Surveillance and Freedom of the Media
As noted, the assembly of the Council of Europe published a report on surveillance which is to be debated at the assembly. Since the publishing of the report, a U.S. survey by Pew Research Center on investigative journalists and digital security has been published. The findings are alarming. Two thirds of investigative journalists in the U.S. believe that their data has been collected (phone calls, emails and other communications), with 8 out of 10 believing that due to their profession their data will be collected. Exposure of mass surveillance has led to half of investigative journalists changing how they “store or share sensitive information” and of those who work for news organisations half believe “their employer is not doing enough to protect journalists and their sources from surveillance and hacking”. Furthermore, 90% of journalists believe that ISPs would share their data with the U.S. government as part of the NSA’s collection of data and 97% believe that their data would be shared by ISPs if subpoenaed by the government as part of a criminal investigation.
These findings are the result of the exposure of mass surveillance that seriously undermines the safety of journalistic sources, the safety of whistleblowers and freedom of the media, in stark contrast with a meaningful democracy where access to information, privacy and freedom of expression is protected.
Challenges brought to the Investigatory Powers Tribunal (IPT) by Liberty, Privacy International, Bytes for All and Amnesty International against GCHQ have found that at least part of GCHQ’s operation – and its collaboration with the NSA – was unlawful. As reported by the Guardian:
“The Investigatory Powers Tribunal (IPT) declared on Friday that regulations covering access by Britain’s GCHQ to emails and phone records intercepted by the US National Security Agency (NSA) breached human rights law.”
It states that the governments’ conduct was illegal as the public was not informed of the safeguards in place and this extended to a 7 year period, from 2007 to 2014. The conduct was in violation of both Article 8 of the European Convention on Human Rights – the right to private and family life – and Article 10 – freedom of expression.
On Friday, Privacy International posted a statement on their website:
“British intelligence services acted unlawfully in accessing millions of people’s personal communications collected by the NSA, the Investigatory Powers Tribunal ruled today. The decision marks the first time that the Tribunal, the only UK court empowered to oversee GCHQ, MI5 and MI6, has ever ruled against the intelligence and security services in its 15 year history.
The Tribunal declared that intelligence sharing between the United States and the United Kingdom was unlawful prior to December 2014, because the rules governing the UK’s access to the NSA’s PRISM and UPSTREAM programmes were secret. It was only due to revelations made during the course of this case, which relied almost entirely on documents disclosed by NSA whistleblower Edward Snowden, that the intelligence sharing relationship became subject to public scrutiny.”
Privacy and Data Protection
On a related note, a California lawmaker has proposed a warrant requirement for digital data access, as reported Sunday by Ars Technica. There it says that Mark Leno, representing San Francisco, plans to introduce a bill on state level, called the Electronic Communications Privacy Act (CalECPA) stipulating:
1546.1. Except as provided in this section, a government entity shall not do any of the following:
(1) Compel the production of or access to electronic communication information from a service provider.
(2) Compel the production of or access to electronic device information from any person or entity except the authorized possessor of the device.
(3) Access electronic device information by means of physical interaction or electronic communication with the device, except with the specific consent of the authorized possessor of the device.
According to Ars Technica the bill has significant support by the tech industry as well as civil liberties groups, which highlights the obvious need for protections of both privacy and data. Experts say that if the bill is passed, it will represent the most comprehensive digital protection in the U.S. at state level.
The Growing Demand
The demand for comprehensive legislation on Data Protection and Privacy keeps growing worldwide. These matters illustrate the interconnected issues of freedom of information, freedom of expression, whistleblower protection, source protection, intermediary protection, data protection, privacy and media freedom, fields that if combined in a legislative package consisting of best practice law around the world, will constitute the Safe Haven IMMI works towards.
IMMI is focusing on Data Protection and Privacy as well as Intermediary Limited Liability, including all the overlapping and connected legislation. IMMI will seek to engage with stakeholders, legal experts and policy makers in order to produce the best comprehensive legislation and advocate for its implementation in Iceland as well as advocating for its implementation globally. However, once such legislation is in effect in one national jurisdiction, it will represent a victory for the world community and can serve as a blueprint for others to follow.
Feature image by Mark Robinson (CC BY-NC 2.0)