Академический Документы
Профессиональный Документы
Культура Документы
Outline
After Snowden, we can see
the emergence of a new
European law of surveillance
in cases such as Digital Rights
Ireland, Schrems and Zakharov
Ireland has become a key
location for data storage
but Irish laws have not kept
pace with European
developments
This talk will discuss the state
of Irish law and implications
for privacy rights of users
worldwide
Significance
of Ireland?
EMEA headquarters/key
offices/data centres of
many internet firms
Google, Facebook,
Yahoo, LinkedIn,
Microsoft, Twitter, Apple
Increasingly so following
collapse of Safe Harbor
(and also Brexit?)
Quite by accident,
Ireland has become
a central if reluctant
participant in the
international
surveillance debate
Where are
surveillance
standards
adjudicated?
European Court of
Human Rights:
ECHR
National Courts:
Domestic constitutions, EU norms, ECHR
What do those
surveillance
standards require?
Foreseeability, controls on
downstream use, deletion
Weber and Saravia v. Germany (2006)
In its case-law on secret measures of surveillance, the Court
has developed the following minimum safeguards that should
be set out in statute law in order to avoid abuses of power:
the nature of the offences which may give rise to an interception
order;
a definition of the categories of people liable to have their
telephones tapped;
a limit on the duration of telephone tapping;
the procedure to be followed for examining, using and storing the
data obtained;
the precautions to be taken when communicating the data to
other parties;
and the circumstances in which recordings may or must be erased
or the tapes destroyed.
Possibility of notification
after surveillance
Klass v. Germany (1978)
Notification is strongly desirable: there is in principle little
scope for recourse to the courts unless the individual is
advised of the measures taken without his knowledge and thus
able retrospectively to challenge their legality.
Possibility of notification
after surveillance
Zakharov v. Russia (2015)
The fact that persons concerned by secret surveillance
measures are not subsequently notified once surveillance has
ceased cannot by itself warrant the conclusion that the
interference was not necessary in a democratic society, as it
is the very absence of knowledge of surveillance which ensures
the efficacy of the interference.
As soon as notification can be carried out without
jeopardising the purpose of the restriction after the
termination of the surveillance measure, information should,
however, be provided to the persons concerned.
Availability of an inquisitorial remedy may suffice as an
alternative (citing Kennedy v. UK)
Judicial
authorisation/oversight
Klass v. Germany (1978)
Judicial authorisation and supervision preferable
Other supervisory bodies permissible if independent of the
authorities carrying out the surveillance, objective and
vested with sufficient powers and competence to exercise an
effective and continuous control
Judicial
authorisation/oversight
Joined Cases C-293/12 and C-594/12 Digital Rights Ireland
and Seitlinger (2014)
Data Retention Directive invalid as, inter alia,
Above all, the access is not made dependent on a prior review carried
out by a court or by an independent administrative body whose decision
seeks to limit access to the data and their use to what is strictly necessary
for the purpose of attaining the objective pursued and which intervenes
following a reasoned request of those authorities
Protection of journalists
sources
Telegraaf Media v. Netherlands (2013)
Surveillance (seizure of records) to identify journalist sources
requires prior review by an independent body with the power
to prevent or terminate it
review post factum, whether by the Supervisory Board, the
Committee on the Intelligence and Security Services of the
Lower House of Parliament or the National Ombudsman,
cannot restore the confidentiality of journalistic sources once it
is destroyed.
The Court thus finds that the law did not provide safeguards
appropriate to the use of powers of surveillance against
journalists with a view to discovering their journalistic sources.
There has therefore been a violation of Articles 8 and 10 of the
Convention.
Restrictions on bulk
collection
Weber & Saravia v. Germany (2006)
Strategic monitoring acceptable subject to adequate
safeguards against abuse
Context: No separate
intelligence agency
National security is primarily a police responsibility
Blurred lines between criminal and national security
investigation
E.g. dissident republican fundraising
Interception of communications
Interception of Postal Packets and Telecommunications
Messages (Regulation) Act 1993
Limited to authorised undertakings essentially, traditional
telecoms providers
2.
Data Retention
Communications (Retention of Data) Act 2011
3.
4.
Surveillance
devices (covert
bugs, cameras)
Surveillance
devices (covert
bugs, cameras)
Yes.
(Except in cases of urgency.)
Notification after
surveillance?
Interception of
No.
communications
Data retention
No.
Surveillance
devices (covert
bugs, cameras)
No.
(S.10(3) permits regulations for notification but these were
never made.)
No.
Surveillance
devices (covert
bugs, cameras)
No.
No.
Surveillance
devices (covert
bugs, cameras)
Yes.
(Only prohibits surveillance primarily targeting privileged
communications s.5(4))
Protection for
parliamentarians?
Interception of
No.
communications
Data retention
No.
Surveillance
devices (covert
bugs, cameras)
No.
Controls on storage,
downstream use and sharing?
Interception of
Storage, sharing and use permitted to extent
communications necessary for the purpose of the prevention or
detection of serious offences or in the interests of
the security of the State (S.12)
Data retention
No.
Surveillance
devices (covert
bugs, cameras)
Judicial
oversight?
Two separate designated
judge roles
Intercept/data retention
Surveillance & tracking
devices
Other surveillance
oversight?
Data Protection Commissioner audit of An Garda Sochna
(March 2014)
Remedies?
Complaints Referee
Circuit Court judge
Investigates complaints in inquisitorial manner
Can direct payment of compensation
(Capped at 5,000 for surveillance and tracking devices)
Factors promoting
reform?
Background reading
T.J. McIntyre, Judicial Oversight of Surveillance: The Case
of Ireland in Comparative Perspective, in Judges as
Guardians of Constitutionalism and Human Rights, ed. Martin
Scheinin, Helle Krunke, and Marina Aksenova (Cheltenham:
Edward Elgar, 2016).
T.J. McIntyre, Implementing Information Privacy Rights in
Ireland, in Implementing Human Rights in Ireland, ed.
Suzanne Egan (Dublin: Bloomsbury Academic, 2015).
T.J. McIntyre and Alexandrine Pirlot de Corbion, The Right
to Privacy in Ireland: Stakeholder Report for the Universal
Periodic Review 25th Session (Privacy International and
Digital Rights Ireland, 2015)
Thank you
Questions or comments?
DigitalRights.ie | TJMcIntyre.com | @TJMcIntyre