Loss of Privacy

Many countries that have signed ACTA are now rethinking their positions and apologizing for screwing up their countries with such legislation. Once everyone actually took the time to read and research what ACTA does, they discovered that they aren’t happy with what it entails at all.

One of the biggest regrets came from Poland this week when it suspended its ratification process for ACTA. Donald Tusk, Poland’s prime minister, said that there were insufficient consultations made before signing it.

Tusk’s backtracking could spell the end of ACTA for the entire European Union. If Poland or any other EU member state, or the European Parliament itself, fails to ratify the document, it becomes null and void across the union. As it stands, there are already five member countries that have not even signed ACTA.

Poland has seen the biggest protests against ACTA, with thousands demonstrating on the streets last week. Hackers believed to be associated with Anonymous attacked Tusk’s website, as well as the European Parliament site, after the signing.

Critics of ACTA say it has insufficient safeguards for online liberties, particularly in signing countries that do not already have strong principles of freedom of speech and expression. In addition, the agreement negotiations, which took place without the contributions of civic groups or elected representatives, have been widely described as undemocratic.

Although Slovenia also signed the agreement, their ambassador, Helena Drnovšek Zorko, has publicly apologized to her country for doing so, saying that it was a mistake.

I signed ACTA out of civic carelessness, because I did not pay enough attention.

Quite simply, I did not clearly connect the agreement I had been instructed to sign with the agreement that, according to my own civic conviction, limits and withholds the freedom of engagement on the largest and most significant network in human history, and thus limits particularly the future of our children.

The final version of ACTA is also very watered down from what it once was.

Here are some major improvements:

The provision that proposed to criminally punish ordinary users (think college kid downloading music) with fines, jail time, seizure of computers, etc., was significantly scaled back as the negotiation process moved on and finally eliminated in the final text.
The provision that required all ACTA countries to hold third parties, such as ISPs and consumer electronics manufacturers, liable for their customers’ infringement was eliminated. This provision, as drafted, was inconsistent with U.S. law and would have required changes to this complex and evolving policy space.

The provision that required countries to institute safe harbors for ISPs from their customer’s infringement was eliminated. While the idea of providing ISPs with a safe harbor is a good one and facilitates the development of platforms and services on the Internet, the way in which ACTA would have required these safe harbors was not good. It lacked safe guards for users that are contained in U.S. law. Further, it could have provided the excuse for measures such as three strikes and deep packet inspection.

The DRM provisions of ACTA were improved significantly. Earlier leaked drafts had called upon countries to prevent circumvention of DRM, treat them as both civil and criminal offenses, and consider them illegal even when there was no underlying attempt to infringe copyright. Furthermore, these drafts had not acknowledged that circumvention could be done for lawful purposes. The final text overcomes these deficiencies and gives countries flexibility in how they implement DRM provisions.

ACTA hasn’t been ratified in Europe yet, so there’s still time to protest it if you care anything at all about democracy and free speech. Protests are being called for on Saturday, 11 February 2012 across Europe.

If you’re still confused about ACTA, visit EFF’s page or this discussion on reddit.

In what they call an effort to stop terrorism, the EU wants to install surveillance cameras on airplane flights.

Those people who plan to go off for a week in the sun could have their conversations and movements monitored while they’re flying due to a European Union project going ahead. The plan has alarmed civil liberties campaigners, who fear further growth in the surveillance state.

As usual, opinions are divided. Some air passengers see additional surveillance as interfering with their privacy, a sort of last line pushed in by regulations. Others say they have nothing to hide so it would not worry them personally.
Everyone has something to hide. Everyone. To suggest otherwise is, at this point either naïve or stupid.

The EU project is aimed at tackling terrorism, by analyzing the way passengers behave in a bid to isolate potential bombers or hijackers when they’re already on board. At the moment, surveillance on planes is mainly limited to a CCTV camera near the cockpit.

Behavior that the system will eventually be able to pick up includes sweating, moving around the cabin in an erratic way, and repeated visits to the toilet. Dr. James Ferryman insists it will distinguish between potential terrorists and nervous flyers.

This is, of course, if they even have someone manning the cameras in the first place. The logistics of having someone watch every single flight in the EU is astronomical and not economically feasible. In all likelihood, such an implementation would not be viewed in real time. It would, instead rely on a computer program designed to detect your behavior.

What a computer can’t decide is that the person is going to the bathroom to throw up repeatedly because they could be pregnant or have an anxiety to flying that causes them to vomit. Someone might have diarrhea. What are they supposed to do with the cameras? I suppose the response from the EU would be to sit and soil themselves repeatedly so they aren’t labeled a terrorist by some sterile computer system.

“It treats everyone as a suspect, and that completely contradicts one of the main tenets of democratic law, which is that everyone is innocent until proven guilty,” proclaimed the spokesperson for NO CCTV, Alex Tabor. “Continuing surveillance, mass surveillance – be it video, communications, whatever the many ways that seem to be creeping forward – completely goes against that.”

Every single person that has any sort of travel anxiety is going to be affected by this. You’re already treated like a criminal through the numerous checks on the ground. Now, suppose you fear flying. You’re sitting in your seat, trying not to vomit and freak out because you’re of this fear. Well, now you can add the extra fear that you’re going to be fingered as a terrorist because of it.

And what if they do identify you as a terrorist thousands of feet in the air? Are they going to turn back? Are they going to wait until they land to take you into custody and interrogate you? What, exactly is the point? If you truly are a terrorist and have managed to get past the numerous security checks that are supposed to stop you before you board the plane, what use is identifying you then? If the plane turns back, you simply start your “terror” prematurely and if they don’t turn back, you proceed with your plan as usual.

So this plan for CCTV really accomplishes nothing other than more security theater and to put fear into those who are already anxious to begin with.

On Monday, the EU Council is set to give the USA all of its SWIFT banking data. In its quest to catch tax cheats, the US searched through everything they could lay their hands upon, including other countries’ data. Once it was revealed that the US had access to the SWIFT data through the US data centers, the EU shifted its transactions away from the US servers. Now, however, with the new treaty the US will have access to all EU interbank transfers, despite the cry from within the EU not to do this. This means that the US will have access to banking data that also includes non-SWIFT data.

“The move of SWIFT the data server to Switzerland would be an excellent opportunity to stop the nearly unlimited access of US authorities on EU bank transactions. But EU justice and interior ministers are apparently keen [on agreeing to] a deal as soon as possible, on 30 November. Why 30 November? Because one day later, on 1 December 2009, the EU’s Lisbon Treaty will be in force and would allow the European Parliament to play a major role in the negotiations of the deal with the US. A deal one day before will be a slap in the face to democracy in the EU. … [W]hile the US will be able to access EU banking data, no access to US banking data by EU [authorities] is being foreseen.”

Providing this goes into effect before December 1st, there is no way the European Parliament will have a say in the matter, despite their protestations.

A country simply needs to make a request for data and they will get what they need. Also included in the treaty is wording that claims that, if the specific data cannot be obtained, the EU will send bulk data to the country asking for the information and it will be up to them to sort out what they need.

According to article 5 of the treaty, any country in the world connected with fighting terrorism can gain access to this data.

article 5 (h): “Information obtained through this Agreement shall only be shared with law enforcement, public security, or counter terrorism authorities in the United States, European Union, or third states to be used for the purpose of the investigation, prevention, or prosecution of terrorism or its financing.”

Interestingly enough, this deal has no reciprocity for the EU. The US gets what it wants and doesn’t have to share its data. This treaty will catch a few tax cheats while risking the privacy of millions of everyday people. Is such a treaty really beneficial to anyone other than the spying governments who are pushing for this to happen?

Under a new agreement, the EU is set to receive biometric passports that will include fingerprints and photos despite security experts and privacy advocates arguments that the passports are technically flawed.  This new policy will take effect on June 29, 2009.

Many civil liberties groups oppose the use of fingerprints for technical as well as philosophical reasons. Philosophically, they are opposed to the creation of a computer database containing so much personal information about innocent citizens. Technically, they argue that biometric passports are only as safe as the existing paper documents they will replace, and could even make it easier for criminals to travel across borders once they obtain false biometric IDs.

Some security specialists agree. “There is a risk that border officials and police will rely too heavily on the technology, at the expense of old-fashioned techniques for identifying travelers,” said Richard Clayton, a security researcher based at the security laboratories at Cambridge University.

“With the existing passports, border guards look closely at people’s faces. If the emphasis switches to fingerprints there is a risk that you get rid of the human element in the job, such as observing if a person fidgets or looks nervous as they try to pass through passport control,” Clayton said.

Why do we allow politicians to be seduced by shiny technology?  The same thing will happen to those checking the passports.  At some point, people will stop looking at the person and rely solely on the technology.  Then, there will be huge problems.

Also of note, people without hands and those in certain professions, such as bricklayers, will now only qualify for special, 12-month only, temporary passports.  The major problem with this is that most countries in the world require a passport to have six months left on it before being allowed to enter.  Effectively, these people will have to apply for a new passport every six months.

Biometric passports in the USA and Australia aren’t very secure.  If similar methods are employed in the EU, then there’s no point in wasting the money to implement them.