In the post-Snowden world we became well aware that data we store on servers belonging to private companies tends to have a second life. It is where secret services and law enforcement meet the Internet. How to prevent bulk transfers from private to public data bases? How to make sure that due process is in place? What do we know about disclosures of our data and how can we learn more? Katarzyna Szymielewicz explains, what we should know about state authorities access to citizens data and why. She also presents the results of Panoptykon Foundation’s research on public authorities’ access to the data of Internet services users.
You are here
On June 4, 2014, one day before the anniversary of the Snowden revelations, Poland celebrates 25 years since the fall of an authoritarian regime. On this occasion, President Obama is visiting Poland and meeting with many heads of states—including officials who were affected by the mass surveillance scandal carried out by the NSA. Since October 2013, the Panoptykon Foundation, a Polish NGO, has tried to understand the relationship between the Polish and United States’ secret service organizations. Panoptykon believes that the Polish government, by accepting mass and pre-emptive surveillance, is reverting back to the much contested practices of the former, authoritarian regime — practices that triggered the revolution 25 years ago. Thus, the NGO has organized a user-generated campaign for June 4, urging people to welcome President Obama to Poland by vocalizing their thoughts on mass surveillance.
Privacy is not about hiding things that we want to keep secret. It is about our right to choose, when, for what purpose and who can see certain data about us. It’s about control. Even data that might seem meaningless, like separate internet application logs or IP address that changes apparently with every new session, but put together they might reveal a lot about Internet user with surprising accuracy. We might lose track of what we have put online, but Internet doesn’t forget. It may even guess things that you never told anybody. Unfortunately usage of digital shadow, especially for profiling purposes, is not regulated by law. What can you do to reduce your digital shadow or stop others form using it against you?
We are fast approaching an anniversary of first disclosures made by Edward Snowden. Even though the fundaments of our trust in democratic institutions and human rights safeguards have been shaken, political reality as seen from the European perspective remains more or less intact. What may seem even more frustrating, our understanding of the real politics behind mass surveillance programmes as revealed by Snowden remains limited.
In our first attempt at a “transparency report”, we looked at what happens at the interface of Internet service providers and public authorities in Poland. Who sends requests for users' data? How many and for what purpose? What legal procedures are followed and what safeguards apply? Our pilot study includes analysis of legal provisions and collection of data from both major Internet Service Providers and public authorities. The report explains systemic problems that were identified in our research and that should be solved in order to ensure adequate standard of protection for individuals.
The report looks at what happens at the interface of Internet service providers and public authorities in Poland. Who sends requests for users data, how many and for what purpose, what legal procedures are followed and what safeguards apply. During our research we analysed legal provisions and collected data from both major Internet service providers and public authorities. On that basis we were able to identify several systemic problems that should be solved in order to ensure adequate standard of protection for individuals.
The story of post-Snowden debate is a story of crossing the redlines that never should be crossed in democratic society. After at least 10 years of allegations, we gained evidence showing that surveillance is not about fighting terrorism or even public security. It is about intelligence agencies best interests and easy access to citizens data. Katarzyna Szymielewicz talks about these sad truths nearly 12 months after first disclosures made by Edward Snowden.
The Polish digital rights group Panoptykon Foundation recently published harrowing findings regarding abuses of Poland’s mandatory data retention law. Using a Freedom of Information Act request, Panoptykon obtained documents that reveal that in 2011, Polish authorities requested users’ traffic data retained by telcos and ISPs over 1.85 million times — half a million times more than in 2010. These findings underscore fundamental flaws in the Polish mandatory data retention law that was fast-tracked in legislation without public debate in 2009.
Before Snowden’s revelations we had known about FISA – law that mandates big companies to cooperate with U.S. intelligence agencies and revealed data about us, but we have not been aware of the scale and the depth of that surveillance. On the basis of this new information about NSA’s mass surveillance programs, Panoptykon Foundation tried to better understand how law enforcement and intelligence agencies in Poland can access data of Internet users and thus bring more transparency in this area. Katarzyna Szymielewicz presents main conclusions from this research.
In 2013, we learned digital surveillance by the world’s governments has no limits. The NSA and other intelligence agencies are capturing our phone calls, tracking our location, peering into our contacts, and collecting our emails. They do this in secret, without adequate public oversight, and in violation of our human rights. We cannot tolerate this anymore. On Tuesday February 11, the world is fighting back.