This week, the highest body of the European Court of Human Rights heard arguments against the mass surveillance programs of two countries, Sweden and the United Kingdom.
The legal proceedings in the two cases started years before, in 2008 and 2013, respectively, with the litigation eventually reaching the court's highest body, the ECHR Grand Chamber, who heard them one after the other, in succession on Wednesday, July 10.
Both cases made similar arguments, asserting that the signals intelligence programs in the two respective countries set up mass surveillance operations to intercept all citizens' communications, kept the programs secret, and ran them -- and continue to run them -- without proper oversight and checks and balances in place.
Now, human rights groups are requesting the European Court of Human Rights (ECHR) to rule against the two bulk surveillance programs and impose safeguards to protect citizen's rights to privacy and freedom of expression.
The Sweden case
The Sweden case was filed by a local non-profit foundation named "Centrum för rättvisa" in 2008.
The organization argued that Sweden's signals intelligence collection program ran by the Swedish National Defense Radio Establishment (FRA) had received legal powers that allowed it to intercept all communications inside the country without proper oversight.
The organization argued that "the mere existence of the legislation" amounted in itself to a breach of a Swedish citizen's right to private life and secret of correspondence, and that the FRA could intercept communications for people it had no suspicion or reason to do so, and then it could share this data with foreign intelligence organizations.
After years of litigation, and after the Swedish government amended its surveillance law three times to introduce various safeguards, the ECHR ruled in June 2018 in favor of the Swedish state.
The ECHR said last year that the Swedish government had "discretionary powers in protecting national security, especially given the present-day threats of global terrorism and serious cross-border crime" and that "the Swedish system of bulk interception provided adequate and sufficient guarantees against arbitrariness and the risk of abuse."
This week's hearing marks a last-ditch effort from the Swedish non-profit to corral and impose restrictions on Sweden's mobile and internet traffic interception capabilities, which it still considers overpowered.
"This case, together with the case of Big Brother Watch and others against the United Kingdom, heard by the Grand Chamber earlier today, represents an important moment for the protection of privacy and correspondence in the digital age," said Mrs. Evans, a representative for Centrum för rättvisa during the organization's argument at the ECHR on Wednesday [video here].
"It is the first opportunity for Europe's premier human rights court to stipulate whether and under what conditions bulk interception of this scale and intensity may be carried out under the convention [European Convention on Human Rights].
"This case, in particular, raises important questions about the consideration of member states should give to human rights when transferring intercepted data to foreign governments and to international organizations," Mrs. Evans added.
The UK case
The UK case, heard by the court hours before the Swedish case, also made similar arguments. This case was lodged against the UK government in 2013, following revelations by former NSA contractor Edward Snowden.
At the time, documents leaked by Snowden exposed the existence of a dragnet surveillance program operated by the UK government, without a clear legal foundation, proper safeguards, and which also shared data of UK citizens with the intelligence services of other countries.
Several organizations filed three different cases against the UK with the ECHR, representing journalists, individuals, and human rights organizations. Organizations who put their names on complaints included Big Brother Watch, Access Now, Amnesty International, the American Civil Liberties Union, Open Rights Group, and many other more.
In September 2018, the ECHR sided with these organizations and found that the UK's surveillance program violated the European Convention on Human Rights and that the program had insufficient oversight to prevent abuse; however, it did not impose a particular judgment.
"Exposed to the light of day, some of the UK's industrial-scale surveillance practices have already been found unlawful, but Europe's highest human rights court could now decide to entirely do away with dragnet surveillance and unfettered transnational sharing of millions of people's private data," said Lucy Claridge, Amnesty International's Director of Strategic Litigation.
"We need to be protected from intrusive and over-powerful states that think nothing of secretly harvesting and sharing vast amounts of our private data and communications."
Now, these organizations have taken their case to the highest court of the ECHR and want it to do away with the UK's surveillance program altogether.
"This is the last stand in our legal challenge against the UK's secret mass surveillance practices," said Silkie Carlo, Director of Big Brother Watch. "This challenge will determine whether human rights frameworks are able to protect democracies from the surveillance creep that recent technological leaps have enabled. The stakes are incredibly high and the Grand Chamber now has a vital opportunity to protect the future of the right to privacy in Europe."
According to a recording of the UK ECHR hearing, the UK government admitted to running the program and called it necessary.
In 2014, the UK government won its case against human rights organizations in front of the UK Investigatory Powers Tribunal, but the organizations took their fight to the ECHR in subsequent complaints.
After hearing both cases this week, the court is expected to deliver a judgment early next year, an Amnesty International spokesperson told ZDNet today.
Other cases against mass surveillance programs in other countries have also been filed at the ECHR in recent years, including against Austria, France, Germany, and Russia.
Related government coverage:
- US Coast Guard warns about malware designed to disrupt ships' computer systems
- US wants to isolate power grids with 'retro' technology to limit cyber-attacks
- Cyber spies take a step out of the shadows with history of codebreaking
- German banks are moving away from SMS one-time passcodes
- Croatian government targeted by mysterious hackers
- US mayors group adopts resolution not to pay any more ransoms to hackers
- How Estonia became an e-government powerhouse TechRepublic
- Sri Lanka blocks social media after deadly Easter explosions CNET