Accountability for electronic surveillance by government agencies

From slight paranoia. Only happens in the US, of course – I mean the public reporting of real-time wiretaps by law enforcement agencies.

If you were to believe the public surveillance statistics, you might come away with the idea that government surveillance is exceedingly rare in the United States.

Every year, the US Courts produce the wiretap report which details every ‘intercept’ order requested by Federal, state and local law enforcement agencies during that year. Before the police, FBI, DEA or other law enforcement agents can tap a phone, intercept an Internet connection, or place a covert bug into a suspect’s home, they must obtain one of these orders, which law professor and blogger Orin Kerr describes as a “super warrant,” due to the number of steps the government must go through in order to obtain one.
However, while there are many ways the government can monitor an individual, very few of these methods require an intercept order.

In general, intercept orders are required to monitor the contents of real time communications. Non-content information, such as the To/From and Subject lines for email messages, URLs of pages viewed (which includes search terms), and telephone numbers dialed can all be obtained with a pen register/trap & trace order.

While wiretaps require a “superwarrant” which must be evaluated and approved by a judge following strict rules, government attorneys can obtain pen register orders by merely certifying that the information likely to be obtained is relevant to an ongoing criminal investigation — a far lower evidentiary threshold.
The reporting requirements for intercepts and pen registers only apply to the surveillance of live communications. However, communications or customer records that are in storage by third parties, such as email messages, photos or other files maintained in the cloud by services like Google, Microsoft, Yahoo Facebook and MySpace are routinely disclosed to law enforcement, and there is no legal requirement that statistics on these kinds of requests be compiled or published.

Der Spiegel on privacy

Tagging two articles from Der Spiegel until I can get round to commenting on them. First on how the growing use of technology has given companies and governments the ability to spy on and even remotely erase private documents stored on individuals’ electronic devices. Second on the US government’s demands to be given the right to spy on Europeans’ financial transactions.,1518,637640,00.html,1518,638509,00.html

Data Protection in Singapore

In a reply to a question in parliament last month, Minister for Information, Communication and the Arts Lee Boon Yang said that the government was studying the introduction of data protection legislation, but this was a “complex issue” and the “review will take some time.” (Follow links for Straits Times report and extract from Hansard.)

As it turns out, the government really has been reviewing Privacy (sometimes known as Data Protection) legislation in Singapore for a v..e..r..y long time – 20 years in fact. Way back in 1989/90, the Singapore Academy of Law sub-committee on Technology and Law recommended that Singapore adopt Data Protection legislation modelled after that in Europe, Japan and other developed countries. Newspaper reports here. A summary of the sub-committee’s report is here while the full Working Paper is here (long). 

Obviously, no Privacy Laws were adopted, though the issue has bubbled back up to the surface several times. For example in 2002, then again in 2006, when Lee Boon Yang said that an inter-Ministerial committee had been formed and would make its recommendations in the middle of that year.