From Christopher Wolf, Financial Times: It is naive to think that European intelligence agencies do not use data collected from phone and internet companies in their investigations. Privacy hawks may also be surprised to learn that the US imposes at least as much due process and oversight on foreign intelligence surveillance as others. Currently, there is quarrelling over how well the judicial and legislative approval process is working in America. But the fact that it exists at all is the critical point because few countries provide the kind of framework of judicial authorisation and legislative oversight of national security investigations found in the US.
In France, for example, no court is involved in interceptions under the law governing access to information on national security grounds, and the interceptions are kept secret. Requests for interception are presented to the prime minister’s office, which grants authorisation. Afterwards, the authorisations are presented to a special security commission that can evaluate the justification for the warrant and inform the prime minister of any concerns. . . .
In Germany, the federal office of investigation has broad authority in investigations that concern national security or terrorism. For example, it is permitted to use a computer virus, the Bundestrojaner (“Federal Trojan”), to search IT systems, monitor communications and collect data without the knowledge of users or service providers. While a court order is needed to use the Trojan, service providers are not aware of its deployment. In the US, service providers are notified of acquisition orders, which they can contest.
In the UK, interception warrants relating to foreign intelligence are generally issued by the foreign secretary. Unlike in the US, the courts play no role in the authorisation or review of these interceptions. . . .
European critics of US privacy protections would be well advised to take stock of their own countries’ national security access to personal data.
The writer is head of global privacy and information management at law firm Hogan Lovells and is co-author of a study of national security access to data in the cloud. (graphic: Privacy Perspectives)