Re: [ietf-privacy] Research Note on NSA/Snowden for EuroParl PRISM inquiry
Caspar Bowden <caspar@PrivacyStrategy.eu> Sun, 29 September 2013 17:12 UTC
Return-Path: <caspar@PrivacyStrategy.eu>
X-Original-To: ietf-privacy@ietfa.amsl.com
Delivered-To: ietf-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4806B11E8112 for <ietf-privacy@ietfa.amsl.com>; Sun, 29 Sep 2013 10:12:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.298
X-Spam-Level:
X-Spam-Status: No, score=-3.298 tagged_above=-999 required=5 tests=[AWL=-0.299, BAYES_00=-2.599, J_CHICKENPOX_21=0.6, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id m8s-kW1Q+ycR for <ietf-privacy@ietfa.amsl.com>; Sun, 29 Sep 2013 10:12:08 -0700 (PDT)
Received: from relay4-d.mail.gandi.net (relay4-d.mail.gandi.net [217.70.183.196]) by ietfa.amsl.com (Postfix) with ESMTP id A29C511E812B for <ietf-privacy@ietf.org>; Sun, 29 Sep 2013 10:12:04 -0700 (PDT)
Received: from mfilter24-d.gandi.net (mfilter24-d.gandi.net [217.70.178.152]) by relay4-d.mail.gandi.net (Postfix) with ESMTP id 8B7EB172098; Sun, 29 Sep 2013 19:11:50 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at mfilter24-d.gandi.net
Received: from relay4-d.mail.gandi.net ([217.70.183.196]) by mfilter24-d.gandi.net (mfilter24-d.gandi.net [10.0.15.180]) (amavisd-new, port 10024) with ESMTP id BMUm0yJjnP57; Sun, 29 Sep 2013 19:11:48 +0200 (CEST)
X-Originating-IP: 178.197.239.73
Received: from [10.137.2.12] (73-239.197-178.cust.bluewin.ch [178.197.239.73]) (Authenticated sender: caspar@PrivacyStrategy.eu) by relay4-d.mail.gandi.net (Postfix) with ESMTPSA id 59C58172092; Sun, 29 Sep 2013 19:11:45 +0200 (CEST)
Message-ID: <52485F4A.8070805@PrivacyStrategy.eu>
Date: Sun, 29 Sep 2013 18:11:38 +0100
From: Caspar Bowden <caspar@PrivacyStrategy.eu>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130805 Thunderbird/17.0.8
MIME-Version: 1.0
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
References: <52457A8E.9090105@casparbowden.net> <524830AA.8080409@PrivacyStrategy.eu> <52483A3D.5060104@cs.tcd.ie>
In-Reply-To: <52483A3D.5060104@cs.tcd.ie>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: ietf-privacy@ietf.org
Subject: Re: [ietf-privacy] Research Note on NSA/Snowden for EuroParl PRISM inquiry
X-BeenThere: ietf-privacy@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Internet Privacy Discussion List <ietf-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-privacy>
List-Post: <mailto:ietf-privacy@ietf.org>
List-Help: <mailto:ietf-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 29 Sep 2013 17:12:14 -0000
On 09/29/13 15:33, Stephen Farrell wrote:
> I've only skimmed the recommnedations/conclusions so far but have
> two comments. (I'll read the rest later, honest:-)
thanks for feedback
> - I don't see why a "euro cloud" (section 3.1) would be any less
> surveilled, e.g. by .eu governments on their own behalf of on behalf
> of their partners.
There's two reasons
1) most people in a democracy prefer to be spied on by their own govts.
not a foreign govt (rather not be spied on at all obviously)
2) the "political" purposes in the defn. of FII I point at would be
illegal in EU (they don't exist in corresponding EU laws, and the
Belgacom/GCHQ case will be a real test case on this point). The fact is
that it is not illegal (in US) for the US to do that to (say) Belgium,
but is it is illegal for one European state to do that to another
(political spying rather than "genuine" national security)
This is an incredibly important point which I still not think is widely
understood (especially by people in US)
> There could be jusrisdictional reasons for that
> maybe (not that I'd understand those) but I don't think such a
> recommendation really touches on pervasive monitoring at all unless
> you're under the misaprehension that .eu governments are all far too
> nice for that kind of thing or something. Can you explain that one?
It is "niceness" actually, to the extent European human rights law
prohibits this (really, it does)
If they do it, they are breaking the law (ECHR)
> - I think you could add a recommendation to work with the Internet
> community on better technical solutions that can perhaps dramatically
> increase the costs for pervasive monitoring.
I agree but it;s hard to put that in legislation ? ("work with the
Internet community"). Best I could get was the free-software recommendation
> That's not a purely
> cryptographic thing, and is something on which work is being done
> e.g. here in the IETF. Note, nobody's claiming that changes made in
> the IETF can fully "fix" this problem, but there are things we can
> do that can help if they get deployed.
>
> BTW, I think it'd be useful for us as well if the IETF had a way
> to learn more about the non-technical reactions to all this stuff,
> any ideas there welcome.
Happy to help with that any way I can
Caspar
- [ietf-privacy] Research Note on NSA/Snowden for E… Caspar Bowden
- Re: [ietf-privacy] Research Note on NSA/Snowden f… Stephen Farrell
- Re: [ietf-privacy] Research Note on NSA/Snowden f… Caspar Bowden
- Re: [ietf-privacy] Research Note on NSA/Snowden f… Paul Ferguson
- Re: [ietf-privacy] Research Note on NSA/Snowden f… Stephen Farrell
- Re: [ietf-privacy] Research Note on NSA/Snowden f… SM
- Re: [ietf-privacy] Research Note on NSA/Snowden f… Avri Doria
- Re: [ietf-privacy] Research Note on NSA/Snowden f… Caspar Bowden
- Re: [ietf-privacy] Research Note on NSA/Snowden f… Caspar Bowden
- Re: [ietf-privacy] Research Note on NSA/Snowden f… Caspar Bowden
- Re: [ietf-privacy] Research Note on NSA/Snowden f… Josh Howlett