Privacy: France and the Internet

France with its near socialist culture would be expected to have leanings towards liberty and freedom, particularly because of its close relation with the ECHR, which upholds the Human Rights Act, and includes Article 8 and the right privacy.

However, the current President Sarkozy, has put forward a law which would effectively ban illegal downloading, with the punishment of banning internet access to anyone caught. This would be enforced by monitoring access to the internet, possibly with software installed on the internet users machines, to detect file downloading activity. Which has huge ramifications.

Much of the French legal system is not keen on this, and its unlikely to go ahead. But the fact that this is being pushed forward is a worrying trend.

The President’s wife lives in the light of the media and movie industry, as do his close friends  and supporters, and Sarkozy certainly does not hide from that industry.

The fact that such a strict law, which would fundamentally change peoples access to data, could be proposed by somebody who is closely linked with the movie industry is a worrying  fact.

But having seen the UK’s seedy underbelly of expenses in Parliment, it is hardly surprising.

Prum Convention: Technology

The Prum Convention, which has many detractors (not lost of which is the House of Lords), is quietly increasing its footprint.

Just this month the Belgium police released a new fingprint system, this has several benifits including being more accurate, but it also allows more effective exchange of data with those countries signed upto the Prum Convention.

But fingerprints are infallable, so surely that cannot be a problem?

Data Retention: Article 29 Working Party

Within the EU there is a body with the catchy title of “Working Party on the Protection of Individuals
with regard to the Processing of Personal Data”, this group produces guidelines and policy in relation to personal data on every thing from the police to direct sales.

Despite a name that just rolls off the tongue, the Working Party are often known simply as “Article 29 Working Party“,  this is because they were formed under Article 29 of the even more catchy “Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data

Article 29 states that:

  1. A Working Party on the Protection of Individuals with regard to the Processing of Personal Data, hereinafter referred to as ‘the Working Party’, is hereby set up.
    It shall have advisory status and act independently.
  2. The Working Party shall be composed of a representative of the supervisory authority or authorities designated by each Member State and of a representative of the authority or authorities established for the Community institutions and bodies, and of a representative of the Commission.
    Each member of the Working Party shall be designated by the institution, authority or authorities which he represents. Where a Member State has designated more than one supervisory authority, they shall nominate a joint representative. The same shall apply to the authorities established for Community institutions and bodies.
  3. The Working Party shall take decisions by a simple majority of the representatives of the supervisory authorities.
  4. The Working Party shall elect its chairman. The chairman’s term of office shall be two years. His appointment shall be renewable.
  5. The Working Party’s secretariat shall be provided by the Commission.
  6. The Working Party shall adopt its own rules of procedure.
  7. The Working Party shall consider items placed on its agenda by its chairman, either on his own initiative or at the request of a representative of the supervisory authorities or at the Commission’s request.

Even back in 1997, just a few years after the Article 29 WP, was set up it published a report identifying the problems of companies collecting large amounts of data about EU citizens.

The report  entitled,  Anonymity on the Internet, stated that:

Over the past 25 years it has become apparent that one of the greatest threats to this fundamental
right to privacy is the ability for organisations to accumulate large amounts of information about
individuals, in a digital form which lends itself to high-speed (and now very low-cost) manipulation,
alteration and communication to others. Concerns about this development and the potential misuse
of such personal data has led all European Member States (and now the Community with directive
95/46/EC) to adopt specific data protection laws which set down a framework of rules governing
the processing of personal information.

Over the past decade  with the development of the data protection laws within the EU and its member states, Article 29 WP has continued to push for  better privacy and protection for inidivuals.

In 2008 Article 29 WP started to push the search engines to reduce the amount of data they retain from EU citizens, with a push for the data to be stored no longer than 6 months.  Google has reduced its data retention to 18 months, Microsoft is considering 6 months,  and Yahoo! has stated it will go as low as 3 months.

S and Marper: Will the Police Delete your DNA?

After the  historic ruling at the ECHR  for S and Marper v United Kingdom, there is an expectation that the police will be forced to delete all of the DNA collected and retained from  innocent people.

While they [the Police] probably should delete the DNA samples collected from people who were never charged or found not guilty, there is no major announcement from the Home Office to that effect.

In fact, even if the UK creates a new law, based on this test case stating that Police cannot retain DNA from the innocent/non convicted people they may still not delete the data,  for a simple reason – there is no deterrent to keeping it, even if retaining the DNA is illegal.

In US Law there is the concept of “fruit of the poisoned tree”. This means that not only is evidence collected illegally inadmissible it also  means that all evidence found from that information is also inadmissible. For example if a search is illegal, and the search reveals evidence that proves a case, that evidence will not be accepted.

In the UK this is not the case, in fact there are specific laws addressing just this question.

Section 78 of PACE allows the courts to exclude information if it is has been collected illegally, but it does not require it. In fact there are several cases where data that has been collected illegally, has been allowed. Section 76 of PACE deals with similar issues, but in relation to coerced confessions.

Therefore if the police retained the DNA evidence, rather than deleting it it, and then used the DNA sample to locate somebody then that conviction would probably stand, i.e. there is no deterrent to reatining, illegally,  the DNA samples held.

In fact there is case law to support this exact case.

Test Case – ATTORNEY GENERAL’S REFERENCE NO. 3 OF 1999  (14 DECEMBER 2000)

In 1990s when the DNA collection laws where first created the police could only collect DNA after charging, and then had to delete the sample if the individual was found not guilty. This was prior to the laws changing in 2001 and 2004, which allowed the police to take DNA prior to charging and retain it even if the person was not guilty. It is this change in the law that led to the  S and Marper case.

In 1997, when the original DNA collection laws were in place, a male committed a particularly horrific rape of on a 66 year old woman. The offender was detected via a DNA sample left at the scene,  which was matched against the National DNA database. The offender was arrested and  new DNA sample taken (as there always is), and the DNA match confirmed. This DNA evidence resulted in the conviction of the offender. However, the defence team appealed this as the original DNA sample, which led to the arrest was obtained from crime he was not convicted of, and as such should have been deleted.

This argument was initially won, in the Court of Appeal, but was then referred to the House of Lords, at which point the House of Lords stated the DNA sample should have been allowed to be used. As the House of Lords is the superior court this means that the DNA samples that have been kept or obtained illegally can be used to detect offenders.

Therefore it is entirely possible that the following occurs:

The S and Marper case directs the UK to not collect more DNA samples prior to charging, and that those DNA samples of of innocent people that are retained should be deleted. But, the police do not delete the samples and continue to use them as evidence.

Will the police delete your DNA? Probably not.

Internet Censorship

On 18th April 2008 the EU decided to start the censorship of the Internet; with similar laws to our liberal cousins in Saudi Arabia.

The EU stated in the press release of the time:

Today the Council reached a common approach on the amendment of the Framework Decision on combating terrorism proposed by the Commission on 6 November [2007]. The amendment up-dates the Framework Decision making public provocation to commit a terrorist offence, recruitment and training for terrorism punishable behavior, also when committed through the Internet

While this all sounds very laudable, stopping terrorism and the exchange of biological weapons on the Internet, there are a few concerns about this:

Firstly, who decides what “training for terrorism” is? Would a stag weekend in eastern Europe, involving firing machine guns count? What about kids fastening fireworks together? Or what about students reading the Jolly Rodger Cook Book?

Secondly, what if this definition shifts slightly? The UK have “shifted” laws over time, initially only the fingerprints of the guilty could be taken, then it was anyone arrested, now the government is issuing guidelines that allows children as young as 4 to have their fingerprints taken at school (2 million taken so far).  What if, once the powers have been created, the governments decide to tweak the laws slightly and change the phrasing to “terrorist related training”? That would hardly make the news but it could mean that paint-balling could count as training, or what about web sites that have information about how easy it is to avoid CCTV , ANPR, or  fingerprint scanners? Would they be shut down?

Thirdly, the UK has lived with the IRA for 300 years, the Spanish have ETA, the French have the Algerians, and Germany had “Munich”, yet despite all of this nobody suggested censorship on this scale – its worth pointing out that the IRA killed more than the 9/11 attacks.  So why the the sudden fear of the bogey man? What’s the driving force?

Finally, who are the biggest arms dealers in the world, who are the ones who buy and sell weapons to dubious regimes around the world? The 5 biggest dealers are – USA, China, Russian, UK and France.

Companies like BAe, Lockheed Martin and others clearly sell weapons, often to places that conduct torture and, by many legal definitions, terrorism. But, despite this they will almost certainly be allowed to  have a web site.

So who is the censorship aimed at?

Follow

Get every new post delivered to your Inbox.

Join 29 other followers