During the recent turmoil of the Arab Spring West countries heavily criticized the authoritarian regimes of the African continent for the repression of human rights underlying their support to the freedom of assembly and expression, which apply also on the Internet. Meanwhile in USA prepared a bill titled "Protecting Cyberspace as a National Asset Act of 2010" with witch Internet becomes a National Asset, a government agency management is created while the US President is granted with powers to seize control of and even shut down the Internet with devastating results on the rest of the world. On top of this the UK Prime Minister Cameron coping with the recent London riots suggested that maybe the rioters should be banned from using social media. But how looks in fact the situation on freedom and privacy in the so called developed countries? Lets have a look.
Strange deaths
It seems that the economic crises in Europe is not the only reason for people to commit suicide. People that involve into wiretapping cases have a similar trend. Adamo Bove - head of security at Telecom Italia, the country's largest telecommunications firm - back in 2006 who at the direction of Milan prosecutors, he'd used mobile phone records to trace how a "Special Removal Unit" composed of CIA and SISMI (the Italian CIA) agents abducted Abu Omar, an Egyptian cleric, and flew him to Cairo where he was tortured and the year before of his counterpart Costas Tsalikidis, a software engineer for Vodaphone in Greece that had just discovered a highly sophisticated bug embedded in the company's mobile network, both found dead allegedly committing suicide. The bug was used to transmit the eavesdropping on the prime minister's (backing the Plan Pythia I) and other top officials' cell phone calls, including civil rights activists, the head of Greece's "Stop the War" coalition, journalists and Arab businessmen based in Athens, all in real time via four antennae located near the U.S. embassy in Athens, according to an 11-month Greek government investigation.
One similar case comes from the Wall Street. Mr. Karpel a trader that had agreed in 2008 to cooperate with federal authorities, and for about a year he taped conversations with fellow traders. Two days after federal prosecutors played for a jury a secretly recorded telephone conversation in a Manhattan courtroom, Karpel, one of those traders, hanged himself in his Fifth Avenue office although was never charged with any wrongdoing.
Recently, Mr. Sean Hoare so allegedly did commit suicide, being the first named journalist to allege Andy Coulson was aware of phone hacking by his staff concerning the News International phone hacking scandal. Well, before someone complains that these specific cases are rather outsiders as not connected to the public privacy - which is not correct - some recent facts point to the opposite direction.
Surveillance and Interceptions for everyone
For three years in thirty countries, Google's Street View cars collected data, including the content of personal emails, from wireless routers located in private homes and businesses. Several countries, including the U.K., Germany, Spain, and Canada, have conducted similar investigations and determined that Google violated their privacy laws.
While on July the Facebook's executive Randi Zuckerberg declared that "anonymity on the Internet has to go away" echoing the voice of a former Google CEO Eric Schmidt, who previously called for "true transparency and no anonymity" on the Web, the death certificate of the whistleblowers is signed as they lose one of their most essential tools. Anonymity's real value is rooted in helping the powerless to challenge the powerful as the case of WikiLeaks exemplifies. In Congress last month, when a House committee moved forward a proposal forcing Internet service providers to keep logs of all online activity by their users. Clearly, if it ultimately becomes law, this legislation would undermine not just anonymity in public spaces, but privacy in general. Should it succeed, we may achieve transparency, but at far too high a cost.
Talking about privacy and Internet security here is a fictional scene "directed" by an expert of the field:
"An American executive is in France for a series of trade negotiations. After a day of meetings, she logs in to her corporate webmail account using her company - provided laptop and the hotel wireless network. Relying on the training she received from her company's IT department, she makes certain to look for the SSL encryption lock icon in her web browser, and only after determining that the connection is secure does she enter her login credentials and then begin to upload materials to be shared with her colleagues. However, unknown to the executive, the French government has engaged in a sophisticated man-in-the-middle attack, and is able to covertly intercept the executive's SSL encrypted connections. Agents from the state security apparatus leak details of her communications to the French company with whom she is negotiating, who use the information to gain an upper hand in the negotiations. While this scenario is fictitious, the vulnerability is not".
Beyond these in US there is an elation of Industrial Espionage and Electronic Surveillance as the State Department estimates that there are over 700,000 eavesdropping devices sold each year reporting that over 6,500 incidents of industrial espionage occur in the United States each year with an average economic impact of $1.25 million.
The present step against privacy in the web has the name of mandatory Internet surveillance - or mandatory data retention - a bill that will force ISPs to surrender personal details about customers to law enforcement without a warrant. This bill is at the center of controversy already in Canada backed by the conservatives as the government has been trying to modernize its surveillance and wiretapping laws for years now, to take into account the growth of cellphone and Internet communications. These requirements compel ISPs and telcos to create large databases of information about who communicates with whom via Internet or phone, the duration of the exchange, and the users’ location. These regime require that your IP address be collected and retained for every step you make online. Privacy risks increase as these databases become vulnerable to theft and accidental disclosure. Meanwhile, service providers have to dealt with the expense of storing and maintaining these large databases.
Mandatory Data Retention
The EU Data Retention Directive, adopted by the European Union in 2006 (for the background facts click here), is the most prominent example of a mandatory data retention framework (for a detailed analysis click here). The highly controversial Directive compels all ISPs and telecommunications service providers operating in Europe to retain a subscriber's incoming and outgoing phone numbers, IP addresses, location data, and other key telecom and Internet traffic data for a period of 6 months to 2 years, for all European citizens, including those not suspected or convicted of any crime. The Directive has been opposed by lawmakers in the European Parliament who argue that it fosters a surveillance society and undermines fundamental rights. The European Data Protection Supervisor named the Directive as "the most privacy invasive instrument ever adopted by the EU in terms of scale and the number of people it affects."
Despite that the the Bundestag's legal experts of the Working Group on Data Retention on April published an opinion stating that "it is impossible to rephrase the Directive in such a way that it would ensure compliance with the Charter of Fundamental Rights", a number of countries have already transposed the Directive into national legislation including Austria, Bulgaria, Denmark, Estonia, France, Italy, Latvia, Liechtenstein(see page 127), Malta (see also), the Netherlands, Poland, Portugal,Slovakia, Slovenia, Spain, Norway, and the United Kingdom along with some non European Union countries such as Serbia and Iceland.
Other countries fight against it like Cyprus, Czech Republic, Germany, Greece (I sense that the pending change of Constitution will bear surprises), and Romania.
The Dutch Senate on April approved a long-anticipated shortening of mandatory retention periods for internet data to six months, it published its correspondence with the Dutch Minister of Security and Justice on the Data Retention Directive evaluation by the European Commission. The Senate criticized the report for "too easily sidestepping" several Constitutional Court cases across the European Union, in which implementation laws were ruled unconstitutional or the principle of blanket data retention itself was deemed in breach of the ECHR.
It is worth noting that on May the European Commission rushed into an agreement with US concerning the exchange of PNR (Passenger Name Record) data on individuals and circulated the final agreement prior to formally submitting to the Council of the European Union and the European Parliament for their agreement. The European Commission's Legal Service coming later advised that the PNR is "not compatible with fundamental rights".
In USA according to the newly released 2010 Wiretap Report, federal and state courts approved that wiretaps reached a new all - time high. increased by a 34%. It must be noted that in the data are not included interceptions regulated by the Foreign Intelligence Surveillance Act (FISA) or interceptions approved by the President outside the exclusive authority of the federal wiretap law and the FISA).
As the Electronic Frontier Foundation reports, on July the House passed a bill that contains a mandatory data retention provision that would require your Internet service providers to retain 12 months' worth of personal information - while the National Sheriffs Association strongly supported the bill asking for a 18 months period - that could be used to identify what web sites you visit and what content you post online. The bill was re-written to also include the enforced retention of customers’ names, addresses, phone numbers, credit card numbers and bank account numbers. This came as a result of the calls of the DOJ back in January when Jason Weinstein, deputy assistant attorney general at the Justice Department, said that data retention was crucial to fighting Internet crimes, especially online child pornography. In response to questions, he added that up to two years of data retention "would be a useful starting point," which echoes what FBI director Robert Mueller told Congress in 2008.
The internet and telecom providers can handle the additional open-ended costs of mandatory data retention, since those costs will be transferred to the consumers. It will be the same as a new hidden tax. Smaller businesses, and start-ups may not be able to bear the added costs, thus reducing innovation, and killing competition with the big internet companies. Many organizations are actively opposing the bill claiming that it will devastate human society and U.S. Society as whole. By the same time the chief lawyer of the National Security Agency testifying to a Senate hearing stated that he believes the agency has the authority to track Americans via cell phones.
With the fiscal deficit plague infecting the whole West it is very possible that social unrest is on the top list of future events. In this upcoming time of crises the West governments will be called to prove that they are not authoritarian powers, that they listen and serve the population's demands and finally that they are credible and accountable entities enhancing the democratic liberties at the expense of their own political careers. Don't hold your breath...
No comments:
Post a Comment