Archive | Surveillance RSS feed for this section

Why WikiLeaks is worth defending, despite all of its flaws

25 Aug

Why WikiLeaks is worth defending, despite all of its flaws
Most of the recent attention around WikiLeaks has been focused on the legal issues surrounding its controversial founder, Julian Assange. But we shouldn’t let that blind us to what the organization has accomplished and the critical role it plays as a “stateless news organization.”

Gigaom

By now, anyone with even a passing interest in the WikiLeaks phenomenon is familiar with most of the elements of its fall from grace: the rift between founder Julian Assange and early supporters over his autocratic and/or erratic behavior, the Swedish rape allegations that led to his seeking sanctuary in Ecuador, a recent childish hoax the organization perpetrated, and so on. Critics paint a picture of an organization that exists only in name, with a leadership vacuum and an increasingly fractured group of adherents. Despite its many flaws, however, there is still something worthwhile in what WikiLeaks has done, and theoretically continues to do. The bottom line is that we need something like a “stateless news organization,” and so far it is the best candidate we have.

To some extent, WikiLeaks has always been as much myth as substance, and possibly even more so. The idea of a…

View original post 1,030 more words

Defamation Act and Networking Filtering/Blocking

14 Jun

I have been thinking about the consequences of installing network level filtering, as TalkTalk have indicated recently they would do and  Claire Perry would like.
“TalkTalk customers get internet porn filter choice”
As I understand current UK defamation law, ISPs have an “innocent disseminator” defence provided in the Defamation Act 1996 [1].

1. (3) (e) as the operator of or provider of access to a communications system by means of which the statement is transmitted, or made available, by a person over whom he has no effective control.

[1] http://www.legislation.gov.uk/ukpga/1996/31/section/1#section-1-3

I found it extremely interesting that mobile phone companies provide over their network access “no effective control” affected by the editorial control (selective blocks, trivially administered).   TalkTalk ISP, and (by extension) all network providers according to Claire Perry’s should move toward an OPT-IN and a  suggestion of mandatory network filtering.Could it, in theory, become possible to sue an ISP for not blocking access to material originating outside of UK jurisdiction? What would happen if a court was asked to issue an injunction to filter for defamation or a privacy breach? Could TalkTalk be compelled to block material?

For section1 (secondary responsibility defence) under the Defamation Act  one needs to show reasonable care so that, in theory, the repeat defamation situation case that would not be met. For an interesting case, see the dicussion in McGrath v Dawkins [2012] EWHC B3 (QB). At present common law innocent dissemination survives –however see Metropolitan Schools.

The Ecommerce directive prevents any general obligation to monitor. See the cases of Case C-70/10 Scarlet Extended SA v Société belge des auteurs, compositeurs et éditeurs SCRL (SABAM) . There  is also a firm rule against prior restraint of defamation –so that not even the courts by court order will restrain defamation pre-publication (as opposed to privacy) –to avoid the courts acting as censor. It would be an unlawful restraint on speech/expression and so engage Art 10.

its an interesting question and I am not entirely sure what the correct answer is.Two points: (1) the High Courts power to issue an injunction is very wide Take a look at s37 of the Senior Courts Act 1981 here…(2) Secondly, however, an ISP is not themselves liable as a publisher of material which passes over their wires. The BPI thought that would mean they could not obtain an injunction under the SCA against ISP’s to block copyright content, which is why they lobbied hard for s97A of the CDPA 1988 and even then they were nervous of proceeding any further. In the event s97A has proved quite powerful enough.

As you know, there are 4 main types of case where the court will refuse an interim injunction to restrain publication. The Solicitors from Hell case was one in which Bonnard didn’t apply because the defendant did not indicate an intention to plead justification would a decision at hearing turn upon questions of the general character of the claimant, but I failed to communicate that was what I was talking about.
I suspect there’ll be an increasing opportunity for cases where neither Bonnard v Perryman nor any of the other situations (such an intention to plead honest comment or where a communication is prima facie privileged) apply. There’ll also be situations – such as election comments – where I can see people finding it attractive to obtain an injunction, but the rule against prior restraint is superseded by statute. I n those sorts of situations where a court will make an order, do will it make an order against an ISP using filtering technologies? I cannot think of any situations where that has happened or something analogous has happened?
More generally some information about orders to block directed at ISP’s outside s97A:

In modern practice the rule against prior restraint applies whenever a defendant has a defence –not just when that defence is Truth. The rule was affirmed in Green v Associated [2004]  EWCA Civ 1462.  There is also now a significant body of human rights jurisprudence to support the rule. Eady had questioned whether the rule was compatable with the new convention jurisprudence and the test for balancing Art 8 (reputation and privacy) and Art 10 (freedom of expression) which gives no precedence to either Article as applied in privacy cases (see Campbell and Re S) in Sunderland Housing v Barnes –but the rule has held except where as in the Solicitors from Hell case the defendant has evidenced an intention to repeat. The rule is good law and not under attack.

Internet Freedom is Under Attack…

13 Jun

‘Father of the Internet’ warns Web freedom is under attack

“Father of the Internet” Vint Cerf  recently warned that Internet freedom is under threat from governments around the world, including the United States.

Cerf, a computer scientist who was instrumental in the Internet’s creation and is now employed by Google as its “Internet evangelist,” said officials in the United States, United Kingdom and Europe are using intellectual property and cybersecurity issues “as an excuse for constraining what we can and can’t do on the ‘net.

“Political structures … are often scared by the possibility that the general public might figure out that they don’t want them in power,” he said.

He sounded the alarm about the International Telecommunications Union (ITU), arguing the group is poised to assume the role of global Internet cop.

Cerf said the ITU is likely to try and lock in mandatory intellectual property protections as a backdoor for easy Web surveillance. Even good-faith efforts at Internet policymaking should be viewed with skepticism, Cerf said, because balancing freedom and security “isn’t something that government alone is going to figure out.” He criticised the Cybersecurity and Intelligence Protection Act (CISPA) legislation passed by the House to encourage companies to share information about cyber threats with the government, because it lacks “adequate constraints” on how the information is used. Cerf said he has the “optimistic belief” that attempts by hostile governments to restrict access will be circumvented by resourceful engineers around the world. Cerf also urged vigilante groups such as Anonymous to stop using cyberattacks as a means of activism, saying the hackings are counterproductive.

“I don’t think lawlessness is our friend,” he said.Ultimately, there is a legitimate role for law enforcement on the Web, he said, adding that “it would be bad for us as a community to say … that all the good things outweigh the bad.” “That’s not a credible position to take,” he said. Cerf said activists and regulators alike harm themselves by using terms like “cybercrime” because they suggest that “every bad thing that happens on the Internet is a crime.” “Some are just bugs,” Cerf said, while suggesting a better goal for policymakers should be “cybersafety.”

These are my favorite lines, and are what i beleive as well.

I haven’t gotten to the point of believing that governance work is a complete waste of time yet, but have decided it is time to get my programing skills out of mothballs and get back up to speed. It is not easy talk about freedom, safety, neutrality, cybercrime, IP pirate, CISPA…with different interest… personal interest, national interest… business interest of the stakeholders …

Anything that are not following somebody interest will be bad and sometimes considered as a crime … cybercrime…

“Either you with me or against me…..” Sound familiar?  This is the challenge for the future global dialog, not as easy during the period of cerf when he started the Internet everybody has one goal.

Increasingly Governments are moving towards control of Internet Freedom. Freedom of expression, although debatable, is a fundamental right and is often the center piece of a democracy. However, Governments are sometimes preoccupied with finding ways to protect national security and human rights pertaining to Internet usage. I believe that the mechanisms for enforcement of copyright laws  or illegal content laws through DNS filtering is disproportionate and  is too restrictive. In total, DNS filtering undermines security on the Internet and may block legitimate content from the Internet. Therefore, this negatively impacts freedom of expression.

It is important to note that the blocking of domain names does not actually remove illegal content off the Internet.  As a result, there is need for various human right agencies within the government, private sector, academia and civil society to negotiate the terms and conditions for Internet Regulation.  However, I believe that these agencies should have a basic understanding of the Internet before negotiating Internet regulation. Moreover, Governments need to realize that harsh regulations of the Internet may impede innovation through various ICT tools.

Recently we have seen a few examples pertaining to Internet Freedom see below:

“Iran’s telecommunications ministry has barred local banks, insurance firms and telephone operators from using foreign-sourced emails to communicate with clients, a specialist weekly said on Saturday.  “The telecommunications minister has ordered the use of domain names ending with .ir” belonging to Iran, Asr Ertebatat reported.” See http://j.mp/KDVUWK

In addition, we see that India is pushing for the creation of a forum called ‘Committee for Internet Related Policies’ (CIRP) to develop internet policies, oversee all internet standards bodies and policy organizations, negotiate internet-related treaties and sit in judgment when internet-related disputes come up. The catch is that India’s formal proposal is for CIRP to be funded by the U.N., run by staff from the U.N.’s Conference on Trade and Development arm and report directly to the U.N. General Assembly, which means it will be entirely controlled by the U.N.’s member states. See:

http://www.thehindu.com/news/national/article3423018.ece

We can effect change let us bring these issues to the fore at the various (ICANN, IGF, WSIS, IETF etc) Internet Governance meetings.

I have posted vid of this at https://www.youtube.com/watch?v=dwtTUMXpxLk&list=PL18388B00C798AEFC

The Internet is the next stage of human evolution. We look at ourselves as separate beings but the reality is that humans are far more interconnected than a hive of bees. The Internet is our collective minds. We are externalizing our collective intelligence. It allows us to collectively comprehend the universe. And since we are the universe – we are the universe contemplating it’s own existence. And it is the Internet that creates the physical structure to allow humanity to this as one and we can contemplate what no single person could ever do.
My 2p worth.

Mobile Phone Data Seizing…by the Met Police

20 May

The Met Police and Mobile Phones (Total Access = Total Violation of Civil Liberties)

Another day, another intrusion into our civil liberties by the Met Police.  The Metropolitan Police has implemented a system to extract mobile phone data from suspects held in custody. The data includes call history, texts and contacts, and the BBC has learned that it will be retained regardless of whether any charges are brought.

http://www.bbc.co.uk/news/technology-18102793

It is terrifying and frightening that a police force can remove all the data from a suspect in custody without a warrant, and without any charges. There is the obligatory disclaimer that “data extraction can happen only if there is sufficient suspicion the mobile phone was used for criminal activity”.  But who decides this?

I would suggest that if you are in a suspect in a police station, then you are already under sufficient suspicion.  If the crime one is suspected is directly related to one’s mobile phone – say like organizing a riot against Topshop or a sit-in at a Vodafone shop, then your phone would can be seized and analysed.

The point here is this: the “sufficient suspicion” test will without a doubt be abused. Is there any basis for the legal profession to argue that they Police should destroy the data if charges are not pressed or the person arrested is later on found innocent? Of course there should be. For people that routinely protest and call themselves activists, a mobile phone carries significant more weight than any Facebook relation or “follower” through Twitter.

What will happen next is that the machines will be implemented in the mobile police stations and the phones will be seized on the spot. A case brought to court would easily be winnable.

How does the Law work here?

What is the law now? Proper forensic investigation of a phone would normally require a PACE warrant. One doesn’t get to seize one’s phone just because there has been an arrest. Forensic investigation of a phone would normally require a warrant. Normally police forces carry a “designated person” that has to sign off on not just obtaining communications data NOT CONTENT.  Even if just obtaining communications data (not content) there has to be the signing off by the Designated Person in each police force – I’m struggling to see how this scheme can possibly be both legal and yet deliver any significant cost-savings on sending a phone to forensics.

I don’t know about you, but there is a limited argument here that this is going to bring around any significant savings, yet be within the confines of the law at the same time.

I know what you are thinking! Someone will just create a market for encrypted phones! All the suspect has to do is park an encryption key or secret parked outside of the UK and away from everyone else from the prying hands of the Met Police. This doesn’t really APPLY, because s49 RIPA makes it an offence to refuse to give up a password used to encrypt a device holding evidence. Jullian Assange  has argued in the past alongside others that there was a need for mobile telephone deniability encryption. Ben Goldacre was suggesting the need for mobile telephone deniability encryption, like Rubberhose (written by Julian Assange and others). I don’t really see how you can plausibly deny sending a mail with encrypted stuff in it might have some meaningful content. On the other hand, Assange suggested TrueCrypt, which is a disk encryption thing along the lines of Rubberhose – now, either of those should work just fine on a phone. The problem that then remains is entropy – there’s far too little in whatever most people use to unlock their phones, so none of this will help.

What does the law say?

RIPA only applies, however to Communications Service Providers.  There is no way that a mobile phone in a standard operating mode could reasonably be treated as a communications provider so I struggle to see why RIPA would be in the least bit applicable. The only exception to this would be PART III which covers asking for an unlock code. Yet the thrust of the article is that the technology available to the Met bypasses the access code and removes the data regardless.  The only way I can see RIPA applying is on the basis of voicemails stored on a CSP server. With regard to communications data & RIPA – would it not matter if the search was just taking what was on the phone, or whether it involved connecting that phone to the network (Ie retrieving data from the Communications Service Provider)?

The opinion that voice-mail hacking might be a Computer Misuse Act offence was premised on the idea that the voicemail was not retrieved from the handset but from the CSP servers. Is that not likely to be true for these sorts of searches as well? This is why I wonder if RIPA might apply here, whereas it wouldn’t in the seizure of computers from premises (per ss18 and 20 of PACE).  With regard to communications data & RIPA – would it not matter if the search was just taking what was on the phone, or whether it involved connecting that phone to the network (ie retrieving data from the Communications Service Provider)? . Is that not likely to be true for these sorts of searches as well?

It’s been a big issue in the US (as to whether a warrant is needed or whether officers can “go fishing” on arrest on electronic devices). The latest word is that data retention from phones will be indefinite, irrespective of the charging decision. However, the data retrieval will be confined to what is stored on the handset, with no retrieval of data from CSP servers (so that would exclude voicemails).