SURVEILLE Paper Assessing Surveillance in the Context of Preventing a Terrorist Act

The TU Delft TEam; The EUI Team; The UW team

Tutkimustuotos: Kirja/raporttiTutkimusraportti

Abstrakti

SURVEILLE deliverable D2.8 continues the approach pioneered in SURVEILLE deliverable D2.6 for combining technical, legal and ethical assessments for the use of surveillance technology in realistic serious crime scenarios. The new scenario considered is terrorism prevention by means of Internet monitoring, emulating what is known about signals intelligence agencies’ methods of electronic mass surveillance. The technologies featured and assessed are: the use of a cable splitter off a fiber optic backbone; the use of ‘Phantom Viewer’ software; the use of social networking analysis and the use of ‘Finspy’ equipment installed on targeted computers. Non-technological surveillance techniques featured and assessed are the opening of baggage in an airport and the use of a covert surveillance team. The assessments are represented visually in a multidimensional matrix – a grid with numerical scores for fundamental rights risk and technical usability assessments, and colour coding for ethical risk assessment. Deliverable D2.8 was submitted to the European Commission on 29 May 2014. This SURVEILLE Paper, extracted from D2.8, contains the assessments and the resulting matrix as produced in D2.8. As in Deliverable D2.6, the discussion is jurisdiction-neutral, i.e. it does not name any particular EU Member State as conducting the surveillance in question. A separate SURVEILLE Paper, released parallel to this document, contains an assessment and analysis of actual methods of mass surveillance applied by the National Security Agency (NSA) of the United States of America. Minor updates of factual information were made in this extract during August 2014, after the submission on deliverable D2.8 in late May.

In contrast to the more mixed conclusions of D2.6, the assessments are overwhelmingly critical of the techniques employed: Only the two non- technological surveillance techniques produced usability and fundamental rights intrusion scores and an assessment of possible ethical risks that would make them justified, using the same criteria that were used in deliverable D2.6. Three methods of electronic surveillance are assessed as legally impermissible, as they resulted in modest usability scores, coupled with the highest possible fundamental rights intrusion score and the highest degree of ethical risk. Only one of the methods of electronic surveillance – social network analysis – is assessed as highly suspect (instead of manifestly impermissible), as it produces high scores both as to usability and fundamental rights intrusion, coupled with intermediate ethical risk.

The methodology underlying the legal assessments is further supported by an analysis of the ruling of the Court of Justice of the European Union on the 8 April 2014 in Joined cases C-293/12, C-594/12 Digital Rights Ireland and Seitlinger and Others1 that Directive 2006/24/EC of the European Parliament and of the Council of 15 March 2006 on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks and amending Directive 2002/58/EC (“Data Retention Directive”)2 is invalid.

A technical assessment of the techniques used by signals intelligence agencies for mass surveillance remains challenging because the programmes in question are classified. Nevertheless, educated guesswork is possible based on recent leaks, previous revelations, and an understanding of what methods and devices are available. These suggest that the technological basis of mass surveillance is achieved by means of a combination of tapping fiber-optic cables, circumventing encryption, launching cyber attacks, gathering phone metadata, and utilizing traditional spying methods such as bugging embassies and tapping political leaders’ phones. The available information on these and other surveillance methods was used as the basis for the terrorism prevention scenario presented in this paper, even if the discussion is presented as jurisdiction- neutral. A parallel separate SURVEILLE paper however describes and assesses the surveillance methods applied by the NSA.
Alkuperäiskielienglanti
JulkaisupaikkaBryssel
KustantajaSURVEILLE Project
Sivumäärä51
TilaJulkaistu - 31 heinäkuuta 2014
OKM-julkaisutyyppiD4 Julkaistu kehittämis- tai tutkimusraportti taikka -selvitys

Tieteenalat

  • 513 Oikeustiede

Siteeraa tätä

The TU Delft TEam; The EUI Team; The UW team (2014). SURVEILLE Paper Assessing Surveillance in the Context of Preventing a Terrorist Act. Bryssel: SURVEILLE Project.