France & UK on the Edge of Kafkaesque Surveillance

_82765991_4a198504-d9b4-42c1-961c-d73863aa7f4f.jpg

Those opposed to the new French surveillance law say it will allow the government to keep a record of innocuous conversations.

The problem of our laws, wrote Kafka, is that they can involve arbitrary, secretive acts on the part of elites. The law, on this view, has “brought only slight, more or less accidental benefits, and done a great deal of serious harm, since it has given the people a false sense of security towards coming events, and left them helplessly exposed”.
“We live”, Kafka concluded, “on the razor’s edge”. Most would find Kafka’s parable, published in 1931, a miss-characterisation of the rule of law. In democracies with a separation of powers, there are checks and balances between legislative, executive and judicial branches of government. There is transparency, rigor and reason, rather than secrecy.

There is accountability and oversight.
Or so we would hope. But if ever there were a set of laws at the thin edge of the world, reeling back the swath of advances in civil rights and liberties during the century since Kafka resolved his thinking, and embodying his diagnosis with terrifying precision, they are the laws surrounding surveillance and counter-terror in the digital age.
Two decisions, one 11 days ago in Britain, and another last Thursday in France, highlight key concerns about the rule of law, cognitive dissonance around terror, the fated pursuit of a false sense of security, and the disassembled balance of power between citizens and the deep state.

The first story appears to contain a glimmer of hope. Two British MPs, Tom Watson and David Davis, crossed the party divide and with campaigning organisation Liberty, won a legal challenge against the rushed, undemocratic Data Retention and Investigatory Powers Act (Dripa), passed in July 2014. The High Court found that Dripa was unlawful because it did not adequately ensure that access to, and use of, communications data (though not its collection) was limited to what was necessary, appropriate and proportionate for preventing and detecting serious crime.

The law attracted impassioned cries about incursions on civil liberties – despite this, the French council approved it
The decision has been welcomed for, finally, recognising in the UK what a number of other countries and a slew of independent examiners have demanded: proper judicial oversight of a “general retention regime on a potentially massive scale”. Where it falls down, as do many of those reports, is in accepting, implicitly or explicitly, the euphemistic re-characterisation of mass surveillance as “bulk interception” or “bulk collection”, thus endorsing an incursion into our private lives, papers, thoughts and communications that has no precedent in the law of the land. However, the Dripa victory is likely short-lived. Immediately, the Home Office declared its disagreement with the High Court’s decision, pledging to appeal. And of course, the Conservative government has already made abundantly clear its intention to enact a single, comprehensive law – the so-called “snooper’s charter” – which many fear would unleash a tidal wave of surveillance at political and executive discretion.

This is where the other side of the channel comes in. Late on Thursday 23 July, in France’s highest constitutional body, the last safeguard of the rule of law fell, approving what is, by all measures, an intrusive, comprehensive, virtually-unchecked surveillance law.

A pipe-dream for two years, the French law gathered momentum in March this year in the wake of the Charlie Hebdo attack, and was put together in the French parliament under emergency procedures, drastically reducing discussion time and preventing any meaningful debate. The law was overwhelmingly approved by parliament in June and immediately referred to the constitutional council by nearly everyone who could do so, including François Hollande – the first time the president has deferred a law voted by parliament in the Fifth Republic.
 
The case also attracted an unheard of number of amicus briefs, many of which were made public, and most of which involved an impassioned cry about the unprecedented incursion on civil liberties that the law mandates.
And yet, despite this, the French council approved, with very few exceptions, a law that allows intelligence agencies to monitor phone calls and emails without prior judicial authorisation; to require internet service providers to install “black boxes” that filter all internet traffic, combing everyone’s metadata in order to identify deviant behaviours based on unknown parameters and provide access to the agencies; and to bug cars, homes and keyboards for images, sound and data.

All of this, of course, is discussed as being targeted at “suspected terrorists”. But all of it, equally and more significantly, touches us all; anyone and everyone who traverses the Internet. The law’s goal is to improve the agencies’ tools for a large variety of vaguely stated purposes: terrorism, but also political surveillance, competitive intelligence for France’s major economic, industrial and scientific interests, the fight against organised crime, and goodness knows what else to come.
The French case shows that the long-cherished secrecy of communications – a notion dating at least as far back as the French Revolution – has no constitutional priority. It shows the gripping appeal of laws that, in Kafka’s terms, provide a false sense of security and leave the people – particularly people in certain communities – helplessly exposed. On Sunday 26 July, the law came into effect.

Effective intelligence is critical to the challenges we face. But that intelligence must be targeted
The reality is that the French and British governments have discerned that a potent combination of public fear about extremism and political appetite for tough national security measures have cleared the path for draconian overreach and surveillance of all our communications. This is enacted even without proof that such tools will prevent the unpreventable, nor any cost-benefit analysis of all of the other ways that they leave us exposed, and society fragmented.

Effective intelligence is critical to the challenges we face. But that intelligence must be targeted, and it must be subject to due process, transparency and meaningful independent oversight. Measures that inhibit all of our freedoms must be subject to open, fair, evidenced-based debate, rather than cynical emergency procedures. And even if an individual is prepared to surrender all privacy in order to accept a minute reduction in risk of a catastrophic event, what safeguards are in place to prevent even greater catastrophes, in the hands of a state, oft-captured and oft-brutal, knowing and seeing all?

The tools that France and Britain are currently seeking are too blunt and intrusive for modern democracies. They stifle dissent with the same chilling turn uttered by Robespierre, one of the main leaders of the Reign of Terror during the French Revolution in condemning his former friend and close ally Danton to the guillotine for alleged counter-revolutionary activities: “anyone who trembles at this moment is guilty; for innocence never fears public surveillance”. We live it seems on the razor’s edge.
Guardian: http://bit.ly/1PbKFE5

« HTC: Rendered Worthless By Insecurity?
Twitter says U.S Government Want More User Account Information »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Caldew Consulting

Caldew Consulting

Caldew specialise in providing information assurance and cyber security consultancy, covering the full spectrum of the security life cycle.

Information Security Group (ISG) - Royal Holloway

Information Security Group (ISG) - Royal Holloway

The Information Security Group, Royal Holloway, University of London, is an Academic Centres of Excellence in Cyber Security Research.

Cyber Together

Cyber Together

Cyber Together is dedicated to advancing the cyber security industry by giving businesses access to Israel’s leaders, innovators and great minds in the field of cyber security.

Zertificon Solutions

Zertificon Solutions

Zertificon is a leader in professional email encryption and data security.

Genie Networks

Genie Networks

Genie Networks is a leading technology company providing networking and security solutions for optimizing the performance of large networks.

InfoWatch

InfoWatch

InfoWatch solutions allow you to protect data and information assets that are critically important to your business.

Seclab

Seclab

Seclab is an innovative player in the protection of industrial systems and critical infrastructure against sophisticated cyber attacks.

Wise-Mon

Wise-Mon

Wise-Mon is expert in its field of network monitoring and control. We give solutions to huge organizations with tens of thousands of ports, as well as small companies with one switch.

Paladin Capital Group

Paladin Capital Group

Paladin is a leading global investor that supports and grows the world’s most innovative cyber companies.

Data Theorem

Data Theorem

Data Theorem is a leading provider in modern application security. Its core mission is to analyze and secure any modern application anytime, anywhere.

ClassNK Consulting Service (NKCS)

ClassNK Consulting Service (NKCS)

ClassNK Consulting provides consulting services to the maritime industry with a focus on safety, security and compliance.

Experis

Experis

Experis provide IT resourcing, project solutions and managed services. We enable organizations to cultivate individuals and teams prepared for the digital age.

Pristine InfoSolutions

Pristine InfoSolutions

Pristine InfoSolutions is a global IT services and Information Security Company focused on delivering smart, next-generation business solutions.

Radiance Technologies

Radiance Technologies

Radiance solutions provide technological advantage and operational superiority for our nation in the areas of intelligence, cyber and advanced weapon systems.

Eventus Security

Eventus Security

Eventus, are a team of highly skilled professionals who are committed to deliver excellence in next generation cyber security services and customized solutions for your enterprise.

InfoTrust

InfoTrust

InfoTrust is a leading specialised cybersecurity practice that combines a customer-first consulting approach with next-generation security solutions.