in the light of the Snowden affair
fil. kand, jur. kand, LL.M. jur. dr.
senior lecturer public international law, Uppsala University
16 September 2013
I. Programs and applications covered in
media as a result of the Snowden affair
II. What is the purpose of intelligence?
III. How does modern surveillance work?
IV. Is it legal?
V. Why are we having this discussion now?
VI. What is privacy?
Programs and applications
covered by media 2013 (selection)
• PRISM - social media (downstream)
• Blarney, Fairview, Stormbrew, Oakstar - upstream collection
• PINWALE - metadata database
• Xkeyscore (NSA, BND) - search and analysis tool
• Marina - internet metadata database
• Mainway - telephone metadata database
• Bullrun - weaken encryption standards
• Tempora - upstream collection
• Edgehill - weaken encryption standards
NSA, GCHQ, CSE, DSD, GCSB (USA, UK, CAN, AUS, NZ)
• FiveEyes - cooperation agreement,
exchange of data
• “Big Brother français” (Le Monde 4 July 2013) - upstream collection, metadata
• “FRA-law” - upstream collection
• Titan - metadata database
• “The third pillar” - cooperation agreement,
exchange of data
Start of crisis
Stress on society
For each sector of society
there is a balance
Source: Civil Security, Saab AB
What is the purpose of surveillance?
We humans leave electronic footprints after us, in the form of
credit card payments, visits to websites, records of phone calls
and e-mail (communication data). Imagine that somebody could
collect everything and process it through a powerful computer.
With the right tools one could find patterns that in detail describe
what groups and networks you belong to. Such techniques are
referred to as traffic analysis and social network analysis
Traffic analysis and social
With traffic analysis
social networks may be identified
A communication pattern can depict relations between individuals,
Organisations, websites, etc with purpose of charting the social networks,
position of power, views and other personal data about an individual.
The actual message is less important than
the information about the sender, recipient,
the time of transaction, and means of
communication. Knowledge about the
communication pattern and thus
the social network of person is often enough
Colleagues in the HagueCentre liberals and
Colleagues in Stockholm
Friends in Lund
Social network analysis with
Application: ”Friend Wheel”
Organization: National Security Agency (NSA)
Cases (multiple): Smith v. Maryland (1979), Hepting v. AT&T (2012),
Jewel v. NSA (2013)
Organization: Government Communications Headquarters
Case: Liberty et al. v. The United Kingdom, Kennedy v.
Is it legal?
Organization: Direction Générale de la Sécurité Extérieure
Organization: Bundesnachrichtendienst (BND)
Legislation: G 10-law (Gesetz zur Beschränkung des
Brief-, Post- und Fernmeldegeheimnisses)
Case: Weber and Saravia v. Germany
Organization: Forsvarets Efterretningstjeneste (FE)
Legislation: 17 § forsvarsloven
Is it legal?
Until the end of the 1990s satellites were the main
medium for international communication. Now it is
fiber optics in cables controlled by private companies.
Shift in Threats Relevant for National Security
The perceived threat from the Soviet Union has been replaced with vague threats such
as terrorism, international criminality, migration, environmental threats and financial
New Legal Demands
The European Convention on Human Rights requires that interferences in the private
life and family has a legal basis (article 8)
Telecom operators were previously state-owned and controlled. Now they are private
companies whose priority is to safeguard the interests of their customers, not the
interests of the state
Why are we having discussion now?
Considering the changes in the 1990s:
The technological change and privatization creates a need to adopt
legislation or other binding measures that obligates the private operators to
surrender communication to the State. This makes the existence of
previously top secret surveillance public knowledge
The shift in perceived threats creates a need to expand the mandate or
codify an already expanded mandate of signal intelligence organizations
The public knowledge about this surveillance and new legal demands
creates a need for legislation protecting privacy
Solove, A Taxonomy of Privacy, 2006
What is privacy?
Bamford, James, The Shadow Factory: The Ultra-Secret NSA from 9/11 to the
Eavesdropping on America, Doubleday, New York, 2008
Klamberg, Mark, FRA and the European Convention on Human Rights - A Paradigm
Shift in Swedish Electronic Surveillance Law in “Overvåking i en Rettstat,Nordisk
årbok i rettsinformatikk” (Nordic Yearbook of Law and Information Technology),pp.
96-134, Fagforlaget, Bergen 2010
Aldrich, Richard J., GCHQ: The Uncensored Story of Britain's Most Secret
Intelligence Agency, Harper Press, London, 2010
Fura, Elisabet and Klamberg, Mark, The Chilling Effect of Counter-Terrorism
Measures: A Comparative Analysis of Electronic Surveillance Laws in Europe and
the USA in Josep Casadevall, Egbert Myjer, Michael O’Boyle (editors), “Freedom of
Expression – Essays in honour of Nicolas Bratza – President of the European Court
of Human Rights”, Wolf Legal Publishers, Oisterwijk, 2012, pp. 463-481