Posts Tagged ‘right to privacy’

Speech by Commissioner Dunja Mijatović at RightsCon 2019, Tunis, about digital security

June 17, 2019

Council of Europe Commissioner for human rights, Dunja Mijatović, gave a speech at the world’s leading summit on human rights in the digital age, RightsCon 2019, in Tunis, on 11 June 2019:

…A recent article of the New York Times from the city of Kashgar showed the extent to which the Chinese authorities are using facial recognition and snooping technologies to keep a tight control of the Muslim community.  If you think that this does not concern you because it is happening far away, you would be terribly wrong. The Chinese experiment bears a great significance for all of us. It shows to what extent the cozy relations between technology companies and state security agencies can harm us. This has become particularly acute as part of states response to terrorist threats and attacks. States around the world have increased their surveillance arsenal, not always to the benefit of our safety. On the contrary, in several occasions they used it to silence criticism, restrict free assembly, snoop into our private life, or control individuals or minorities.

An illustration of this comes from human rights defenders. If in the past human rights defenders have been ahead of states in using technological progress to expose human rights abuses, now they are facing a backlash. As we speak, states and non-state actors are intercepting their communications, intrude their personal data, trace their digital footprint. States are using technologies to learn about human rights defenders’ plans or upcoming campaigns; to find or fabricate information that can help intimidate, incriminate or destroy their reputation; or to learn about their networks and sources.

This concerns us all. At stake here is the society we want to live in and bequeath to the next generations. Technology should maximise our freedoms and rights – and keep those in power accountable.

To get there we need to strengthen the connections among us and crowdsource human rights protection, promotion and engagement. An important step in that direction would be to provide more support, funding and digital literacy training to human rights defenders. It is also crucial that the private sector and state authorities uphold human rights standards in the designing and implementation of all technological tools.

Living in an increasingly digital world does not mean living artificial lives with artificial liberties. Our rights must be real, all the time.

We all must resist the current backlash and persist in demanding more human rights protection, more transparency and more accountability in the digital world.

https://www.coe.int/en/web/commissioner/-/2019-speech-by-dunja-mijatovic-council-of-europe-commissioner-for-human-rights-at-the-world-s-leading-summit-on-human-rights-in-the-digital-age-rights

‘Access Now’ names Usha Ramanathan a ‘Human Rights Hero’ for her opposition to Aadhaar

June 11, 2019

Jahnavi Sen, writing in the Wire of 10 June 2019, reports Usha Ramanathan, a legal researcher and activist based in Delhi, has been declared a ‘human rights hero’ by international rights group Access Now for her criticism of the Aadhaar programme. Since the scheme was launched in 2009, Ramanathan has been raising the security and privacy risks associated with it, as well as the concerns on linking the programme to welfare schemes. While facilitating Ramanathan’s “tireless” efforts to highlight the issues related to Aadhaar, Access Now has said that it also wants to “recognise the entire community that has protested and litigated against Aadhaar”. In September 2018, the Indian Supreme Court upheld the validity of the Aadhaar law, but placed strict restrictions on its scope. Before the final judgment, the court had passed a number of orders which were conveniently ignored by the administration, Ramanathan and others have pointed out. Ramanathan has written a number of articles on why the programme needs to be rebooted, and the risks it poses to people’s privacy. A number of her articles have been published in The Wire.

The award function will be held in Tunis between June 11 and 14, as a part of RightsCon. The awards will be handed out by Michelle Bachelet, the United Nations high commissioner for human rights.

Since 2014 Access Now issues the anual award “in celebration of…the work of people around the globe to protect human rights in the digital age, naming “heroes” and “villains” who have either protected the principles of freedom online, or worked to undermine them.”

There are a total of five winners this year. Other than Ramanathan, Bahraini activist and digital security consultant Mohammed Al-Maskati, Australian human rights lawyer, broadcaster and writer Lizzie O’Shea, Tanzanian digital security trainer Zaituni Njovu and Venezuelan lawyer, writer and human rights activist Marianne Díaz Hernández have also been designated ‘heroes’.

https://thewire.in/rights/usha-ramanathan-aadhaar-opposition

NGOs urge Putin not to sign Russia’s “Sovereign Internet Bill”

April 28, 2019

Participants in an opposition rally in central Moscow protest against tightening state control over the internet in Russia, 10 March 2019
Participants in an opposition rally in central Moscow protest against tightening state control over the internet in Russia, 10 March 2019  Igor Russak/SOPA Images/LightRocket via Getty Images

On 24 April 2019 nine major human rights, media and Internet freedom NGOs, called on Russian President Vladmir Putin, not to sign the so-called “Sovereign Internet Bill” as it will lead to further limitations of already restricted Internet and media freedoms in the country.

The bill (No. 608767-7) amends the laws “On Communications” and “On Information, Information Technologies and Information Protection” and states its aim as enabling the Russian Internet to operate independently from the World Wide Web in the event of an emergency or foreign threat. On 16 April 2019, the Russian State Duma approved the bill in the third reading amid widespread domestic criticism, protests and online campaigning around the country, and on 22 April, the Federation Council, the upper house of the Russian parliament, approved it. If signed by President Vladimir Putin, the bill would enter into force on 1 November 2019.

The bill creates a system that gives the authorities the capacity to block access to parts of the Internet in Russia, potentially ranging from cutting access to particular Internet Service Providers (ISPs) through to cutting all access to the Internet throughout Russia.

The bill gives control over Internet network routing to the state regulator for Telecommunications, Information Technologies and Mass Communications, Roskomnadzor. It provides that the ISPs should connect with other ISPs, or “peer,” at Internet exchange points (IXes) approved by the authorities, and that these IXes should not allow unapproved ISPs to peer. The bill would also create a centralised system of devices capable of blocking Internet traffic. The bill requires ISPs to install the devices, which the government would provide free of charge, in their networks.

Under this system, Roskomnadzor would monitor threats to Russia’s Internet access and transmit instructions to ISPs through the special devices about countering these threats. Cross-border Internet traffic would be kept under close state control. The draft does not specify what the range of instructions would be, but they could potentially include partially or fully blocking traffic both between Russia and the rest of the World Wide Web, and within Russia. Nor does the draft explain how the new equipment will work, or what specifically it will do. It is clear, however, that blocking would result from direct interaction between the government and the ISP and that it will be extrajudicial and nontransparent. The public would not know what has been blocked and why.

The bill states that the new measures will be activated in the event of a ‘security threat’. The draft does not define security threats, and instead gives the government full discretion to decide what would constitute a security threat and what range of measures would be activated using the new system to address a threat.

The bill also states that Russian ISPs remain obligated to filter and block content in accordance with existing Russian law.

Further, the bill creates a national domain name system (DNS) – a system that acts as the address-book for the Internet by allowing anyone to look up the address of the server(s) hosting the URL of a website they are looking for. The bill would require Internet providers to start using the national DNS from 1 January 2021. Forcing ISPs to use the national system will give Russian authorities the ability to manipulate the results provided to the ISP outside the ISP’s knowledge and control. Authorities will be able to answer any user’s request for a website address with either a fake address or no address at all. This not only allows them to conduct fine-grained censorship but will also let the national DNS to redirect users to government-controlled servers in response to any DNS requests instead of to a website’s authentic servers.

These proposals are very broad, overly vague, and vest in the government unlimited and opaque discretion to define threats. They carry serious risks to the security and safety of commercial and private users and undermine the rights to freedom of expression, access to information and media freedom.

The bill contravenes standards on freedom of expression and privacy protected by the International Covenant on Civil and Political Rights (ICCPR) and the European Convention on Human Rights (ECHR), to which Russia is a party. Both treaties allow states to limit freedoms to protect national security but impose clear criteria for such limitations to be valid. The UN Special Rapporteur on freedom of expression, commenting on the ICCPR, has reiterated that these limits should be “provided by law, which is clear and accessible to everyone,” and be predictable and transparent.

Human Rights Watch, ARTICLE 19 and other undersigned organisations are extremely concerned that the changes introduced in the bill threaten human rights and freedoms in Russia. Open, secure and reliable connectivity is essential for human rights online, including the rights to freedom of expression, information, assembly, privacy and media freedom. The bill could pose a threat to the Internet’s rights-enabling features if access to the World Wide Web is wholly or partially cut off, or if arbitrary blocking and filtering of content is carried out. It would facilitate state surveillance and curb anonymity online. It also risks severely isolating people in Russia from the rest of the world, limiting access to information and constraining attempts at collective action and public protest. The Bill’s negative impact on the freedom of expression will also affect the rights of journalists and media to work freely.

The adoption of the bill should be seen in the context of other Russian legislation that severely undermines protection of freedom of expression and privacy online and fails to meet international human rights standards. These include:

. The 2016 ‘Yarovaya Law,’ which requires all communications providers and Internet operators to store metadata about their users’ communications activities, to disclose decryption keys at the security services’ request, and to use only encryption methods approved by the Russian government. It was adopted to allegedly counter ‘extremism’ but in practice, it creates a backdoor for Russia’s security agents to access Internet users’ data, traffic, and communications.

. In 2017, Federal Law 327-FZ made amendments to the ‘Lugovoi Law’ (Federal Law FZ-398, 2013) that gave the General Prosecutor or his/her deputies a right to block access to any online resource of a foreign or international NGOs designated ‘undesirable’; and, to ‘information providing methods to access’ the resources enumerated in the ‘Lugovoi Law’, i.e. including hyper-links to old announcements on public rallies not approved by local authorities.

. The recent March 2019 bills mandate blocking and penalizing websites that publish what authorities deem to be “fake news” and “insult” to authorities, state symbols, and what the legislation vaguely describes as Russian “society.”

The President of the Russian Federation should reject the bill. The Russian Government should also review other Internet related legislation, abolish the above listed laws and bring its legal framework to full compliance with international freedom of expression standards.

ARTICLE 19

Civil Rights Defenders

Committee to Protect Journalists

Human Rights Watch

International Federation for Human Rights (FIDH)

International Media Support

International Partnership for Human Rights

Norwegian Helsinki Committee

PEN International

Reporters without Borders

https://www.ifex.org/russia/2019/04/24/sovereign-internet-bill/

https://www.hrw.org/news/2019/04/24/joint-statement-russias-sovereign-internet-bill

Big Brother Awards try to identify risks for human rights defenders

February 24, 2019

Unlawful Communication Surveillance of Amnesty International: tip of iceberg

July 2, 2015

An article “BRITISH TRIBUNAL FLIP-FLOPS ON WRONGFUL SURVEILLANCE OF AMNESTY INTERNATIONAL” by Jenna McLaughlin on 2 July 2015 reveals that a British tribunal (Investigatory Powers Tribunal) in charge of investigating public abuse of surveillance admitted that the U.K. government’s spy agency illegally retained communications it swept up from Amnesty International.
Featured photo - British Tribunal Flip-Flops on Wrongful Surveillance of Amnesty International
Amnesty International protest in London by Malcolm Park/Getty

In the e-mail sent to Amnesty late Wednesday, the president of the tribunal said the unlawful retention of communications it had previously said affected an Egyptian group had in fact affected Amnesty. Amnesty International responded understandably with outrage. In a press release, it described the tribunal’s email as a “shocking revelation” that “made no mention of when or why Amnesty International was spied on, or what was done with the information obtained.

The revelation that the UK government has been spying on Amnesty International highlights the gross inadequacies in the UK’s surveillance legislation,” Salil Shetty, Amnesty’s secretary general, said in a statement. He added something even more important:  “If they hadn’t stored our communications for longer than they were allowed to by internal guidelines, we would never even have known. What’s worse, this would have been considered perfectly lawful.” The tribunal did not rule that the U.K. spy agency’s initial interception of communications was unlawful; just that retention rules had been violated.

AI now joins the company of other non-governmental organizations targeted by the Government Communications Headquarters – or GCHQ, the U.K. equivalent of the U.S.’s National Security Agency. Those include Unicef and Médecins du Monde, according to top-secret documents released by The Guardian in December 2013.

http://www.theguardian.com/uk-news/2015/jul/01/gchq-spied-amnesty-international-tribunal-email

IPT Flip-Flops on Unlawful GCHQ Surveillance of Amnesty International.

What the Human Rights Council did on HRDs in March 2015

April 7, 2015

For those (few, I hope) who do not regularly read the Human Rights Monitor of the ISHR, here is a wrap-up of the 28th session of the Human Rights Council in relation to human rights defenders:ISHR-logo-colour-high

5 Resolutions adopted: Read the rest of this entry »

Edward Snowden gets another human rights award in Berlin

December 15, 2014

Former NSA contractor turned whistleblower Edward Snowden was given the Carl von Ossietzky Medal in Berlin on Sunday, a medal which honors those who exhibit extraordinary civic courage or commitment to the spread and defense of human rights. According to website of the International League for Human Rights in Berlin, which has awarded the prize since 1962, Snowden was chosen because of his “momentous decision of conscience … to put [his] personal freedom on the line” to expose the “abuse of power” exercised by the US and Germany.

Verleihung des Alternativen Nobelpreises an Edward Snowden

Snowden shares the medal with Glenn Greenwald, the Guardian journalist who broke his story, along with Laura Poitras, the documentary filmmaker who was in Berlin to accept it on the whole trio’s behalf [Snowden appeared on skype]. Several speeches were given, including one from former federal Interior Minister Gerhart Baum and human rights lawyer Wolfgang Kaleck, who represents Snowden. Baum spoke of how the Snowden had “opened our eyes to the largest intelligence surveillance scandal I know.” See more: https://thoolen.wordpress.com/tag/snowden/

The von Ossietzky medal is named after the German Nobel Peace Prize winner who spoke out actively against the Nazi regime. Not to be confused with two other awards in the name of Ossietzky.

Edward Snowden gets human rights award in Berlin | News | DW.DE | 14.12.2014.

NGOs concerned about alarming proliferation of surveillance technologies to repressive countries – the Wassenaar Arrangement

December 2, 2014

On 1 December 2014 a group of 7 NGOs (Amnesty International, Digitale Gesellschaft, International Federation for Human Rights, Human Rights Watch, Open Technology Institute (at New America), Privacy International, Reporters sans frontieres) sent an Open Letter to the “Wassenaar Arrangement” (for what this is see link at the end). The key issue is that the alarming proliferation of surveillance technologies available to repressive countries adversely affects political activists, human rights defenders, refugees, dissidents and journalists.

Here is the text of the letter:

“We, the undersigned organisations, call upon the 41 Governments that compose the Wassenaar Arrangement on Export Controls for Conventional Arms and Dual-Use Goods and Technologies, to take action and address the alarming proliferation of surveillance technologies available to repressive countries involved in committing systematic human rights violations. This trade results in unlawful surveillance, which often leads to further human rights violations including invasions of privacy, arbitrary arrest and detention, torture and other cruel, inhuman or degrading treatment or punishment, the silencing of free expression, preventing political participation, and crushing offline and online dissent.

Surveillance technologies are not simply harmless tools. In the wrong hands they are often used as a tool of repression. Evidence is continuing to reveal the extent of this secretive trade that puts countless individuals at direct risk from human rights abusing governments. More and more stories emerge showing these damaging and often unlawful technologies affecting political activists, human rights defenders, refugees, dissidents and journalists, with some technologies placing entire populations under surveillance. Governments with internationally condemned human rights records such as Bahrain, Ethiopia, Egypt, Turkmenistan, Libya, Syria and Iran have all purchased surveillance technologies from private companies, and have used them to facilitate a variety of human rights violations. Some revelations in France, Germany, the UK, and the US have led to police and judicial investigations following calls from NGOs and members of the Coalition Against Unlawful Surveillance Exports. Remarkably and despite mounting evidence of associated abuses, surveillance technology companies still openly market their products at ‘trade fairs’ across the UK, France, US, Brazil and the UAE among other countries.

Although steps were taken in 2013 to address this largely unregulated global market, governments cannot let the momentum halt. Governments have now included additional technologies associated with intrusion software and IP monitoring to the Lists of Dual Use Goods and Technologies and Munitions, and are aware of the impact surveillance technologies can have on human rights. There is now a pressing need to modernise out of date export controls. In addition, technologies such as undersea fibre-optic cable taps, monitoring centres, and mass voice / speaker recognition technologies urgently need to be examined for their impact on human rights and internal repression, particularly when the end user is a government known for committing human rights violations. Technologies evolve at a rapid pace and governments that abuse human rights take advantage of weak regulation, the product of poor understanding of the technologies and their capabilities.

In the current system, human rights and digital rights groups, as well as external independent experts, are excluded from contributing their expertise and knowledge to the Wassenaar Arrangement forum. The additional expertise and knowledge that civil society can bring to the debate is invaluable to this end. Discussions should not continue in a closed-forum manner and we urge governments to engage with civil society organisations to help ensure that accurate and effective controls are developed which reflect modern technological developments and do not impede legitimate scientific and security research.

Any export policy relating to surveillance technologies should place human rights at its heart. Governments must exercise a strict policy of restraint and should refuse to grant export licenses for surveillance technology destined for end-users in countries where they are likely to be used in an unlawful manner i.e. not compliant with human rights legal standards. Governments should consider the weakness or absence of an appropriate legal framework in the recipient country to ensure the transfer would not pose a substantial risk of the items being used to violate or abuse human rights. Governments should also be transparent in what they export, and to whom and support the development of an international legal framework to address the sale and trade of surveillance technologies.”

An Open Letter to the Members of the Wassenaar Arrangement | Human Rights Watch.

The Wassenaar Arrangement (41 participating States) has been established in order to contribute to regional and international security and stability, by promoting transparency and greater responsibility in transfers of conventional arms and dual-use goods and technologies, thus preventing destabilising accumulations. Participating States seek, through their national policies, to ensure that transfers of these items do not contribute to the development or enhancement of military capabilities which undermine these goals, and are not diverted to support such capabilities.

from: http://www.wassenaar.org/introduction/index.html

Amnesty’s Detekt: a new tool against government spying launched today

November 20, 2014

Screen Shot 2014-11-20 at 10.24.35

On 20 November 2014 Amnesty International launched a new tool that human rights defenders can use in their struggle against surveillance. It is calledDETEKT. As I have often expressed concern about digital security in this blog (see: https://thoolen.wordpress.com/tag/digital-security/\) here ARE major excerpts from the Questions and Answers that were provided in the press release:

What is Detekt and how does it work?

Detekt is a free tool that scans your computer for traces of known surveillance spyware used by governments to target and monitor human rights defenders and journalists around the world. By alerting them to the fact that they are being spied on, they will have the opportunity to take precautions.

It was developed by security researchers and has been used to assist in Citizen Lab’s investigations into government use of spyware against human rights defenders, journalists and activists as well as by security trainers to educate on the nature of targeted surveillance. Amnesty International is partnering with Privacy International, Digitale Gesellschaft and the Electronic Frontier Foundation.

Why are you launching Detekt now?

The latest technologies enable governments to track, monitor and spy on people’s activities like never before. Through the use of these technologies, governments can read private correspondence and even turn on the camera and microphone of a computer without its owner knowing it. Our ultimate aim is for human rights defenders, journalists and civil society groups to be able to carry out their legitimate work without fear of surveillance, harassment, intimidation, arrest or torture.

Has anyone used Detekt successfully to know if they were being spied on? 

Detekt was developed by researchers affiliated with the Citizen Lab, who used a preliminary version of the tool during the course of their investigations into the use of unlawful surveillance equipment against human rights defenders in various countries around the world.

For example, according to research carried out by Citizen Lab and information published by Wikileaks, FinSpy – a spyware developed by FinFisher, a German firm that used to be part of UK-based Gamma International– was used to spy on prominent human rights lawyers and activists in Bahrain.

How effective is this tool against technologies developed by powerful companies? 

Detekt is a very useful tool that can uncover the presence of some commonly used spyware on a computer, however it cannot detect all surveillance software. In addition, companies that develop the spyware will probably react fast to update their products to ensure they avoid detection. This is why we are encouraging security researchers in the open-source community to help the organizations behind this project to identify additional spyware or new versions to help Detekt keep up to date.

It is important to underline that if Detekt does not find trace of spyware on a computer, it does not necessarily mean that none is present. Rather than provide a conclusive guarantee to activists that their computer is infected, our hope is that Detekt will help raise awareness of the use of such spyware by governments and will make activists more vigilant to this threat.

In addition, by raising awareness with governments and the public, we will be increasing pressure for more stringent export controls to ensure that such spyware is not sold to governments who are known to use these technologies to commit human rights violations.

How widely do governments use surveillance technology?

Governments are increasingly using surveillance technology, and targeted surveillance in particular, to monitor the legitimate activities of human rights activists and journalists. Powerful software developed by companies allows governments and intelligence agencies to read personal emails, listen-in on Skype conversations or even remotely turn on a computers camera and microphone without its owner knowing about it. In many cases, the information they gather through those means is used to detain, imprison and even torture activists into confessing to crimes.

How big is the unregulated trade in surveillance equipment? What are the main companies and countries involved? 

The global surveillance industry is estimated to be worth approximately US$5 billion a year – with profits growing 20 per cent every year. European and American companies have been quietly selling surveillance equipment and software to countries across the world that persistently commit serious human rights violations. Industry self-regulation has failed, and government oversight has now become an urgent necessity.

Privacy International has extensively documented the development, sale and export of surveillance technologies by private companies to regimes around the world. Recipient countries include: Bahrain, Bangladesh, Egypt, Ethiopia, Libya, Morocco, South Africa, Syria and Turkmenistan.

Isn’t publicizing the existence of this tool giving governments a heads up about how they can avoid being caught (by adapting new equipment which avoids detection)?

The technologies that allow governments to efficiently and covertly monitor the digital communications of their citizens are continuously improving. This is happening across the world. The growing trend in indiscriminate mass surveillance on a global scale was laid bare by the Edward Snowden disclosures. In addition to mass surveillance technologies, many governments are using sophisticated tools to target specific human rights defenders and journalists who work to uncover abuses and injustice. The new spyware being developed and used is powerful and dangerous and putting many human rights activists and journalists at risk of abuse.

As surveillance technologies develop in sophistication, it is vital that civil society groups learn how to protect their digital communications. No one tool or intervention will be enough to do this. We hope Detekt will become a new approach for investigating surveillance while sensitizing people to the threats.

However, long term we must also demand that governments live up to their existing commitments to human rights and that they and companies put in place stronger protections to ensure that new technologies are not used to violate human rights.

Surveillance is also used to carry out legitimate criminal investigations, why are you against it? 

Targeted surveillance is only justifiable when it occurs based on reasonable suspicion, in accordance with the law, is strictly necessary to meet a legitimate aim (such as protecting national security or combatting serious crime and is conducted in a manner that is proportionate to that aim and non-discriminatory.

Indiscriminate mass surveillance – the widespread and bulk interception of communication data that is not targeted or based on reasonable suspicion – is never justifiable. It interferes with a range of human rights, particularly the rights to privacy and freedom of expression.

The Detekt tool can be downloaded from: Github page.

http://www.amnesty.org/en/news/detekt-new-tool-against-government-surveillance-questions-and-answers-2014-11-20

 http://gadgets.ndtv.com/internet/news/human-rights-group-amnesty-international-releases-anti-surveillance-tool-623484

Amnestys Detekt tool wants to help you thwart government spying | ZDNet.

Mobile phone security for human rights defenders

May 7, 2014

mobilesecheader.png

Having posted on the Natalia bracelet and the Panic Button recently as alarm systems for human rights defenders in danger, it is good to also draw attention to the dangers that are inherent in the ‘normal’ use of mobile phones. Tactical Tech has quite a bit to say about  mobile phone security: Human Rights Defenders are exposed to many potential threats – from governments, private companies, organised groups – in the course of their work. Therefore, they should be aware of dangers and necessary security measures to be taken if  deciding to communicate by mobile phone, which remains an easy-to-spy-on device. Tactical Tech has produced a number of resources about phone security.

Security in a Box has a chapter entitled “How to Use Smartphones as Securely as Possible” and one on using mobile phonesas securely as possible.

Me and My Shadow has a chapter on geolocation services for smartphones and the risks they carry, as well as tips for those using SMS and MMS.

Finally, have a look at the Guardian Project’s website, created by a group of activists dedicated to creating open source apps to increase security and privacy on smartphones.

via Mobile phone security | Exposing the Invisible.

https://thoolen.wordpress.com/tag/natalia-project/

https://thoolen.wordpress.com/2014/05/02/amnesty-releases-today-long-awaited-panic-button-for-human-rights-defenders/