France & UK on the Edge of Kafkaesque Surveillance

Uploaded on 2015-08-14 in NEWS-Cybersecurity News, INTELLIGENCE--International, GOVERNMENT-National, FREE TO VIEW

_82765991_4a198504-d9b4-42c1-961c-d73863aa7f4f.jpg

Those opposed to the new French surveillance law say it will allow the government to keep a record of innocuous conversations.

The problem of our laws, wrote Kafka, is that they can involve arbitrary, secretive acts on the part of elites. The law, on this view, has “brought only slight, more or less accidental benefits, and done a great deal of serious harm, since it has given the people a false sense of security towards coming events, and left them helplessly exposed”.
“We live”, Kafka concluded, “on the razor’s edge”. Most would find Kafka’s parable, published in 1931, a miss-characterisation of the rule of law. In democracies with a separation of powers, there are checks and balances between legislative, executive and judicial branches of government. There is transparency, rigor and reason, rather than secrecy.

There is accountability and oversight.
Or so we would hope. But if ever there were a set of laws at the thin edge of the world, reeling back the swath of advances in civil rights and liberties during the century since Kafka resolved his thinking, and embodying his diagnosis with terrifying precision, they are the laws surrounding surveillance and counter-terror in the digital age.
Two decisions, one 11 days ago in Britain, and another last Thursday in France, highlight key concerns about the rule of law, cognitive dissonance around terror, the fated pursuit of a false sense of security, and the disassembled balance of power between citizens and the deep state.

The first story appears to contain a glimmer of hope. Two British MPs, Tom Watson and David Davis, crossed the party divide and with campaigning organisation Liberty, won a legal challenge against the rushed, undemocratic Data Retention and Investigatory Powers Act (Dripa), passed in July 2014. The High Court found that Dripa was unlawful because it did not adequately ensure that access to, and use of, communications data (though not its collection) was limited to what was necessary, appropriate and proportionate for preventing and detecting serious crime.

The law attracted impassioned cries about incursions on civil liberties – despite this, the French council approved it
The decision has been welcomed for, finally, recognising in the UK what a number of other countries and a slew of independent examiners have demanded: proper judicial oversight of a “general retention regime on a potentially massive scale”. Where it falls down, as do many of those reports, is in accepting, implicitly or explicitly, the euphemistic re-characterisation of mass surveillance as “bulk interception” or “bulk collection”, thus endorsing an incursion into our private lives, papers, thoughts and communications that has no precedent in the law of the land. However, the Dripa victory is likely short-lived. Immediately, the Home Office declared its disagreement with the High Court’s decision, pledging to appeal. And of course, the Conservative government has already made abundantly clear its intention to enact a single, comprehensive law – the so-called “snooper’s charter” – which many fear would unleash a tidal wave of surveillance at political and executive discretion.

This is where the other side of the channel comes in. Late on Thursday 23 July, in France’s highest constitutional body, the last safeguard of the rule of law fell, approving what is, by all measures, an intrusive, comprehensive, virtually-unchecked surveillance law.

A pipe-dream for two years, the French law gathered momentum in March this year in the wake of the Charlie Hebdo attack, and was put together in the French parliament under emergency procedures, drastically reducing discussion time and preventing any meaningful debate. The law was overwhelmingly approved by parliament in June and immediately referred to the constitutional council by nearly everyone who could do so, including François Hollande – the first time the president has deferred a law voted by parliament in the Fifth Republic.
 
The case also attracted an unheard of number of amicus briefs, many of which were made public, and most of which involved an impassioned cry about the unprecedented incursion on civil liberties that the law mandates.
And yet, despite this, the French council approved, with very few exceptions, a law that allows intelligence agencies to monitor phone calls and emails without prior judicial authorisation; to require internet service providers to install “black boxes” that filter all internet traffic, combing everyone’s metadata in order to identify deviant behaviours based on unknown parameters and provide access to the agencies; and to bug cars, homes and keyboards for images, sound and data.

All of this, of course, is discussed as being targeted at “suspected terrorists”. But all of it, equally and more significantly, touches us all; anyone and everyone who traverses the Internet. The law’s goal is to improve the agencies’ tools for a large variety of vaguely stated purposes: terrorism, but also political surveillance, competitive intelligence for France’s major economic, industrial and scientific interests, the fight against organised crime, and goodness knows what else to come.
The French case shows that the long-cherished secrecy of communications – a notion dating at least as far back as the French Revolution – has no constitutional priority. It shows the gripping appeal of laws that, in Kafka’s terms, provide a false sense of security and leave the people – particularly people in certain communities – helplessly exposed. On Sunday 26 July, the law came into effect.

Effective intelligence is critical to the challenges we face. But that intelligence must be targeted
The reality is that the French and British governments have discerned that a potent combination of public fear about extremism and political appetite for tough national security measures have cleared the path for draconian overreach and surveillance of all our communications. This is enacted even without proof that such tools will prevent the unpreventable, nor any cost-benefit analysis of all of the other ways that they leave us exposed, and society fragmented.

Effective intelligence is critical to the challenges we face. But that intelligence must be targeted, and it must be subject to due process, transparency and meaningful independent oversight. Measures that inhibit all of our freedoms must be subject to open, fair, evidenced-based debate, rather than cynical emergency procedures. And even if an individual is prepared to surrender all privacy in order to accept a minute reduction in risk of a catastrophic event, what safeguards are in place to prevent even greater catastrophes, in the hands of a state, oft-captured and oft-brutal, knowing and seeing all?

The tools that France and Britain are currently seeking are too blunt and intrusive for modern democracies. They stifle dissent with the same chilling turn uttered by Robespierre, one of the main leaders of the Reign of Terror during the French Revolution in condemning his former friend and close ally Danton to the guillotine for alleged counter-revolutionary activities: “anyone who trembles at this moment is guilty; for innocence never fears public surveillance”. We live it seems on the razor’s edge.
Guardian: http://bit.ly/1PbKFE5

« HTC: Rendered Worthless By Insecurity?
Twitter says U.S Government Want More User Account Information »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Encode

Encode

Encode delivers a cutting edge Security Analytics & Response Orchestration platform and best of breed Cyber Security Operations and Services.

Egerie

Egerie

EGERIE's RiskManager solution provides a Global, Centralized, and Updated view of risk maps and security measures for your company.

Oppida

Oppida

Oppida provides tailored IT security services to help you identify security gaps and assist in finding the most effective remediation.

MailXaminer

MailXaminer

MailXaminer is an advance and powerful email investigation platform that scans digital data, performs analysis, reports on findings and preserves them in a court validated format.

Capula

Capula

Capula is a leading system integration specialist for control, automation and operational IT systems across all applications and industry sectors.

Verodin

Verodin

Verodin is a business platform that provides organizations with the evidence needed to measure, manage and improve their cybersecurity effectiveness.

Austrian Institute of Technology (AIT)

Austrian Institute of Technology (AIT)

AIT is Austria's largest research and technology organisation and a specialist in the key infrastructure issues of the future including data science and cybersecurity.

Raqmiyat

Raqmiyat

Raqmiyat provides end-to-end IT Services and business solutions including consultancy, digital transformation, infrastructure and cybersecurity.

Cyber Pop-Up

Cyber Pop-Up

Cyber Pop-Up provide on-demand access to top security experts. No recruiting. No onboarding. No overhead costs.

ThreatX

ThreatX

ThreatX provides complete web application & API protection to address expanding app footprints and complex attacks.

CyGlass

CyGlass

CyGlass simply and effectively identifies, detects, and responds to threats to your network without requiring any additional hardware, software, or people.

Accurics

Accurics

Accurics enables self-healing cloud native infrastructure by codifying security throughout your development lifecycle.

FortKnoxster

FortKnoxster

FortKnoxster is a cybersecurity company within the Crypto & FinTech space. Our encryption technologies are blockchain integrated.

Bluewave

Bluewave

Bluewave are a strategic IT advisory company that offers businesses a simple and comprehensive way to purchase information technology solutions.

SecureDApp

SecureDApp

SecureDApp is a blockchain security company that specialises in offering comprehensive security solutions to companies operating in the web3 space.

SiyanoAV

SiyanoAV

SiyanoAV's range of antivirus products delivers strong protection against various cyber threats, including malware, ransomware, phishing schemes, and beyond.