By Katitza Rodriguez | EFF | June 21, 2013
The world is still reeling from the series of revelations about NSA and FBI surveillance. Over the past two weeks the emerging details paint a picture of pervasive, cross-border spying programs of unprecedented reach and scope: the U.S. has now admitted using domestic networks to spy on Internet users both domestically and worldwide. The people now know that foreign intelligence can spy on their communications if they travel through U.S. networks or are stored in U.S. servers.
While international public outrage has justifiably decried the scope and reach of these revelations, carte blanche foreign intelligence surveillance powers over foreigners are far from new. In the U.S., foreign intelligence has always had nearly limitless legal capacity to surveil foreigners because domestic laws and protections simply don’t reach that surveillance activity.
This legal framework, with no protection for foreigners and little oversight besides, has been exacerbated by the growth in individuals now living their lives online, who conduct their most intimate communications in cloud services that are hosted in the U.S. and across different jurisdictions. To make matters worse, the vast amount of Internet traffic globally is routed through the U.S. Last but not least, logistical barriers to powerful, mass surveillance have lowered and the application of existing legal principles in new technological contexts has become unclear and shrouded in secrecy, especially in a extra-territorial surveillance context. The US government’s FISA powers, which in 2008 opened the door to broad surveillance of communications where one side is an American and the other side is a foreigner, represent just an example of an increasing state capacity to conduct nearly limitless invasive extra-territorial surveillance from domestic soil.
International Backlash
On June 18, Germans rallied at a well-known Berlin Wall crossing point called Checkpoint Charlie. Under the motto: “Yes We Scan!” German activists protested against PRISM and NSA surveillance in response to President Barack Obama’s Berlin visit. Pictures of the rally show protest signs claiming that the Obama administration has become “Stasi 2.0” with the quote “All your data belong to us”.
The Stasi 2.0 campaign was originally designed in 2007 to fight Germany’s mandatory data-retention law, a law implementing an EU Directive that force ISPs and telecom providers to continuously collect and store records documenting the online activities of millions of ordinary Europeans. Roughly 34,000 citizens filed a lawsuit against the mandatory data retention in protest. The campaign was successful and in March 2010 a German court declared the law unconstitutional and ordered the deletion of the collected data. Now, the Stasi 2.0 campaign has shifted focus on calling upon their government to protect them against overreach scope of NSA foreign surveillance practices, Sandra Mamitzsch from Digitale Gesellschaft told EFF.
Germany has also increased its capacity to conduct sweeping and invasive extra-territorial surveillance from its domestic soil. As we noted, the German government has leveraged its ability to remotely compromise computer systems in order to spy on its citizens. The government has used commercial malware to hack private data. While there has been no confirmation that Germany is deploying these investigative techniques against persons outside German territories, extra-territorial surveillance is feasible because infection occurs via email and other Internet transmissions.
Campaigns against the NSA spying overreach are now being planned for July 6 all around Australia. Australians can get involved here: http://ourprivacy.org.au/
Micheal Vonn, policy director at the B.C. Civil Liberties Association in Canada, told to the Global News in Canada: “[w]e fully intend to get some pointed questions to the Canadian government about knowledge, complicity, alliance with this program. And whether, in fact, very, very quietly, the Canadian security establishment has been harvesting the fruits of this program for some time.”
EFF is demanding Internet companies to join our cause and protect the privacy of their international customers calling on Congress to create a committee to uncover the truth about the NSA alarming allegations. You can take action here. Current foreign intelligence surveillance targetting foreigners must be challenged to ensure strong human rights safeguards, transparency and accountability across the world. A global dialogue on extra-territorial foreign intelligence surveillance among all nations is much needed.
EFF will continue blogging about the impact of the NSA leaks on Internet users abroad in our Spies Without Borders series. Next, we will examine what implications the government’s use of these FISA powers has for Internet users abroad, with an eye to other jurisdictions and the requirements of international law.
This is the 5th article of our Spies Without Borders series. The series are looking into how the information disclosed in the NSA leaks affect Internet users around the world whose private information is stored in U.S. servers, or whose data travels across U.S. networks.
Image: Digitale Gesellschaft, licensed under a Creative Commons BY SA 3.0 license.