Bulk Tracking or Mass Surveillance

Mass Surveillance
Part 1 - Risks, Opportunities and Mitigation Strategies

EUROPEAN PARLIAMENT
STUDY
Assessment of Scientific and Technological Options
ERPS | European Parliamentary Research Service (Research Unit of the European Parliament), Scientific Foresight (STOA) Unit (Scientific Prospective Unit)

(Republished with translations of selected sections by: EU Bookshop,Mass Surveillance", Publication Year: 2015, 978-92-823-5535, two: 0 / 10.2861, 269619-05-14-EL-Pdf file, 66 pages in English])

Bulk Tracking or Mass Surveillance
What are the risks to citizens and what are the opportunities for the European Information Society? What are the possible mitigation strategies?

Part 1 - Risks and opportunities presented by the current generation
of network services and applications

Study, IP / G / STOA / FWC-2013-1 / LOT 9 / C5 / SC1, January 2015, PE 527.409

About version:

The STOA project, "Mass Surveillance Part 1 - Risks, Opportunities and Mitigation Strategies" was held TECNALIA Research and Investigation in Spain.

AUTHORS:
Arkaitz Gamino Garcia
Concepción Cortes Velasco
Eider Iturbe Zamalloa
Erkuden Rios Velasco
Iñaki Eguía Elejabarrieta
Javier Herrera Lotero
Jason Mansell (Language Examination)
José Javier Larrañeta Ibañez
Stefan Schuster (Editing)

The authors acknowledge and would like to thank the following experts for their contributions to this report:
Prof. Nigel Smart, University of Bristol,
Matteo E. Bonfanti PhD, Research Fellow in International Law and Security, Scuola Superiore Sant'Anna Pisa,
Prof. Fred Piper, University of London,
Caspar Bowden, independent privacy researcher,
Maria Pilar Torres Bruna, Head of Cybersecurity, Everis Aerospace, Defense and Security,
Prof. Kenny Paterson, University of London,
Agustin Martin and Luis Hernández Encinas, Tenured Scientists, Department of Information Processing and Cryptography (Cryptology and Information Security Group), CSIC,
Alessandro Zanasi, Zanasi & Partners,
Fernando Acero, Expert on Open Source Software,
Luigi Coppolino, University of Naples,
Marcello Antonucci, EZNESS srl,
Rachel Oldroyd, Managing Editor of the Bureau of Investigative Journalism,
Peter Kruse, Founder of CSIS Security Group A / S,
Ryan Gallagher, Investigating Reporter of The Intercept,
Captain Alberto Redondo, Guardia Civil,
Prof. Bart Preneel, KU Leuven,
Raoul Chiesa, Security Brokers SCpA, CyberDefcon Ltd.,
Prof. Hugo Scolnik, Departamento de Computación, Universidad Buenos Aires.

Research Director of STOA
Peter Ide-Kostic
Scientific Foresight (STOA) Unit
Directorate for Impact Assessment and European Added Value
Directorate-General for Parliamentary Research Services
European Parliament, Rue Wiertz 60, B-1047 Brussels
Email: peter.ide-kostic@europarl.europa.eu

Language performance
Original: EN (in English)

About the Publisher
To contact STOA or to subscribe to his newsletter, please send a message to: STOA@ep.europa.eu
This document is available online at: http://www.ep.europa.eu/stoa/

The manuscript was completed in January of 2015
Brussels, European Union, 2015

Denial of responsibility
The contents of this document are the sole responsibility of the author and any opinions expressed on it do not necessarily represent the official position of the European Parliament. Addresses MEPs and EP staff on their parliamentary work. Reproduction and translation for non-commercial purposes is permitted provided the source is acknowledged and the European Parliament has been informed in advance and a copy sent to it.
PE 527.409, ISBN: 978-92-823-5535-0, DOI: 10.2861 / 269619, CAT: QA-05-14-155-EN-N

Short summary

This document identifies the risks of infringing the data of users of publicly available Internet services, such as e-mail, social networks and cloud computing, as well as their possible implications for themselves and for the European Information Society. It presents the latest developments in technology that allow analysis of user data and metadata on a massive scale for monitoring purposes. It identifies the technological and organizational measures and key stakeholders to reduce the identified risks. Finally, the study suggests possible policy options to support risk mitigation measures identified by the study.

This study covers the analysis of the existing generation of Internet services and applications at the time of the study (2014) and on what short and medium term technical measures and policy options are appropriate to address the practices of mass monitoring and to ensure the privacy and security of electronic communication channels.

Future long-term technological and policy options for the protection of privacy and security in the field of information and communication technologies are outlined in the second part of this study, published by the STOA.

This study is accompanied by an annex, which provides detailed answers to the thirty-five questions asked in the initial survey for this study. The annex is published as a separate document:

Science / Technology Options Assessment (STOA) / Scientific and Technological Options
Mass Surveillance
Part 2 - Technology foresight, options for longer term security and privacy improvements / Part 2 - Technological perspectives, possibilities for long-term improvements in security and privacy
[pdf file, 100 pages in English]

Table of Contents

SUMMARY
1. IMPORT

2 STRUCTURE OF THE DOCUMENT AND METHODOLOGICAL APPROACH

• 2,1 Formatting conventions
• 2.2 The Document Structure
• 2.3 The methodological approach applied

3 CURRENT PRACTICES FOR SUBSCRIPTION AND ANALYSIS OF USER TRANSFERRED DATA

• 3.1 The types of metadata and their preservation
• 3.2 Ο ρόλος των εμπορικών Cookies και των Trackers
• 3.3 Analysis of metadata for mass monitoring purposes
• 3.4 Complaint between mass monitoring organizations and other parties

4 RELIABILITY OF CROPING IN A "MID-SNOWDEN" WORLD

• 4.1 Current and upcoming cryptography problems
• 4.2 Malware on platforms and end-points
• 4.3 The arena of cryptography and electronic warfare
• 4.4 The telecommunications sector

5 POSSIBILITIES OF COMMERCIAL PRODUCTS IN THE PRACTICE OF MASS MONITORING

• 5.1 The commercially available bulk tracking products
• 5.2 The legal framework for mass monitoring tools and services
• 5.3 Efficiency of Supervision Products and Resources Required
• 5.4 Cryptography and encryption analysis

6 TECHNICAL ASSURANCE OF HACKING CAPABILITIES OF NATIONAL SECURITY AGENCIES

• 6.1 Η συνεργασία των ιδιωτικών επιχειρήσεων με τις εθνικές υπηρεσίες security
• 6.2 The hacking capabilities of national security agencies
• 6.3 The effectiveness of information service monitoring programs
• 6.4 Category reliability for mass follow-up
• 6.5 Effectiveness of solutions to combat mass surveillance
• 6.6 Threats and Opportunities from Using Other Operating Systems (OS) and Applications (APPS) in Public Administration

7 TECHNICAL AND POLITICAL OPTIONS PROPOSED FOR THE MEASUREMENT OF DETECTED RISKS

• 7.1 Best Practices to Avoid Cryptographic Problems
• 7.2 Technical solutions to mitigate risk from monitoring
• 7.3 Short- and medium-term policy options for monitoring bulk tracking

8 CONCLUSIONS

ABBREVIATIONS
ANNEX (see separate document: ANNEX / ANNEX, Science and Technology Options Assessment (STOA) / Scientific and Technological Options, Mass Surveillance / Part 2 - Technology foresight, options for longer term security and privacy improvements / Part 2 - Technological Perspectives , opportunities for long-term improvements in security and privacy)

SUMMARY [page 1]

The disclosure of controversial mass surveillance programs used by agencies espionageς και εθνικής ασφαλείας, έχει προκαλέσει μια διεθνή συζήτηση σχετικά με το δικαίωμα των πολιτών στο να προστατεύονται από την παράνομη ή την χωρίς ένταλμα συλλογή και ανάλυση των δεδομένων και των μετα-δεδομένων τους. Η παρούσα έκθεση/μελέτη στοχεύει στον εντοπισμό για το ποιοι είναι οι κίνδυνοι των παραβιάσεων δεδομένων για τους χρήστες στις διαθέσιμες στο κοινό υπηρεσίες στο διαδίκτυο, όπως είναι οι πλοηγοί περιήγησης στο διαδίκτυο (web browsers), το ηλεκτρονικό ταχυδρομείο, τα κοινωνικά δίκτυα, το cloud computing ή οι φωνητικές επικοινωνίες μέσω προσωπικών υπολογιστών ή κινητών συσκευών και για το ποιες είναι οι πιθανές επιπτώσεις για τους πολίτες και την ευρωπαϊκή κοινωνία της πληροφορίας.

In this context, a clear distinction must be made between data and metadata (metadata). There should also be a clear distinction between mass without a warrant and indiscriminate interception and targeted lawful internet surveillance and telephony data for law enforcement and criminal investigation purposes. Whilst targeted legal monitoring is an indispensable and legitimate means of intelligence and law enforcement, mass surveillance (Mass Surveillance) is seen as a threat to civil liberties, as well as to the right to freedom of opinion and expression. These citizens' freedoms are indispensable for human rights in democratic societies and are of particular importance for securing independent journalism and political opposition.

Metadata is data generated when electronic communication channels, such as the Internet or telephony, are used and provide information on the time, origin of destination, location, duration and frequency of communications. Metadata, however, does not contain the content of the communications itself. There are two types of metadata, metadata that provide information about the content (eg reading / writing / modifying a file's properties, the author of the document, the position from the GPS to an image, etc.) and the metadata about the communication (e.g., the sender, the recipient, the duration of the communication, the date and time of commencement of the communication, the communication channel, the communication protocol used, etc.). In the context of this study, the main interest is in metadata about communication.

Communication metadata is usually collected by telecommunications providers and internet service providers as part of their business activities. Different laws and regulations exist in Europe and other countries, which determine the retention period of this data. Lawful metadata tracking is intended for tracking required by law enforcement and is not considered bulk tracking. Analyzing metadata, despite not containing the content itself, can reveal very detailed information about the person who created it.

Another possible source of information containing private data is Cookies (HTTP cookie). Cookies are archives text that the websites we visit store on our hard drive. Cookies enable a smarter and faster navigation and are usually used to configure the content of a website, as well as the advertisements and features of third parties linked to it, when we visit it again. No evidence was found to confirm that government agencies used the information that can be deduced from the data contained in cookies through their cooperation with commercial tracking companies.

The structured nature of metadata is ideal for analysis using data mining techniques (data mining), such as pattern recognition, machine learning, and information or data fusion. The metadata analysis can reveal an extremely rich amount of information about people's habits and relationships, and when aggated - data over time or their association with other data sets - can expose even more rich personal information and correlation details. Unless special precautions are taken, some of the personal secrets of our everyday life will not be able to withstand a careful analysis of our metadata.

Οι κυβερνητικές υπηρεσίες παρακολουθούν τα μετα-δεδομένα είτε μέσω των δικών τους τεχνικών capabilities, είτε με πρόσβαση σε αυτά μέσω των παρόχων υπηρεσιών με βάση νόμιμων αιτημάτων/γενικευμένων ενταλμάτων ή υπό την απειλή προστίμων. Διαθέτουν επίσης ισχυρές δυνατότητες για να σπάσουν την προστασία ενός συστήματος και να διεισδύσουν στα συστήματα και στα δίκτυα με την εφαρμογή προηγμένης τεχνολογίας υλισμικού (hardware) και λογισμικού (software) [πχ. Fiber tapping and PRISM (surveillance program)].

Commercial monitoring technology vendors sell software applications and tools for tracking purposes and advanced solutions for lawful interception, collection, processing and / or analysis of communications data (including both metadata and the content of communications). Their customers are governments, intelligence agencies, national security and law enforcement agencies, using these platforms and information tools for collecting, processing and analyzing both bulk and targeted communications data.

The legal framework for commercial monitor technology suppliers is defined in different national and international laws, agreements and regulations. The Wassenaar (Wassenaar Agreement), a comprehensive international treaty on export controls, including monitoring technology, is signed by 42 states and 2013 has been extended to include collection or equipment tools and IP network monitoring systems by the information / enforcement. However, the June 2004 2014 UN Human Rights Watch (OHCHR) report states that in most countries legal standards are either non-existent or inadequate to deal with the modern communications monitoring environment (see Report of the Office of the United Nations High Commissioner for Human Rights, A / HRC / 27 / 37,The right to privacy in the digital age", 30 June 2014).

But national security services themselves have developed a set of sophisticated hardware and monitoring software tools that enable them to penetrate networking equipment, monitor mobile phones and computers and divert or even modify data without making perceived.

A particular emphasis on the effort of mass surveillance is found in breaking the encryption that prevents information and law enforcement services from accessing the relevant data. Software deficiencies in the implementation of encryption algorithms can lead to vulnerabilities that can be easily exploited, regardless of complexity, theoretical endurance, or the quality of the technical implementation of encryption. Security agencies have been able to exploit these vulnerabilities, supposedly allowing them to enter backdoor encryption standards, but have only limited success with traditional cryptanalytical attacks.

The new generation of cryptographic technology is good enough to avoid deterministic violent attacks and provides the most reliable protection against unauthorized access to data if its implementation parameters and configuration are made right. Major attacks occur when the implementations of current encryption technologies do not faithfully comply with their specifications or when errors and errors - sometimes deliberately - are injected at the code level. This is the reason for calling for a political action that will guarantee European citizens access to certified, durable and open source applications, different specifications, encryption.

It is virtually impossible for the end user to determine whether the metadata generated when browsing the internet, sending messages or performing other communications over the internet is analyzed or used by third parties and even less if one system is subject to a complex attack orchestrated by strong opponents such as government agencies. Citizens can protect their privacy by implementing conscious security practices and using special software tools and services to help hide their digital traces. Firewalls, anti-virus software, Virtual Private Networks, anonymizing proxies and networks, and, most importantly, cryptography, are those technical tools that are accessible to end-users. But even if it is possible to prevent unauthorized access to personal data or metadata by applying a mix of different protection mechanisms, there is no means to ensure complete exemption from such attacks.

Policy choices that are considered to help reduce the risk of privacy invasion by mass monitoring in a short and medium term are: (a) promoting operating systems and applications that allow continuous inspection and control by a large open source expert community and verification and validation bodies, and b) to invest and stimulate the integration of user-friendly tools with software solutions.

The threat from mass surveillance practices can not, however, be resolved on technical grounds. Information and Security Organizations will always have a competitive advantage in being able to win such a technological advance over Internet security because of the resources they have. The problem has to be addressed at a political level. An appropriate balance between civil liberties and legitimate national security interests must be determined on the basis of a public debate that enables citizens to decide both on their political rights that are affected and on their social values ​​at stake .

...

8 CONCLUSIONS [page 55]

Mass-tracking practices by intelligence and security agencies have attracted the interest of the mass media and the general public by publishing the confidential documents leaked by Edward Snowden. Mass monitoring is now a reality and has been applied for years by national intelligence agencies in a number of countries, such as the FIVE EYES alliance, but also by some other EU Member States and other countries.

Organizations participating in the practice of mass follow-up justify these methods with the doctrine of crime prevention and terrorism and the adoption of the principle of omniscience as their main purpose. The goal of hindering any communication that takes place over the internet and / or telephone networks is in many cases pursued with dubious implementation of legislation, unless they are definitely unlawful as intrusions into the IT and telecommunication systems. This strategy accumulates a quantity of information that can be processed and analyzed with artificial intelligence systems that are capable of distinguishing patterns that indicate illegal, criminal or terrorist activities.

Whilst the legitimate (and legal warrant) lawful monitoring of data on targeted suspects is a mandatory and indisputable law enforcement tool for the competent services to have access to data, the generalized collection approach through mass surveillance violates the the right to privacy and the freedom of speech. The rendering of judgments about suspicious types of data or behavior of citizens in intelligent computer systems, in addition, prevents accountability and threatens the implementation of an Orwellian-type monitoring society.

Many citizens are not aware of the threats they may face when using the internet or telecommunication devices. To date, the only way for citizens, to neutralize surveillance and have a prevention against the violation of their privacy, is to ensure an indestructible end-to-end (end-to-end) encrypting the content and the transport channel in all their communications.

Due to the number / complexity / heterogeneity of these tools, however, it is a very complex task to achieve by the majority of technically untrained users. This situation also requires sensitization and the provision of integrated, user-friendly and easy-to-use solutions that will guarantee the privacy and security of their communications.

But policy-makers need to understand that the issue of mass monitoring (first of all understanding that it is really a problem) can not be solved on technical ground but needs to be addressed at a political level. An appropriate balance between civil liberties and legitimate national security interests must be found and this balance should be based on a public debate that enables citizens to decide both on their political rights and on their social values at stake.