Jump to content
Not connected, Your IP: 3.236.98.81
DarkSpace-Harbinger

Sweden doubles down on data retention surveillance, includes VPN surveillance in new leaked proposal

Recommended Posts

this is so bad but I'm not very surprised.

It's gonna get very bad for VPN company's very soon especially now that more and more people start to use them.

And to think I'm using Sweden and Holland server's like 90% of the time...uh.

Share this post


Link to post

this is so bad but I'm not very surprised.

It's gonna get very bad for VPN company's very soon especially now that more and more people start to use them.

And to think I'm using Sweden and Holland server's like 90% of the time...uh.

Yup, seems more and more that there are increasingly fewer countries to turn to for online privacy. If any.

Share this post


Link to post

a Swedish VPN provider send me a reply about that.

here it is :

 

"Regarding the leaked surveillance proposal, PrivateInternetAccess seem to have misunderstood the proposal.

What the investigation suggests (according to the leaked information) is to force ISP providers to keep a log when someone first starts using a VPN service. While it is definitely a step in the wrong direction, there's not much anyone can do with that information as we do not keep any logs. Additionally, using  a VPN is not illegal and is not proof of a crime. Even if they were to keep these logs, the government would not be able to spy on users connected to our VPN as we do not keep any logs. Additionally, the ISP would not be able to say anything beyond "this user has connected to a VPN."

Also, the suggestion does not make VPNs illegal, nor does it mention anything about VPN providers being forced to keep logs. You also need to remember that the European court was crystal clear on data retention laws being against human rights and thus illegal. Sweden, being in the European Union, are forced to follow the rules and regulations set by the European court. This is the same reason that the Snooper's Charter in the UK was struck down by the European Court due to it being in direct violation to the rules and regulations set forth by the European court.

 What Bahnhof leaked is a suggestion and not something that has yet been decided on. Swedish politicians do not have to accept the suggestion or do anything with it. The leak just shows that an independent study has been made and that they have suggested stricter data retention laws — it does not state that politicians have discussed implementing stricter laws.

Until we get actual news of such a proposal, we consider it to be a PR move from Bahnof. If the proposal goes further and is something the Swedish government decide to implement, we will, of course, look over our options and investigate whether it is fitting to move the company to another country."

Share this post


Link to post

Hello!

 

a Swedish VPN provider send me a reply about that.
here it is :
 
"Regarding the leaked surveillance proposal, PrivateInternetAccess seem to have misunderstood the proposal.

 
Probably not even this: note the late update in Banhof press release. Translated into English it sounds like:
 

Update 2017-08-29: In previous version, we wrote that "first activation of anonymization services" was for VPN. This is unlikely to be true, but refers to prepaid cards for mobile telephony.

 

Kind regards

Share this post


Link to post

Let me just add that the snoopers charter is now in full effect in the UK so the European court didn't make much of a difference it just required tweaking a little so it makes no difference

 

Sent from my SM-G935F using Tapatalk

Share this post


Link to post

Just to note.

 

There is no institution called the "European court".

 

There is the "European Court of Human Rights" which is part of the "Council of Europe" (nothing to do with the EU) and administers the "European Convention on Human Rights". The there is also the EU's "European Court of Justice".

 

On a cursory investigation it appears that what I suspected was true. The rulings on data retention come from the "European Convention on Human Rights" (not an EU treaty), so these rules do not depend upon Sweden's membership of the EU.

Share this post


Link to post

On a cursory investigation it appears that what I suspected was true. The rulings on data retention come from the "European Convention on Human Rights" (not an EU treaty), so these rules do not depend upon Sweden's membership of the EU.

 

Hello!

 

If you talk about the rulings of the EUCJ about Data Retention:

https://curia.europa.eu/jcms/upload/docs/application/pdf/2014-04/cp140054en.pdf

https://curia.europa.eu/jcms/upload/docs/application/pdf/2016-12/cp160145en.pdf

 

they are based on EU law, of which the EU Charter of Fundamental Rights is an essential and binding document after the Lisbon treaty.

 

As a side note, the European Convention on Human Rights has been ratified by all the EU Member States and also by various non-EU countries.

 

Additionally, it is imnportant to note that the EUCJ has considered (and will continue to do so) the ECHR as an integral part of the EU legal framework on fundamental rights, to prevent any possible conflict between EUCJ and and Council of Europe court decisions and clarify no inconsistency or contradiction (after Lisbon) between ECHR and the Charter of Fundamental Rights of the European Union.

 

Finally, the EUCJ decisions are binding for all Member States. As long as UK is still a member of the EU, the decision is binding for UK too. Note that infringing those decisions would also infringe the fundamental rights as enshrined in the ECHR, which has been signed by the UK and will remain into force regardless of the fact that UK is an EU Member State or not.

 

Kind regards

Share this post


Link to post

It's typical for people to mix up the two courts.

 

The "European Convention on Human Rights" predates the EU, and itself has nothing to whatsoever to do with membership of the EU. It is a convention of the Council of Europe.

 

On your example of the UK. The UK joined the Council of Europe in 1949 at its foundation. The Convention on Human Rights came into force in 1953; twenty years before the UK joined the Common Market (subsequently the EEC and EU).

 

Rules on data retention were set in a case in the European Court of Human Rights, not a EU institution, interpreting the Convention on Human Rights and subsequently interpreted by the European Court of Justice (the EU institution).

 

There has been a lot of misunderstanding in the UK over the status of the European Court of Human Rights and the Convention on Human Rights. Some have been happy to let that confusion reign; creating the misleading impression that we would be leaving the the jurisdiction of the Court of Human Rights and the Convention on Human Rights.

 

In the end, quite frankly, EU law, its jurisdiction, the implementation of the charter etc are extremely complex and opaque on this matter. This complexity and opaqueness seems to be an institutional requirement in the EU when they wish it. EU law on data retention is far from clear and it is far from clear what the judgements of the European Court of Justice actually mean (if anything), or whether they extend beyond the ECHR. This is reflected in this article by the lawyer Vanessa Franssen

 

http://europeanlawblog.eu/2016/07/25/the-future-of-national-data-retention-obligations-how-to-apply-digital-rights-ireland-at-national-level/

 

 

 

PS.

 

You write:

 

"Finally, the EUCJ decisions are binding for all Member States. As long as UK is still a member of the EU, the decision is binding for UK too. Note that infringing those decisions would also infringe the fundamental rights as enshrined in the ECHR, which has been signed by the UK and will remain into force regardless of the fact that UK is an EU Member State or not."

 

No, that is not true. The European Court of Justice (ECJ) interprets EU law. That may, for the EU, include the European Convention on Human Rights (ECHR). But, the ECJ has no jurisdiction or role in the ECHR. Therefore no ruling by the ECJ can have any bearing on the ECHR, only EU law.

Share this post


Link to post

It's typical for people to mix up the two courts.

 

The "European Convention on Human Rights" predates the EU, and itself has nothing to whatsoever to do with membership of the EU. It is a convention of the Council of Europe.

 

No confusion. If you think otherwise you have failed to read properly the message you quote. Additionally, you are the confused one. See below.

 

 

On your example of the UK. The UK joined the Council of Europe in 1949 at its foundation. The Convention on Human Rights came into force in 1953; twenty years before the UK joined the Common Market (subsequently the EEC and EU).

 

 

That's totally irrelevant. The relevance here is that the EUCJ is treating the ECHR as a part of EU law to prevent any contradiction with the Council of Europe decisions and any inconsistency with the Charter of Fundamental Rights of the EU, posing the legal foundation to challenge data retention legal framework in the UK on the very same basis of both decisions (because UK will remain a member of the Council of Europe even when it will go out of the EU, and because the ECHR has been undersigned and much later transposed into the national legislation of the kingdom).

 

No, that is not true. The European Court of Justice (ECJ) interprets EU law. That may, for the EU, include the European Convention on Human Rights (ECHR). But, the ECJ has no jurisdiction or role in the ECHR. Therefore no ruling by the ECJ can have any bearing on the ECHR, only EU law.

 

Ad abundantiam we remind the readers that the Treaty of Lisbon established the accession of the EU and the EU Member States even to the ECHR, and not as an option, but as a duty. This has been clarified many times (last but not least by the Parliament, for example here http://www.europarl.europa.eu/thinktank/en/document.html?reference=EPRS_BRI%282017%29607298). Even if such accession is problematic in the sense that it could be deemed insufficient to protect EU citizens human rights, it does not affect the fact that the EUCJ has never found a case for which contradiction of the ECHR was necessary, and that the EU Charter is heavily based on the ECHR.

 

 

Rules on data retention were set in a case in the European Court of Human Rights, not a EU institution, interpreting the Convention on Human Rights and subsequently interpreted by the European Court of Justice (the EU institution).

 

 

No, you are totally mistaken and confused. The decisions come from the EUCJ (the Court of Justice of the European Union) upon requests of various courts of different Member States. Nothing to do with the Council of Europe. Stop trolling and read. We have provided links to the press releases of the EUCJ in our previous message.

 

 

In the end, quite frankly, EU law, its jurisdiction, the implementation of the charter etc are extremely complex and opaque on this matter. This complexity and opaqueness seems to be an institutional requirement in the EU when they wish it. EU law on data retention is far from clear and it is far from clear what the judgements of the European Court of Justice actually mean (if anything), or whether they extend beyond the ECHR. This is reflected in this article by the lawyer Vanessa Franssen

 

http://europeanlawblog.eu/2016/07/25/the-future-of-national-data-retention-obligations-how-to-apply-digital-rights-ireland-at-national-level/

 

The decisions are exceptionally clear, please read them. If you have doubts, the second decision is stronger (even if the first one makes the 2006/24/EC invalid with retro-active effect, the second decision is even stronger), perhaps because the first was not well understood by some Member States legislators who played with words and tried to instill doubts just like you are doing now.

 

You have linked an article that was written six months before the second decision was taken. Irrelevant but coherent with your apparent, not so well hidden, intent. Are you in good faith?

 

Kind regards

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...