Feeds

World+dog ignores Sweden's Draconian wiretap bill

'If your email crosses our border, we tap it'

SANS - Survey on application security programs

Sweden is on the verge of passing a far-reaching wiretapping program that would greatly expand the government's spying capabilities by permitting it to monitor all email and telephone traffic coming in and out of the country.

So far, hacks from the mainstream Swedish press seem to be on holiday, so news about the proposed law is woefully hard to come by. That leaves us turning to this summary from the decidedly partisan Swedish Pirate Party for details. We'd prefer to rely on a more neutral group, but that wasn't possible this time. According to them, here's a broad outline:

The En anpassad försvarsunderrättelseverksamhet bill (which loosely translates to "a better adapted military intelligence gathering") gives Sweden's National Defence Radio Establishment (FRA) direct access to the traffic passing through its borders. Now remember, we're talking about the internet, which frequently routes packets though multiple geographically dispersed hops before they reach their final destination.

This all but guarantees that emails and voice over IP (VoIP) calls between Swedes will routinely be siphoned into a massive monitoring machine. And we wouldn't be surprised if traffic between parties with no tie to the country regularly passes through Sweden's border as well, and that too would be fair game. (For example, email sent from a BT address in London to Finland is likely to pass through Sweden first.)

Once intercepted, the data will be searched for certain keywords, and those that contain the words will be pulled aside for additional scrutiny. A broad array of organizations will have use of the system, including the Department of Transportation, the Department of Agriculture, the police, secret service and customs, and in some cases major businesses. The bill allows Swedes to be singled out, as well.

When the bill was introduced in early 2007, Google was reportedly so concerned about its consequences for privacy that it threatened to limit its ties to the country if the measure passed.

"We have contacted Swedish authorities to give our view of the proposal and we have made it clear that we will never place any servers inside Sweden's borders if the proposal goes through," Peter Fleischer, Google's global privacy counsel, said last year, according to this article. "We simply cannot compromise our users' integrity by allowing Swedish authorities access to data that may not even concern Swedish activity."

But so far, few outside of the pro-privacy universe have bothered to discuss the bill this time around. There have been no similar pronouncements from Google and representatives there didn't respond to a request for comment. The Electronic Frontier Foundation has likewise been reticent about the bill.

"Surprisingly enough, there hasn't been that much written about it, even in the Swedish media," said Patrik Runald, a Swedish national and a security response manager for F-Secure who works in San Jose, California.

"The funny thing is when asked what do you want to look for, [backers of the bill] don't really specify what they're interested in," he continued. "It's a very broad bill. They basically can interpret whatever they like."

One of the few recent press mentions of the bill came from a publication called Cellular News in London. According to this story, Nordic and Baltic telecommunications provider TeliaSonera planned to move email servers out of Sweden to protect the privacy of its Finnish customers.

The bill is scheduled to come up for a vote on June 17. According to the Swedish Pirate Party, a majority of parliament currently backs the bill. ®

High performance access to file storage

More from The Register

next story
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
Edward Snowden on his Putin TV appearance: 'Why all the criticism?'
Denies Q&A cameo was meant to slam US, big-up Russia
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Record labels sue Pandora over vintage song royalties
Companies want payout on recordings made before 1972
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Judge halts spread of zombie Nortel patents to Texas in Google trial
Epic Rockstar patent war to be waged in California
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.