Europe Is Spying on You

Uploaded on 2015-11-06 in NEWS-Cybersecurity News, INTELLIGENCE--Europe, GOVERNMENT-National, FREE TO VIEW

When Edward Snowden disclosed details of America’s huge surveillance program two years ago, many in Europe thought that the response would be increased transparency and stronger oversight of security services. European countries, however, are moving in the opposite direction. Instead of more public scrutiny, we are getting more snooping. Pushed to respond to the atrocious attacks in Paris and Copenhagen and by the threats posed by the Islamic State to Europe’s internal security, several countries are amending their counter-terrorism legislation to grant more intrusive powers to security services, especially in terms of mass electronic surveillance.

France recently adopted a controversial law on surveillance that permits major intrusions, without prior judicial authorization, into the private lives of suspects and those who communicate with them, live or work in the same place or even just happen to be near them.

The German Parliament adopted a new data retention law on Oct. 16 that requires telecommunications operators and Internet service providers to retain connection data for up to 10 weeks. And the British government intends to increase the authorities’ powers to carry out mass surveillance and bulk collection of intercepted data.

Meanwhile, Austria is set to discuss a draft law that would allow a new security agency to operate with reduced external control and to collect and store communication data for up to six years. The Netherlands is considering legislation allowing dragnet surveillance of all telecommunications, indiscriminate gathering of metadata, decryption and intrusion into the computers of non-suspects. And in Finland, the government is even considering changing the Constitution to weaken privacy protections in order to ease the adoption of a bill granting the military and intelligence services the power to conduct electronic mass surveillance with little oversight.

Governments now argue that to guarantee our security we have to sacrifice some rights. This is a specious argument. By shifting from targeted to mass surveillance, governments risk undermining democracy while pretending to protect it.
They are also betraying a long political and judicial tradition affording broad protection to privacy in Europe, where democratic legal systems have evolved to protect individuals from arbitrary interference by the state in their private and family life. The European Court of Human Rights has long upheld the principle that surveillance interferes with the right to privacy. Although the court accepts that the use of confidential information is essential in combating terrorist threats, it has held that the collection, use and storage of such information should be authorized only under exceptional and precise conditions, and must be accompanied by adequate legal safeguards and independent supervision. The court has consistently applied this principle for decades when it was called to judge the conduct of several European countries, which were combating domestic terrorist groups.

More recently, as new technologies have offered more avenues to increase surveillance and data collection, the court has reiterated its position in a number of leading cases against several countries, including France, Romania, Russia and Britain, condemned for having infringed the right to private and family life that in the interpretation of the court covers also “the physical and psychological integrity of a person.”

Last year, the European Court of Justice set limits on telecommunication data retention. By invalidating a European Union directive for its unnecessary “wide-ranging and particularly serious interference with the fundamental right to respect for private life” and personal data, this court reaffirmed the outstanding place privacy holds in Europe. This judgment echoed a 2006 German Constitutional Court ruling that the German police had breached the individual right to self-determination and human dignity after they conducted a computerized search of suspected terrorists.
Many of the surveillance policies that have recently been adopted in Europe fail to abide by these legal standards. Worse, many of the new intrusive measures would be applied without any prior judicial review establishing their legality, proportionality or necessity. This gives excessive power to governments and creates a clear risk of arbitrary application and abuse.

If European governments and parliaments do not respect fundamental principles and judicial obligations, our lives will become much less private. Our ability to participate effectively in public life is threatened, too, because these measures curtail our freedom of speech and our right to receive information, including that of public interest. Not all whistleblowers have the technical knowledge Mr. Snowden possessed. Many would fear discovery if they communicated with journalists, who in turn would lose valuable sources, jeopardizing their ability to reveal unlawful conduct in both the public and private spheres. Watergates can only happen when whistleblowers feel protected. 
Indiscriminate mass surveillance can also impinge on attorney-client privilege and medical confidentiality. You might think twice before seeing a lawyer or a doctor, knowing that the authorities, and private companies, are aware of your communications and movements.

It is essential that European countries pause and consider the damage they have done. At a minimum, three core safeguards should be provided.

First, legislation should limit surveillance and the use of data in a way that strictly respects the right to privacy as spelled out in the Universal Declaration of Human Rights, the International Covenant on Civil and Political Rights, European data protection standards, the case law of the European Court of Human Rights and that of the European Court of Justice. These norms oblige states to respect human rights when they gather and store information relating to our private lives and to protect individuals from unlawful surveillance, including when carried out by foreign agencies.

Second, there must be rigorous procedures for the examination, use and storage of all data obtained, and those subjected to surveillance should be given a chance to exercise their legal rights to appeal.
Third, security agencies must operate under independent scrutiny and judicial review. This will require intrusive oversight powers for parliaments and a judiciary that is involved in the decision-making process to ensure accountability. Countries that have adopted controversial surveillance laws should reconsider or amend them. And those considering new surveillance legislation should do so with great caution.

Terrorism is a real threat and it requires an effective response. But adopting surveillance measures that undermine human rights and the rule of law is not the solution.
NYT:  http://nyti.ms/1MTSbkS

 

 

« Poaching On the Rise For Big Data Professionals
New Material Promises NSA-proof Wallpaper »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

DLA Piper

DLA Piper

DLA Piper is a global law firm with offices throughout the Americas, Asia Pacific, Europe and the Middle East. Practice areas include Cybersecurity.

Grid32

Grid32

Grid32 provides independent computer system and physical security audit services to government and corporate clients of all sizes.

Avatu

Avatu

Avatu specialise in providing clients the advice, technology and tools they need to fight cyber and insider threats.

Cybersixgill

Cybersixgill

Cybersixgill was founded with a single mission: to protect organizations against malicious cyber attacks that come from the deep and dark web, before they materialize.

Information Systems Security Partners (ISSP)

Information Systems Security Partners (ISSP)

ISSP is a specialized system integrator focused on the information security needs of its corporate clients and providing best in class products and services for securing organizational information.

IoT Defense

IoT Defense

IoT Defense (IOTD) is a cybersecurity and networking company building solutions that enable the protection of networks and the ever-increasing prevalence of IoT devices.

Corsa Security

Corsa Security

Corsa Security is leading the transformation of network security with a private cloud approach that helps scale network security services with unwavering performance and flexibility.

URS Certification

URS Certification

United Registrar of Systems (URS Certification) is an independent certification body operating in more than 30 countries within the multinational URS Holdings.

SEEK

SEEK

SEEK create world-class technology solutions to address the needs of job seekers and hirers across multiple sectors including cybersecurity.

Enterprise Ethereum Alliance (EEA)

Enterprise Ethereum Alliance (EEA)

EEA is a member-led industry organization whose objective is to drive the use of Ethereum blockchain technology as an open-standard to empower ALL enterprises.

Privacera

Privacera

Privacera enables consistent data governance, security, and compliance across all your data services - on-premises and in the cloud - so you can maximize the value of your data.

Oxford Internet Institute - University of Oxford

Oxford Internet Institute - University of Oxford

The Oxford Internet Institute is a multidisciplinary research and teaching department of the University of Oxford, dedicated to the social science of the Internet.

Airgap Networks

Airgap Networks

Airgap is fixing the fundamental flaw of excessive trust. We help enterprises modernize their network for a simple and secure infrastructure.

Patriot Consulting Technology Group

Patriot Consulting Technology Group

Patriot Consulting's mission is to help our clients manage cybersecurity risk through secure deployments of Microsoft 365.

Esprinet

Esprinet

The Esprinet Group is an enabler of the technology ecosystem: a team of people who promote access to technology through an extensive network of professional resellers.

OccamSec

OccamSec

OccamSec is a leading provider in the world of cybersecurity. We provide accurate, actionable information to reduce risk and enable better informed decisions.