archive-org.com » ORG » P » PRIVACYINTERNATIONAL.ORG

Total: 465

Choose link from "Titles, links and description words view":

Or switch to "Titles and links view".
  • Lebanon: It's time to turn your international position on privacy into action at the national level | Privacy International
    Human Rights Council request further information and commitment from Lebanon to address reported unlawful interferences with and violations of the right to privacy The main issues raised in the joint submission include Constitutional protection of the right to privacy The Constitution in Lebanon does not explicitly protect the right to privacy as only the inviolability of the home is protected under its Article 14 Whereas Law No 140 Telecommunication Interception Act of 27 October 1999 upholds the protection of secrecy of communications carried out by all means of communication it is concerning that there is a lack of constitutional protection of the right to privacy more broadly to reflect the protections enshrined in Article 17 of the International Covenant on Civil and Political Rights ICCPR which reinforces Article 12 of the Universal Declaration of Human Rights UDHR Communication surveillance Whilst the Law No 140 seems to provide the necessary safeguards in practice systematic failures to abide by the law are directly threatening the right to privacy of Lebanon s citizens Main concerns expresed in the UPR submission included The failure to respect the existing legal provisions requiring judicial oversight and administrative authorisation of surveillance in accordance with Article 2 3 and 9 respective of the Law No 140 The unauthorised bulk interception of communications data for prolonged periods of time and unrestricted access to the electronic communications data of all Lebanese citizens by the Internal Security Forces ISF The United Nations International Independent Investigation Commission UNIIIC and the Special Tribunal for Lebanon STL permitting the ISF unregulated access to private data of Lebanese citizens from an array of sources including university archives medical records and mobile phone records The presence of PacketShaper installations surveillance technology provided by US based Blue Coat which allows for the surveillance and monitoring of users interactions on various applications such as Facebook Twitter Google Mail and Skype The lack of oversight of agencies permitted to conduct surveillance with concerns around the legal framework overseeing the activities of the Cybercrime and Intellectual Property Rights Bureau and the failure to respect Law No 140 which limits the powers of the Ministry of Interior to wiretap and A 2013 order by the Public Prosecutor s office requested all internet service providers ISPs and some internet cafes that offer Internet access to retain the data of their users activity for a period of one year Data protection Lebanon does not have a law regulating the protection of personal data With existing and emerging initiatives includingthe unique ID number e government initiative the impending deployment of biometric passports and the E transaction bill which in its current state would allow for warrantless search and seizure of financial managerial and electronic files including hard drives computers etc and the establishment of the Electronic Signature Services Authority a new regulatory and licensing body with practically unchecked powers it is extremely concerning that Lebanon has yet to adopt strong legislation protecting data privacy Recommendations In view of the aforementioned areas of concerns SMEX

    Original URL path: https://privacyinternational.org/node/586 (2016-04-27)
    Open archived version from archive

  • Their Eyes On Us | Privacy International
    the same message Some click on the link and download the file They try to open it but all they get is a blank page What they don t realize is that they have inadvertently installed a dangerous kind of software on their machines Something phishy going on It s not immediately apparent what has just been installed on my colleagues devices Our Technologist at Mamfakinch thinks the email looked suspicious So he decides to get in touch with Citizen Lab a research group based in Toronto Canada After a few days Citizen Lab send us a reply it s unequivocal this is a spying program and not just any kind of spying programme Citizen Lab explained that there was spyware hidden in the Word file Once the file is downloaded the spyware automatically installs itself and opens a backdoor to the target computer The device is now able to be controlled via this spyware Anyone controlling the spyware can access all files on the computer including documents They can harvest all passwords for applications like Skype and email even read draft emails It can record all keystrokes on the computer They can even operate the camera and microphone of the target computer This particular spyware goes by many names RCS Remote Control System or Galileo Within the code of the spying software Citizen Lab identified the fingerprint of Hacking Team This is the name of an Italian company based in Milan It specializes in developing spying technology that it sells at a high price to intelligence services around the world Hacked apart My first reaction reading Citizen Lab s findings is one of anxiety The personal computer that has served me faithfully all of these years may now have been turned against me Whoever attacked us that day may now have access to our conversations our login credentials to any services we use They probably have access to the names and addresses of our correspondents even our phone numbers and postal addresses Most worryingly they could have access to the identities of any confidential sources But it is a feeling of anger that quickly takes over I realise how the protection of the personal data of our contributors and the confidentiality of our conversations is essential to the survival of our project All of that might have just been torpedoed by this attack Their eyes are on us now And it is too much to take for most of us Nothing to hide but people to protect When Mamfakinch started on February 17 2011 we were thirty volunteers working behind the project A few months after the attack we were down to three It was only a matter of time before we decide to put an end to the adventure Our members use pseudonyms to avoid becoming easy targets These are honest people who may not have something to hide but a lot to protect their careers their loved ones their reputations their freedom The attack had undermined our

    Original URL path: https://privacyinternational.org/node/577 (2016-04-27)
    Open archived version from archive

  • Five Eyes integration and the law | Privacy International
    the functional integration and co operation across the Five Eyes How complex legal disparities have been resolved to ensure respect for each state s legal framework has long remained in the shadows Thanks to Edward Snowden and recent EFF and ACLU Freedom of Information Act litigation we are beginning to see that lack of adequate legal compliance may be much more far reaching than we initially dared to imagine Expediency In a recently revealed NSA screenshot at the very bottom of the interface for the NSA Unified Targeting Tool which records rationales for targeting individuals an HRA compliant option has been included This compliance box likely to refer to the British Human Rights Act of 1998 has no legal relevance for an NSA analyst unless the NSA plans to share intelligence obtained with the UK Similar terminology also occurs in the recent leaks regarding sim card hacking where HRA justifications are required to be entered to access the database of SIM card encryption keys stolen by GCHQ The inclusion of HRA compliant suggests tools are built with a nod to UK legal compliance in an attempt to ensure the exchange of intelligence on individuals is more expedient Unified tasking and sharing tools A series of screenshots suggest that the Five Eyes partners have adopted similar interfaces justifications and legal compliance procedures for tasking and prioritization too What is perhaps most striking is that many screenshots show the use so called Miranda numbers The Intercept first published screenshots of GCHQ analyst interfaces that include reference to Miranda as an administrative interface that GCHQ uses to store details about information desired by its government customers Until recently we considered Miranda a British intelligence database feature However with the appearance of references to Miranda by multiple parties to the Five Eyes alliance this interface appears to play some international co ordination function too Remarkably the drop down menus don t merely occur among the core Five Eye parties third parties such as Sweden are also using the same system Multiple choice In order to access the many shared and integrated databases created by the Five Eyes analysts simply need to undertake self learning and self assessment tests One internal document shows that for Five Eyes analysts to search through New Zealand XKEYSCORE databases they need to access a system called iLearn and undertake a NZSID7 legal briefing According to the same document similar legal briefings exist for the United Kingdom and for the United States in the form of HRA and USSID SP0018 training These tests are multiple choice open book tests done at the agent s own desk on the iLearn system with no external assessment If the analyst decides they ve passed they have to copy and paste the results into a word document before clicking through to whatever shared database they wish Categorization as a means of legal justification Internal training documents show that Five Eyes analysts are presented with simple interfaces to query the large volume of private communications

    Original URL path: https://privacyinternational.org/node/575 (2016-04-27)
    Open archived version from archive

  • PI and its partners around the globe call on the European Union to keep its high privacy standards | Privacy International
    Europe s ongoing revision of its data protection laws Privacy International was one of the instigators of this letter and many of Privacy International s Network member organisations have signed on including from those countries where comprehensive data protection laws are particularly needed but are frail or in the process of being introduced The European privacy framework has been a model for the rest of the world over a hundred countries now have comprehensive data protection laws mostly as a result of wanting to achieve these same high standards and enable trade with Europe In 2012 the European Commission made an initial proposal to modernise and reform outdated privacy legislation and make it fit to respond to the threats to our privacy today and potential challenges tomorrow This is urgently needed as citizens and consumers are increasingly faced with profiling digitisation and sharing of health data subjected to online tracking while every corner of our lives is increasingly invaded by algorithms mining our data and powerful entities trying to analyse us We need effective protections to ensure that we are in control of our information and not subject to the whims of powerful companies and agencies The original legislative proposal was then amended by the European Parliament producing a text that while not perfect would greatly benefit both citizens and businesses establishing a set of rules for the whole of the EU and guaranteeing high standards for personal data protection around the world Unfortunately the EU Member State governments are currently working to undermine this reform process They are proposing changes that would essentially gut the proposed legal framework rendering it weaker than what is currently in place In the early stages of this fight the European Commission made a clear promise that the rights of individuals will not be

    Original URL path: https://privacyinternational.org/node/574 (2016-04-27)
    Open archived version from archive

  • International Intelligence Bullying | Privacy International
    Eyes would not pass on indications of impending terrorist plots on German territory to German security agencies As one senior German security official made clear Without the information supplied by Anglo Americans we will be blind The situation is telling of a wider trend using denial of intelligence as a means of coercing net importers of intelligence to adapt their security policies minimise public understanding and reduce oversight of intelligence agencies all for the benefit of the net producers A History of Bullying Following the Second World War the United States began outpacing its partners and allies in its signals intelligence and collection capacity The National Security Agency NSA Director and leader of the US Cyber Command Adm Michael Rogers boasts w e have a level of capability and a reach that literally few if any can replicate Rogers has also boasted that the value that NSA provides them in terms of the information that we share to help defend their citizens is almost irreplaceable These inequalities have placed the US in a strong position for diplomatic leveraging and coercion Throughout the history of the partnership the US has proved itself more than willing to use aggressive threats against its partners to see its policies through In the 1950s the UK failed to notify US partners about the impending Suez Crisis It was swiftly cut off from US intelligence The situation was repeated as the UK refused the US access to its Cyprus military base during the 1970s Yom Kippur War The British had to reevaluate their position allow US investment in the signals capacity of the Cyprus base and in return they had to secure a budget and sufficient resources to ensure that collection was for US purposes even to date The US also withdrew intelligence from Australia as

    Original URL path: https://privacyinternational.org/node/564 (2016-04-27)
    Open archived version from archive

  • Hacking Team spyware sold to US DEA, and US Army | Privacy International
    it can be used to monitor a hundred thousand targets Hacking Team Cicom Records show that in 2011 a company called Cicom with a registered address identical to that at which Hacking Team s US office is registered 1997 Annapolis Exchange Parkway Suite 30x sold a Remote Control System originating in Italy to the US Army for USD 350 000 1 Only months later in March 2012 the DEA released a call for tender for a Remote Control Host Based Interception System The DEA is seeking information from potential sources with a fully functional and operational product proven to be capable of providing a Remote Control Host Based Interception System for device or target specific collection pursuant to authorized law enforcement use In August 2012 the DEA s Office of Investigative Technology paid an initial USD 575 000 of an All Options Value of USD 2 410 000 to Cicom and has continued to pay annual installments to the company The most recent record shows a transaction effective in August 2014 and to be completed in August 2015 for a Remote Control Host Based Interception System and support services The transactions are due to end in 2017 The transfers come in the wake of recent revelations of the DEA s mass surveillance programme through which the agency has been collecting and storing the telephone records of ordinary Americans for more than two decades It is now clear that in addition to such bulk collection practices the DEA also possesses the technical capacity to conduct intrusive surveillance on individuals across the globe using Hacking Team s products International abuse Evidence shows that Hacking Team has a consistent track record of delivering its software to end users with records of human rights abuse and has been connected multiple times to the targeting

    Original URL path: https://privacyinternational.org/node/559 (2016-04-27)
    Open archived version from archive

  • Human rights organisations outline qualifications wanted for Special Rapporteur on right to privacy | Privacy International
    resolution to establish a UN Special Rapporteur on the right to privacy attention now turns to identifying highly qualified individuals for the position All applicants must submit an application for the mandate through the Office of the High Commissioner for Human Rights online application system available here The deadline for receipt of nominations is 30 April 2015 At the 29th session of the UN Human Rights Council 15 June 3 July 2015 the President of the Council after a process of selection led by the Council s Consultative Group will appoint the Special Rapporteur on the right to privacy The Council intends the process of selection to ensure that eligible candidates are highly qualified individuals who possess established competence relevant expertise and extensive professional experience in the field of human rights Candidates must have the required expertise and experience in the field of the mandate must be independent and impartial and show a high level of personal integrity and objectivity Privacy International together with Access the American Civil Liberties Union Amnesty International Article 19 the Association for Progressive Communications Electronic Frontier Foundation and the International Commission of Jurists have developed an outline of qualifications that we believe are relevant to

    Original URL path: https://privacyinternational.org/node/556 (2016-04-27)
    Open archived version from archive

  • Stories of surveillance in Morocco | Privacy International
    Hisham when he explains what led him to co found Mamfakinch Mamfakinch s editorial team was targeted with the Remote Control System spyware from the Italian surveillance firm Hacking Team an expensive piece of technology that grants the attacker complete control over the target s computer According to Hacking team this type of malware is sold solely to law enforcement and government agencies leaving little doubt to who targeted Mamfakinch The attack was a serious shock for the editorial team which had until then never considered the issue of information security Mamfakinch eventually disbanded and while there are various reasons for Mamfakinch s closure the Hacking Team attack certainly had a chilling effect It s a bit like an assault you can listen to a story feel sympathetic for the victim but when you really experience an assault it s deeply traumatising says Yassir Kazar who also wrote for Mamfakinch Some people manage to transcend it and to turn it into a positive experience and others remain traumatised especially if technology was not their cup of tea in the first place I think for some people it was a real slap in the face They poisoned this wonderful technology that allowed us to express ourselves anonymously and fearlessly They killed this People started thinking The rules have changed I am not going to take any more risks says Hisham Independent journalists The number one target Even without the expensive equipment provided by Hacking Team Morocco s regime has long known how to use surveillance to discourage dissident voices journalists in particular Samia Errazzouki a Mamfakinch contributor who lives in the US was prepared to handle this type of pressure but did not imagine when she started publishing articles that it would eventually impact her family who was still in Morocco

    Original URL path: https://privacyinternational.org/node/551 (2016-04-27)
    Open archived version from archive



  •