Europe Is Spying on You

When Edward Snowden disclosed details of America’s huge surveillance program two years ago, many in Europe thought that the response would be increased transparency and stronger oversight of security services. European countries, however, are moving in the opposite direction. Instead of more public scrutiny, we are getting more snooping. Pushed to respond to the atrocious attacks in Paris and Copenhagen and by the threats posed by the Islamic State to Europe’s internal security, several countries are amending their counter-terrorism legislation to grant more intrusive powers to security services, especially in terms of mass electronic surveillance.

France recently adopted a controversial law on surveillance that permits major intrusions, without prior judicial authorization, into the private lives of suspects and those who communicate with them, live or work in the same place or even just happen to be near them.

The German Parliament adopted a new data retention law on Oct. 16 that requires telecommunications operators and Internet service providers to retain connection data for up to 10 weeks. And the British government intends to increase the authorities’ powers to carry out mass surveillance and bulk collection of intercepted data.

Meanwhile, Austria is set to discuss a draft law that would allow a new security agency to operate with reduced external control and to collect and store communication data for up to six years. The Netherlands is considering legislation allowing dragnet surveillance of all telecommunications, indiscriminate gathering of metadata, decryption and intrusion into the computers of non-suspects. And in Finland, the government is even considering changing the Constitution to weaken privacy protections in order to ease the adoption of a bill granting the military and intelligence services the power to conduct electronic mass surveillance with little oversight.

Governments now argue that to guarantee our security we have to sacrifice some rights. This is a specious argument. By shifting from targeted to mass surveillance, governments risk undermining democracy while pretending to protect it.
They are also betraying a long political and judicial tradition affording broad protection to privacy in Europe, where democratic legal systems have evolved to protect individuals from arbitrary interference by the state in their private and family life. The European Court of Human Rights has long upheld the principle that surveillance interferes with the right to privacy. Although the court accepts that the use of confidential information is essential in combating terrorist threats, it has held that the collection, use and storage of such information should be authorized only under exceptional and precise conditions, and must be accompanied by adequate legal safeguards and independent supervision. The court has consistently applied this principle for decades when it was called to judge the conduct of several European countries, which were combating domestic terrorist groups.

More recently, as new technologies have offered more avenues to increase surveillance and data collection, the court has reiterated its position in a number of leading cases against several countries, including France, Romania, Russia and Britain, condemned for having infringed the right to private and family life that in the interpretation of the court covers also “the physical and psychological integrity of a person.”

Last year, the European Court of Justice set limits on telecommunication data retention. By invalidating a European Union directive for its unnecessary “wide-ranging and particularly serious interference with the fundamental right to respect for private life” and personal data, this court reaffirmed the outstanding place privacy holds in Europe. This judgment echoed a 2006 German Constitutional Court ruling that the German police had breached the individual right to self-determination and human dignity after they conducted a computerized search of suspected terrorists.
Many of the surveillance policies that have recently been adopted in Europe fail to abide by these legal standards. Worse, many of the new intrusive measures would be applied without any prior judicial review establishing their legality, proportionality or necessity. This gives excessive power to governments and creates a clear risk of arbitrary application and abuse.

If European governments and parliaments do not respect fundamental principles and judicial obligations, our lives will become much less private. Our ability to participate effectively in public life is threatened, too, because these measures curtail our freedom of speech and our right to receive information, including that of public interest. Not all whistleblowers have the technical knowledge Mr. Snowden possessed. Many would fear discovery if they communicated with journalists, who in turn would lose valuable sources, jeopardizing their ability to reveal unlawful conduct in both the public and private spheres. Watergates can only happen when whistleblowers feel protected. 
Indiscriminate mass surveillance can also impinge on attorney-client privilege and medical confidentiality. You might think twice before seeing a lawyer or a doctor, knowing that the authorities, and private companies, are aware of your communications and movements.

It is essential that European countries pause and consider the damage they have done. At a minimum, three core safeguards should be provided.

First, legislation should limit surveillance and the use of data in a way that strictly respects the right to privacy as spelled out in the Universal Declaration of Human Rights, the International Covenant on Civil and Political Rights, European data protection standards, the case law of the European Court of Human Rights and that of the European Court of Justice. These norms oblige states to respect human rights when they gather and store information relating to our private lives and to protect individuals from unlawful surveillance, including when carried out by foreign agencies.

Second, there must be rigorous procedures for the examination, use and storage of all data obtained, and those subjected to surveillance should be given a chance to exercise their legal rights to appeal.
Third, security agencies must operate under independent scrutiny and judicial review. This will require intrusive oversight powers for parliaments and a judiciary that is involved in the decision-making process to ensure accountability. Countries that have adopted controversial surveillance laws should reconsider or amend them. And those considering new surveillance legislation should do so with great caution.

Terrorism is a real threat and it requires an effective response. But adopting surveillance measures that undermine human rights and the rule of law is not the solution.
NYT:  http://nyti.ms/1MTSbkS

 

 

« Poaching On the Rise For Big Data Professionals
New Material Promises NSA-proof Wallpaper »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CW Jobs

CW Jobs

CWJobs.co.uk is a leading specialist IT recruitment website covering all areas of IT including Cyber Security.

Davis Wright Tremaine (DWT)

Davis Wright Tremaine (DWT)

Davis Wright Tremaine is a full-service law firm with offices throughout the US and in Shanghai, China. Practice areas include Technology, Privacy & Security.

Agenci

Agenci

Agenci are specialists in cyber security and information security and deliver ISO 27001 Certification.

Cypress Semiconductor

Cypress Semiconductor

Cypress is a semiconductor design and manufacturing company providing embedded devices for secure IoT applications.

Wilson Sonsini Goodrich & Rosati (WSGR)

Wilson Sonsini Goodrich & Rosati (WSGR)

WSGR is the premier provider of legal services to technology, life sciences, and growth enterprises worldwide. Practice areas include cybersecurity and data protection.

Rhebo

Rhebo

Rhebo Industrial Protector monitors and ensures the continuous, correct, and predictable operation of real-time Industrial Control Systems to prevent outages and reduce downtimes.

Salient CRGT

Salient CRGT

Salient CRGT is a leading provider of health, data analytics, cloud, agile software development, mobility, cyber security, and infrastructure solutions.

Armis

Armis

Armis offers the markets leading asset intelligence platform designed to address the new threat landscape that connected devices create.

Yelbridges

Yelbridges

Yelbridges is your reliable partner in all fields of IT-Security, from developing of Security Policies and Guidelines to the design and implementation of secure processes.

CHT Security

CHT Security

CHT Security is a Managed Security Service Provider (MSSP) specialized in cyber security technologies enabling enterprises to defense against cyber threats to networks, gateways and endpoints.

Caveonix

Caveonix

Caveonix’s RiskForesight TM solution is an automated, proactive risk and compliance platform designed for hybrid and multi-cloud.

FourthRev

FourthRev

FourthRev is an education-technology start-up with a mission to solve the skills crisis of the Fourth Industrial Revolution.

Intaso

Intaso

Intaso are a boutique head hunting and talent solution firm with specialist Cyber and Information Security expertise.

Winmill Software

Winmill Software

Winmill is a technology services company that provides expert consulting services in Application Development, Application Security and Cyber Security.

Zerify

Zerify

Zerify offers the industry’s only video conferencing platform built with a zero-trust architecture to keep your meetings secure, private and business compliant.

Cenobe Cyber Security

Cenobe Cyber Security

Cenobe provides customized solutions to keep you ahead of potential threats and ensure the security of your organization's systems and data.

ArmorPoint

ArmorPoint

ArmorPoint redefines the traditional approach to cybersecurity by combining network operations, security operations, and SIEM technology in one platform.