3 thoughts on “Council of Europe Commissioner for Human Rights

  1. shinichi Post author

    The rule of law on the Internet and in the wider digital world

    Issue paper published by the Council of Europe Commissioner for Human Rights

    Council of Europe

    https://wcd.coe.int/com.instranet.InstraServlet?command=com.instranet.CmdBlobGet&InstranetImage=2653075&SecMode=1&DocId=2216242&Usage=2

    The Commissioner’s recommendations

    II. On data protection

    6. Suspicionless mass retention of communications data is fundamentally contrary to the rule of law, incompatible with core data-protection principles and ineffective. Member states should not resort to it or impose compulsory retention of data by third parties.
    (p.22)

    ______________________________________________________

    A new environment for human activities

    We live in a global digital environment that has created new means for local, regional and global activities, including new types of political activism, cultural exchanges and the exercise of human rights. These activities are not virtual in the sense of “not truly real”. On the contrary, they are an essential part of real citizens’ lives. Restrictions on access to the Internet and digital media, and attempts to monitor our online activities or e-communications, interfere with our fundamental rights to freedom of expression and information, freedom of association, privacy and private life (and possibly other rights such as freedom of religion and belief, or the right to a fair trial).

    The new global digital environment of course also creates a new space for unlawful behaviour: for the dissemination of hate speech or child pornography, incitement to violence, breaches of copyright (“piracy”), fraud, identity theft, money laundering and attacks on the e-communications infrastructure itself through malware (such as Trojans and worms) or “denial of service” attacks. Cybercrime and cybersecurity have become major concerns.

    These threats are increasingly transnational, and there is a broad international consensus on the need to deal with cybercrime, cybersecurity and terrorism, but there is much less agreement on specifics – or even what constitutes a threat.

    The nature of the digital environment

    Dangerous data

    In an age of “Big Data” (when data on our actions are shared and/or exploited in aggregate form) and the “Internet of Things” (when more and more physical objects – things – are communicating over the Internet), it is becoming difficult to ensure true anonymisation: the more data are available, the easier it becomes to identify a person. Moreover, the mining of Big Data, in ever more sophisticated ways, leads to the creation of profiles. Although these profiles are used to spot rare phenomena (e.g. to find a terrorist in a large set of data, such as airlines’ passenger name records), they are unreliable and can unwittingly lead to discrimination on grounds of race, gender, religion or nationality. These profiles are constituted in such complex ways that the decisions based on them can be effectively unchallengeable: even those implementing the decisions do not fully comprehend the underlying reasoning.

    The digital environment can by its very nature erode privacy and other fundamental rights, and undermine accountable decision making. There is enormous potential for undermining the rule of law – by weakening or destroying privacy rights, restricting freedom of communication or freedom of association – and for arbitrary interference.

    Global and private, but not in the sky

    Because of the open nature of the Internet (which is its greatest strength), any end point on the network can communicate with virtually any other end point, following whatever route is calculated as being most efficient, the data flowing through all sorts of switches, routers and cables: the Internet’s physical infrastructure. The electronic communications system is transnational, indeed global, by its very nature; and its infrastructure is physical and located in real places, in spite of talk of a Cloud. At the moment, many of these physical components are in the USA and many of them are managed and controlled by private entities, not by governmental ones.

    The main infrastructure for the Internet consists of high-capacity fibre-optic cables running under the world’s oceans and seas, and associated land-based cables and routers. The most important cables for Europe are those that run from continental Europe to the UK, and from there under the Atlantic to the USA. Given the dominance of the Internet and of the Cloud by US companies, these cables carry a large proportion of all Internet traffic and Internet-based communication data, including almost all data to and from Europe.

    Who is in control?

    Internet governance

    Important Internet governance principles have been put forward, by the Council of Europe and others, that stress the need to apply public international law and international human rights law equally online and offline, and to respect the rule of law and democracy on the Internet. These principles recognise and promote the multiple stakeholders in Internet governance and urge all public and private actors to uphold human rights in all their operations and activities, including the design of new technologies, services and applications. And they call on states to respect the sovereignty of other nations, and to refrain from actions that would harm persons or entities outside their territorial jurisdiction.

    However, these principles still remain largely declaratory and aspirational: there is still a deficiency in actual Internet governance arrangements that can be relied on to ensure the application of these principles in practice.

    Also, Internet governance must take account of the fact that – partly because of its corporate dominance, and partly because of historical arrangements – the USA has more control over the Internet than any other state (or even all other states combined). Together with its close partner, the UK, it has access to most of the Internet infrastructure.

    The former US National Security Agency contractor Edward Snowden has revealed that the USA and the UK are using this control and access to conduct mass surveillance of the Internet and of global electronic communications systems and social networks. There are fears that states may respond to the Snowden revelations by fragmentation of the Internet, with countries or regions insisting that their data are routed solely through local routers and cables, and stored in local clouds. This risks destroying the Internet as we know it, by creating national barriers to a global network. Unless the USA improves compliance with international human rights standards in its activities that affect the Internet and global communication systems, the movement towards such a truncated Internet will be difficult to stop.

    Reply
  2. shinichi Post author

    Mass surveillance exposed by Snowden ‘not justified by fight against terrorism’

    Report by Nils Muižnieks, commissioner for human rights at the Council of Europe, says ‘secret, massive and indiscriminate’ intelligence work is contrary to rule of law

    by Owen Bowcott

    The Guardian

    http://www.theguardian.com/world/2014/dec/08/mass-surveillance-exposed-edward-snowden-not-justified-by-fight-against-terrorism

    The “secret, massive and indiscriminate” surveillance conducted by intelligence services and disclosed by the former US intelligence contractor Edward Snowden cannot be justified by the fight against terrorism, the most senior human rights official in Europe has warned.

    In a direct challenge to the United Kingdom and other states, Nils Muižnieks, the commissioner for human rights at the Council of Europe, calls for greater transparency and stronger democratic oversight of the way security agencies monitor the internet. He also said that so-called Five Eyes intelligence-sharing treaty between the UK, US, Australia, New Zealand and Canada should be published.

    “Suspicionless mass retention of communications data is fundamentally contrary to the rule of law … and ineffective,” the Latvian official argues in a 120-page report, The Rule of Law on the Internet in the Wider Digital World. “Member states should not resort to it or impose compulsory retention of data by third parties.”

    As human rights commissioner, Muižnieks has the power to intervene as a third party in cases sent to the European court of human rights (ECHR) in Strasbourg. His report is published the week after the UK’s Investigatory Powers Tribunal (IPT) found that the legal regime governing mass surveillance of the internet by the monitoring agency GCHQ is “human rights compliant”.

    In his report, Muižnieks wrote: “In connection with the debate on the practices of intelligence and security services prompted by Edward Snowden’s revelations, it is becoming increasingly clear that secret, massive and indiscriminate surveillance programmes are not in conformity with European human rights law and cannot be justified by the fight against terrorism or other important threats to national security. Such interferences can only be accepted if they are strictly necessary and proportionate to a legitimate aim.”

    The civil liberties organisations which brought the claim in the IPT case are planning to appeal against the ruling to the ECHR – a case in which the commissioner could participate.

    Muižnieks told the Guardian: ”I’m interested in weighing in on such cases about surveillance. Surveillance has gone beyond the bounds of the rule of law and democratic oversight needs to be more robust.

    “We have seen examples where there’s a clear lack of oversight of security: the first was black sites, torture and rendition; the second was the revelations about mass surveillance. I want to influence the working of the court and its thinking.

    “These recommendations [in the report] are my interpretation of basic human rights principles. The court often refers to my work in their judgments. There’s no substantial case law in internet-related issues so far.

    “The UK is a country we are watching closely on these issues. It has a huge influence on whether or not the rule of law will prevail in the digital environment. All of these data sharing agreements should be as transparent as possible so we can assess the extent to which they are abiding by the law. Our right to privacy has been compromised on a regular basis and on a mass scale. I find that very worrying.”

    Muižnieks said he expects to visit the UK next year and examine the UK’s record on surveillance. Asked about the IPT ruling, he commented: “I would note that very few complaints to this tribunal have been upheld in the last few years which raises many questions for me.”

    He supported calls for publication of the so-called Five Eyes treaty that authorises intelligence sharing between the UK, US, Australia, Canada and New Zealand as a contribution to greater transparency. A case requesting its release has already been lodged at the ECHR.

    His report contained a number of recommendations including:

    • No states … European or otherwise, should access data stored in another country without the express consent of the other country or countries involved unless there is a clear, explicit and sufficiently circumscribed legal basis in international law for such access.

    • Member states should ensure that their law-enforcement agencies do not obtain data from servers and infrastructure in another country under informal arrangements.

    • [Countries] should stop relying on private companies that control the internet and the wider digital environment to impose restrictions that are in violation of the state’s human rights obligations.

    • The activities of national security and intelligence agencies [should be brought within] an overarching legal framework. Until there is increased transparency on the rules under which these services operate their activities cannot be assumed to be in accordance with the rule of law.

    • States should ensure that effective democratic oversight over national security services is in place. For effective democratic oversight, a culture of respect for human rights and the rule of law should be promoted, in particular among security service officers.

    The Council of Europe, which has 47 member states including the UK, Russia and Turkey, is the body that oversees the European court of human rights in Strasbourg.

    Reply
  3. shinichi Post author

    Data Collection by U.S. Risks Harming Internet Structure, Report Says

    Council of Europe Says U.S. Surveillance Risks Fragmenting the Internet

    by Frances Robinson

    http://www.wsj.com/articles/data-collection-by-u-s-risks-harming-internet-structure-report-says-1418047201

    The collection and retention of huge volumes of personal data by the U.S. risk fragmenting the Internet by increasing the likelihood that countries will require data to be stored and moved using only national infrastructure, according to a report by Europe’s top human-rights organization.

    The report by the Council of Europe, which has 47 member states on the continent, is the latest in a series of developments that illustrate a trans-Atlantic split in approaches to surveillance and information gathering.

    The council, which oversees the European Convention on Human Rights, urged governments to ensure proper oversight of national security services and to stop mass retention of people’s data.

    The report said individual rights couldn’t be guaranteed in practice because of a deficiency in the governance of the Internet—over which the U.S. had a dominant role.

    The U.S. “has more control over the Internet than any other state (or even all other states combined). Together with its close partner, the U.K., it has access to most of the Internet infrastructure,” the report said.

    “Unless the U.S.A. improves compliance with international human rights standards in its activities that affect the Internet and global communication systems, the movement towards such a truncated Internet will be difficult to stop,” the report said.

    “Suspicionless mass retention of communications data is fundamentally contrary to the rule of law, incompatible with core data-protection principles and ineffective,” it said. “Member states should not resort to it or impose compulsory retention of data by third parties,” such as Internet companies.

    The U.S. has observer status at the council, which is home to the European Court of Human Rights. The U.S. State Department didn’t immediately respond to a request for comment.

    Introducing the report, Nils Muiznieks, the council’s human-rights commissioner, predicted the court would soon be handling many new cases relating to data protection, online surveillance and cybercrime. “My goal was to try to affect the court’s thinking on this,” he said.

    “The big companies are often blocking content that shouldn’t be blocked, they are sometimes engaging in practices under pressure from governments that are not in line with human-rights standards.”

    The 124-page report isn’t connected to European Union institutions. But it praises the work done by the EU, saying data protection on European lines provides the “first and most important cornerstone for the rule of law on the Internet and in the wider digital world.”

    The issue is a thorny one. The U.K. government has been intensifying efforts to enlist the help of large technology companies such as Twitter Inc. and Facebook Inc. in combating extremist content online amid growing concerns about terrorist threats.

    This includes material authorities consider extremist and want removed but that isn’t necessarily illegal, such as some videos of sermons by radical preachers or posts by extremists encouraging Westerners to join the fight in Syria.

    The report also exposes fault lines between the EU and the U.S. on the issue. Planned EU rules apply to all individuals whose data are processed by European controllers, irrespective of their place of residence or nationality.

    However, the report notes, the U.S. formally rejects this application of international human-rights law, which therefore “poses a serious threat to the rule of law in that new environment.”

    Information provided by former intelligence contractor Edward Snowden allegedly showed U.S. surveillance programs routinely collected data from European citizens. U.S. officials subsequently engaged in a diplomatic offensive aimed at putting European fears over the data collection to rest.

    The European Court of Human Rights is the only international court that can pronounce binding human-rights judgments on member governments.

    Reply

Leave a Reply

Your email address will not be published.