«Compiled and edited by Simon Davies June 2014 A Crisis of accountability 2 Contents Contents Acknowledgments ...»
A Crisis of accountability 68 In November 2013 the director of the Spanish Intelligence Centre (CNI) appeared behind closed doors at the Official Secrets Commission. His appearance was agreed after the media revealed that Spain was a ‘second degree’ ally to the US, and that the CNI had allowed or helped the US tap into 60 million phone calls between December 2012 and January 2013 alone. This was denied by NSA director Keith Alexander, who emphasized that the metadata generated was gathered under regular NATO collaboration and was related only to suspicious activity in third countries (Mali and Afghanistan at least). The members of parliament who attended the Official Secrets Commission were specifically asked not to reveal the details of the session, but those who briefly spoke to the media showed satisfaction and mentioned how the CNI director made it clear that Spain had always acted according to the law, that the data of Spanish citizens has not been compromised or made vulnerable by NSA activities and that it was US intelligence that should provide further explanations.
In December, the left opposition requested permission for Snowden to travel to Spain and appear before the Justice Commission, but the request seems to have been ignored by the government.
In March 2014 the LIBE committee published its report on Electronic Mass Surveillance of EU Citizens, and the left opposition used its recommendations to file a series of questions to the government. Specifically, on April 30th they
‘What measures have been taken by the government to fulfil the fourteen recommendations of the LIBE committee report on the programs of massive surveillance of the US surveillance agency (NSA)? If the answer is affirmative, what are those measures? If the answer is negative, why?
As the report suggests, have the legal measures against the attack on Spain’s sovereignty and therefore the violation of general public international law through mass surveillance programs been taken? If the answer is negative, why?’ The official response form the government may take several months. And while some other parties have expressed their plans to undertake similar actions, as reported recently in ElDiario.es, this has not yet happened.
Therefore, while it is difficult to establish a direct link between the parliamentary and the media debate, they both seem to share a lack of interest in the issue. If in Parliament the left opposition is the exception to the rule, in the media mass surveillance has only appeared consistently in the technology section of ElDiario.es. The rule, however, continues to be a generalized indifference.
The impact of the Snowden revelations outside of the media and parliament are difficult to assess only twelve months after they happened, even though A Crisis of accountability 69 this may change in the future. Societal change cannot be measured in such a short time-span, especially when no specific efforts are made in this direction.
The Data Protection Agency could have published a report or issued specific materials, but this has not been the case. Also, their 2013 report has not yet been published, and so it is impossible to look for relevant indicators there.
The same can be said for the Centre for Sociological Investigations (CIS), responsible for Spain’s large opinion polls. The last relevant data we find in their survey series -addressing matters of trust, data protection and feelings of insecurity- is several years old. While this would pose methodological challenges, in the next few years it should be possible to use CIS data to identify trends and changes.
Until then, we can make only educated guesses. The privacy debate in Spain seems to be increasingly conscious of the Snowden revelations and the data protection challenge. In the recent VI Surveillance and Society Conference held in Barcelona and specifically addressing the post-Snowden context, the media were reluctant to cover the event on the grounds of state surveillance alone and seemed to be more willing to link it to data privacy in social media and the responsibility of users. Similarly, the recently opened Big Bang Data exhibition in Barcelona and Madrid relies heavily on the user experience and social media, making few references to Snowden, even though the curators have expressed how the revelations changed their conception of the whole project.
Overall, the Snowden debate seems to be contributing to a more general debate on online privacy and the commercialization of data, while people’s expressed concerns continue to focus on unemployment, the crisis and corruption. This is hardly surprising in a post-authoritarian country where topdown surveillance has been the norm rather than the exception for most of the last century, where there is no history of political whistleblowing, where most people confess to being distrustful of their neighbours and where the financial crisis has made all other issues fade into the background. But Spain is also a county that has seen remarkable instances of resistance to CCTV proliferation and where the outcry over whatsapp’s data vulnerability did lead to many people looking –somewhat unsuccessfully - for instant messaging alternatives.
There are signs that a debate has been sparked, at least in specific milieus and in relation to cybersecurity, social media and privacy concerns. And while the media and political passivity is an immediate challenge, general privacy concerns have managed to become the standard in technology reporting and policy. In this evolving context, every new revelation on the use and abuse of surveillance powers is contributing to strengthening the need for a true public debate on the possibilities and risks of the surveillance society.
Correspondent: Gemma Galdon ClavellA Crisis of accountability 70
United Kingdom Despite facing significant pressure in the wake of the Snowden revelations one of the largest leaks of classified material in history that revealed the secret mass surveillance apparatus run by GCHQ - the Government has responded with silence, obfuscation and secrecy.
GCHQ is tapping undersea cables, installing spyware onto millions of phones and computers around the world and hacking into the infrastructure of internet service providers. Yet because of the secretive nature of its activities, combined with the weak oversight of intelligence agencies, much-needed policy reforms have been neglected. There is clear evidence that the public opposes such pervasive surveillance, evidenced just over a year ago with the demise of the deeply unpopular Snoopers Charter.
Deputy Prime Minister Nick Clegg has ordered an “Obama-style” review of intelligence agencies, to be led by the Royal United Services Institute, but the report will not even be released until after the May 2015 elections. When it is made public, advocates believe the review should recommend the six
principles laid out by the Don’t Spy On Us coalition in the UK:
1 No surveillance without suspicion 2 No more secrecy: Surveillance laws must be transparent and governed by a clear legal framework.
3 Surveillance must be sanctioned by an independent judge, not ministers 4 Effective government oversight 5 A right to redress and have legal challenge heard in an open court 6 overnment ensuring that the web is secure and promote, not undermine, strong encryption.
The surprise and outrage shown by politicians at the start of the Snowden leaks died quickly. Nowadays, the only officials we hear from are those charged with oversight of MI5, MI6, and GCHQ, but their words are only ever in defence of the vast and intrusive surveillance conducted by UK authorities.
The oversight and review bodies, Committees and Commissioners alike, have produced nothing more than a “Job well done” bouquet to intelligence and security agencies.
A Crisis of accountability 71 This lack of oversight, however, has not gone unnoticed, and in fact is one of the most glaring problems the public is calling to be addressed. The Parliamentary Home Affairs Committee released a scathing report and was highly critical of the so-called oversight bodies. It pointed out in strong language that the current oversight of security and intelligence agencies is weak, inadequate and not fit for purpose.
Given that the prospects of politicians initiating policy change are slim at the moment, the most promising chances of reform have come through legal action. Privacy International, Amnesty International, Bytes for All (Pakistan), Liberty, ACLU (with others), and Abdel Hakim Belhadj have all filed complaints in the Investigatory Powers Tribunal. The IPT, however, is not the ideal venue for challenging state power, since it is mainly a secretive court that almost always sides with Government and does not have to publicly justify its opinions. But, this is the only legal avenue granted to reform the surveillance apparatus. Further, Big Brother Watch, Open Rights Group, English PEN, and internet campaigner Constanze Kurz have filed a similar challenge at the European Court of Human Rights.
There is more action to come, though, as Privacy International continues to challenge GCHQ’s surveillance operations, specifically their more intrusive methods of hacking into personal phones and computers.
United States The Snowden disclosures were met with a broad-based outpouring of outrage in the United States, with the criticism focused mostly on the privacy rights of US citizens. Media coverage was generally highly critical, with national media outlets such as the Washington Post, New York Times, ProPublica and Mother Jones publishing some of the disclosed documents. The disclosures also triggered numerous protests and grassroots campaigns, at least 6 lawsuits aimed at stopping NSA mass surveillance and several legislative proposals aimed at modifying NSA surveillance. The disclosures of the NSA’s domestic spying programs, particularly the telephone call detail records collection program, have started a national conversation on both domestic and foreign surveillance policies. However, thus far, none of the surveillance reforms have been aimed at stopping the bulk collection of communications of non-US persons.
Many members of the US Congress expressed outrage upon the disclosure of the call detail records collection program, even though the US has said the legislators were made aware of the program. Several legislative proposals were offered to reform the call detail records collection, some of which sought to end mass data collection, and others which sought to make the existing program legal. On May 22, 2014, the US House of Representatives passed the USA Freedom Act, which would offer mild reforms of the surveillance. The Act will not become law unless approved by the US Senate and signed by the President. None of the proposed laws would reform NSA surveillance of nonUS persons outside the United States.
Executive Branch Response
President Obama convened a panel of constitutional law and national security experts to assess the legality and wisdom of the disclosed NSA surveillance programs. In December 2013, that panel issued a 300-page report that concluded that the NSA's programs raised serious constitutional concerns and proposed 46 reforms. Separately, a newly created standing body called the President’s Civil Liberties Oversight Board (PCLOB) issued its own report making more focused findings, but in a similar vein.
A Crisis of accountability 73 The President responded by issuing Presidential Policy Directive 28 (PPD 28). PPD 28 generally instructs the US intelligence community to examine its bulk collection programs and recommend to the President whether those programs can be limited in any way. PPD 28 is notable for acknowledging that privacy rights must be respected “regardless of the nationality of the individual to whom the information pertains or where that person resides.” PPD 28 then purports to apply the same protections for the dissemination and retention of bulk-collected data that US persons enjoy to non-US persons. However, these protections are neither explicit nor substantial. Moreover, the US has continued to interpret the International Covenant on Civil and Political Rights (ICCPR), of which it is a signatory, as imposing no human rights obligations with respect to extraterritorial surveillance.
President Obama also announced that he would propose legislation to reform NSA surveillance and its oversight by the Foreign Intelligence Surveillance Court. But although the features of such reform have been released, the President has yet to propose specific legislation.
Hundreds of thousands of Americans participated in grass-roots efforts protesting the NSA’s surveillance activities through events such as the StopWatching.US coalition and The Day We Fight Back, the latter of which was aimed at protecting the privacy rights of both Americans and foreigners.
Data has indicated a marked increase in encrypted Internet traffic in the year since the initial Snowden disclosures (See Sandvine Global Internet Phenomena Report, 1H 2014 https://www.sandvine.com/trends/globalinternet-phenomena/ ).
At least six legal actions were filed as a direct result of the disclosure of the NSA’s mass collection of telephone call detail records. So far, one judge has found the telephone call detail records collection program to be unconstitutional, while one has found it to be constitutional. Both of those decisions are on appeal. The other matters await an initial judicial determination.
None of the lawsuits directly challenge the legality of the surveillance programs with respect to surveillance of non-US persons.
Information about the contributors Carolina Botero (Colombia). Carolina is a researcher, lawyer, lecturer, writer and consultant on issues related to law and technology. She is leading the Law, Internet and Society group inside the Karisma Foundation and is Regional Project Manager for Latin America for Creative Commons. Every week she writes an opinion column at El Espectador.
https://twitter.com/carobotero Bruna Castanheira: (Brazil). Lawyer active in the areas of Digital Law and Intellectual Property, collaborator of the Oficina Antivigilância project, research assistant on the Global Internet Program.