Skip to main content

Home/ Socialism and the End of the American Dream/ Group items tagged EU-Court-of-Justice

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
Paul Merrell

CURIA - Documents - 0 views

curia.europa.eu/...document.jsf

surveillance state EU Court-of-Justice data-retention data privacy

shared by Paul Merrell on 19 Jul 14 - No Cached
  • 37      It must be stated that the interference caused by Directive 2006/24 with the fundamental rights laid down in Articles 7 and 8 of the Charter is, as the Advocate General has also pointed out, in particular, in paragraphs 77 and 80 of his Opinion, wide-ranging, and it must be considered to be particularly serious. Furthermore, as the Advocate General has pointed out in paragraphs 52 and 72 of his Opinion, the fact that data are retained and subsequently used without the subscriber or registered user being informed is likely to generate in the minds of the persons concerned the feeling that their private lives are the subject of constant surveillance.
  • 43      In this respect, it is apparent from recital 7 in the preamble to Directive 2006/24 that, because of the significant growth in the possibilities afforded by electronic communications, the Justice and Home Affairs Council of 19 December 2002 concluded that data relating to the use of electronic communications are particularly important and therefore a valuable tool in the prevention of offences and the fight against crime, in particular organised crime. 44      It must therefore be held that the retention of data for the purpose of allowing the competent national authorities to have possible access to those data, as required by Directive 2006/24, genuinely satisfies an objective of general interest.45      In those circumstances, it is necessary to verify the proportionality of the interference found to exist.46      In that regard, according to the settled case-law of the Court, the principle of proportionality requires that acts of the EU institutions be appropriate for attaining the legitimate objectives pursued by the legislation at issue and do not exceed the limits of what is appropriate and necessary in order to achieve those objectives (see, to that effect, Case C‑343/09 Afton Chemical EU:C:2010:419, paragraph 45; Volker und Markus Schecke and Eifert EU:C:2010:662, paragraph 74; Cases C‑581/10 and C‑629/10 Nelson and Others EU:C:2012:657, paragraph 71; Case C‑283/11 Sky Österreich EU:C:2013:28, paragraph 50; and Case C‑101/12 Schaible EU:C:2013:661, paragraph 29).
  • 67      Article 7 of Directive 2006/24, read in conjunction with Article 4(1) of Directive 2002/58 and the second subparagraph of Article 17(1) of Directive 95/46, does not ensure that a particularly high level of protection and security is applied by those providers by means of technical and organisational measures, but permits those providers in particular to have regard to economic considerations when determining the level of security which they apply, as regards the costs of implementing security measures. In particular, Directive 2006/24 does not ensure the irreversible destruction of the data at the end of the data retention period.68      In the second place, it should be added that that directive does not require the data in question to be retained within the European Union, with the result that it cannot be held that the control, explicitly required by Article 8(3) of the Charter, by an independent authority of compliance with the requirements of protection and security, as referred to in the two previous paragraphs, is fully ensured. Such a control, carried out on the basis of EU law, is an essential component of the protection of individuals with regard to the processing of personal data (see, to that effect, Case C‑614/10 Commission v Austria EU:C:2012:631, paragraph 37).69      Having regard to all the foregoing considerations, it must be held that, by adopting Directive 2006/24, the EU legislature has exceeded the limits imposed by compliance with the principle of proportionality in the light of Articles 7, 8 and 52(1) of the Charter.
  • ...13 more annotations...
  • 58      Directive 2006/24 affects, in a comprehensive manner, all persons using electronic communications services, but without the persons whose data are retained being, even indirectly, in a situation which is liable to give rise to criminal prosecutions. It therefore applies even to persons for whom there is no evidence capable of suggesting that their conduct might have a link, even an indirect or remote one, with serious crime. Furthermore, it does not provide for any exception, with the result that it applies even to persons whose communications are subject, according to rules of national law, to the obligation of professional secrecy. 59      Moreover, whilst seeking to contribute to the fight against serious crime, Directive 2006/24 does not require any relationship between the data whose retention is provided for and a threat to public security and, in particular, it is not restricted to a retention in relation (i) to data pertaining to a particular time period and/or a particular geographical zone and/or to a circle of particular persons likely to be involved, in one way or another, in a serious crime, or (ii) to persons who could, for other reasons, contribute, by the retention of their data, to the prevention, detection or prosecution of serious offences.
  • 1        These requests for a preliminary ruling concern the validity of Directive 2006/24/EC of the European Parliament and of the Council of 15 March 2006 on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks and amending Directive 2002/58/EC (OJ 2006 L 105, p. 54).
  • Digital Rights Ireland Ltd (C‑293/12)vMinister for Communications, Marine and Natural Resources,Minister for Justice, Equality and Law Reform,Commissioner of the Garda Síochána,Ireland,The Attorney General,intervener:Irish Human Rights Commission, andKärntner Landesregierung (C‑594/12),Michael Seitlinger,Christof Tschohl and others,
  • JUDGMENT OF THE COURT (Grand Chamber)8 April 2014 (*)(Electronic communications — Directive 2006/24/EC — Publicly available electronic communications services or public communications networks services — Retention of data generated or processed in connection with the provision of such services — Validity — Articles 7, 8 and 11 of the Charter of Fundamental Rights of the European Union)In Joined Cases C‑293/12 and C‑594/12,
  • 34      As a result, the obligation imposed by Articles 3 and 6 of Directive 2006/24 on providers of publicly available electronic communications services or of public communications networks to retain, for a certain period, data relating to a person’s private life and to his communications, such as those referred to in Article 5 of the directive, constitutes in itself an interference with the rights guaranteed by Article 7 of the Charter. 35      Furthermore, the access of the competent national authorities to the data constitutes a further interference with that fundamental right (see, as regards Article 8 of the ECHR, Eur. Court H.R., Leander v. Sweden, 26 March 1987, § 48, Series A no 116; Rotaru v. Romania [GC], no. 28341/95, § 46, ECHR 2000-V; and Weber and Saravia v. Germany (dec.), no. 54934/00, § 79, ECHR 2006-XI). Accordingly, Articles 4 and 8 of Directive 2006/24 laying down rules relating to the access of the competent national authorities to the data also constitute an interference with the rights guaranteed by Article 7 of the Charter. 36      Likewise, Directive 2006/24 constitutes an interference with the fundamental right to the protection of personal data guaranteed by Article 8 of the Charter because it provides for the processing of personal data.
  • 65      It follows from the above that Directive 2006/24 does not lay down clear and precise rules governing the extent of the interference with the fundamental rights enshrined in Articles 7 and 8 of the Charter. It must therefore be held that Directive 2006/24 entails a wide-ranging and particularly serious interference with those fundamental rights in the legal order of the EU, without such an interference being precisely circumscribed by provisions to ensure that it is actually limited to what is strictly necessary.66      Moreover, as far as concerns the rules relating to the security and protection of data retained by providers of publicly available electronic communications services or of public communications networks, it must be held that Directive 2006/24 does not provide for sufficient safeguards, as required by Article 8 of the Charter, to ensure effective protection of the data retained against the risk of abuse and against any unlawful access and use of that data. In the first place, Article 7 of Directive 2006/24 does not lay down rules which are specific and adapted to (i) the vast quantity of data whose retention is required by that directive, (ii) the sensitive nature of that data and (iii) the risk of unlawful access to that data, rules which would serve, in particular, to govern the protection and security of the data in question in a clear and strict manner in order to ensure their full integrity and confidentiality. Furthermore, a specific obligation on Member States to establish such rules has also not been laid down.
  • 60      Secondly, not only is there a general absence of limits in Directive 2006/24 but Directive 2006/24 also fails to lay down any objective criterion by which to determine the limits of the access of the competent national authorities to the data and their subsequent use for the purposes of prevention, detection or criminal prosecutions concerning offences that, in view of the extent and seriousness of the interference with the fundamental rights enshrined in Articles 7 and 8 of the Charter, may be considered to be sufficiently serious to justify such an interference. On the contrary, Directive 2006/24 simply refers, in Article 1(1), in a general manner to serious crime, as defined by each Member State in its national law.61      Furthermore, Directive 2006/24 does not contain substantive and procedural conditions relating to the access of the competent national authorities to the data and to their subsequent use. Article 4 of the directive, which governs the access of those authorities to the data retained, does not expressly provide that that access and the subsequent use of the data in question must be strictly restricted to the purpose of preventing and detecting precisely defined serious offences or of conducting criminal prosecutions relating thereto; it merely provides that each Member State is to define the procedures to be followed and the conditions to be fulfilled in order to gain access to the retained data in accordance with necessity and proportionality requirements.
  • 55      The need for such safeguards is all the greater where, as laid down in Directive 2006/24, personal data are subjected to automatic processing and where there is a significant risk of unlawful access to those data (see, by analogy, as regards Article 8 of the ECHR, S. and Marper v. the United Kingdom, § 103, and M. K. v. France, 18 April 2013, no. 19522/09, § 35).56      As for the question of whether the interference caused by Directive 2006/24 is limited to what is strictly necessary, it should be observed that, in accordance with Article 3 read in conjunction with Article 5(1) of that directive, the directive requires the retention of all traffic data concerning fixed telephony, mobile telephony, Internet access, Internet e-mail and Internet telephony. It therefore applies to all means of electronic communication, the use of which is very widespread and of growing importance in people’s everyday lives. Furthermore, in accordance with Article 3 of Directive 2006/24, the directive covers all subscribers and registered users. It therefore entails an interference with the fundamental rights of practically the entire European population. 57      In this respect, it must be noted, first, that Directive 2006/24 covers, in a generalised manner, all persons and all means of electronic communication as well as all traffic data without any differentiation, limitation or exception being made in the light of the objective of fighting against serious crime.
  • 62      In particular, Directive 2006/24 does not lay down any objective criterion by which the number of persons authorised to access and subsequently use the data retained is limited to what is strictly necessary in the light of the objective pursued. Above all, the access by the competent national authorities to the data retained is not made dependent on a prior review carried out by a court or by an independent administrative body whose decision seeks to limit access to the data and their use to what is strictly necessary for the purpose of attaining the objective pursued and which intervenes following a reasoned request of those authorities submitted within the framework of procedures of prevention, detection or criminal prosecutions. Nor does it lay down a specific obligation on Member States designed to establish such limits. 63      Thirdly, so far as concerns the data retention period, Article 6 of Directive 2006/24 requires that those data be retained for a period of at least six months, without any distinction being made between the categories of data set out in Article 5 of that directive on the basis of their possible usefulness for the purposes of the objective pursued or according to the persons concerned.64      Furthermore, that period is set at between a minimum of 6 months and a maximum of 24 months, but it is not stated that the determination of the period of retention must be based on objective criteria in order to ensure that it is limited to what is strictly necessary.
  • 52      So far as concerns the right to respect for private life, the protection of that fundamental right requires, according to the Court’s settled case-law, in any event, that derogations and limitations in relation to the protection of personal data must apply only in so far as is strictly necessary (Case C‑473/12 IPI EU:C:2013:715, paragraph 39 and the case-law cited).53      In that regard, it should be noted that the protection of personal data resulting from the explicit obligation laid down in Article 8(1) of the Charter is especially important for the right to respect for private life enshrined in Article 7 of the Charter.54      Consequently, the EU legislation in question must lay down clear and precise rules governing the scope and application of the measure in question and imposing minimum safeguards so that the persons whose data have been retained have sufficient guarantees to effectively protect their personal data against the risk of abuse and against any unlawful access and use of that data (see, by analogy, as regards Article 8 of the ECHR, Eur. Court H.R., Liberty and Others v. the United Kingdom, 1 July 2008, no. 58243/00, § 62 and 63; Rotaru v. Romania, § 57 to 59, and S. and Marper v. the United Kingdom, § 99).
  • 26      In that regard, it should be observed that the data which providers of publicly available electronic communications services or of public communications networks must retain, pursuant to Articles 3 and 5 of Directive 2006/24, include data necessary to trace and identify the source of a communication and its destination, to identify the date, time, duration and type of a communication, to identify users’ communication equipment, and to identify the location of mobile communication equipment, data which consist, inter alia, of the name and address of the subscriber or registered user, the calling telephone number, the number called and an IP address for Internet services. Those data make it possible, in particular, to know the identity of the person with whom a subscriber or registered user has communicated and by what means, and to identify the time of the communication as well as the place from which that communication took place. They also make it possible to know the frequency of the communications of the subscriber or registered user with certain persons during a given period. 27      Those data, taken as a whole, may allow very precise conclusions to be drawn concerning the private lives of the persons whose data has been retained, such as the habits of everyday life, permanent or temporary places of residence, daily or other movements, the activities carried out, the social relationships of those persons and the social environments frequented by them.
  • 32      By requiring the retention of the data listed in Article 5(1) of Directive 2006/24 and by allowing the competent national authorities to access those data, Directive 2006/24, as the Advocate General has pointed out, in particular, in paragraphs 39 and 40 of his Opinion, derogates from the system of protection of the right to privacy established by Directives 95/46 and 2002/58 with regard to the processing of personal data in the electronic communications sector, directives which provided for the confidentiality of communications and of traffic data as well as the obligation to erase or make those data anonymous where they are no longer needed for the purpose of the transmission of a communication, unless they are necessary for billing purposes and only for as long as so necessary.
  • On those grounds, the Court (Grand Chamber) hereby rules:Directive 2006/24/EC of the European Parliament and of the Council of 15 March 2006 on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks and amending Directive 2002/58/EC is invalid.
  • Paul Merrell on 19 Jul 14
     
    EU Court of Justice decision in regard to a Directive that required communications data retention by telcos/ISPs, finding the Directive invalid as a violation of the right of privacy in communications. Fairly read, paragraph 59 outlaws bulk collection of such records, i.e., it requires the equivalent of a judge-issued search warrant in the U.S. based on probable cause to believe that the particular individual's communications are a legitimate object of a search.  Note also that paragraph 67 effectively forbids transfer of any retained data outside the E.U. So a barrier for NSA sharing of data with GCHQ derived from communications NSA collects from EU communications traffic. Bye-bye, Big Data for GCHQ in the E.U. 
Paul Merrell

Irish court peels off gloves, hands Facebook PROBE request to ECJ * The Register - 0 views

www.theregister.co.uk/...ers_facebook_prism_case_to_ecj

surveillance state NSA Ireland EU-Court-of-Justice Facebook

shared by Paul Merrell on 19 Jun 14 - No Cached
  • The High Court in Ireland has referred a review of a complaint against Facebook to Europe's top court. The complaint alleges the social network shared EU users' data with the US National Security Agency.The European Court of Justice is to assess whether EU law needs to be updated in light of the PRISM revelations, which could have a knock-on effect on tech firms from Facebook to Google. <a href="http://pubads.g.doubleclick.net/gampad/jump?iu=/6978/reg_policy/government&sz=300x250%7C300x600&tile=3&c=33U6KvJawQrMoAAAUTy6EAAAJ5&t=ct%3Dns%26unitnum%3D3%26unitname%3Dwww_top_mpu%26pos%3Dtop%26test%3D0" target="_blank"> <img src="http://pubads.g.doubleclick.net/gampad/ad?iu=/6978/reg_policy/government&sz=300x250%7C300x600&tile=3&c=33U6KvJawQrMoAAAUTy6EAAAJ5&t=ct%3Dns%26unitnum%3D3%26unitname%3Dwww_top_mpu%26pos%3Dtop%26test%3D0" alt=""></a> Austrian law student Maximillian Schrems took Facebook to court in Ireland, where the social network’s European HQ is located, over the revelations from NSA whistleblower Edward Snowden that personal data held by tech firms like Facebook was routinely being slurped by US spooks.
  • Schrems first asked the Irish Data Commissioner to investigate the legality of Facebook Ireland sending his info over to the States, where it could be seen by the security services, but when the commissioner refused to investigate, he sought a judicial review at the High Court.The Commissioner had ruled that Schrems didn’t have a case because he couldn’t prove that anyone had slurped his data in particular and anyway, the EU has an agreement with the US under the “Safe Harbour” principle decided way back in 2000. This principle governs data flow from Europe to United States and allows US firms to self-certify themselves as respectful of European data protection rules.High Court Justice Gerard Hogan said Schrems did not need to prove that his own data had been spied upon to make a complaint.“Quite obviously, Mr Schrems cannot say whether his own personal data has ever been accessed or whether it would ever be accessed by the US authorities,” he wrote in his ruling.
  • “But even if this were considered to be unlikely, he is nonetheless certainly entitled to object to a state of affairs where his data are transferred to a jurisdiction which, to all intents and purposes, appears to provide only a limited protection against any interference with that private data by the US security authorities.”However, he said that only the European Court of Justice could decide that individual member states were allowed to look past the Safe Harbour principle or reinterpret its meaning. Hogan said that Schrems, who had filed on behalf of the Europe-v-Facebook group, really had a problem with this principle and acknowledged that there may be an argument for the idea that the rule was outdated.“The Safe Harbour Regime… may reflect a somewhat more innocent age in terms of data protection,” he said. “This Regime came into force prior to the advent of social media and, of course, before the massive terrorist attacks on American soil which took place on September 11th, 2001.”
  • ...2 more annotations...
  • Hogan also admitted that the PRISM programme of surveillance was wrong by the letter of Irish law, which protects people’s data and the inviolability of their homes.“It is very difficult to see how the mass and undifferentiated accessing by state authorities of personal data generated perhaps especially with the home… could survive constitutional scrutiny,” he said.“The potential for abuse in such cases would be enormous and might even give rise to the possibility that no facet of private or domestic life with the home would be immune from potential state scrutiny.“Such a state of affairs – with its gloomy echoes of the mass state surveillance programmes conducted in totalitarian states such as the German Democratic Republic of Ulbricht and Honecker – would be totally at odds with the basic premises and fundamental values of the Constitution.”
  • However, he said that Irish law is pre-empted by EU law in this case and the Court of Justice needed to assess whether the interpretation of the Safe Harbour Regime needed to be re-evaluated.Any verdict from the European court will likely apply to all US companies that have participated in PRISM and operate in the region, Schrems said of the ruling.“We did not prepare for a direct reference to the ECJ, but this is the best outcome we could have wished for,” he said. “We will study the judgment in detail and will take the next steps as soon as possible.” ®
  • Paul Merrell on 19 Jun 14
     
    If you're in the market to purchase a few cloud server farms located in the U.S., you may want to hold off until the EU Court of Justice rules. Prices could be tumbling shortly afterward.  In related news, Reps. Zoe Lofgren and Thomas Massie have introduced a bipartisan amendment to the annual Department of Defense Appropriations bill (H.R. 4870) that would prohibit use of the bill's funds to: 1) Conduct warrantless searches of Americans' communications collected and stored by the NSA under Section 702 of the FISA Amendments Act. 2) Mandate or request that backdoors for surveillance be built into products or services, except those covered under the Communications Assistance for Law Enforcement Act.
Paul Merrell

EU-US Personal Data Privacy Deal 'Cracked Beyond Repair' - 0 views

www.mintpressnews.com/...218358

surveillance state EU safe-harbor privacy-shield litigation

shared by Paul Merrell on 12 Jul 16 - No Cached
  • Privacy Shield is the proposed new deal between the EU and the US that is supposed to safeguard all personal data on EU citizens held on computer systems in the US from being subject to mass surveillance by the US National Security Agency. The data can refer to any transaction — web purchases, cars or clothing — involving an EU citizen whose data is held on US servers. Privacy groups say Privacy Shield — which replaces the Safe Harbor agreement ruled unlawful in October 2015 — does not meet strict EU standard on the use of personal data. Monique Goyens, Director General of the European Consumer Organization (BEUC) told Sputnik: “We consider that the shield is cracked beyond repair and is unlikely to stand scrutiny by the European Court of Justice. A fundamental problem remains that the US side of the shield is made of clay, not iron.”
  • The agreement has been under negotiation for months ever since the because the European Court of Justice ruled in October 2015 that the previous EU-US data agreement — Safe Harbor — was invalid. The issue arises from the strict EU laws — enshrined in the Charter of Fundamental Rights of the European Union — to the privacy of their personal data.
  • The Safe Harbor agreement was a quasi-judicial understanding that the US undertook to agree that it would ensure that EU citizens’ data on US servers would be held and protected under the same restrictions as it would be under EU law and directives. The data covers a huge array of information — from Internet and communications usage, to sales transactions, import and exports.
  • ...1 more annotation...
  • The case arose when Maximillian Schrems, a Facebook user, lodged a complaint with the Irish Data Protection Commissioner, arguing that — in the light of the revelations by ex-CIA contractor Edward Snowden of mass surveillance by the US National Security Agency (NSA) — the transfer of data from Facebook’s Irish subsidiary onto the company’s servers in the US does not provide sufficient protection of his personal data. The court ruled that: “the Safe Harbor Decision denies the national supervisory authorities their powers where a person calls into question whether the decision is compatible with the protection of the privacy and of the fundamental rights and freedoms of individuals.”
  • Paul Merrell on 12 Jul 16
     
    Off we go for another trip to the European Court of Justice.
Paul Merrell

Microsoft to host data in Germany to evade US spying | Naked Security - 0 views

nakedsecurity.sophos.com/...-in-germany-to-evade-us-spying

surveillance state NSA FBI EU data-centers privacy

shared by Paul Merrell on 14 Nov 15 - No Cached
  • Microsoft's new plan to keep the US government's hands off its customers' data: Germany will be a safe harbor in the digital privacy storm. Microsoft on Wednesday announced that beginning in the second half of 2016, it will give foreign customers the option of keeping data in new European facilities that, at least in theory, should shield customers from US government surveillance. It will cost more, according to the Financial Times, though pricing details weren't forthcoming. Microsoft Cloud - including Azure, Office 365 and Dynamics CRM Online - will be hosted from new datacenters in the German regions of Magdeburg and Frankfurt am Main. Access to data will be controlled by what the company called a German data trustee: T-Systems, a subsidiary of the independent German company Deutsche Telekom. Without the permission of Deutsche Telekom or customers, Microsoft won't be able to get its hands on the data. If it does get permission, the trustee will still control and oversee Microsoft's access.
  • Microsoft CEO Satya Nadella dropped the word "trust" into the company's statement: Microsoft’s mission is to empower every person and every individual on the planet to achieve more. Our new datacenter regions in Germany, operated in partnership with Deutsche Telekom, will not only spur local innovation and growth, but offer customers choice and trust in how their data is handled and where it is stored.
  • On Tuesday, at the Future Decoded conference in London, Nadella also announced that Microsoft would, for the first time, be opening two UK datacenters next year. The company's also expanding its existing operations in Ireland and the Netherlands. Officially, none of this has anything to do with the long-drawn-out squabbling over the transatlantic Safe Harbor agreement, which the EU's highest court struck down last month, calling the agreement "invalid" because it didn't protect data from US surveillance. No, Nadella said, the new datacenters and expansions are all about giving local businesses and organizations "transformative technology they need to seize new global growth." But as Diginomica reports, Microsoft EVP of Cloud and Enterprise Scott Guthrie followed up his boss’s comments by saying that yes, the driver behind the new datacenters is to let customers keep data close: We can guarantee customers that their data will always stay in the UK. Being able to very concretely tell that story is something that I think will accelerate cloud adoption further in the UK.
  • ...2 more annotations...
  • Microsoft and T-Systems' lawyers may well think that storing customer data in a German trustee data center will protect it from the reach of US law, but for all we know, that could be wishful thinking. Forrester cloud computing analyst Paul Miller: To be sure, we must wait for the first legal challenge. And the appeal. And the counter-appeal. As with all new legal approaches, we don’t know it is watertight until it is challenged in court. Microsoft and T-Systems’ lawyers are very good and say it's watertight. But we can be sure opposition lawyers will look for all the holes. By keeping data offshore - particularly in Germany, which has strong data privacy laws - Microsoft could avoid the situation it's now facing with the US demanding access to customer emails stored on a Microsoft server in Dublin. The US has argued that Microsoft, as a US company, comes under US jurisdiction, regardless of where it keeps its data.
  • Running away to Germany isn't a groundbreaking move; other US cloud services providers have already pledged expansion of their EU presences, including Amazon's plan to open a UK datacenter in late 2016 that will offer what CTO Werner Vogels calls "strong data sovereignty to local users." Other big data operators that have followed suit: Salesforce, which has already opened datacenters in the UK and Germany and plans to open one in France next year, as well as new EU operations pledged for the new year by NetSuite and Box. Can Germany keep the US out of its datacenters? Can Ireland? Time, and court cases, will tell.
  • Paul Merrell on 14 Nov 15
     
    The European Community's Court of Justice decision in the Safe Harbor case --- and Edward Snowden --- are now officially downgrading the U.S. as a cloud data center location. NSA is good business for Europeans looking to displace American cloud service providers, as evidenced by Microsoft's decision. The legal test is whether Microsoft has "possession, custody, or control" of the data. From the info given in the article, it seems that Microsoft has done its best to dodge that bullet by moving data centers to Germany and placing their data under the control of a European company. Do ownership of the hardware and profits from their rent mean that Microsoft still has "possession, custody, or control" of the data? The fine print of the agreement with Deutsche Telekom and the customer EULAs will get a thorough going over by the Dept. of Justice for evidence of Microsoft "control" of the data. That will be the crucial legal issue. The data centers in Germany may pass the test. But the notion that data centers in the UK can offer privacy is laughable; the UK's legal authority for GCHQ makes it even easier to get the data than the NSA can in the U.S.  It doesn't even require a court order. 
Paul Merrell

Mass Surveillance and the Right to Privacy: Adding Nuance to the Schrems Case | Just Se... - 0 views

www.justsecurity.org/...t-max-schrems-case-safe-harbor

surveillance state EU ECJ Schrems litigation data privacy

shared by Paul Merrell on 18 Oct 15 - No Cached
  • Last week’s post by Megan Graham is certainly a welcome contribution in explaining the implications of the Max Schrems case by the European Union Court of Justice, and specifically how it relates to the Safe Harbor arrangement between the US and the EU. Let me add a different perspective: Irrespective of its consequences for Safe Harbor, last week’s ruling is hugely important on a more general level, namely for the understanding of what the right to privacy entails in Europe and what this means for mass surveillance. Through its ruling in Max Schrems the EU’s highest court has established that: Mere access by public authorities to confidential or group-specific communications data constitutes an intrusion into the right to privacy, even without any further processing of that data; and While indiscriminate intrusion into “metadata” may constitute a particularly serious intrusion into the right to privacy, access to “content” data will affect the essence of the right to privacy.
  • These findings were made under Article 7 of the EU Charter of Fundamental Rights, a broad provision on the right to respect for one’s private life. This provision of the EU Charter, which is a part of the foundational treaty framework of the European Union, is almost identical to Article 8 of the European Convention on Human Rights, a treaty legally binding for broader Europe and routinely a part of domestic legal orders. It remains to be seen whether the guardian of the latter framework, the European Court of Human Rights, will also be courageous enough to determine that indiscriminate mass surveillance that provides access to “content” data breaches the essential core of the right to privacy. The highest EU court already took that bold step. One of the most important implications of identifying government access to content as breaching the essence of the right to privacy, is that it negates the need for a proportionality assessment. Measures that compromise the essence of privacy have already crossed a red line, and there is no need for any further “balancing” between privacy and security. Therefore, the Max Schrems ruling is a huge blow to many of the current methods of electronic mass surveillance, including those practiced by the US and several European countries (including the United Kingdom).
  • Several additional points from my earlier post in Verfassungsblog about this case are also worth noting. First, the EU court did not really dwell on the separate Article 8 provision of the EU Charter on Fundamental Rights, concerning the right to the protection of personal data. This was perhaps because that provision is triggered by the “processing” of data, while the general privacy (Article 7) impact comes into play through mere “access.” Another point is that while it was easy to establish the jurisdiction of the EU court over data transfers from Europe to Facebook’s servers in the US, it may be much harder to bring a case before that court concerning “upstream” methods of mass surveillance, such as the NSA’s tapping of transatlantic fiber optic telecommunications cables. Perhaps most importantly, the substantive ruling in the Schrems case is formulated in a way that it would apply to any method of mass surveillance that gives public authorities access to the content of ordinary people’s private communications, including communications intended for a group of people but not for the authorities. Hence, the ruling is a major contribution as to what the right to privacy substantively means in Europe.
Paul Merrell

EU votes to support suspending U.S. data sharing agreements, including passenger flight... - 0 views

www.zdnet.com/ssenger-flight-data-7000017677

surveillance state NSA blowback EU

shared by Paul Merrell on 06 Jul 13 - No Cached
  • The European Parliament on Thursday adopted a joint, cross-party resolution to begin investigations into widespread surveillance of Europeans by the U.S. National Security Agency (NSA). Read this EU to vote to suspend U.S. data sharing agreements, passenger records amid NSA spying scandal Read more In the vote, 483 voted for the resolution, 98 against, and 65 abstained on a vote that called on the U.S. to suspend and review any laws and surveillance programs that "violate the fundamental right of EU citizens to privacy and data protection," as well as Europe's "sovereignty and jurisdiction." The vote also gave backing to the suspension of data sharing deals between the two continents, should the European Commission take action against its U.S. ally.
  • The U.S. government faces continued criticism and pressure from its international allies following news that its intelligence agencies spied on foreign nationals under its so-called PRISM program. The U.K. government was also embroiled in the NSA spying saga, after its signals intelligence intercepting station GCHQ tapped submarine fiber optic cables under its own secret program, code named Tempora. Reuters reported on Wednesday that the Commission is examining whether the U.K. broke EU law, which could lead to fines imposed by the highest court in Europe.
  • Should the Commission decide it necessary to suspend the data sharing agreement of passenger details — including personal and sensitive individual data — it could ultimately lead to the grounding of flights between the EU and the U.S. Dutch MEP Sophie in 't Veld said in a statement after the vote: "We must consider now if the PNR and SWIFT agreements are still tenable in the circumstances." Critics say PNR data has never helped catch a suspected criminal or terrorist before. SWIFT data sharing, which provides U.S. authorities with secure banking details in a bid to crack down on terrorist financing, could also be suspended. A spokesperson for the D66 delegation in Brussels confirmed by email that the English version of the joint motion is "the right one and is leading," despite claims that there were "translation error[s]" between the different versions of the joint resolution.
  • ...3 more annotations...
  • Members of the European Parliament (MEPs) in a plenary session in Strasbourg voted in favor of a section of the resolution that called on the Commission to "give consideration to all the instruments at their disposal in discussions and negotiations with the U.S. [...] including the possible suspension of the passenger name record (PNR) and terrorist finance tracking program (TFTP) agreements."
  • An EU source familiar with proceedings confirmed that the Commission now has the authority from the Parliament to suspend PNR and TFTP, but it falls at the Commission's discretion. Resolutions passed by the Parliament are not legally binding, but give backing to the Commission should the executive body wish to enact measures against a foreign power or entity. A Commission spokesperson confirmed that there are "no deadlines" on deciding whether it will follow up on the Parliament's resolution.
  • The Parliament's Civil Liberties, Justice and Home Affairs committee was given the authority by Thursday's vote to set up an inquiry to gather evidence from both U.S. and EU sources to assess the impact of the surveillance activities on EU citizens' fundamental right to privacy and data protection.
Paul Merrell

European ISPs Can Stop Logging User Data, Court Rules | TorrentFreak - 0 views

torrentfreak.com/ata-retention-directive-140408

surveillance state EU litigation data-retention

shared by Paul Merrell on 06 May 14 - No Cached
  • The European Court of Justice has overturned Europe's data retention directive, arguing that it's disproportionate and a violation of people's privacy. The decision has far-reaching consequences for the collection of data from European internet users, including their IP-addresses.
  • In a landmark ruling, the European Court of Justice has declared Europe’s Data Retention directive to be a violation of Internet users’ privacy. Under the Directive Internet providers and other telecom companies were required to log and store vast amounts of information, including who their subscribers communicate with, and what IP-addresses they use. The local authorities could then use this information to fight serious crimes, but it was also been frequently used by third parties, in online piracy cases for example. Today the Court ruled that the data collection requirements are disproportionate. In a case started by Digital Rights Ireland the Court effectively annulled the directive, and it’s now up to the individual member states to change local laws accordingly.
  • “The Court is of the opinion that, by adopting the Data Retention Directive, the EU legislature has exceeded the limits imposed by compliance with the principle of proportionality,” the Court states. “By requiring the retention of those data and by allowing the competent national authorities to access those data, the directive interferes in a particularly serious manner with the fundamental rights to respect for private life and to the protection of personal data,” it adds. The judgement has far-reaching implications for large telecom companies, but also for smaller businesses including many VPN providers. With the new ruling these companies are no longer required to log extensive amount of user data as was required under the EU Directive.
  • ...1 more annotation...
  • The European Court of Justice judgement is a clear victory for privacy activists, but mostly for the public who will regain some of their online privacy. While the ruling specified that some data retention may be needed, broad and mandatory retention laws and NSA-style data dragnets are no longer the standard.
Gary Edwards

The Empire Takes a Hit: NSA Update - 2 views

........................................................................................ NSA Conversation with retired lawyer and Open Source legal expert, "Marbux". ...........................

Federal-Reserve-Bankster-Cartel NSA

started by Gary Edwards on 15 Jun 13 no follow-up yet
Paul Merrell

Distrust of US surveillance threatens data deal | TheHill - 0 views

thehill.com/...rveillance-threatens-data-deal

surveillance state EU NSA safe-harbor negotiations Congress

shared by Paul Merrell on 08 Feb 16 - No Cached
  • European privacy regulators are putting U.S. surveillance practices under the microscope, this time with a crucial transatlantic data deal hanging in the balance.Legal and privacy advocates say European nations are poised to strike down the deal if they decide the U.S. hasn't done enough to reform its spying programs.The new test comes after the European Commission and the Commerce Department — after months of tense negotiations — reached a deal this week permitting Facebook, Google and thousands of other companies to continue legally handling Europeans’ personal data.ADVERTISEMENTCritics though have long warned that unless the U.S. overhauls its privacy and national security laws, there is no legal framework that can stand up in European court, where privacy is considered a fundamental right under the EU Charter.A working group of 28 EU nations’ data protection authorities — domestic entities separate from the Commission that will be in charge of enforcing the new agreement — may now cast the deciding vote.The group is spending the next few months picking through the so-called Privacy Shield agreement to determine if it adequately protects the personal data of European citizens.
  • “The Commission has said, ‘We’re satisfied. We believe them. We believe the U.S. has substantially changed its practices,’ and they are no longer going off the [Edward] Snowden revelations in the media,” said Susan Foster, a privacy attorney at Mintz Levin who works in both the EU and the U.S.“Whether the working group will go along with it is another question.”The privacy advocate whose complaint against Facebook brought down the Privacy Shield’s 15-year-old predecessor agreement is already questioning the new deal’s validity.“With all due respect ... a couple of letters by the outgoing Obama administration is by no means a legal basis to guarantee the fundamental rights of 500 million European users in the long run, when there is explicit U.S. law allowing mass surveillance,” Max Schrems of Austria said in a statement Tuesday.The United States has been fighting against the perception that it tramples on civil liberties after ex-National Security Agency contractor Edward Snowden revealed the breadth of the agency’s snooping.One sticking point in the Privacy Shield negotiations was over the scope of an exception allowing surveillance for national security purposes.
  • In announcing the deal, Commission officials insisted that the U.S. had provided “detailed written assurances” that surveillance of Europeans’ data by intelligence agencies would be subject to appropriate limitations.“The U.S. has clarified that they do not carry out indiscriminate surveillance of Europeans,” Andrus Ansip, Vice President for the Digital Single Market on the European Commission, said Tuesday.The U.S. has also agreed to create an office in the State Department, to address complaints from EU citizens who feel their data has been inappropriately accessed by intelligence authorities.Complicating the working group’s approval of the deal is the hodgepodge of competing regulators in Europe. Each nation has an agency in charge of its own country’s regulation. Some countries — such as Germany — are seen as tougher on privacy than others, like France or the U.K.While some countries consider U.S. privacy protections to be satisfactory, in others they are seen as woefully inadequate.
  • ...2 more annotations...
  • Defenders of U.S. intelligence practices often point to France and the U.K., arguing they are equally intrusive with their citizens' data.A recent public report “pretty clearly documented that the protections are patchy, vary hugely and are nonexistent in some of the countries,” Foster noted.Privacy advocates dismiss those arguments.“You cannot pick the worst member state, like the U.K., and claim you are ‘equivalent’ to that,” Schrems said Tuesday. “First, this is not a price [sic] you want to win, secondly you have to meet the standards of the European Court of Justice, EU law and the EU Charter of Fundamental Rights — not the standard of the worst member state.”The U.S. has made significant reforms to federal spying powers under the Obama administration.The Privacy and Civil Liberties Oversight Board — a small bipartisan watchdog — on Friday said the government has begun addressing each of the nearly two-dozen recommendations it made following Snowden's revelations.“[I]mportant measures have been taken to enhance the protection of Americans’ privacy and civil liberties and to strengthen the transparency of the government’s surveillance efforts, without jeopardizing our counterterrorism efforts,” the five-member board said.
  • But whether European countries believe those changes are sufficient to sign off on the Privacy Shield is uncertain. Each of the EU’s 28 member states must approve the deal before it can be finalized.“A lot of this is going to come down to whether the data protection authorities are persuaded by the U.S.’s portrayal of the cumulative protections given to European citizens and the cumulative carving back on the NSA surveillance programs,” Foster said.If the European working group is not satisfied with the assurances from the Commerce Department, the consequences could be dire. Businesses fear a chilling of transatlantic trade, valued at $1 trillion in 2014.The most likely outcome, experts say, would be a patchwork of country-to-country regulations that would make it extremely expensive for companies to comply.Legislative changes in the U.S. seem unlikely. Congress is close to passing a privacy law considered crucial to getting seeing the Privacy Shield approved. But the bill — which gives EU citizens the right to sue in U.S. courts over the misuse of personal data — has sparked controversy on Capitol Hill.Some lawmakers are expressing frustration that the EU has used the threat of enforcement action against U.S. companies to push Congress to make more concessions.“It’s been hard enough to get the Judicial Redress Act passed — if they’re going to make more demands on Congress, there won’t be a lot of willing listeners here,” Sen. Chris Murphy (D-Conn.) told The Hill on Thursday.
Gary Edwards

The obscure legal system that lets corporations sue countries | Claire Provost and Matt... - 0 views

www.theguardian.com/...rtations-sue-states-ttip-icsid

ISDS TTIP Banksters World-Banksters

shared by Gary Edwards on 10 Jun 15 - No Cached
  • Every year on 15 September, thousands of Salvadorans celebrate the date when much of Central America gained independence from Spain. Fireworks are set off and marching bands parade through villages across the country. But, last year, in the town of San Isidro, in Cabañas, the festivities had a markedly different tone. Hundreds had gathered to protest against the mine. Gold mines often use cyanide to separate gold from ore, and widespread concern over already severe water contamination in El Salvador has helped fuel a powerful movement determined to keep the country’s minerals in the ground. In the central square, colourful banners were strung up, calling on OceanaGold to drop its case against the country and leave the area. Many were adorned with the slogan, “No a la mineria, Si a la vida” (No to mining, Yes to life). On the same day, in Washington DC, Parada gathered his notes and shuffled into a suite of nondescript meeting rooms in the World Bank’s J building, across the street from its main headquarters on Pennsylvania Avenue. This is the International Centre for the Settlement of Investment Disputes (ICSID): the primary institution for handling the cases that companies file against sovereign states. (The ICSID is not the sole venue for such cases; there are similar forums in London, Paris, Hong Kong and the Hague, among others.) The date of the hearing was not a coincidence, Parada said. The case has been framed in El Salvador as a test of the country’s sovereignty in the 21st century, and he suggested that it should be heard on Independence Day. “The ultimate question in this case,” he said, “is whether a foreign investor can force a government to change its laws to please the investor as opposed to the investor complying with the laws they find in the country.”
  • Most international investment treaties and free-trade deals grant foreign investors the right to activate this system, known as investor-state dispute settlement (ISDS), if they want to challenge government decisions affecting their investments. In Europe, this system has become a sticking point in negotiations over the controversial Transatlantic Trade and Investment Partnership (TTIP) deal proposed between the European Union and the US, which would massively extend its scope and power and make it harder to challenge in the future. Both France and Germany have said that they want access to investor-state dispute settlement removed from the TTIP treaty currently under discussion. Investors have used this system not only to sue for compensation for alleged expropriation of land and factories, but also over a huge range of government measures, including environmental and social regulations, which they say infringe on their rights. Multinationals have sued to recover money they have already invested, but also for alleged lost profits and “expected future profits”. The number of suits filed against countries at the ICSID is now around 500 – and that figure is growing at an average rate of one case a week. The sums awarded in damages are so vast that investment funds have taken notice: corporations’ claims against states are now seen as assets that can be invested in or used as leverage to secure multimillion-dollar loans. Increasingly, companies are using the threat of a lawsuit at the ICSID to exert pressure on governments not to challenge investors’ actions.
  • “I had absolutely no idea this was coming,” Parada said. Sitting in a glass-walled meeting room in his offices, at the law firm Foley Hoag, he paused, searching for the right word to describe what has happened in his field. “Rogue,” he decided, finally. “I think the investor-state arbitration system was created with good intentions, but in practice it has gone completely rogue.”
  • ...13 more annotations...
  • The quiet village of Moorburg in Germany lies just across the river from Hamburg. Past the 16th-century church and meadows rich with wildflowers, two huge chimneys spew a steady stream of thick, grey smoke into the sky. This is Kraftwerk Moorburg, a new coal-fired power plant – the village’s controversial next-door neighbour. In 2009, it was the subject of a €1.4bn investor-state case filed by Vattenfall, the Swedish energy giant, against the Federal Republic of Germany. It is a prime example of how this powerful international legal system, built to protect foreign investors in developing countries, is now being used to challenge the actions of European governments as well. Since the 1980s, German investors have sued dozens of countries, including Ghana, Ukraine and the Philippines, at the World Bank’s Centre in Washington DC. But with the Vattenfall case, Germany found itself in the dock for the first time. The irony was not lost on those who considered Germany to be the grandfather of investor-state arbitration: it was a group of German businessmen, in the late 1950s, who first conceived of a way to protect their overseas investments as a wave of developing countries gained independence from European colonial powers. Led by Deutsche Bank chairman Hermann Abs, they called their proposal an “international magna carta” for private investors.
  • In the 1960s, the idea was taken up by the World Bank, which said that such a system could help the world’s poorer countries attract foreign capital. “I am convinced,” the World Bank president George Woods said at the time, “that those … who adopt as their national policy a welcome [environment] for international investment – and that means, to mince no words about it, giving foreign investors a fair opportunity to make attractive profits – will achieve their development objectives more rapidly than those who do not.” At the World Bank’s 1964 annual meeting in Tokyo, it approved a resolution to set up a mechanism for handling investor-state cases. The first line of the ICSID Convention’s preamble sets out its goal as “international cooperation for economic development”. There was sharp opposition to this system from its inception, with a bloc of developing countries warning that it would undermine their sovereignty. A group of 21 countries – almost every Latin American country, plus Iraq and the Philippines – voted against the proposal in Tokyo. But the World Bank moved ahead regardless. Andreas Lowenfeld, an American legal academic who was involved in some of these early discussions, later remarked: “I believe this was the first time that a major resolution of the World Bank had been pressed forward with so much opposition.”
  • now governments are discovering, too late, the true price of that confidence. The Kraftwerk Moorburg plant was controversial long before the case was filed. For years, local residents and environmental groups objected to its construction, amid growing concern over climate change and the impact the project would have on the Elbe river. In 2008, Vattenfall was granted a water permit for its Moorburg project, but, in response to local pressure, local authorities imposed strict environmental conditions to limit the utility’s water usage and its impact on fish. Vattenfall sued Hamburg in the local courts. But, as a foreign investor, it was also able to file a case at the ICSID. These environmental measures, it said, were so strict that they constituted a violation of its rights as guaranteed by the Energy Charter Treaty, a multilateral investment agreement signed by more than 50 countries, including Sweden and Germany. It claimed that the environmental conditions placed on its permit were so severe that they made the plant uneconomical and constituted acts of indirect expropriation.
  • With the rapid growth in these treaties – today there are more than 3,000 in force – a specialist industry has developed in advising companies how best to exploit treaties that give investors access to the dispute resolution system, and how to structure their businesses to benefit from the different protections on offer. It is a lucrative sector: legal fees alone average $8m per case, but they have exceeded $30m in some disputes; arbitrators’ fees at start at $3,000 per day, plus expenses.
  • Vattenfall v Germany ended in a settlement in 2011, after the company won its case in the local court and received a new water permit for its Moorburg plant – which significantly lowered the environmental standards that had originally been imposed, according to legal experts, allowing the plant to use more water from the river and weakening measures to protect fish. The European Commission has now stepped in, taking Germany to the EU Court of Justice, saying its authorisation of the Moorburg coal plant violated EU environmental law by not doing more to reduce the risk to protected fish species, including salmon, which pass near the plant while migrating from the North Sea. A year after the Moorburg case closed, Vattenfall filed another claim against Germany, this time over the federal government’s decision to phase out nuclear power. This second suit – for which very little information is available in the public domain, despite reports that the company is seeking €4.7bn from German taxpayers – is still ongoing. Roughly one third of all concluded cases filed at the ICSID are recorded as ending in “settlements”, which – as the Moorburg dispute shows – can be very profitable for investors, though their terms are rarely fully disclosed.
  • “It was a total surprise for us,” the local Green party leader Jens Kerstan laughed, in a meeting at his sunny office in Hamburg last year. “As far as I knew, there were some [treaties] to protect German companies in the [developing] world or in dictatorships, but that a European company can sue Germany, that was totally a surprise to me.”
  • While a tribunal cannot force a country to change its laws, or give a company a permit, the risk of massive damages may in some cases be enough to persuade a government to reconsider its actions. The possibility of arbitration proceedings can be used to encourage states to enter into meaningful settlement negotiations.
  • A small number of countries are now attempting to extricate themselves from the bonds of the investor-state dispute system. One of these is Bolivia, where thousands of people took to the streets of the country’s third-largest city, Cochabamba, in 2000, to protest against a dramatic hike in water rates by a private company owned by Bechtel, the US civil engineering firm. During the demonstrations, the Bolivian government stepped in and terminated the company’s concession. The company then filed a $50m suit against Bolivia at the ICSID. In 2006, following a campaign calling for the case to be thrown out, the company agreed to accept a token payment of less than $1. After this expensive case, Bolivia cancelled the international agreements it had signed with other states giving their investors access to these tribunals. But getting out of this system is not easily done. Most of these international agreements have sunset clauses, under which their provisions remain in force for a further 10 or even 20 years, even if the treaties themselves are cancelled.
  • There are now thousands of international investment agreements and free-trade acts, signed by states, which give foreign companies access to the investor-state dispute system, if they decide to challenge government decisions. Disputes are typically heard by panels of three arbitrators; one selected by each side, and the third agreed upon by both parties. Rulings are made by majority vote, and decisions are final and binding. There is no appeals process – only an annulment option that can be used on very limited grounds. If states do not pay up after the decision, their assets are subject to seizure in almost every country in the world (the company can apply to local courts for an enforcement order).
  • While there is no equivalent of legal aid for states trying to defend themselves against these suits, corporations have access to a growing group of third-party financiers who are willing to fund their cases against states, usually in exchange for a cut of any eventual award.
  • Increasingly, these suits are becoming valuable even before claims are settled. After Rurelec filed suit against Bolivia, it took its case to the market and secured a multimillion-dollar corporate loan, using its dispute with Bolivia as collateral, so that it could expand its business. Over the last 10 years, and particularly since the global financial crisis, a growing number of specialised investment funds have moved to raise money through these cases, treating companies’ multimillion-dollar claims against states as a new “asset class”.
  • El Salvador has already spent more than $12m defending itself against Pacific Rim, but even if it succeeds in beating the company’s $284m claim, it may never recover these costs. For years Salvadoran protest groups have been calling on the World Bank to initiate an open and public review of ICSID. To date, no such study has been carried out. In recent years, a number of ideas have been mooted to reform the international investor-state dispute system – to adopt a “loser pays” approach to costs, for example, or to increase transparency. The solution may lie in creating an appeals system, so that controversial judgments can be revisited.
  • Brazil has never signed up to this system – it has not entered into a single treaty with these investor-state dispute provisions – and yet it has had no trouble attracting foreign investment.
  • Gary Edwards on 10 Jun 15
     
    "Luis Parada's office is just four blocks from the White House, in the heart of K Street, Washington's lobbying row - a stretch of steel and glass buildings once dubbed the "road to riches", when influence-peddling became an American growth industry. Parada, a soft-spoken 55-year-old from El Salvador, is one of a handful of lawyers in the world who specialise in defending sovereign states against lawsuits lodged by multinational corporations. He is the lawyer for the defence in an obscure but increasingly powerful field of international law - where foreign investors can sue governments in a network of tribunals for billions of dollars. Fifteen years ago, Parada's work was a minor niche even within the legal business. But since 2000, hundreds of foreign investors have sued more than half of the world's countries, claiming damages for a wide range of government actions that they say have threatened their profits. In 2006, Ecuador cancelled an oil-exploration contract with Houston-based Occidental Petroleum; in 2012, after Occidental filed a suit before an international investment tribunal, Ecuador was ordered to pay a record $1.8bn - roughly equal to the country's health budget for a year. (Ecuador has logged a request for the decision to be annulled.) Parada's first case was defending Argentina in the late 1990s against the French conglomerate Vivendi, which sued after the Argentine province of Tucuman stepped in to limit the price it charged people for water and wastewater services. Argentina eventually lost, and was ordered to pay the company more than $100m. Now, in his most high-profile case yet, Parada is part of the team defending El Salvador as it tries to fend off a multimillion-dollar suit lodged by a multinational mining company after the tiny Central American country refused to allow it to dig for gold."
Paul Merrell

David Davis' devastating attack on our loss of privacy | Mail Online - 0 views

www.dailymail.co.uk/...ing-terrorists-lust-power.html

surveillance state NSA GCHQ legislation UK

shared by Paul Merrell on 19 Jul 14 - No Cached
  • The last time the main parties got together in a closed room, did a deal and told the country there was a need to act urgently, we were on the edge of abandoning 300 years of press freedom.This time our privacy is under threat. In the name of security, the Government is fast-tracking legislation through Parliament that will allow it to collect huge quantities of our personal data. We would do well to remember the advice of Ben Franklin: ‘Those who would give up essential liberty, to purchase a little temporary safety, deserve neither liberty nor safety.’
  • The Government has engineered a ‘theatrical emergency’ – in this case terrorism and hidden paedophile rings – to ram the Data Retention and Investigatory Powers Bill through Parliament without proper debate. It is an insult to the supremacy of Parliament, to democracy and to the trust of the public.It was April 8 when the European Court of Justice struck down the Data Retention Directive for being incompatible with human rights. The Home Office has had time to put an alternative in place, so the excuses for why the legislation is being  fast-tracked are laughable.
  • It is a sad state of affairs when European courts are a greater defender of our ancient rights than Parliament and Her Majesty’s Government. Even the German Supreme Court overturned its far less invasive data collection laws for violating the privacy rights of German citizens. How far we have slipped, this birthplace of democracy, that our own judicial safeguards stand by while our hard-fought rights are stripped from us by a Government that has lost its sense of proportion in its fear of making a mistake.
  • ...3 more annotations...
  • Even the statistics already released are cause for concern.  The 2013 report of the Interception of Communications Commissioner revealed that 514,608 requests were made for data. By comparison, the most requests issued by the FBI in a year is 56,507. How can it be our intelligence agencies made nine times the number of requests for communications data than their US counterparts?
  • After the ‘dodgy dossier’ on weapons of mass destruction, the deceit on rendition and torture, and the debacle over the snooper’s charter, it is hard to be confident.Our Government has claimed that intercepted communications data was the critical evidence in 95 per cent of all serious crime cases. This would seem to go against the experience of the Metropolitan Police, which in evidence to a joint committee stated that ‘communications data is used sparingly, because it is costly and resource intensive, and because of the need to… consider the impact of collateral intrusion on innocent people’.
  • What this Government is chasing is not public security, it is protection from blame if anything goes wrong. Those are not the same thing.One person’s loss of freedom is everybody’s loss of freedom, one person’s loss of privacy is everybody’s loss of privacy. We must stand up for our rights and not succumb to the politics of fear. Otherwise we give those who hate our civilisation an easy victory, without a shot being fired.
  • Paul Merrell on 19 Jul 14
     
    A UK M.P. critiques the full court press in the House of Commons for new legislation attempting to work around the EU Court of Justice ruling on electronic communication data retention laws.  Very nice essay.
Paul Merrell

Analysis: PA 'balking' at war crimes probe - Middle East - Al Jazeera English - 0 views

www.aljazeera.com/...israel-201491273525819720.html

war & peace Israel Palestine Gaza ICC war crimes Abbas

shared by Paul Merrell on 13 Sep 14 - No Cached
  • After a document obtained by Al Jazeera revealed the Palestinian Authority (PA) has stalled the launch of a formal investigation into alleged Israeli war crimes in Gaza, Palestinian legal and human rights experts remain dubious that the PA ever truly intended to join the International Criminal Court (ICC). In a confidential letter obtained exclusively by Al Jazeera's Investigative Unit, the ICC's top prosecutor, Fatou Bensouda, said she "did not receive a positive confirmation" from PA Foreign Minister Riad al-Malki that the request submitted for an international investigation had the Palestinian government's approval. Palestinian officials have, on numerous occasions, threatened to head to the ICC to hold Israel accountable for possible war crimes and crimes against humanity. But their efforts so far, have proved fruitless. In July, a French lawyer filed a complaint with the court on behalf of the Palestinian minister of justice, accusing Israel of carrying out war crimes in the Gaza Strip. This came after a 2009 call for an ICC investigation into Israel's three-week military offensive in Gaza that was later dropped when the prosecutor said Palestine was not a court member. In August, Malki met with ICC officials to discuss the implications of ratifying the Rome Statute, the treaty that established the criminal court. "Everything that has happened...is clear evidence of war crimes committed by Israel, amounting to crimes against humanity," he told reporters in The Hague, referring to the recent 51-day Israeli military offensive on Gaza, which left more than 2,100 Palestinians dead. Six Israeli civilians were killed, along with 66 Israeli soldiers.
  • Two years ago, Palestine became recognised as a non-member observer state at the UN General Assembly. This made it eligible to join the ICC; however, to date, Palestinian officials have not signed the Rome Statute, even though almost 80 percent of Palestinians support going to the court. Senior Fatah official Mohammad Shtayyeh didn't say when the Palestinians would apply to the ICC, but said it would probably happen in another few months. "The indictment against Israel at the ICC and all the accompanying documents are ready," Shtayyeh told Al Jazeera. One of the remaining hurdles, Shtayyeh said, is getting one remaining Palestinian faction - Islamic Jihad - to sign an accession document before the Palestinians can present it. Hamas signed onto the proposal at the behest of the PA in August. "We're not in a situation of setting a deadline or making an ultimatum," he said. "We're following developments in the region and the world, and therefore, we'll wait for answers from the international community. But I believe that by November-December, the picture should be clearer."
  • In response to Al Jazeera's claims, the Palestinian Justice Minister Salim al-Saqqa said that Palestinian President Mahmoud Abbas was serious about going to the ICC and was "awaiting national dialogue" to pursue it. "This issue is our number-one priority," he said. "It is still on the table awaiting a few legal and technical procedures. We have not missed our opportunity to head to the court." So far, the Palestinians have struggled to use the court to pursue their claims, with some attributing this to the PA's use of an ICC investigation as a political bargaining chip. "The PA can go to the ICC in one day," said Shawan Jabarin, the director of Ramallah-based human rights group al-Haq. "Abbas, who has been turned this into a political issue, is balking." Many factors are working against setting off a war crimes investigation at the ICC, not least the international community's apparent opposition to the move. "It is the PA's trump card because the Israelis and the Americans have said it is a red line," said Diana Buttu, a lawyer and former adviser to the Palestine Liberation Organisation (PLO).
  • ...4 more annotations...
  • "When this red line is crossed, then the US said it won't give money to the PA. That's what we call blackmail. But at what point will Abu Mazen [Abbas] say this is a trump card but we will use it?"
  • During US-mediated peace talks between Israel and the Palestinians, Washington ensured that the PA would freeze all moves to turn to international organisations until April 2014. "The Palestinian Authority has been consistently pressured by the USA, Israel, Canada, the UK and other EU Member States not to take steps to grant the ICC jurisdiction," Amnesty International said. "Such pressure has included threats to withdraw financial assistance on which the Palestinian Authority depends."
  • But when Israel reneged on its pledge to free a total of 104 veteran Palestinian prisoners in four tranches, the PA responded by joining 15 international treaties and conventions. Israel said this spelled the end of their negotiations with the Palestinians, while the US said that the PA's moves negatively affected attempts to engage both parties in talks. "The PA's hesitancy can be attributed to several factors: The need to preserve it as a trump card, and also a fear of the US and some European countries' reaction," Jabarin said. "The problem is the method being used by Abbas; he has subjected the issue to political bargaining and to the whims of negotiations." Another reason the PA may be hesitant to set a war crimes investigation in motion is the ramifications it may have on some Palestinian factions. The ICC would likely look into Hamas and Islamic Jihad's rocket-firing o
  • In the past week, Israel said it would open a criminal investigation into several instances of what it is calling "military misconduct" in the Gaza war. Israel's swift call for a probe appears to be an attempt to pre-empt any independent investigations into allegations that its military committed war crimes in Gaza. "The PA gave the Israelis enough time to come up with a trick to prevent the court from opening any investigation," said Saad Djebbar, a London-based lawyer. Generally, the ICC launches probes in instances where the country involved is unable or unwilling to launch an investigation itself, Djebbar told Al Jazeera. "If the court tries to open an inquiry, the Israelis can claim they have jurisdiction [to do it themselves] because the ICC's jurisdiction is complementary," he explained. "The ICC is legally bound to allow an Israeli [probe] to continue."
  • Paul Merrell on 13 Sep 14
     
    Which helps explain why, in a recent poll of Palestinians in both Gaza and the West Bank, the Hamas leader outpolled Abbas by something on the order of 70-30 on the question of who Palestinians would vote for as President if elections were held at that time. 
Paul Merrell

Spies and internet giants are in the same business: surveillance. But we can stop them ... - 0 views

www.theguardian.com/...-harbour-ruling-edward-snowden

surveillance state NSA EU data privacy litigation

shared by Paul Merrell on 12 Oct 15 - No Cached
  • On Tuesday, the European court of justice, Europe’s supreme court, lobbed a grenade into the cosy, quasi-monopolistic world of the giant American internet companies. It did so by declaring invalid a decision made by the European commission in 2000 that US companies complying with its “safe harbour privacy principles” would be allowed to transfer personal data from the EU to the US. This judgment may not strike you as a big deal. You may also think that it has nothing to do with you. Wrong on both counts, but to see why, some background might be useful. The key thing to understand is that European and American views about the protection of personal data are radically different. We Europeans are very hot on it, whereas our American friends are – how shall I put it? – more relaxed.
  • Given that personal data constitutes the fuel on which internet companies such as Google and Facebook run, this meant that their exponential growth in the US market was greatly facilitated by that country’s tolerant data-protection laws. Once these companies embarked on global expansion, however, things got stickier. It was clear that the exploitation of personal data that is the core business of these outfits would be more difficult in Europe, especially given that their cloud-computing architectures involved constantly shuttling their users’ data between server farms in different parts of the world. Since Europe is a big market and millions of its citizens wished to use Facebook et al, the European commission obligingly came up with the “safe harbour” idea, which allowed companies complying with its seven principles to process the personal data of European citizens. The circle having been thus neatly squared, Facebook and friends continued merrily on their progress towards world domination. But then in the summer of 2013, Edward Snowden broke cover and revealed what really goes on in the mysterious world of cloud computing. At which point, an Austrian Facebook user, one Maximilian Schrems, realising that some or all of the data he had entrusted to Facebook was being transferred from its Irish subsidiary to servers in the United States, lodged a complaint with the Irish data protection commissioner. Schrems argued that, in the light of the Snowden revelations, the law and practice of the United States did not offer sufficient protection against surveillance of the data transferred to that country by the government.
  • The Irish data commissioner rejected the complaint on the grounds that the European commission’s safe harbour decision meant that the US ensured an adequate level of protection of Schrems’s personal data. Schrems disagreed, the case went to the Irish high court and thence to the European court of justice. On Tuesday, the court decided that the safe harbour agreement was invalid. At which point the balloon went up. “This is,” writes Professor Lorna Woods, an expert on these matters, “a judgment with very far-reaching implications, not just for governments but for companies the business model of which is based on data flows. It reiterates the significance of data protection as a human right and underlines that protection must be at a high level.”
  • ...2 more annotations...
  • This is classic lawyerly understatement. My hunch is that if you were to visit the legal departments of many internet companies today you would find people changing their underpants at regular intervals. For the big names of the search and social media worlds this is a nightmare scenario. For those of us who take a more detached view of their activities, however, it is an encouraging development. For one thing, it provides yet another confirmation of the sterling service that Snowden has rendered to civil society. His revelations have prompted a wide-ranging reassessment of where our dependence on networking technology has taken us and stimulated some long-overdue thinking about how we might reassert some measure of democratic control over that technology. Snowden has forced us into having conversations that we needed to have. Although his revelations are primarily about government surveillance, they also indirectly highlight the symbiotic relationship between the US National Security Agency and Britain’s GCHQ on the one hand and the giant internet companies on the other. For, in the end, both the intelligence agencies and the tech companies are in the same business, namely surveillance.
  • And both groups, oddly enough, provide the same kind of justification for what they do: that their surveillance is both necessary (for national security in the case of governments, for economic viability in the case of the companies) and conducted within the law. We need to test both justifications and the great thing about the European court of justice judgment is that it starts us off on that conversation.
Paul Merrell

UN Report Finds Mass Surveillance Violates International Treaties and Privacy Rights - ... - 0 views

firstlook.org/...ort-condemns-mass-surveillance

surveillance state UN-report digital-privacy

shared by Paul Merrell on 16 Oct 14 - No Cached
  • The United Nations’ top official for counter-terrorism and human rights (known as the “Special Rapporteur”) issued a formal report to the U.N. General Assembly today that condemns mass electronic surveillance as a clear violation of core privacy rights guaranteed by multiple treaties and conventions. “The hard truth is that the use of mass surveillance technology effectively does away with the right to privacy of communications on the Internet altogether,” the report concluded. Central to the Rapporteur’s findings is the distinction between “targeted surveillance” — which “depend[s] upon the existence of prior suspicion of the targeted individual or organization” — and “mass surveillance,” whereby “states with high levels of Internet penetration can [] gain access to the telephone and e-mail content of an effectively unlimited number of users and maintain an overview of Internet activity associated with particular websites.” In a system of “mass surveillance,” the report explained, “all of this is possible without any prior suspicion related to a specific individual or organization. The communications of literally every Internet user are potentially open for inspection by intelligence and law enforcement agencies in the States concerned.”
  • Mass surveillance thus “amounts to a systematic interference with the right to respect for the privacy of communications,” it declared. As a result, “it is incompatible with existing concepts of privacy for States to collect all communications or metadata all the time indiscriminately.” In concluding that mass surveillance impinges core privacy rights, the report was primarily focused on the International Covenant on Civil and Political Rights, a treaty enacted by the General Assembly in 1966, to which all of the members of the “Five Eyes” alliance are signatories. The U.S. ratified the treaty in 1992, albeit with various reservations that allowed for the continuation of the death penalty and which rendered its domestic law supreme. With the exception of the U.S.’s Persian Gulf allies (Saudi Arabia, UAE and Qatar), virtually every major country has signed the treaty. Article 17 of the Covenant guarantees the right of privacy, the defining protection of which, the report explained, is “that individuals have the right to share information and ideas with one another without interference by the State, secure in the knowledge that their communication will reach and be read by the intended recipients alone.”
  • The report’s key conclusion is that this core right is impinged by mass surveillance programs: “Bulk access technology is indiscriminately corrosive of online privacy and impinges on the very essence of the right guaranteed by article 17. In the absence of a formal derogation from States’ obligations under the Covenant, these programs pose a direct and ongoing challenge to an established norm of international law.” The report recognized that protecting citizens from terrorism attacks is a vital duty of every state, and that the right of privacy is not absolute, as it can be compromised when doing so is “necessary” to serve “compelling” purposes. It noted: “There may be a compelling counter-terrorism justification for the radical re-evaluation of Internet privacy rights that these practices necessitate. ” But the report was adamant that no such justifications have ever been demonstrated by any member state using mass surveillance: “The States engaging in mass surveillance have so far failed to provide a detailed and evidence-based public justification for its necessity, and almost no States have enacted explicit domestic legislation to authorize its use.”
  • ...5 more annotations...
  • Instead, explained the Rapporteur, states have relied on vague claims whose validity cannot be assessed because of the secrecy behind which these programs are hidden: “The arguments in favor of a complete abrogation of the right to privacy on the Internet have not been made publicly by the States concerned or subjected to informed scrutiny and debate.” About the ongoing secrecy surrounding the programs, the report explained that “states deploying this technology retain a monopoly of information about its impact,” which is “a form of conceptual censorship … that precludes informed debate.” A June report from the High Commissioner for Human Rights similarly noted “the disturbing lack of governmental transparency associated with surveillance policies, laws and practices, which hinders any effort to assess their coherence with international human rights law and to ensure accountability.” The rejection of the “terrorism” justification for mass surveillance as devoid of evidence echoes virtually every other formal investigation into these programs. A federal judge last December found that the U.S. Government was unable to “cite a single case in which analysis of the NSA’s bulk metadata collection actually stopped an imminent terrorist attack.” Later that month, President Obama’s own Review Group on Intelligence and Communications Technologies concluded that mass surveillance “was not essential to preventing attacks” and information used to detect plots “could readily have been obtained in a timely manner using conventional [court] orders.”
  • Three Democratic Senators on the Senate Intelligence Committee wrote in The New York Times that “the usefulness of the bulk collection program has been greatly exaggerated” and “we have yet to see any proof that it provides real, unique value in protecting national security.” A study by the centrist New America Foundation found that mass metadata collection “has had no discernible impact on preventing acts of terrorism” and, where plots were disrupted, “traditional law enforcement and investigative methods provided the tip or evidence to initiate the case.” It labeled the NSA’s claims to the contrary as “overblown and even misleading.” While worthless in counter-terrorism policies, the UN report warned that allowing mass surveillance to persist with no transparency creates “an ever present danger of ‘purpose creep,’ by which measures justified on counter-terrorism grounds are made available for use by public authorities for much less weighty public interest purposes.” Citing the UK as one example, the report warned that, already, “a wide range of public bodies have access to communications data, for a wide variety of purposes, often without judicial authorization or meaningful independent oversight.”
  • The report was most scathing in its rejection of a key argument often made by American defenders of the NSA: that mass surveillance is justified because Americans are given special protections (the requirement of a FISA court order for targeted surveillance) which non-Americans (95% of the world) do not enjoy. Not only does this scheme fail to render mass surveillance legal, but it itself constitutes a separate violation of international treaties (emphasis added): The Special Rapporteur concurs with the High Commissioner for Human Rights that where States penetrate infrastructure located outside their territorial jurisdiction, they remain bound by their obligations under the Covenant. Moreover, article 26 of the Covenant prohibits discrimination on grounds of, inter alia, nationality and citizenship. The Special Rapporteur thus considers that States are legally obliged to afford the same privacy protection for nationals and non-nationals and for those within and outside their jurisdiction. Asymmetrical privacy protection regimes are a clear violation of the requirements of the Covenant.
  • That principle — that the right of internet privacy belongs to all individuals, not just Americans — was invoked by NSA whistleblower Edward Snowden when he explained in a June, 2013 interview at The Guardian why he disclosed documents showing global surveillance rather than just the surveillance of Americans: “More fundamentally, the ‘US Persons’ protection in general is a distraction from the power and danger of this system. Suspicionless surveillance does not become okay simply because it’s only victimizing 95% of the world instead of 100%.” The U.N. Rapporteur was clear that these systematic privacy violations are the result of a union between governments and tech corporations: “States increasingly rely on the private sector to facilitate digital surveillance. This is not confined to the enactment of mandatory data retention legislation. Corporates [sic] have also been directly complicit in operationalizing bulk access technology through the design of communications infrastructure that facilitates mass surveillance. ”
  • The latest finding adds to the growing number of international formal rulings that the mass surveillance programs of the U.S. and its partners are illegal. In January, the European parliament’s civil liberties committee condemned such programs in “the strongest possible terms.” In April, the European Court of Justice ruled that European legislation on data retention contravened EU privacy rights. A top secret memo from the GCHQ, published last year by The Guardian, explicitly stated that one key reason for concealing these programs was fear of a “damaging public debate” and specifically “legal challenges against the current regime.” The report ended with a call for far greater transparency along with new protections for privacy in the digital age. Continuation of the status quo, it warned, imposes “a risk that systematic interference with the security of digital communications will continue to proliferate without any serious consideration being given to the implications of the wholesale abandonment of the right to online privacy.” The urgency of these reforms is underscored, explained the Rapporteur, by a conclusion of the United States Privacy and Civil Liberties Oversight Board that “permitting the government to routinely collect the calling records of the entire nation fundamentally shifts the balance of power between the state and its citizens.”
Paul Merrell

Bulk Collection Under Section 215 Has Ended… What's Next? | Just Security - 0 views

www.justsecurity.org/...lk-collection-ended-whats-next

surveillance state NSA-reform 215 bulk-collection EO-12333

shared by Paul Merrell on 01 Dec 15 - No Cached
  • The first (and thus far only) roll-back of post-9/11 surveillance authorities was implemented over the weekend: The National Security Agency shuttered its program for collecting and holding the metadata of Americans’ phone calls under Section 215 of the Patriot Act. While bulk collection under Section 215 has ended, the government can obtain access to this information under the procedures specified in the USA Freedom Act. Indeed, some experts have argued that the Agency likely has access to more metadata because its earlier dragnet didn’t cover cell phones or Internet calling. In addition, the metadata of calls made by an individual in the United States to someone overseas and vice versa can still be collected in bulk — this takes place abroad under Executive Order 12333. No doubt the NSA wishes that this was the end of the surveillance reform story and the Paris attacks initially gave them an opening. John Brennan, the Director of the CIA, implied that the attacks were somehow related to “hand wringing” about spying and Sen. Tom Cotton (R-Ark.) introduced a bill to delay the shut down of the 215 program. Opponents of encryption were quick to say: “I told you so.”
  • But the facts that have emerged thus far tell a different story. It appears that much of the planning took place IRL (that’s “in real life” for those of you who don’t have teenagers). The attackers, several of whom were on law enforcement’s radar, communicated openly over the Internet. If France ever has a 9/11 Commission-type inquiry, it could well conclude that the Paris attacks were a failure of the intelligence agencies rather than a failure of intelligence authorities. Despite the passage of the USA Freedom Act, US surveillance authorities have remained largely intact. Section 702 of the FISA Amendments Act — which is the basis of programs like PRISM and the NSA’s Upstream collection of information from Internet cables — sunsets in the summer of 2017. While it’s difficult to predict the political environment that far out, meaningful reform of Section 702 faces significant obstacles. Unlike the Section 215 program, which was clearly aimed at Americans, Section 702 is supposedly targeted at foreigners and only picks up information about Americans “incidentally.” The NSA has refused to provide an estimate of how many Americans’ information it collects under Section 702, despite repeated requests from lawmakers and most recently a large cohort of advocates. The Section 215 program was held illegal by two federal courts (here and here), but civil attempts to challenge Section 702 have run into standing barriers. Finally, while two review panels concluded that the Section 215 program provided little counterterrorism benefit (here and here), they found that the Section 702 program had been useful.
  • There is, nonetheless, some pressure to narrow the reach of Section 702. The recent decision by the European Court of Justice in the safe harbor case suggests that data flows between Europe and the US may be restricted unless the PRISM program is modified to protect the information of Europeans (see here, here, and here for discussion of the decision and reform options). Pressure from Internet companies whose business is suffering — estimates run to the tune of $35 to 180 billion — as a result of disclosures about NSA spying may also nudge lawmakers towards reform. One of the courts currently considering criminal cases which rely on evidence derived from Section 702 surveillance may hold the program unconstitutional either on the basis of the Fourth Amendment or Article III for the reasons set out in this Brennan Center report. A federal district court in Colorado recently rejected such a challenge, although as explained in Steve’s post, the decision did not seriously explore the issues. Further litigation in the European courts too could have an impact on the debate.
  • ...2 more annotations...
  • The US intelligence community’s broadest surveillance authorities are enshrined in Executive Order 12333, which primarily covers the interception of electronic communications overseas. The Order authorizes the collection, retention, and dissemination of “foreign intelligence” information, which includes information “relating to the capabilities, intentions or activities of foreign powers, organizations or persons.” In other words, so long as they are operating outside the US, intelligence agencies are authorized to collect information about any foreign person — and, of course, any Americans with whom they communicate. The NSA has conceded that EO 12333 is the basis of most of its surveillance. While public information about these programs is limited, a few highlights give a sense of the breadth of EO 12333 operations: The NSA gathers information about every cell phone call made to, from, and within the Bahamas, Mexico, Kenya, the Philippines, and Afghanistan, and possibly other countries. A joint US-UK program tapped into the cables connecting internal Yahoo and Google networks to gather e-mail address books and contact lists from their customers. Another US-UK collaboration collected images from video chats among Yahoo users and possibly other webcam services. The NSA collects both the content and metadata of hundreds of millions of text messages from around the world. By tapping into the cables that connect global networks, the NSA has created a database of the location of hundreds of millions of mobile phones outside the US.
  • Given its scope, EO 12333 is clearly critical to those seeking serious surveillance reform. The path to reform is, however, less clear. There is no sunset provision that requires action by Congress and creates an opportunity for exposing privacy risks. Even in the unlikely event that Congress was inclined to intervene, it would have to address questions about the extent of its constitutional authority to regulate overseas surveillance. To the best of my knowledge, there is no litigation challenging EO 12333 and the government doesn’t give notice to criminal defendants when it uses evidence derived from surveillance under the order, so the likelihood of a court ruling is slim. The Privacy and Civil Liberties Oversight Board is currently reviewing two programs under EO 12333, but it is anticipated that much of its report will be classified (although it has promised a less detailed unclassified version as well). While the short-term outlook for additional surveillance reform is challenging, from a longer-term perspective, the distinctions that our law makes between Americans and non-Americans and between domestic and foreign collection cannot stand indefinitely. If the Fourth Amendment is to meaningfully protect Americans’ privacy, the courts and Congress must come to grips with this reality.
Paul Merrell

UK ordered to hold inquests into civilian deaths during Iraq war | UK news | guardian.c... - 0 views

www.guardian.co.uk/...uests-civilian-deaths-iraq-war

war & peace war crimes UK EU Iraq Obama

shared by Paul Merrell on 27 May 13 - No Cached
  • A series of public inquests should be held into the deaths of civilians who are alleged to have been killed unlawfully by the British military following the 2003 invasion of Iraq, the high court has ruled.In a ground-breaking judgment that could have an impact on how the British military is able to conduct operations among civilians in the future, the court ruled on Friday that up to 161 deaths should be the subject of hearings modelled upon coroners' inquests.In practice, a series of hearings – possibly amounting to more than 100 – are likely to be held as a result of the judgment, which follows a three-year legal battle on behalf of the Iraqis' families.
  • Each hearing must involve a "full, fair and fearless investigation accessible to the victim's families and to the public", the court ruled, and should examine not only the immediate circumstances but other issues surrounding each death.As a first step, the court ordered Philip Hammond, the defence secretary, to announce within six weeks whether any of the deaths are to result in prosecutions, or to explain any further delays over prosecuting decisions.After years of judicial review proceedings, and in the face of determined opposition from the Ministry of Defence, which appeared anxious to maintain control over any investigative process, the court concluded that hearings modelled upon coroners' inquests were the best way for the British authorities to meet their obligations under article 2 of the European convention on human rights (ECHR), which protects the right to life.
  • The court also ruled that this should be just the start of the process by which public hearings will examine the alleged misconduct of some members of the British armed forces who served in Iraq.Following the completion of the Article 2 hearings – into allegedly unlawful killings – further hearings should be established in order to meet the UK's obligations under Article 3 of the ECHR, the court said. These will inquire into allegations of torture and lesser mistreatment of individuals detained by British troops in Iraq, focusing on a sample of the most serious of the 700-plus cases in which such allegations have been made.In December last year the MoD said it had paid out £14m in compensation and costs to 205 Iraqis who alleged unlawful imprisonment and mistreatment, and that it was negotiating a further 196 payments. Several hundred more claims were expected to be lodged.
  • ...1 more annotation...
  • The court said it had examined "allegations of the most serious kind involving murder, manslaughter, the wilful infliction of serious bodily injury, sexual indignities, cruel inhuman and degrading treatment and large scale violation of international humanitarian law".The judgment from Sir John Thomas, president of the Queen's Bench Division, and Mr Justice Silber, added that there was evidence to support claims that some of the abuse had been systemic, and questioned whether responsibility for poor training and a failure to investigate promptly lay with senior officers and figures in government
  • Paul Merrell on 27 May 13
     
    These UK proceedings are under authority of the E.U. Convention on Human Rights, whose relevant provisions echo those of the UN Convention on Human Rights, which both the U.K. and the U.S. are party to.  The Brits' willingness to prosecute its own soldiers, senior officers, and figures in government for war crimes sharply contrasts to the U.S., where Barack Obama immediately upon taking office rejected calls for the Iraqi war crimes investigation and prosecution of U.S. military members and Executive Branch officials, saying that he wanted to look forward, not back.  This was a very thin answer to the nation's Nuremburg Prosecution principles later embodied in international law at the instigation of the U.S. Good on the Brits. Shame on the U.S.   
Paul Merrell

EU high court strikes down metadata collection law | Ars Technica - 0 views

arstechnica.com/...s-down-metadata-collection-law

surveillance state E.U. law data-retention digital-privacy litigation

shared by Paul Merrell on 09 Apr 14 - No Cached
  • While the United States continues to debate metadata collection conducted in secret by the National Security Agency, the European Union has been openly collecting the same sort of data for eight years. In the wake of terrorist attacks in Madrid (2004) and London (2005), the European Union passed a directive in 2006 requiring that all telecommunications providers retain all kinds of telephone and Internet metadata for at least six months and provide it to law enforcement upon request. According to a ruling handed down Tuesday by the European Court of Justice, that directive is now invalid. The case was brought by activists at Digital Rights Ireland and the Austrian Working Group on Data Retention. The two organizations had challenged the law as it had been imposed in their respective countries.
  • While the United States continues to debate metadata collection conducted in secret by the National Security Agency, the European Union has been openly collecting the same sort of data for eight years. In the wake of terrorist attacks in Madrid (2004) and London (2005), the European Union passed a directive in 2006 requiring that all telecommunications providers retain all kinds of telephone and Internet metadata for at least six months and provide it to law enforcement upon request. According to a ruling handed down Tuesday by the European Court of Justice, that directive is now invalid. The case was brought by activists at Digital Rights Ireland and the Austrian Working Group on Data Retention. The two organizations had challenged the law as it had been imposed in their respective countries.
  • The European judges concluded: The Court takes the view that, by requiring the retention of those data and by allowing the competent national authorities to access those data, the directive interferes in a particularly serious manner with the fundamental rights to respect for private life and to the protection of personal data. Furthermore, the fact that data are retained and subsequently used without the subscriber or registered user being informed is likely to generate in the persons concerned a feeling that their private lives are the subject of constant surveillance. . . . Although the retention of data required by the directive may be considered to be appropriate for attaining the objective pursued by it, the wide-ranging and particularly serious interference of the directive with the fundamental rights at issue is not sufficiently circumscribed to ensure that that interference is actually limited to what is strictly necessary.
Paul Merrell

New EU rules to curb transfer of data to US after Edward Snowden revelations | World ne... - 0 views

www.theguardian.com/...u-rules-data-us-edward-snowden

surveillance state NSA GCHQ NSA-blowback EU

shared by Paul Merrell on 19 Oct 13 - No Cached
  • New European rules aimed at curbing questionable transfers of data from EU countries to the US are being finalised in Brussels in the first concrete reaction to the Edward Snowden disclosures on US and British mass surveillance of digital communications.Regulations on European data protection standards are expected to pass the European parliament committee stage on Monday after the various political groupings agreed on a new compromise draft following two years of gridlock on the issue.The draft would make it harder for the big US internet servers and social media providers to transfer European data to third countries, subject them to EU law rather than secret American court orders, and authorise swingeing fines possibly running into the billions for the first time for not complying with the new rules.
  • "As parliamentarians, as politicians, as governments we have lost control over our intelligence services. We have to get it back again," said Jan Philipp Albrecht, the German Greens MEP who is steering the data protection regulation through the parliament.Data privacy in the EU is currently under the authority of national governments with standards varying enormously across the 28 countries, complicating efforts to arrive at satisfactory data transfer agreements with the US. The current rules are easily sidestepped by the big Silicon Valley companies, Brussels argues.The new rules, if agreed, would ban the transfer of data unless based on EU law or under a new transatlantic pact with the Americans complying with EU law."Without any concrete agreement there would be no data processing by telecommunications and internet companies allowed," says a summary of the proposed new regime.
  • Such bans were foreseen in initial wording two years ago but were dropped under the pressure of intense lobbying from Washington. The proposed ban has been revived directly as a result of the uproar over operations by the US's National Security Agency (NSA).Viviane Reding, the EU's commissioner for justice and the leading advocate in Brussels of a new system securing individuals' rights to privacy and data protection, argues that the new rulebook will rebalance the power relationship between the US and Europe on the issue, supplying leverage to force the American authorities and tech firms to reform."The recent data scandals prove that sensitivity has been growing on the US side of how important data protection really is for Europeans," she told a German foreign policy journal. "All those US companies that do dominate the tech market and the internet want to have access to our goldmine, the internal market with over 500 million potential customers. If they want to access it, they will have to apply our rules. The leverage that we will have in the near future is thus the EU's data protection regulation. It will make crystal clear that non-European companies, when offering goods and services to European consumers, will have to apply the EU data protection law in full. There will be no legal loopholes any more."But the proposed rules remain riddled with loopholes for intelligence services to exploit, MEPs admit.
Paul Merrell

High Court Rules UK's Surveillance Powers Violate Human Rights - 0 views

www.tomshardware.com/...ourt-dripa-unlawful,29615.html

surveillance state GCHQ UK litigation

shared by Paul Merrell on 20 Jul 15 - No Cached
  • UK's High Court found the rushed Data Retention and Investigatory Powers Act (DRIPA) to be illegal under the European Convention on Human Rights and EU Charter of Fundamental Rights, both of which require respect for private and family life, as well as protection of personal data in the case of the latter. DRIPA was challenged by two members of Parliament (MPs), Labor's Tom Watson and the Conservative David Davis, who argued that the surveillance of communications wasn't limited to serious crimes, that individual notices for data collection were kept secret, and that no provision existed to protect those who need professional confidentiality, such as lawyers and journalists. DRIPA was pushed through in three days last year after the European Court of Justice ruled that the EU data retention powers were disproportionate, which invalidated the previous data retention law in the UK. The UK High Court also ruled that sections 1 and 2 of DRIPA were unlawful based on the fact that they fail to provide precise policies to ensure that data is only accessed for the purpose of investigating serious crimes. Another major point against DRIPA was that it didn't require judicial approval, which could limit access to only the data that is strictly necessary for investigations.
  • DRIPA passed in only three days, but the Court allowed it to continue for another nine months, to give the UK government enough time to draft new legislation. Although this almost doubles the time in which this law will exist, it might be better in the long term, as it gives the members of Parliament enough time to debate its successor, without having to rush yet another law fearing that the government's surveillance powers will expire. This court ruling arrived at the right time, as the UK government is currently preparing the draft for the Investigative Powers Bill (also called Snooper's Charter by many), which further expands the government's surveillance powers and may even request encryption backdoors. It also joins other recent reviews of the government's surveillance laws that called for much stricter oversight done by judges rather than the government's own members. "Campaigners, MPs across the political spectrum, the Government's own reviewer of terrorism legislation are all calling for judicial oversight and clearer safeguards," said James Welch, Legal Director for Liberty, a human rights organization.
  • Paul Merrell on 20 Jul 15
     
    The Dark State takes another hit.
Paul Merrell

Can the AEC be a success? - nsnbc international | nsnbc international - 0 views

nsnbc.me/...can-the-aec-be-a-success

trade ASEAN AEC outlook

shared by Paul Merrell on 28 Dec 15 - No Cached
  • After almost two decades of discussion, the ASEAN Economic Community (AEC) will be proclaimed on 31st December. The AEC is a potentially significant and competitive economic region, should it be allowed to develop according to the aspiration of being a “single market and production base, with free flow of services, investments, and labour, by the year 2020”.
  • The ASEAN region as a composite trading block has the third highest population at 634 million, after China and India. GDP per capita is rapidly rising. The AEC would be the 4th largest exporter after China, the EU, and the United States, with still very much scope for growth from Cambodia, Myanmar, the Philippines, and Vietnam from a diverse range of activities ranging from agriculture, food, minerals and commodities, electronics, and services. The coming AEC is already the 4th largest importer of goods after the United States, EU, and China, making it one of the biggest markets in the world. Unlike the other trade regions, the AEC still has so much potential for growth with rising population, rising incomes, growing consumer sophistication, and improving infrastructure. Perhaps the biggest benefit of the upcoming AEC is the expected boost this will give to intra-ASEAN trade. Most ASEAN nations have previously put their efforts into developing external relationships with the major trading nations like the EU, Japan and the US through bilateral and free trade agreements. To some extent, the potential of intra-ASEAN trade was neglected, perhaps with the exception of the entrepot of Singapore. The AEC is an opportunity to refocus trade efforts within the region, especially when Vietnam, Cambodia, Indonesia are rapidly developing, and Myanmar is opening up for business with the rest of the region.
  • There are no integrated banking structures, no agreement on common and acceptable currencies (some ASEAN currencies are not interchangeable), no double taxation agreements, and no formal agreements on immigration. There is not even any such thing as a common ASEAN business visa. These issues are going to hinder market access for regional SMEs. Any local market operations will have to fulfil local laws and regulations which may not be easy for non-citizens to meet and adhere to. Even though there are some preferential tariffs for a number of classes of ASEAN originating goods, non-tariff barriers are still in existence, which are insurmountable in some cases like the need for import licenses (APs) in Malaysia, and the need to have a registered company which can only be formed by Thai nationals within Thailand. Some of these problems are occurring because of the very nature of ASEAN itself. ASEAN was founded on the basis of consultation, consensus, and non-interference in the internal affairs of other members. This means that no formal problem solving mechanism exists, and the ASEAN Secretariat is a facilitator rather than implementer of policy. Illegal workers, human trafficking, money laundering, and haze issues between member states have no formal mechanisms through which these issues can be solved from an ASEAN perspective. This weakens the force for regional integration.
  • ...2 more annotations...
  • However the necessary infrastructure to support intra-ASEAN trade growth is lagging behind with a delay in the completion of the Trans-Asia Highway in Cambodia, and vastly inadequate border checkpoints between Malaysia and Thailand in Sadao and Kelantan. Some infrastructure development projects have been severely hit by finance shortfalls within member states. There are a number of outstanding issues concerning the growth and development of the AEC. The ASEAN Secretariat based in Jakarta has a small staff, where the best talent is lacking due to the small salaries paid. The Secretariat unlike the EU bureaucratic apparatus in Brussels relies on cooperation between the member state governments for policy direction, funding and implementation of the AEC. Thus the frontline of AEC implementation are the individual country ministries, which presents many problems, as some issues require multi-ministry cooperation and coordination, which is not always easy to achieve as particular ministries have their own visions and agendas. Getting cooperation of these ministries isn’t easy. There are numerous structural and procedural issues yet to be contended with. At the inter-governmental level, laws and regulations are yet to be coordinated and harmonized. So in-effect there is one community with 10 sets of regulations in effect this coming January 1st. Consumer laws, intellectual property rights, company and corporate codes (no provision for ASEAN owned companies), land codes, and investment rules are all different among the individual member states.
  • One of the major issues weakening the potential development of the AEC is the apparent lack of political commitment for a common market by the leadership of the respective ASEAN members. Thailand is currently in a struggle to determine how the country should be governed. Malaysia is in the grip of corruption scandals where the prime minister is holding onto power. Myanmar is going through a massive change in the way it will be governed. Indonesia is still struggling with how its archipelago should be governed. There is a view from Vietnam that business within the country is not ready for the AEC. Intense nationalistic sentiments among for example Thais, exasperated by the recent Preach Vihear Temple conflict along the Thai-Cambodian border need to be softened to get full advantage out of the AEC. The dispute in the International Court of Justice over Pedra Branca, and the Philippine rift with China over the South China Sea show the delicacy of relationships among ASEAN members. The recent Thai court decision on the guilt of Zaw Lin and Win Zaw Tun in the murder of two young British tourists may also show how fragile intra-ASEAN relationships can be. The AEC is going to fall far short of achieving its full potential of becoming a major influence in global trade. The AEC is not intended to be the same model as the EEC. The AEC is far from being any fully integrated economic community. The lack of social, cultural, and political integration within the ASEAN region indicates the massive job ahead that Europe had been through decades ago. There is still a lot of public ignorance about what the AEC is, and lack of excitement or expectation for what should be a major event within the region. Respective national media are scant on information about the forthcoming launch of the AEC.
1 - 20 of 26 Next ›
Showing 20 items per page