Skip to comments.Europe votes to end data privacy
Posted on 05/31/2002 3:18:30 AM PDT by gd124
Europe votes to end data privacy
Law will allow police to spy on phone and net traffic
European law enforcement agencies were given sweeping powers yesterday to monitor telephone, internet and email traffic in a move denounced by critics as the biggest threat to data privacy in a generation. Despite opposition from civil liberties groups worldwide, the European parliament bowed to pressure from individual governments, led by Britain, and approved legislation to give police the power to access the communications records of every phone and internet user.
The measure, which will be approved by the 15 EU member states, will allow governments to force phone and internet companies to retain detailed logs of their customers' communications for an unspecified period. Currently, records are kept only for a couple of months for billing purposes before being destroyed.
Although police will still require a warrant to intercept the content of electronic communications, the new legislation means they will be able to build up a complete picture of an individual's personal communications, including who they have emailed or phoned and when, and which internet sites they have visited.
From mobile phone records, police will also be able to map people's movements because the phones communicate with the nearest base station every few seconds. In urban areas, the information is accurate to within a few hundred metres, but when the next generation of mobiles comes on stream it will pinpoint users' locations to within a few metres.
Tony Bunyan, editor of Statewatch, said: "This is the latest casualty in the war against terrorism as far as civil liberties are concerned. The problem with wanting to monitor a few people is that you end up having to keep data on everybody."
The British government, which played a key role in driving through the new measures, has already introduced such powers as part of the anti-terror bill rushed through in the immediate aftermath of September 11, although the data retention measures have yet to be implemented.
UK civil liberties groups had hoped that if MEPs rejected data retention, it would open up the possibility of a legal challenge to the British legislation on the grounds that it was incompatible with European data protection law. After yesterday's vote they now expect the government to press ahead with implementing the act.
The measure is contained in an amendment to a bill originally intended to improve the security of e-commerce transactions. "Looking at the results, it amounts to a large restriction on privacy and increases the power of the state," said Italian independent MEP Marco Cappato, the bill's author who tried to prevent the amended clause being added.
Last night, the Home Office welcomed the result. "The UK is very pleased that the [European] council and parliament have reached agreement on a text that will ensure that the fight against terrorism and other crime will be given the appropriate weight. It is, of course, very important to protect people's fundamental rights and freedoms, but, as the tragic events of September 11 show, this must be balanced with the need to ensure that the law enforcement community can do its job."
But critics said the move amounted to blanket general surveillance of the whole population. The communications industry has also opposed data retention, questioning the feasibility and cost of storing such vast amounts of information.
John Wadham, director of Liberty, said: "This violates a fundamental principle of privacy, which is that data collected for one purpose should not be used for another.
"The police and other authorities will be able to trawl through all the details of the communications of millions of innocent people merely because there is a possibility that they might come across something suspicious."
Blah, blah, blah.
"The people never give up their liberties but under some delusion." -
"Necessity is the plea for every infrngement of human freedom. It is the argument of tyrants; it is the creed of slaves." -
As for the cell phones, any fool who thought they weren't being monitored already has his head in the sand. I forget the name of the company in Jersey, but in archives cell records on a national basis for "marketing and research" purposes already.
The news in this article is old news in "the land of the free"
Just one big happy family...
This whole scenario is rather chilling...
I suspect that's exactly what the NSA looks for in the billions of messages sent every hour. Encryption tags probably cause the message to be directed to queues for brute force decryption and examination. If you're a bad guy, encryption is probably the worst thing you can do.
Can you give me and example of one?
I think they have to be on for this to work, but I recall hearing about one coming out which may transcend that.
American's have had more liberty from government, but I don't think American's have ever been more 'free' from prying eyes and social pressures as they go about their business than we are today. The internet and computer technology has invested us with unprecedented power and anonymity that is being abused. It's inevitable that something will need to come along to balance that out, be it private databases or government eavesdropping.
I doubt that any of the chicken-littles on this thread noticed it, but the article states that the, "police will still require a warrant to intercept the content of electronic communications". Some may not even notice it after reading it again in my post
I found a feature list of 'anonymous' browsers.
And here's an article dismissing anonymous browsers.
Even if logs are not kept, what do you think are the odds that some agency isn't intercepting all the traffic to and from these things.
You think Uncle Sam will have these powers by the end of the year or the end of the summer?
ROFL. Brute force doesn't get you anywhere.
But the point of this vote would be to ensure that anyone who used this security was a criminal just for doing so, whether or not they were hiding anything criminal. Or, as the page says about this very legislation:
The British Government has pushed the Regulations of Investigative Powers Act (RIPA) through legislation which provides for orders to disclose private encryption keys and threatens everyone served with those orders with two or even five years of jail who fails to comply with the demands. While some are still figuring out how far the powers provided by this act will reach - - - - the conditions under which orders may be served or surveilance devices can be installed seem pretty much stretchable - others begin to protest while other EU governments seem to show the political will to adopt this famous legislation. The unequivocal obligation to reveal your private communication by law is an effective method to tempt the uninformed public into not using cryptography to protect their privacy and to criminalize those who do.
Similarly, over here FBI can now get no-notification warrants to tap your keyboard; all the fancy crypto means nothing if you hand over your keys without knowing it. But that at least requires a warrant, which means they're not simply sitting back watching everyone at once but forced to identify wrongdoers first and then proving it (and best wishes to FBI, too, when they stick to this normal approach).
<g> Maybe you better do more investigating and less ROTF. (Though admittedly, it's not pure brute force.)
The goal of crypto isn't, by the way, to make the plaintext unreadable forever. It's just to make it unreadable until its intelligence value degrades. For example, if Rommel had a coded msg from 3rd Army HQ and didn't get plaintext until 6/7/1944, it's kinda old news...
Umhmm, I think that is addressed in the link that you're responding to, including reference to an architecture design to crack 1024 bit keys in less than a minute. Who knows what really exists so I'm in disagreement with your dismissive boast that "ROFL. Brute force doesn't get you anywhere.""
There's something about those powers of 2, though... oh yea, that's right, they're exponential :)
So use 2048-bit keys as the post you referenced suggests. Or 4096, or 8192, or whatever level makes you comfortable. Now for most of us who might want to use a public key present PGP is limited to 1024 bit (it's the old command line one that was more robust) but if you actually cared about your data (like a company might be if its competitors were snooping) and not just encrypting everything just to make life difficult for snoopers, you could use more since your recipient would expect it.
Of course if everyone is encrypting, even if its all breakable with some effort, it's not feasible to scan through everything. Thus EU is putting a stop to that possibility.
Or, to put it another way, the fact that they are bothering to pass laws like this is an indicator that breaking crypto is not yet incidental to various governments.
Or that they'd rather just spend the 10 billion instead of 20 billion next year to update their equipment.