US lawmakers introduce two bills to protect email privacy
Fri 13 Feb 2015, 02:00

A long-standing effort to extend privacy protections to email and other data in the cloud got new life Thursday when U.S. lawmakers introduced not one, but two bills to reform the country’s electronic privacy laws.

Both the Law Enforcement Access to Data Stored Abroad Act, called the LEADS Act, and the Electronic Communications Privacy Amendments Act would require law enforcement agencies to get court-ordered warrants to search data that’s been stored on Web-based or cloud-based services for more than 180 days.

Under the 29-year-old Electronic Communications Privacy Act [ECPA], law enforcement agencies do not need a court-ordered warrant to search unopened email stored with a vendor for longer than 180 days, although they do need court approval to access unopened email less than 180 days old.

 

UK court finds secret spying docs made surveillance illegal
Wed 11 Feb 2015, 20:20

Several human rights groups are celebrating a major victory against the Five Eyes, an intelligence alliance comprising Australia, Canada, New Zealand, the UK and the US, as the UK surveillance tribunal ruled on 6 February that the Government Communications Headquarters (GCHQ) acted unlawfully in accessing millions of private communications collected by the National Security Agency (NSA) up until December 2014.

The decision marks the first time that the Investigatory Powers Tribunal (IPT), the only UK court empowered to oversee GCHQ, the domestic security agency MI5 and the foreign intelligence service MI6, has ever ruled against the intelligence and security services in its fifteen-year history. The case was only possible thanks to the NSA whistleblower Edward Snowden whose leaked documents provided the facts needed to challenge the long-standing intelligence sharing relationship.

EFF supports early push in Congress to update online privacy law
Thu 26 Feb 2015, 23:40

Within the first month of Congress we've seen over four bills to update the archaic Electronic Communications Privacy Act, which is the law that's been used by the Department of Justice to obtain emails and the location of your mobile device without a probable cause warrant. This is in clear violation of legal cases interpreting the Fourth Amendment.

International campaign to find out whether GCHQ illegally spied on you
Wed 25 Feb 2015, 20:00

Since its launch on 16 February 2015, over 25 000 people have joined an international campaign to try to learn whether Britain’s intelligence agency, GCHQ, illegally spied on them.

This opportunity is possible thanks to court victory in the Investigatory Powers Tribunal (IPT), a secret court set up to hear complaints against the British Security Services. As previously reported in the EDRi-gram, Privacy International won the first-ever case against GCHQ in the Tribunal, which ruled that the agency acted unlawfully in accessing millions of private communications collected by the US National Security Agency (NSA), up until December 2014.

Because of this victory, now anyone in the world can try to ask if their records, as collected by the NSA, were part of those communications unlawfully shared with GCHQ. We feel the public has a right to know if they were spied on illegally, and Privacy International wants to help make that as easy as possible.

Article 29 working document on surveillance, electronic communications and national security
Wed 10 Dec 2014, 09:00

On December 5, the Article 29 Working Party published a Working Document on surveillance, electronic communications and national security. The Working Document is specifically intended to address data protection issues arising out of the Snowden revelations that began in 2013 and the bulk data collection activities of various intelligence and security agencies. The Working Document examines the boundaries between the concepts of privacy and national security, and emphasizes the importance of privacy as a fundamental right in the EU. The Working Document concludes that the activities of intelligence and security agencies should not always fall within the scope of the national security exemption under EU data protection law, and that where the meaning of the term “national security” is unclear, the exemption should be construed narrowly.

UK government issues first definition of computer hacking by spies
Fri 6 Feb 2015, 21:20

The British government has for the first time offered an official definition of computer hacking by the security services. The definition can be found in the Home Office “draft equipment interference code of practice” released on Friday.