DETECTER

Did US Government Agencies spend over 20 million USD on Bogus Software for Counter-Terrorism?

noreply@blogger.com (J. Thurman) — Wed, 23 Feb 2011 16:54:00 +0000

Eric Lichtblau and James Risen of the New York Times report that various US agencies spent a total exceeding 20 million USD between 2002 and 2009 for phony counter-terrorism technologies linked to a California computer programmer. Among the things which the programmer allegedly claimed to be able to do were "find terrorist plots hidden in broadcasts of the Arab network Al Jazeera; identify terrorists from Predator drone videos; and detect noise from hostile submarines." Reportedly, the technology provided the basis for the diversion and grounding of several US-bound flights in 2003. The story is available here in the Sydney Morning Herald. The news follows on charges from Senator Bernie Sanders that, between 2007 and 2009, the US Defense Department awarded hundreds of billions of US dollars to companies involved in fraud. Sen. Sanders’ assertion was based on a Pentagon report released in January.

UK citizen denied travel from Canada to UK due to inclusion on US no-fly list

noreply@blogger.com (J. Thurman) — Fri, 18 Feb 2011 11:15:00 +0000

Canada’s Star reports that a UK citizen has been unable to fly home to Sheffield from Toronto because his name is on the US no-fly list. After being told he couldn’t board an Air Transat flight, he tried both Air Canada and British Airways. But both carriers refused to take him, according to the story. The Star states: “Airlines that operate from Canada have been known to reject passengers whose names are on the U.S. no-fly list. That's because many flights pass over American airspace or may be forced to land at a U.S. airport in the event of an emergency.“ Application of the US no-fly list to flights originating from Canada but that do not land anywhere in US territory has been “long-standing” according to the paper. The Star also notes that a bill is currently before the Canadian Parliament that would permit Canadian air carriers to transmit passenger information for the US Secure Flight passenger screening program.

Petition for Rehearing of Maynard GPS Case Denied

noreply@blogger.com (J. Thurman) — Wed, 02 Feb 2011 15:07:00 +0000

The petition for rehearing the GPS issues from the DC Maynard case was denied this past November.

It was a close decision with 4 of the 9 judges dissenting. Two dissenting opinions were issued. The first, drafted by Chief Judge Sentelle and also signed by Judges Henderson, Brown, and Kavanaugh, argued that Maynard was not distinguishable from the Knotts case, and therefore there was no reason to have decided Maynard differently than Knotts. The opinion also took issue with the theory that aggregation of information could amount to violation of the Fourth Amendment, which the original decision appeared to promote. It expressed concern that this line of reasoning would mean that other forms of surveillance—including personally conducted visual surveillance—could be held to violate the Fourth Amendment when done on a prolonged basis. Citing an opinion from the Seventh Circuit, it also suggested that GPS tracking should perhaps not even be considered a search within the meaning of the Fourth Amendment.

The second dissenting opinion, drafted by Judge Kavanaugh, pointed out that the appellant had also asserted a Fourth Amendment violation on the basis of the interference with personal property through the installation of the GPS tracking device on the appellant’s automobile. Thus, Judge Kavanaugh opined that a rehearing was additionally warranted in order to adjudicate this question.

The order, a concurring opinion, and the two dissenting opinions are available here thanks to courtlistener.com.

Control Orders to be Scrapped

noreply@blogger.com (John Guelke) — Fri, 07 Jan 2011 13:22:00 +0000

From BBC News: The UK Prime Minister has announced that the controversial 'Control Order' measure needs to be replaced. The statement follows mounting speculation over an alleged 'power struggle' in the Coalition - an allegation that Deputy Prime Minister Nick Clegg has denied this morning.

The Coalition Government has received praise for is being widely reported as a progressive move. However, the question of what precisely they are to be replaced with remains unresolved - a fact reported with suspicion by liberals and hope by conservatives. The Telegraph's Benedict Brogan, a conservative journalist so close to Cameron some have identified him as a potential replacement for Andy Coulson, has taken to complementing Clegg's hardheaded realism in government:

As with tuition fees, spending cuts and much else, Mr Clegg has discovered with control orders that the realities of government appear much starker from the inside. What I find striking is the effort Mr Cameron is making already to ease his deputy past what will be a difficult moment when it becomes clear – as I believe it will – that control orders have survived the review largely unscathed. The Prime Minister has decreed that he will not accept a compromise that makes it easier for the eight currently held, and any others in future, to do harm. He wants to make it possible for Mr Clegg to agree.
Actually, the Deputy Prime Minister does. This is what we must start giving him credit for, and is perhaps the most significant development of the whole affair: we are learning more about Mr Clegg’s successful transformation from a politician of opposition to a politician of government. Mr Clegg can say that he has gone from
the easy life of an Opposition Liberal to a Government Liberal. He has been confronted with some nasty choices that have left some of his colleagues and many of his supporters weak at the knees, and he has compromised where necessary in the interest of taking the right decision. In government he has discovered the facts, and his views have changed accordingly. It may look painful now, but his bet is that voters will reward him for it in 2015.

Such generosity may be an indication that the government is anticipating another politically difficult compromise for Nick Clegg.

Increasing Controversy with Introduction of New Pat-Down Procedures for US Airline Travel

noreply@blogger.com (J. Thurman) — Fri, 19 Nov 2010 18:41:00 +0000

When the US deployed backscatter x-ray and millimeter wave scanners, travellers were given the choice to opt for a physical pat-down instead of going through the scanner. Now, the TSA has introduced new, more invasive pat-down procedures that involve exploring around breasts and genitals and between the buttocks (See for instance this particularly graphic account as well as this account reportedly from author Erin Chase). Some early reports speculated that the new measures were introduced in order to intimidate those who would otherwise choose the pat-down into deciding that maybe the scanners aren’t that bad. Jeffrey Goldberg of The Atlantic has stated that TSA personnel explicitly admitted that that was the reason behind the new policy. John Pistole, Administrator of the TSA, who was called before the US Senate Commerce Committee this week, suggested that the new procedures are in response to covert testing of the old pat-down method which indicated it wasn’t “thorough” enough.

Meanwhile, concerns about the health effects of the scanners continue. Four scientists affiliated with the University of California at San Francisco drafted an open letter last spring to President Obama’s Assistant for Science and Technology outlining their concerns with the backscatter scanners. They argue that official assessments of the health impact from backscatter radiation may underestimate the potential effects of the low-levels of dosage that the scanners emit since they are based on whole body exposure, whereas the scanners would concentrate all radiation in the skin. Additionally, they express concern that certain groups or individuals may be particularly vulnerable to the increased radiation exposure, and they decry the failure to publish key data that would permit independent assessment of the health risks. Both the Allied Pilots Association and the US Airline Pilots Association have advised their members not to go through the scanners. The US Airline Pilots Association further notes that experiences with the new “enhanced” pat-down procedures have involved “a wide range of possibilities … and the results can be devastating.” Others have more general objections to both the scanner/ pat-down procedures. Two commercial pilots have even filed a lawsuit against the Department of Homeland Security citing Fourth Amendment violations. A number of State legislators in New Jersey have objected to the current screening regime and have introduced resolutions calling on the TSA to reconsider its procedures. Additionally, one private individual is calling for a national “opt-out” day to stage a protest.

US Government seeks rehearing of Maynard decision

noreply@blogger.com (J. Thurman) — Wed, 13 Oct 2010 11:10:00 +0000

The US Attorney’s Office has submitted to the DC Circuit Court a petition for rehearing of the GPS issue from the recent Maynard decision. I discussed that case in a previous post. In the petition, the government argues that the court’s holding on GPS surveillance is inconsistent with both existing US Supreme Court and DC Circuit jurisprudence, “raises enormous practical problems for law enforcement” and “implicitly calls into question common and important practices such as sustained visual surveillance and photographic surveillance of public places.” A copy of the petition is available here courtesy of Wired’s Threat Level blog (See also this post there on the FBI's GPS surveillance of an Arab-American for unknown reasons).

Schneier on Web Surveillance

noreply@blogger.com (J. Thurman) — Wed, 13 Oct 2010 11:01:00 +0000

Security specialist Bruce Schneier has published an opinion piece on CNN. The article comes in response to reports that the Obama administration is seeking to secure law enforcement access to web-based communications data through the enactment of new legislation. See also this related post on the LegaLIFT blog.

News: Republican Dissidents using Spy Cameras on MI5 Base

noreply@blogger.com (John Guelke) — Wed, 15 Sep 2010 14:49:00 +0000

From the Belfast Telegraph: There are reports today that Oglaigh na hEireann, the splinter dissident republican outfit, had established a sophisticated operation of four digital spy cameras in a forest overlooking the MI5 base at Palace Baracks in Northern Ireland. The cameras, which are likely to have been there for months, are reported to have been battery powered, equipped with memory sticks and to have successfully covered all angles of the base.

With recent increases in personnel, the barracks are the largest MI5 base outside London, employing more than 300 people.

It is feared ONH, which bombed Palace Barracks in April, has used the recordings to target soldiers and build profiles on spooks working at the new spy base.

Senior security sources in London tried to play down the cameras being found, saying only that trees were cleared and a new fence erected because of concerns the wooded area could conceal gunmen.

News of the World Phone Hacking Update

noreply@blogger.com (John Guelke) — Wed, 15 Sep 2010 13:35:00 +0000

As police interview a former News of the World journalist who claimed Andy Coulson asked him to hack phones, the last week has seen the pressure increase on both the newspaper and David Cameron's Director of Communications. On Thursday the 9th of September House of Commons debate was the site of a series of robust attacks on press intrusion - for example see Tom Watson MP's forthright (but on the whole characteristic) contribution below:

The claim that MPs have so far refrained from coming down on press intrusion with too much vigour for fear of becoming victims themselves is replicated elsewhere, for example in a Guardian article reporting the claim of former Plaid Cymru MP Adam Price:

Price told Channel 4 News last night that four members of the committee had considered asking the serjeant at arms to issue a warrant forcing Brooks to attend. He said: "We could have used the nuclear option. We decided not to, I think to some extent because of what I was told at the time by a senior Conservative member of the committee, who I know was in direct contact with executives at News International, that if we went for her, called her back, subpoenaed her, they would go for us. [This] meant effectively that they would delve into our personal lives in order to punish them and I think that's part of the reason we didn't do it." Watson told Channel 4 News that News International had further interfered by asking Downing Street to persuade him to tone down his questioning. "A [former Labour] cabinet minister has confirmed to me this week that News International talked to my former colleagues in No 10 Downing Street to ask them whether I would withdraw my aggressive line of questioning … I felt very frightened and intimidated." Watson added that he was told that Brooks vowed to destroy him after he led the Labour coup that persuaded Tony Blair to resign. "A very senior News International journalist told me at the Labour party conference in 2006, in the early hours of the morning, that his editor would never forgive me for resigning as a minister in Tony Blair's government and that she would pursue me for the rest of my political career until I was destroyed."

News: Metropolitan Police to Look at new Evidence in News of the World Phone Tapping Case

noreply@blogger.com (John Guelke) — Mon, 06 Sep 2010 12:57:00 +0000

From BBC News: The London Metropolitan Police have confirmed that they will look at new evidence which has come to light recently in relation to the News of the World phone hacking case in which stories were obtained by hacking the phones of the Royal Family, celebrities and politicians.

This announcement follows claims in the New York Times at the weekend that the practice of phone hacking at the newspaper was far more widespread than so far recognised. Furthermore the detail that the then editor Andy Coulson apparantly knew about, condoned and even requested phone hacking is likely to continue to be a focal point to the story due to his current role as a close advisor to David Cameron and Director of Communications - the News of the World continue to maintain that only one employee is ever known to have been hacking people's phones and that he did so without the knowledge of his employers. The NYT story presents a very different picture:

But interviews with more than a dozen former reporters and editors at News of the World present a different picture of the newsroom. They described a frantic, sometimes degrading atmosphere in which some reporters openly pursued hacking or other improper tactics to satisfy demanding editors. Andy Coulson, the top editor at the time, had imposed a hypercompetitive ethos, even by tabloid standards. One former reporter called it a “do whatever it takes” mentality. The reporter was one of two people who said Coulson was present during discussions about phone hacking. Coulson ultimately resigned but denied any knowledge of hacking.

News of the World was hardly alone in accessing messages to obtain salacious gossip. “It was an industrywide thing,” said Sharon Marshall, who witnessed hacking while working at News of the World and other tabloids. “Talk to any tabloid journalist in the United Kingdom, and they can tell you each phone company’s four-digit codes. Every hack on every newspaper knew this was done.”

DC Circuit Rules on Fourth Amendment and GPS

noreply@blogger.com (J. Thurman) — Mon, 16 Aug 2010 15:26:00 +0000

In an earlier post, I discussed the case of People v. Weaver which was argued before the New York Court of Appeals. Now, the Federal Circuit Court for the District of Columbia has decided on the issue of whether the long-term use of GPS surveillance must be supported by a warrant. Unlike in People v. Weaver, the DC Circuit decided the case on the basis of the Fourth Amendment of the US Constitution as opposed to an analogous guarantee under a State Constitution. The case, United States v. Maynard, No. 08-3030 (D.C. Cir. August 6, 2010), does have some similarities to People v. Weaver, but there are also some interesting and significant differences.

Maynard involved the use of a GPS device to monitor the movements of a suspect’s vehicle over the course of 28 days. Inevitably, as in Weaver, much of the discussion in Maynard centers around the Knotts case (460 U.S. 276 (1983)). Knotts was the Supreme Court case involving the “beeper” homing device and the drum of chloroform (See my earlier post for more details). In Maynard, however, the court seized upon specific language indicating a limitation on the scope of the Knotts holding. In this way, the DC court argued that the Knotts court had drawn a distinction between the limited type of surveillance at issue in that case versus “more comprehensive or sustained” surveillance as was at issue in the Maynard case (“Most important for the present case, the Court specifically reserved the question whether a warrant would be required in a case involving ‘twenty-four hour surveillance,’….” (p. 17)).

Thus, for the Maynard court, the issue in question in the case was whether prolonged GPS-tracking of a vehicle without a warrant violated the Fourth Amendment protection against unreasonable searches. As in Weaver, the DC court was particularly impressed by the amount of information that could be extracted from having the complete record of an individual’s movements over an extended period of time.

Since the case concerned the Fourth Amendment, the Court had to apply the so-called Katz test (after Katz v. United States, 389 U. S. 347 (1967)) to determine whether there was a violation. That involves application of the famous (or infamous) “reasonable expectation of privacy” standard. Under that standard, US Supreme Court jurisprudence has established that one cannot reasonably expect that aspects of life that are exposed to the public remain in or belong to the private sphere. Thus, the reasoning in Knotts was that the use of the homing device did not implicate the Fourth Amendment since “[a] person traveling in an automobile on public thoroughfares has no reasonable expectation of privacy in his movements from one place to another” (Knotts, at 281). Interestingly, the DC court held that the prolonged surveillance of a suspect’s vehicle with GPS does not concern movements that are “exposed to the public” in the same way as the journey of the drum of chloroform from its place of purchase to Knotts’ cabin. Here, the extent of information gathered was the distinguishing factor. Although each of the vehicle’s movements on public roads was undoubtedly in public view, the DC court maintained that the likelihood that anyone would track each of those movements week after week was “essentially nil” (p. 26). Thus, in essence, it may be unreasonable to expect that no one will observe the totality of a single trip made with one’s automobile on public roads, but it is not unreasonable to expect that no one person will observe the totality of every trip made with that automobile over the course of a month. That, at least, appears to be the court’s reasoning.

This line of thought makes this case particularly remarkable. The notion that the extent of information itself that is gathered about a criminal subject could hold significance for Fourth Amendment analysis has not been adopted by the Supreme Court; yet, many have questioned or criticized the shortcomings of the reasonable expectation of privacy standard, including the potential lack of differentiation with respect to the aggregation of “publicly exposed” information as opposed to individual bits. I’m not sure that any other federal court has introduced this notion – there at least don’t appear to be any other such cases concerning the use of GPS. In fact, the 7th and 9th Circuits tended to suggest the sort of result one would expect—i.e. that use of GPS generally wouldn’t constitute a Fourth Amendment search since it merely conveyed information that was exposed to public view (See United States v. Garcia, 474 F.3d 994 (7th Cir. 2007), United States v. Pineda-Moreno, 591 F.3d 1212 (9th Cir. 2010)). If the Supreme Court were to adopt Maynard’s line of reasoning, it would mean a significant change for the scope of Fourth Amendment protection, not to mention the future of law enforcement surveillance.

But how does Maynard differ from Weaver—apart from the fact that they dealt with different bodies of law? Weaver seemed to focus on the technology itself and the novel dangers it posed—as bemoaned by Judge Smith in his dissent. As a result, Weaver appears to hold that the use of GPS for surveillance will always require a warrant whatever the circumstances. The holding in Maynard is narrower. It doesn’t subject GPS in and of itself to the warrant requirement but rather only the “prolonged” use of it. Again, it’s essentially the body of information that is acquired that is the key issue. “Prolonged” use results in the collection of too much information—beyond what one would reasonably expect to be public. That means that more limited use of GPS without a warrant should be OK within DC (assuming there aren’t other bases for objecting on Fourth Amendment grounds—for instance on the basis that depositing the GPS device on the car constituted an impermissible seizure). Where exactly the line would lie between overintrusive surveillance and permissible surveillance remains to be seen. It’s significant to note that the court expressly reserved any determination as to whether prolonged visual surveillance would be subject to the warrant requirement. That fact might, in a way, leave some room for technology to have some significance after all. However, if it were ruled that no warrant was required for police officers to maintain visual surveillance of a suspect over the course of a month and record that suspect’s movements—effectively accumulating the same body of information that was at issue in Maynard—this would be a strange result.

Maynard is interesting for another reason. On pages 36 - 37, it refers to what in German is known as a right to “informational self-determination” (informationelle Selbstbestimmung). In English scholarship, this right is often referred to as “informational privacy” (See DETECTER Deliverable D17.1: van der Hilst, "Human Rights Risks of Selected Detection Technologies: Sample Uses by Governments of Selected Detection Technologies," p. 4 (citing Alan F. Westin, Privacy and Freedom (1967) and Arthur Miller, The Assault on Privacy (1971))). If a right to control information about oneself wins greater recognition in the US—beyond law pertaining to the Freedom of Information Act and (potentially) common law torts—this would also represent a significant development for privacy law in the US.

Update: US Marshalls Service Incident

noreply@blogger.com (J. Thurman) — Wed, 11 Aug 2010 10:31:00 +0000

I noted in a post on Monday that the US Marshalls Service had revealed that it had stored more than 35,000 images from a Brijot Gen2 scanner that was in use at a Florida courthouse. The Marshalls Service has issued a statement in response to that disclosure. That statement is available on the Brijot website here.

A reader of my earlier post "Focus on Full Body Scanners" pointed out in a comment that the Brijot scanners are passive wave scanners--i.e. they don't emit radiation--and as the statement from the Marshalls Service indicates, the images produced don't represent clear images of the naked body (the statement includes a link to the Brijot website with a couple of examples).

Evidently, however, the scanner also took photographic images of the individuals passing through, and I'm curious as to whether the photos were among the images that were stored.

I think I would be happier with these kind of scanners in airports than the active wave scanners. Some UK airports have also been taking photographs of travellers as they pass through the airport. As long as the photos aren't generally retained for too long, say 24 - 48 hours, that might also be acceptable.

European Union Agency for Fundamental Rights: Document on Body Scanners

noreply@blogger.com (J. Thurman) — Tue, 10 Aug 2010 06:26:00 +0000

The European Union Agency for Fundamental Rights published a Q&A document on the use of full body scanners last month.

It addresses the following questions:

1. Which fundamental rights are at risk of being affected by the use of body scanners?

2. Is the use of a body scanner to be considered as processing personal data?

3. How could the requirements on the design and selection of body scanners best respect rules on data protection?

4. How can body scanners be assessed from a rule of law perspective?

5. Are there specific considerations to be taken into account when selecting people to be screened?

6. Should the person to be screened be given the choice between a body scanner and other screening methods?

7. Which information should be given to persons before they choose to be screened by a body scanner?

8. How intrusive are body scanners if compared to other screening methods?

9. Is the detection capability of body scanners an added value regarding security?

10. Which conditions should apply in order to address the concerns related to fundamental rights?

News: US Marshalls Service stored more than 35,000 images from full body scanners

noreply@blogger.com (J. Thurman) — Mon, 09 Aug 2010 08:29:00 +0000

In a letter responding to a Freedom of Information Request from the Electronic Privacy Information Center, the US Marshalls Service indicated that it had a file of approximately 35,314 images from a Brijot Gen2 scanner that were created between 2 Feb. 2010 and 28 July 2010. In this instance, the machine was not being used for airport security but rather was installed at the security checkpoint of a Florida courthouse. Additionally, the letter indicated that there may have been other images stored by a scanner being tested at a federal courthouse in the District of Columbia. That machine was returned to the manufacturer once testing had been completed and “any images that may have been stored on that machine are therefore no longer under agency control.” No copies of images from that machine were stored by the agency, the letter states.

News: Body Scanner Developments

noreply@blogger.com (J. Thurman) — Wed, 28 Jul 2010 08:43:00 +0000

EPIC points out that DHS announced last week it plans to roll out full body scanners (now known as “Advanced Imaging Technology” in TSA-speak) to 28 additional airports. Meanwhile, EPIC has attempted to bring an action to suspend use of the scanners, and a bill has been introduced in the US Senate (S.3536) that would require deployment of the scanners at all US airports by 2013.

In Switzerland, the Zurich Airport began a pilot test involving a single body scanner on 8 June 2010. The test involved the “second generation” system which uses the gingerbread-man-like display rather than an actual scan image. The pilot test was completed on 14 July 2010, and the Airport states that the use of the system enjoyed a high acceptance rate among passengers. The results from the test are being assessed, and future tests may take place, but there are currently no plans to acquire any scanners, the Airport reports.

News: Washington Post launches New Series on "Top Secret America"

noreply@blogger.com (J. Thurman) — Wed, 21 Jul 2010 13:22:00 +0000

For those who haven't already read about it on the LIFT, the Washington Post began a new series of reports and features this week highlighting the ballooning national security and intelligence apparatus in the US since Sept. 11. The main page of the project is accessible here.

One figure that stuck out for me was the claim that "[a]n estimated 854,000 people, nearly 1.5 times as many people as live in Washington, D.C., hold top-secret security clearances." (Found in this article)

Also have a look at the gallery of anti-deception technology.

Swiss Intelligence Oversight Body Cites Problems with Database

noreply@blogger.com (J. Thurman) — Fri, 16 Jul 2010 16:27:00 +0000

Earlier this month, Swiss media announced that the oversight body for Swiss intelligence and national security activities, the “Geschäftsprüfungsdelegation” (GPDel), had produced a negative report on the state of the Federal Intelligence Service’s information system, the ISIS-NT. According to the report, the database held entries on 50,000 people in 2001 and grew to 60,000 entries in 2004 (p. 6). Since that time, however, the database has grown to contain primary entries on 120,000 individuals plus an additional 80,000 or so “third persons”. These third persons represent individuals who have some tie to the 120,000 individuals of primary concern or to some event recorded in the database.

The GPDel expressed concern about the overall quality of the data held in the database. Based on its inspection of various sample entries, the GPDel found instances where the individuals or incidents entered into the database were not serious enough to warrant inclusion as well as instances where data had expired but had not been deleted. The GPDel also opined that the database suffered from the systematic entry of incorrect data due to a flaw in internal entry guidelines. Additionally, it suspected that many of the 80,000 third person entries did not meet the legal requirements that warranted entry in the database.

According to an article in the Neue Zürcher Zeitung, only about 5% of the entries concern Swiss citizens and only 12.2% are Swiss residents. These facts have perhaps prompted the Federal Commission for Migration Issues to inquire whether the database has had any bearing on the issuance of resident permits, as reported by the NZZ (citing an interview on Swiss Radio DRS).

The report is available in French here and in German here.

News: US Official Claims SWIFT Data Used in Arrest of 3 al Qaeda Suspects in Norwegian Investigation

noreply@blogger.com (J. Thurman) — Fri, 09 Jul 2010 09:05:00 +0000

The EUobserver has run a story stating that Under-Secretary for Terrorism and Financial Intelligence Stuart Levey announced that SWIFT data were used to track down 3 suspects accused of planning a terrorist attack involving peroxide bombs. All three suspects were Norwegian residents and were arrested as part of a Norwegian investigation.

EU Parliament Gives Green Light to EU-US SWIFT Agreement

noreply@blogger.com (J. Thurman) — Thu, 08 Jul 2010 12:15:00 +0000

The Neue Zürcher Zeitung has announced that the EU-Parliament has approved the new US-EU SWIFT agreement that would involve communication of European bank transfer data. According to the NZZ story, 484 parliamentarians voted in favor of allowing the treaty, 109 voted against. The agreement will have a term of 5 years by which time, the EU hopes to have developed its own monitoring system.

Detecter Deliverable: Border Control and Internal Security in the European Union

noreply@blogger.com (John Guelke) — Thu, 01 Jul 2010 12:53:00 +0000

Deliverable D14.1 was written by Audelina Ahumada as part of Work Package 05. You can read the whole thing here.

Executive summary

Since the New York terrorist attacks in September 2001, border control is increasingly shaped by security considerations. This paper concentrates on the implications of this trend for the enjoyment of human rights protection by third-country nationals that seek to enter or have already gained access to European Union territory. The integration in the common border policy of threat assessments and risk analyses together with information gathering and sharing through the use of advanced technology has contributed to the perception that cross-border movements, and, in particular (potential)irregular immigration are closely related to serious criminality, including terrorism.
In the development of a common border policy, the EU, together with its Member States, should ensure that control and surveillance over the external frontiers are implemented in full compliance with legally binding international and European human rights standards. This should include operations aimed at diverting “illegal immigration” when conducted beyond EU external borders and when carried out in cooperation with third countries.
The legal mandate of the EU Border Control Agency, Frontex, should be clearly defined, in particular as regards the Agency’s competencies and corresponding responsibilities. Any coordination of or other involvement in border control operations by Frontex should be governed by clear guidelines which ensure respect for the principle of non-refoulement, including chain-refoulement, and the right to a fair and effective asylum procedure for any person claiming an international protection need.
The integration of internal security aspects in EU border policy also affects the processing of personal data on third-country nationals. Such data are stored in centralised EU-operated databases and were originally collected for primarily immigration-related purposes. Promotion of access to sensitive personal immigration data, including fingerprints, by law enforcement authorities for purposes including the prevention of and fight against terrorism implies that non-EU citizens form a suspect category in itself. This raises serious questions concerning the legitimacy, including necessity and proportionality of the measure under data protection principles inherent in the right to privacy. It may, in addition, have serious implications for the principle of non-discrimination.
Trends towards “interoperability” between EU-operated databases should be accompanied by the establishment of a comprehensive, specific and legally binding data protection framework with adequate safeguards to cover risks related to the large scale storage and use of personal data. The more authorities have access to sensitive personal information, the greater the risks of abuse, misuse, leaks and loss of data. This may have serious consequences, including with regard to the prohibition of torture and the principle of non-refoulement, if data on refugees and asylum-seekers reach authorities in their countries of origin.
Applying systematically EU carrier sanctions regime on international carriers may obstruct refugees and asylum-seekers in seeking protection in the EU. Trends toward the extension of the carrier sanctions regime to include the transfer of passenger data to national authorities, including for counter-terrorism purposes, raise serious questions from the perspective of data protection principles. Refugee protection is further marginalilzed, while adding to the perception that cross-border movements are closely linked with criminality.

Comment: EDRI on the New SWIFT Deal

noreply@blogger.com (John Guelke) — Wed, 30 Jun 2010 15:19:00 +0000

European Digital Rights has a comment on the new SWIFT access deal signed earlier this week. It maintains that this deal has "no significant improvements from the Agreement rejected by the European Parliament in February 2010":

Unfortunately, the new adopted text still allows for bulk data transfers. The Parliament would have liked to replace bulk data with targeted searches carried out by an EU-based authority but according to MEP Birgit Sippel, "We cannot reduce the problem of bulk data for the moment as we do not have the technical
capability."

The retention period is still 5 years and there is no real system in place from the US on a binding legal redress. The US Privacy Act court clauses only apply to US citizens and legal residents. Therefore there is currently no right of judicial review for foreign citizens and residents (including EU) under the US law.

Another key critique to the current text is the role of Europol that should authorize the data transfer requests from the US. Besides the fact that Europol is not a judicial authority, as requested by the European Parliament in May 2010 Resolution, the incentive from this agency to limit the amount of data being transferred is extremely reduced due to the fact that they can actually request data searches from the US.

Detecter Deliverable: Unilateral Exceptions to International Law

noreply@blogger.com (John Guelke) — Wed, 30 Jun 2010 13:01:00 +0000

Deliverable D06.1 was written by Mathias Vermeulen and Martin Scheinin as part of Work Package 04. You can read the whole thing here.

Executive Summary

This paper on unilateral exceptions to human rights and international law in the fight against terrorism prepares the ground for two further deliverables under the DETECTER project, namely a policy-oriented paper summarizing the results and applying them in respect of EU law and policies, and a study specifically addressing detection technologies. It is well known that many governments have resorted to a wide range of constructions to justify, under international law, their unilateral exceptions to human rights in the name of countering terrorism. This paper seeks to take stock of a whole range of arguments, doctrines or constructions that states may resort to when seeking to justify their unilateral exceptions to human rights norms in the fight against terrorism. Many of those constructions have a valid legal basis and a proper scope of application. However, they also have their limitations, to the effect that often they affect only a specific treaty, or the availability of a procedure, but do not affect the substantive obligations of the state in question under international law. In many cases this results from the overlap of treaty law and customary norms of international law. Some of the constructions are open to abuse, i.e. bad faith efforts to distort international law to the detriment of human rights. Because of the complexity of the combined effect of the various excuses and exceptions, there is a need for a holistic approach that seeks to address the combined effect of the various constructions of unilateral exception.

Some of the main conclusions of the paper are highlighted in this executive summary. To start with:
None of the constructions discussed affects a state's obligations under peremptory norms of international law (jus cogens).
Outside that realm of peremptory norms, some of the constructions discussed have an impact upon both treaty law and customary international law, hence affecting the substantive human rights obligations of a state. This would be the case for the lex specialis effect of international humanitarian law during armed conflict but only when lex specialis is properly construed as an interpretive effect upon the scope or content of a particular human right.
Counter-terrorism measures may qualify as permissible limitations on human rights, again when properly construed. This conclusion calls for a rigorous test for permissible limitations, rather than an all-encompassing act of 'balancing'.
Most constructions discussed in this paper pertain merely to human rights treaties and do not affect the state's obligations under customary international law. As there is a high degree of substantive overlap between human rights treaties and customary norms of international law, resorting to these excuses therefore usually only has procedural consequences. It does not affect the substantive obligations of the state under international law, but precludes the competence of an international (or regional) human rights court or treaty body to address the breach of international law through its regular monitoring mechanisms.
The most relevant constructions of unilateral exceptions to human rights treaty obligations are the power of a state to declare a state of emergency and to derogate from some but not all of its human rights treaty obligations, reduction of the scope of a state's human rights obligations when it acts outside its own territory, the right to enter permissible reservations upon the signature or ratification of a treaty and, in some cases, withdrawal from a treaty.
There is some state practice of declaring a state of emergency because of acts of or a threat of terrorism. When applied under the fairly strict requirements for derogation enshrined in the treaties in question and when subject to international monitoring through the procedures available under the treaties in question, derogation is a permissible and even recommended mechanism for reacting to situations of a genuine threat to the life of the nation.
Although the European Court of Human Rights has in some cases implied that a state is not subject to exactly the same obligations when it is, through its agents, acting outside its own territory, caution is required when resorting to this excuse. Other human rights treaties and customary norms of human rights law may remain applicable, and even the position of the European Court of Human Rights appears to be shifting (or inconsistent).
Somewhat surprisingly, states have not resorted to reservations under human rights treaties with express reference to terrorism. However, a very small number of existing reservations, including in respect of the right to a fair trial, may have a bearing upon the treatment of terrorism suspects.
Some, primarily regional, human rights treaties would allow for a state's unilateral withdrawal from the treaty. In practice, the option of withdrawal has figured in the political discourse, for instance after a government has received a ruling by a regional human rights court but no state has actually resorted to withdrawal from human rights treaties as a response to terrorism.

Detecter Deliverable: Privacy, Secret Detention Centres and Overflights

noreply@blogger.com (John Guelke) — Tue, 29 Jun 2010 15:41:00 +0000

Deliverable 16.1 was written by Geir Ulfstein as part of Work Package 08. You can read the whole thing here.

Executive Summary

Article 17 of the International Covenant on Civil and Political Rights (ICCPR) establishes the right to privacy. The implementation of this right is monitored by the Human Rights Committee. The Committee has emphasized that interference in the right to privacy must be foreseeable; mechanisms should be established to prevent abuse of collected information and to ensure review, supervision and redress; and vulnerable groups should be protected. The Committee has, however, not established clear guidance about which substantive measures would be considered a violation of the right of privacy.
News media and NGOs reported in 2005 about secret detention centres and overflights in Europe as part of US counter-terrorism strategy. Such activities gave rise to several human rights concerns. The Parliamentary Assembly of the Council of Europe initiated an inquiry into these matters. The Secretary General requested member states to provide relevant information. The European Commission for Democracy through Law (Venice Commission) prepared an opinion on the human rights aspects. Cooperation was also established with the European Parliament of the European Union. This cooperation uncovered suspicious patterns of military and civilian aircraft and indications of secret detention centres. They were also able to put political pressure on the respective international organs and on national governments. The Committee of Ministers of the Council of Europe, however, failed to follow up strongly, and the European Parliament deplored the lack of follow up by the Council of the European Union, and by member states.
Several UN organs have been involved in the issues of secret detention and overflights, including the Human Rights Committee, the Committee Against Torture, the Special Rapporteur on the promotion and protection of human rights while countering terrorism, the Special Rapporteur on torture and other cruel, inhuman or degrading treatment or punishment, the Working Group on Arbitrary Detention and the Working Group on Enforced or Involuntary Disappearances. The UN organs have generally been more reactive than what was the case of the European Parliament and the Parliamentary Assembly. But all the bodies have, within their mandates, addressed these matters. They have helped to uncover certain facts, but have not been able to establish ‘hard facts’ about the relevant activities. These bodies have, however, the benefit of being able to have a more continuous focus on such cases. Furthermore, they have a global focus, and may thus engage in activities beyond the European context.

News: Germany Expresses Concern over Apple's iPhone users Database

noreply@blogger.com (John Guelke) — Tue, 29 Jun 2010 14:18:00 +0000

From Privacy Digest: The German minister of justice, Sabine Leutheusser-Schnarrenberger, has spoken out over Apple's compilation of data on iPhone users, requesting the company to provide state data protection officials with details of what information on German iPhone users was being gathered, how long it was being stored, and for what purpose.

The case is being cited as further proof of Germany's tough line on privacy after previous tensions with Google Street View this year. However, a speedy resolution seems likely:

Stefan Köpsell, an instructor in data protection at the Technical University in Dresden, said that Apple could probably settle the controversy surrounding the iPhone 4 by having German users give their consent prior to the data being forwarded.
“I think there is probably a fundamental conflict between some Internet business models and German privacy law,” Mr. Köpsell said. “But in general, evidence shows that most Germans are willing to participate if there’s a benefit.” For example, 60 percent of households in Germany use a retail bonus card called Payback, owned by Loyalty Partner of Munich, which gives them points that can be used toward future purchases. By participating, consumers have given the company the right to collect and market data on their purchasing habits, as well as target them with advertising. “I would think the same would be possible for Apple,” Mr. Köpsell said.

News: New US/EU Agreement on Transfer of SWIFT Banking Data

noreply@blogger.com (John Guelke) — Tue, 29 Jun 2010 13:54:00 +0000

From European Voice: A new agreement to grant US Counter-Terrorism authorities access to European banking transaction data held in the SWIFT database:

Final agreement on the new wording was reached on Friday (25 January). After the draft agreement had been initialled by Malmström on 10 June, MEPs had demanded
changes to the text concerning the bulk transfer of data, the creation of an EU counterpart to the US Terrorist Finance Tracking Programme (TFTP), and EU oversight of TFTP data-processing on US soil.
The three largest political groups in the Parliament – the centre-right EPP, centre-left PES and liberal ALDE – are now in favour of the agreement. In February, the Parliament, using new powers under the EU's Treaty of Lisbon, had rejected an interim agreement on SWIFT transfers.

Over at the Legalift Mathias Vermeulen has a discussion of some of the new restrictions build in to the new agreement, such as a ban on the use of this information for data mining, the possibility of administrative redress for EU citizens and the involvement of Europol in verifying and approving US requests for data.

In its coverage the Register points out that the European Data Protection Supervisor continues to question the need for mass transaction and long term storage of this data, and has additionally called for more oversight.