Search the Community
Showing results for tags 'watchdog'.
Found 3 results
zanderthunder posted a topic in Security & Privacy NewsUK's Information Commissioner's Office challenges the interpretation of a court ruling that gave the green light for using facial recognition on the public. Police forces should be subject to a code of practice if they want to use live facial recognition technology on the public, according to the UK's Information Commissioner's Office (ICO). ICO commissioner Elizabeth Denham has released her opinion on the use of live facial recognition on the public by police in response to a recent High Court ruling that South Wales Police didn't violate human rights or UK law by deploying the technology in a public space. Denham argues facial recogition should be restricted to targeted deployments that are informed by intelligence and time-limited, rather than ongoing. She also reckons the High Court's decision "should not be seen as a blanket authorisation for police forces to use [live facial recognition] systems in all circumstances". The case concerned police using live CCTV feeds to extract individuals' facial biometric information and matching it against a watchlist of people of interest to police. Large scale trials of facial recognition tech by the South Wales Police and the Metropolitan Police Service (Met) for public safety have irked some people who fear a dystopian future of mass surveillance combined with automated identification. The ICO kicked off an investigation in August over the use of surveillance cameras to track commuters and passersby in London. Denham raised concerns over people being identified in public without gaining an individual's consent. Surveillance cameras themselves make some people uncomfortable, but technology that automatically identifies people raises new questions for privacy in public spaces. The Met began trialling the tech on shoppers in London last Christmas. Denham said live facial recognition was a significant change in policing techniques that raises "serious concerns". "Never before have we seen technologies with the potential for such widespread invasiveness. The results of that investigation raise serious concerns about the use of a technology that relies on huge amounts of sensitive personal information," she said. Denham argues the UK needs a "a statutory and binding code of practice" for the technology's deployment due to a failure in current laws to manage the risks it poses. The privacy watchdog will be pushing the idea of a code of practice with the UK's chief surveillance bodies, including policing bodies, the Home Office and the Investigatory Powers Commissioner. Denham argues in her opinion statement that for police to use facial recognition, they need to meet the threshold of "strict necessity" and also consider proportionality. She believes this is likelier to be met on small scale operations, such as when "police have specific intelligence showing that suspects are likely to be present at a particular location at a particular time." Another is at airports, where live facial recognition supports "tailored security measures". Source: Facial recognition could be most invasive policing technology ever, warns watchdog (via ZDNet)
steven36 posted a topic in Security & Privacy NewsMI5 headquarters in London The security service MI5 has handled large amounts of personal data in an "undoubtedly unlawful" way, a watchdog has said. The Investigatory Powers Commissioner said information gathered under warrants was kept too long and not stored safely. Civil rights group Liberty said the breaches involved the "mass collection of data of innocent citizens". The high court heard MI5 knew about the issues in 2016 but kept them secret. "MI5 have been holding on to people's data - ordinary people's data, your data, my data - illegally for many years," said Megan Goulding, a lawyer for Liberty, which brought the case. "Not only that, they've been trying to keep their really serious errors secret - secret from the security services watchdog, who's supposed to know about them, secret from the Home Office, secret from the prime minister and secret from the public." Targeted interceptions The criticism of MI5 emerged in the High Court on Tuesday as Liberty challenged parts of the Investigatory Powers Act. Under the act, MI5 can apply to judges for warrants to obtain information such as people's location data, calls, messages and web browsing history. As well as "bulk data" collection, which can include information about ordinary members of the public, MI5 can use targeted interceptions of communications and computer hacking for investigations such as counter-terrorism. But the act includes safeguards about how all this information is stored and handled. It is against the law to keep data when it is no longer needed, or to store it in an unsafe way. MI5 had a "historical lack of compliance" with the law, said Lord Justice Sir Adrian Fulford, who oversees the security service's use of data as Investigatory Powers Commissioner. In a ruling revealed during the court case, he said the security service would be placed under greater scrutiny by judges when seeking warrants in future - which the commissioner compared to a failing school being placed in "special measures". Liberty said the revelations meant that some of the warrants issued to MI5 may not have been lawful, because the security service knew over several years that it was not handling data correctly but did not tell the judges. 'Serious risks' The court heard that senior members of MI5 were aware three years ago that there were serious issues with the management of data. MI5 informed the Home Office and Number 10 of the concerns in April this year, but the commissioner said they should have revealed them earlier. Discussions between lawyers and clients were among the information wrongly held by the security service, Liberty said. The pressure group said such material should be protected by legal privileges, but instead it was being seen by people at MI5. Lawyers for MI5 said they could not explain the exact nature of the breaches in open court, not because they were "embarrassing" but because there were "serious national security concerns". The security service has now taken "immediate and substantial steps" to comply with the law, Home Secretary Sajid Javid has said. Julian Milford, representing Mr Javid and Foreign Secretary Jeremy Hunt, acknowledged in court "the existence of serious compliance risks". But he said these specific issues were a "complete irrelevance" to Liberty's court case, which was challenging the legality of the whole system of information gathering created by the Investigatory Powers Act. Source
Turk posted a topic in Security & Privacy NewsBy CHARLIE SAVAGEJAN. 23, 2014 Members of the Privacy and Civil Liberties Oversight Board, a federal panel, at a workshop about surveillance held in a Washington hotel last summer. Christopher Gregory for The New York Times WASHINGTON — An independent federal privacy watchdog has concluded that the National Security Agency’s program to collect bulk phone call records has provided only “minimal” benefits in counterterrorism efforts, is illegal and should be shut down. The findings are laid out in a 238-page report, scheduled for release by Thursday and obtained by The New York Times, that represent the first major public statement by the Privacy and Civil Liberties Oversight Board, which Congress made an independent agency in 2007 and only recently became fully operational. The report is likely to inject a significant new voice into the debate over surveillance, underscoring that the issue was not settled by a high-profile speech President Obama gave last week. Mr. Obama consulted with the board, along with a separate review group that last month delivered its own report about surveillance policies. But while he said in his speech that he was tightening access to the data and declared his intention to find a way to end government collection of the bulk records, he said the program’s capabilities should be preserved. The Obama administration has portrayed the bulk collection program as useful and lawful while at the same time acknowledging concerns about privacy and potential abuse. But in its report, the board lays out what may be the most detailed critique of the government’s once-secret legal theory behind the program: that a law known as Section 215 of the Patriot Act, which allows the F.B.I. to obtain business records deemed “relevant” to an investigation, can be legitimately interpreted as authorizing the N.S.A. to collect all calling records in the country. The program “lacks a viable legal foundation under Section 215, implicates constitutional concerns under the First and Fourth Amendments, raises serious threats to privacy and civil liberties as a policy matter, and has shown only limited value,” the report said. “As a result, the board recommends that the government end the program.” While a majority of the five-member board embraced that conclusion, two members dissented from the view that the program was illegal. But the panel was united in 10 other recommendations, including deleting raw phone records after three years instead of five and tightening access to search results. The report also sheds light on the history of the once-secret bulk collection program. It contains the first official acknowledgment that the Foreign Intelligence Surveillance Court produced no judicial opinion detailing its legal rationale for the program until last August, even though it had been issuing orders to phone companies for the records and to the N.S.A. for how it could handle them since May 2006. The privacy board’s legal critique of the program was approved by David Medine, the board’s chairman and a former Federal Trade Commission official in the Clinton administration; Patricia M. Wald, a retired federal appeals court judge named to the bench by President Jimmy Carter; and James X. Dempsey, a civil liberties advocate who specializes in technology issues. But the other two members — Rachel L. Brand and Elisebeth Collins Cook, both of whom were Justice Department lawyers in the George W. Bush administration — rejected the finding that the program was illegal. They wrote in separate dissents that the board should have focused exclusively on policy and left legal analysis to the courts. Last month, two Federal District Court judges reached opposite legal conclusions in separate lawsuits challenging the program. Ms. Brand wrote that while the legal question was “difficult,” the government’s legal theory was “at least a reasonable reading, made in good faith by numerous officials in two administrations of different parties.” She also worried that declaring that counterterrorism officials “have been operating this program unlawfully for years” could damage morale and make agencies overly cautious in taking steps to protect the country. But the privacy board was unanimous in recommending a series of immediate changes to the program. The three in the majority wanted those changes as part of a brief wind-down period, while the two in dissent wanted them to be structural for a program that would continue. Some of those recommendations dovetailed with the steps Mr. Obama announced last week, including limiting analysts’ access to the call records of people no further than two links removed from a suspect, instead of three, and creating a panel of outside lawyers to serve as public advocates in major cases involving secret surveillance programs. Other recommendations — like deleting data faster — were not mentioned in the president’s speech. And all members of the board expressed privacy concerns about requiring phone companies to retain call records longer than they normally would, which might be necessary to meet Mr. Obama’s stated goal of finding a way to preserve the program’s ability without having the government collect the bulk data. The program began in late 2001 based on wartime authority claimed by President Bush. In 2006, the Bush administration persuaded the surveillance court to begin authorizing the program based on the Patriot Act under a theory the Obama administration would later embrace. But the privacy board’s report criticized that, saying that the legal theory was a “subversion” of the law’s intent, and that the program also violated the Electronic Communications Privacy Act. “It may have been a laudable goal for the executive branch to bring this program under the supervision” of the court, the report says. “Ultimately, however, that effort represents an unsustainable attempt to shoehorn a pre-existing surveillance program into the text of a statute with which it is not compatible.” Defenders of the program have argued that Congress acquiesced to that secret interpretation of the law by twice extending its expiration without changes. But the report rejects that idea as “both unsupported by legal precedent and unacceptable as a matter of democratic accountability.” The report also scrutinizes in detail a handful of investigations in which the program was used, finding “no instance in which the program directly contributed to the discovery of a previously unknown terrorist plot or the disruption of a terrorist attack.” Still, in her dissent, Ms. Cook criticized judging the program’s worth based only on whether it had stopped an attack to date. It also has value as a tool that can allow investigators to “triage” threats and provide “peace of mind” if it uncovers no domestic links to a newly discovered terrorism suspect, she wrote. http://www.nytimes.com/2014/01/23/us/politics/watchdog-report-says-nsa-program-is-illegal-and-should-end.html?partner=rss&emc=rss&smid=tw-nytimes&_r=0