DOCSLIB.ORG

Mass Surveillance

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Mass Surveillance Mass Surveillance Mass Surveillance What are the risks for the citizens and the opportunities for the European Information Society? What are the possible mitigation strategies? Part 1 - Risks and opportunities raised by the current generation of network services and applications Study IP/G/STOA/FWC-2013-1/LOT 9/C5/SC1 January 2015 PE 527.409 STOA - Science and Technology Options Assessment The STOA project “Mass Surveillance Part 1 – Risks, Opportunities and Mitigation Strategies” was carried out by TECNALIA Research and Investigation in Spain. AUTHORS Arkaitz Gamino Garcia Concepción Cortes Velasco Eider Iturbe Zamalloa Erkuden Rios Velasco Iñaki Eguía Elejabarrieta Javier Herrera Lotero Jason Mansell (Linguistic Review) José Javier Larrañeta Ibañez Stefan Schuster (Editor) The authors acknowledge and would like to thank the following experts for their contributions to this report: Prof. Nigel Smart, University of Bristol; Matteo E. Bonfanti PhD, Research Fellow in International Law and Security, Scuola Superiore Sant’Anna Pisa; Prof. Fred Piper, University of London; Caspar Bowden, independent privacy researcher; Maria Pilar Torres Bruna, Head of Cybersecurity, Everis Aerospace, Defense and Security; Prof. Kenny Paterson, University of London; Agustín Martin and Luis Hernández Encinas, Tenured Scientists, Department of Information Processing and Cryptography (Cryptology and Information Security Group), CSIC; Alessandro Zanasi, Zanasi & Partners; Fernando Acero, Expert on Open Source Software; Luigi Coppolino,Università degli Studi di Napoli; Marcello Antonucci, EZNESS srl; Rachel Oldroyd, Managing Editor of The Bureau of Investigative Journalism; Peter Kruse, Founder of CSIS Security Group A/S; Ryan Gallagher, investigative Reporter of The Intercept; Capitán Alberto Redondo, Guardia Civil; Prof. Bart Preneel, KU Leuven; Raoul Chiesa, Security Brokers SCpA, CyberDefcon Ltd.; Prof. Hugo Scolnik, Departamento de Computación, Universidad Buenos Aires STOA RESEARCH ADMINISTRATOR Peter Ide-Kostic Scientific Foresight (STOA) Unit Directorate for Impact Assessment and European Added Value Directorate-General for Parliamentary Research Services European Parliament, Rue Wiertz 60, B-1047 Brussels E-mail: [email protected] LINGUISTIC VERSION Original: EN ABOUT THE PUBLISHER To contact STOA or to subscribe to its newsletter please write to: [email protected] This document is available on the Internet at: http://www.ep.europa.eu/stoa/ Manuscript completed in January 2015 Brussels, © European Union, 2015 DISCLAIMER The content of this document is the sole responsibility of the author and any opinions expressed therein do not necessarily represent the official position of the European Parliament. It is addressed to the Members and staff of the EP for their parliamentary work. Reproduction and translation for non- commercial purposes are authorised, provided the source is acknowledged and the European Parliament is given prior notice and sent a copy. PE 527.409 ISBN: 978-92-823-5535-0 DOI: 10.2861/269619 CAT: QA-05-14-155-EN-N Mass Surveillance - Part 1: Risks, Opportunities and Mitigation Strategies Abstract This document identifies the risks of data breaches for users of publicly available Internet services such as email, social networks and cloud computing, and the possible impacts for them and the European Information Society. It presents the latest technology advances allowing the analysis of user data and their meta-data on a mass scale for surveillance reasons. It identifies technological and organisational measures and the key stakeholders for reducing the risks identified. Finally the study proposes possible policy options, in support of the risk reduction measures identified by the study. This study covers the analysis of the existing generation of network services and applications at the time of the study (2014) and the short to mid-term technical measures and policy options suitable for counteracting mass surveillance practices and guaranteeing privacy and security of electronic communication channels. Future long-term technological and policy options addressing privacy and security in information and communication technologies are outlined in part two of this study, published by STOA. This study is accompanied by an Annex, which provides detailed answers to the thirty five questions posed in the original tender for this study. The annex is published as a separate document. STOA - Science and Technology Options Assessment Mass Surveillance - Part 1: Risks, Opportunities and Mitigation Strategies Table of contents EXECUTIVE SUMMARY.................................................................................................................................... 1 1 INTRODUCTION........................................................................................................................................ 4 2 DOCUMENT STRUCTURE AND METHODOLOGICAL APPROACH ............................................ 5 2.1 Format conventions............................................................................................................................ 5 2.2 Document Structure ........................................................................................................................... 5 2.3 Methodological approach applied ................................................................................................... 5 3 CURRENT PRACTICES OF INTERCEPTION AND ANALYSIS OF END-USER META-DATA ... 7 3.1 Types of Meta-Data and their retention .......................................................................................... 7 3.2 The role of commercial Cookies and trackers................................................................................. 9 3.3 Meta-data analysis for mass surveillance purposes..................................................................... 11 3.4 Complicity between mass surveillance organizations and other parties.................................. 12 4 CRYPTOGRAPHY RELIABILITY IN A “POST SNOWDEN” WORLD............................................ 16 4.1 Current and upcoming cryptography problems.......................................................................... 17 4.2 Malware in platforms and end-points ........................................................................................... 21 4.3 Cryptography and cyber warfare arena ........................................................................................ 22 4.4 Telecommunication sector............................................................................................................... 23 5 EFFICIENCY OF COMMERCIAL PRODUCTS FOR DOING MASS SURVEILLANCE ................ 26 5.1 Commercially available mass surveillance products................................................................... 26 5.2 Legal context for mass surveillance tools and services ............................................................... 29 5.3 Effectiveness of surveillance products and resources needed ................................................... 31 5.4 Cryptography and encryption analysis......................................................................................... 33 6 TECHNICAL CREDIBILITY OF NATIONAL SECURITY AGENCIES’ HACKING CAPABILITIES ...................................................................................................................................................................... 35 6.1 Cooperation of private companies with national security agencies.......................................... 35 6.2 Hacking capabilities of national security agencies ...................................................................... 35 6.3 Efficiency of intelligence services surveillance programs........................................................... 37 6.4 Credibility of accusations on mass surveillance........................................................................... 40 6.5 Efficiency of solutions to fight mass surveillance ........................................................................ 40 6.6 Threats and opportunities of using foreign OS and applications in public administration... 42 7 TECHNICAL AND POLICY OPTIONS PROPOSED FOR MITIGATING THE IDENTIFIED RISKS ................................................................................................................................................................... 44 7.1 Best practices for preventing cryptography problems ................................................................ 44 7.2 Technical options for mitigating surveillance risk....................................................................... 45 7.3 Short to mid-term policy options for controlling mass surveillance ......................................... 53 STOA - Science and Technology Options Assessment 8 CONCLUSIONS ........................................................................................................................................ 55 LIST OF ABBREVIATIONS .............................................................................................................................. 56 ANNEX (see separate document) Mass Surveillance - Part 1: Risks, Opportunities and Mitigation Strategies EXECUTIVE SUMMARY The disclosure of controversial mass surveillance programmes by intelligence and national security agencies has evoked an international debate on the right of citizens to be protected from illegitimate or warrantless collection and analysis of their data and meta-data. This report aims
Load more

Recommended publications
  • Annual Report and Accounts 2018-19
    National Crime Agency Annual Report and Accounts 2018-19 HC 2397 National Crime Agency Annual Report and Accounts 2018-19 Annual Report presented to Parliament pursuant to paragraph 8(2) of Schedule 2 to the Crime and Courts Act 2013. Accounts presented to the House of Commons pursuant to Section 6(4) of the Government Resources and Accounts Act 2000. Accounts presented to the House of Lords by Command of Her Majesty. Ordered by the House of Commons to be printed on 22 July 2019. HC 2397 © Crown copyright 2019 This publication is licensed under the terms of the Open Government Licence v3.0 except where otherwise stated. To view this licence, visit nationalarchives.gov.uk/doc/open-government-licence/version/3. Where we have identified any third party copyright information you will need to obtain permission from the copyright holders concerned. This publication is available at www.gov.uk/official-documents. Any enquiries regarding this publication should be sent to National Crime Agency, Command Suite, Unit 1, Spring Gardens, Tinworth Street, London, SE11 5EN. ISBN 978-1-5286-1296-8 CCS0519221654 07/19 Printed on paper containing 75% recycled fibre content minimum. Printed in the UK by the APS Group on behalf of the Controller of Her Majesty’s Stationery Office. Contents Foreword by the Home Secretary 7 Part Two – Accountability Report Part One – Performance Report Corporate Governance Report 43 Directors’ Report 43 Statement by the Director General 9 Statement of Accounting Officer’s Who we are and what we do 10 responsibilities 44 How
    [Show full text]
  • Duckduckgo Search Engines Android
    Duckduckgo search engines android Continue 1 5.65.0 10.8MB DuckduckGo Privacy Browser 1 5.64.0 10.8MB DuckduckGo Privacy Browser 1 5.63.1 10.78MB DuckduckGo Privacy Browser 1 5.62.0 10.36MB DuckduckGo Privacy Browser 1 5.61.2 10.36MB DuckduckGo Privacy Browser 1 5.60.0 10.35MB DuckduckGo Privacy Browser 1 5.59.1 10.35MB DuckduckGo Privacy Browser 1 5.58.1 10.33MB DuckduckGo Privacy Browser 1 5.57.1 10.31MB DuckduckGo Privacy browser © DuckduckGo. Privacy, simplified. This article is about the search engine. For children's play, see duck, duck, goose. Internet search engine DuckDuckGoScreenshot home page DuckDuckGo on 2018Type search engine siteWeb Unavailable inMultilingualHeadquarters20 Paoli PikePaoli, Pennsylvania, USA Area servedWorldwideOwnerDuck Duck Go, Inc., createdGabriel WeinbergURLduckduckgo.comAlexa rank 158 (October 2020 update) CommercialRegregedSeptember 25, 2008; 12 years ago (2008-09-25) was an Internet search engine that emphasized the privacy of search engines and avoided the filter bubble of personalized search results. DuckDuckGo differs from other search engines by not profiling its users and showing all users the same search results for this search term. The company is based in Paoli, Pennsylvania, in Greater Philadelphia and has 111 employees since October 2020. The name of the company is a reference to the children's game duck, duck, goose. The results of the DuckDuckGo Survey are a compilation of more than 400 sources, including Yahoo! Search BOSS, Wolfram Alpha, Bing, Yandex, own web scanner (DuckDuckBot) and others. It also uses data from crowdsourcing sites, including Wikipedia, to fill in the knowledge panel boxes to the right of the results.
    [Show full text]
  • The Current Economics of Cyber Attacks
    The Current Economics of Cyber Attacks Ron Winward Security Evangelist October 17, 2016 What Are We Talking About Historical Context Does Hacking Pay? Cyber Aack Marketplace Economics of Defenses: Reality Check 2 Once Upon a Time… 3 Story of the Automobile Ideal economic condions help fuel and grow this industry Be&er Roads Assembly Line Ideal Economic Condi9ons Growth 4 Cyber Attacks Reaching a Tipping Point More Resources More Targets More Mature Availability of low More high value, A level of maturity cost resources increasingly vulnerable that drives efficiency targets leads to more and ensures valuable informaon anonymity The economics of hacking have turned a corner! 5 Modern Economics of Cyber Attacks and Hacking 6 Do You Romanticize Hackers? 7 Reality of Today’s Hackers May look more like this . than like this 8 Today’s Adversary: Not always the Lone Wolf Structured organizaon with roles, focus Premeditated plan for targe9ng, exfiltraon, mone9zaon of data/assets Mul9-layered trading networks for distribu9on, Source: HPE: the business of hacking obfuscaon Why? Because increasingly, CRIME PAYS! 9 Or Does It? The average aacker earns approximately ¼ of the salary of an average IT employee The cost and 9me to plan aacks has decreased Be&er access to be&er tools makes aacks easier Remember: Nobody is trying to be “average” 10 Sophisticated Understanding of Value Mone9zable criminal enterprise Credit Cards Medical Records Intellectual Property Creden9als Vulnerabili9es Exploits 11 The Economics of Web Attacks Hacker steals US healthcare
    [Show full text]
  • The Internet and Drug Markets
    INSIGHTS EN ISSN THE INTERNET AND DRUG MARKETS 2314-9264 The internet and drug markets 21 The internet and drug markets EMCDDA project group Jane Mounteney, Alessandra Bo and Alberto Oteo 21 Legal notice This publication of the European Monitoring Centre for Drugs and Drug Addiction (EMCDDA) is protected by copyright. The EMCDDA accepts no responsibility or liability for any consequences arising from the use of the data contained in this document. The contents of this publication do not necessarily reflect the official opinions of the EMCDDA’s partners, any EU Member State or any agency or institution of the European Union. Europe Direct is a service to help you find answers to your questions about the European Union Freephone number (*): 00 800 6 7 8 9 10 11 (*) The information given is free, as are most calls (though some operators, phone boxes or hotels may charge you). More information on the European Union is available on the internet (http://europa.eu). Luxembourg: Publications Office of the European Union, 2016 ISBN: 978-92-9168-841-8 doi:10.2810/324608 © European Monitoring Centre for Drugs and Drug Addiction, 2016 Reproduction is authorised provided the source is acknowledged. This publication should be referenced as: European Monitoring Centre for Drugs and Drug Addiction (2016), The internet and drug markets, EMCDDA Insights 21, Publications Office of the European Union, Luxembourg. References to chapters in this publication should include, where relevant, references to the authors of each chapter, together with a reference to the wider publication. For example: Mounteney, J., Oteo, A. and Griffiths, P.
    [Show full text]
  • EFF, Duckduckgo, and Internet Archive Amicus Brief
    Case: 17-16783, 11/27/2017, ID: 10667942, DktEntry: 42, Page 1 of 39 NO. 17-16783 IN THE UNITED STATES COURT OF APPEALS FOR THE NINTH CIRCUIT HIQ LABS, INC., PLAINTIFF-APPELLEE, V. LINKEDIN CORPORATION, DEFENDANT-APPELLANT. On Appeal from the United States District Court for the Northern District of California Case No. 3:17-cv-03301-EMC The Honorable Edward M. Chen, District Court Judge BRIEF OF AMICI CURIAE ELECTRONIC FRONTIER FOUNDATION, DUCKDUCKGO, AND INTERNET ARCHIVE IN SUPPORT OF PLAINTIFF-APPELLEE Jamie Williams Corynne McSherry Cindy Cohn Nathan Cardozo ELECTRONIC FRONTIER FOUNDATION 815 Eddy Street San Francisco, CA 94109 Email: [email protected] Telephone: (415) 436-9333 Counsel for Amici Curiae Case: 17-16783, 11/27/2017, ID: 10667942, DktEntry: 42, Page 2 of 39 DISCLOSURE OF CORPORATE AFFILIATIONS AND OTHER ENTITIES WITH A DIRECT FINANCIAL INTEREST IN LITIGATION Pursuant to Rule 26.1 of the Federal Rules of Appellate Procedure, Amici Curiae Electronic Frontier Foundation, DuckDuckGo, and Internet Archive each individually state that they do not have a parent corporation and that no publicly held corporation owns 10 percent or more of their stock. i Case: 17-16783, 11/27/2017, ID: 10667942, DktEntry: 42, Page 3 of 39 TABLE OF CONTENTS CORPORATE DISCLOSURE STATEMENTS ..................................................... i TABLE OF CONTENTS ...................................................................................... ii TABLE OF AUTHORITIES ...............................................................................
    [Show full text]
  • Virtual Currencies and Terrorist Financing : Assessing the Risks And
    DIRECTORATE GENERAL FOR INTERNAL POLICIES POLICY DEPARTMENT FOR CITIZENS' RIGHTS AND CONSTITUTIONAL AFFAIRS COUNTER-TERRORISM Virtual currencies and terrorist financing: assessing the risks and evaluating responses STUDY Abstract This study, commissioned by the European Parliament’s Policy Department for Citizens’ Rights and Constitutional Affairs at the request of the TERR Committee, explores the terrorist financing (TF) risks of virtual currencies (VCs), including cryptocurrencies such as Bitcoin. It describes the features of VCs that present TF risks, and reviews the open source literature on terrorist use of virtual currencies to understand the current state and likely future manifestation of the risk. It then reviews the regulatory and law enforcement response in the EU and beyond, assessing the effectiveness of measures taken to date. Finally, it provides recommendations for EU policymakers and other relevant stakeholders for ensuring the TF risks of VCs are adequately mitigated. PE 604.970 EN ABOUT THE PUBLICATION This research paper was requested by the European Parliament's Special Committee on Terrorism and was commissioned, overseen and published by the Policy Department for Citizens’ Rights and Constitutional Affairs. Policy Departments provide independent expertise, both in-house and externally, to support European Parliament committees and other parliamentary bodies in shaping legislation and exercising democratic scrutiny over EU external and internal policies. To contact the Policy Department for Citizens’ Rights and Constitutional Affairs or to subscribe to its newsletter please write to: [email protected] RESPONSIBLE RESEARCH ADMINISTRATOR Kristiina MILT Policy Department for Citizens' Rights and Constitutional Affairs European Parliament B-1047 Brussels E-mail: [email protected] AUTHORS Tom KEATINGE, Director of the Centre for Financial Crime and Security Studies, Royal United Services Institute (coordinator) David CARLISLE, Centre for Financial Crime and Security Studies, Royal United Services Institute, etc.
    [Show full text]
  • Mutual Watching and Resistance to Mass Surveillance After Snowden
    Media and Communication (ISSN: 2183-2439) 2015, Volume 3, Issue 3, Pages 12-25 Doi: 10.17645/mac.v3i3.277 Article “Veillant Panoptic Assemblage”: Mutual Watching and Resistance to Mass Surveillance after Snowden Vian Bakir School of Creative Studies and Media, Bangor University, Bangor, LL57 2DG, UK; E-Mail: [email protected] Submitted: 9 April 2015 | In Revised Form: 16 July 2015 | Accepted: 4 August 2015 | Published: 20 October 2015 Abstract The Snowden leaks indicate the extent, nature, and means of contemporary mass digital surveillance of citizens by their intelligence agencies and the role of public oversight mechanisms in holding intelligence agencies to account. As such, they form a rich case study on the interactions of “veillance” (mutual watching) involving citizens, journalists, intelli- gence agencies and corporations. While Surveillance Studies, Intelligence Studies and Journalism Studies have little to say on surveillance of citizens’ data by intelligence agencies (and complicit surveillant corporations), they offer insights into the role of citizens and the press in holding power, and specifically the political-intelligence elite, to account. Atten- tion to such public oversight mechanisms facilitates critical interrogation of issues of surveillant power, resistance and intelligence accountability. It directs attention to the veillant panoptic assemblage (an arrangement of profoundly une- qual mutual watching, where citizens’ watching of self and others is, through corporate channels of data flow, fed back into state surveillance of citizens). Finally, it enables evaluation of post-Snowden steps taken towards achieving an equiveillant panoptic assemblage (where, alongside state and corporate surveillance of citizens, the intelligence-power elite, to ensure its accountability, faces robust scrutiny and action from wider civil society).
    [Show full text]
  • Intel X86 Considered Harmful
    Intel x86 considered harmful Joanna Rutkowska October 2015 Intel x86 considered harmful Version: 1.0 1 Contents 1 Introduction5 Trusted, Trustworthy, Secure?......................6 2 The BIOS and boot security8 BIOS as the root of trust. For everything................8 Bad SMM vs. Tails...........................9 How can the BIOS become malicious?.................9 Write-Protecting the flash chip..................... 10 Measuring the firmware: TPM and Static Root of Trust........ 11 A forgotten element: an immutable CRTM............... 12 Intel Boot Guard............................. 13 Problems maintaining long chains of trust............... 14 UEFI Secure Boot?........................... 15 Intel TXT to the rescue!......................... 15 The broken promise of Intel TXT.................... 16 Rescuing TXT: SMM sandboxing with STM.............. 18 The broken promise of an STM?.................... 19 Intel SGX: a next generation TXT?................... 20 Summary of x86 boot (in)security.................... 21 2 Intel x86 considered harmful Contents 3 The peripherals 23 Networking devices & subsystem as attack vectors........... 23 Networking devices as leaking apparatus................ 24 Sandboxing the networking devices................... 24 Keeping networking devices outside of the TCB............ 25 Preventing networking from leaking out data.............. 25 The USB as an attack vector...................... 26 The graphics subsystem......................... 29 The disk controller and storage subsystem............... 30 The audio
    [Show full text]
  • Anti-Terrorism Authority Under the Laws of the United Kingdom and the United States
    Order Code RL33726 CRS Report for Congress Received through the CRS Web Anti-Terrorism Authority Under the Laws of the United Kingdom and the United States September 7, 2006 Clare Feikert Foreign Law Specialist Law Library of Congress Charles Doyle Senior Specialist American Law Division Congressional Research Service ˜ The Library of Congress Anti-Terrorism Authority Under the Laws of the United Kingdom and the United States Summary This is a comparison of the laws of the United Kingdom and of the United States that govern criminal and intelligence investigations of terrorist activities. Both systems rely upon a series of statutory authorizations: in the case of the United States primarily the Foreign Intelligence Surveillance Act and the Electronic Communications Privacy Act; in the case of the United Kingdom, the Regulation of Investigatory Powers Act, the Police Act, the Intelligence Services Act. Among other differences, the U.S. procedures rely more heavily upon judicial involvement and supervision, while those of the UK employ other safeguards. The UK procedures afford greater latitude to arrest, detain and supervise suspected terrorists than those available in the United States. Contents Introduction ......................................................1 Police Stop and Search Powers .......................................3 Police Arrest Powers ...............................................5 Detention of Suspected Terrorists.....................................5 Control Orders....................................................8
    [Show full text]
  • Report Legal Research Assistance That Can Make a Builds
    EUROPEAN DIGITAL RIGHTS A LEGAL ANALYSIS OF BIOMETRIC MASS SURVEILLANCE PRACTICES IN GERMANY, THE NETHERLANDS, AND POLAND By Luca Montag, Rory Mcleod, Lara De Mets, Meghan Gauld, Fraser Rodger, and Mateusz Pełka EDRi - EUROPEAN DIGITAL RIGHTS 2 INDEX About the Edinburgh 1.4.5 ‘Biometric-Ready’ International Justice Cameras 38 Initiative (EIJI) 5 1.4.5.1 The right to dignity 38 Introductory Note 6 1.4.5.2 Structural List of Abbreviations 9 Discrimination 39 1.4.5.3 Proportionality 40 Key Terms 10 2. Fingerprints on Personal Foreword from European Identity Cards 42 Digital Rights (EDRi) 12 2.1 Analysis 43 Introduction to Germany 2.1.1 Human rights country study from EDRi 15 concerns 43 Germany 17 2.1.2 Consent 44 1 Facial Recognition 19 2.1.3 Access Extension 44 1.1 Local Government 19 3. Online Age and Identity 1.1.1 Case Study – ‘Verification’ 46 Cologne 20 3.1 Analysis 47 1.2 Federal Government 22 4. COVID-19 Responses 49 1.3 Biometric Technology 4.1 Analysis 50 Providers in Germany 23 4.2 The Convenience 1.3.1 Hardware 23 of Control 51 1.3.2 Software 25 5. Conclusion 53 1.4 Legal Analysis 31 Introduction to the Netherlands 1.4.1 German Law 31 country study from EDRi 55 1.4.1.1 Scope 31 The Netherlands 57 1.4.1.2 Necessity 33 1. Deployments by Public 1.4.2 EU Law 34 Entities 60 1.4.3 European 1.1. Dutch police and law Convention on enforcement authorities 61 Human Rights 37 1.1.1 CATCH Facial 1.4.4 International Recognition Human Rights Law 37 Surveillance Technology 61 1.1.1.1 CATCH - Legal Analysis 64 EDRi - EUROPEAN DIGITAL RIGHTS 3 1.1.2.
    [Show full text]
  • The Autonomous Surfer
    Renée Ridgway The Autonomous Surfer CAIS Report Fellowship Mai bis Oktober 2018 GEFÖRDERT DURCH RIDGWAY The Autonomous Surfer Research Questions The Autonomous Surfer endeavoured to discover the unknown unknowns of alternative search through the following research questions: What are the alternatives to Google search? What are their hidden revenue models, even if they do not collect user data? How do they deliver divergent (and qualitative) results or knowledge? What are the criteria that determine ranking and relevance? How do p2p search engines such as YaCy work? Does it deliver alternative results compared to other search engines? Is there still a movement for a larger, public index? Can there be serendipitous search, which is the ability to come across books, articles, images, information, objects, and so forth, by chance? Aims and Projected Results My PhD research investigates Google search – its early development, its technological innovation, its business model of the past 20 years and how it works now. Furthermore, I have experimented with Tor (The Onion Router) in order to find out if I could be anonymous online, and if so, would I receive diver- gent results from Google with the same keywords. For my fellowship at CAIS I decided to first research search engines that were incorporated into the Tor browser as default (Startpage, Disconnect) or are the default browser now (DuckDuckGo). I then researched search engines in my original CAIS proposal that I had come across in my PhD but hadn’t had the time to research; some are from the Society of the Query Reader (2014) and others I found en route or on colleagues’ suggestions.
    [Show full text]
  • The Right to Privacy and the Future of Mass Surveillance’
    ‘The Right to Privacy and the Future of Mass Surveillance’ ABSTRACT This article considers the feasibility of the adoption by the Council of Europe Member States of a multilateral binding treaty, called the Intelligence Codex (the Codex), aimed at regulating the working methods of state intelligence agencies. The Codex is the result of deep concerns about mass surveillance practices conducted by the United States’ National Security Agency (NSA) and the United Kingdom Government Communications Headquarters (GCHQ). The article explores the reasons for such a treaty. To that end, it identifies the discriminatory nature of the United States’ and the United Kingdom’s domestic legislation, pursuant to which foreign cyber surveillance programmes are operated, which reinforces the need to broaden the scope of extraterritorial application of the human rights treaties. Furthermore, it demonstrates that the US and UK foreign mass surveillance se practices interferes with the right to privacy of communications and cannot be justified under Article 17 ICCPR and Article 8 ECHR. As mass surveillance seems set to continue unabated, the article supports the calls from the Council of Europe to ban cyber espionage and mass untargeted cyber surveillance. The response to the proposal of a legally binding Intelligence Codexhard law solution to mass surveillance problem from the 47 Council of Europe governments has been so far muted, however a soft law option may be a viable way forward. Key Words: privacy, cyber surveillance, non-discrimination, Intelligence Codex, soft law. Introduction Peacetime espionage is by no means a new phenomenon in international relations.1 It has always been a prevalent method of gathering intelligence from afar, including through electronic means.2 However, foreign cyber surveillance on the scale revealed by Edward Snowden performed by the United States National Security Agency (NSA), the United Kingdom Government Communications Headquarters (GCHQ) and their Five Eyes partners3 1 Geoffrey B.
    [Show full text]