After the Brexit vote, politicians, businesses and citizens are all wondering what’s next. In general, legal uncertainty permeates Brexit, but in the world of bits and bytes, Brussels and London have in fact been on a collision course at least since the 90s. The new British prime minister, Theresa May, has been personally responsible for a deepening divide across the North Sea on data and communication policy. Although EU citizens will see stronger privacy and cybersecurity protections through EU law post-Brexit, multinational companies should be particularly worried about how future regulation will treat the loads of data they traffic about customers, employees, and deals between the EU and the UK. [Read more…]
Today, the vulnerable state of electronic communications security dominates headlines across the globe, while surveillance, money and power increasingly permeate the ‘cybersecurity’ policy arena. With the stakes so high, how should communications security be regulated? Deirdre Mulligan (UC Berkeley), Ashkan Soltani (independent, Washington Post), Ian Brown (Oxford) and Michel van Eeten (TU Delft) weighed in on this proposition at an expert panel on my doctoral project at the Amsterdam Information Influx conference. [Read more…]
CBS News and a host of other outlets have covered my new paper with Sharon Goldberg, Loopholes for Circumventing the Constitution: Warrantless Bulk Surveillance on Americans by Collecting Network Traffic Abroad. We’ll present the paper on July 18 at HotPETS [slides, pdf], right after a keynote by Bill Binney (the NSA whistleblower), and at TPRC in September. Meanwhile, the NSA has responded to our paper in a clever way that avoids addressing what our paper is actually about. [Read more…]
Will Greenwald’s New Book Reveal How to Conduct Warrantless Bulk Surveillance on Americans from Abroad?
Tomorrow, Glenn Greenwald’s highly anticipated book ‘No Place to Hide’ goes on sale. Apart from personal accounts on working with whisteblower Edward Snowden in Hong Kong and elsewhere, Mr. Greenwald announced that he will reveal new surveillance operations by Western intelligence agencies. In the last weeks, Sharon Goldberg and I have been finishing a paper on Executive Order 12333 (“EO 12333”). We argue that EO 12333 creates legal loopholes for U.S. authorities to circumvent the U.S. Constitution and conduct largely unchecked and unrestrained bulk surveillance of American communications from abroad. In addition, we present several known and new technical means to exploit those legal loopholes. Today, we publish a summary of our new paper in this post.
We stress that we’re not in a position to suggest that U.S. authorities are actually structurally circumventing the Constitution using the international loophole we discuss in the paper. But, we’re wondering: will the gist of our analysis be part of Greenwald’s new revelations tomorrow? A first snippet of Greenwald’s new book in The Guardian, about hacking American routers destined for use overseas, seems to point in that direction. Here’s our summary. [Read more…]
After a 5-year long campaign by European and U.S. digital rights NGOs, today the European Parliament turned a dubious Commission proposal on its head to safeguard the principle of net neutrality. It’s a historic win, and all over the news. It also shows how digital rights advocacy is maturing. [Read more…]
Governments around the world are increasingly hacking into IT-systems. But for every apparent benefit, government hacking creates deeper problems. Time to unpack 9 of them, and to discuss one unique perspective: in response to a proposed hacking law in 2008, the German Constitutional Court created a new human right protecting the ‘confidentiality and integrity of IT-systems’. The rest of the world should follow suit, and outlaw government hacking until its deep problems are addressed. [Read more…]
So. The NSA and GCHQ piggyback on Angry Birds to spy on its 1.7 billion
users. potential terrorists. Not only that, but everything on smartphones can be compromised: “if its on the phone, we can get it”. Will it ever stop? A few days ago, the European Court of Human Rights (‘ECHR’) made the unique move to fast-track a case on the legality of mass surveillance practices by the GCHQ. A judgement is now expected in months, rather than years – in time to have a huge impact on the global debate on mass surveillance. Time for some analysis. [Read more…]
Quite often, especially since the Snowden revelations began, tech policy academics will be approached by NGO’s and colleagues to sign petitions ‘to end mass surveillance’. It’s not always easy to decide whether you want to sign. If you’re an academic, you might want to consider co-signing one initiative launched today. [Read more…]
The Wall Street Journal headlines: “EU Court Opinion: Data Retention Directive Incompatible With Fundamental Rights”. The Opinion is strong, but in fact not yet an outright victory to privacy and civil liberties. The jury is out: the Opinion is a non-binding, but influential advice to the E.U. Court, that will deliver its final judgment come next spring. Now is a perfect moment to analyze the Opinion, as well as the institutional politics of the E.U. Court — critical in understanding the two-tier approach to surveillance and fundamental rights in Europe. The two-tier approach converges, after 60 years, when the E.U. accedes to the European Convention of Human Rights anytime soon. Amidst the Snowden revelations, these are the fundamental legal developments that will ultimately answer the question whether European law can end mass surveillance.
Over the weekend, two new NSA documents revealed a confident NSA SIGINT strategy for the coming years and a vast increase of NSA-malware infected networks across the globe. The excellent reporting overlooked one crucial development: constitutional compliance will increasingly be outsourced to algorithms. Meaningful oversight of intelligence practises must address this, or face collateral constitutional damage. [Read more…]