Erosion of privacy causes concern

The Auckland Council for Civil Liberties has "grave concerns" over the atmosphere of increased tolerance to privacy invasion that has developed in the year since September 11.

The Auckland Council for Civil Liberties has “grave concerns” over the atmosphere of increased tolerance to privacy invasion that has developed in the year since September 11.

The most severe consequences are naturally in the US, with, for example, a resurgence of government interest in the FBI’s Carnivore email surveillance technology.

New Zealand’s environment is rather less aggressive on that front, says ACCL lawyer Graeme Minchin, but the Crimes Amendment No 6 Bill, with its provisions for police and the Security Intelligence Service to intercept digital communications, still gives cause for worry, he says. Pressure to adopt such measures was strengthened in the wake of September 11.

Minchin questions whether new procedures and laws are needed, suggesting there is strong evidence that September 11 happened because of the practical failure of existing security and not the lack of any regulatory or legal measures.

In the wake of the election, the balance of opinion in the New Zealand Parliament might have changed slightly, he suggests, because of the United Future party balancing out the influence of the Greens, who have grave reservations about the bill. Green MP Keith Locke recently reinforced these to him, he says.

A spokesman in the United Future office says, however, that the party’s policy on the bill has not been fully defined. Priority is in bringing its new MPs up to speed on the bills leading the order paper, and presenting its position on those to government. Crimes Amendment No 6 is currently in 42nd position on the order paper.

The Auckland Council for Civil Liberties has “grave concerns” over the atmosphere of increased tolerance to privacy invasion that has developed in the year since September 11.

The most severe consequences are naturally in the US, with, for example, a resurgence of government interest in the FBI’s Carnivore email surveillance technology.

New Zealand’s environment is rather less aggressive on that front, says ACCL lawyer Graeme Minchin, but the Crimes Amendment No 6 Bill, with its provisions for police and the Security Intelligence Service to intercept digital communications, still gives cause for worry, he says. Pressure to adopt such measures was strengthened in the wake of September 11.

Minchin questions whether new procedures and laws are needed, suggesting there is strong evidence that September 11 happened because of the practical failure of existing security and not the lack of any regulatory or legal measures.

In the wake of the election, the balance of opinion in the New Zealand Parliament might have changed slightly, he suggests, because of the United Future party balancing out the influence of the Greens, who have grave reservations about the bill. Green MP Keith Locke recently reinforced these to him, he says.

A spokesman in the United Future office says, however, that the party’s policy on the bill has not been fully defined. Priority is in bringing its new MPs up to speed on the bills leading the order paper, and presenting its position on those to government. Crimes Amendment No 6 is currently in 42nd position on the order paper.

Europe (by Gillian Law and Laura Rohde)

Civil liberty concerns are also being raised in Europe. Digital rights advocates say European citizens are having their civil liberties stripped away to a far greater extent than people in the US, but that the general public hasn’t awakened to the legal changes being pushed through the European Parliament.

The September 11 have been used as an excuse to push through legislation that European, and particularly UK, politicians have been looking at for some time, says Maurice Wessling, spokesman for EDRi (European Digital Rights), a rights group set up to draw attention to the laws being passed in the European Union. Wessling also runs Bits of Freedom, a Netherlands-based group that is part of EDRi.

“A lot of the issues, like data retention, aren’t new since September 11, they were planned before. But all the plans now have higher priority and we’ve seen all kinds of proposals meet less resistance than they would have otherwise,” Wessling says.

Soon after the terrorist attacks, the UK government sent a request under the Data Protection Act to all UK-based ISPs and telcos asking them to retain all communications-traffic data for a month. The request that was extended, in part through the Anti-terrorism, Crime and Security Act 2001 passed in December, and that the government has sought several times to make permanent and compulsory.

While the information requested under the Data Protection Act and the Anti-terrorism, Crime and Security Act — a request that is not legally binding — seeks to track the path and locations of data traffic, a UK law passed in July 2000, the Regulation of Investigatory Powers Act (RIPA), could be used to look more deeply into the content of communications traffic data.

The RIPA, which is still in the process of being implemented, requires ISPs in the UK to track all data traffic passing through their computers and to route it to the Government Technical Assistance Centre (GTAC). The GTAC has been established in the London headquarters of the UK security intelligence agency, MI5.

Under the provisions of the RIPA, the UK government can demand encryption keys to any and all data communications, with a prison sentence of two years for those who do not comply with the order.

Proposals now being considered by the EU include the retention of all communication information for a period of a year, Wessling says. That is a fundamental shift in law enforcement, he says.

United States (by Scarlet Pruitt)

In the US repeated calls from US President George Bush to “root out” terrorists following the terrorist attacks last September 11 did not fall on deaf ears.

Congress and various government agencies quickly began working to expand routing powers by loosening rules on internet tracking, increasing electronic surveillance and putting biometric screening tools in place.

Certain legal provisions, such as obtaining court orders to perform electronic surveillance, were thrown asunder in an effort to clear the path for law enforcement officials on the terrorist hunt.

“We need to learn to set priorities in our government. And the number one priority is to protect America from attack, because we’re at war,” Bush told an audience at the Argonne National Laboratory in Illinois while discussing new domestic security measures in July.

But while these efforts are meant to shore up the nation’s security amid heightened threats, many privacy advocates fear that perhaps the president was taken too literally, that rooting out terrorists could result in haphazard searching and surveillance of the public at large, resulting in a serious erosion of civil liberties.

“I don’t think the public is really aware of what’s happening. We are asleep at the wheel,” says Anita Ramasastry, associate director of the Centre for Law, Commerce and Technology at the University of Washington in Seattle.

The principal cause for concern among civil libertarians is the USA Patriot Act, which Bush signed into law on October 26, 2001, less than two months after the attacks.

To start, this weighty piece of legislation allows government agents to collect new information on web browsing and email without a judicial review, and allows internet service providers (ISPs) and network administrators to authorise surveillance of “computer trespassers” without a judicial order.

Furthermore, the FBI was given added capabilities to conduct wiretaps and secret searches using lower standards previously employed only for collecting foreign intelligence. Agents can now perform “sneak and peek” searches of homes or offices without notifying the owner for days or weeks afterward.

In the months following the attacks, law enforcement officials awoke to a veritable Christmas cache of expanded spying powers and tools, with little or no oversight provisions put into place.

“One of the biggest concerns about the new powers is that there is a lot of discretion and court stripping,” Ramasastry says. “Attorney general John Ashcroft and the administration are slicing the rules pretty thin.”

Privacy advocates have also expressed discomfort at the increased, and unspecified, amount of public information made available under the legislation.

Because the Patriot Act overrides existing state and federal privacy laws, it allows the FBI to compel disclosure of all types of records upon the mere claim that they are connected with intelligence information.

The problem with these rules is that they give law enforcement officials new surreptitious powers to which it is difficult to hold them accountable, says Lee Tien, senior staff attorney with the San Francisco-based Electronic Frontier Foundation (EFF).

The EFF is already hearing anecdotal evidence of a spike in information requests to ISPs since the Patriot Act was passed, Tien says. Additionally, the civil liberties group has received reports that the government is collecting grocery store convenience card information and library reading records, he says.

But civil libertarians and government officials outside the law enforcement agencies are already beginning to complain that these anecdotal reports do not provide them enough information on when and how these new surveillance powers are being used.

In July, House judiciary committee chairman James Sensenbrenner and ranking committee member John Conyers sent a request for information to Ashcroft. While Ashcroft’s office replied to some of the queries, some questions went unanswered, prompting Sensenbrenner to threaten to subpoena Ashcroft if his information request was not met by the end of August. Meanwhile, the American Civil Liberties Union (ACLU) submitted an FOIA request for more information on the government’s new snooping powers.

“The government has made a habit of keeping this information secret,” says ACLU staff attorney Jameel Jaffer. “The Patriot Act was passed very quickly, when people were understandably panicked, but now people have stepped back and considered if we need these powers,” he says.

Many provisions of the Patriot Act are under a sunset clause, meaning that they expire in 2005.

Jaffer points out that it will be difficult for Congress to assess whether the provisions should be renewed if lawmakers do not have relevant information on how the surveillance powers are being used.

Other related legislation has moved closer to approval. In July the House passed the Cyber Security Enhancement Act of 2002, a bill that aims to give government agencies added authority to eavesdrop on electronic communications without first obtaining a court order.

Meant as a supplement to the Patriot Act, the bill would allow stored communications like voicemail and email to be available to any “government entity” that convinces service providers that releasing personal information is necessary to prevent “death or serious physical injury”. The legislation also seeks to levy stiffer penalties for computer crime.

Join the newsletter!

Error: Please check your email address.

Tags privacy

More about BillBushEFFElectronic Frontier FoundationEUEuropean ParliamentFBITechnology

Show Comments
[]