As U.S. pushes for cybersecurity norms, civil society pushes for privacy norms
While the U.S. government pushes for the adoption of international norms on cybersecurity, including on questions of critical infrastructure protection, a grassroots effort is underway to establish binding international law to protect the rights of citizens from electronic surveillance, including the bulk collection of data exposed by NSA whistleblower Edward Snowden more than two years ago.
A campaign for a new global treaty against government mass surveillance – entitled the “The International Treaty on the Right to Privacy, Protection Against Improper Surveillance and Protection of Whistleblowers,” or the “Snowden Treaty” for short – was launched yesterday in New York. While the full text of the treaty is yet to be released, an executive summary calls on signatories “to enact concrete changes to outlaw mass surveillance,” increase efforts to provide “oversight of state surveillance,” and “develop international protections for whistleblowers.”
As reported yesterday at The Intercept, “Since the Snowden revelations there has been increasing public recognition of the threat to global privacy, with the United Nations announcing the appointment of its first Special Rapporteur on this issue in March, followed by calls for the creation of a new Geneva Convention on internet privacy.”
The treaty effort is being spearheaded by the global activist organization Avaaz, working closely with David Miranda, who was detained and interrogated by British authorities at Heathrow airport in 2013 in relation to his work exposing NSA and GCHQ abuses with his partner Glenn Greenwald.
“We sat down with legal, privacy and technology experts from around the world and are working to create a document that will demand the right to privacy for people around the world,” Miranda said. Pointing out that governments and private corporations are moving to protect themselves from spying and espionage, Miranda added that “we see changes happening, corporations are taking steps to protect themselves, and we need to take steps to protect ourselves too.”
Snowden spoke via a video link at the event launching the campaign to say that the treaty effort is part of a larger movement to build popular pressure to convince governments to recognize privacy as a fundamental human right – a right already codified in the International Convention on Civil and Political Rights (ICCPR) and the Universal Declaration of Human Rights.
Although Article 17 of the ICCPR stipulates that “No one shall be subjected to arbitrary or unlawful interference with his privacy, family, home or correspondence, nor to unlawful attacks on his honour and reputation,” some advocates believe that further elaboration is needed to ensure the full protection of privacy rights. The UN Human Rights Committee has raised concerns with the United States that its surveillance activities may violate both Articles 17 and 19, but no real changes to policy have been made.
The treaty is also necessary, Snowden said, to ensure internationally guaranteed protections to whistleblowers such as himself. Snowden cited the threat of pervasive surveillance in the United States, stating that “the same tactics that the NSA and the CIA collaborated on in places like Yemen are migrating home to be used in the United States against common criminals and people who pose no threat to national security.”
Coalition pressures Congress on surveillance reform as UN establishes Special Rapporteur on privacy
Pointing to “global norms of free expression and privacy,” a coalition of major internet companies this week launched a campaign to pressure the U.S. Congress to reform practices and laws regulating government surveillance of individuals and access to their personal information.
The Global Government Surveillance Reform coalition, which consists of AOL, Apple, Google, Microsoft, Yahoo, Twitter, Facebook and other companies, trade associations and civil society groups, issued the following letter to the House and Senate leadership on March 25:
We the undersigned represent a wide range of privacy and human rights advocates, technology companies, and trade associations that hold an equally wide range of positions on the issue of surveillance reform. Many of us have differing views on exactly what reforms must be included in any bill reauthorizing USA PATRIOT Act Section 215, which currently serves as the legal basis for the National Security Agency’s bulk collection of telephone metadata and is set to expire on June 1, 2015. That said, our broad, diverse, and bipartisan coalition believes that the status quo is untenable and that it is urgent that Congress move forward with reform.
Together, we agree that the following elements are essential to any legislative or Administration effort to reform our nation’s surveillance laws:
There must be a clear, strong, and effective end to bulk collection practices under the USA PATRIOT Act, including under the Section 215 records authority and the Section 214 authority regarding pen registers and trap & trace devices. Any collection that does occur under those authorities should have appropriate safeguards in place to protect privacy and users’ rights.
The bill must contain transparency and accountability mechanisms for both government and company reporting, as well as an appropriate declassification regime for Foreign Intelligence Surveillance Court decisions.
We believe addressing the above must be a part of any reform package, though there are other reforms that our groups and companies would welcome, and in some cases, believe are essential to any legislation. We also urge Congress to avoid adding new mandates that are controversial and could derail reform efforts.
It has been nearly two years since the first news stories revealed the scope of the United States’ surveillance and bulk collection activities. Now is the time to take on meaningful legislative reforms to the nation’s surveillance programs that maintain national security while preserving privacy, transparency, and accountability. We strongly encourage both the White House and Members of Congress to support the above reforms and oppose any efforts to enact any legislation that does not address them.
The original signatories to the letter consisted of 47 internet firms and civil society groups, but the list of signers is growing by the day. (You can add your name here.)
The Global Government Surveillance Reform coalition also issued five principles to guide reform of government surveillance, “consistent with established global norms of free expression and privacy and with the goals of ensuring that government law enforcement and intelligence efforts are rule-bound, narrowly tailored, transparent, and subject to oversight.”
These principles are the following:
1. Limiting Governments’ Authority to Collect Users’ Information
Governments should codify sensible limitations on their ability to compel service providers to disclose user data that balance their need for the data in limited circumstances, users’ reasonable privacy interests, and the impact on trust in the Internet. In addition, governments should limit surveillance to specific, known users for lawful purposes, and should not undertake bulk data collection of Internet communications.
2. Oversight and Accountability
Intelligence agencies seeking to collect or compel the production of information should do so under a clear legal framework in which executive powers are subject to strong checks and balances. Reviewing courts should be independent and include an adversarial process, and governments should allow important rulings of law to be made public in a timely manner so that the courts are accountable to an informed citizenry.
3. Transparency About Government Demands
Transparency is essential to a debate over governments’ surveillance powers and the scope of programs that are administered under those powers. Governments should allow companies to publish the number and nature of government demands for user information. In addition, governments should also promptly disclose this data publicly.
4. Respecting the Free Flow of Information
The ability of data to flow or be accessed across borders is essential to a robust 21st century global economy. Governments should permit the transfer of data and should not inhibit access by companies or individuals to lawfully available information that is stored outside of the country. Governments should not require service providers to locate infrastructure within a country’s borders or operate locally.
5. Avoiding Conflicts Among Governments
In order to avoid conflicting laws, there should be a robust, principled, and transparent framework to govern lawful requests for data across jurisdictions, such as improved mutual legal assistance treaty — or “MLAT” — processes. Where the laws of one jurisdiction conflict with the laws of another, it is incumbent upon governments to work together to resolve the conflict.
Implementing these principles would not only bring U.S. surveillance practices in line with the U.S. Constitution, but would also go a long way in ensuring that U.S. policy is complying with international norms.
A year ago, following the U.S.’s periodic review for its compliance with the International Covenant on Civil and Political Rights, the United Nations issued a scathing report detailing a host of U.S. violations, including on privacy rights. The UN Human Rights Committee highlighted the ongoing U.S. lack of compliance with privacy requirements set forth in Article 17 of the ICCPR, particularly to respect the right to privacy regardless of the nationality or location of individuals being monitored.
To address these violations, the UN issued the following recommendations to the U.S. government:
(a) Take all necessary measures to ensure that its surveillance activities, both within and outside the United States, conform to its obligations under the Covenant, including article 17; in particular, measures should be taken to ensure that any interference with the right to privacy complies with the principles of legality, proportionality and necessity, regardless of the nationality or location of the individuals whose communications are under direct surveillance;
(b) Ensure that any interference with the right to privacy, family, home or correspondence is authorized by laws that: (i) are publicly accessible; (ii) contain provisions that ensure that collection of, access to and use of communications data are tailored to specific legitimate aims; (iii) are sufficiently precise and specify in detail the precise circumstances in which any such interference may be permitted, the procedures for authorization, the categories of persons who may be placed under surveillance, the limit on the duration of surveillance; procedures for the use and storage of data collected; and (iv) provide for effective safeguards against abuse;
(c) Reform the current oversight system of surveillance activities to ensure its effectiveness, including by providing for judicial involvement in the authorization or monitoring of surveillance measures, and considering the establishment of strong and independent oversight mandates with a view to preventing abuses;
(d) Refrain from imposing mandatory retention of data by third parties;
(e) Ensure that affected persons have access to effective remedies in cases of abuse.
The Electronic Frontier Foundation’s Katitza Rodriguez urged the United States to conform to the UN’s recommendations. “It’s imperative the United States comply with its human rights treaty obligations, specifically Article 17 of the ICCPR, which protect the right of privacy for everyone in the same manner, within or outside US borders, regardless of nationality or place of residence,” Rodriguez said.
In an effort to ensure better compliance from the United States and other serial violators of individual privacy rights, the United Nations Human Rights Council decided this week to establish a new position of Special Rapporteur on the right to privacy, whose tasks will include gathering relevant information, including on international and national frameworks, national practices and experiences.
As Privacy International explains,
The Special Rapporteur will be the authoritative voice and intellectual leader at the global level on the right to privacy around the world. The resolution gives the individual a broad mandate to promote the respect and protection of the right to privacy in all circumstances, wherever or however it is exercised. Amongst other things, the mandate holder will monitor states’ and companies’ compliance with the right to privacy, investigating alleged violations, and making recommendations to ensure that this fundamental right is respected and protected.
Tomaso Falchetta, Legal Officer for Privacy International, said,
The Council today has confirmed what we have said for some time: The right to privacy is an invaluable human right, essential to human autonomy and dignity, and deserves explicit attention to ensure that it is respected and protected around the world. Now, perhaps more than ever, we need a dedicated individual to hold those accountable who wish to violate privacy, whether it is through surveillance, indiscriminate data collection, or other techniques that infringe on this important right. As Privacy International celebrates 25 years of advocating for the right to privacy, we can confidently say that today’s resolution is one of the most important events to protect privacy.
The individual chosen to take up the role of Special Rapporteur is expected to be appointed in June 2015.
When the World Wide Web fought back against the National Security Agency
The Internet fought back yesterday against the ever-encroaching mass-surveillance state being imposed by the NSA and associated government agencies in the U.S. and its international partners. Members of Congress were bombarded with emails and phone calls as part of a coordinated day of action, billed as “The Day We Fight Back,” involving more than 6,000 websites and countless more individuals.
According to Inagist.com, the day of action resulted in at least 80,741 phone calls, 163,859 emails, 220,182 petition signatures, and more than 700,000 visitors to the website.
The online protest began at midnight on Feb. 11 and continued throughout the day. Participating websites included major online platforms such as Reddit and Tumblr and a number of advocacy groups, including Upworthy, Electronic Frontier Foundation, the ACLU, and Demand Progress.
In addition to protesting the widespread government surveillance made public by NSA whistleblower Edward Snowden, the event was timed to commemorate the tragic death of Aaron Swartz, an Internet pioneer and freedom of information activist who was found dead of an apparent suicide in January 2013 amid an overzealous government prosecution that threatened to send him away for 35 years to a U.S. federal prison.
Swartz was a victim of the U.S. “war on whistleblowers,” an ongoing government campaign to clamp down on the free flow of information which has caused the United States to lose its once-touted status as a global champion for freedom of the press. In Reporters Without Borders’ World Press Freedom Index released today, the U.S. fell 13 places from its position last year, being ranked now just 46th out of 180 surveyed countries worldwide.
As Reporters Without Borders explains on its website,
Countries that pride themselves on being democracies and respecting the rule of law have not set an example [for press freedom], far from it. Freedom of information is too often sacrificed to an overly broad and abusive interpretation of national security needs, marking a disturbing retreat from democratic practices. Investigative journalism often suffers as a result.
This has been the case in the United States (46th), which fell 13 places, one of the most significant declines, amid increased efforts to track down whistleblowers and the sources of leaks. The trial and conviction of Private Bradley Manning and the pursuit of NSA analyst Edward Snowden were warnings to all those thinking of assisting in the disclosure of sensitive information that would clearly be in the public interest.
While obsessively persecuting conscientious leakers of state secrets, the U.S. government has simultaneously waged a war against individual privacy that violates a host of international norms, including as Privacy International has pointed out: Article 12 of the 1948 Universal Declaration of Human Rights, which specifically protects territorial and communications privacy; Article 17 of the International Covenant on Civil and Political Rights 1966; Article 14 of the United Nations Convention on Migrant Workers, and Article 16 of the UN Convention of the Protection of the Child.
Other international conventions that recognize the right to privacy include Article 10 of the African Charter on the Rights and Welfare of the Child, Article 11 of the American Convention on Human Rights, Article 4 of the African Union Principles on Freedom of Expression, Article 5 of the American Declaration of the Rights and Duties of Man, Article 21 of the Arab Charter on Human Rights, and Article 8 of the European Convention for the Protection of Human Rights and Fundamental Freedoms.
In an attempt to counter this assault on international norms and U.S. constitutional rights, websites participating in The Day We Fight Back embedded a large black banner that allowed visitors to input their email address and location and send a letter to their representatives in Congress asking them to oppose the FISA Improvements Act, an Orwellian piece of legislation that would retroactively legalize the government’s unlawful mass spying program.
The ACLU called the proposed act “a dream come true for the NSA” that would “codify the NSA’s unconstitutional call-records program and allow bulk collection of location data from mobile phone users.”
Following up on the U.S.-oriented Day We Fight Back, today several groups launched a European-based campaign to protest, in particular, the activities of the NSA’s junior partner in mass surveillance, Britain’s GCHQ. Privacy International, Article 19, Big Brother Watch, English PEN, Liberty, and Open Rights Group initiated the Don’t Spy On Us campaign. In an announcement at the Privacy International blog, Gus Hosein notes,
In almost every week since last summer, a new Snowden document has been released which details the growing surveillance powers and practices of intelligence agencies, each one astonishing in its own right. The documents have exposed the illegal activities and intrusive capabilities of the UK’s intelligence agency, GCHQ, which has secretly sought to exploit and control every aspect of our global communications systems.
For far too long, mass and intrusive government surveillance programs have operated in the shadows, outside of the rule of law, and without democratic accountability. Now our governments are even defending this state of affairs. This should not be, and certainly cannot continue.
We must fight back.
The New York-based Human Rights Watch recently warned that the NSA is “setting trends” and that there will soon there will be “no safe haven” from the worldwide surveillance practices being pioneered by the United States government.
“As the world’s information moves into cyberspace, surveillance capabilities have grown commensurately,” says HRW in its 2014 World Report. “The U.S. now leads in ability for global data capture, but other nations and actors are likely to catch up, and some already insist that more data be kept within their reach.”
Hopefully the international grassroots movement to counter this trend is able to keep up.
For more information, please see:
American Civil Liberties Union
Bill of Rights Defense Committee
Angered by NSA abuses, will Europe commit to meaningful counter-measures?
Despite earlier threats from European officials to delay trade negotiations with the United States over the latest revelations of spying on French and German leaders (which have followed earlier revelations that that the NSA has tapped the telephone lines and computer networks of EU offices in Brussels, New York and Washington), German Chancellor Angela Merkel today offered assurances that U.S.-EU trade talks would go forward without interruption.
Although she said she was skeptical of efforts to delay those negotiations, she expressed tepid support for temporarily halting a program that gives U.S. intelligence agencies access to information about the financial transactions of suspected terrorists routed through the SWIFT clearing house in Brussels. SWIFT, or the Society for Worldwide Interbank Financial Telecommunication, is an industry-owned co-operative that facilitates international financial transfers within the global banking community, consisting of banks, securities broker-dealers, and regulated investment management institutions.
Merkel’s cautious support for restraining U.S. access to SWIFT follows allegations that the NSA has been gaining unauthorized access to the international financial messaging system, which could have major ramifications for the operation of the global financial system.
“Claims that the NSA has tapped the computing infrastructure of the SWIFT system and consequently has access to information about more than 90% of the world’s international banking transactions has huge implications for financial institutions and the individuals who bank with them,” writes Caroline Wilson of Privacy International.
The European Parliament has asked the U.S. to explain its actions and to reveal whether the NSA’s actions are breaching a U.S.-EU agreement that sets forth various rules the U.S. must follow when obtaining and processing financial data stored in the EU. The pact came about in 2010 because of allegations at the time that the U.S. was seeking direct and virtually unrestrained access to Europeans’ SWIFT data.
“If the NSA is obtaining SWIFT messages outside of the rules set forth in the 2010 US-EU Agreement, such action imperils further the relationship between the two parties, and violates the privacy rights of millions of Europeans,” notes Wilson.
In response to the latest allegations, the leaders of Germany and France today proposed creating a new agreement on cooperation among their intelligence services and those of the United States, in the wake of a new report alleging that the National Security Agency had monitored the phone conversations of 35 world leaders.
Noting diminished trust in the United States, Merkel pledged that she and French President Francois Hollande would rapidly forge a new pact to ensure more transparency for U.S. intelligence operations in Europe.
What is unclear though is why these leaders would expect the U.S. government to adhere to the rules of a “new pact,” when it is obvious that it has been brazenly flouting numerous existing pacts for years. Besides violating the 2010 agreement on SWIFT, the United States appears to be violating a host of international laws, including the 1961 Vienna Convention which states that “the official correspondence” as well as “the premises” of diplomatic missions “shall be inviolable.”
The individual’s right to privacy is also enshrined in numerous human rights conventions including in Article 12 of the 1948 Universal Declaration of Human Rights, Article 17 of the International Covenant on Civil and Political Rights 1966, Article 14 of the United Nations Convention on Migrant Workers, and Article 16 of the UN Convention of the Protection of the Child. It is also guaranteed by Article 8 of the European Convention for the Protection of Human Rights and Fundamental Freedoms.
At a hearing in the European Parliament on Oct. 14, NSA surveillance initiatives were the subject of legal scrutiny which included the participation of a judge who has served in the European Court of Human Rights for 15 years, a former United Nations special rapporteur on human rights and counterterrorism, and a London-based international law professor. All of them agreed that the scope of the surveillance constituted violations of both European and international laws and treaties.
Martin Scheinin, former UN special rapporteur on human rights and counterterrorism, said that the NSA spying represents a “massive interference with the privacy rights of EU citizens and others.” The surveillance amounted to “an unlawful or arbitrary interference with privacy or correspondence, and this conclusion follows independently from multiple grounds,” he said.
In response to the allegations of massive U.S. law-breaking, German prosecutors have launched a legal investigation, and officials in Berlin said the scandal could disrupt counterterrorism collaboration between the United States and the European Union.
This is also a point that independent U.S. Senator Bernie Sanders made in a letter to Barack Obama on Thursday. Sanders, who is cosponsoring legislation that would significantly rein in the surveillance activities of the NSA and other intelligence agencies, wrote to Obama that the U.S. actions could undermine cooperation in the fight against terrorism.
“The strained relations with our allies as a result of wholesale NSA eavesdropping have impacted our ability to work with these countries in combating terrorism and advancing common economic goals,” Sanders said. “Clearly, in the complex and difficult world we now find ourselves, it is imperative that we try to improve our relations with friendly countries, not exacerbate them.”
European leaders from across the continent have also been vocal in their opposition to the U.S. surveillance activities. If it’s true that Merkel’s cellphone has been tapped, “it is exceptionally serious,” said Dutch Prime Minister Mark Rutte at an EU summit this week.
Swedish Prime Minister Fredrik Reinfeldt called it “completely unacceptable” for a country to eavesdrop on an allied leader. “We want the truth,” Italian Premier Enrico Letta told reporters. “It is not in the least bit conceivable that activity of this type could be acceptable.”
Austrian Foreign Minister Michael Spindelegger said, “We need to re-establish with the U.S. a relationship of trust, which has certainly suffered from this.”
But despite the current grandstanding of European leaders, it should be remembered that the whistleblower who shared all the revelations of U.S. spying – former NSA contractor Edward Snowden – has been largely abandoned by the governments that are now expressing shock over the NSA’s abuses.
When Snowden was seeking refuge from the U.S. government fearing persecution and torture, ten EU countries immediately indicated that they would deny the whistleblower’s political asylum requests, with German Foreign Minister Guido Westerwelle saying that Snowden’s request would be reviewed by German authorities “according to the law,” but he “could not imagine” that it would be approved.
After the United States received a tip that Snowden may have been on a plane carrying Bolivian president Evo Morales, who was flying home from a Moscow summit via Western Europe, European governments fell over themselves to do the bidding of the United States, with France, Spain and Portugal all refusing to let Morales’ plane through their airspace.
The plane was forced to land in Austria, where it remained grounded for 14 hours as the authorities determined that Snowden was not on board.
Morales called the rerouting of his plane a violation of national sovereignty and a provocation to all of Latin America, urging European countries to “free themselves” from the undue influence of the United States. The president of the European Parliament, Martin Schulz, later described the measure by certain EU countries to ground Morales’s plane as “ridiculous and unacceptable.”
It is against this backdrop of acquiescing to U.S. power that the current admonitions of European leaders should be considered.
Snowden himself has been one of the most articulate advocates for greater action by the international community to protect privacy and hold the U.S. rogue superpower accountable.
In a prepared statement to the European Parliament on Sept. 30, Snowden argued that surveillance is one of the greatest challenges facing human rights today, and appealed for help in protecting the whistleblowers who bring these abuses to light.
“If we are to enjoy such debates in the future, we cannot rely on individual sacrifice, we must create better channels for people of conscience to better inform not only trusted agents of government but independent representatives of the public outside of government,” he said.
Snowden, who is currently living in Moscow after being granted temporary asylum by the Russian government, said that public debate on mass surveillance should not have to rely on the persecution and exile of people willing to leak information to the public.
A mass rally is being held in Washington on Saturday in support of Snowden and calling on the NSA to halt its mass surveillance activities. Under the banner, “Stop Watching Us,” thousands of Americans of all political stripes will demand investigations of the NSA’s illegal spying and to “hold accountable those public officials who are found to be responsible for this unconstitutional surveillance.”
NSA surveillance routinely violating U.S. and international law
The Washington Post is reporting that the National Security Agency has broken its own privacy rules or overstepped its legal authority thousands of times each year since 2008, citing top-secret documents provided by whistleblower Edward Snowden.
Most of the infractions involved illegal surveillance of U.S. citizens or foreign intelligence targets in the United States, ranging from significant violations of law to typographical errors that resulted in unintended interception of U.S. emails and telephone calls, according to the Post.
In one instance, the NSA decided it would not report the unintended surveillance of Americans to the FISA court. A notable example in 2008 was the interception of a “large number” of calls placed from Washington when a “programming error” confused U.S. area code 202 for 20, the international dialing code for Egypt.
The NSA audit that Snowden provided to the Post, dated May 2012, counted 2,776 incidents in the preceding 12 months of unauthorized collection, storage, access to or distribution of legally protected communications.
In other words, the NSA – which was granted greatly expanded legal authority in 2008 by Congress in the FISA Amendments Act – has been routinely flouting Americans’ legal protections with impunity for years.
“The number of ‘compliance incidents’ is jaw-dropping,” said Jameel Jaffer, ACLU deputy legal director. “The rules around government surveillance are so permissive that it is difficult to comprehend how the intelligence community could possibly have managed to violate them so often.”
He pointed out that “at least some of these incidents seem to have implicated the privacy of thousands or millions of innocent people.”
The incidents are not only infractions of of U.S. law, but also international law.
As Privacy International has pointed out:
Human rights conventions and national constitutions almost universally call for the protection of the right to privacy – the challenge is ensuring that governments comply with this requirement, particularly with respect to new technologies and in countries that lack the rule of law.
The modern privacy benchmark at an international level can be found in Article 12 of the 1948 Universal Declaration of Human Rights, which specifically protects territorial and communications privacy. Numerous other international human rights treaties recognize privacy as a right: Article 17 of the International Covenant on Civil and Political Rights 1966, Article 14 of the United Nations Convention on Migrant Workers, and Article 16 of the UN Convention of the Protection of the Child. Regional conventions that recognize the right to privacy includes Article 10 of the African Charter on the Rights and Welfare of the Child, Article 11 of the American Convention on Human Rights, Article 4 of the African Union Principles on Freedom of Expression, Article 5 of the American Declaration of the Rights and Duties of Man, Article 21 of the Arab Charter on Human Rights, and Article 8 of the European Convention for the Protection of Human Rights and Fundamental Freedoms.
An April 2013 report issued by the United Nations about the threat that government surveillance poses to the enjoyment of basic human rights found that state surveillance of communications is ubiquitous and such surveillance severely undermines citizens’ ability to enjoy a private life, to express themselves freely and enjoy other fundamental freedoms.
UN Special Rapporteur Frank La Rue noted that in the current era, “the State now has a greater capability to conduct simultaneous, invasive, targeted and broad-scale surveillance than ever before.”
The report touched on various problems in the use of surveillance, including the lack of judicial oversight, unregulated access to communications data and extra-legal surveillance. In addressing these concerns the UN “underlines the urgent need to further study new modalities of surveillance and to revise national laws regulating these practices in line with human rights standards.”
Toward this end, civil society groups, industry and international experts in communications surveillance law, policy and technology have developed the International Principles on the Application of Human Rights to Communications Surveillance, formally launched last month.
According to the Preamble of the International Principles,
Privacy is a fundamental human right, and is central to the maintenance of democratic societies. It is essential to human dignity and it reinforces other rights, such as freedom of expression and information, and freedom of association, and is recognised under international human rights law. Activities that restrict the right to privacy, including communications surveillance, can only be justified when they are prescribed by law, they are necessary to achieve a legitimate aim, and are proportionate to the aim pursued.
Before public adoption of the Internet, well-established legal principles and logistical burdens inherent in monitoring communications created limits to State communications surveillance. In recent decades, those logistical barriers to surveillance have decreased and the application of legal principles in new technological contexts has become unclear. The explosion of digital communications content and information about communications, or “communications metadata” — information about an individual’s communications or use of electronic devices — the falling cost of storing and mining large sets of data, and the provision of personal content through third party service providers make State surveillance possible at an unprecedented scale. Meanwhile, conceptualisations of existing human rights law have not kept up with the modern and changing communications surveillance capabilities of the State, the ability of the State to combine and organize information gained from different surveillance techniques, or the increased sensitivity of the information available to be accessed.
The frequency with which States are seeking access to both communications content and communications metadata is rising dramatically, without adequate scrutiny. When accessed and analysed, communications metadata may create a profile of an individual’s life, including medical conditions, political and religious viewpoints, associations, interactions and interests, disclosing as much detail as, or even greater detail than would be discernible from the content of communications. Despite the vast potential for intrusion into an individual’s life and the chilling effect on political and other associations, legislative and policy instruments often afford communications metadata a lower level of protection and do not place sufficient restrictions on how they can be subsequently used by agencies, including how they are data-mined, shared, and retained.
In order for States to actually meet their international human rights obligations in relation to communications surveillance, they must comply with the principles set out below. These principles apply to surveillance conducted within a State or extraterritorially. The principles also apply regardless of the purpose for the surveillance — law enforcement, national security or any other regulatory purpose. They also apply both to the State’s obligation to respect and fulfil individuals’ rights, and also to the obligation to protect individuals’ rights from abuse by non-State actors, including corporate entities. The private sector bears equal responsibility for respecting human rights, particularly given the key role it plays in designing, developing and disseminating technologies; enabling and providing communications; and – where required – cooperating with State surveillance activities. Nevertheless, the scope of the present Principles is limited to the obligations of the State.
The Principles include 13 key points, summarized here:
Legality: Any limitation on the right to privacy must be prescribed by law.
Legitimate Aim: Laws should only permit communications surveillance by specified State authorities to achieve a legitimate aim that corresponds to a predominantly important legal interest that is necessary in a democratic society.
Necessity: Laws permitting communications surveillance by the State must limit surveillance to that which is strictly and demonstrably necessary to achieve a legitimate aim.
Adequacy: Any instance of communications surveillance authorised by law must be appropriate to fulfill the specific legitimate aim identified.
Proportionality: Decisions about communications surveillance must be made by weighing the benefit sought to be achieved against the harm that would be caused to users’ rights and to other competing interests.
Competent judicial authority: Determinations related to communications surveillance must be made by a competent judicial authority that is impartial and independent.
Due process: States must respect and guarantee individuals’ human rights by ensuring that lawful procedures that govern any interference with human rights are properly enumerated in law, consistently practiced, and available to the general public.
User notification: Individuals should be notified of a decision authorising communications surveillance with enough time and information to enable them to appeal the decision, and should have access to the materials presented in support of the application for authorisation.
Transparency: States should be transparent about the use and scope of communications surveillance techniques and powers.
Public oversight: States should establish independent oversight mechanisms to ensure transparency and accountability of communications surveillance.
Integrity of communications and systems: States should not compel service providers, or hardware or software vendors to build surveillance or monitoring capabilities into their systems, or to collect or retain information.
Safeguards for international cooperation: Mutual Legal Assistance Treaties (MLATs) entered into by States should ensure that, where the laws of more than one State could apply to communications surveillance, the available standard with the higher level of protection for users should apply.
Safeguards against illegitimate access: States should enact legislation criminalising illegal communications surveillance by public and private actors.
With the new revelations exposed by the Post along with all the other Snowden leaks from recent months, it is clear that many – if not all – of these 13 principles are being violated routinely by the NSA’s surveillance activities.
To sign on to the International Principles, click here.
Click here to tell Congress to end the U.S. surveillance state.
As Europe grovels, Latin America stands up to U.S. lawlessness
A demonstrator holds a sign that reads in Spanish: “France; Racist, hypocrite and fascist,” outside the French embassy during a protest over France’s alleged refusal to let the Bolivian president’s plane cross over French airspace, in La Paz, Bolivia, Wednesday, July 3, 2013. (AP Photo/Juan Karita)
Events of the past week have demonstrated that despite occasional grumblings from Europe about U.S. misconduct on the world stage, at the end of the day, it is only Latin America that is willing to take concrete action to challenge the systemic lawlessness of the U.S. government.
Although European leaders were humiliated by the United States when it was revealed by Edward Snowden’s leaks that the NSA has been tapping the telephone lines and computer networks of EU offices in Brussels, New York and Washington — as well as the governments of Germany, France, Greece, Italy and others — Europe largely fell into line in submitting to U.S. dictates regarding Snowden’s asylum requests.
The U.S. spying on diplomatic missions of the EU and individual European nations is a violation of the 1961 Vienna Convention which states that “the official correspondence” as well as “the premises” of diplomatic missions “shall be inviolable.”
The individual’s right to privacy is also enshrined in numerous human rights conventions including in Article 12 of the 1948 Universal Declaration of Human Rights, Article 17 of the International Covenant on Civil and Political Rights 1966, Article 14 of the United Nations Convention on Migrant Workers, and Article 16 of the UN Convention of the Protection of the Child. It is also guaranteed by Article 8 of the European Convention for the Protection of Human Rights and Fundamental Freedoms.
Despite Snowden revealing these U.S. violations of international law on European territory, ten EU countries indicated that they would deny the whistleblower’s political asylum requests, with German Foreign Minister Guido Westerwelle saying that Snowden’s request would be reviewed by German authorities “according to the law,” but he “could not imagine” that it would be approved.
This is despite the bluster displayed by German leaders when the story broke about the NSA snooping into the emails and phone conversations of European nations, including Germany. Angela Merkel, the German chancellor, described the disclosures of massive U.S. spying in Europe as unacceptable.
“We are no longer in the Cold War,” said Merkel’s spokesman, Steffen Seibert. “If it is confirmed that diplomatic representations of the European Union and individual European countries have been spied upon, we will clearly say that bugging friends is unacceptable.”
The French president, François Hollande, also called the spying intolerable.
“We cannot accept this kind of behaviour between partners and allies,” Hollande said. “We ask that this stop immediately.” French Foreign Minister Laurent Fabius said that if confirmed, the activities would be “totally unacceptable”.
Martin Schulz, the president of the European Parliament, said that if the report was correct, it would have a “severe impact” on relations between the EU and the United States.
“On behalf of the European Parliament, I demand full clarification and require further information speedily from the US authorities with regard to these allegations,” he said in a statement.
Luxembourg Foreign Minister Jean Asselborn told Der Spiegel: “If these reports are true, it’s disgusting. The United States would be better off monitoring its secret services rather than its allies. We must get a guarantee from the very highest level now that this stops immediately.”
But when it comes to the tangible actions – rather than just strong words – that are needed to effectively stand up to the United States, European leaders are missing in action. Indeed, when push comes to shove, and these leaders are leaned upon to take unprecedented and legally questionable measures to assist the U.S. in its overzealous manhunt of Edward Snowden, they have largely fallen into line.
For example, when the United States received a tip that Snowden may have been on a plane carrying Bolivian president Evo Morales, who was flying home from a Moscow summit via Western Europe, European governments fell over themselves to do the bidding of the United States, with France, Spain and Portugal all refusing to let Morales’ plane through their airspace.
The plane was forced to land in Austria, where it remained grounded for 14 hours as the authorities determined that Snowden was not on board.
Morales called the rerouting of his plane a violation of national sovereignty and a provocation to all of Latin America, urging European countries to “free themselves” from the undue influence of the United States.
“It is an open provocation to the continent, not only to the president; they use the agent of North American imperialism to scare us and intimidate us,” Morales told supporters gathered at the airport in La Paz to greet him.
“I regret [saying] this, but I want to say that some European countries should free themselves from North American imperialism,” he said.
Venezuela’s president, Nicolas Maduro, criticized European countries’ role in the rerouting of Morales’s plane, describing it as an act of cowardice.
“The European people have seen the cowardice and the weakness of their governments, which now look like colonies of the U.S.,” he said on Friday.
The actions were also likely a violation of international law. Michael Bochenek, director of law and policy at Amnesty International, said that the grounding of Morales’ plane, as well as reports that Vice President Joe Biden had phoned the Ecuadorean leader, Rafael Correa, to block asylum for Snowden, carried serious legal implications.
“Interfering with the right to seek asylum is a serious problem in international law,” Bochenek said. “It is further evidence that he [Snowden] has a well-founded fear of persecution. This will be relevant to any state when considering an application. International law says that somebody who fears persecution should not be returned to that country.”
Unlike the European countries cowering in the face of U.S. power even when they are humiliated and provoked, Latin America responded forcefully to the lawless behavior of the United States.
Following a meeting of Latin American leaders on Thursday, three countries – Bolivia, Venezuela and Nicaragua – stepped forward to indicate that they would accept Snowden as a political refugee fleeing persecution by the United States.
Venezuela’s president Nicolas Maduro cited humanitarian grounds for his decision to help the whistleblower.
“We have decided to offer humanitarian asylum to the American Edward Snowden to protect him from the persecution being unleashed by the world’s most powerful empire,” Maduro said.
For their part, EU politicians have questioned the future of trade talks set to begin this week. The European Commission has officially asked Washington to investigate the allegations while France’s government said that it wanted to delay the start of U.S.-EU trade talks.
A German official has suggested that Europeans stop patronizing American Internet companies such as Google and Facebook if they are concerned about their privacy.
International outcry over NSA mass surveillance calls U.S. credibility into question
The world is reacting with alarm to revelations that the United States has been committing wholesale violations of privacy rights on a global scale, particularly through its PRISM initiative which was revealed to be targeting personal data of web users by accessing the servers of major internet companies.
The intense international reaction threatens to complicate U.S. bilateral and multilateral relations, and could pose legal problems for the U.S. government. It also calls into question the United States’ claimed leadership on internet freedom.
The PRISM program, as revealed by a set of leaked top-secret PowerPoint slides, enables the NSA to obtain private emails and other user data directly from the servers of companies such as Google, Microsoft, Facebook, and Yahoo. While much of the controversy in the United States revolves around Americans’ privacy rights and possible violations of the Constitution’s Fourth Amendment, the scope of the PRISM story is actually global.
As Ryan Gallagher at Slate.com explains,
The existence of PRISM provides vindication for privacy advocates worldwide who have been voicing alarm about the U.S. government’s ability to conduct mass surveillance of foreigners’ communications sent and received using services like Google’s Gmail and Microsoft’s Hotmail and Skype. Earlier this year, a prescient report produced for the European Parliament warned that the U.S. Foreign Intelligence Surveillance Act had authorized “purely political surveillance on foreigners’ data” and could be used to secretly force U.S. cloud providers like Google to provide a live “wiretap” of European users’ communications.
That appears to be precisely what PRISM enables. NSA agents can reportedly use the system to enter search terms into a “Web interface” that allows them to request and receive data—some of it in real time—from one or all of the participating companies. Director of National Intelligence James Clapper has confirmed that it operates under a controversial section of FISA that authorizes broad surveillance of non-U.S. persons—from foreign government agents, to suspected terrorists, and “foreign-based political organizations,” a vaguely defined category that could feasibly be used to target journalists and human rights groups.
The European Commission on Monday expressed concern about the U.S. internet snooping, saying in a statement it would be demanding more information from U.S. officials regarding the program. “This case shows that a clear legal framework for the protection of personal data is not a luxury or constraint but a fundamental right. This is the spirit of the EU’s data protection reform,” said EU justice commissioner Viviane Reding, who urged ministers to push through new privacy reforms.
On Tuesday, the Commission outlined plans to raise the PRISM matter with U.S. authorities “at the earliest possible opportunity” and will “request clarifications as to whether access to personal data within the framework of the PRISM program is limited to individual cases and based on concrete suspicions, or if it allows bulk transfer of data.”
Finnish communications minister Pia Viitanen more bluntly claimed that the National Security Agency is likely breaking the laws of Finland. Viitanen said she plans to take up the issue with the European Commission, and several European countries are apparently considering unleashing Neelie Kroes, the feared European Commissioner for the Digital Agenda, in an effort to fight back against the PRISM program.
The German government is also demanding explanations from the U.S. after it emerged that PRISM has been collecting more information from Germany than any other EU country. German Chancellor Angela Merkel is expected to raise the issue when she meets with President Obama in Berlin next week.
German justice minister Sabine Leutheusser-Schnarrenberger wrote that the reports about PRISM are “deeply worrying” and “dangerous.” She took issue with Obama, who recently said that it’s not possible to have 100 percent security and 100 percent privacy at the same time.
“I do not share this view,” she wrote at Spiegel Online. “A society is less free, the more its citizens are being surveilled, controlled and scrutinized. In a democratic system, security is not an end itself, but a means to ensure freedom.”
The Swiss are also raising alarms about the NSA’s hacking activities on their territory, concern that has been compounded by other revelations shared by whistleblower Edward Snowden about CIA agents engineering a drunk driving incident in Switzerland as part of an alleged blackmail ploy.
“What is really very serious is that [US] agents are active on foreign territory, and violate the laws of the country where they are,” former Swiss parliamentarian and prosecutor Dick Marty told public radio on Monday. “This is not the first time they have done this, and I must say that they have been spoiled by the Swiss. For too long Switzerland has tolerated CIA agents doing more or less whatever they wanted on our territory.”
Further, U.S.-based internet companies that are cooperating with the NSA under the PRISM program could face legal action in the European Union. Companies that operate in the EU and serve citizens of the bloc are subject to its relatively strict privacy laws, which limit the actions of companies that collect data, and require them to be clear about how it will be used and to whom it could possibly be disclosed.
On Tuesday, the European Commission warned U.S. tech companies that they must adhere to EU law or face the consequences. “Non EU companies when offering goods and services to EU consumers will have to apply the EU data protection law in full,” said the Commission.
“U.S. companies that have gathered personal data from Europeans, such as Facebook, and then given access to U.S. government agencies are in something of a bind,” says Ian Brown, senior research fellow at Oxford University’s Internet Institute. “They had no choice but to obey U.S. surveillance law, but may well now face legal challenges in European courts.”
A statement was delivered by the Association for Progressive Communications on Monday to the Human Rights Council on behalf of civil society regarding the impact of state surveillance on human rights. The statement read, in part,
We express strong concern over recent revelations of surveillance of internet and telephone communications of US and non-US nationals by the government of the United States of America and the fact that US authorities makes the results of that surveillance available to other governments such as the United Kingdom. Of equal concern is the indication of apparent complicity of some US-based Internet companies with global reach.1 These revelations suggest a blatant and systematic disregard for human rights as articulated in Articles 17 and 19 of the International Covenant on Civil and Political Rights (ICCPR), as well as Articles 12 and 19 of the Universal Declaration of Human Rights.
The civil society statement reminded the Human Rights Council that it unanimously adopted Resolution 20/8 last year, which “Affirms that the same rights that people have offline must also be protected online, in particular freedom of expression.”
But during the current session of the Human Rights Council, the Special Rapporteur on Freedom of Expression, Frank La Rue, reported worrying new trends in state surveillance of communications with serious implications for the exercise of the human rights to privacy and to freedom of opinion and expression.
La Rue noted that inadequate and non-existent legal frameworks “create a fertile ground for arbitrary and unlawful infringements of the right to privacy in communications and, consequently, also threaten the protection of the right to freedom of opinion and expression.”
Human Rights Watch noted this week that the recent revelations of NSA surveillance are impinging on privacy in ways that were unimaginable just a few years ago. “There is an urgent need for the U.S. Congress to reevaluate and rewrite surveillance laws in light of those technological developments and put in place better safeguards against security agency overreach,” HRW said.
The human rights group expressed particular concern over the total lack of concern for the rights of non-U.S. citizens:
Human Rights Watch is deeply troubled by the apparent lack of any consideration by the US government for the privacy rights of non-US citizens. The US Constitution may have been interpreted to grant privacy rights only to US citizens or people in the United States, but international human rights law recognizes that everyone is entitled to respect for their privacy. With so many electronic communications traveling through the United States, the lack of any regard for the privacy rights of non-US citizens raises very troubling concerns. …
Human Rights Watch also expressed concern about the precedent these programs might set globally because they could give other governments a rationale for adopting widespread and arbitrary surveillance of phone and Internet activity.
“The U.S. government’s credibility as an advocate for Internet freedom is at serious risk unless it ensures that privacy is protected along with security and acts with much greater transparency,” said HRW executive director Kenneth Roth. “There is a real danger that other governments will see U.S. practice as a green light for their own secret surveillance programs. That should be chilling to anyone who goes online or uses a phone.”
When the initial story broke last week of the U.S. government collecting metadata on the communications habits of millions of Americans, Obama attempted to downplay the domestic controversy and quell concerns over possible constitutional violations by reassuring Americans that it was aimed not at U.S. citizens but at the other 95 percent of the world’s population.
“With respect to the Internet and emails, this does not apply to U.S. citizens and it does not apply to people living in the United States,” the president said, strongly implying that the other seven billion people on the planet are fair game.
Judging by the international outcry, however, it appears this may have been a miscalculation on the president’s part. The demands for the U.S. and American companies to adhere to the laws of countries in which they are operating might bring a degree of accountability that appears to be missing in the U.S. political system.
NSA dragnet surveillance a violation of international norms
As revealed in the Guardian, the National Security Agency is collecting the telephone records of millions of U.S. customers of Verizon under a top secret court order issued in April. Requiring Verizon on an “ongoing, daily basis” to give the NSA information on all telephone calls in its systems, the FISA court order means that the communication records of millions of U.S. citizens are being collected indiscriminately and en masse regardless of whether they are suspected of any wrongdoing.
The program was initiated under the Patriot Act’s Section 215, a provision that prohibits recipients of the orders, such as telecommunications companies, from disclosing that they gave the government their customers’ records. In other words, millions of Americans would be prevented from knowing that every phone call they make is being tracked by the government.
“From a civil liberties perspective, the program could hardly be any more alarming. It’s a program in which some untold number of innocent people have been put under the constant surveillance of government agents,” said Jameel Jaffer, American Civil Liberties Union deputy legal director. “It is beyond Orwellian, and it provides further evidence of the extent to which basic democratic rights are being surrendered in secret to the demands of unaccountable intelligence agencies.”
The Bill of Rights Defense Committee’s Shahid Buttar called it “surveillance run amok.” In a blog post today, he wrote:
The document is disturbing because, in a single swoop, it authorizes not just the wiretapping of a single individual, or a single organization, but all of the customers of a single telecommunications company. The order reinforces its own secrecy, immune from public or congressional oversight, violating core tenants of both Due Process and the Fourth Amendment at once.
The revelations were called “absolutely frightening” by Privacy International, noting that “government and law enforcement agencies operate within a murky legal framework hidden from public scrutiny.”
The group stressed that the U.S. must abide by international standards “that operate within a human rights legal framework — standards that set out the scope of and restrictions on permissible surveillance of communications that require approval by independent judicial authorities, that uphold due process, and that ensure that all surveillance is necessary and proportionate.”
As Privacy International further points out:
Human rights conventions and national constitutions almost universally call for the protection of the right to privacy – the challenge is ensuring that governments comply with this requirement, particularly with respect to new technologies and in countries that lack the rule of law.
The modern privacy benchmark at an international level can be found in Article 12 of the 1948 Universal Declaration of Human Rights, which specifically protects territorial and communications privacy. Numerous other international human rights treaties recognize privacy as a right: Article 17 of the International Covenant on Civil and Political Rights 1966, Article 14 of the United Nations Convention on Migrant Workers, and Article 16 of the UN Convention of the Protection of the Child. Regional conventions that recognize the right to privacy includes Article 10 of the African Charter on the Rights and Welfare of the Child, Article 11 of the American Convention on Human Rights, Article 4 of the African Union Principles on Freedom of Expression, Article 5 of the American Declaration of the Rights and Duties of Man, Article 21 of the Arab Charter on Human Rights, and Article 8 of the European Convention for the Protection of Human Rights and Fundamental Freedoms.
Earlier this week, the United Nations issued a landmark report about the threat that State surveillance poses to the enjoyment of basic human rights.
The report, presented June 4 by the UN Special Rapporteur on the freedom of opinion and expression at the UN Human Rights Council in Geneva, notes that state surveillance of communications is ubiquitous and such surveillance severely undermines citizens’ ability to enjoy a private life, to express themselves freely and enjoy other fundamental freedoms.
The Special Rapporteur noted that in the current era, “the State now has a greater capability to conduct simultaneous, invasive, targeted and broad-scale surveillance than ever before.”
The report discusses various problems in the use of surveillance, including the lack of judicial oversight, unregulated access to communications data and extra-legal surveillance. In addressing these concerns the UN “underlines the urgent need to further study new modalities of surveillance and to revise national laws regulating these practices in line with human rights standards.”
A good place to start in this regard would be the repeal of the USA Patriot Act as well as the Foreign Intelligence Surveillance Act.
As the BORDC’s Shahid Buttar wrote today,
It’s not enough to be outraged. Times like this require concerted, committed, and focused grassroots action. Raise your voice online to support the transpartisan “Ben Franklin” caucus discussed by Senators Wyden and Paul in DC this Monday night. And don’t stop there: reach out to the Bill of Rights Defense Committee for help building a diverse grassroots coalition to champion civil liberties where you live.
To sign the ACLU’s petition demanding that the U.S. government immediately halt its massive spying program, click here.
Compliance Campaign 