Published 30 Oct. 2013 at Freedom to Tinker.
The other day, I was re-reading the 2008 Liberty vs. The United Kingdom ruling of the European Court of Human Rights (‘ECHR’). The case reads like any BREAKING / REVEALED news report on Edward Snowden’s disclosures, and will play a crucial role in the currently pending court cases in Europe on the legality of the surveillance programs. Liberty is also great material for comparing surveillance jurisprudence across the Atlantic.
They did not like what they saw on the telly in 1999. A TV show reported on the UK Ministry of Defence operated Electronic Test Facility (“ETF”) at Capenhurst in Cheshire. Soon afterwards, Liberty, the Irish Council for Civil Liberties and several other British NGOs launched a case against the UK government. The NGOs had provided legal advice throughout the UK during the 1990s and had legitimate concerns to be victims of the reported systematic mass surveillance of all telecommunications across the British isles.
After going upstream through several legal procedures, the ECHR released its final ruling in August 2008. Allow me to cherrypick from the Court’s assessment, in particular §64-§66:
- the 1985 Act [on which the UK government based its surveillance program] allowed the executive an extremely broad discretion … virtually unfettered;
- for example, all commercial submarine cables having one terminal in the UK and carrying external commercial communications to Europe;
- Information could be … listened to or read, if the Secretary of State considered this was required in the interests of national security, the prevention of serious crime or the protection of the United Kingdom’s economy;
- material was selected for examination by an electronic search engine, and search terms, falling within the broad categories covered by the [surveillance order] certificates, were selected and operated by officials.
The ruling has lots and lots of interesting observations, but these cherries square quite nicely with the Guardian reports on Snowden’s GCHQ disclosures on the TEMPORA program, as well as disclosures about xKeyscore, the mapping of a social graph of every internet user and the unfettered character of intelligence surveillance legal framework in general.
Since the first Snowden revelations, several cases have been launched — among them a fresh Liberty complaint and one by a second group of NGOs. When those cases end up upstream with the ECHR, and the NGOs have already committed to go all the way, Liberty will play a huge role in the Court’s assessment. So what was the outcome in 2008?
The short version: the Court struck the surveillance practises down for not being ‘in accordance with the law’. In other words, the legislation on which the British Government based its untargeted surveillance was so vague and ambiguous, that it didn’t meet the procedural requirements for surveillance laws under the European Convention of Human Rights – thus a violation of Liberty’s privacy rights.
Failing to meet the first procedural test, the Court was able to avoid the third, and politically much more sensitive, substantive test: was the 1990s ETF program ‘necessary in a democratic society?’ Given the sustained ambiguity in UK surveillance laws today, the Court just might be able to dance around the substantive assessment next time around. A likely outcome of such a case will be a legal necessity for meaningful oversight as well restraints on mass surveillance for Council of Europe member states with regard to their citizens.
Practically, if you think about it from a strategic game theory perspective, stronger domestic legal protection might just further fuel what you’ll read about today in the news and what we’ve argued last year in our paper ‘Obscured by Clouds’ (§2.2.3.): the circumvention of local laws through transnational surveillance followed by bilateral intelligence sharing, or ‘I spy from my country on your citizens, you from yours on my citizens, and we share the data through secret agreements’. That’s a difficult problem to solve under existing laws, unless we all agree about our universal commitment to the UN charter of human rights. Now there’s a political challenge.
A final thought: at least since 1978 (Klass v. Germany), the ‘mere existence’ of vague surveillance laws is an actual harm, a violation of privacy. And for very good reasons, among them knowing what your government is up to and being able to protect senstive communications – such as NGOs providing legal advice to citizens. The US Supreme Court has taken a quite different approach a range of opinions, such as the February 2013 case of Clapper v. Amnesty [pdf]: no standing for Amnesty, the ACLU and other NGOs, as they couldn’t prove that they had been a subject of surveillance. Cunningly, meaningful transparency is just the sort of thing the Patriot Act and even more so the Foreign Intelligence Surveillance Act succeeds in obscuring.
A rather Orwellian twist in the Supreme Court case-law and the US legal framework. The mere existence of vague surveillance laws is dangerous in itself. Post-Snowden, one would hope that the Supreme Court catches on, in stead of moonwalking out of NGOs challenging government surveillance.