archive-org.com » ORG » P » PRIVACYINTERNATIONAL.ORG

Total: 465

Choose link from "Titles, links and description words view":

Or switch to "Titles and links view".
  • EU catches up, takes steps to control export of intrusion spyware, IP monitoring | Privacy International
    technologies The new language doesn t control intrusion software per se but rather the software and technology used on servers to disseminate it In other words the controls are not aimed at the malware and rootkits that actually infect a device but on the actual software used to create deliver and instruct them It is also important to remember that it is made very clear in the Wassenaar Arrangement and by extension the EU list that controls do not apply to technology or software in the public domain or relating to basic scientific research And while having these controls in place may not explicitly stop the export each time these changes holds them more accountable to lawmakers and the public while making the industry more transparent While we welcome this move to bring the EU into line with the 2013 Wassenaar updates and more into line with other international export regimes it has come at a slow speed and more needs to be done These updated controls have been known and publicised since December 2013 but due to bureaucratic delays in Brussels it has taken this long for the controls to filter into the regulations of the 28 Member States many of whom are leading exporters of surveillance technology Importantly it has to be remembered that any changes made at the December 2014 Wassenaar Arrangement will not be incorporated into EU member states for possibly yet another year The United States a large exporter of such technology has brought in some controls this past year but not all mentioned in the 2013 changes Still this is an important step to finally hold a multi billion dollar industry which has a global reach to account We look forward to continuing to work with civil society the research community and policymakers to

    Original URL path: https://privacyinternational.org/node/431 (2016-04-27)
    Open archived version from archive


  • Secret policy reveals GCHQ can get warrantless access to bulk NSA data | Privacy International
    to the claimants the British intelligence agencies can trawl through foreign intelligence material without meaningful restrictions and can keep such material which includes both communications content and metadata for up to two years Descriptions of the policies were disclosed to the parties after a secret hearing at the Investigatory Powers Tribunal which is currently considering a challenge to GCHQ s surveillance practices that has been brought by human rights organisations including Privacy International Liberty and Amnesty International A public hearing of the case was held in July but these arrangements were revealed to the Tribunal in a closed hearing that the claimants were barred from attending Some details about the policies are now disclosed in order for the claimants to provide comment It is the first time the Government has made available some details of the secret internal arrangements the existence of which they rely on to show that their mass surveillance practices and extensive exchange of surveillance material with the NSA are in accordance with the law The Government says these arrangements make their actions compliant with the Human Rights Act even though the arrangements remain secret and immune from public scrutiny The disclosed arrangements bring into sharp relief the minimal safeguards and weak restrictions on raw intelligence sharing with foreign governments including between the UK and the United States The fact that GCHQ can request and receive large quantities of unanalysed raw bulk data from foreign intelligence agencies without a warrant in place simply because it would not be technically feasible to obtain it in the UK shows the inadequacies in RIPA to deal with intelligence agency co operation Under these arrangements there is a clear risk that agencies can sidestep British legal restrictions to obtain access to vast amounts of data The release of some details of the arrangements also raises serious doubts about the level of oversight provided by the ISC which last week heard evidence from the Foreign Secretary as part of its current investigation into privacy and security In July 2013 the ISC conducted an investigation of GCHQ s access to the NSA s PRISM programme and reassured the public that in each case where GCHQ sought information from the US a warrant for interception signed by a Minister was already in place in accordance with the legal safeguards contained in the Regulation of Investigatory Powers Act 2000 This statement obscures whether GCHQ could have sought information without a warrant in place thus failing to reveal that RIPA interception warrants are not required for GCHQ access to intercepts obtained under programmes such as PRISM and Upstream Furthermore the ISC s statement confines itself to instances in which GCHQ specifically seeks information but doesn t stipulate what processes are in place when it receives unsolicited bulk data from the NSA Eric King Deputy Director of Privacy international said We now know that data from any call internet search or website you visited over the past two years could be stored in GCHQ s database and

    Original URL path: https://privacyinternational.org/node/436 (2016-04-27)
    Open archived version from archive

  • UK Government human rights watchdog refuses to hold telcos accountable for role in GCHQ mass surveillance | Privacy International
    a dozen OECD guidelines pertaining to the companies duties to respect and protect human rights including the right to privacy association and expression enshrined in international law and explicitly articulated in the OECD Guidelines on Multinational Enterprises to which the UK is a party In anonymous responses from the companies the operators variously claimed that the allegations presented were false and without foundation in their entirety company 6 any mass Government surveillance programme is a violation of international law and the European Convention on Human Rights because it can never be necessary and proportionate runs contrary to existing UK legislation on lawful interception of data company 3 Section 94 5 of the Telecommunications Act 1984 2 would prohibit voluntary disclosure of anything done by virtue of any order if any such order had been served company 5 The dismissal of the complaint as false by Company 6 and the apparent defence of mass surveillance by Company 3 is in stark contrast to the pushback spy agencies have faced from other sectors Internet giants like Yahoo and Google have stood up for their users in the face of NSA and GCHQ spying turning on encryption to protect communications and litigating overly broad requests for information Last week one of the respondents to Privacy Internatioanl s complaint Vodafone spoke out against mass surveillance telling the Independent Reviewer of Terrorism Legislation David Anderson that the company believes that surveillance powers should be targeted at particular individuals or at specific events or threats based on clear and justifiable grounds not conducted on a blanket basis across populations While Privacy International welcomes such statements for there to be meaningful reform to surveillance practices companies need to ensure that strong rhetoric is matched by strong action to push back against government surveillance Aiding mass surveillance The

    Original URL path: https://privacyinternational.org/node/450 (2016-04-27)
    Open archived version from archive

  • Privacy International files criminal complaint on behalf of Bahraini activists targeted by spyware FinFisher | Privacy International
    only recently been confirmed Two months ago a number of internal Gamma documents were published revealing that Gamma is both aware of and actively facilitating the Bahraini regime s surveillance of targets located outside Bahrain through the provision of intrusion technology called FinFisher to the Bahraini authorities The analysis by Bahrain Watch clearly shows that amongst the Gamma documents published online those targeted by the Bahraini government with FinFisher technology were Mohammed Jaafar and Saeed along with prominent Bahraini opposition politicians democracy activists and human rights lawyers FinFisher was developed and produced by the British company Gamma International Promotional material for FinFisher shows that it allows its user full access to a target s infected device and everything contained within it even enabling them to turn on functions such as cameras and microphones Reports from the Citizen Lab suggest that FinFisher command and control servers have been found in 35 countries including Ethiopia Turkmenistan Bahrain and Malaysia The complaint filed today argues that the actions of the Bahraini authorities qualifies as an unlawful interception of communications under section 1 of the UK s Regulation of Investigatory Powers Act 2000 By selling and assisting Bahraini authorities the complaint argues that Gamma is liable as an accessory under the Accessories and Abettors Act 1861 and or encouraged and assisted the offence under the Serious Crime Act 2007 Moosa Jaafar and Saeed are being represented by Privacy International who have instructed Mark Scott of Bhatt Murphy Solicitors Earlier this year Privacy International and Bhatt Murphy filed a criminal complaint in the UK in relation to the targeting of Tadesse Kersmo an Ethiopian refugee who was infected with FinFisher Adriana Edmeades Legal Officer for Privacy International said For too long companies like Gamma have been enabling repressive states unlawful conduct but then seeking to

    Original URL path: https://privacyinternational.org/node/451 (2016-04-27)
    Open archived version from archive

  • Joint civil society statement on privacy in the digital age | Privacy International
    obligations can be engaged if that surveillance involves the exercise of power or effective control in relation to communications infrastructure The same is true where regulatory jurisdiction over a third party that controls data is exercised including where jurisdiction is asserted over the data of private companies as a result of the incorporation of those companies in the state in question para 34 In a globalized world where data is routinely held in various jurisdictions and can travel across multiple borders in seconds this point underlines the importance of the principle of non discrimination in ensuring meaningful respect for privacy 2 States should adopt a clear precise accessible comprehensive and non discriminatory legislative framework to regulate all surveillance conducted by law enforcement or intelligence agencies para 50 Surveillance should be undertaken under accessible law with foreseeable effects in accordance with the rule of law including the right to an effective remedy In many states the legal frameworks governing surveillance fail to meet this standard generating consequent accountability and transparency concerns 3 The overarching principles in determining whether an interference is permissible are legality necessity and proportionality para 23 In particular it is essential to reiterate proportionality as a foundational principle Mass surveillance is by nature disproportionate and large scale collection practices often fall afoul of this principle As the High Commissioner notes Mass or bulk surveillance programmes may thus be deemed to be arbitrary even if they serve a legitimate aim and have been adopted on the basis of an accessible legal regime In other words it will not be enough that the measures are targeted to find certain needles in a haystack the proper measure is the impact of the measures on the haystack relative to the harm threatened namely whether the measure is necessary and proportionate para 25 4 Metadata merits stronger protection than it currently enjoys under national legal frameworks paras 19 20 The interception of data about a communication metadata can be as sensitive as the interception of the content of a communication There is growing recognition that metadata cannot reasonably be afforded weaker protections than communications content Such data is storable accessible and searchable and access to and analysis of the data can be revelatory and highly invasive 5 The interception acquisition and retention of data amounts to an interference with the right to privacy regardless of whether data is subsequently consulted or used para 20 In the context of mass surveillance programs e ven the mere possibility of communications information being captured creates an interference with privacy with the potential chilling effect on rights including free expression and association para 20 It also follows that mandatory third party data retention requirements where governments require Internet or mobile service providers to store data about all customers appears neither necessary nor proportionate para 26 6 A range of other rights may also be affected by communications surveillance and the collection of personal data beyond the right to privacy The report cites freedom of opinion and expression

    Original URL path: https://privacyinternational.org/node/455 (2016-04-27)
    Open archived version from archive

  • Privacy International asks Europe's human rights court for details about Five Eyes spy pact | Privacy International
    of the intelligence services of the worlds major English speaking countries has never been more evident after the recent disclosure that the UK s intelligence agency Government Communication Headquarters is deeply integrated into the NSA s ICREACH program with both agencies providing information for and having access to the surveillance sharing program According to the Intercept ICREACH is built to share more than 850 billion records about phone calls emails cellphone locations and internet chats and soon other Five Eyes partners Australia Canada and New Zealand will have similar access to ICREACH as the UK In order to shed light on this secret intelligence sharing agreement which effectively binds the Five Eyes as one intelligence agency Privacy International represented by Leigh Day Co solicitors filed a legal challenge against the British Government in the European Court of Human Rights Europe s highest human rights court is the most appropriate venue for such an international agreement and has a strong history of ensuring intelligence agencies are compliant with human rights law The challenge comes after Privacy International filed Freedom of Information requests in all Five Eyes countries compelling them to release the details of the agreement which has a profound impact on the enjoyment and fulfilment of human rights around the world Governments in the US UK Canada Australia and New Zealand denied to publish the secret agreement In the United Kingdom GCHQ invoked a blanket exemption that excuses it from any obligation to be transparent about its activities The same exemption was also invoked by the agency when Privacy International asked for mundane information such as GCHQ s cafeteria menu Privacy International asserts that the British Government has violated the right to access information by refusing to publish documents which stipulate how surveillance is shared with and obtained by Five

    Original URL path: https://privacyinternational.org/node/459 (2016-04-27)
    Open archived version from archive

  • Passage of DRIP surveillance bill shameful | Privacy International
    since the Edward Snowden revealed the scope of the UK mass surveillance activities the only British parliamentary action in relation to surveillance has been to drastically expand the interception powers of intelligence agencies In both process and substance the Data Retention and Investigatory Powers Bill has been a stitch up from the start The rushed nature with which the legislation was rammed through Parliament shows an utter disregard for the democratic process and the rule of law In an effort to circumvent any genuine scrutiny of what is a dramatic expansion in the British surveillance state DRIP was dubbed an emergency and its passage deprived of any adequate debate or amendments The speed with which the Act was adopted reveals far more about the Government s fear that public scrutiny would expose the legislation s numerous blows upon civil liberties than it relates to the genuine need to address limitations to national security capabilities Despite what officials say DRIP does not bring clarity to existing surveillance law it expands spying powers that not only affect British citizens but the entire world Under the Act common internet services such as Google and Facebook can now be compelled to assist the British security services in achieving their surveillance aims including by building backdoors into their own systems to allow for interception of communications At a time when the public is demanding more clarity around the UK s surveillance regime and its laws and those laws are under the scrutiny of the Investigatory Power Tribunals the passage of this Act amounts to a misuse of public power by each of the members of Parliament who supported it In this regard the House of Lords was damning in its criticism with many members expressing their outrage with the rushed timetable describing it as an

    Original URL path: https://privacyinternational.org/node/466 (2016-04-27)
    Open archived version from archive

  • UK Rushes through invasive surveillance laws as intelligence agencies go on trial | Privacy International
    put beyond doubt the application of our laws on interception The previous law the EU Data Retention Directive was struck down by the Court of Justice of the European Union CJEU three months ago but authorities have waited until the last possible minute to rush through legislation and bypass proper scrutiny of the bill The draft law will technically comply with the Court of Justice s instruction not to use the old one but fails to address the reasons the Court struck down the law in the first place Monday s Investigatory Powers Tribunal will be the first time the UK s intelligence services have to account for their mass surveillance activities in open court It is part of an ongoing lawsuit brought by rights groups Privacy International Liberty Amnesty International and others It seeks to establish the extent to which the UK government has been monitoring their online activity Michael Bochenek Senior Director for Law and Policy at Amnesty International said The UK government is manipulating national laws to ensure it can continue to flout international ones Clearly Number 10 would rather move the goalposts than play by the rules At the hearing the groups will challenge the government s assertion that it is entitled to indiscriminately intercept web searches or communications between British residents as long as they are using a service provider based outside the UK Michael Bochenek said For the first time UK intelligence agencies will have to answer for their activities and defend their indefensible policy for mass surveillance Even as the Tribunal will be hearing submissions the government is rushing through a new law in an attempt to curtail the much needed debate on protecting privacy One year on from the Edward Snowden revelations the UK government continues to refuse to confirm or deny

    Original URL path: https://privacyinternational.org/node/467 (2016-04-27)
    Open archived version from archive



  •