Charlie Hebdo murders are no excuse for killing online freedom

There’s been a predictable split in the reactions to Wednesday’s slaughter of the staff of French satirical newspaper Charlie Hebdo, along with others including police who were trying to protect them. On the one hand, hundreds of thousands of people have rallied in France and across Europe in defiance against those behind this attack on free speech…

… while others have taken a decidedly different tack, using the outrage as a justification for the rolling-back of online civil liberties. This approach was taken by Dan Hodges in the Telegraph, and by the Sun in an editorial arguing that “intelligence is our best defense… yet liberals still fret over the perceived assault on civil liberties of spooks analyzing emails.”

Here’s what Hodges (a well-known admirer of Tony Blair, the British prime minister who was no friend of civil liberties) wrote:

We hear a lot about freedom, and threats to our freedom. We heard about it, for example, when the government asked the Guardian to stop publishing the Snowden files because of the risk to national security. We heard about it last year, when David Cameron announced he was bringing back plans to allow the security agencies to monitor, and retain data on, our electronic communications – the so-called ‘snooper’s charter’. We heard about it in the wake of the Lee Rigby killing, where we [were] told the state would use the murder as an excuse for a further erosion of our liberties.

But those are not real assaults on our freedom. Switch on your TV. You will see and hear what an assault on freedom really looks like…

If one way of stopping obscenities like today is providing the security services a bit more access to our e-mails, we must give it to them. If it means internet providers handing over their records, the records must be handed over. If it means newspapers showing restraint the next time an Edward Snowden knocks on their door, then restraint will have to be shown. Because look who came knocking at the door today.

Hodges must be given credit for at least calling himself a “coward” in that piece, saving time for the rest of us.

I’m not going to go into the rights and wrongs of Charlie Hebdo’s content, much of which I personally found grossly offensive. That, after all, is the publication’s aim – to make points offensively (to a multitude of targets, it should be noted) and to meet calls for restraint with more proud offense. Freedom of expression is an essential civil liberty, not only in France, but across much of the democratic world. It was set out in the Declaration of the Rights of Man and of the Citizen, which emerged from the French Revolution in 1789, and it is today enshrined on an international level in the International Convention on Civil and Political Rights (ICCPR) .

The ICCPR’s signatories, including France, the U.K. and most of the world, have also pledged to ensure that “no one shall be subjected to arbitrary or unlawful interference with his privacy, family, home or correspondence.” Yes, this is a right that needs to be balanced against others, most notably the right to security, but arguably no calculation of that balance can justifiably permit mass surveillance.

To quote last year’s report on online mass surveillance by Ben Emmerson, the U.N.’s special rapporteur on the protection and promotion of human rights while countering terrorism:

International human rights law require States to provide an articulable and evidence-based justification for any interference with the right to privacy, whether on an individual or mass scale. It is a central axiom of proportionality that the greater the interference with protected human rights, the more compelling the justification must be if it is to meet the requirements of the Covenant. The hard truth is that the use of mass surveillance technology effectively does away with the right to privacy of communications on the Internet altogether. By permitting bulk access to all digital communications traffic, this technology eradicates the possibility of any individualized proportionality analysis.

Apart from the fact that mass surveillance hasn’t been shown to work – France’s extensive surveillance regime, expanded just weeks ago, clearly failed in this case – it is no way to protect freedom of expression. It is a tool for chilling free speech, of dissuading people from speaking their minds, and the same British government that wants to introduce the “snooper’s charter” is also working to stop its citizens from seeing extremist material online, by getting ISPs to filter out such content. It is cracking down on free expression on social media, leading the police there to tweet things like this:

It forced the Guardian‘s editors to destroy computers holding copies of the Snowden cache with angle grinders, for whatever that was worth. And the Sun, so keen on Blair’s Regulation of Investigatory Powers Act (RIPA) this week, recently made an official complaint about the police using the mass surveillance law to spy on its journalists and their sources in a case that was embarrassing the government.

After a cartoon featuring Mohammed led to the firebombing of Charlie Hebdo’s offices in 2011, editor Stéphane “Charb” Charbonnier famously said: “It perhaps sounds a bit pompous, but I’d rather die standing than live on my knees.”

On Wednesday, Charb died for liberty. To suggest that the correct response is the curtailment of liberty — to effectively argue that terrorism should be met with fearful capitulation — is more offensive than anything he ever published.

UK court to review legality of web snooping law

Two British members of Parliament have won the right to have the contentious Data Retention and Investigatory Powers Act (DRIPA) – an expansion of the U.K. authorities’ surveillance powers – reviewed by the High Court.

DRIPA was fast-tracked in July after Europe’s highest court struck down an EU-wide mandate for telcos to store records of their users’ communications. Although it was billed as an emergency measure to allow the U.K. to continue its data retention efforts – and it is indeed time-limited until the end of 2016 — it effectively expanded the scope of what information must be stored, to include metadata about people’s social media conversations and potentially many other kinds of web communications.

Labour’s Tom Watson and the Conservative David Davis applied for a judicial review later in July, alongside the civil rights group Liberty. The case was subsequently joined by the Open Rights Group and Privacy International.

On Monday, the High Court granted them the judicial review, to see whether DRIPA does indeed fall foul of European human rights law. Open Rights Group legal director Elizabeth Knight said in a statement:

After the Court of Justice of the EU declared the Data Retention Directive invalid, the UK government had the opportunity to design new legislation that would protect human rights. It chose instead to circumvent the decision of the CJEU by introducing the Data Retention and Investigatory Powers Act (DRIPA), which is almost identical to the Data Retention Directive.
Through our submission, we hope to help demonstrate that DRIPA breaches our fundamental human right to privacy and does not comply with human rights and EU law.

Despite DRIPA’s recent introduction, the British government is already amending it to take in more data. The government will require ISPs to maintain records of which customers use which IP addresses, and will also force web service providers who have British users to retain “data required for IP resolution”. The idea is to be able to match specific devices to terrorist or extremist communications, or crimes committed online, such as bullying.

Wider human rights problem

The U.K. isn’t the only European country that’s trying to push ahead with mandatory data retention despite the striking-down of the EU directive. The Swedish government, for example, is also forcing ISPs to keep customers’ metadata for the benefit of the authorities, and rebel ISP Bahnhof has reacted by offering customers free VPN in conjunction with a local digital rights group, so as to make the stored metadata unusable.

Meanwhile, late last week a coalition of Dutch lawyers, ISPs and journalists sued the government there over its insistence on data retention. The group claims data retention is in conflict with the CJEU ruling, though the Dutch government says it would be able to keep its legislation legal with a few tweaks. Dutch lawyers and journalists have already sued the government over its NSA intelligence-sharing arrangements.

As has been demonstrated in the U.K., data retention laws can be used to spy on lawyer-client communications and (systemically, in the case of the U.K.) on journalists too.

Meanwhile, on Monday the Council of Europe’s human rights commissioner, Nils Muižnieks, issued a report saying that “suspicionless mass retention of communications data is fundamentally contrary to the rule of law.” He said mass surveillance was not justified by the war on terror, and ran counter to established human rights laws. Muižnieks said he was “watching closely” what the U.K. was doing.

This article was updated at 7.30am PT to add further context, and again at 10am PT to remove the suggestion that viewing terrorist material online is a crime in the U.K. — the police there have suggested that it is, but this is almost certainly nonsense. Instead I have noted that the IP resolution move is intended to target terrorists and bullies.

We are becoming police states. Everyone OK with that?

The speed of technological progress is enabling rapid change in our societies and threatening the principles we claim to hold dear. We have to decide — now — whether we want to accept or resist the loss of our freedoms.

Is Internet access a fundamental human right?

Vint Cerf is one of the fathers of the Internet, but he argues that Internet access shouldn’t be seen as a fundamental human right — simply as a tool that enables other rights. But is this true? And what are the implications if he’s wrong?