Government proposals to introduce surveillance of all internet users are unacceptable. The proposed law will require Internet Service Providers (ISPs) to log details of every email, every instant message or chat message, and every time users log on or log off, and to store that information for up to 18 months. This information will then be available without any court order or warrant. These proposals, implementing European law, are being drafted without public consultation and would be implemented by a statutory instrument. There will be no scrutiny by the Oireachtas.

It is incredible that the Government proposes to introduce a law which would require every Internet user to be monitored without any warrant or prior judicial approval, without any public consultation and without any debate or vote in the Oireachtas. A law of this gravity should not be made by stealth.

The Department of Justice appears to be relying on the “urgency” of the matter to justify bypassing the Dail and Seanad. But the European law being implemented was passed in February 2006. The Department has had two years to introduce a Bill and it cannot rely on its own delay to justify sidelining democratic scrutiny.

In any case, it is inappropriate to implement this law whilst it is under court challenge. The Irish government itself has challenged the validity of the law before the European Court of Justice. Digital Rights Ireland has also brought a High Court action challenging the European law. These proposals will effectively pre-empt the judgment of the courts.

- Digital Rights Ireland condemns backdoor implementation of surveillance laws.

It’s an EU Data Retention Directive, but if memory serves me rightly, and do correct me if I’m wrong, it was the Irish government in the person of Michael McDowell who pushed this dangerous concept in Europe in the first place.

I’ve always been pro-European, and I’ve good reason to be still, but there are straws in the wind, and this is a significant one, which has convinced me to vote against the Lisbon Treaty by way of protest.

In the US, they are finally waking up to the dangers of mass surveillance, and let’s do so here before the next repressive step is in place. There is no reason for a state to monitor its citizens other than sinister reasons.

See Naomi Wolf on YouTube and a passionate Al Gore Speech to the American Constitution Society and The Liberty Coalition on Domestic Spying (January 2006, DAR Constitution Hall, Washington DC).

see also Digital Rights Ireland
Irish Council for Civil Liberties
McGarr Solicitors: Facebook’s European Privacy Problem

Er… It’s not quite that simple. Or maybe it is horrifyingly simple.

Mythbusters beat Fingerprint Security System

How closely should a State monitor its citizens? Should it track every letter you send and receive? Should it fit you with a transmitter, broadcasting your location throughout the day? Should the library inform it of the books and magazines you read, and shops pass along details of items you browse and buy? If you contact the Samaritans, an Aids hotline, an alcoholism treatment programme, should the Garda and State be informed?

Most people would answer ‘No’. Ongoing, unwarranted surveillance of our daily activities is contrary to the very notion of living in a free and open democracy. Yet Ireland has in place a data retention law that permits the electronic equivalent of such surveillance, with plans to introduce an expansion on what can be gathered, held and examined, even for the most trivial misdemeanour.

Perhaps the issue has gained credibility in Ireland as privacy watchdog Digital Rights Ireland has launched a legal challenge on constitutional and human rights grounds in an attempt to halt the gathering and long-term storage of such data.

Meanwhile, the London Guardian has picked up on a WIRED News story that biometric passports (which can include information such as fingerprints, facial scans and iris patterns) have been hacked by Lukas Grunwald, a consultant with a German security company. I don’t think he’s the first to do so, actually. I seem to recall the technique being demonstrated on Dutch TV (on the web) some months ago. However, Herr Grunwald is getting a high profile at the Defcon security conference in Las Vegas, where he demonstrated that data can be transferred onto blank chips, which could then be implanted in fake passports, a flaw which he said undermined the project.
What he actually said was

“The whole passport design is totally brain damaged,” Grunwald says. “From my point of view all of these RFID passports are a huge waste of money. They’re not increasing security at all.”

Guardian Report

Wired News: Hackers Clone E-Passports

Wired News:US Lawmaker Rips RFID Passport Plans

Digital Rights Ireland

Karlin Lillington’s Irish and international data privacy issues

“TOM McGURK hosted an interesting programme this morning on Irish national radio and one of his segments included discussion about the Irish government’s data retention scheme. Simply put, the government is trying to expand its reach into your mobile phone, email records and web browsing history. “

If you think that this subject is too complex to take in, Bernie Goldbach over at Irish Eyes has taken some notes on McGurk’s programme which crystalise the main arguments.
IrishEyes: Tom McGurk and Digital Privacy

But it’s not just Ireland, of course. This particular virus that infects politician’s brains has spread everywhere. This is just one example:

CNN quotes a raft of experts who fear that passport data from US travellers abroad could be skimmed over-the-air and read remotely without the holder’s knowledge. The State Department says it’s OK though because they have tested it by being first to have their passports RFID’d. That’s alright then.

Of course RFID is a useful technology (for tracking goods in warehouses). Of course voting machines work under certain condtions. It’s just that, as in life, context is everything.

New Scientist Technology Blog

It has emerged that several central banks across Europe knew that the Society for Worldwide Interbank Financial Telecommunications (Swift) has been providing infomation to the US Authorities. (Irish Times)

And then there is the US itself, as the New York Times revealed recently.

Digital Rights Ireland has set up links through which you can protest about this.

See also antoin@eire.com

Please remember lads that these biometric passport thingies are digital, and anything digital can be hacked (I’ve linked a definition for yez if you’re confused, just in case). If yez need any proof of this possibility just go talk your Dutch Government buddies about how their passport system was hacked and how face/fingerprint information was subsequently stolen. Oh yes – we have nothing but absolute confidence in your ability to implement things in this country, based on past performance

Howl @ the Moon