“Big Brother in the U.K.”

The United Kingdom’s Gangmasters and Labour Abuse Authority is not part of an agency tasked with fighting terrorism. It’s a licensing body that “regulates businesses who provide workers to the fresh produce supply chain and horticulture industry, to make sure they meet the employment standards required by law,” according to its mission statement.

Nevertheless, under a new mass surveillance law, high-ranking officials in this agency will have as much access to the private internet information of British citizens as agencies that actually do fight terrorism. So will officials in the U.K.’s Department of Health, its Food Standards Agency, and its Gambling Commission, along with dozens of other government bodies.

Reason: Big Brother in the U.K. »

“What could happen if you refuse to unlock your phone at the US border?”

Ars spoke with several legal experts, and contacted CBP itself (which did not provide anything beyond previously-published policies). The short answer is: your device probably will be seized (or “detained” in CBP parlance), and you might be kept in physical detention—although no one seems to be sure exactly for how long.

Ars Technica: What could happen if you refuse to unlock your phone at the US border? »

The US digital border

Two weeks ago, Sidd Bikkannavar flew back into the United States after spending a few weeks abroad in South America. An employee of NASA’s Jet Propulsion Laboratory (JPL), Bikkannavar had been on a personal trip, pursuing his hobby of racing solar-powered cars. He had recently joined a Chilean team, and spent the last weeks of January at a race in Patagonia. (…)

Bikkannavar says he was detained by US Customs and Border Patrol and pressured to give the CBP agents his phone and access PIN. Since the phone was issued by NASA, it may have contained sensitive material that wasn’t supposed to be shared. Bikkannavar’s phone was returned to him after it was searched by CBP, but he doesn’t know exactly what information officials might have taken from the device.

The Verge: A US-born NASA scientist was detained at the border until he unlocked his phone »

Ars Technica: NASA scientist detained at US border until he unlocked his phone »

Your password or your freedom

Francis Rawls, a former Philadelphia police sergeant, has been in the Philadelphia Federal Detention Center for more than 16 months. His crime: the fired police officer has been found in contempt of court for refusing a judge’s order to unlock two hard drives the authorities believe contain child pornography. Theoretically, Rawls can remain jailed indefinitely until he complies. (…)

He’s not charged with a crime. Judge demands he help prosecutors build their case.

Ars Technica: Man jailed 16 months, and counting, for refusing to decrypt hard drives »

Getting you and your digital gadgets safely across the US border

Wired: A Guide to Getting Past Customs With Your Digital Privacy Intact »

Boingboing: How to legally cross a US (or other) border without surrendering your data and passwords »

EFF: Border Security Overreach Continues – DHS Wants Social Media Login Information »

UK to roll out Big Brother data base

The broadly defined clause 30 of the Digital Economy Bill contains provisions for a “single gateway to enable public authorities, specified by regulation, to share personal information for tightly constrained reasons agreed by parliament, where its purpose is to improve the welfare of the individual in question. To use the gateway, the proposed sharing of information must be for the purpose of one of the specified objectives, which will be set out in regulations.”

Ars Technica: UK government’s huge citizen data grab is go—where are the legal safeguards? »

By the way, this discussion has been going on for decades…

https://youtu.be/ThzKQdlGbDw

Youtube »

EU Data Protection – what about it?

How will EU data protection be noticed for ordinary people? Euronews puts the question to Jan Philipp Albrecht, Green member of the European Parliament from Germany.

The improvement in substance is that there’s far more transparency under the new rules, which means that you will have more detailed information policies about what your data are processed for, which purposes if they are given to others, and there will be also in general more possibilities to get a view of which data are there about you. And you have new rights like data portability and the right to be forgotten. So it will be far easier for consumers to control their personal data.

Euronews interview »

Trump executive order might freeze all transfer of personal data from the EU to the US

This is interesting. US President Trumps executive order on »public safety« directs all federal agencies to exclude non-US citizens / non-permanent residents from the Privacy Act protection from mass surveillance.

It is very unclear what this will lead to when it comes to transfer of European personal data to the US. Under the so-called EU-US Privacy Shield, such data shall enjoy adequate privacy protection. There is already criticism that the arrangements in this agreement are too weak. And today’s executive order might invalidate them altogether.

If so, there can be no transfer of personal data from the EU to the US. This would have far-reaching consequences for US companies, from e.g. retail business to social networks.

The EU Commission seems to hope for special US legislation related to the Privacy Shield. But the question is if the above executive order doesn’t trump any such schemes.

/ HAX

Update / more input:
• Techcrunch: Trump order strips privacy rights from non-U.S. citizens, could nix EU-US data flows »
• Engadget: Trump signs executive order stripping non-citizens of privacy rights »
• EU Observer: Trump’s anti-privacy order stirs EU angst »
• Techdirt: Already Under Attack In Top EU Court, Privacy Shield Framework For Transatlantic Data Flows Further Undermined By Trump »

EDRi on EU ePrivacy regulation

The ePD has two functions. Firstly, it provides additional clarity and predictability to allow the principles in the general legislation to be implemented in the complex environment of communications. Secondly, it serves as the EU legislative instrument to give meaning to the fundamental right to freedom of communications. (…)

The process of consultation and polls have shown that citizens are concerned about their privacy and about how companies make use of their personal information online. Although the Commission has rightly identified and addressed most of the key issues and objectives in the proposal, strong forces seem to have watered down the text considerably, compared to the earlier version that was leaked in December 2016.

EDRi » e-Privacy Regulation: Good intentions but a lot of work to do »

Data in Ireland protected from US authorities?

An evenly split federal appeals court ruled Tuesday that it won’t revisit its July decision that allowed Microsoft to squash a US court warrant for e-mail stored on its servers in Dublin, Ireland. The 4-4 vote by the 2nd US Circuit Court of Appeals sets the stage for a potential Supreme Court showdown over the US government’s demands that it be able to reach into the world’s servers with the assistance of the tech sector. (…)

In its petition for a rehearing, the government said Microsoft didn’t have the legal right to defend the privacy of its e-mail customers, and that the July ruling isn’t good for national security.

Ars Technica: US has no right to seize data from world’s servers—court ruling stands »