The PRISM scandal gets bigger
This article is also available in:
Deutsch: PRISM-Skandal weitet sich immer mehr aus
Privacy campaigners have filed claims against Prism and Tempora, the US and British spy programmes that allow intelligence agencies to gather, store and share data on millions of innocent people.
Privacy International has submitted a claim to the Investigatory Powers Tribunal (IPT), hoping for a public hearing and early rulings, due to the seriousness of the issue. Privacy International’s statement refers to the Prism programme, which allows the NSA to intercept the communications of non-US citizens living outside America from global Internet companies such as Google, Facebook and Yahoo. It transpires that this information has been shared with the UK agency GCHQ. Privacy International also ask for a temporary injunction against the Tempora programme, which allows GCHQ to tap into the transatlantic fibre-optic cables used for telephone and Internet services and gather large amounts of sensitive data.
"If UK authorities are to be permitted to access such information in relation to those located in the UK in secret and without their knowledge or consent, the European convention on human rights (ECHR) requires there to be a legal regime in place which contains sufficient safeguards against abuse of power and arbitrary use. There is no such regime," says PI's statement.
Also, emails and phone calls made in the UK that pass electronically through the US can be intercepted by the NSA, which has access to these data as well. Moreover, the UK agency, by accessing the US programme, can “obtain private information about UK citizens without having to comply with any requirements of RIPA (the Regulation of Investigatory Powers Act)"
Privacy International intended to file the claim in the Administrative Court, which would have had public proceedings. They were however forced to file the claim with the IPT, a secret tribunal that does not make its proceedings public and does not have to give reasons for its decisions.
"One of the underlying tenets of law in a democratic society is the accessibility and foreseeability of a law. If there is no way for citizens to know of the existence, interpretation, or execution of a law, then the law is effectively secret. And secret law is not law. It is a fundamental breach of the social contract if the government can operate with unrestrained power in such an arbitrary fashion," said Eric King, head of research at Privacy International.
The civil rights group Liberty has also made a complaint to the IPT. The group believes its own electronic communications and those of its staff may have been unlawfully intercepted by the security services and GCHQ.
In the US, a broad coalition of organizations teamed up for a freedom of association lawsuit. The coalition filed a suit against the National Security Agency (NSA) for the violation of the First Amendment right of association by illegally collecting their call records. The coalition is represented by the Electronic Frontier Foundation (EFF), a digital rights group, also a member of EDRi, with years of experience in fighting illegal government surveillance in the courts.
To make things worse, the PRISM scandal continues after the Guardian revealed documents disclosed by former NSA employee Edward Snowden that appear to show that Microsoft collaborated with US intelligence services to allow users' communications to be intercepted, including helping the NSA to circumvent the company's own encryption.
The documents appear to show that Microsoft collaborated with the FBI and CIA and the material collected through Prism is shared by all three agencies. Skype was revealed as one source of information.
"This makes it clear that trusting Microsoft with your critical company data is downright negligent. In both the public and the private sector, those responsible for security and data protection urgently need to take action to protect their organisations, customers and clients," says Karsten Gerloff, President of the Free Software Foundation Europe.
In its statement to the Guardian, Microsoft said that its “compliance team examines all demands very closely, and we reject them if we believe they aren't valid”. Also, that the company said that it only complies with “orders about specific accounts or identifiers”, “would not respond to the kind of blanket orders discussed in the press over the past few weeks, as the volumes documented in (its) most recent disclosure clearly illustrate.”
The company added: “when we upgrade or update products, legal obligations may in some circumstances require that we maintain the ability to provide information in response to a law enforcement or national security request. There are aspects of this debate that we wish we were able to discuss more freely. That's why we've argued for additional transparency that would help everyone understand and debate these important issues.”
US and UK are not alone in this electronic information gathering race. France is not that far behind. Le Monde has also revealed that DGSE (Direction générale de la sécurité extérieure) systematically collect electromagnetic signals from computers and phones in France including the traffic between French citizens and people abroad. Information from emails, telephone calls, access to Facebook or Twitter are then stored for long periods of time. The database can be accessed by all French intelligence services.
Revelations on French Big Brother (only in French, update 7.07.2013)
NSA and GCHQ spy programmes face legal challenge (8.07.2013)
Privacy International files legal challenge against UK government over
mass surveillance programmes (8.07.2013)
New Snowden leak: Storing your data at Microsoft is negligent
How Microsoft handed the NSA access to encrypted messages (12.07.2013)
Unitarian Church, Gun Groups Join EFF to Sue NSA Over Illegal