Tag Archives: surveillance

CFP: Bytes, Bodies and Souls: Interrogating Human Digitalisation

conference-imageKent Law School, in conjunction with the Eastern Academic Research Consortium, invites early career academics and postgraduate research students to participate in the “Bytes, Bodies and Souls: Interrogating Human Digitalisation” workshop to be held on 30th May, 2017.

The workshop aims to bring together researchers across the social sciences, humanities, sciences and other relevant disciplines who are interested in examining the consequences, possibilities, and limitations of human digitalisation.

Papers and Posters are welcomed on any aspect of the conference theme. This may include, although is not restricted to:

  • Big Data and its challenges
  • The role and impact of the Internet of Things
  • Digital ownership and appropriation processes
  • Privacy, surveillance, and control
  • The role of algorithms in the governance of human digitalisation
  • Politics of digital humans from cyber activism to post-truth
  • Digital human aesthetics; the forging of a digital soul

Abstracts for papers are invited for consideration. Abstracts should be no more than 300 words in length. Successful applicants will be allocated 15 minutes for the presentation of their paper plus time for questions and discussion.

Abstracts for posters are invited for consideration. Abstracts should be no more than 300 words in length. Accepted poster presenters will need to deliver the hard copy of their poster to the venue no later than 9 am on the day of the workshop to allow it to be displayed throughout the day.

Submissions should be sent in a Word document format to a.m.holmes@kent.ac.uk. Please include name, title, institution, and email correspondence address and whether you wish to be considered for a paper or poster presentation. The deadline for submission is Friday 3rd March 2017. Successful applicants will be notified by the 19th March 2017.

Why the rise of wearable tech to monitor employees is worrying

Shutterstock.com

In this guest post, Ivan Manokha, Departmental Lecturer in International Political Economy at the University of Oxford, considers the use of wearable technology in the workplace and the potential privacy implications of collecting the data of employees. 

An increasing number of companies are beginning to digitally monitor their employees. While employers have always scrutinised their workers’ performance, the rise of wearable technology to keep tabs has more of a dystopian edge to it. Monitoring has become easier, more intrusive and is not just limited to the workplace – it’s 24/7.

Devices such as Fitbit, Nike+ FuelBand and Jawbone UP, which can record information related to health, fitness, sleep quality, fatigue levels and location, are now being used by employers who integrate wearable devices into employee wellness programmes.

One of the first was BP America, which introduced Fitbit bracelets in 2013. In 2015 at least 24,500 BP’s employees were using them and more and more US employers have followed suit. For instance, the same year, Vista Staffing Solutions, a healthcare recruitment agency, started a weight-loss programme using Fitbits and wifi-enabled bathroom scales. Appirio, a consulting company, started handing out Fitbits to employees in 2014.

In the UK similar projects are under consideration by major employers. And this trend will only intensify in the years to come. By 2018, estimates suggest that more than 13m of these devices will be part of worker wellness schemes. Some analysts say that by the same year, at least 2m employees worldwide will be required to wear health-and-fitness trackers as a condition of employment.

According to some, this is a positive development. Chris Brauer, an academic at Goldsmiths, University of London, argues that corporate managers will now be comparable to football managers. They will be equipped with a dashboard of employee performance trajectories, as well as their fatigue and sleep levels. They will be able to pick only the fittest employees for important business meetings, presentations, or negotiations.

It seems, however, that such optimism overlooks important negative and potentially dangerous social consequences of using this kind of technology. History here offers a word of warning.

Historical precedent

The monitoring of workers’ health outside the workplace was once attempted by the Ford Motor Company. When Ford introduced a moving assembly line in 1913 – a revolutionary innovation that enabled complete control over the pace of work – the increase in productivity was dramatic. But so was the rise in worker turnover. In 1913, every time the company wanted to add 100 men to its factory personnel, it was necessary to hire 963, as workers struggled to keep up with the pace and left shortly after being recruited.

Ford’s solution to this problem was to double wages. In 1914, the introduction of a US$5 a day wage was announced, which immediately led to a decline in worker turnover. But high wages came with a condition: the adoption of healthy and moral lifestyles.

The company set up a sociology department to monitor workers’ – and their families’ – compliance with its standards. Investigators would make unannounced calls upon employees and their neighbours to gather information on living conditions and lifestyles. Those that were deemed insufficiently healthy or morally right were immediately disqualified from the US$5 wage level.

Analysing Ford’s policies, Italian political philosopher and revolutionary Antonio Gramsci coined the term “Fordism” for this social phenomenon. It signalled fundamental changes to labour, which became much more intense after automation. Monitoring workers’ private lives to control their health, Gramsci argued, was necessary to preserve “a certain psycho-physical equilibrium which prevents the physiological collapse of the worker, exhausted by the new method of production”.

Parallels today

Today, we are faced with another great change to how work is done. To begin with, the “great doubling” of the global labour force has led to the increase in competition between workers around the world. This has resulted in a deterioration of working and employment conditions, the growth of informal and precarious labour, and the intensification of exploitation in the West.

So there has been a significant increase in the average number of hours worked and an increase in the intensity of labour. For example, research carried out by the Trade Union Congress in 2015 discovered that the number of people working more than 48 hours in a week in the UK was rising and it warned of a risk of “burnout Britain”.

Indeed, employee burnouts have become a major concern of employers. A UK survey of human resources directors carried out in 2015 established that 80% were afraid of losing top employees to burnout.

Ford’s sociology department was shut down in the early 1920s for two reasons. It became too costly to maintain it in the context of increasing competition from other car manufacturers. And also because of growing employee resistance to home visits by inspectors, increasingly seen as too intrusive into their private lives.

Wearable technology, however, does not suffer from these inconveniences. It is not costly and it is much less obviously intrusive than surprise home visits by company inspectors. Employee resistance appears to be low, though there have been a few attempts to fake the results of the tracking (for example, workers strapping their employer-provided Fitbits onto their dogs to boost their “activity levels”). The idea of being tracked has mostly gone unchallenged.

Labour commodified to the extreme

But the use of wearable technology by employers raises a range of concerns. The most obvious is the right to privacy. The use of wearable technology goes significantly further than computer systems where emails are already logged and accessible to employers.

Surveillance becomes continuous and all-encompassing, increasingly unconfined to the workplace, and also constitutes a form of surveillance which penetrates the human body. The right to equal employment opportunities and promotion may also be compromised if employers reserve promotion for those who are in a better physical shape or suffer less from fatigue or stress.

It may also be argued that the use of wearable technology takes what the Hungarian historian Karl Polanyi called the “commodification” of human labour to an extreme. Monitoring worker health both inside and outside the workplace involves the treatment of people as machines whose performance is to be maximised at all costs. However, as Polanyi warned, human labour is a “fictitious commodity” – it is not “produced” for sale to capital as a mere tool. To treat it as such risks ultimately leading to a “demolition of society”.

To protect individual rights, systems have been introduced to regulate how data that is gathered on employees is stored and used. So one possible solution is to render the data collected by trackers compulsorily anonymous. For example, one company that collects and monitors employee data for companies, Sociometric Solutions only charts broader patterns and connections to productivity, rather than individual performance.

This, however, does not address concerns about the increasing commodification of human labour that comes with the use of wearable technology and any potential threats to society. To prevent this, it is perhaps necessary to consider imposing an outright ban on its use by employers altogether.

The ConversationIvan Manokha, Departmental Lecturer in International Political Economy, University of Oxford

This article was originally published on The Conversation. Read the original article.

How the UK passed the most invasive surveillance law in democratic history

IPBill image

In this guest post, Paul Bernal, Lecturer in Information Technology, Intellectual Property and Media Law at the University of East Anglia, reflects on the passage of the Investigatory Powers Bill. The legislation was recently passed in Parliament and given Royal Assent on 29 November 2016.

You might not have noticed thanks to world events, but the UK parliament recently approved the government’s so-called Snooper’s Charter and it has now become law. This nickname for the Investigatory Powers Bill is well earned. It represents a new level and nature of surveillance that goes beyond anything previously set out in law in a democratic society. It is not a modernisation of existing law, but something qualitatively different, something that intrudes upon every UK citizen’s life in a way that would even a decade ago have been inconceivable. Continue reading

Information Law and Policy Centre’s annual workshop highlights new challenges in balancing competing human rights

dsc_0892  dsc_0896  dsc_0898

Our annual workshop and lecture – held earlier this month – brought together a wide range of legal academics, lawyers, policy-makers and interested parties to discuss the future of human rights and digital information control.

A number of key themes emerged in our panel sessions including the tensions present in balancing Article 8 and Article 10 rights; the new algorithmic and informational power of commercial actors; the challenges for law enforcement; the liability of online intermediaries; and future technological developments.

The following write up of the event offers a very brief summary report of each panel and of Rosemary Jay’s evening lecture.

Morning Session

Panel A: Social media, online privacy and shaming

Helen James and Emma Nottingham (University of Winchester) began the panel by presenting their research (with Marion Oswald) into the legal and ethical issues raised by the depiction of young children in broadcast TV programmes such as The Secret Life of 4, 5 and 6 Year Olds. They were also concerned with the live-tweeting which accompanied these programmes, noting that very abusive tweets could be directed towards children taking part in the programmes.

Continue reading

Full Programme: Annual Workshop and Evening Lecture

Restricted and Redacted: Where now for human rights and digital information control?

The full programme for the Information Law and Policy Centre’s annual workshop and lecture on Wednesday 9th November 2016 is now available (see below).

For both events, attendance will be free of charge thanks to the support of the IALS and our sponsor, Bloomsbury’s Communications Law journal.

To register for the afternoon workshop please visit this Eventbrite page.
To register for the evening lecture please visit this Eventbrite Page.

Please note that for administrative purposes you will need to book separate tickets for the afternoon and evening events if you would like to come to both events.

PROGRAMME

10.45am: REGISTRATION AND COFFEE 

11.15am: Welcome

  • Judith Townend, University of Sussex
  • Paul Wragg, University of Leeds
  • Julian Harris, Institute of Advanced Legal Studies, University of London

11.30am-1pm: PANEL 1 – choice between A and B

Panel A: Social media, online privacy and shaming

Chair: Asma Vranaki, Queen Mary University of London

  1. David Mangan, City, University of London, Dissecting Social Media: Audience and Authorship
  2. Marion Oswald, Helen James, Emma Nottingham, University of Winchester, The not-so-secret life of five year olds: Legal and ethical issues relating to disclosure of information and the depiction of children on broadcast and social media
  3. Maria Run Bjarnadottir, Ministry of the Interior in Iceland, University of Sussex, Does the internet limit human rights protection? The case of revenge porn
  4. Tara Beattie, University of Durham, Censoring online sexuality – A non-heteronormative, feminist perspective

Panel B: Access to Information and protecting the public interest

Chair: Judith Townend, University of Sussex

  1. Ellen P. Goodman, Rutgers University, Obstacles to Using Freedom of Information Laws to Unpack Public/Private Deployments of Algorithmic Reasoning in the Public Sphere
  2. Felipe Romero-Moreno, University of Hertfordshire, ‘Notice and staydown’, the use of content identification and filtering technology posing a fundamental threat to human rights
  3. Vigjilenca Abazi, Maastricht University, Mapping Whistleblowing Protection in Europe: Information Flows in the Public Interest

1-2pm: LUNCH 

2-3.30pm: PANEL 2 – choice between A and B

Panel A: Data protection and surveillance

Chair: Nora Ni Loideain, University of Cambridge

  1. Jiahong Chen, University of Edinburgh, How the Best Laid Plans Go Awry: The (Unsolved) Issues of Applicable Law in the General Data Protection Regulation
  2. Jessica Cruzatti-Flavius, University of Massachusetts, The Human Hard Drive: Name Erasure and the Rebranding of Human Beings
  3. Wenlong Li, University of Edinburgh, Right to Data Portability (RDP)
  4. Ewan Sutherland, Wits University, Wire-tapping in the regulatory state – changing times, changing mores

Panel B: Technology, power and governance

Chair: Chris Marsden, University of Sussex

  1. Monica Horten, London School of Economics, How Internet structures create closure for freedom of expression – an exploration of human rights online in the context of structural power theory
  2. Perry Keller, King’s College, London, Bringing algorithmic governance to the smart city
  3. Marion Oswald, University of Winchester and Jamie Grace, Sheffield Hallam University, Intelligence, policing and the use of algorithmic analysis – initial conclusions from a survey of UK police forces using freedom of information requests as a research methodology
  4. Allison Holmes, Kent University, Private Actor or Public Authority? How the Status of Communications Service Providers affects Human Rights

3.30-5pm: PANEL 3 – choice between A and B

Panel A: Intermediary Liability

Chair: Christina Angelopoulos, University of Cambridge

  1. Judit Bayer, Miskolc University, Freedom and Diversity on the Internet: Liability of Intermediaries for Third Party Content
  2. Mélanie Dulong de Rosnay, Félix Tréguer, CNRS-Sorbonne Institute for Communication Sciences and Federica Giovanella, University of Trento, Intermediary Liability and Community Wireless Networks Design Shaping
  3. David Rolph, University of Sydney, Liability of Search Engines for Publication of Defamatory Matter: An Australian Perspective

Panel B: Privacy and anonymity online

Chair: Paul Wragg, University of Leeds

  1. Gavin Phillipson, University of Durham, Threesome injuncted: has the Supreme Court turned the tide against the media in online privacy cases?
  2. Fiona Brimblecombe, University of Durham, European Privacy Law
  3. James Griffin, University of Exeter and Annika Jones, University of Durham, The future of privacy in a world of 3D printing

5-6pm: TEA BREAK / STRETCH YOUR LEGS

6-8pm: EVENING LECTURE AND DRINKS

Lecture Title: Heads and shoulders, knees and toes (and eyes and ears and mouth and nose…): The impact of the General Data Protection Regulation on use of biometrics.

Biometrics are touted as one of the next big things in the connected world. Specific reference to biometrics and genetic data has been included for the first time in the General Data Protection Regulation. How does this affect existing provisions? Will the impact of the Regulation be to encourage or to restrict the development of biometric technology?

  • Speaker: Rosemary Jay, Senior Consultant Attorney at Hunton & Williams and author of Sweet & Maxwell’s Data Protection Law & Practice.
  • Chair: Professor Lorna Woods, University of Essex
  • Respondents: Professor Andrea Matwyshyn, Northeastern University and Mr James Michael, IALS

Data Retention and the Automated Number Plate Recognition (ANPR) System: A Gap in the Oversight Regime

ANPR Intercept

The Advocate General’s Opinion in the recent Watson/Tele2 case re-emphasises the importance of considered justification for the collection and storage of personal data which has implications for a variety of data retention regimes. In this post, Lorna Woods, Professor of Internet Law at the University of Essex, considers the legal position of the system used to capture and store vehicle number plates in the UK.

The Data Retention Landscape

Since the annulment of the Data Retention Directive (Directive 2006/24/EC) (DPD) with Digital Rights Ireland (Case C-293/12), it has become clear that the mass retention of data – even for the prevention of terrorism and serious crime – needs to be carefully justified. Cases such as Schrems (Case C-362/14) and Watson/Tele2 (Case C-698/15) re-emphasise this approach. This trend can be seen also in the case law of the European Court of Human Rights, such as Zakharov v. Russia (47143/06) and Szabo v Hungary (11327/14 and 11613/14).

Not only must there be a legitimate public interest in the interference in individuals’ privacy and data protection rights, but that interference must be necessary and proportionate. Mechanisms must exist to ensure that surveillance systems are not abused: oversight and mechanisms for ex ante challenge must be provided.  It is this recognition that seems part of the motivation of the Investigatory Powers Bill currently before Parliament which deals – in the main – with interception and surveillance of electronic communications.

Yet this concern is not limited to electronic communications data, as the current case concerning passenger name records (PNR) data before the Court of Justice (Opinion 1/15) and other ECtHR judgments on biometric data retention (S and Marper v. UK (30562/04 and 30566/04)) illustrate.  Despite the response of the UK government to this jurisprudence, there seems to be one area which has been overlooked – at least with regard to a full oversight regime. That area is automated number plate recognition (ANPR) and the retention of the associated data. Continue reading

Whistleblowers and journalists in the digital age

Snowden

Dr Aljosha Karim Schapals, research assistant at the Information Law and Policy Centre, reports on a research workshop hosted by the University of Cardiff on Digital Citizenship and the ‘Surveillance Society’.

A workshop led by researchers at the Cardiff School of Journalism, Media and Cultural Studies (JOMEC) on 27th June in London shared the findings of an 18 month ESRC funded research project examining the relationships between the state, the media and citizens in the wake of the Snowden revelations of 2013.

It was the concluding event of a number of conferences, seminars and workshops organised by the five principal researchers: Dr Arne Hintz (Cardiff), Dr Lina Dencik (Cardiff), Prof Karin Wahl-Jorgensen (Cardiff), Prof Ian Brown (Oxford) and Dr Michael Rogers (TU Delft).

Broadly speaking, the Digital Citizenship and the ‘Surveillance Society’ (DCSS) project has investigated the nature, opportunities and challenges of digital citizenship in light of US and UK governmental surveillance as revealed by whistleblower Edward Snowden.

Touching on more general themes such as freedom of expression, data privacy and civic transparency, the project aligns with the research activities of the Information Law and Policy Centre, which include developing work on journalism and whistleblower protection, and discussions and analysis of the Investigatory Powers Bill. Continue reading

Update on Information Law and Policy Centre’s contribution to Investigatory Powers debate

As previously reported on this blog, our Information Law and Policy Centre (ILPC) at IALS has facilitated an ad hoc research group of academics and practitioners to contribute to the ongoing policy debate on surveillance following publication of the government’s Draft Investigatory Powers Bill. Members of this group published a clause-by-clause review examining their provenance – that is, whether the clauses come from existing legislation, or are newly introduced.

Lorna Woods, IALS senior associate research fellow and professor in law at the University of Essex, then submitted a revised version in her evidence to the joint select committee scrutinising the Bill. The committee used her evidence in its report published in February, for a table describing each investigatory capability in the draft bill (pp.32-37).

Separately, members of the Information Law and Policy Centre’s advisory board including Professor Lilian Edwards, Strathclyde University and Dr Lawrence McNamara, Bingham Centre for the Rule of Law, have signed an open letter published in the Telegraph calling on the government to give the Investigatory Powers Bill, which was introduced to the House of Commons on 1st March, the time it needs and not rush it through Parliament.

Members of the Centre have also participated in related events: Information Law and Policy Centre director Dr Judith Townend spoke at a symposium on the Bill at the University of Cambridge on 5 February 2016, and on 8th March, acted as discussant in an event on surveillance and human rights at Senate House, as part of a Seminar Series organised by the Institute of Commonwealth Studies and the Human Rights Consortium.  Other speakers included Kirsty Brimelow QC and Silkie Carlo, policy officer in technology and surveillance at Liberty.

Upcoming seminar, 8 March 2016, Senate House: Surveillance and Human Rights

This collaborative Seminar is organised by the Institute of Commonwealth Studies, the Information Law and Policy Centre of the Institute of Advanced Legal Studies and the Human Rights Consortium of the School of Advanced Study. It forms part of a Seminar Series on ‘Surveillance and Human Rights’.

This lecture series highlights common themes facing Commonwealth governments: how to balance civil liberties with the proper scope of government surveillance. With the issue of surveillance and government accountability constantly in the news, the series will look at the interaction of the state’s responsibility for security, with the role of independent actors in a modern democracy. Where are the boundaries between ‘social responsibility’ and unwarranted self –censorship? What are the rights and responsibilities of the pillars of British democracy, and the importance of freedom of speech embedded in the press, or university debate? What are the legitimate activities of governments faced with the challenge of the explosion of social media and the internet as alternative means of information and communication, and the defence of democracy in a digital age? Who should remain exempt from surveillance? Is transparency both feasible and desirable? Is secrecy essential in the State’s requirement to protect the public from terrorist attack?  Or is surveillance and the accompanying raft of legislation and intrusion undermining individual human rights and values, to the point of oppression?

Speakers

Kirsty Brimelow QC specialises in international human rights, criminal law, public international, constitutional and international criminal law. She is instructed in the most serious, complex and prominent cases nationally and internationally. Kirsty is an experienced trial barrister. She has defended defendants and acted for Claimants as a junior and then as Queen’s Counsel before the Criminal and Civil courts respectively, in England and Wales, the Investigatory Powers Tribunal, Courts Marital and Courts of Appeal in the Caribbean, the Court of Appeal in the British Virgin Islands, the European Court of Human Rights and the High Court in Gibraltar. Kirsty frequently advises before the Inter-American Court of Human Rights, the ECOWAS court in Abuja Nigeria, the Court of Appeal of Nigeria, the Superior Tribunal of Santander Colombia, the Supreme Court and Constitutional Courts of Colombia and the UN judicial processes and International Criminal Court.

Silkie Carlo is a Policy Officer in Technology and Surveillance at Liberty. Since joining in November 2015, she has been focused on the draft Investigatory Powers Bill, contributing to Liberty’s expert legal, policy and technical analysis, and promoting surveillance powers that are human rights compliant. Before joining Liberty, Silkie provided technical training to journalists and lawyers at risk and worked for Edward Snowden’s official defence fund.

Discussant

Dr Judith Townend is lecturer and director, Information Law and Policy Centre, Institute of Advanced Legal Studies. In autumn 2015 the Information Law and Policy Centre hosted an ad hoc group of academics and practitioners that produced a working review of the Draft Investigatory Powers Bill, looking at the legislative provenance of each clause. Judith has a particular interest in the transparency and accountability of surveillance powers and their effect on journalism and public communication.

Lorna Woods: ECtHR case report and comment – Roman Zakharov v Russia (Grand Chamber)

In this post Lorna Woods, professor of internet law, University of Essex and senior associate research fellow at the Institute of Advanced Legal Studies, considers the ECtHR’s judgment  in Roman Zakharov v. Russia (47143/06) [GC] handed down on 4 December 2015.

Introduction

The European Court has heard numerous challenges to surveillance regimes, both individual and mass surveillance, with mixed results over the years.   Following the Snowden revelations, the question would be whether the ECtHR would take a hard line particularly as regards mass surveillance, given its suggestion in Kennedy that indiscriminate acquisition of vast amounts of data should not be permissible. Other human rights bodies have condemned this sort of practice, as can be seen by the UN Resolution 68/167 the Right to Privacy in the Digital Age. Even within the EU there has been concern as can be seen in cases such as Digital Rights Ireland and more recently in Schrems.

Facts

Zakharov, a publisher and a chairman of an NGO campaigning for media freedom and journalists’ rights, sought to challenge the Russian system for permitting surveillance in the interests of crime prevention and national security. Z claimed that the privacy of his communications across mobile networks was infringed as the Russian State, by virtue of Order No. 70, had required the network operators to install equipment which permitted the Federal Security Service to intercept all telephone communications without prior judicial authorisation.

This facilitated blanket interception of mobile communications. Attempts to challenge this and to ensure that access to communications was restricted to authorised personnel were unsuccessful at national level. The matter was brought before the European Court of Human Rights. He argued that the laws relating to monitoring infringe his right to private life under Article 8; that parts of these laws are not accessible; and that there are no effective remedies (thus also infringing Art. 13 ECHR).

Judgment

The first question was whether the case was admissible. The Court will usually not rule on questions in abstracto, but rather on the application of rules to a particular situation. This makes challenges to the existence of a system, rather than its use, problematic. The Court has long recognised that secret surveillance can give rise to particular features that may justify a different approach. Problematically, there were two lines of case law, one of which required the applicant to show a ‘reasonable likelihood’ that the security services had intercepted the applicant’s communications (Esbester) and which favoured the Government’s position, and the other which suggested the menace provided by a secret surveillance system was sufficient (Klass) and which favoured the applicant.

The Court took the opportunity to try to resolve these potentially conflicting decisions, developing its reasoning in Kennedy. It accepted the principle that legislation can be challenged subject to two conditions: the applicant potentially falls within the scope of the system; and the level of remedies available. This gives the Court a form of decision matrix in which a range of factual circumstances can be assessed. Where there are no effective remedies, the menace argument set out in its ruling in Klass would be accepted.

Crucially, even where there are remedies, an applicant can still challenge the legislation if ‘due to his personal situation, he is potentially at risk of being subjected to such measures’ [para 171]. This requirement of ‘potentially at risk’ seems lower than the ‘reasonable likelihood’ test in the earlier case of Esbester. The conditions were satisfied in this case as it has been recognised that mobile communications fall within ‘private life’ and ‘correspondence’ (see Liberty, para 56, cited here para 173).

This brought the Court to consider whether the intrusion could be justified. Re-iterating the well-established principles that, to be justified, any interference must be in accordance with the law, pursue a legitimate aim listed in Article 8(2) and be necessary in a democratic society, the Court considered each in turn.

The requirement of lawfulness has a double aspect, formal and qualitative. The challenged measure must be based in domestic law, but it must also be accessible to the person concerned and be foreseeable as to its effects (see e.g Rotaru). While these principles are generally applicable to all cases under Article 8 (and applied analogously in other rights, such as Articles 9, 10 and 11 ECHR), the Court noted the specificity of the situation. It stated that:

‘…. domestic law must be sufficiently clear to give citizens an adequate indication as to the circumstances in which and the conditions on which public authorities are empowered to resort to any such measures’ [para 229].

In this, the Court referred to a long body of jurisprudence relating to surveillance, which recognises the specific nature of the threats that surveillance is used to address. In the earlier case of Kennedy for example, the Court noted that ‘threats to national security may vary in character and may be unanticipated or difficult to define in advance’ [para 159].

While the precision required of national law might be lower than the normal standard, the risk of abuse and arbitrariness are clear, so the exercise of any discretion must be laid down by law both as to its scope and the manner of its exercise. It stated that ‘it would be contrary to the rule of law … for a discretion granted to the executive in the sphere of national security to be expressed in terms of unfettered power’ [para 247]. Here, the Court noted that prior judicial authorisation was an important safeguard [para 249]. The Court gave examples of minimum safeguards:

  • The nature of offences which may give rise to an interception order
  • A definition of the categories of people liable to have their telephones tapped
  • A limit on the duration of telephone tapping
  • Protections and procedures for use, storage and examination of resulting data
  • Safeguards relating to the communication of data to third parties
  • Circumstances in which data/recordings must be erased/destroyed (para 231)
  • the equipment installed by the secret services keeps no logs or records of intercepted communication, which coupled with the direct access rendered any supervisory arrangements incapable of detecting unlawful interceptions
  • the emergency procedure provided for in Russian law, which enables interception without judicial authorization, does not provide sufficient safeguards against abuse.

The Court then considered the principles for assessing whether the intrusion was ‘necessary in a democratic society’, highlighting the tension between the needs to protect society and the consequences of that society of the measures taken to protect it. The Court emphasised that it must be satisfied that there are adequate and effective guarantees against abuse.

In this oversight mechanisms are central, especially where individuals will not – given the secret and therefore unknowable nature of surveillance – be in a position to protect their own rights. The court’s preference is to entrust supervisory control to a judge. For an individual to be able to challenge surveillance retrospectively, affected individuals need either to be informed about surveillance or for individuals to be able to bring challenges on the basis of a suspicion that surveillance has taken place.

Russian legislation lacks clarity concerning the categories of people liable to have their phones tapped, specifically through the blurring of witnesses with suspects and the fact that the security services have a very wide discretion. The provisions regarding discontinuation of surveillance are omitted in the case of the security services. The provisions regarding the storage and destruction of data allow for the retention of data which is clearly irrelevant; and as regards those charged with a criminal offence is unclear as to what happens to the material after the trial.

Notably, the domestic courts do not verify whether there is a reasonable suspicion against the person in respect of whose communications the security services have requested interception be permitted. Further, there is little assessment of whether the interception is necessary or justified: in practice it seems that the courts accept a mere reference to national security issues as being sufficient.

The details of the authorisation are also not specified, so authorisations have been granted without specifying – for example – the numbers to be interception. The Russian system, which at a technical level allows direct access, without the police and security services having to show an authorisation is particularly prone to abuse. The Court determined that the supervisory bodies were not sufficiently independent. Any effectiveness of the remedies available to challenge interception of communications is undermined by the fact that they are available only to persons who are able to submit proof of interception, knowledge and evidence of which is hard if not impossible to come by.

Comments

The Court could be seen as emphasising in its judgment by repeated reference to its earlier extensive case law on surveillance that there is nothing new here. Conversely, it could be argued that Zakharov is a Grand Chamber judgment which operates to reaffirm and highlight points made in previous judgments about the dangers of surveillance and the risk of abuse. The timing is also significant, particularly from a UK perspective. Zakharov was handed down as the draft Investigatory Powers Bill was published. Cases against the UK are pending at Strasbourg, while it follows the ECJ’s ruling in Schrems, with Davis (along with the Swedish Tele2 reference) now pending before it. The ECtHR noted the Digital Rights Ireland case in its summary of applicable law.

In setting out its framework for decisions, the Court’s requirement of ‘potentially at risk’ even when remedies are available seems lower than the ‘reasonable likelihood’ test in Esbester. The Court’s concern relates to ‘the need to ensure that the secrecy of surveillance measures does not result in the measures being effectively unchallengeable and outside the supervision of the national judicial authorities and of the Court’ [para 171]. This broad approach to standing is, as noted by Judge Dedon’s separate but concurring opinion, in marked contrast to the approach of the United States Supreme Court in Clapper where that court ‘failed to take a step forward’ (Opinion, section 4).

The reassessment of ‘victim status’ simultaneously determines standing, the question of the applicability of Article 8 and the question of whether there has been an infringement of that right. The abstract nature of the review then means that a lot falls on the determination of ‘in accordance with the law’ and consequently the question of whether the measures (rather than individual applications) are necessary in a democratic society. The leads to a close review of the system itself and the safeguards built in. Indeed, it is noteworthy that the Court did not just look at the provisions of Russian law, but also considered how they were applied in practice.

The Court seemed particularly sceptical about broadly determined definitions in the context of ‘national, military, economic or ecological security’ which confer ‘almost unlimited degree of discretion’ [para 248]. Although the system required prior judicial authorisation (noted para 259], in this case it was not sufficient counter to the breadth of the powers. So, prior judicial authorisation will not be a ‘get out of gaol free’ card for surveillance systems. There must be real oversight by the relevant authorities.

Further, the Court emphasised the need for the identification of triggering factor(s) for interception of communications, as otherwise this will lead to overbroad discretion [para 248]. Moreover, the Court stated that the national authorisation authorities must be capable of ‘verifying the existence of a reasonable suspicion against the person concerned’ [260-2], which in the context of technological access to mass communications might be difficult to satisfy. The Court also required that specific individuals or premises be identified. If it applies the same principles to mass surveillance currently operated in other European states, many systems might be hard to justify.

A further point to note relates to the technical means by which the interception was carried out. The Court was particularly critical of a system which allows the security services and the police the means to have direct access to all communications. It noted that ‘their ability to intercept the communications of a particular individual or individuals is not conditional on providing an interception authorisation to the communications service provider’ [para 268], thereby undermining any protections provided by the prior authorisation system.

Crucially, the police and security services could circumvent the requirement to demonstrate the legality of the interception [para 269]. The problem is exacerbated by the fact that the equipment used does not create a log of the interceptions which again undermines the supervisory authorities’ effectiveness [para 272]. This sort of reasoning could be applied in other circumstances where police and security forces have direct technical means to access content which is not dependent on access via a service provider (e.g. hacking computers and mobiles).

In sum, not only has the Russian system been found wanting in terms of compliance with Article 8, but the Court has drawn its judgment in terms which raised questions about the validity of other systems of mass surveillance.

  • Professor Lorna Woods is Deputy Director of Research (Impact) at the School of Law, University of Essex and senior associate research fellow at the Institute of Advanced Legal Studies
  • Our blog posts give the view of the author and do not represent the position of the Information Law and Policy Centre or the Institute of Advanced Legal Studies.