Liberty News

Swiss voters have approved a new surveillance law backing the government which claimed the security services needed enhanced powers in an increasingly volatile world.

The proposed law won 65.5% support in a referendum called to confirm a mass ssurveillance law already passed by the parliament n 2015.

Switzerland's police and intelligence agencies say they have had limited investigative tools compared to other developed countries as phone tapping and email surveillance were previously banned, regardless of the circumstances.

But the new law will change that. The government insisted it was not aiming to set up a vast data-gathering apparatus, similar to the one developed by the US National Security Agency that came into the public eye in part through former contractor Edward Snowden's revelations. But mass snoopers have not got a track record of publicising or even admitting their capabilities.

The government says that phone or electronic surveillance of a suspect will only be triggered with approval by a federal court, the defence ministry and the cabinet, according to the law. Bern has said these measures would be used only a dozen times a year, to monitor only the highest-priority suspects, especially those implicated in terrorism-related cases. But then again, all the other mass snooping countries have made similar claims, until someone blew the whistle.

London's Metropolitan Police will trial an automated facial recognition system to identify people at this weekend's Notting Hill Carnival. According to the Met, the AFR system at the Notting Hill Carnival:

Involves the use of overt cameras which scan the faces of those passing by and flag up potential matches against a database of custody images. The database has been populated with images of individuals who are forbidden from attending Carnival, as well as individuals wanted by police who it is believed may attend Carnival to commit offences.

If a match is made by the system, officers will be alerted, and will seek to speak with the individual to verify their identity, making an arrest if necessary.

Speaking to The Register , the government's Surveillance Camera Commissioner, Tony Porter, said that:

The Surveillance Camera Code of Practice requires relevant authorities such as Local Authorities and Police Forces to ensure they use surveillance cameras effectively, efficiently and proportionately.

This is so communities can be sure that they are being protected by this technology rather than spied on. I would expect any organisation that is using tools like automatic facial recognition to do so transparently so members of the public know it is being used and what its use is for.

The 'custody database' is a little more comprehensive than the name suggests as the police have been adding images from other sources.  In response to a Parliamentary question, Baroness Williams of Trafford reported that by 15 July this year, there were:

Over 19 million custody images, Of these, 16,644,143 had been enrolled in the facial image recognition gallery and are searchable using automated facial recognition software.

This figure represents roughly a quarter of the UK's entire population.

European ministers are debating restrictions on the use of encryption and a further increase in mass snooping. Bernard Cazeneuve, France's interior minister is due to meet his German counterpart, Thomas de Maizere, to discuss possible laws to limit the use of encrypted communications across the EU.

Of course the ministers note that the increase in muslim terrorism as the reason for their actions. But as they don't seem so concerned about this in any other policy areas, presumably they want the mass snooping capabilities for more general reasons.

Governments and law enforcement services view apps that come with end-to-end encryption -- such as Facebook's WhatsApp and Apple's iMessage -- as a potential barrier in investigations.

Over-the-top mobile services such as WhatsApp are currently outside the scope of the EU's e-privacy directive, which covers how customer data is handled, including in response to law enforcement requests.

The Thai National Broadcasting and Telecommunications Commission is to proposing the introduction of special SIM cards for mobile or smart phones used by foreign tourists while they are staying in Thailand.

NBTC secretary-general Thakorn Tanthasit pointed out that normally foreign tourists were required to inform immigration officials where they stay while in Thailand. With the introduction of special SIM cards, he said that the visitors would be tracked more easily in case some of them might engage in illegal activities.

Thakorn said he would invite representatives of mobile phone service providers for consultations, especially the technical aspect for the system. He claimed that this is a matter of national security and it should not be deemed as a violation of the right to privacy of individuals.

Update: Further details

9th August 2016. SSee article from khaosodenglish.com

A plan to require all foreigners in Thailand to use a special SIM card that can track their location will be reviewed by authorities Tuesday afternoon.

The plan would require anyone, not just tourists but everyone who doesn't hold a Thai passport, to use the new SIM card which would enable the authorities to track its owner's location at any time, said Takorn Tantasith, the Secretary General of the Office of the National Broadcasting and Telecommunications Commission. No exceptions would be made for resident aliens on long-term visas such as those for employment, marriage or retirement. Takorn said:

We will separate SIM cards for foreigners and Thais. The location will always be turned on in this SIM card for foreigners. And it cannot be turned off.

Foreign tourists would be able to continue to use SIM cards brought in from other countries under roaming service and would not be required to turn their location on.

Takorn said he was unconcerned about any rights or privacy issues raised by the system. He expects the policy to come into effect in six months.

Update: Invasion of privacy approved by military junta

10th August 2016. See article from bbc.com

Thailand's plans to force foreigners to use SIM cards specially made to enable location tracking have made the world's press with the BBC reporting that the plans have been approved by the military government.

The plans have been approved in principle by Thailand's telecommunications authority and have been backed by other parts of Thailand's military government.

The National Broadcasting and Telecommunications Commission (NBTC) said the special Sim cards would come with tracking enabled, which the user could not turn off. The commission said that the facility will be used to track visa overstayers and people on the run from the police.

The basis of the idea is that the tracking information of either GPS or the less accurate signal triangulation is already available to carriers, but the Thai Government would prefer perhaps to have an immediate realtime update without asking carriers for the data. The Government would then effectively operate as the carrier for these designated foreigner sims.

While the proposal has been approved by the NBTC, Secretary General Takorn Tantasith said the organisation would consult with police, tourism authorities and tour operators before deciding whether to implement it.

I don't suppose that many visitors will be keen on the police being able to have a 24 hour realtime display of their locations as they check out the upstairs rooms of bars and GoGos.

The BBC is to spy on internet users in their homes by deploying a new generation of Wi-Fi detection vans to identify those illicitly watching its programmes online. BBC TV detector vans will  capturie information from private Wi-Fi networks in homes to sniff out those who have not paid the licence fee.

The corporation has been given legal dispensation to use the new technology, which is typically only available to crime-fighting agencies, to enforce the new requirement that people watching BBC programmes via the iPlayer must have a TV licence.

However, the BBC claims that its inspectors will not be able to spy on other internet browsing habits of viewers.

The disclosure causes justifiable concerns about invasion of privacy and follows years of criticism of the BBFC for its heavy-handed approach towards those it suspects of not paying the licence fee, even when innocent. The BBC routinely sends out threatening and bullying letters to properties without a licence regardless of whether there is any suggestion of licence evasion.

The existence of the new strategy emerged in a report carried out by the National Audit Office (NAO). It shows that TV Licensing, the BBC's licence-fee collection arm, has developed techniques to track those watching television on laptops, tablets, and mobile phones.

Under the Regulation of Investigatory Powers Act, the BBC is entitled to carry out surveillance of suspected licence-fee dodgers. However in reality the BBC isn't expected to provide any evidence to backup its suspicions.

Dr Miguel Rio, a computer network expert, said that licence-fee inspectors could sit outside a property and view encrypted packets of data -- such as their size and the frequency with which they are emitted over the network -- travelling over a home Wi-Fi network. This would allow them to establish if devices at homes without television licences were indeed accessing BBC programmes online. Dr Rio said:

They actually don't need to decrypt traffic, because they can already see the packets. They have control over the iPlayer, so they could ensure that it sends packets at a specific size, and match them up. They could also use directional antennae to ensure they are viewing the Wi-Fi operating within your property.

Privacy campaigners described the developments as creepy and worrying . A spokesman for Privacy International, the human rights watchdog, said:

While TV Licensing have long been able to examine the electromagnetic spectrum to watch for and investigate incorrect usage of their services, the revelation that they are potentially developing technology to monitor home Wi-Fi networks is startlingly invasive.

The unelected but all powerful European Commission is proposing the creation of a database that will hold information on noted users of virtual currencies such as Bitcoin. Available data on the users' real-world identity, along with all associated wallet addresses will be maintained.

the draft proposal was officially put forward in February 2016 and later approved at the start of July 2016. The proposal is a reform of the Anti-Money Laundering Directive (AMLD) which will extend existing measures to include the concept of virtual currencies. It is intended to limit the anonymity associated with Bitcoin.

Besides recognizing crypto-currencies as another form of money, the draft also includes a set of regulations that would provide FIUs (financial intelligence units) with the tools needed to keep track of digital currencies, in the same way they do with fiat currencies.

The database will be updated with available data on Bitcoin users from payment providers etc, but users will also be allowed to register on their own, as a sign of good faith. The current AMLD draft reads:

The report shall be accompanied, if necessary, by appropriate proposals, including, where appropriate, with respect to virtual currencies, empowerments to set-up and maintain a central database registering users' identities and wallet addresses accessible to FIUs, as well as self-declaration forms for the use of virtual currency users.

Digital currency exchanges and wallet providers operating in Europe will most likely have to abide by the reformed AMLD and force EU users to register with their real information so that FIUs could track down individuals behind suspicious operations.

It is expected that the proposals will reach the European Parliament for a final vote later in the year.

The Advocate General of the Court of Justice of the European Union has published his Opinion on data retention by EU member states. The subsequent judgment will have implications for the Data Retention and Investigatory Powers Act (DRIPA) and the Investigatory Powers Bill (IP BIll).

In his Opinion, the Advocate General said that data retention may be compatible with EU law only if data is being retained to fight serious crime and if there are strict safeguards in place. The Opinion confirmed that he believes that EU law should apply when it comes to data retention and that member states should limit their interference with our fundamental rights to what is strictly necessary.

Executive Director of Open Rights Group, Jim Killock responded:

The Advocate General has stated that data retention should only be used in the fight against serious crime, yet in the UK there are more than half a million requests for communications data each year. These do not only come from police but also local councils and government departments. It is difficult to see how the Government can claim that these organisations are investigating serious crimes.

The Opinion calls for strict safeguards yet in the UK, there is currently no judicial authorisation in the UK - police, local authorities and government departments can get internal sign off to access data. If the IP Bill is passed, data will be able to be analysed without a warrant through an intrusive tool known as the request filter.

It may be too late to end data retention under DRIPA, which expires at the end of the year, but the Government has the opportunity to ensure that the IP Bill complies with EU law. In particular, they should end the extension of mass data retention proposed in the Bill, which would see the UK become one of the only democracies to record its citizens' web browsing history and provide a police search engine to scour it.

Tory Drad Davis and Labour's Tom Watson originally took their case to the British High Court claiming that DRIPA sections 1 and 2 were incompatible with the public's right to respect for private life and communications and for protection of personal data under Articles 7 and 8 of the Charter.

The court found for Davis and Watson in July 2015 but the ruling was not upheld on appeal, so Davis and Co. took their case to the European Court of Justice in Luxembourg.

Drad Davis has now been promoted into Theresa May's cabinet and has inevitably dropped his criticism of mass snooping. So he has now withdrawn from this legal case.