Mass surveillance 'endangers fundamental human rights,' says European study

Countries should make laws restricting surveillance capabilities, says a European study

Mass Internet surveillance endangers fundamental human rights and has not helped to prevent terrorist attacks, a top European human rights body concluded after analyzing documents leaked by Edward Snowden in 2013.

The leaks detailing government mass surveillance programs have shown "compelling evidence" of "far-reaching, technologically advanced systems" put in place by U.S. intelligence services and their partners to collect, store and analyze communication data on a massive scale, which threaten fundamental privacy rights, a report by the legal affairs and human rights committee of the parliamentary assembly of the Council of Europe found. States should do more to protect whistleblowers like Snowden, the report said.

The parliamentary assembly can't create legislation, but has the right to hold the governments of Council of Europe member states to account over their human rights records. It can also press those states, including those in the European Union and some in the former Soviet Union, to achieve and maintain democratic standards.

Its legal affairs committee is "deeply concerned" about the mass surveillance practices and found that mass surveillance does not appear to have contributed to the prevention of terrorist attacks, contrary to earlier assertions made by senior intelligence officials. "Instead, resources that might prevent attacks are diverted to mass surveillance, leaving potentially dangerous persons free to act," it said.

That conclusion puts the committee at odds with those who have called for more surveillance powers in the EU in the wake of the shootings at satirical newspaper Charlie Hebdo in Paris. The EU's Counter-Terrorism Coordinator for instance has called on the European Commission to oblige Internet companies to share encryption keys with police and intelligence agencies to fight terrorism. That's a remarkable suggestion given that Internet companies including Google and Facebook have just begun encrypting their traffic because of the Snowden revelations.

The committee's report, released on Monday, instead calls on countries to promote wide use of encryption technology and to "resist any attempts to weaken encryption and other Internet safety standards." That, it said, will help protect citizens' privacy and also help countries defend national security from spying by rogue states, terrorists and ordinary criminals.

The Council of Europe's parliamentary assembly was asked to adopt the still provisional report in order tor urge the 47 countries represented in the assembly to stop using mass surveillance techniques.

National laws should only allow the collection of personal data without consent following "a court order granted on the basis of reasonable suspicion," the report said. In addition, unlawful data collection should be penalized and the creation of "backdoors" to circumvent security measures should be strictly prohibited. Moreover, all institutions and businesses holding personal data should be compelled to use the most effective security measures available.

To ensure these laws will be followed, better judicial and parliamentary control of intelligence services is needed, the report said. It also urged countries to provide credible, effective protection for whistleblowers exposing unlawful surveillance.

The parliamentary assembly of the Council of Europe elects the judges of the European Court of Human Rights, which is currently dealing with several cases based on Snowden revelations which allege that mass surveillance by British intelligence services have violated human rights.

The legal affairs committee urged countries to agree on an "intelligence codex" defining mutual obligations that secret services could opt into; ban the use of surveillance for political, economic or diplomatic purposes; promote user-friendly, automatic data protection techniques capable of countering mass surveillance, and refrain from exporting advanced surveillance technology to authoritarian regimes.

The report is due to be debated by the full plenary assembly in April. If adopted, recommendations will be made to the Committee of Ministers, the Council of Europe's decision making body composed of the Ministers for Foreign Affairs of the 47 states, to take the necessary measures to uphold the fundamental right to privacy on the Internet.

Loek is Amsterdam Correspondent and covers online privacy, intellectual property, online payment issues as well as EU technology policy and regulation for the IDG News Service. Follow him on Twitter at @loekessers or email tips and comments to

Join the CSO newsletter!

Error: Please check your email address.

Tags Council of EuropeGovernment use of ITsecuritygovernmentprivacy

More about EUEuropean CommissionFacebookGoogleIDGNews

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Loek Essers

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts