One Year After the Snowden Revelations: How the NSA Violates International Human Rights Standards

Cartoon by Carlos Latuff, shared via Web We Want/Flickr (CC BY-SA 2.0)

Cartoon by Carlos Latuff, shared via Web We Want/Flickr (CC BY-SA 2.0)

Today, June 5, marks the first anniversary of the beginning of the Edward Snowden revelations—a landmark event in global awareness of the worldwide spying machine.

Over the last year, the world has learned specific details of how the NSA and its four closest allies in the Five Eyes partnership (United Kingdom, Canada, Australia, and New Zealand) have constructed a web of digital communications surveillance systems at the technical and operational levels spanning the entire globe. We have learned the details of the extent of cooperation and intelligence-sharing among these countries, and have witnessed how material gathered under one country's surveillance regime is readily shared with others.

The dispersed locations of the Five Eyes countries enable them to surveil most of the world’s Internet traffic as it transits through their hubs and is stored in their various territories. Moreover, they have partnered with over 80 major global corporations to leverage their spying capabilities. The scope and reach of their cooperation and intelligence sharing has shocked the world. 

In a leaked internal document, the NSA defined their “collection posture” as being to “sniff, know, collect, process, exploit, partner it all.” This proves what many privacy advocates had suspected for a long time: The NSA has strayed far from its legitimate goal of protecting national security. In fact, we have seen the NSA participate in economic espionage, diplomatic spying and suspicionless surveillance of entire populations. Even worse, it surreptitiously weakened the products and standards that many people use to protect themselves against online spying.

While the Snowden revelations have proven invaluable in confirming the existence of global, cross-border spying by the NSA and its four primary allies, the governments of the affected billions of Internet and telephone users have been slow to fight back. In some cases, United States's allies might be holding back because of their own tangled complicity in this shared network. Others, like Russia and China, have their own pervasive surveillance networks and arrangements to protect.

Even before Snowden leaked his first document, human rights lawyers and activists were concerned about law enforcement and intelligence agencies spying on the digital world. One of the tools developed to tackle those concerns was the development of the International Principles on the Application of Human Rights to Communications Surveillance (the “Necessary and Proportionate Principles”). This set of principles was intended to guide governments in understanding how new surveillance technologies eat away at fundamental freedoms, and outlined how communications surveillance can be conducted in a manner consistent with human rights obligations. The Necessary and Proportionate Principles are intended to work as a resource for citizens to measure government surveillance practices against international human rights standards.

To mark the first anniversary of the Snowden disclosures, the Electronic Frontier Foundation is releasing Unnecessary and Disproportionate, a report detailing how some of the NSA spying operations violate both human rights standards and the Necessary and Proportionate Principles.

The report finds that NSA surveillance programs…

  • Lack “legality”, in that NSA surveillance laws are largely governed by a body of secret law developed by a secret court, the Foreign Intelligence Surveillance Court (FISC), which selectively publishes its legal interpretations of the law;   

  • Are neither “necessary,” nor “proportionate,” in that the various programs in which communications data are obtained in bulk violate the privacy rights of millions of persons who are not suspected of having any connection to international terrorism;

  • Are not supported by competent judicial authority because the only judicial approval, if any, comes from the FISC, which operates outside of normal adversarial procedures such that the individuals whose data are collected lack access to the court;

  • Lack due process because the FISC presents no opportunity for a public hearing;

  • Lack user notification: those whose data is obtained do not know that their communications have been monitored and hence they cannot appeal the decision nor get legal representation to defend themselves;

  • Lack the required transparency and public oversight, because they operate in secret and rely on gag orders against the entities from whom the data are obtained, along with secret, if any, court proceedings;   

  • Damage the integrity of communication systems by undermining security systems, such as encryption, requiring the insertion of surveillance back doors in communications technologies, including the installation of fiber optic splitters in transmission hubs.

The report also concludes that the US surveillance framework is illegitimate because it applies less favorable standards to non-US persons than its own citizens, a violation of the International Covenant on Civil and Political Rights (ICCPR).

The United States justifies the lawfulness of its communications surveillance by making reference to distinctions that, in the context of modern communications technology, are irrelevant to truly protecting privacy in a modern society. The US relies on the outmoded distinction between “content” and “metadata,” falsely contending that the latter does not reveal private facts about an individual.

The US also contends that the collection of data is not surveillance—it argues, contrary to both international law and the Principles, that an individual’s privacy rights are not infringed as long as her communications data are not analyzed by a human being. It’s clear that the practice of digital surveillance by the United States has overrun the bounds of human rights standards. What our paper hopes to show is exactly where the country has crossed the line, and how its own politicians and the international community might rein it back.

Now that a year has passed it’s clear that we need to update both our global technical infrastructure and local laws, consistent with long-standing international human rights standards, in order to regain any reasonable degree of privacy.  Specifically, we must end mass surveillance. Politicians in every country need to stand up to the NSA's incursions on their territory. The United States needs to reform its laws to recognize the privacy rights of innocent foreigners.

Human rights activists, technology experts and open Internet advocates in every country must work together to push for digital communications privacy protections at national and international levels around the globe. The Thirteen Principles on Communications Surveillance represent one robust global effort to tackle this challenge. Visit the Thirteen Principles site to learn more about the project and find out how you can get involved.

The contents of this post originally appeared on the Electronic Frontier Foundation website.

 

Start the conversation

Authors, please log in »

Guidelines

  • All comments are reviewed by a moderator. Do not submit your comment more than once or it may be identified as spam.
  • Please treat others with respect. Comments containing hate speech, obscenity, and personal attacks will not be approved.