Europe Is Spying on You

When Edward Snowden disclosed details of America’s huge surveillance program two years ago, many in Europe thought that the response would be increased transparency and stronger oversight of security services. European countries, however, are moving in the opposite direction. Instead of more public scrutiny, we are getting more snooping. Pushed to respond to the atrocious attacks in Paris and Copenhagen and by the threats posed by the Islamic State to Europe’s internal security, several countries are amending their counter-terrorism legislation to grant more intrusive powers to security services, especially in terms of mass electronic surveillance.

France recently adopted a controversial law on surveillance that permits major intrusions, without prior judicial authorization, into the private lives of suspects and those who communicate with them, live or work in the same place or even just happen to be near them.

The German Parliament adopted a new data retention law on Oct. 16 that requires telecommunications operators and Internet service providers to retain connection data for up to 10 weeks. And the British government intends to increase the authorities’ powers to carry out mass surveillance and bulk collection of intercepted data.

Meanwhile, Austria is set to discuss a draft law that would allow a new security agency to operate with reduced external control and to collect and store communication data for up to six years. The Netherlands is considering legislation allowing dragnet surveillance of all telecommunications, indiscriminate gathering of metadata, decryption and intrusion into the computers of non-suspects. And in Finland, the government is even considering changing the Constitution to weaken privacy protections in order to ease the adoption of a bill granting the military and intelligence services the power to conduct electronic mass surveillance with little oversight.

Governments now argue that to guarantee our security we have to sacrifice some rights. This is a specious argument. By shifting from targeted to mass surveillance, governments risk undermining democracy while pretending to protect it.
They are also betraying a long political and judicial tradition affording broad protection to privacy in Europe, where democratic legal systems have evolved to protect individuals from arbitrary interference by the state in their private and family life. The European Court of Human Rights has long upheld the principle that surveillance interferes with the right to privacy. Although the court accepts that the use of confidential information is essential in combating terrorist threats, it has held that the collection, use and storage of such information should be authorized only under exceptional and precise conditions, and must be accompanied by adequate legal safeguards and independent supervision. The court has consistently applied this principle for decades when it was called to judge the conduct of several European countries, which were combating domestic terrorist groups.

More recently, as new technologies have offered more avenues to increase surveillance and data collection, the court has reiterated its position in a number of leading cases against several countries, including France, Romania, Russia and Britain, condemned for having infringed the right to private and family life that in the interpretation of the court covers also “the physical and psychological integrity of a person.”

Last year, the European Court of Justice set limits on telecommunication data retention. By invalidating a European Union directive for its unnecessary “wide-ranging and particularly serious interference with the fundamental right to respect for private life” and personal data, this court reaffirmed the outstanding place privacy holds in Europe. This judgment echoed a 2006 German Constitutional Court ruling that the German police had breached the individual right to self-determination and human dignity after they conducted a computerized search of suspected terrorists.
Many of the surveillance policies that have recently been adopted in Europe fail to abide by these legal standards. Worse, many of the new intrusive measures would be applied without any prior judicial review establishing their legality, proportionality or necessity. This gives excessive power to governments and creates a clear risk of arbitrary application and abuse.

If European governments and parliaments do not respect fundamental principles and judicial obligations, our lives will become much less private. Our ability to participate effectively in public life is threatened, too, because these measures curtail our freedom of speech and our right to receive information, including that of public interest. Not all whistleblowers have the technical knowledge Mr. Snowden possessed. Many would fear discovery if they communicated with journalists, who in turn would lose valuable sources, jeopardizing their ability to reveal unlawful conduct in both the public and private spheres. Watergates can only happen when whistleblowers feel protected. 
Indiscriminate mass surveillance can also impinge on attorney-client privilege and medical confidentiality. You might think twice before seeing a lawyer or a doctor, knowing that the authorities, and private companies, are aware of your communications and movements.

It is essential that European countries pause and consider the damage they have done. At a minimum, three core safeguards should be provided.

First, legislation should limit surveillance and the use of data in a way that strictly respects the right to privacy as spelled out in the Universal Declaration of Human Rights, the International Covenant on Civil and Political Rights, European data protection standards, the case law of the European Court of Human Rights and that of the European Court of Justice. These norms oblige states to respect human rights when they gather and store information relating to our private lives and to protect individuals from unlawful surveillance, including when carried out by foreign agencies.

Second, there must be rigorous procedures for the examination, use and storage of all data obtained, and those subjected to surveillance should be given a chance to exercise their legal rights to appeal.
Third, security agencies must operate under independent scrutiny and judicial review. This will require intrusive oversight powers for parliaments and a judiciary that is involved in the decision-making process to ensure accountability. Countries that have adopted controversial surveillance laws should reconsider or amend them. And those considering new surveillance legislation should do so with great caution.

Terrorism is a real threat and it requires an effective response. But adopting surveillance measures that undermine human rights and the rule of law is not the solution.
NYT:  http://nyti.ms/1MTSbkS

 

 

« Poaching On the Rise For Big Data Professionals
New Material Promises NSA-proof Wallpaper »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Malware.lu

Malware.lu

Malware.lu is a repository of malware and technical analysis. The goal of the project is to provide samples and technical analysis to security researchers.

Cristie Data

Cristie Data

Cristie have been a trusted, innovative and leading edge data storage, backup and virtualisation solutions provider across all sectors of industry for over 40 years.

Deltagon

Deltagon

Deltagon develops information security solutions to protect companies’ confidential information in e-communication and e-services.

KPN

KPN

KPN is a leading supplier of ICT services including Cyber Security, Identity & Privacy, Secure Communications and Business Continuity.

Averon

Averon

Averon's technology is the new gold standard for digital identity - the easiest, fastest and most secure verification solution for users on both WiFi and LTE.

DataSunrise

DataSunrise

DataSunrise Data-Centric high-performance security software protects the sensitive data in real-time in cloud or on premises, and helps organizations to stay compliant.

Oneconsult

Oneconsult

Oneconsult provides cyber security services focusing on penetration tests / ethical hacking, ISO 27001 security audits and incident response & IT forensics.

Romanian Association for Information Security Assurance (RAISA)

Romanian Association for Information Security Assurance (RAISA)

RAISA promotes and supports information security activities and creates a community for the exchange of knowledge between specialists, academic and corporate environment in Romania.

Serverless Computing

Serverless Computing

Serverless Computing London will help architects, developers and CIOs decide on the best path to a more efficient, scalable and secure computing future.

LMG Security

LMG Security

LMG Security is a cybersecurity consulting, research and training firm.

Quokka

Quokka

Quokka (formerly Kryptowire) is the source for mobile security and privacy solutions, staying steps ahead of the threat and delivering peace of mind.

Greenetics Solutions

Greenetics Solutions

Greenetics Solutions is a company focused on providing solutions for information security.

Rigado

Rigado

Rigado's mission is to enable commercial IoT success by providing high-performance secure and scalable wireless edge connectivity and network infrastructure.

Bolt Learning

Bolt Learning

Bolt's Cyber Security eLearning module provides users with an in-depth understanding of cybercrime, how it can occur and what everyone can contribute to preventing it.

Exium

Exium

At Exium we’ve integrated networking and security in a cloud-delivered Zero Trust platform powered by 5G and open source.

Sababa Security

Sababa Security

Sababa Security is the first Italian innovation cyber security vendor, that provides security products, training, and managed services to protect diverse IT and OT environments.