France & UK on the Edge of Kafkaesque Surveillance

Uploaded on 2015-08-14 in NEWS-Cybersecurity News, INTELLIGENCE--International, GOVERNMENT-National, FREE TO VIEW

_82765991_4a198504-d9b4-42c1-961c-d73863aa7f4f.jpg

Those opposed to the new French surveillance law say it will allow the government to keep a record of innocuous conversations.

The problem of our laws, wrote Kafka, is that they can involve arbitrary, secretive acts on the part of elites. The law, on this view, has “brought only slight, more or less accidental benefits, and done a great deal of serious harm, since it has given the people a false sense of security towards coming events, and left them helplessly exposed”.
“We live”, Kafka concluded, “on the razor’s edge”. Most would find Kafka’s parable, published in 1931, a miss-characterisation of the rule of law. In democracies with a separation of powers, there are checks and balances between legislative, executive and judicial branches of government. There is transparency, rigor and reason, rather than secrecy.

There is accountability and oversight.
Or so we would hope. But if ever there were a set of laws at the thin edge of the world, reeling back the swath of advances in civil rights and liberties during the century since Kafka resolved his thinking, and embodying his diagnosis with terrifying precision, they are the laws surrounding surveillance and counter-terror in the digital age.
Two decisions, one 11 days ago in Britain, and another last Thursday in France, highlight key concerns about the rule of law, cognitive dissonance around terror, the fated pursuit of a false sense of security, and the disassembled balance of power between citizens and the deep state.

The first story appears to contain a glimmer of hope. Two British MPs, Tom Watson and David Davis, crossed the party divide and with campaigning organisation Liberty, won a legal challenge against the rushed, undemocratic Data Retention and Investigatory Powers Act (Dripa), passed in July 2014. The High Court found that Dripa was unlawful because it did not adequately ensure that access to, and use of, communications data (though not its collection) was limited to what was necessary, appropriate and proportionate for preventing and detecting serious crime.

The law attracted impassioned cries about incursions on civil liberties – despite this, the French council approved it
The decision has been welcomed for, finally, recognising in the UK what a number of other countries and a slew of independent examiners have demanded: proper judicial oversight of a “general retention regime on a potentially massive scale”. Where it falls down, as do many of those reports, is in accepting, implicitly or explicitly, the euphemistic re-characterisation of mass surveillance as “bulk interception” or “bulk collection”, thus endorsing an incursion into our private lives, papers, thoughts and communications that has no precedent in the law of the land. However, the Dripa victory is likely short-lived. Immediately, the Home Office declared its disagreement with the High Court’s decision, pledging to appeal. And of course, the Conservative government has already made abundantly clear its intention to enact a single, comprehensive law – the so-called “snooper’s charter” – which many fear would unleash a tidal wave of surveillance at political and executive discretion.

This is where the other side of the channel comes in. Late on Thursday 23 July, in France’s highest constitutional body, the last safeguard of the rule of law fell, approving what is, by all measures, an intrusive, comprehensive, virtually-unchecked surveillance law.

A pipe-dream for two years, the French law gathered momentum in March this year in the wake of the Charlie Hebdo attack, and was put together in the French parliament under emergency procedures, drastically reducing discussion time and preventing any meaningful debate. The law was overwhelmingly approved by parliament in June and immediately referred to the constitutional council by nearly everyone who could do so, including François Hollande – the first time the president has deferred a law voted by parliament in the Fifth Republic.
 
The case also attracted an unheard of number of amicus briefs, many of which were made public, and most of which involved an impassioned cry about the unprecedented incursion on civil liberties that the law mandates.
And yet, despite this, the French council approved, with very few exceptions, a law that allows intelligence agencies to monitor phone calls and emails without prior judicial authorisation; to require internet service providers to install “black boxes” that filter all internet traffic, combing everyone’s metadata in order to identify deviant behaviours based on unknown parameters and provide access to the agencies; and to bug cars, homes and keyboards for images, sound and data.

All of this, of course, is discussed as being targeted at “suspected terrorists”. But all of it, equally and more significantly, touches us all; anyone and everyone who traverses the Internet. The law’s goal is to improve the agencies’ tools for a large variety of vaguely stated purposes: terrorism, but also political surveillance, competitive intelligence for France’s major economic, industrial and scientific interests, the fight against organised crime, and goodness knows what else to come.
The French case shows that the long-cherished secrecy of communications – a notion dating at least as far back as the French Revolution – has no constitutional priority. It shows the gripping appeal of laws that, in Kafka’s terms, provide a false sense of security and leave the people – particularly people in certain communities – helplessly exposed. On Sunday 26 July, the law came into effect.

Effective intelligence is critical to the challenges we face. But that intelligence must be targeted
The reality is that the French and British governments have discerned that a potent combination of public fear about extremism and political appetite for tough national security measures have cleared the path for draconian overreach and surveillance of all our communications. This is enacted even without proof that such tools will prevent the unpreventable, nor any cost-benefit analysis of all of the other ways that they leave us exposed, and society fragmented.

Effective intelligence is critical to the challenges we face. But that intelligence must be targeted, and it must be subject to due process, transparency and meaningful independent oversight. Measures that inhibit all of our freedoms must be subject to open, fair, evidenced-based debate, rather than cynical emergency procedures. And even if an individual is prepared to surrender all privacy in order to accept a minute reduction in risk of a catastrophic event, what safeguards are in place to prevent even greater catastrophes, in the hands of a state, oft-captured and oft-brutal, knowing and seeing all?

The tools that France and Britain are currently seeking are too blunt and intrusive for modern democracies. They stifle dissent with the same chilling turn uttered by Robespierre, one of the main leaders of the Reign of Terror during the French Revolution in condemning his former friend and close ally Danton to the guillotine for alleged counter-revolutionary activities: “anyone who trembles at this moment is guilty; for innocence never fears public surveillance”. We live it seems on the razor’s edge.
Guardian: http://bit.ly/1PbKFE5

« HTC: Rendered Worthless By Insecurity?
Twitter says U.S Government Want More User Account Information »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

JLT Specialty

JLT Specialty

JLT Specialty is a leading specialist insurance broker. Services offered include Cyber Risks insurance.

CloudPassage

CloudPassage

CloudPassage, a cloud security and compliance pioneer, safeguards cloud infrastructure for the world’s best-recognized brands.

Salient CRGT

Salient CRGT

Salient CRGT is a leading provider of health, data analytics, cloud, agile software development, mobility, cyber security, and infrastructure solutions.

Subgraph

Subgraph

Subgraph is an open source security company, committed to making secure and usable open source computing available to everyone.

Horangi

Horangi

Horangi provides security products and services that enable the rapid delivery of Incident Response and threat detection for our customers who lack the scale, expertise, or time to do it themselves.

Datec PNG

Datec PNG

Datec is the the largest end-to-end information and communications technology solutions and services provider in Papua New Guinea.

NESECO

NESECO

NESECO is an IT security integration and consulting firm providing security products, solutions, support, consulting, and training services.

CNS Group

CNS Group

CNS Group provides industry leading cyber security though managed security services, penetration testing, consulting and compliance.

Macquarie Telecom Group

Macquarie Telecom Group

Macquarie Telecom is Australia's datacentre, cloud, cyber security and telecom company for mid-large business and government customers.

Beyond Encryption

Beyond Encryption

Mailock by Beyond Encryption is a secure email solution that allows businesses to exchange email securely, safe in the knowledge that their email can only be read by their intended recipient.

Fifosys

Fifosys

Fifosys is a professional technology infrastructure specialist, delivering a broad portfolio of high quality technical and strategic managed services.

Cufflink

Cufflink

Cufflink makes your business more secure, compliant and trusted. We limit the likelihood and impact of a data breach by controlling exactly what can and can't be done with personal data.

Fulcrum Technology Solutions

Fulcrum Technology Solutions

The Fulcrum team of technologists are recognized experts in the fields of IT Infrastructure Technology, Security, Service Management and Support.

Var Group

Var Group

Var Group is one of the main partners for innovation in the ICT sector in Italy.

Tracebit

Tracebit

Tracebit uses decoys to detect and respond to cloud intrusions in minutes.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.