PI is pleased to announce a public consultation on the International Principles on Communications Surveillance and Human Rights
Today we launch the public consultation process for the International Principles on Communications Surveillance and Human Rights. From now until January 3rd, we are inviting comments and suggestions on the draft principles.
The rationale behind these principles is to provide civil society, industry and government with a framework against which to evaluate whether current or proposed surveillance laws and practices are consistent with human rights. Now more than ever, we need greater transparency and proportionality around state surveillance in order to safeguard the future of participatory democracy. Before the global adoption of the Internet, specific legal principles and the logistical burdens inherent in monitoring private communications restricted their availability to public authorities. However, over the past couple of decades, those logistical burdens have been minimised by technological developments and the existing legal frameworks, designed with letters and landlines in mind, are no longer applicable to communications tools like smartphones. We have therefore seen an explosion in law enforcement access to communications, as illustrated by some of the statistics collected and published by Google's Transparency Team. Since Google launched the Transparency Report three years ago, the number of law-enforcement requests for user data worldwide has doubled. User data requests to Google from the Netherlands, Poland and Spain increased by 59%, 46% and 27%, respectively between the second half of 2011 and first half of 2012.
Google's legal team, and those of some other big players in the technology, have the time and resources to vet each request from law enforcement for legality and refuse those that are unlawful. Police forces are therefore increasingly exploring alternative methods of getting hold of the information they want. The German police are deploying a trojan, developed by and purchased from a private company, to hack target computers and mobile devices, log every keystroke and remotely operate cameras and microphones on laptops and smartphones. According to a 2003 study in Germany, 75% of telephone wiretapping actions conducted by law enforcement agencies violated the law. In 2007, the Zimbabwean president signed into law the controversial Interception of Communications Act, authorising his ministers to eavesdrop on phone, Internet and other electronic communications and read physical mail without judicial permission. This dangerous practice was actually lifted directly from British law. The Act also demands that communication services providers facilitate the interception and storage of private communications at the government's request.
Legislative processes are also leaning towards the excessively invasive. For example, the Dutch government is currently pushing though a law that would allow police to hack into and delete personal information, and compel access to encrypted data. In India, the maximum standard for encryption of information is set by law at 40 bits - so weak as to be completely ineffective against even the most amateur hackers. A Belgian law enacted in December 2001 bans anonymity for subscribers and users of telecommunications network operators and service providers.
As privacy advocates, we have often found it difficult to combat abuses like the ones I've described due to the lack of an agreed and internationally applicable set of standards. We have sometimes found ourselves wondering where the boundaries of acceptability lie when it came to lawful access to communications. That's why, in October, we gathered over 40 technology and law experts together in Brussels to discuss methods for observing and analysing modern surveillance techniques and possible policy responses, at a meeting we co-hosted with Google. The draft International Principles were one of the outcomes of that meeting, and since then, we have conducted further consultations with international experts in communications surveillance law, policy and technology. Now we would like to open that process up to everyone...