Europe Is Spying on You

When Edward Snowden disclosed details of America’s huge surveillance program two years ago, many in Europe thought that the response would be increased transparency and stronger oversight of security services. European countries, however, are moving in the opposite direction. Instead of more public scrutiny, we are getting more snooping. Pushed to respond to the atrocious attacks in Paris and Copenhagen and by the threats posed by the Islamic State to Europe’s internal security, several countries are amending their counter-terrorism legislation to grant more intrusive powers to security services, especially in terms of mass electronic surveillance.

France recently adopted a controversial law on surveillance that permits major intrusions, without prior judicial authorization, into the private lives of suspects and those who communicate with them, live or work in the same place or even just happen to be near them.

The German Parliament adopted a new data retention law on Oct. 16 that requires telecommunications operators and Internet service providers to retain connection data for up to 10 weeks. And the British government intends to increase the authorities’ powers to carry out mass surveillance and bulk collection of intercepted data.

Meanwhile, Austria is set to discuss a draft law that would allow a new security agency to operate with reduced external control and to collect and store communication data for up to six years. The Netherlands is considering legislation allowing dragnet surveillance of all telecommunications, indiscriminate gathering of metadata, decryption and intrusion into the computers of non-suspects. And in Finland, the government is even considering changing the Constitution to weaken privacy protections in order to ease the adoption of a bill granting the military and intelligence services the power to conduct electronic mass surveillance with little oversight.

Governments now argue that to guarantee our security we have to sacrifice some rights. This is a specious argument. By shifting from targeted to mass surveillance, governments risk undermining democracy while pretending to protect it.
They are also betraying a long political and judicial tradition affording broad protection to privacy in Europe, where democratic legal systems have evolved to protect individuals from arbitrary interference by the state in their private and family life. The European Court of Human Rights has long upheld the principle that surveillance interferes with the right to privacy. Although the court accepts that the use of confidential information is essential in combating terrorist threats, it has held that the collection, use and storage of such information should be authorized only under exceptional and precise conditions, and must be accompanied by adequate legal safeguards and independent supervision. The court has consistently applied this principle for decades when it was called to judge the conduct of several European countries, which were combating domestic terrorist groups.

More recently, as new technologies have offered more avenues to increase surveillance and data collection, the court has reiterated its position in a number of leading cases against several countries, including France, Romania, Russia and Britain, condemned for having infringed the right to private and family life that in the interpretation of the court covers also “the physical and psychological integrity of a person.”

Last year, the European Court of Justice set limits on telecommunication data retention. By invalidating a European Union directive for its unnecessary “wide-ranging and particularly serious interference with the fundamental right to respect for private life” and personal data, this court reaffirmed the outstanding place privacy holds in Europe. This judgment echoed a 2006 German Constitutional Court ruling that the German police had breached the individual right to self-determination and human dignity after they conducted a computerized search of suspected terrorists.
Many of the surveillance policies that have recently been adopted in Europe fail to abide by these legal standards. Worse, many of the new intrusive measures would be applied without any prior judicial review establishing their legality, proportionality or necessity. This gives excessive power to governments and creates a clear risk of arbitrary application and abuse.

If European governments and parliaments do not respect fundamental principles and judicial obligations, our lives will become much less private. Our ability to participate effectively in public life is threatened, too, because these measures curtail our freedom of speech and our right to receive information, including that of public interest. Not all whistleblowers have the technical knowledge Mr. Snowden possessed. Many would fear discovery if they communicated with journalists, who in turn would lose valuable sources, jeopardizing their ability to reveal unlawful conduct in both the public and private spheres. Watergates can only happen when whistleblowers feel protected. 
Indiscriminate mass surveillance can also impinge on attorney-client privilege and medical confidentiality. You might think twice before seeing a lawyer or a doctor, knowing that the authorities, and private companies, are aware of your communications and movements.

It is essential that European countries pause and consider the damage they have done. At a minimum, three core safeguards should be provided.

First, legislation should limit surveillance and the use of data in a way that strictly respects the right to privacy as spelled out in the Universal Declaration of Human Rights, the International Covenant on Civil and Political Rights, European data protection standards, the case law of the European Court of Human Rights and that of the European Court of Justice. These norms oblige states to respect human rights when they gather and store information relating to our private lives and to protect individuals from unlawful surveillance, including when carried out by foreign agencies.

Second, there must be rigorous procedures for the examination, use and storage of all data obtained, and those subjected to surveillance should be given a chance to exercise their legal rights to appeal.
Third, security agencies must operate under independent scrutiny and judicial review. This will require intrusive oversight powers for parliaments and a judiciary that is involved in the decision-making process to ensure accountability. Countries that have adopted controversial surveillance laws should reconsider or amend them. And those considering new surveillance legislation should do so with great caution.

Terrorism is a real threat and it requires an effective response. But adopting surveillance measures that undermine human rights and the rule of law is not the solution.
NYT:  http://nyti.ms/1MTSbkS

 

 

« Poaching On the Rise For Big Data Professionals
New Material Promises NSA-proof Wallpaper »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

USNA Center for Cyber Security Studies

USNA Center for Cyber Security Studies

The mission of the Center for Cyber Security Studies is to enhance the education of midshipmen in all areas of cyber warfare.

CloudCodes Software

CloudCodes Software

CloudCodes is a cloud security solutions provider focused on providing cloud security solutions to enterprise customers.

Microsoft Security

Microsoft Security

Microsoft Security helps protect people and data against cyberthreats to give you peace of mind. Safeguard your people, data, and infrastructure.

Spanish National Cybersecurity Institute (INCIBE)

Spanish National Cybersecurity Institute (INCIBE)

INCIBE undertakes research, service delivery and coordination for building cybersecurity at the national and international levels.

Nohau

Nohau

Nohau provide services for safe and secure embedded software development.

Ubiq Security

Ubiq Security

Ubiq has developed a software solution that secures any type of data, on any device, anywhere, with nearly no impact to system performance or user experience.

Suprema

Suprema

Suprema is a leading global provider of access control and biometrics solutions.

TI Safe

TI Safe

TI Safe provide cybersecurity solutions for industrial networks of main critical infrastructures in Latin America.

Hunters.AI

Hunters.AI

Hunters is the world's first autonomous hunting solution that leverages top-tier cyber expertise and AI to uncover hidden cyber threats.

DestructData

DestructData

DestructData is a leading independent provider of End of Life data destruction/security solutions.

Intraprise Health

Intraprise Health

Intraprise Health is a Certified HITRUST Assessor and award-winning provider of health information security products and services.

SafeGuard Cyber

SafeGuard Cyber

The SafeGuard Cyber SaaS platform empowers enterprises to adopt the social and digital channels they need to reach customers, while reducing digital risk and staying secure and compliant.

LTIMindtree

LTIMindtree

LTIMindtree is a new kind of technology consulting firm. We help businesses transform – from core to experience – to thrive in the marketplace of the future.

DataSixth Security Consulting

DataSixth Security Consulting

DataSixth delivers Cybersecurity Intelligence. With our unique capabilities, we’re able to deliver value, deliver answers, and deliver actionable security intelligence.

GLIMPS

GLIMPS

GLIMPS-Malware automatically detects malware affecting standard computer systems, manufacturing systems, IOT or automotive domains.

Cyber Security Works (CSW)

Cyber Security Works (CSW)

Cyber Security Works is your organization’s early cybersecurity warning system to help prevent attacks before they happen.