffs asserted violations of Articles 6, 8, 10, and 14, the court only found violations of Article 8 and 10, which guarantee the right to privacy and the right to freedom of expression. The court's reasoning relied on applicable law, government admissions, and recent court judgments.

The court found two glaring problems in the UK's surveillance regime--the entire selection process for what data the government collects, keeps, and sees, and the government's unrestricted access to metadata.

How the government chooses "bearers" for data collection should "be subject to greater oversight," the court said. By itself, this was not enough to violate Article 8's right to privacy, the court said, but it necessitated better safeguards in the next steps--how data is filtered after initial collection and how data is later accessed.

Both those steps lacked sufficient oversight, too, the court said. It said the UK government received no independent oversight and needed "more rigorous safeguards" when choosing search criteria and selectors (things like email addresses and telephone numbers) to look through already-collected data. And because analysts can only look at collected and filtered data, "the only independent oversight of the process of filtering and selecting intercept data for examination" can happen afterwards through an external audit, the court said.

"The Court is not persuaded that the safeguards governing the selection of bearers for interception and the selection of intercepted material for examination are sufficiently robust to provide adequate guarantees against abuse," the court said. "Of greatest concern, however, is the absence of robust independent oversight of the selectors and search criteria used to filter intercepted communications."

Along with related problems, including the association of related metadata to collected communications, the court concluded the surveillance program violated Article 8.

The court also looked at how the UK government accesses metadata in so-called targeted requests to communications providers. It focused on one section of RIPA and one particularly important legal phrase: "Serious crime."

The UK's domestic law, the court said, "requires that any regime permitting the authorities to access data retained by [communications services providers] limits access to the purpose of combating 'serious crime,' and that access be subject to prior review by a court or independent administrative body."

This means that whenever government agents want to access data held by communications services providers, those government agents must be investigating a "serious crime," and government agents must also get court or administrative approval prior to accessing that data.

Here's the problem: that language is absent in UK's prior surveillance law for metadata requests. Instead, RIPA allowed government agencies to obtain metadata for investigations into non -serious crimes. Relatedly, metadata access for non-serious crimes did not require prior court or independent administrative approval, compounding the invasion of privacy.

Due to this discrepancy, the court found a violation of Articles 8 and 10.

For years, intelligence agencies convinced lawmakers that their mass surveillance programs were necessary to protect national security and to prevent terrorist threats--to, in other words, fight "serious crime." But recently, that's changed. These programs are increasingly being used for investigating seemingly every-day crimes.

In the UK, this process began with RIPA. The 2000 law was introduced in part to bring Britain's intelligence operations into better compliance with human rights law because the country's government realized that the scope of GCHQ's powers--and any limits to it--were insufficiently defined in law.

But as soon as lawmakers began cataloguing the intelligence services' extraordinary powers to peer into everybody's lives, other parts of the government took interest: If these powers are so useful for capturing terrorists and subverting foreign governments, why not use them for other pressing needs? With RIPA, the end result was an infamous explosion in the number of agencies able to conduct surveillance under the law. Under its terms, the government set out to grant surveillance powers to everyone from food standards officers to local authorities investigating the illicit movement of pigs, to a degree that upset even the then-head of MI5 .

The court's decision supports the idea that this surveillance expansion, if left unchecked, could be incompatible with human rights.

Good Findings

At more than 200 pages, the court's opinion includes a lot more than just findings of human rights violations.

Metadata collection, the court said, is just as intrusive as content collection.

EFF has championed this point for years. When collected in mass, metadata can reveal information so intimate that even the content of a conversation becomes predictable .

Take phone call metadata, for example. Metadata reveals a person's seven-days-a-week, middle-of-the-night, 10-minute phone calls to a local suicide prevention hotline. Metadata reveals a person's phone call to an HIV testing center, followed up with a call to their doctor, followed up with a call to their health insurance company. Metadata reveals a person's half-hour call to a gynecologist, followed by another call to a local Planned Parenthood.

The court made a similar conclusion. It said:

"For example, the content of an electronic communication might be encrypted and, even if it were decrypted, might not reveal anything of note about the sender or recipient. The related communications data, on the other hand, could reveal the identities and geographic location of the sender and recipient and the equipment through which the communication was transmitted. In bulk, the degree of intrusion is magnified, since the patterns that will emerge could be capable of painting an intimate picture of a person through the mapping of social networks, location tracking, Internet browsing tracking, mapping of communication patterns, and insight into who a person interacted with."

The court also said that an individuals' right to privacy is applied at the initial moment their communications are collected, not , as the government said, when their communications are accessed by a human analyst. That government assertion betrays our very understanding of privacy and relates to a similar, disingenuous claim that our messages aren't really "collected" until processed for government use .

Turning Towards Privacy

Modern telecommunications surveillance touches on so many parts of human rights that it will take many more international cases, or protective action by lawmakers and judges, before we can truly establish its limits, and there is plenty more that's wrong with how we deal with modern surveillance than is covered by this decision.

This is partly why EFF and hundreds of other technical and human rights experts helped create the Necessary and Proportionate Principles , a framework for assessing whether a state's communication surveillance practices comply with a country's human rights obligations. And it's why EFF has brought its own lawsuits to challenge mass surveillance conducted by the NSA in the United States. (The European Court of Human Rights' opinion has no direct effect on this litigation.)

This type of works takes years, if not decades. When it comes to any court remedy, it is often said that the wheels of justice turn slowly. We can at least breathe a little easier knowing that, last week, thanks to the hard work of privacy groups around the world, the wheels made one more turn in the right direction, towards privacy.

 

 

Getting the dope about what people really think...

An interesting idea for snooping on social media posts in Canada. I wonder what else they will apply it to...sex holidays in Pattaya...private views on immigration...


Link Here 23rd September 2018

The Canadian government is seeking a company that will scour social media and the dark web for data on Canadians' use of cannabis. The request comes a few weeks before recreational pot use becomes legalized on October 17.

According to a tender posted by Public Safety Canada this week, the government wants a company to algorithmically scan Twitter, Tumblr, Facebook, Instagram, and other relevant microblogging platforms for information on Canadians' attitudes towards legal pot and their behaviours.

The initiative will look for self-reported usage patterns (how much, what kind, and where) and activities such as buying and selling weed. The government will also be scanning social media for criminal activities associated with cannabis use--driving under the influence, for example. The initiative will also capture metadata, such as self-reported location and demographics, but according to the tender the data must exclude individual unique identifiers.

Motherboard asked Public Safety Canada spokesperson Karine Martel about the project but she did not comment on whether information on cannabis-related crimes collected from social media will be shared with law enforcement, but noted that the work will be conducted in compliance with the Tri-Council Policy Statement which notes that: research focusing on topics that include illegal activities depends on promises of strong confidentiality to participants.

According to a second tender the feds are also looking to keep track of Canadians buying and selling weed on so-called dark web markets. Both projects are slated to conclude on April 30, 2019.

 

 

UK mass surveillance ruled unlawful in landmark judgment...

The European Court of Human Rights has ruled that the UK's mass interception programmes have breached the European Convention on Human Rights.


Link Here 14th September 2018
Full story: Snooper's Charter...Tories re-start massive programme of communications snooping

The European Court of Human Rights (ECtHR) has found that the UK's mass surveillance programmes, revealed by NSA whistleblower Edward Snowden, did not meet the quality of law requirement and were incapable of keeping the interference to what is necessary in a democratic society.

The landmark judgment marks the Court's first ruling on UK mass surveillance programmes revealed by Mr Snowden. The case was started in 2013 by campaign groups Big Brother Watch, English PEN, Open Rights Group and computer science expert Dr Constanze Kurz following Mr Snowden's revelation of GCHQ mass spying.

Documents provided by Mr Snowden revealed that the UK intelligence agency GCHQ were conducting population-scale interception, capturing the communications of millions of innocent people. The mass spying programmes included TEMPORA, a bulk data store of all internet traffic; KARMA POLICE, a catalogue including a web browsing profile for every visible user on the internet; and BLACK HOLE, a repository of over 1 trillion events including internet histories, email and instant messenger records, search engine queries and social media activity.

The applicants argued that the mass interception programmes infringed UK citizens' rights to privacy protected by Article 8 of the European Convention on Human Rights as the population-level surveillance was effectively indiscriminate, without basic safeguards and oversight, and lacked a sufficient legal basis in the Regulation of Investigatory Powers Act (RIPA).

In its judgment, the ECtHR acknowledged that bulk interception is by definition untargeted ; that there was a lack of oversight of the entire selection process, and that safeguards were not sufficiently robust to provide adequate guarantees against abuse.

In particular, the Court noted concern that the intelligence services can search and examine "related communications data" apparently without restriction -- data that identifies senders and recipients of communications, their location, email headers, web browsing information, IP addresses, and more. The Court expressed concern that such unrestricted snooping could be capable of painting an intimate picture of a person through the mapping of social networks, location tracking, Internet browsing tracking, mapping of communication patterns, and insight into who a person interacted with.

The Court acknowledged the importance of applying safeguards to a surveillance regime, stating:

In view of the risk that a system of secret surveillance set up to protect national security may undermine or even destroy democracy under the cloak of defending it, the Court must be satisfied that there are adequate and effective guarantees against abuse.'

The Government passed the Investigatory Powers Act (IPA) in November 2016, replacing the contested RIPA powers and controversially putting mass surveillance powers on a statutory footing.

However, today's judgment that indiscriminate spying breaches rights protected by the ECHR is likely to provoke serious questions as to the lawfulness of bulk powers in the IPA.

Jim Killock, Executive Director of Open Rights Group said:

Viewers of the BBC drama, the Bodyguard, may be shocked to know that the UK actually has the most extreme surveillance powers in a democracy. Since we brought this case in 2013, the UK has actually increased its powers to indiscriminately surveil our communications whether or not we are suspected of any criminal activity.

In light of today's judgment, it is even clearer that these powers do not meet the criteria for proportionate surveillance and that the UK Government is continuing to breach our right to privacy.

Silkie Carlo, director of Big Brother Watch said:

This landmark judgment confirming that the UK's mass spying breached fundamental rights vindicates Mr Snowden's courageous whistleblowing and the tireless work of Big Brother Watch and others in our pursuit for justice.

Under the guise of counter-terrorism, the UK has adopted the most authoritarian surveillance regime of any Western state, corroding democracy itself and the rights of the British public. This judgment is a vital step towards protecting millions of law-abiding citizens from unjustified intrusion. However, since the new Investigatory Powers Act arguably poses an ever greater threat to civil liberties, our work is far from over.

Antonia Byatt, director of English PEN said:

This judgment confirms that the British government's surveillance practices have violated not only our right to privacy, but our right to freedom of expression too. Excessive surveillance discourages whistle-blowing and discourages investigative journalism. The government must now take action to guarantee our freedom to write and to read freely online.

Dr Constanze Kurz, computer scientist, internet activist and spokeswoman of the German Chaos Computer Club said:

What is at stake is the future of mass surveillance of European citizens, not only by UK secret services. The lack of accountability is not acceptable when the GCHQ penetrates Europe's communication data with their mass surveillance techniques. We all have to demand now that our human rights and more respect of the privacy of millions of Europeans will be acknowledged by the UK government and also by all European countries.

Dan Carey of Deighton Pierce Glynn, the solicitor representing the applicants, stated as follows:

The Court has put down a marker that the UK government does not have a free hand with the public's communications and that in several key respects the UK's laws and surveillance practices have failed. In particular, there needs to be much greater control over the search terms that the government is using to sift our communications. The pressure of this litigation has already contributed to some reforms in the UK and this judgment will require the UK government to look again at its practices in this most critical of areas.

 

 

Chilling citizens' rights to freedom of expression...

Big Brother Watch report: The State of Surveillance in 2018


Link Here 7th September 2018

Big Brother Watch has collaborated with leading campaigners, investigative journalists, and lawyers to share stories from the frontline on surveillance and data collection in the UK.

If you believe that you have nothing to hide and nothing to fear, this report will make you think again.

From unionists to journalists, and even welfare recipients and school children, we found that surveillance is increasingly affecting the lives of innocent people in the UK, chilling citizens' rights to freedom of expression and privacy, and reshaping society.

You can read our new report here .

 

 

Offsite Article: 5G can help us spy on West Midlands with AI CCTV, giggles UK.gov...


Link Here 5th September 2018
Once upon a time it was thought that porn was driving new technology. Now it is the pursuit of Big Brother surveillance that is driving the need for ever more bandwidth

See article from theregister.co.uk

 

 

Fucked up your backdoor by your own government...

'Five Eyes' governments get heavy with internet companies demanding that they get backdoors to encryption


Link Here 4th September 2018

The Five Eyes governments of the UK, US, Canada, Australia and New Zealand have threatened the tech industry to voluntarily create backdoor access to their systems, or be compelled to by law if they don't.

The move is a final warning to platform holders such as WhatsApp, Apple and Google who deploy encryption to guarantee user privacy on their services. A statement by the Five Eyes governments says:

Encryption is vital to the digital economy and a secure cyberspace, and to the protection of personal, commercial and government information ...HOWEVER.. . the increasing use and sophistication of certain encryption designs present challenges for nations in combating serious crimes and threats to national and global security.

Many of the same means of encryption that are being used to protect personal, commercial and government information are also being used by criminals, including child sex offenders, terrorists and organized crime groups to frustrate investigations and avoid detection and prosecution.

If the industry does not voluntarily establish lawful access solutions to their products the statement continued, we may pursue technological, enforcement, legislative or other measures to guarantee entry.

 

 

Thumbs down...

The EU is considering proposals to fingerprint all European Identity card holders


Link Here 27th August 2018
Proposals to make fingerprinting of all identity card holders in the EU obligatory were published by the European Commission in April as part of proposal on strengthening the security of identity cards and residence documents.

The proposal published by the Commission says that all EU Member States will be obliged to introduce a uniform format for their identity cards (if they issue them) and that they must include a facial image and two fingerprints - the latter being included, in the words of the Commission, to further increase effectiveness in terms of security.

This measure flies in the face of the conclusions reached in the Commission's own impact assessment, which said that a proposal excluding mandatory fingerprinting would be more efficient and proportional.

The Commission has made no attempt to justify the necessity and proportionality of what is a serious intrusion on the rights to privacy and data protection - biometric data qualifies as a special category of personal data under the EU's General Data Protection Regulation and requires suitable and specific safeguards.

The proposals were sent to the Council for the consideration of the Member States, whose representatives in the Working Party on Frontiers first examined the proposals on 4 May. They have been discussed on three further occasions since then.

 

 

Offsite Article: Your Smart Electricity Meter Can Easily Spy On You...


Link Here 26th August 2018
Full story: Smart Meters...Power companies to remotely control power usage
US Court Ruling Warns Modern meters can track not only when you're not home, but what you're up to when you're there.

See article from motherboard.vice.com

 

 

Offsite Article: Facebook under pressure...


Link Here 18th August 2018
US reportedly pressuring Facebook to break Messenger's encryption over MS-13 investigation

See article from theverge.com

 

 

Offsite Article: The other 'brute force method'...


Link Here 14th August 2018
Australia opts out of back door requirements for encryption providers and instead chooses the approach: 'give me your key or else I'll break your legs'

See article from theregister.co.uk

 

 

Wrong think...

Think tank considers that Brexit is an excuse for the revival of the British ID cards idea


Link Here 30th July 2018
Full story: ID Cards in UK...UK introduces ID cards
Policy Exchange is a think tank that describes itself as:

The UK's leading think tank. As an educational charity our mission is to develop and promote new policy ideas which deliver better public services, a stronger society and a more dynamic economy.

And now it has been considering post Brexit visa arrangements and has taken the opportunity to call fro the revival of ID cards, or at least an ID number that can be used for to identify everybody in official and unofficial databases throughout the world. Policy Exchange writes:

As national borders are being transformed by new technologies and new thinking about how to manage flows of goods and people as quickly and safely as possible, the UK border needs continuing innovation and reform.

The report's main recommendations include:

  • Roll out ID system for EU citizens . A unique digital reference for interactions with the state is being developed for the 3.6m EU citizens settled here after Brexit. This experiment with a unique number system should be a trial run for an initially voluntary system for UK citizens.

 

 

Offsite Article: Slurp detailed...


Link Here 26th July 2018
Full story: Microsoft Snooping...Microsoft’s Windows 10 is a privacy nightmare
Microsoft comes clean over Windows 10 snooping as part of its GDPR compliance

See article from v3.co.uk

 

 

Offsite Article: UK spies broke law for 15 years...


Link Here 24th July 2018
Full story: Snooper's Charter Plus...2015 Cameron government expands the Snooper's Charter
But what can you do? shrugs judge

See article from theregister.co.uk

 

 

Offsite Article: Facebook is fighting the FI demanding to snoop on Messenger...


Link Here 1st January 1970
Both encryption and the law are stacked against Facebook

See article from theverge.com

 

2008   2009   2010   2011   2012   2013   2014   2015   2016   2017   2018  
Jan-March   April-June   July-Sept   Oct-Dec   Latest  

melonfarmers icon
 

Top

Home

Index

Links

Email
 

US

World

Media

Info

UK
 

Film Cuts

Nutters

Liberty
 

Cutting Edge

Shopping

Sex News

Sex+Shopping

Advertise
 



Liberty News

Privacy News
 

Control Freaks

Bollox Britain
 


Adult DVD+VoD

Online Shop Reviews
 

Online Shops

New Releases & Offers
 
Sex Machines
Fucking Machines
Adult DVD Empire
Adult DVD Empire
Simply Adult
30,000+ items in stock
Low prices on DVDs and sex toys
Simply Adult
Hot Movies
Hot Movies