Extraordinary Popular Delusions

"Men… think in herds … they only recover their senses slowly, and one by one."

Tag: council of europe

European Parliament holds second surveillance inquiry hearing

Following on from my last post, I’m just catching up with the second hearing of the European Parliament’s Civil Liberties Committee into surveillance in and by EU countries. This was held on Thursday 12th September and, like the first hearing, was divided into two sessions.

The first, private, session saw MEPs briefed on the results of a meeting between EU and US data protection experts back in July. There were two strands to the EU’s response to PRISM in mid-June; one was the public inquiry arranged by the European Parliament and the other was the ad hoc working group formed by the Council Presidency and Commission doing the reporting in this closed session.

The second session included a briefing from the Chair of the Article 29 Working Party, Jacob Kohnstamm, on the impact of surveillance on privacy and US-EU Data Protection Agreements. Audio of this second session has been released on the EU website  – although it’s not the most user friendly interface I’ve ever encountered.

Documents from the meeting are also available here.  Of these, Kohnstamm’s letter to EU Commissioner Viviane Reding forms the basis of his presentation to the Inquiry and is certainly worth looking at.

It also needs to be clarified if these American intelligence programs are in line with European and international law. This includes the International Covenant on Civil and Political Rights, which lays down the right to privacy in a general way. More importantly, the necessity and proportionality of these programs according to the Council of Europe Convention 108 needs to be further assessed. WP29 therefore considers it is likely that the current practice of apparent large-scale collection and accessing of personal data of non-US persons is not covered by the Council of Europe Cybercrime Convention. This is particularly relevant in light of the on-going discussion within the Council of Europe Cybercrime Convention Committee (T-CY) on the preparations for an additional protocol meant to facilitate trans-border data flows in this field.

Documents relating to the first #EPInquiry hearing have also been released.

The next #EPInquiry hearing is scheduled for 24th September:

There are five sessions foreseen in the programme focusing on “Allegations of NSA tapping into the SWIFT data used in the TFTP programme”, “Exchange of views with US Administration”, “Feedback of the meeting of the EU-US Transatlantic group of experts on data protection of 19/20 September 2013”, “Exchange of views with US Civil Society (part I)” and “Presentation of the study on the US surveillance programmes and their impact on EU citizens’ privacy”.

Update (19/9)

Kohnstamm does not understate the importance of the Snowden revelations (this from the audio clip):

Based on the reports… it is highly likely that the fundamental rights of human beings have indeed been infringed on… The fundamental trust between government and citizens is at stake.

He also makes clear that the surveillance activities of EU member states will also need to be assessed for their compliance with international law and EU standards, which may themselves need to change to offer better protection for individuals’ privacy.

Advertisements

#Miranda: some additional notes on reliability, legality and security

The past few days have turned up some articles that shed further light on the subject of David Miranda’s detention (which I have previously blogged on here and here).

The reliability of Oliver Robbins

Ryan Chittum, a writer for the Columbia Journalism Review, was cited in Oliver Robbins’ witness statement. In another piece for CJR, Chittum takes issue with the way his writing was used by Robbins and demonstrates how selective quoting meant that the original sense of his piece was lost:

Here’s Robbins:

In an article published on the same day by the Columbia Journalism Review (“Guardian bombshells in an escalating battle against journalism”) Ryan Chittum wrote that the claimant “was serving as a human passenger pigeon, shuttling encrypted files on USB drives between filmmaker Laura Poitras and Greenwald”.

And here’s what I actually wrote:

Miranda was serving as a human passenger pigeon, shuttling encrypted files on USB drives between filmmaker Laura Poitras and Greenwald because, as the whole world now knows, the Internet is fully bugged by the US and UK governments.

Chittum’s conclusion on the reliability of Oliver Robbins’ statement is worth noting:

If it were just a clipped quote, there wouldn’t be much to protest here. But that kind of thing raises questions about what else in Robbins’s testimony isn’t all there. It turns out that Robbins uses selective quotes, specious reasoning, questionable numbers, and flat-out disingenuous claims to make his case that journalists merely possessing secrets was a grave danger to the United Kingdom.

UN Special Rapporteurs question the legality of Miranda’s detention

The Guardian reports that two UN Special Rapporteurs, Frank La Rue (who holds the UN’s free expression brief) and Ben Emmerson (human rights and counter-terrorism) have written to David Cameron to request further information on the grounds for David Miranda’s detention under Schedule 7 powers which, as Ben Emmerson notes, are currently the subject of challenge in the European Court of Human Rights.

This follows a similar move from the Council of Europe, whose Secretary General Thorbjorn Jagland wrote to Home Secretary Theresa May a few days after David Miranda was detained, questioning whether UK actions might have a “chilling effect” on journalists’ freedom of expression, as guaranteed in Article 10 of the European Convention on Human Rights,

TrueCrypt

One of the more important practical conclusions to be drawn from my analysis of the UK Government’s witness statements in Home Office v Miranda, one I maybe should have drawn out more clearly, is that – as far as we can tell – encryption works. Despite the presumably rather large resources UK authorities have dedicated to this problem, they have only been able to decrypt, and read the contents of, the encrypted file they had the password for.

Related to this, and prompted by another series of Washington Post articles sourced by Edward Snowden, Bruce Schneier wrote a very interesting article for Wired this week on what the NSA (probably) can and can’t do.

So learning to use TrueCrypt is a worthwhile use of your time. For those wondering where to start, the tutorial on the TrueCrypt website tries to ensure that you understand the process before taking any major steps. Alternatively, attending a CryptoParty – like this one proposed for Mozfest in London next month – may be useful if you want to discuss the process with someone face to face. Journalists working with extraordinarily sensitive data may want to bear this in mind too.

Update (6/9)

If you’re wondering where yesterday’s Snowden stories in the Guardian, New York Times and ProPublica leave my statements above, this post will explain more.

Update II (7/9)

Glenn Greenwald discussed David Miranda’s detention and what the UK Government had to say about it on yesterday’s edition of Democracy Now. Here’s what Glenn said regarding the UK witness statements:

He hasn’t gotten any of his belongings back. And one of the things that happened is that the U.K. government just outright lied about what took place that day. They claimed he was carrying a password that allowed them access to 58,000 classified documents. He was not carrying any password that allowed them access to any documents. They actually filed an affidavit the same day they made that claim, saying—asking the court to let them continue to keep his belongings on the ground that all of the material he was carrying was heavily encrypted, that they couldn’t break the encryption, and they only got access to 75 of the documents that he was carrying, most of which are probably ones related to his school work and personal use. But, of course, media outlet has just uncritically repeated what the U.K. government had said, as though it were true. It wasn’t true; it was a pack of lies. But even if it were true, the idea that you’re going to detain somebody under a terrorism law who you think is working with journalists is incredibly menacing, as menacing as anything the U.K. government denounces when other countries do it.

Thanks to those in the comments here and on twitter who alerted me to this interview.