If one were to say that internet privacy and concerns for file-sharers rarely, if ever, cross paths, this latest development would only further disprove this myth. While the Australian government says that the Telecommunications (Interception and Access) Amendment Bill 2009 – Network Protection is merely about network maintenance, the Electronic Frontier Australia paints a very different and far grimmer picture on what is going on.

EFA’s submission addresses our key concern that the proposed legislation provides a very broad exception to the prohibition on interception of network communications for the purposes of ensuring that a network is ‘appropriately used’. This is a very broad category that means that all network operators in Australia will be able to monitor the substance of communications that pass over their network for compliance with their Acceptable Use Policies – the terms of which could include nearly anything. The AGD suggests that this is necessary to increase security, but have not shown any convincing justification why the contents of communications need to be examined nor why the scheme should extend beyond corporate networks to all Australian networks – including consumer ISPs.

This proposed changed threatens to radically alter the ability of network operators to intercept, store, and disclose information passing over their networks. There are no safeguards to prevent disclosure to law enforcement agencies or third parties. It is entirely possible for these new provisions to be used to examine P2P filesharing data for copyright violations, for example, and to disclose any captured information to copyright owners.

In other words, these amendments could be used to get ISPs to do all the dirty work for the copyright industry.

In a submission during the very short consultation period, the EFA submitted their comments with regards to the proposed amendments, saying that the consultation was far too short for more critical analysis. They further comment with the following:

Section 5(1) effectively provides that ‘network protection duties’ includes monitoring the content of communications in order to ascertain whether the network is being ‘appropriately used’. Because of the broad undefined nature of the term ‘appropriately used’ and the fact that many AUPs may contain restrictions not on protocols or services that internet uses may use but upon the purpose for which those communications are being made, this provision opens the bulk of network communications to potential interception and continuing surveillance.

A common example can be found in AUPs that prohibit the use of peer-to-peer filesharing networks for the purposes of copyright infringement. In order to determine whether “the network is appropriately used”, a network operator would be required to intercept all peer-to-peer traffic and attempt a determination of whether any given traffic streams are being used to communicate copyright material without the licence of the copyright owner. Not only is such a task difficult or impossible due to the inherent complexity of copyright law and need to analyse the scope of any potential licences or fair dealing defences, it seriously imposes on the privacy of network users who are using legitimate file-sharing protocols for non-infringing activity.

EFA opposes the construction of ‘appropriately used’ in s 6AAA of the exposure draft. We submit that the definition in s 6AAA ought to be amended to reflect that operators are only entitled to intercept and monitor communications where those communications pose a threat to the security of the network itself. EFA notes that there are already laws in place which deal with the disclose of sensitive information, and that there are already civil and criminal procedures available to determine the origins and contents of communications that appear to contravene such laws. The proposed amendments have the dangerous effect of reversing the burden of proof for such monitoring, allowing network operators to monitor for compliance, rather than to seek disclosure once a prima facie case or reasonable suspicion of unlawful
activity exists. To the extent that operators of networks require the ability to monitor the activities of their users, there is no justification for allowing substantive examination of the contents of communication as opposed to the envelope information – numbers and types of packets and their destinations.

At best, this law should be a frightening prospect to all internet users, not just file-sharers as this is a huge infringement of personal privacy. While Canada is currently in the midst of mulling lawful access once again, at least the scope was far narrower than this. Even the US, home of the much despised DMCA didn’t go this far. Even the French three strikes law required some action from rights holders. To date, this appears to be the worst ISP law proposal we’ve ever seen followed closely by Austrian newspapers wanting to use data retention to enforce copyright.

Clearly, to the best of our knowledge, Australia is mulling the concept of boldly going where no other country has gone before in terms of mass communication interception. One wonders if the government has any idea what kind of task it would be to force ISPs to patrol their own networks on a packet-by-packet basis. Searching through headers on an entire major ISP is probably full time work for a team of internet specialists. That doesn’t even touch encrypted traffic. ISPs would probably have to pay money to a whole task force to people just to comply with this law which could have been spent on critical infrastructure upgrades, so Australian ISPs have a lot to lose, let alone Australian ISP customers who would have to worry about an ISP specialist covertly spying on every message or packet they send and receive online.

The law proposal will be debated in the Australian parliament in December, so there is still time to oppose this law.

Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com.

The manifesto of the Pirate Party of Canada is in the works, the current members are trying to figure out how to bring awareness, and general internal organization is taking place, but all good things start somewhere. After a few years of discussions on the Pirate Party International website, there are signs that the Pirate Party of Canada is now forming. A website has been set up (including forums) and it’s not hard to see that they are in need of some helping hands.

In Sweden, the Pirate Party stands for privacy, a halt to online censorship, doing away with medical patents and legalizing file-sharing. No surprise that this movement has taken off elsewhere in the world.

We asked the Pirate Party of Canada what all was happening and were able to get a response.

“Your guess that there is some internal organizing going on is 100% accurate,” Daynes told ZeroPaid when asked if there was internal organization taking place, “at this moment in time that is one of our main concerns”

“however,” he added, “membership is still a pressing concern.”

There’s been plenty of issues happening in Canada that the Pirate Party could gain support from. The biggest reason one might join the Pirate Party is if Canadians are fed up with what has happened on the Copyright file. With the Liberals Bill C-60 and the Conservatives Bill C-61, it seems as though neither of the biggest parties haven’t, in practise, been too user friendly. Added to this is the recent comments by the current public safety minister Peter Van Loan during an episode of Search Engine. The minister suggested (direct link to MP3) said that users have no expectation of privacy online and that, in spite of the courts cited by Jesse Brown, suggested that real name, address and telephone number doesn’t count as personal information.

Added to this was recent comments made by the Liberal party which said that Canada needs to immediately reform copyright laws to “combat” the “scourge” of piracy and ratify WIPO. Those comments were followed up by follow-up comments which suggested that merely stating this merely marks interest on the copyright file.

While the Pirate Party of Canada is still a ways of from becoming an officially registered party, it won’t hurt the party to gain a few new interested individuals to help them out reach that goal of becoming an officially registered party in the future a little faster.

To help, you can join the Pirate Party of Canada forum.

Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com.

There’s an international movement afoot to get ISPs to more closely monitor their networks and the traffic that flows through it. On the international stage, questions are being raised over ISP or DNS blacklists, ISP level surveillance and data retention. Since no human is perfect, does these new expansions in powers around the world also increase the potential for abuse as well?

The editorial in the National Post comments on the repeated themes on how legislation like warrantless wiretapping was pushed forward in the past. In Canada, it’s the repeated themes of how this is suppose to help save the children from online predators. In North America, there’s also that theme of how it’s suppose to somehow help fight terrorism. The editorial article comments on how such arguments are weak while defending the broadening of surveillance in Canada.

Meanwhile, the Ottawa Citizen echoed those sentiments and also notes how in any given gathering, there are those who are present for less than ideal reasons. Not only this, but also puts forth the question, since when do judges block a police investigation on a regular basis and prevents them from getting a warrant in the first place? The editorial suggests that apologists for the surveillance legislation has yet to provide such evidence and concludes that given another Conservative member had issues with the Google van taking pictures around neighbourhoods for their Street View project (they were definitely questioned in committee over privacy concerns) and given that the Safety Minister is pushing for surveillance legislation that would diminish privacy much more severely than any fleet of vans with 360 degree cameras ever could, the party that argues for small government is sending mixed messages to the public.

There was another theme both editorials conveyed which has been an underlying issue ever since the legislation was tabled, the fact that the minister who tabled the legislation was the same minister who, in a different time, promised to not expand surveillance powers and have such surveillance laws forgo the need of a warrant. Was this part of the political deal when Canadians saw their election postponed to at least the Fall? Who knows. At the very least, though, a backtrack is a backtrack and for the months leading up to the tabling of the legislation, the Liberal party has continually pushed to have surveillance legislation tabled in the House of Commons (Just use Google to search through the Hansard for things like ‘modernization’, ‘2008′, ‘2009′ and ‘investigation techniques’) With support from both the Liberal party and the Conservative party, the legislation is pretty much guaranteed to pass save for another election.

But what of the fears that this opens the floodgates for abuse? The legislation does, indeed, call for the installation of surveillance technology on the ISPs in Canada. We’ve looked through Bill C-46 and Bill C-47 to find that out. While the editorials have pointed to evidence in Canada that police are actually prone to doing less than legal things (one pointed to unauthorized plate checking for one) However, we also know that, internationally speaking, when things like ISP level wiretapping occur, not only has it opened the floodgates for abuse in the legal and law enforcement sphere, but it also opened the floodgates for abuse in the commercial sphere as well.

We begin our look at the country that is geographically closest to Canada. The neighbours to the south. The United States where it has appeared that the debate on such things looks as though security trumps privacy, an ironic turn of events considering that famous quote from Benjamin Franklin that rings true today, which says “He who sacrifices freedom for security deserves neither”, actually comes from the United States in the first place. The NYTimes unearthed quite a lot recently about the Bush promoted AT&T wiretapping program recently. Among the evidence was commentary on how, probably millions of, Americans were wiretapped that went far beyond the legal restraints surrounding such activity. One of those Americans who was illegally wiretapped? Former president Bill Clinton. One can get the impression that the unauthorized wiretapping is starting to get out of control.

It is important to note the differences between the case in the United States. In Canada, the proposed legislation would grant eavesdropping to police without a warrant. In the United States, the eavesdropping permits a copy of the traffic flowing through ISPs like AT&T and connects that information directly to organizations such as the NSA. While an important difference, when it comes to privacy concerns for many, that is little more than a clerical difference rather than a significant difference. In the end, police obtained unfettered access to details of your activity online.

Of course, an increase in state powers have gained the interest of commercial entities as well. The most vivid also happening to be the most recent. Austria is a member of the European Union. In the European Union, there is a law that makes ISPs retain data of all of it’s users – also known as Data Retention. While there was a movement to stop the data retention directive, data retention ultimately became law. It appears that an organization of Austrian newspapers have been eyeing that data retention and have called upon the government to use data retention to enforce copyright. There was a stunning quote from the organization that seemed to cap off this attempt which says, “Privacy should not be used as a cover for rights abused.” Forget child abuse. Forget the terrorists. Forget identity thieves. The debate, judging by that development, has shifted to whether or not commercial entities should have access to that data retention for their commercial interests. The real question is, where do these surveillance demands end? What interests should be brought up to the level of access enjoyed by entities interested in, say, national security? As we’ve noticed, this kind of thing isn’t an isolated incident either in Europe.

Last year, in Germany, Deutsche Telekom was raided over spying allegations. In essence, the telecommunications company was worried that insiders were leaking information to reporters, so they monitored their employees – illegally. Since the Canadian case is about installing surveillance infrastructure, it’s important to note how installing such technology would open up potential abuse precisely like this. Legal or not, the potential is there.

Recently, Germany passed legislation that would bring in mandatory censorship legislation. While not wiretapping or surveillance, it does force ISPs to grant new powers over the internet – in this case, blocking a whole list of websites. Isn’t it interesting that just three months earlier, German book publishers wanted to add Rapidshare to that blacklist?

Even further back into January of this year, there were things that happened that forced the German government to say that data retention is for terrorists, not copyright infringers. In response, the IFPI said that it would be contradictory for the government to not hand over all the information over to them for copyright legal pursuits.

What about free speech? A government mandated blacklist in many countries is said to stop child pornography. Australians know all too well how web censorship like that can go too far after the ACMA blacklist leak showed perfectly legal sites on them. While the governing body denied the authenticity of the leaked list, there have been suggestions that the blacklist did come from an ISP in the first place and some of those sites have been added on there because of commercial reasons. Over in Britain, a similar incident happened where British ISPs blocked Wikipedia.

Going further, these aren’t the only cases where new surveillance or censorship measures were attempted to be used for reasons beyond what the legislation was promoted to be stopping in the first place. Already, the copyright industry, along with a few other companies, have tried multiple times to use surveillance or censorship for commercial gains or interests. Legal websites have been put on national blacklists in the past in other countries. The question many Canadians should be asking over top of other questions that have already been raised is where would these intrusions on internet users rights end? Is this legislation in Canada merely an update or modernization and that would be the end of it or would further demands be raised if the currently proposed legislation is passed? All this given multiple international examples.

It certainly, from this standpoint, that this surveillance legislation is not only bad for users privacy, but also the tip of the iceberg as well.

[Hat Tip: Michael Geist 1 and 2]

Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com.

The bills in question are Bill C-46 and Bill C-47. Interesting that there has to be two bills, but we’ll go in numeric order here and devote this article, for the sake of length, to Bill C-46 (which is several pages long).

We should also note that this review of the legislation is made by someone who is not a lawyer, expert of the law or someone giving away legal advice by any stretch of the imagination. What this review strictly is is an average Canadians interpretation of the law who is not specifically or formally trained to be a law expert.

Bill C-46 – Quotes and Comments

:

Also known as the Investigation Powers for the 21st century. Let’s look at some excerpts of the law:

327. (1) Everyone who, without lawful excuse, makes, possesses, sells, offers for sale, imports, obtains for use, distributes or makes available a device that is designed or adapted primarily to use a telecommunication facility or obtain a telecommunication service without payment of a lawful charge, under circumstances that give rise to a reasonable inference that the device has been used or is or was intended to be used for that purpose, is

(a) guilty of an indictable offence and liable to imprisonment for a term of not more than two years; or

(b) guilty of an offence punishable on summary conviction.

What we can see here is that this section is aimed people who want to start their own ISP. What this might also look like is something that will criminalize the activity of either stealing WiFi or offering open WiFi. The question that comes to mind is: does this criminalize the activity of setting up a TOR node or proxy in Canada? With this legislation, could it be illegal for someone to set up a proxy so, say, someone from Iran could anonymously provide information about what is going on in Iran? After all, that is generally offering, without charge, a telecommunications service.

372. (1) Everyone commits an offence who, with intent to injure or alarm a person, conveys information that they know is false, or causes such information to be conveyed by letter or any means of telecommunication.

(2) Everyone commits an offence who, with intent to alarm or annoy a person, makes an indecent communication to that person or to any other person by a means of telecommunication.

(3) Everyone commits an offence who, without lawful excuse and with intent to harass a person, repeatedly communicates, or causes repeated communications to be made, with them by a means of telecommunication.

(4) Everyone who commits an offence under this section is

(a) guilty of an indictable offence and liable to imprisonment for a term of not more than two years; or

(b) guilty of an offence punishable on summary conviction.

This is only the second excerpt we are looking at and already, stunningly, you could be locked up for up to two years in prison for being annoying on the internet. In a perfect world, the trolls of the internet would be at risk, but what about free speech. What if the copyright industry finds me annoying for posting their press releases and criticizing them on a regular basis? Should I, a reporter, be locked up for up to two years for being annoying under this circumstance? That’s not even touching general comments.

Since this activity will be criminalized if this passes, better get this out of the way now: I think whoever wrote this law is a fool who doesn’t know what the internet is like.

(5.1) Everyone who wilfully does an act or wilfully omits to do an act that it is their duty to do, if that act or omission is likely to constitute mischief causing actual danger to life, or to constitute mischief in relation to property or computer data,

Say what? Oh wait, here’s a definition of “Mischief” under this law:

(1.1) Everyone commits mischief who wilfully

(a) destroys or alters computer data;

(b) renders computer data meaningless, useless or ineffective;

(c) obstructs, interrupts or interferes with the lawful use of computer data; or

(d) obstructs, interrupts or interferes with a person in the lawful use of computer data or denies access to computer data to a person who is entitled to access to it.

Under the term “property”, does that include “intellectual property” perchance? As such, would altering data include the act of cracking software? This section is so vague, that could be possible. Anti-circumvention laws much?

487.012 (1) A peace officer or public officer may make a demand to a person in Form 5.001 requiring them to preserve computer data that is in their possession or control when the demand is made.

(2) The peace officer or public officer may make the demand only if they have reasonable grounds to suspect that

(a) an offence has been or will be committed under this or any other Act of Parliament or has been committed under a law of a foreign state;

(b) in the case of an offence committed under a law of a foreign state, an investigation is being conducted by a person or authority with responsibility in that state for the investigation of such offences; and

(c) the computer data is in the person’s possession or control and will assist in the investigation of the offence.

(3) A demand may not be made to a person who is under investigation for the offence referred to in paragraph (2)(a).

(4) A peace officer or public officer may revoke the demand by notice given to the person at any time. Unless the demand is revoked earlier, the demand expires 21 days after the day on which it is made.

(5) The peace officer or public officer who makes the demand may impose any conditions in the demand that they consider appropriate — including conditions prohibiting the disclosure of its existence or some or all of its contents — and may revoke a condition at any time by notice given to the person.

(6) A peace officer or public officer may not make another demand requiring the person to preserve the same computer data in connection with the investigation.

So really, let’s say, hypothetically speaking, I’m, a Canadian citizen, have been suspected of breaking the laws of the United States DMCA, does that mean I may be asked to preserve all data pending an investigation by, say, Sony BMG in the United States? All this and I have to preserve any data under conditions any police officer demands? Seriously?

Expiry of order

(6) Unless the order is revoked earlier, it expires 90 days after the day on which it is made.

So good news, preservation of data under a court order is 90 days… or about 3 months.

487.02 If an authorization is given under section 184.2, 184.3, 186 or 188 or a warrant is issued under this Act, the judge or justice who gives the authorization or issues the warrant may order a person to provide assistance, if the person’s assistance may reasonably be considered to be required to give effect to the authorization or warrant.

In essence, it looks like if you encrypt your data, you could be ordered to decrypt the data. Legally speaking, encryption is no excuse from the looks of things.

492.1 (1) A justice or judge who is satisfied by information on oath that there are reasonable grounds to suspect that an offence has been or will be committed under this or any other Act of Parliament and that tracking the location of one or more transactions or the location or movement of a thing, including a vehicle, will assist in the investigation of the offence may issue a warrant authorizing a peace officer or a public officer to obtain that tracking data by means of a tracking device.

(2) A justice or judge who is satisfied by information on oath that there are reasonable grounds to believe that an offence has been or will be committed under this or any other Act of Parliament and that tracking an individual’s movement by identifying the location of a thing that is usually carried or worn by the individual will assist in the investigation of the offence may issue a warrant authorizing a peace officer or a public officer to obtain that tracking data by means of a tracking device.

(3) The warrant authorizes the peace officer or public officer, or a person acting under their authority, to install, activate, use, maintain, monitor and remove the tracking device, including covertly.

(4) A warrant may contain any conditions that the justice or judge considers appropriate, including conditions to protect a person’s interests.

So while the French model was to merely allow police officers to covertly track people, such an activity in Canada does actually require a court order. An important distinction at the very least.

Conclusion

:

All in all, reading this bill from a standpoint of someone who writes news, this legislation can bring in a host of problems and open the doors for abuse. The “being annoying” section, for instance, brings in serious questions of free speech. What if someone is being critical of someone else and that someone else is being “annoyed” by it? That doesn’t require a court order. This bill is frightening to say the least for several reasons in spite of several decent provisions which actually accomplishes what some press releases said it set out to do.

Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com.

Michael Geist already has a review of the legislation. The new lawful access legislation is known as Investigative Powers for the 21st Century (IP21C). In a nutshell, this legislation allows police to bi-pass any hint or inclination of privacy and be allowed unfettered access to what you are doing online.

In terms of the actual ISP surveillance requirements. ISPs would be forced to install surveillance technology on their networks. Small ISPs would have a three year reprieve before they are forced to install similar technology as well. Additionally, ISPs would be forced to surrender their customer information and any identifying information about them on request. This would bi-pass the court system as no court order would be required to get ISPs to give up any personally identifiable information about them. What police are able to collect appears to follow the British proposed model where police won’t be able to see the contents of any communication, but who you are talking to, when and any other data regarding that communication along with what websites you visit, etc.

ISPs would additionally be forced to retain all data on its networks (it’s unclear for how long). Another provision is that it allows the police to obtain a tracking warrant (vaguely similar to the French model) that would allow police to remotely activate any tracking technology embedded into technology (such as recording cell phone conversations)

The legislation hasn’t been posted online yet, but a press release from the Public Safety Office confirms this legislation has been tabled.

“Evolving communications technologies like the Internet, cell phones, and PDAs (personal digital assistants) clearly benefit Canadians in their day-to-day lives,” said Minister Nicholson. “Unfortunately, these technologies have also provided new ways of committing crimes such as distributing child pornography. We must ensure investigators have the necessary powers to trace and ultimately stop crimes.”

“We must provide our law enforcement with the tools they need to keep our communities safe,” said Minister Van Loan. “High tech criminals will be met by high tech police. This is a great day for the victims and their families who have been long calling for these legislative changes, and those who work tirelessly every day to ensure that when there is a threat to safety police can intervene quickly.”

The press release also says, “Other countries, such as the United Kingdom, the United States, Australia, New Zealand, Germany and Sweden, already have similar legislation in place.”

As if one press release wasn’t enough, here’s another one:

The interception of communications is essential for investigating and prosecuting serious crime and combating terrorism. Police forces and the Canadian Security Intelligence Service (CSIS) require lawful access to communications in a number of contexts, including investigations into child sexual abuse, organized crime, drug trafficking, and terrorism.

Police forces and CSIS also require timely access to basic subscriber information as it is an essential tool for fighting crime and terrorism. Subscriber information refers to basic identifiers such as name, address, telephone number and Internet Protocol (IP) address, e-mail address, service provider identification and certain cell phone identifiers. These basic identifiers are often crucial in the early stages of an investigation, and without this basic information, police forces and CSIS often reach a dead-end as they are unable to obtain sufficient information to pursue an investigative lead or obtain a warrant.

Currently, there is no legislation specifically designed to require the provision of this information to police forces and CSIS in a timely fashion. As a result, the practices of releasing this information to police forces and CSIS vary across the country: some service providers release this information to law enforcement immediately upon request; others provide it at their convenience, often following considerable delays; while others insist on law enforcement obtaining search warrants before the information is disclosed. This lack of national consistency and clarity can delay or block investigations.

What’s particularly damning about the information we have seen so far is what “crimes” could someone commit before an investigation is warranted? That doesn’t appear to be available at this point.

What happened the last time lawful access was introduced in Canada? Plenty of public discussion including a YouTube parody known as Emily of the State. There was no shortage of criticism against what is effectively warrantless wiretapping in Canada. What’s stunning is that, in spite of the public effectively saying no to such laws, the federal government seems intent on introducing such legislation anyway. What ensuing PR war this will bring is unclear, but history suggests that the government lost a lot of support last time. How they can spin this successfully to somehow be positive PR is a mystery at this point.

Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com.

This debate has been going on for years – clear back to 2005 if one were to recall the “Data Retention is No Solution” campaign which fought legislation that would force ISPs to retain personal information for a period of time. Fast forward to the second half of 2008 and one might remember a plan for Britain to place the information of who people are talking to online at what time, when that conversation was – really, everything except for the content of a conversation – and store it into a central database.

Of course, these facts for an outsider may seem puzzling as to why this is being brought up now. To understand that aspect, one might need to know that the governing party – the Labour Party – supported the moves to put everyones internet activity into a central database for investigators to pour through. Then there’s the other piece of the puzzle – a feared catastrophic political crash for the Labour Party. Those fears were justified a day after the spy report where the governing party suffered the worst defeat in Britain’s political history. What isn’t completely clear is whether or not one of Britain’s spy’s feared that a new party would reverse the surveillance laws that were put in.

Still, Sir David Pepper who use to run the listening centre of GCHQ did go to the BBC to say that if Britain doesn’t record phone conversations and web activity, lives would be at stake. Apparently, it isn’t enough to have the European data retention, and Part 11 of the Anti-Terrorism, Crime and Security Act of 2001 combined with the EC Directive. No, it has to be all in one database rather than at the ISPs. Already, ISPs in the UK have to store where users go on the internet and e-mails, among other things, for a period of 12 months. Pepper told the BBC this:

“There are plenty of people who will do all they can to make themselves difficult to find.

“It puts enormous pressure on you. Everybody in the agency is acutely aware that if they don’t do their job properly one of the consequences may be another terrorist outrage.

“The thing you worry about most is the attack that you haven’t seen coming.”

While the political shifts within Britain could make the privacy debate more interesting, the political shifts in the EU might also make things very interesting for privacy rights as well. One of the major things the Pirate Party stands for is privacy. Already, they have won 2 seats according to exit polls in the EU election. It’s not immediately evident what this will mean for the data retention laws, but who knows? Something could happen with France already contemplating legislation that would allow police to put key loggers and Trojan horses on peoples computers via LOPPSI 2. One thing is for sure, it’s possible that the political situation could be a game changer for privacy rights, but of course, it’s too early to tell at this point.

[Hat tip: Open Rights Group]

Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com.

If one were to go clear back into June of 2008, the month that saw the passage of the Protect America Act, that still doesn’t even get close to the beginning of this whole ordeal (you’d have to go clear back to when Mark Klein blew the whistle on AT&T clear back in 2007 (many argue that the case goes even further back over a report in the New York Times). From court mandated sealed documents to government secrets to lawsuits to legislation to block lawsuits to the constitution, the warrantless wiretapping case has taken many twists and turns throughout the years to get us to where we are today.

This latest setback appears to be a new blow to privacy advocates and civil rights groups alike among others. It’s new legal affirmation that the government doesn’t need a warrant to put a wiretap on anyone inside or outside the United States. Then again, what exactly does the constitution mean when it says that the law guards against unlawful search and seizures anyway? There may be similar questions that could be brought in when civil rights groups appeal their lawsuits.

In the case so far, a judge has dismissed the lawsuits and upheld legislation that granted telecom immunity over warrantless wiretapping on behalf of the NSA.

“Congress has manifested its unequivocal intention to create an immunity that will shield the telecommunications company defendants from liability in these actions,” Judge Walker Wrote (PDF)

In an EFF Press Release:

“We’re deeply disappointed in Judge Walker’s ruling today,” said EFF Legal Director Cindy Cohn. “The retroactive immunity law unconstitutionally takes away Americans’ claims arising out of the First and Fourth Amendments, violates the federal government’s separation of powers as established in the Constitution, and robs innocent telecom customers of their rights without due process of law.”

“The immunity legislation that the court upheld today gives the telephone companies a free pass for flouting the law and violating the privacy rights of millions of their customers,” said Ann Brick, ACLU of Northern California staff attorney.

In today’s ruling, Judge Walker left the door open to accountability for the government, holding that “plaintiffs retain a means of redressing the harms alleged in their complaints by proceeding against governmental actors and entities who are, after all, the primary actors in the alleged wiretapping activities.” EFF is also suing the government for the illegal surveillance in a separate case, Jewel v. NSA.

“By passing the retroactive immunity for the telecoms’ complicity in the warrantless wiretapping program, Congress abdicated its duty to the American people,” said EFF Senior Staff Attorney Kurt Opsahl. “Now it is up to the Court of Appeals to stand up for the Constitution, and reverse today’s decision.”

At issue is FISAAA (Foreign Intelligence Surveillance Act Amendments Act or FISA Amendments Act) which was passed by Bush in 2008. Currently, the law indicates that Internet Service Providers can spy on their users on behalf of the government without a warrant, regardless of where they are in the world and where they live. In question, is whether or not this law is even constitutional.

Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at drew@zeropaid.com.

There’s been a long hard fought battle between civil rights activists and supporters of increased surveillance on the internet. At issue is the gathering of all information of internet users in Britain, which includes everything about phone conversations, e-mail, social network communications, and other online activities, and putting them into a centralized database for British police to browse through without a court order or warrant. British civil rights and digital rights activists warned that, among other things, this could be an unprecedented move toward total surveillance of British citizens at the expense of basic fundamental rights. Supporters claim that this would create a valuable new tool to stem the flow of terrorism, help find missing persons, reduce crime and stop paedophiles.

Today, there was a concession. According to British news site, The Guardian, the Home Office has, for now, backed off of plans to centralize all of the data flowing through ISPs and instead require ISPs to hold all this information for a period of 12 months. That is a plan that would cost British tax payers £2 Billion.

The move was greeted with applause by civil rights advocates. Liberty, a British civil rights group, posted a press release on the recent move.

“We applaud the Home Office climb-down on the super Big Brother database and thank the broad coalition of sensible voices who brought it about. It is a clear signal that the public interest in personal privacy can no longer be ignored. However, if companies are to be required to hold even more information than they do at present, concerns about access and use become even more important.” Said Shami Chakrabarti, Director of Liberty.

Chakrabarti added, “Let us look forward to this U-turn on communications data being followed by limiting DNA retention, dumping ID cards and a less callous approach to privacy protection more generally.”

In the midst of all this is the Home Office consultation. The online consultation says, “We want your opinion on how communications information should be collected and stored in order to prevent crime, and catch and prosecute criminals.”

“Communications data is the ‘who’, ‘where’, and ‘when’ information from mobile phone calls, texts, emails and instant messages. It can tell you who sent an email to whom but not what the content of that email was.”

According to a supplementary page, the consultation runs all the way up to July 20th. Information on sending your opinions in can be found there as well.

Fresh on the heals of India adopting new surveillance techniques that make privacy one step closer to becoming history in that country, the Home Office of Britain has adopted a plan for British police to covertly hack citizens computers without a warrant.

Basically, if a police officer wanted to, he can go wardriving through the streets to find a persons computer and hack it. Failing that, police can send a malicious e-mail containing something like a keylogger and record things like e-mails and instant messages. Combined with EU legislation, anything found can be sent to other countries in Europe. It’s worth noting the irony in this – some authorities might be more than willing to point to how dangerous the internet is with cyber crime and, in turn, make the internet more dangerous with their presence.

Of course, it’s not really called hacking if police do it – it’s called “remote searching”. The euphemism is applied when it is explained that the police have to say that they had reason to believe some crime is about to take place. This can easily be taken in two different ways depending who you ask. Either this translates to, “We needed to go wardriving into your computer under some excuse we made up on the spot” or, “In order to protect the better public interest, we need to make sure people aren’t breaking laws on their personal computers.”

Either way, British civil liberties groups were not amused.

Shami Chakrabarti, director of Liberty, the human rights group, said she would challenge the legal basis of the move. “These are very intrusive powers – as intrusive as someone busting down your door and coming into your home,” she said.

“The public will want this to be controlled by new legislation and judicial authorisation. Without those safeguards it’s a devastating blow to any notion of personal privacy.”

The police were on the defense of this:

The Association of Chief Police Officers (Acpo) said such intrusive surveillance was closely regulated under the Regulation of Investigatory Powers Act. A spokesman said police were already carrying out a small number of these operations which were among 194 clandestine searches last year of people’s homes, offices and hotel bedrooms.

“To be a valid authorisation, the officer giving it must believe that when it is given it is necessary to prevent or detect serious crime and [the] action is proportionate to what it seeks to achieve,” Acpo said.

(Source: Times Online)

All the while, the government appears to not have not revealed a stitch of safeguards judging by these early reports (though the government may wind up revealing a few soon since this move has also angered opposition MPs)

Not mentioned in the Times article is what kind of consequences this could have for other laws that could be proposed in the future. Already, the MPAA have been trying to lobby the government for a way to ‘automatically’ eliminate alleged piracy online internationally. It would be a surprise if the industry didn’t try and twist this into something for their own financial interests. It’s already starting to look like it’ll be another long year.

(Hat tip: Open Rights Group)

When it comes to countries in North America, it’s not often that India reaches the headlines unless a Canadian or an American is involved in the story. Then again, there is the occasional report that does offer a small glimpse into what it is like to live in the digital environment of India. A blogger from India recently wrote a piece about the new surveillance laws of India and the arguments used to pass it as well as some of the provisions that were mentioned seemed surprisingly similar to that of laws being brought forth to legislators in countries like Australia, Britain and what is currently being talked about in the United States.

Sometimes, reports like these raises the question of validity, so we took some initiative and verified what was happening through a business article writing in 2007 that suggests that the Indian security market then was worth $170 million. In December of 2008, though, an article essentially proved that legislation referenced in that article was, in fact, passed in India.

The legislation that is being discussed was known as “The Information Technology (Amendment) Bill”. The posting says that under these new laws and amendments, the government is now allowed to “intercept messages from mobile phones, computers and other communication devices to investigate any offence. Not just cognizable offence, the kind you witnessed in Mumbai 26/11, but any offence.”

Those two sentences alone sounds like the US’s FISA act on steroids. It could very well have been inspired by laws from the United States, but other provisions discussed sounds more like provisions currently being proposed in Australia. the blogger writes, “Around 45 amendments have been made to the original Act, which now treats both publishers of online pornography and its consumers on equal footing. A law so sweeping in its powers that it allows a police officer in the rank of a sub-inspector to walk in or break in to the privacy of your home and see if you were surfing porn or not.”

It’s an observation that would make just about any digital rights activist’s skin crawl. The blogger creatively sums up a number of provisions with the following:

• Thou shall not author a joke. Not even forward one
• Thou shall not surf Bollywood news
• Thou shall not watch porn

As reported by MediaNama, the bill passed the lower house in a hurry and without debate.

Wikipedia is also keeping tabs on the legislation saying that “The Bill has since been passed in the Parliament on December 23, 2008. It is awaiting assent of the President and formal notification. The Bill as passed has many changes from the earlier draft indicated in the previous paragraph and incorporates the recommendations made by the Parliamentary Standing Committee.”

Apparently, one of the arguments going back and forth looked a bit like this:

‘So what?’ is the familiar rhetoric. Why fear if you’ve got nothing to hide? Why should law abiding citizens be bothered about some ‘inevitable invasion’ into privacy in the wake of increasing terror attacks? After all the perpetrators of terror are known to use Internet and other modern communication tools to plan and execute deadly strikes like that happened in Mumbai.

There is only one answer and it is a Thomas Jefferson quote: Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety.

One observation one can make from this legislation is that it almost appears to be taking some of the worst ideas proposed by many countries around the world and gluing them together in a piece of legislation. It seems to be just another disturbing instance of governments around the world gaining sweeping new powers, sacrificing privacy in the process.