Privacy International defends the right to privacy across the world, and fights surveillance and other intrusions into private life by governments and corporations. Read more »


Chapter: 

Modern and democratic political surveillance

All the examples I've given so far are technically similar to the schemes from days of old. The RG case in France isn't much different from the Hoover files in the collection of politically damaging information; the membership list of the BNP isn't technologically much different from the NAACP membership lists. Modern and technologically advanced political surveillance raises the stakes significantly as it first builds the surveillance into the infrastructure of society, and then democratises it in ways that Lambrinides worried about in the Greek Junta where it applies to the general population.

The infrastructure of surveillance

Modern telecommunications infrastructures are designed with backdoors to enable state surveillance. This began as an initiative of the Clinton Administration when it subsidised and mandated that modern telecommunications devices be designed to assist with law enforcement access. The policy was then expanded upon by the Europeans where 'lawful intercept' was standardised through the European Telecommunications Standard Institute. When we opposed these moves back in the 1990s we were admonished for not believing that democratic safeguards would prevent abuse.

Democratic safeguards and global technology do not necessarily mix well together. The technological capabilities for lawful intercept can be abused. In Greece in 2004, unknown third parties were able to listen to the communications of the Prime Minister of Greece, and dozens of other high-ranking dignitaries over the Vodafone network by gaining access to the lawful intercept capabilities. To this day we are unsure of who initiated the spying.1

More recently these same capabilities were reported to have been used by the Iranian Government to monitor protestors. The Wall Street Journal reported that Nokia Siemens had sold telecommunications technology to the Iranian telecommunications company, and this technology included the 'lawful intercept' standard (though the Wall Street Journal contended that this enabled data interception, Nokia states that it only gave voice intercept capability). This technology is now in place to permit the Iranian government to 'lawfully' intercept the voice communications of opponents to the Government. Nokia responded just as Vodafone did: they were compelled to include these backdoors into the technology by European standards.2 In light of this, it is perhaps less surprising to hear that the Iranian elite military force, the Islamic Revolutionary Guards Corps, completed a takeover of majority share in the Iranian telecommunications company in October 2009.3

Democratising political surveillance

With these technological changes, and with the advances in the use of the internet and modern databases, political surveillance no longer needs to be targeted or requires vast amounts of resources. Through a simple subpoena or unwarranted access, vast amounts of personal information on individuals may be accessible by government authorities. Much of this information would have been previously inaccessible to governments. As recent examples:

  • In October 2008 the U.S. Department of Justice issued a subpoena to Indymedia's website administator to disclose "all IP traffic to and from indymedia.us".4 These logs would disclose the identifying information behind all visitors to the website, all journalists and commentators who posted content.  Indymedia was also gagged from disclosing the fact that it had received the subpoena.
  • In August 2009 Azerbajiani police questioned a number of individuals who had logged a vote using text messaging for an Armenian artist in the Eurovision song contest. Eurovision organisers later stated that they may ban countries from the competition if broadcasters disclose information about voters' identities.5
  • In Europe, telecommunications companies are now compelled to retain the logs of customers' locations, calls, emails, and other such data for up to two years.  Other countries are eagerly following the European lead.  In July 2009, the Iranian Government announced new 'cybercrime' laws to protect the privacy of individuals that required internet companies to store all the data sent or received by their customers.6

Tactics such as these are regularly used to discover the identities of journalists' sources by gaining access to telephone and email logs.  The Committee to Protect Journalists 2009 study on the 'Worst Countries to be a Blogger' used a methodology of eight research questions, with three focussing on surveillance.7

Social networking services may exacerbate this problem. On these sites, individuals join 'groups' or 'fan pages' and then share this information with large networks. Sexual orientation, political interests, religious faith can be disclosed easily. Even if this information is not willingly disclosed by the individual, two MIT students recently discovered that they could predict an individual's sexual orientation by examining a friends' list.8 Recent changes to Facebook's privacy settings drew the ire of the Electronic Frontier Foundation who noted that while Facebook celebrates the fact that it is used in Iran, it has now made life easier for the Iranian government to identify supporters of the Opposition.9 In October 2009 the investment arm of the Central Intelligence Agency invested into a software firm that specialises in monitoring social media, crawling through half a million web 2.0 sites a day.10

The Internet is not the sole source of additional personal information for this purpose, however. Vast new datastores have been established in recent years.  Governments and companies now run databases that keep information on our financial transactions, medical status, and travel habits; and they share and mine this information on widespread bases. As surveillance again takes place often without the knowledge of the individual under surveillance, there is no way to contest if the Government seeks access to the medical information of critics, or telephone records of Opposition members, critics, or journalists. In countries where Government is the custodian of this information in the first place, unobstructed access to personal information is now possible. In 2008 the UK Government proposed that it become the custodian of all internet traffic data, including social networking interactions; in 2009 the Government pulled back a little and decided to ask telecommunications providers to monitor all internet users and to share this data with the authorities upon request.  Meanwhile India copied the 2008 UK plans and recently announced its intention to collect all telephone and email traffic data for the nation.11

Footnotes

  • 1. The Athens Affair', Vassilis Prevelakis and Diomidis Spinellis, IEEE Spectrum, July 2007.
  • 2.  'Provision of Lawful Intercept capability in Iran', Nokia Siemens Networks, June 22, 2009.
  • 3. Elite Guard in Iran Tightens Its Grip With Telecom Move', Michael Slackman, New York Times, October 8, 2009.
  • 4.  'Justice Dept. Asked For News Site's Visitor Lists', Declan McCullgh, CBS News, November 10, 2009.
  • 5. 'Eurovision changes privacy rule', BBC, September 18, 2009.
  • 6. 'Iran to monitor cyberspace to fight offenses', PressTV, July 20, 2009.
  • 7.  '10 Worst Countries to be a Blogger', CPJ, April 30, 2009.
  • 8. 'Project Gaydar', Carolyn Y. Johnson, The Boston Globe, September 20, 2009.
  • 9. 'Facebook's New Privacy Changes: The Good, The Bad, and The Ugly', Kevin Bankston, Electronic Frontier Foundation, December 9, 2009.
  • 10. 'Exclusive: U.S. Spies Buy Stake in Firm That Monitors Blogs, Tweets', Noah Shachtman, Wired, October 19, 2009.' and 'Twitter Tapping', New York Times Editorial, December 12, 2009.
  • 11. 'Centralised System to Monitor Communications', Ministry of Communications & Information Technology, November 26, 2009.