SlideShare une entreprise Scribd logo
1  sur  31
Télécharger pour lire hors ligne
Electronic Surveillance of Communications - Master Programme in Law and Information Technology - Course C 2010. Development and Management of Information  Systems in a Legal Perspective - Course C, block 5. Identification and Control technologies Mark Klamberg, doctoral candidate
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
New types of legislation concerning  electronic surveillance of communications ,[object Object],[object Object]
Changes in Our Society Technological change Until the end of the 1990s satellites were the main  medium for international communication. Now it is  fiber optics in cables controlled by private companies. Shift in Threats Relevant for National Security The perceived threat from the Soviet Union has been replaced with vague threats such as terrorism, international criminality, migration, environmental threats and financial imbalances New Legal Demands The European Convention on Human Rights requires that interferences in the private life and family has a legal basis (article 8) Privatization Telecom operators were previously state-owned and controlled. Now they are private companies whose priority is to safeguard the interests of their customers, not the interests of the state
Signal Intelligence - why legislation? Considering the changes in the 1990s: The technological change and privatization creates a need to adopt legislation or other binding measures that obligates the private operators to surrender communication to the State. This makes the existence of previously top secret surveillance public knowledge The shift in perceived threats creates a need to expand the mandate or codify an already expanded mandate of signal intelligence organizations  The public knowledge about this surveillance and new legal demands creates a need for legislation protecting privacy
Data retention  - why legislation? Communication providers have stored traffic data (who is phoning who and when) about the phone calls of their customers for billing purposes. Law enforcement agencies have used such data in order to detect, prevent and investigate crime Nowadays, consumers are turning to flat-rate subscriptions and  voice over IP-services (for example Skype). Thus, there is no need to retain traffic data for billing purposes. Law enforcement agencies still want/need traffic data.
We humans leave electronic footprints after us, in the form of  credit card payments, visits to websites, records of phone calls  and e-mail (communication data). Imagine that somebody could  collect everything and process it through a powerful computer.  With the right tools one could find patterns that in detail describe  what groups and networks you belong to. Such techniques are  referred to as traffic analysis and social network analysis Traffic analysis and social  network analysis
With traffic analysis  social networks may be identified  A communication pattern can depict relations between individuals,  Organisations, websites, etc with purpose of charting the social networks,  position of power, views and other personal data about an individual. The actual message is less important than  the information about the sender, recipient,  the time of transaction, and means of  communication. Knowledge about the  communication pattern and thus  the social network of person is often enough Individual
U.S. National Research Council, report October 2008 “ Protecting Individual Privacy in the Struggle Against Terrorists: A Framework for Program Assessment”
Two general types of data mining techniques 1. Subject-based data mining  2. Pattern-based data mining U.S. National Research Council “Protecting Individual Privacy in the Struggle Against Terrorists: A Framework for Program Assessment”
Subject-based data mining   Subject-based data mining uses an initiating individual or other datum that is considered, based on other information, to be of high interest, and the goal is to determine what other persons or financial transactions or movements, etc., are related to that initiating datum. U.S. National Research Council
Pattern-based data mining   Pattern-based data mining looks for patterns (including anomalous data patterns) that might be associated with terrorist activity—these patterns might be regarded as small signals in a large ocean of noise. U.S. National Research Council
When to use the two different techniques   In the case of the decentralized group,  subject-based data mining  is likely to augment and enhance traditional police investigations by making it possible to access larger volumes of data more quickly. Furthermore, communications networks can more easily be identified and mapped if one or a few individuals in the network are known with high confidence.  By contrast,  pattern-based data mining  may be more useful in finding the larger information footprint that characterizes centrally organized terrorist groups. U.S. National Research Council
Utility of pattern-based data mining  The utility of pattern-based data mining is found primarily if not exclusively in its role in helping humans make better decisions about how to deploy scarce investigative resources, and action (such as arrest, search, denial of rights) should never be taken solely on the basis of a data mining result. Automated terrorist identification through data mining (or any other known methodology) is neither feasible as an objective nor desirable as a goal of technology development efforts. U.S. National Research Council
Panspectron (Delanda) “ There are many differences between the Panopticon and the Panspectron being assembled at the NSA. Instead of positioning some human bodies around a central sensor, a multiplicity of sensors is deployed around all bodies: its antenna farms, spy satellites and cable-traffic intercepts feed into its computers all the information that can be gathered. This is then processed through a series of “filters” or key-word watch lists. The Panspectron does not merely select certain bodies and certain (visual) data about them. Rather, it compiles information about all at the same time, using computers to select the segments of data relevant to its surveillance tasks.” Panopticon (Bentham)
Discussion Based on the material distributed, discuss for 15 minutes: 1. When does the interference with privacy occur in relation to systems of mass surveillance of electronic communication?  2. How does the American system differ from the legal regime under ECHR in its approach to the content/non-content distinction?  3. In the country you come from, do you have any regulations concern signal intelligence/strategic monitoring/surveillance for intelligence purposes? If not, does your country still have a state agency similar to the NSA, GCHQ, BND and FRA?  4. Is it appropriate to involve courts in issues concerning the implementation of policies on national security?
Defining content and  traffic data As opposed to the content of a message, traffic data is the information used by the communication network to deliver the message to or from the user.  In a telephone network, traffic data will reveal the number dialed (“to”), the originating number (“from”), the time of the call, and its duration.  In the internet context, traffic data will similarly reveal the “to” and “from” e-mail address, the instant message to and from account names, and the other administrative information the computers generate in the course of delivery Compare with Orin Kerr: content and envelope information
Four fields of legislation International communication Domestic communication Preliminary Investigation Intelligence N/A 1. Chapter 27 of the Code  of Judicial Procedure 2. Chapter 6 section 22(3) of  the Electronic Communications  Act (2003:389) 3. Act on measures concerning  certain serious crimes (2008:854) 1. Act on measures to prevent  certain serious crimes (2007:979) 2. Chapter 6 section 22(3) of the  Electronic Communications Act  (2003:389) Signal Intelligence  Act (2008:717)
EU Data Retention Directive 1. Data is retained for periods of not less than six months and not more than two years from the date of the communication 2. The data retained purports to the questions who was communicating with who, when the communication occurred, where was the communicating parties and what type of communication used.  3. No content data may be retained for the purpose of the directive. 4. The access for national authorities to the data is to be regulated through domestic law
Summary of the legislation adopted 18 June 2008: IT- and telecom operators are obligated to transfer all communication in cables crossing Swedish borders to nodes controlled by the State The Defence Radio Establishment will intercept communication and collect data at the nodes (signal intelligence)
Similar organizations, laws  and programs  USA Organization:   National Security Agency (NSA) Legislation:   FISA    United Kingdom  Organization:   Government Communications Headquarters  (GCHQ) Legislation:   RIPA Case:   Liberty et al. v. The United Kingdom
Similar organizations,  laws and programs   France Organization:   Direction Générale de la Sécurité Extérieure  (DGSE) Germany Organization:   Bundesnachrichtendienst (BND) Legislation:   G 10-law (Gesetz zur Beschränkung des  Brief-, Post- und Fernmeldegeheimnisses)   Case:   Weber and Saravia v. Germany Denmark Organization:  Forsvarets Efterretningstjeneste (FE) Legislation:  17 § forsvarsloven
Key Features of the Swedish law  and the operations of the  Defence Radio Establishment ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
1.   Mandate of the Defence Radio Establishment ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
2. Clients (known) 12 August 2009 1. The Government 2. The Government office 3. The Defence Forces 4. The Police, including the Security Service (SÄPO) 5. National Inspectorate of Strategic Products 6. Swedish Customs Service 7. Defence Materiel Administration Agency 8. Defence Research Agency 9. Civil Contingencies Agency International Partners exist but unknown which those are. Could include NSA, GCHQ, BND, DGSE and FE Excluded in  Autumn 2009
3. Review Mechanisms ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
4. Method – what is  signal intelligence? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
5. Scope of Surveillance ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Questions?
Thanks! Blog:  www.klamberg.se E-mail:  [email_address] Phone:  +46 8 16 11 90

Contenu connexe

Tendances

Privacy Report: Romania – from the DP Act to the Constitutional Court decisio...
Privacy Report: Romania – from the DP Act to the Constitutional Court decisio...Privacy Report: Romania – from the DP Act to the Constitutional Court decisio...
Privacy Report: Romania – from the DP Act to the Constitutional Court decisio...bmanolea
 
cyber law and forensics,biometrics systems
cyber law and forensics,biometrics systemscyber law and forensics,biometrics systems
cyber law and forensics,biometrics systemsMayank Diwakar
 
Dr. Da-Yu Kao - The Investigation, Forensics, and Governance of ATM Heist Thr...
Dr. Da-Yu Kao - The Investigation, Forensics, and Governance of ATM Heist Thr...Dr. Da-Yu Kao - The Investigation, Forensics, and Governance of ATM Heist Thr...
Dr. Da-Yu Kao - The Investigation, Forensics, and Governance of ATM Heist Thr...REVULN
 
Botnet detection using ensemble classifiers of network flow
Botnet detection using ensemble classifiers of network flow  Botnet detection using ensemble classifiers of network flow
Botnet detection using ensemble classifiers of network flow IJECEIAES
 
Computer Forensics: The Emerging Significance to Law Enforcement
Computer Forensics: The Emerging Significance to Law Enforcement Computer Forensics: The Emerging Significance to Law Enforcement
Computer Forensics: The Emerging Significance to Law Enforcement Lillian Ekwosi-Egbulem
 
Transatlantic data flows following the Schrems II judgment
Transatlantic data flows following the Schrems II judgmentTransatlantic data flows following the Schrems II judgment
Transatlantic data flows following the Schrems II judgmentblogzilla
 
Communications data retention in an evolving Internet
Communications data retention in an evolving InternetCommunications data retention in an evolving Internet
Communications data retention in an evolving Internetblogzilla
 
Police surveillance of social media - do you have a reasonable expectation of...
Police surveillance of social media - do you have a reasonable expectation of...Police surveillance of social media - do you have a reasonable expectation of...
Police surveillance of social media - do you have a reasonable expectation of...Lilian Edwards
 
Intro to Freedom of Information (FOI)
Intro to Freedom of Information (FOI)Intro to Freedom of Information (FOI)
Intro to Freedom of Information (FOI)alaninbelfast
 
The effectiveness of policing cybercrime
The effectiveness of policing cybercrimeThe effectiveness of policing cybercrime
The effectiveness of policing cybercrimeRoel Palmaers
 
A study of index poisoning in peer topeer
A study of index poisoning in peer topeerA study of index poisoning in peer topeer
A study of index poisoning in peer topeerIJCI JOURNAL
 
Key principles for data protection & lawful protection in GDPR
Key principles for data protection & lawful protection in GDPRKey principles for data protection & lawful protection in GDPR
Key principles for data protection & lawful protection in GDPRDr. Marinos Papadopoulos
 
Zimbabwe's cybercrime & cybersecurity bill 2017
Zimbabwe's cybercrime & cybersecurity bill 2017Zimbabwe's cybercrime & cybersecurity bill 2017
Zimbabwe's cybercrime & cybersecurity bill 2017Povo News
 
Access to justice through virtual doors - Daniela Piana
Access to justice through virtual doors - Daniela PianaAccess to justice through virtual doors - Daniela Piana
Access to justice through virtual doors - Daniela PianaOECD Governance
 
Privacidad: La Tensión entre las Capacidades Tecnológicas y las Expectativas ...
Privacidad: La Tensión entre las Capacidades Tecnológicas y las Expectativas ...Privacidad: La Tensión entre las Capacidades Tecnológicas y las Expectativas ...
Privacidad: La Tensión entre las Capacidades Tecnológicas y las Expectativas ...Facultad de Informática UCM
 
National Information Exchange Model
National Information Exchange ModelNational Information Exchange Model
National Information Exchange ModelDavid Fletcher
 
Constructing inter domain packet filters to control ip (synopsis)
Constructing inter domain packet filters to control ip (synopsis)Constructing inter domain packet filters to control ip (synopsis)
Constructing inter domain packet filters to control ip (synopsis)Mumbai Academisc
 
e-SIDES presentation at NordSteva Conference, 11/12/2018
e-SIDES presentation at NordSteva Conference, 11/12/2018e-SIDES presentation at NordSteva Conference, 11/12/2018
e-SIDES presentation at NordSteva Conference, 11/12/2018e-SIDES.eu
 

Tendances (20)

Privacy Report: Romania – from the DP Act to the Constitutional Court decisio...
Privacy Report: Romania – from the DP Act to the Constitutional Court decisio...Privacy Report: Romania – from the DP Act to the Constitutional Court decisio...
Privacy Report: Romania – from the DP Act to the Constitutional Court decisio...
 
cyber law and forensics,biometrics systems
cyber law and forensics,biometrics systemscyber law and forensics,biometrics systems
cyber law and forensics,biometrics systems
 
Dr. Da-Yu Kao - The Investigation, Forensics, and Governance of ATM Heist Thr...
Dr. Da-Yu Kao - The Investigation, Forensics, and Governance of ATM Heist Thr...Dr. Da-Yu Kao - The Investigation, Forensics, and Governance of ATM Heist Thr...
Dr. Da-Yu Kao - The Investigation, Forensics, and Governance of ATM Heist Thr...
 
Botnet detection using ensemble classifiers of network flow
Botnet detection using ensemble classifiers of network flow  Botnet detection using ensemble classifiers of network flow
Botnet detection using ensemble classifiers of network flow
 
Computer Forensics: The Emerging Significance to Law Enforcement
Computer Forensics: The Emerging Significance to Law Enforcement Computer Forensics: The Emerging Significance to Law Enforcement
Computer Forensics: The Emerging Significance to Law Enforcement
 
Transatlantic data flows following the Schrems II judgment
Transatlantic data flows following the Schrems II judgmentTransatlantic data flows following the Schrems II judgment
Transatlantic data flows following the Schrems II judgment
 
Communications data retention in an evolving Internet
Communications data retention in an evolving InternetCommunications data retention in an evolving Internet
Communications data retention in an evolving Internet
 
Police surveillance of social media - do you have a reasonable expectation of...
Police surveillance of social media - do you have a reasonable expectation of...Police surveillance of social media - do you have a reasonable expectation of...
Police surveillance of social media - do you have a reasonable expectation of...
 
Intro to Freedom of Information (FOI)
Intro to Freedom of Information (FOI)Intro to Freedom of Information (FOI)
Intro to Freedom of Information (FOI)
 
The effectiveness of policing cybercrime
The effectiveness of policing cybercrimeThe effectiveness of policing cybercrime
The effectiveness of policing cybercrime
 
A study of index poisoning in peer topeer
A study of index poisoning in peer topeerA study of index poisoning in peer topeer
A study of index poisoning in peer topeer
 
Key principles for data protection & lawful protection in GDPR
Key principles for data protection & lawful protection in GDPRKey principles for data protection & lawful protection in GDPR
Key principles for data protection & lawful protection in GDPR
 
Zimbabwe's cybercrime & cybersecurity bill 2017
Zimbabwe's cybercrime & cybersecurity bill 2017Zimbabwe's cybercrime & cybersecurity bill 2017
Zimbabwe's cybercrime & cybersecurity bill 2017
 
Access to justice through virtual doors - Daniela Piana
Access to justice through virtual doors - Daniela PianaAccess to justice through virtual doors - Daniela Piana
Access to justice through virtual doors - Daniela Piana
 
Privacidad: La Tensión entre las Capacidades Tecnológicas y las Expectativas ...
Privacidad: La Tensión entre las Capacidades Tecnológicas y las Expectativas ...Privacidad: La Tensión entre las Capacidades Tecnológicas y las Expectativas ...
Privacidad: La Tensión entre las Capacidades Tecnológicas y las Expectativas ...
 
National Information Exchange Model
National Information Exchange ModelNational Information Exchange Model
National Information Exchange Model
 
Constructing inter domain packet filters to control ip (synopsis)
Constructing inter domain packet filters to control ip (synopsis)Constructing inter domain packet filters to control ip (synopsis)
Constructing inter domain packet filters to control ip (synopsis)
 
e-SIDES presentation at NordSteva Conference, 11/12/2018
e-SIDES presentation at NordSteva Conference, 11/12/2018e-SIDES presentation at NordSteva Conference, 11/12/2018
e-SIDES presentation at NordSteva Conference, 11/12/2018
 
Polinter09
Polinter09Polinter09
Polinter09
 
Strengthening news media in the digital era: the EU approach
Strengthening news media in the digital era: the EU approachStrengthening news media in the digital era: the EU approach
Strengthening news media in the digital era: the EU approach
 

En vedette

Social media and lawyers
Social media and lawyersSocial media and lawyers
Social media and lawyersKlamberg
 
Field Lesson 6th Grade
Field Lesson 6th GradeField Lesson 6th Grade
Field Lesson 6th Gradempena2015
 
milieuproblematiek
milieuproblematiekmilieuproblematiek
milieuproblematiekkrikke90
 
PETE&C 2011 morriston reading technology
PETE&C 2011 morriston reading technologyPETE&C 2011 morriston reading technology
PETE&C 2011 morriston reading technologymorristont
 
Surveillance of communication by the National Defence Radio Establishment (FRA)
Surveillance of communication by the National Defence Radio Establishment (FRA)Surveillance of communication by the National Defence Radio Establishment (FRA)
Surveillance of communication by the National Defence Radio Establishment (FRA)Klamberg
 
Field Lesson 6th Grade
Field Lesson 6th GradeField Lesson 6th Grade
Field Lesson 6th Gradempena2015
 
Surveillance of communication by the National Defence Radio Establishment (FRA)
Surveillance of communication by the National Defence Radio Establishment (FRA)Surveillance of communication by the National Defence Radio Establishment (FRA)
Surveillance of communication by the National Defence Radio Establishment (FRA)Klamberg
 
Electronic Surveillance of Communications 100225
Electronic Surveillance of Communications 100225Electronic Surveillance of Communications 100225
Electronic Surveillance of Communications 100225Klamberg
 

En vedette (9)

Social media and lawyers
Social media and lawyersSocial media and lawyers
Social media and lawyers
 
Field Lesson 6th Grade
Field Lesson 6th GradeField Lesson 6th Grade
Field Lesson 6th Grade
 
Bit Rememberance
Bit RememberanceBit Rememberance
Bit Rememberance
 
milieuproblematiek
milieuproblematiekmilieuproblematiek
milieuproblematiek
 
PETE&C 2011 morriston reading technology
PETE&C 2011 morriston reading technologyPETE&C 2011 morriston reading technology
PETE&C 2011 morriston reading technology
 
Surveillance of communication by the National Defence Radio Establishment (FRA)
Surveillance of communication by the National Defence Radio Establishment (FRA)Surveillance of communication by the National Defence Radio Establishment (FRA)
Surveillance of communication by the National Defence Radio Establishment (FRA)
 
Field Lesson 6th Grade
Field Lesson 6th GradeField Lesson 6th Grade
Field Lesson 6th Grade
 
Surveillance of communication by the National Defence Radio Establishment (FRA)
Surveillance of communication by the National Defence Radio Establishment (FRA)Surveillance of communication by the National Defence Radio Establishment (FRA)
Surveillance of communication by the National Defence Radio Establishment (FRA)
 
Electronic Surveillance of Communications 100225
Electronic Surveillance of Communications 100225Electronic Surveillance of Communications 100225
Electronic Surveillance of Communications 100225
 

Similaire à Electronic Surveillance Of Communications 100225

Electronic surveillance and privacy 130916
Electronic surveillance and privacy 130916Electronic surveillance and privacy 130916
Electronic surveillance and privacy 130916Klamberg
 
Chapter2
Chapter2Chapter2
Chapter2Pibi Lu
 
Computer Forensics Tools And Resources For Hjc Corporation
Computer Forensics Tools And Resources For Hjc CorporationComputer Forensics Tools And Resources For Hjc Corporation
Computer Forensics Tools And Resources For Hjc CorporationLarissa Swenson
 
CitizenReporting_for_Crime_Analysis
CitizenReporting_for_Crime_AnalysisCitizenReporting_for_Crime_Analysis
CitizenReporting_for_Crime_AnalysisPatrick Floto
 
Data privacy and security
Data privacy and securityData privacy and security
Data privacy and securitytoomz32
 
Association Of Chief Police Officers (ACPO) Guidelines For...
Association Of Chief Police Officers (ACPO) Guidelines For...Association Of Chief Police Officers (ACPO) Guidelines For...
Association Of Chief Police Officers (ACPO) Guidelines For...Sandra Willey
 
Net Neutrality Capacity Building Seminar
Net Neutrality Capacity Building SeminarNet Neutrality Capacity Building Seminar
Net Neutrality Capacity Building SeminarExcel Asama
 
Technology In Computer Forensics
Technology In Computer ForensicsTechnology In Computer Forensics
Technology In Computer ForensicsKatie Fernandez
 
Getting the social side of pervasive computing right
Getting the social side of pervasive computing rightGetting the social side of pervasive computing right
Getting the social side of pervasive computing rightblogzilla
 
COMPUTER LAW, INVESTIGATION AND ETHICS DOMAIN
COMPUTER LAW, INVESTIGATION AND ETHICS DOMAINCOMPUTER LAW, INVESTIGATION AND ETHICS DOMAIN
COMPUTER LAW, INVESTIGATION AND ETHICS DOMAINamiable_indian
 
Computer and Cyber forensics, a case study of Ghana
Computer and Cyber forensics, a case study of GhanaComputer and Cyber forensics, a case study of Ghana
Computer and Cyber forensics, a case study of GhanaMohammed Mahfouz Alhassan
 
Privacy And The Right Of Privacy Essay
Privacy And The Right Of Privacy EssayPrivacy And The Right Of Privacy Essay
Privacy And The Right Of Privacy EssayJen Cloud
 
Health Information Security
Health Information SecurityHealth Information Security
Health Information SecurityMelanie Erickson
 
Investigating and Prosecuting Cyber Crime - Forensic Dependencies and Barrier...
Investigating and Prosecuting Cyber Crime - Forensic Dependencies and Barrier...Investigating and Prosecuting Cyber Crime - Forensic Dependencies and Barrier...
Investigating and Prosecuting Cyber Crime - Forensic Dependencies and Barrier...Cameron Brown
 
Net Neutrality Capacity Building Seminar
Net Neutrality Capacity Building SeminarNet Neutrality Capacity Building Seminar
Net Neutrality Capacity Building SeminarExcel Asama
 
Lofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionLofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionSean Whalen
 
Information Laws in Mekong Countries
Information Laws in Mekong CountriesInformation Laws in Mekong Countries
Information Laws in Mekong CountriesArthit Suriyawongkul
 

Similaire à Electronic Surveillance Of Communications 100225 (20)

Electronic surveillance and privacy 130916
Electronic surveillance and privacy 130916Electronic surveillance and privacy 130916
Electronic surveillance and privacy 130916
 
Chapter2
Chapter2Chapter2
Chapter2
 
Computer Forensics Tools And Resources For Hjc Corporation
Computer Forensics Tools And Resources For Hjc CorporationComputer Forensics Tools And Resources For Hjc Corporation
Computer Forensics Tools And Resources For Hjc Corporation
 
CitizenReporting_for_Crime_Analysis
CitizenReporting_for_Crime_AnalysisCitizenReporting_for_Crime_Analysis
CitizenReporting_for_Crime_Analysis
 
Data privacy and security
Data privacy and securityData privacy and security
Data privacy and security
 
Association Of Chief Police Officers (ACPO) Guidelines For...
Association Of Chief Police Officers (ACPO) Guidelines For...Association Of Chief Police Officers (ACPO) Guidelines For...
Association Of Chief Police Officers (ACPO) Guidelines For...
 
Net Neutrality Capacity Building Seminar
Net Neutrality Capacity Building SeminarNet Neutrality Capacity Building Seminar
Net Neutrality Capacity Building Seminar
 
Technology In Computer Forensics
Technology In Computer ForensicsTechnology In Computer Forensics
Technology In Computer Forensics
 
Getting the social side of pervasive computing right
Getting the social side of pervasive computing rightGetting the social side of pervasive computing right
Getting the social side of pervasive computing right
 
COMPUTER LAW, INVESTIGATION AND ETHICS DOMAIN
COMPUTER LAW, INVESTIGATION AND ETHICS DOMAINCOMPUTER LAW, INVESTIGATION AND ETHICS DOMAIN
COMPUTER LAW, INVESTIGATION AND ETHICS DOMAIN
 
Computer and Cyber forensics, a case study of Ghana
Computer and Cyber forensics, a case study of GhanaComputer and Cyber forensics, a case study of Ghana
Computer and Cyber forensics, a case study of Ghana
 
2627 8105-1-pb
2627 8105-1-pb2627 8105-1-pb
2627 8105-1-pb
 
Privacy And The Right Of Privacy Essay
Privacy And The Right Of Privacy EssayPrivacy And The Right Of Privacy Essay
Privacy And The Right Of Privacy Essay
 
Internet Safety
Internet SafetyInternet Safety
Internet Safety
 
Health Information Security
Health Information SecurityHealth Information Security
Health Information Security
 
Investigating and Prosecuting Cyber Crime - Forensic Dependencies and Barrier...
Investigating and Prosecuting Cyber Crime - Forensic Dependencies and Barrier...Investigating and Prosecuting Cyber Crime - Forensic Dependencies and Barrier...
Investigating and Prosecuting Cyber Crime - Forensic Dependencies and Barrier...
 
Net Neutrality Capacity Building Seminar
Net Neutrality Capacity Building SeminarNet Neutrality Capacity Building Seminar
Net Neutrality Capacity Building Seminar
 
privtechsomeassemb
privtechsomeassembprivtechsomeassemb
privtechsomeassemb
 
Lofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionLofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and Encryption
 
Information Laws in Mekong Countries
Information Laws in Mekong CountriesInformation Laws in Mekong Countries
Information Laws in Mekong Countries
 

Dernier

How to Use api.constrains ( ) in Odoo 17
How to Use api.constrains ( ) in Odoo 17How to Use api.constrains ( ) in Odoo 17
How to Use api.constrains ( ) in Odoo 17Celine George
 
3.21.24 The Origins of Black Power.pptx
3.21.24  The Origins of Black Power.pptx3.21.24  The Origins of Black Power.pptx
3.21.24 The Origins of Black Power.pptxmary850239
 
AUDIENCE THEORY -- FANDOM -- JENKINS.pptx
AUDIENCE THEORY -- FANDOM -- JENKINS.pptxAUDIENCE THEORY -- FANDOM -- JENKINS.pptx
AUDIENCE THEORY -- FANDOM -- JENKINS.pptxiammrhaywood
 
Patterns of Written Texts Across Disciplines.pptx
Patterns of Written Texts Across Disciplines.pptxPatterns of Written Texts Across Disciplines.pptx
Patterns of Written Texts Across Disciplines.pptxMYDA ANGELICA SUAN
 
Maximizing Impact_ Nonprofit Website Planning, Budgeting, and Design.pdf
Maximizing Impact_ Nonprofit Website Planning, Budgeting, and Design.pdfMaximizing Impact_ Nonprofit Website Planning, Budgeting, and Design.pdf
Maximizing Impact_ Nonprofit Website Planning, Budgeting, and Design.pdfTechSoup
 
How to Show Error_Warning Messages in Odoo 17
How to Show Error_Warning Messages in Odoo 17How to Show Error_Warning Messages in Odoo 17
How to Show Error_Warning Messages in Odoo 17Celine George
 
How to Add a New Field in Existing Kanban View in Odoo 17
How to Add a New Field in Existing Kanban View in Odoo 17How to Add a New Field in Existing Kanban View in Odoo 17
How to Add a New Field in Existing Kanban View in Odoo 17Celine George
 
Drug Information Services- DIC and Sources.
Drug Information Services- DIC and Sources.Drug Information Services- DIC and Sources.
Drug Information Services- DIC and Sources.raviapr7
 
The basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptxThe basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptxheathfieldcps1
 
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRADUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRATanmoy Mishra
 
How to Add Existing Field in One2Many Tree View in Odoo 17
How to Add Existing Field in One2Many Tree View in Odoo 17How to Add Existing Field in One2Many Tree View in Odoo 17
How to Add Existing Field in One2Many Tree View in Odoo 17Celine George
 
Ultra structure and life cycle of Plasmodium.pptx
Ultra structure and life cycle of Plasmodium.pptxUltra structure and life cycle of Plasmodium.pptx
Ultra structure and life cycle of Plasmodium.pptxDr. Asif Anas
 
CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 11 - GLOBAL SUCCESS - NĂM HỌC 2023-2024 - HK...
CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 11 - GLOBAL SUCCESS - NĂM HỌC 2023-2024 - HK...CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 11 - GLOBAL SUCCESS - NĂM HỌC 2023-2024 - HK...
CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 11 - GLOBAL SUCCESS - NĂM HỌC 2023-2024 - HK...Nguyen Thanh Tu Collection
 
Practical Research 1: Lesson 8 Writing the Thesis Statement.pptx
Practical Research 1: Lesson 8 Writing the Thesis Statement.pptxPractical Research 1: Lesson 8 Writing the Thesis Statement.pptx
Practical Research 1: Lesson 8 Writing the Thesis Statement.pptxKatherine Villaluna
 
M-2- General Reactions of amino acids.pptx
M-2- General Reactions of amino acids.pptxM-2- General Reactions of amino acids.pptx
M-2- General Reactions of amino acids.pptxDr. Santhosh Kumar. N
 
Education and training program in the hospital APR.pptx
Education and training program in the hospital APR.pptxEducation and training program in the hospital APR.pptx
Education and training program in the hospital APR.pptxraviapr7
 
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptxSandy Millin
 
Quality Assurance_GOOD LABORATORY PRACTICE
Quality Assurance_GOOD LABORATORY PRACTICEQuality Assurance_GOOD LABORATORY PRACTICE
Quality Assurance_GOOD LABORATORY PRACTICESayali Powar
 
Prescribed medication order and communication skills.pptx
Prescribed medication order and communication skills.pptxPrescribed medication order and communication skills.pptx
Prescribed medication order and communication skills.pptxraviapr7
 
In - Vivo and In - Vitro Correlation.pptx
In - Vivo and In - Vitro Correlation.pptxIn - Vivo and In - Vitro Correlation.pptx
In - Vivo and In - Vitro Correlation.pptxAditiChauhan701637
 

Dernier (20)

How to Use api.constrains ( ) in Odoo 17
How to Use api.constrains ( ) in Odoo 17How to Use api.constrains ( ) in Odoo 17
How to Use api.constrains ( ) in Odoo 17
 
3.21.24 The Origins of Black Power.pptx
3.21.24  The Origins of Black Power.pptx3.21.24  The Origins of Black Power.pptx
3.21.24 The Origins of Black Power.pptx
 
AUDIENCE THEORY -- FANDOM -- JENKINS.pptx
AUDIENCE THEORY -- FANDOM -- JENKINS.pptxAUDIENCE THEORY -- FANDOM -- JENKINS.pptx
AUDIENCE THEORY -- FANDOM -- JENKINS.pptx
 
Patterns of Written Texts Across Disciplines.pptx
Patterns of Written Texts Across Disciplines.pptxPatterns of Written Texts Across Disciplines.pptx
Patterns of Written Texts Across Disciplines.pptx
 
Maximizing Impact_ Nonprofit Website Planning, Budgeting, and Design.pdf
Maximizing Impact_ Nonprofit Website Planning, Budgeting, and Design.pdfMaximizing Impact_ Nonprofit Website Planning, Budgeting, and Design.pdf
Maximizing Impact_ Nonprofit Website Planning, Budgeting, and Design.pdf
 
How to Show Error_Warning Messages in Odoo 17
How to Show Error_Warning Messages in Odoo 17How to Show Error_Warning Messages in Odoo 17
How to Show Error_Warning Messages in Odoo 17
 
How to Add a New Field in Existing Kanban View in Odoo 17
How to Add a New Field in Existing Kanban View in Odoo 17How to Add a New Field in Existing Kanban View in Odoo 17
How to Add a New Field in Existing Kanban View in Odoo 17
 
Drug Information Services- DIC and Sources.
Drug Information Services- DIC and Sources.Drug Information Services- DIC and Sources.
Drug Information Services- DIC and Sources.
 
The basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptxThe basics of sentences session 10pptx.pptx
The basics of sentences session 10pptx.pptx
 
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRADUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
DUST OF SNOW_BY ROBERT FROST_EDITED BY_ TANMOY MISHRA
 
How to Add Existing Field in One2Many Tree View in Odoo 17
How to Add Existing Field in One2Many Tree View in Odoo 17How to Add Existing Field in One2Many Tree View in Odoo 17
How to Add Existing Field in One2Many Tree View in Odoo 17
 
Ultra structure and life cycle of Plasmodium.pptx
Ultra structure and life cycle of Plasmodium.pptxUltra structure and life cycle of Plasmodium.pptx
Ultra structure and life cycle of Plasmodium.pptx
 
CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 11 - GLOBAL SUCCESS - NĂM HỌC 2023-2024 - HK...
CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 11 - GLOBAL SUCCESS - NĂM HỌC 2023-2024 - HK...CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 11 - GLOBAL SUCCESS - NĂM HỌC 2023-2024 - HK...
CHUYÊN ĐỀ DẠY THÊM TIẾNG ANH LỚP 11 - GLOBAL SUCCESS - NĂM HỌC 2023-2024 - HK...
 
Practical Research 1: Lesson 8 Writing the Thesis Statement.pptx
Practical Research 1: Lesson 8 Writing the Thesis Statement.pptxPractical Research 1: Lesson 8 Writing the Thesis Statement.pptx
Practical Research 1: Lesson 8 Writing the Thesis Statement.pptx
 
M-2- General Reactions of amino acids.pptx
M-2- General Reactions of amino acids.pptxM-2- General Reactions of amino acids.pptx
M-2- General Reactions of amino acids.pptx
 
Education and training program in the hospital APR.pptx
Education and training program in the hospital APR.pptxEducation and training program in the hospital APR.pptx
Education and training program in the hospital APR.pptx
 
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx
2024.03.23 What do successful readers do - Sandy Millin for PARK.pptx
 
Quality Assurance_GOOD LABORATORY PRACTICE
Quality Assurance_GOOD LABORATORY PRACTICEQuality Assurance_GOOD LABORATORY PRACTICE
Quality Assurance_GOOD LABORATORY PRACTICE
 
Prescribed medication order and communication skills.pptx
Prescribed medication order and communication skills.pptxPrescribed medication order and communication skills.pptx
Prescribed medication order and communication skills.pptx
 
In - Vivo and In - Vitro Correlation.pptx
In - Vivo and In - Vitro Correlation.pptxIn - Vivo and In - Vitro Correlation.pptx
In - Vivo and In - Vitro Correlation.pptx
 

Electronic Surveillance Of Communications 100225

  • 1. Electronic Surveillance of Communications - Master Programme in Law and Information Technology - Course C 2010. Development and Management of Information Systems in a Legal Perspective - Course C, block 5. Identification and Control technologies Mark Klamberg, doctoral candidate
  • 2.
  • 3.
  • 4. Changes in Our Society Technological change Until the end of the 1990s satellites were the main medium for international communication. Now it is fiber optics in cables controlled by private companies. Shift in Threats Relevant for National Security The perceived threat from the Soviet Union has been replaced with vague threats such as terrorism, international criminality, migration, environmental threats and financial imbalances New Legal Demands The European Convention on Human Rights requires that interferences in the private life and family has a legal basis (article 8) Privatization Telecom operators were previously state-owned and controlled. Now they are private companies whose priority is to safeguard the interests of their customers, not the interests of the state
  • 5. Signal Intelligence - why legislation? Considering the changes in the 1990s: The technological change and privatization creates a need to adopt legislation or other binding measures that obligates the private operators to surrender communication to the State. This makes the existence of previously top secret surveillance public knowledge The shift in perceived threats creates a need to expand the mandate or codify an already expanded mandate of signal intelligence organizations The public knowledge about this surveillance and new legal demands creates a need for legislation protecting privacy
  • 6. Data retention - why legislation? Communication providers have stored traffic data (who is phoning who and when) about the phone calls of their customers for billing purposes. Law enforcement agencies have used such data in order to detect, prevent and investigate crime Nowadays, consumers are turning to flat-rate subscriptions and voice over IP-services (for example Skype). Thus, there is no need to retain traffic data for billing purposes. Law enforcement agencies still want/need traffic data.
  • 7. We humans leave electronic footprints after us, in the form of credit card payments, visits to websites, records of phone calls and e-mail (communication data). Imagine that somebody could collect everything and process it through a powerful computer. With the right tools one could find patterns that in detail describe what groups and networks you belong to. Such techniques are referred to as traffic analysis and social network analysis Traffic analysis and social network analysis
  • 8. With traffic analysis social networks may be identified A communication pattern can depict relations between individuals, Organisations, websites, etc with purpose of charting the social networks, position of power, views and other personal data about an individual. The actual message is less important than the information about the sender, recipient, the time of transaction, and means of communication. Knowledge about the communication pattern and thus the social network of person is often enough Individual
  • 9. U.S. National Research Council, report October 2008 “ Protecting Individual Privacy in the Struggle Against Terrorists: A Framework for Program Assessment”
  • 10. Two general types of data mining techniques 1. Subject-based data mining 2. Pattern-based data mining U.S. National Research Council “Protecting Individual Privacy in the Struggle Against Terrorists: A Framework for Program Assessment”
  • 11. Subject-based data mining Subject-based data mining uses an initiating individual or other datum that is considered, based on other information, to be of high interest, and the goal is to determine what other persons or financial transactions or movements, etc., are related to that initiating datum. U.S. National Research Council
  • 12. Pattern-based data mining Pattern-based data mining looks for patterns (including anomalous data patterns) that might be associated with terrorist activity—these patterns might be regarded as small signals in a large ocean of noise. U.S. National Research Council
  • 13. When to use the two different techniques In the case of the decentralized group, subject-based data mining is likely to augment and enhance traditional police investigations by making it possible to access larger volumes of data more quickly. Furthermore, communications networks can more easily be identified and mapped if one or a few individuals in the network are known with high confidence. By contrast, pattern-based data mining may be more useful in finding the larger information footprint that characterizes centrally organized terrorist groups. U.S. National Research Council
  • 14. Utility of pattern-based data mining The utility of pattern-based data mining is found primarily if not exclusively in its role in helping humans make better decisions about how to deploy scarce investigative resources, and action (such as arrest, search, denial of rights) should never be taken solely on the basis of a data mining result. Automated terrorist identification through data mining (or any other known methodology) is neither feasible as an objective nor desirable as a goal of technology development efforts. U.S. National Research Council
  • 15. Panspectron (Delanda) “ There are many differences between the Panopticon and the Panspectron being assembled at the NSA. Instead of positioning some human bodies around a central sensor, a multiplicity of sensors is deployed around all bodies: its antenna farms, spy satellites and cable-traffic intercepts feed into its computers all the information that can be gathered. This is then processed through a series of “filters” or key-word watch lists. The Panspectron does not merely select certain bodies and certain (visual) data about them. Rather, it compiles information about all at the same time, using computers to select the segments of data relevant to its surveillance tasks.” Panopticon (Bentham)
  • 16. Discussion Based on the material distributed, discuss for 15 minutes: 1. When does the interference with privacy occur in relation to systems of mass surveillance of electronic communication? 2. How does the American system differ from the legal regime under ECHR in its approach to the content/non-content distinction? 3. In the country you come from, do you have any regulations concern signal intelligence/strategic monitoring/surveillance for intelligence purposes? If not, does your country still have a state agency similar to the NSA, GCHQ, BND and FRA? 4. Is it appropriate to involve courts in issues concerning the implementation of policies on national security?
  • 17. Defining content and traffic data As opposed to the content of a message, traffic data is the information used by the communication network to deliver the message to or from the user. In a telephone network, traffic data will reveal the number dialed (“to”), the originating number (“from”), the time of the call, and its duration. In the internet context, traffic data will similarly reveal the “to” and “from” e-mail address, the instant message to and from account names, and the other administrative information the computers generate in the course of delivery Compare with Orin Kerr: content and envelope information
  • 18. Four fields of legislation International communication Domestic communication Preliminary Investigation Intelligence N/A 1. Chapter 27 of the Code of Judicial Procedure 2. Chapter 6 section 22(3) of the Electronic Communications Act (2003:389) 3. Act on measures concerning certain serious crimes (2008:854) 1. Act on measures to prevent certain serious crimes (2007:979) 2. Chapter 6 section 22(3) of the Electronic Communications Act (2003:389) Signal Intelligence Act (2008:717)
  • 19. EU Data Retention Directive 1. Data is retained for periods of not less than six months and not more than two years from the date of the communication 2. The data retained purports to the questions who was communicating with who, when the communication occurred, where was the communicating parties and what type of communication used. 3. No content data may be retained for the purpose of the directive. 4. The access for national authorities to the data is to be regulated through domestic law
  • 20. Summary of the legislation adopted 18 June 2008: IT- and telecom operators are obligated to transfer all communication in cables crossing Swedish borders to nodes controlled by the State The Defence Radio Establishment will intercept communication and collect data at the nodes (signal intelligence)
  • 21. Similar organizations, laws and programs USA Organization: National Security Agency (NSA) Legislation: FISA United Kingdom Organization: Government Communications Headquarters (GCHQ) Legislation: RIPA Case: Liberty et al. v. The United Kingdom
  • 22. Similar organizations, laws and programs France Organization: Direction Générale de la Sécurité Extérieure (DGSE) Germany Organization: Bundesnachrichtendienst (BND) Legislation: G 10-law (Gesetz zur Beschränkung des Brief-, Post- und Fernmeldegeheimnisses) Case: Weber and Saravia v. Germany Denmark Organization: Forsvarets Efterretningstjeneste (FE) Legislation: 17 § forsvarsloven
  • 23.
  • 24.
  • 25. 2. Clients (known) 12 August 2009 1. The Government 2. The Government office 3. The Defence Forces 4. The Police, including the Security Service (SÄPO) 5. National Inspectorate of Strategic Products 6. Swedish Customs Service 7. Defence Materiel Administration Agency 8. Defence Research Agency 9. Civil Contingencies Agency International Partners exist but unknown which those are. Could include NSA, GCHQ, BND, DGSE and FE Excluded in Autumn 2009
  • 26.
  • 27.
  • 28.
  • 29.
  • 31. Thanks! Blog: www.klamberg.se E-mail: [email_address] Phone: +46 8 16 11 90

Notes de l'éditeur

  1. Common law model is said to be ‘ adversarial’ or ‘accusatorial’ and the Civil law model ‘inquisitorial’. No domestic system represents a pure model I will use the terms ‘adversarial’ and ‘inquisitorial’ to describe in a general sense differences attributed to the two traditions, but also, on occasion, resort to the common law and civil law labels.