27 June 2013
EU-USA data surveillance article roundup


1. EU-USA: DATA SURVEILLANCE: For those that missed here are three three original leaks by Snowden:

Top Secret: Exhibit A:  http://www.statewatch.org/news/2013/jun/nsa-fisa-targeting.pdf
Secret: Exhibit B: http://www.statewatch.org/news/2013/jun/nsa-fisa-minimization.pdf
Secret: Certification Order: http://www.statewatch.org/news/2013/jun/nsa-fisa-certification.pdf

2.  UK: SPYING ON THE EU: Germany blasts Britain over GCHQ's secret cable trawl: Minister questions legality of mass tapping of calls and internet and demands to know extent to which Germans were targeted (Guardian, link):

3. EU-USA-UK: DATA SURVEILLANCE: GCHQ taps fibre-optic cables for secret access to world's communications: Exclusive: British spy agency collects and stores vast quantities of global email messages, Facebook posts, internet histories and calls, and shares them with NSA (Guardian, link):

and Mastering the internet: how GCHQ set out to spy on the world wide web: Project Tempora – the evolution of a secret programme to capture vast amounts of web and phone data (Guardian, link)

4. EU-USA: DATA SURVEILLANCE: A WORD TO THE WISE: Why NSA surveillance is a threat to British doctors and lawyers: Professionals using cloud services will have to guard against the danger of patients and clients being snooped on (Guardian, link)


Jan Albrecht:  http://www.theparliament.com/latest-news/article/newsarticle/prism-jan-philipp-albrecht/
Sarah Ludford: http://www.theparliament.com/latest-news/article/newsarticle/prism-sarah-ludford
Sylvie Guillaume: http://www.theparliament.com/latest-news/article/newsarticle/prism-sylvie-guillaume/

See: US spy scandal prompts redraft of EU data bill (euobserver, link). If the parliament were to adopt this position we would see a "battle royale" between it and the Council (EU governments) and other Commissioners and Directorate-Generals who are susceptible to USA pressure:

6. EU-USA: DATA SURVEILLANCE: US spy scandal prompts redraft of EU data bill (euobserver, link):

See: Commission's draft proposal for the new Regulation on data protection:

7. EU-USA: DATA SURVEILLANCE: European Parliament: PRISM: EU citizens' data must be properly protected against US surveillance (Press release, link)

8. EU-USA: DATA SURVEILLANCE: EU Parliament in push to limit U.S. data access (Reuters, link):

and Britain's response to the NSA story? Back off and shut up - Snowden's revelations are causing outrage in the US. In the UK, Hague deploys a police-state defence and the media is silenced (Guardian, link)

9. US-UK: DATA SURVEILLANCE: MoD serves news outlets with D notice over surveillance leaks - BBC and other media groups issued with D notice to limit publication of information that could 'jeopardise national security' (Guardian, link)

"reading people's email before/as they do": GCHQ intercepted foreign politicians' communications at G20 summits: Exclusive: phones were monitored and fake internet cafes set up to gather information from allies in London in 2009 (Guardian, link)

"One document refers to a tactic which was "used a lot in recent UK conference, eg G20". The tactic, which is identified by an internal codeword which the Guardian is not revealing, is defined in an internal glossary as "active collection against an email account that acquires mail messages without removing them from the remote server". A PowerPoint slide explains that this means "reading people's email before/as they do".[emphasis added]

Tony Bunyan, Statewatch Director, comments: "These revelations come as no surprise to those who have tracked US-UK intelligence-gathering since the 1946 UKUSA agreement setting up global cooperation between the NSA and GCHQ. Intercepts by GCHQ are routinely forwarded to the Cabinet Office and then onto Ministries like the Foreign Office and have always given UK Ministers and officials the inside track in EU and international negotiations. Secondly, this confirms that a technological capacity of "reading people's email before/as they do" can be used not only to spy on other governments but also on organisations and individuals in civil society."

Background: UK-USA: National Archive publishes details of the 1946 UKUSA agreement for first time (Statewatch database)

10. US defends spy programme to sceptical EU (euobserver, link):

11. EU-USA: DATA SURVEILLANCE: How the USA changed the Commission's draft proposal for the new Regulation on EU data protection before it was formally adopted in January 2012 so as not to stand in the way of FISA/PRISM surveillance of the EU: The Financial Times reported on 12 June 2013:

that due to US pressure and high-level lobbying, the Commission's draft proposal for the new Regulation on data protection:

sent out for inter-service consultation in December 2011, was amended by deleting Article 42. Article 42 would have been effectively an "anti-FISA clause" (the USA's Foreign Intelligence Surveillance Act) and was deleted, after lobbying, by the full college of Commissioners as this would have led to major conflicts with the USA because most data servers of internet companies holding data on EU citizens are based in the USA. The Financial Times quotes a EU official as saying: "White House officials were making the rounds here and especially targeting Commissioners who have close relationships to the US to get them to remove Article 42" (in the draft proposal).

This volte-face by the Commission followed overt lobbying by the US officials including the submission of an Informal Note on Draft EU General Data Protection Regulation (December 2011)

from the USA and (put online at the time by Statewatch) which led to negative opinions being expressed by a number of Commission DGs.

The US Note says that Article 42 would impede and hinder law enforcement cooperation because "provision should be made to prohibit a controller or processor to directly dispose personal data to requesting third countries, unless authorised to do so by a supervisory authority [eg: a member state data protection authority... the draft regulation would effectively undermine international cooperation" - the "international cooperation" referred to is, of course, a one-way street whereby the USA reserves to itself to right to put under surveillance anyone in the EU or the world.

The final, adopted an published, version: Proposal for a Regulation on the protection of individuals with regard to the processing of personal data and on
the free movement of such data (General Data Protection Regulation) (25 January 2012):

12. EU-USA: DATA SURVEILLANCE: Spies Without Borders I: Using Domestic Networks to Spy on the World (EFFI, link):

and International Customers: It's Time to Call on US Internet Companies to Demand Accountability and Transparency (EFFI, link):

13. EU-USA: DATA SURVEILLANCE: EU Commissioner Reding's letter to the US Attorney-General (full-text)

See below for background. Poses seven questions and opens with: "I have serious concerns about recent media reports that United States authorities are accessing and processing, on a large scale, the data of European Union citizens using major US online service providers. Programmes such as PRISM and the laws on the basis of which such programmes are authorised could have grave adverse consequences for the fundamental rights of EU citizens."

14. EU-USA: DATA SURVEILLANCE: Council of Europe statement: Declaration of the Committee of Ministers on Risks to Fundamental Rights stemming from Digital Tracking and other Surveillance Technologies :

15. EU-USA: DATA SURVEILLANCE: Europe warns US: you must respect the privacy of our citizens: EU officials demand answers on what data snooping programmes entail and whether they breach human rights (Guardian, link):

16. US spy scandal widens as MEPs and MPs seek answers (euobserver, link)

and Parliament expresses anger over US data scandal (euractiv, link)

17. USA: DATA SURVEILLANCE: ACLU Files Lawsuit Challenging NSA's Patriot Act Phone Surveillance (ACLU, link):

The ACLU are taking a court action against the PRISM surveillance system which is authorised under the Patriot Act Section 215 using a FISA Order (Foreign Intelligence Surveillance Act). PRISM collects personal information from users of Skype, Facebook, Google, Microsoft etc from inside and outside the USA (described as "customers" of US-based internet services).

See also: What's in the rest of the top-secret NSA PowerPoint deck? (Wired):

refers to fact that only 5 of the 41 pages handed over to the press by Edward Snowden have so far been published. and Spy court urged to unmask legal basis for NSA dragnet phone surveillance (Wired): http://www.wired.com/threatlevel/2013/06/nsa-dragnet-legalities/

18. EU-USA: DATA SURVEILLANCE: Edward Snowden: saving us from the United Stasi of America: Snowden's whistleblowing gives us a chance to roll back what is tantamount to an 'executive coup' against the US constitution (Guardian, link):

Daniel Ellsberg: "In my estimation, there has not been in American history a more important leak than Edward Snowden's release of NSA material – and that definitely includes the Pentagon Papers 40 years ago. Snowden's whistleblowing gives us the possibility to roll back a key part of what has amounted to an "executive coup" against the US constitution."

World leaders seek answers on US collection of communication data - Data protection chiefs and analysts in EU, Pakistan, South Africa and Canada express concerns at revelations in leaks (Guardian, link):

19. The European Parliament plenary session 11 June is discussing: "US Internet surveillance of EU citizens (NSA PRISM programme): Commission statement": EU to seek privacy guarantees from US after intel scandal (link):

- Spy scandal to impact talks on EU-US data treaty (euobserver, link)

- US data surveillance worries German expert (DW, link) article by Thilo Weichert

- Time for Europe to stop being complicit in NSA's crimes (New Europe, link)

- US data scandal deepens EU-US divide on privacy (euractiv, link)

- US scandal shows EU needs 'highest standards' on data privacy (Public Service Europe, link)

- A lesson from history for those who strive to bring intelligence agencies to account (The Privacy Surgeon)

20. NETHERLANDS: Dutch security service has received information via PRISM Telegraaf and Dutch privacy watchdog wants answers on US data mining (Dutch News): http://www.dutchnews.nl/news/archives/2013/06/dutch_security_service_has_rec.php

Bits of Freedom: Dutch spooks must stop use of PRISM (link):

Belgium: Ook Staatsveiligheid krijgt informatie uit Prism (link)

21. Boundless Informant: the NSA's secret tool to track global surveillance data: Revealed: The NSA's powerful tool for cataloguing global surveillance data – including figures on US collection (Guardian, link):

And see: Boundless Informant NSA data-mining tool – four key slides (link):

and Boundless Informant: NSA explainer – full document text (link):

22. EU: US data scandal deepens EU-US divide on privacy (EurActiv)

23. PRISM makes trade deal a mission impossible (Presseurop):

24. GERMANY: Germany’s Merkel, concerned about US surveillance, will discuss with Obama (Epoch Times);

Germany most snooped country by US (euobserver)

25. USA: NSA collecting phone records of millions daily, court order reveals Guardian (link):

Exclusive: Top secret court order requiring Verizon to hand over all call data shows scale of domestic surveillance under Obama.

And Verizon court order (link): http://www.guardian.co.uk/world/interactive/2013/jun/06/verizon-telephone-data-court-order

26. NSA spying revelations leaves Europe silent (New Europe, link):

Global Network