Feeds

US, UK watchdogs file legal moves to curb government surveillance

Privacy protectors petition Supreme Court, UK tribunal to rein in NSA, GCHQ

SANS - Survey on application security programs

Two privacy watchdogs, one in the US and one in the UK, have filed legal actions against their respective governments, petitioning them to curtail - or at minimum uncover - their domestic surveillance operations.

In the US, the Electronic Privacy Information Center (EPIC) has filed a petition (PDF) with the US Supreme Court, asking the Supremes to vacate what it alleges is "an unlawful order by the Foreign Intelligence Surveillance Court that enables the collection of all domestic phone record by the NSA."

The EPIC petition focuses specifically on an order by the Foreign Intelligence Surveillance Court (FISC) that permitted the FBI and NSA to obtain what EPIC characterizes as "vast amounts of telephone call data of Verizon customers." EPIC is a Verizon customer.

EPIC explains that it finds itself forced to petition the Supreme Court directly because it has no other recourse:

Normally, when a court issues an unlawful order, the adversely affected parties can intervene or appeal to a higher court. However, the FISC and Foreign Intelligence Surveillance Court of Review only have jurisdiction to hear petitions by the Government or recipient of the FISC Order. Neither party to the order represents EPIC's interests. As EPIC is not a recipient of the order, it cannot challenge it in the FISC. Other federal and state trial and appellate courts have no jurisdiction over the FISC, and therefore cannot grant relief.

So, to paraphase the ol' Ghostbusters meme, "Who you gonna call? The Supremes!" The EPIC petition requests the Supreme Court to halt the disclosure of details of Americans' telephone usage – specifically those disclosed by Verizon – alleging that the FISC did not have legal authority to compel Verizon to hand that metadata to the NSA.

According to EPIC, the FISC order exceeded the autnority granted to is under the Foreign Intelligence Surveillance Act (FISA), which states that such orders require "reasonable grounds to believe that the tangible things sought are relevant to an authorized investigation."

From EPIC's point of view, the FISC order overreaches. "It is simply unreasonable to conclude that all telephone records for all Verizon customers in the United States could be relevant to an investigation," they say.

In the UK, Privacy International filed a motion in the Investigatory Powers Tribunal (IPT) listing as defendants the secretaries of state for the Home Office and the Foreign and Commonwealth Office, the Secret Intelligence Service and Security Service, the Government Communications Headquarters (GCHQ), and the Attorney General.

Privacy International describes its action as addressing the UK governments action on two fronts:

Firstly, for the failure to have a publicly accessible legal framework in which communications data of those located in the UK is accessed after obtained and passed on by the US National Security Agency through the Prism programme. Secondly, for the indiscriminate interception and storing of huge amounts of data via tapping undersea fibre optic cables through the Tempora programme.

"One of the underlying tenets of law in a democratic society is the accessibility and foreseeability of a law," said Privacy International research head Eric King. "If there is no way for citizens to know of the existence, interpretation, or execution of a law, then the law is effectively secret."

Secret law is not legitimate law, said King. "It is a fundamental breach of the social contract if the Government can operate with unrestrained power in such an arbitrary fashion."

The Tempora programme to which Privacy International objects is allegedly as indescriminately sweeping as the FISC-ordered provision of telephone metadata to the FBI and NSA. According to the Guardian, 300 GCHQ staff and 250 US NSA analysts pore through vast amounts of private communications coursing through fibre-optic cables linking the UK to the rest of the globe.

"The Tempora programme by its very nature appears to violate the underlying requirement for interception," Privacy International contends, "which requires that surveillance is both necessary and proportionate under the Regulation of Investigatory Powers Act 2000 (RIPA)."

It is unlikely that either the US Supreme Court or the IPT will be quick to issue a stay on their respective governments' alleged monkeyshines, so you should have plenty of time to plow through Kafka's The Trial while you're waiting for their decisions. ®

High performance access to file storage

More from The Register

next story
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Edward Snowden on his Putin TV appearance: 'Why all the criticism?'
Denies Q&A cameo was meant to slam US, big-up Russia
Banks slap Olympus with £160 MEEELLION lawsuit
Scandal hit camera maker just can't shake off its past
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.