State Surveillance and Human Rights Camp

---

Click here to see the Wiki page of the event. See Elonnai's presentation here [PDF, 313 Kb].

---

DAY 1: Mapping Out Government Surveillance Problems

8:30 - 9:00 Registration

9:00 - 9:10 Welcome/Introduction

Katitza Rodriguez, Electronic Frontier Foundation [Peru, ES]

Simultaneous interpretation from Spanish to English and Portuguese.

Plenary: Kinds of Data, Ways of Getting It

09:10 - 10:30

Chair: Enrique Chaparro, Fundacion Via Libre [Argentina, ES]

Metadata, online identifiers, and technologies of surveillance

Seth Schoen, Electronic Frontier Foundation [United States, EN]

Simultaneous interpretation from English to Spanish and Portuguese.

• Surveillance is getting easier and cheaper for many reasons, not least because people are using electronic communications more than ever before, and there are so many facts out there to be noticed about the ways devices are talking to each other.
• I will talk about the kinds of things that refer to people and their devices, with a particular focus on telecommunications metadata and transactional records that are described as "non-content" and may receive lower levels of legal protection. I'll discuss who is in a position to record this information, some of the things that can be learned from it, and why traffic analysis is powerful and difficult to defend against.
• I'll try to explain concepts like MAC address, IP address, account name and number, telephone number, IMEI, IMSI, transient identifiers, log files, transactional records, locational privacy, and associational privacy.

How law enforcement agencies use cell phone location tracking technology in criminal cases

Hanni Fakhoury, Electronic Frontier Foundation [United States, EN]

• With the rise of smartphones, the U.S. government's use of cell site location data to pinpoint our exact location has grown more widespread (and precise) over time. For years, U.S. courts permitted the government to get this location data without a search warrant under a tortured interpretation of federal electronic privacy statutes and an even more alarming constitutional argument: that we don't have any privacy in data we turn over to third parties, like cell phone companies. This talk will review what location data is and why the police want it, how they can get it under U.S. law, and legal and practical steps that need to be taken to safeguard our privacy.

Simultaneous interpretation from English to Spanish and Portuguese.

Deep packet inspection: What it is, how it works, and how it is used for surveillance

Chris Parsons, Doctoral Candidate, University of Victoria [Canada, EN]

Simultaneous interpretation from English to Spanish and Portuguese.

• We are in the midst of a standardization revolution, a mass translation of discordant analogue signal types to interoperable digital transmission standards. All this digitized consumer traffic passes through the gateways of Internet Service Providers’ (ISPs). ISPs function as communicative bottlenecks, ideally positioning them to monitor, mine, and modify data using the Deep Packet Inspection (DPI) appliances situated within their networks. Some uses of these appliances could reshape the conditions of communication in democracies, blocking or modifying data transmissions in near real time.
• In this presentation I discuss the technical capabilities of deep packet inspection and its significance for increased private and public surveillance capabilities. Drawing from case material from academic and advocacy work, I identify how the technology has been used for ISP-level surveillance, for copyright purposes, for national security purposes, and for advertising purposes. Moreover, I address how advocates in differing nations have opposed various uses of the technology, why they have done so, and conditions that facilitate domestic resistance to deep packet inspections' uses.

Advances in online spying: Commercial surveillance software, targeted hacking and beyond

Morgan Marquis-Boire, Google [New Zealand, EN]

Eva Galperin, Electronic Frontier Foundation [United States, EN]

Simultaneous interpretation from English to Spanish and Portuguese.

• Against an increasingly security-aware online community, the traditional tools of blocking, filtering, and wiretapping have become less effective. Nervous regimes turn to the largely unregulated $5 billion a year industry in Internet surveillance tools.
• Once the realm of the black market and intelligence agencies, the latest computer spyware is now sold at trade shows for dictator pocket change.
• This talk will detail the cat and mouse game between authoritarian regimes and dissidents, as well as ongoing efforts to map out the relationship between surveillance software companies and governments.

10:30 - 10:40 Coffee Break

Workshops: Round I

10:40 - 11:50

Format: Interactive sessions with active participat0ion from the audience.

Workshop 1: Mobile privacy threats

• This workshop addresses the ways governments are tracking mobile devices’ location and use, and why it’s been harder to protect communications privacy on mobile devices than on PCs.

Facilitators:
Hanni Fakhoury, Electronic Frontier Foundation [United States, EN]
Seth Schoen, Electronic Frontier Foundation [United States, EN/PT]

Rapporteur:
Enrique Chaparro, Fundación Vía Libre [Argentina, EN/ES]

Workshop 2: Training activists about state surveillance capabilities

• In this workshop we’ll talk about some of new surveillance technologies that states are deploying, and the tactics that are used to legitimize the surveillance.
• Going beyond just ‘what is used and how’, we speak to some political tactics that advocates have used to resist these tools on practical and principled levels, some of the conditions that contribute to successes, and ways of mobilizing effective strategies against expansions of state surveillance.

Facilitator:
Chris Parsons, University of Victoria [Canada, EN]

Rapporteur:
Katarzyna Szymielewicz, European Digital Rights [Poland, EN]

Workshop 3: Tactics for opposing state sponsored malware and surveillance

• This workshop will review the different tactics government and non-government actors have employed to stop authoritarian regimes from making use of surveillance technology built in the United States and Europe to spy on their citizens.
• We will discuss corporate responsibility, export controls, as well as the role of security research and user education campaigns. The workshop will end with a brainstorm of at least one concrete action each workshop attendee can take.

Facilitators:

Eva Galperin, Electronic Frontier Foundation [United States, EN]
Morgan Marquis-Boire [New Zealand, EN]

Rapporteur:
Silvio Rhatto, Sarava Group [Brazil, PT]

Reporting Back Session

11:50 - 12:40 Chair:

Katitza Rodriguez, Electronic Frontier Foundation [Peru, ES]

Rapporteurs:
Enrique Chaparro, Fundación Vía Libre [Argentina, EN/ES]
Katarzyna Szymielewicz, European Digital Rights [Poland, EN]

• Report: Training Activists about State Surveillance Capabilities

Silvio Rhatto, Sarava Group [Brazil, PT]

Format: Each rapporteur has 10 minutes to report back about the results of their workshop discussion and 20 minutes to answer questions.

12:40 - 2:00 Lunch

Legal and Policy Plenary: Government Access to People’s Data

2:00 - 3:20

Chair: Pedro Paranaguá, Advisor for Internet Policy to the Workers’ Party in the Brazilian Chamber of Deputies [Brazil, PT/EN]

Different data, different rules? How the law has assigned varying levels of privacy protection to different categories of personal information

Kevin Bankston, Center for Democracy and Technology [United States, EN]

• Using the example of US law, this presentation will map the different legal protections that have traditionally been applied to different types surveillance of different types of data, and consider how to redraw that map in light of new technologies.
• Speaking generally, US surveillance law has been written based on the assumptions that: (1) surveillance of data on your computer is more invasive than access to your data in the cloud;(2) real-time surveillance is more invasive than access to stored data; (3) surveillance of the content of communications is more invasive than surveillance of non-content meta-data; (4) surveillance of newer communications is more invasive than surveillance of older communications.
• These assumptions have long defined which types of surveillance are most strongly regulated against and which types of data are most strongly protected by law. Changing technology has made these assumptions about invasiveness and privacy increasingly obsolete, assuming that they ever made sense at all. But if these distinctions are outdated, what if any legal distinctions between different types of surveillance or data should replace them? How, if at all, can the law sensibly distinguish between personal communications and communications data in which we have a reasonable expectation of privacy, and that which we do not?

Simultaneous interpretation from English to Spanish and Portuguese.

Internet companies as an agent of the state & european mandatory telecommunications data retention

Katarzyna Szymielewicz, European Digital Rights [Poland, EN]

• In this short presentation I will introduce European (i.e. based on EU legislation) regime of mandatory retention of telecommunication data for law enforcement purposes, explaining its political context, implementation and negative impact on human rights standards (not just privacy-related!).
• Using case studies of Poland and Germany I will present two strikingly different approaches to storing telecommunication data and law enforcement, thus questioning the necessity and proportionality of this controversial measure. I will also touch briefly on pending political developments (including the revision of the Data Retention Directive and the reform of data protection law in the EU), explaining what the stakes are, what European civil society organisations are fighting for and why it is such an important fight. Finally, I will explain how the debate about mandatory data retention feeds into a broader discussion about the role of Internet intermediaries, including both their independence from political pressure and protection of their clients from surveillance executed by “private police.”

Simultaneous interpretation from English to Spanish and Portuguese.

Crossborder access to citizen's data and cloud computing in the investigation of criminal cases: Regional trends

Marcos Salt, profesor de derecho penal y procesal penal de la universidad de Buenos Aires (UBA) [Argentina, ES]

• During the brief presentation, I will present practical examples of the problems caused by the application by analogy of the rules on physical evidence to obtain digital evidence.
• I try to show that this trend is inconvenient to both for efficiency in the investigation of crimes by the state as to the validity of individual rights. I will place special reference to cross-border access to citizen's data in the cloud.

Simultaneous interpretation from Spanish to English and Portuguese.

Background on lawful interception mandates and government access to encryption keys

Seth Schoen, Electronic Frontier Foundation [United States, EN]

Simultaneous interpretation from English to Spanish and Portuguese.

• In this session, I'll discuss some of the history of fights over government surveillance powers and government access in the United States, starting in the early 1990s and continuing to the present day. These issues have centered on three main themes: restrictions on cryptography and privacy tools, obligations for communications intermediaries to acquire and implement surveillance capabilities, and mandatory retention of telecommunications data.
• One interesting point is that many of the same themes keep recurring: the powers that the government is seeking today are often similar to those it sought two decades ago.
• Another interesting point is that the government has not always been successful in expanding its surveillance powers. Many of its proposals never became law and there are still plenty of issues left to fight over. But governments around the world are continuing to having a major effect on the design of technology, getting wiretapping interfaces and backdoors added to communications systems and discouraging deployments of strong encryption.

MLATS and International Cooperation for Law Enforcement Purposes

Elonnai Hickok, Center for Internet & Society India [India, EN]

• In this session I will be looking at the challenges, requisite safeguards, and possible solutions in the context of international cooperation for fighting crime. In doing so I will look closely at the proposed principle of safeguards for international cooperation.
• The objective of this session will be to explore ways of improving MLATS and international law enforcement cooperation in order to ensure that basic safeguards can be built into the process of international cooperation.

Simultaneous interpretation from English to Spanish and Portuguese.

Format: 10-15 minutes for each five speakers to introduce legal issues and 20 minutes of discussions

3:10 - 3:20 Coffee Break

Workshops: Round II

3:20 - 4:30

Workshop 1: Electronic surveillance demonstrations

• In this workshop, we'll take a look at a few electronic surveillance devices (including an ordinary laptop) and look at some of what they can intercept. Technological infrastructure permitting, we may have a live demonstration of intercepting or modifying users' Internet communications.
• We'll also consider low-cost surveillance techniques and discuss what kinds of demonstrations have the most pedagogical value for making users aware of particular threats.

Facilitator:
Seth Schoen, Electronic Frontier Foundation [United States, EN]

Rapporteur:
Eva Galperin, Electronic Frontier Foundation [United States, EN/ES/PT]

Simultaneous interpretation from English to Spanish and Portuguese.

Workshop 2: Legal framework regarding compelled disclosure of communications, subscriber information, and cryptographic keys

• In this workshop we will cover various examples of compelled disclosure of private information (from subscriber information and content of communication to cryptographic keys) in the context of law enforcement, focusing on their legal aspects. We will briefly present various legal frameworks, discussing both the examples of legal safeguards (“good practices”) and their shortcomings that allow for government surveillance.
• We will also look at various human rights implications of these measures and (potential / existing) role of private companies from the perspective of their compliance with such measures (incl. when requested by non-democratic regimes).

Facilitators:
Katarzyna Szymielewicz, European Digital Rights [Poland, EN]
Elonnai Hickok, Center for Internet & Society India [India, EN]

Rapporteur:
Hanni Fakhoury, Electronic Frontier Foundation [United States, EN]

Workshop 3: What data is most private? What surveillance is most invasive? How if at all should laws treat them differently?

• This workshop will build on the discussion that began in the law & policy plenary, discussing how certain surveillance laws have applied different legal protections to different types of data and surveillance, and questioning whether such distinctions make sense in light of new technology.
• The workshop will address that question from legal, personal, and political perspectives. Participants will share with each other details of how the laws in their countries treat different types of data and different types of surveillance, to facilitate shared understanding of the existing legal frameworks and to identify existing gaps and discrepancies in current legal protections.
• Based on their own personal experiences as Internet users and as advocates, participants will then discuss what data in their lives they consider most private and what types of surveillance they find most invasive, and reflect on how if at all the law should distinguish between them. Finally, participants will discuss the politics of these different frameworks: both how gaps and weaknesses in existing frameworks threaten the ability of advocates to politically organize in the face of government surveillance, and how we can best work through the political process and change those frameworks to better reflect current technology and human rights norms.

Facilitators:
Kevin Bankston, Center for Democracy and Technology [United States, EN]
Danilo Doneda, Fundação Getúlio Vargas [Brazil, PT/EN]

Rapporteur:
Beatriz Busaniche, Fundación Vía Libre [Argentina, ES]

Reporting Back Session & Closing Meeting Day 1

4:30 - 5:20

Chair:
Katitza Rodriguez, Electronic Frontier Foundation [Peru, ES]

Rapporteurs:
Eva Galperin, Electronic Frontier Foundation [United States, EN/ES/PT]

• Report: Demonstrating Surveillance

Hanni Fakhoury, Electronic Frontier Foundation [United States, EN]

• Report: Compelled Disclosure of Communications, Subscriber Information & Cryptographic Keys

Beatriz Busaniche, Fundación Vía Libre [Argentina, ES]

• Report: What Data is Most Private? What Surveillance is Most Invasive? Should Laws Treat Different Data Differently?

8:30 pm Dinner

DAY 2: Challenges and Mapping Out Possible Solutions
8:55 - 9:00 Welcome

Plenary: Surveillance in Latin America
9:00 - 10:20

Chair: Camila Marques, Lawyer, ARTIGO 19 [Brazil, PT]

Surveillance in Colombia
Carlos Eduardo Huertas, Semana [Colombia, ES]

Surveillance in Cuba
“Mario Hernandez” [Cuba, ES]

Surveillance in the Northern Triangle
Renata Avila, Global Voices [Guatemala, ES]

Surveillance in Peru
Yonsi Solis, Global Voices [Peru, ES]

Surveillance in Mexico
Caracol Azul, [Mexico, ES]
This session will have simultaneous interpretation from Spanish to English and Portuguese

Keynote: Challenges Posed By Electronic Surveillance

10:20 - 10:40
Frank La Rue, United Nations Special Rapporteur on Freedom of Expression [Guatemala, ES]
Increasing pressure (legal and political) on private parties to help carry out the state’s surveillance mandate.

Simultaneous interpretation from Spanish to English and Portuguese

10:40 - 11:00 Coffee Break

Plenary: International Surveillance & Human Rights Principles: Challenges and Opportunities in Latin America

11:00 - 11:50

Chair: Carly Nyst, Privacy International [Australia/UK, EN]
Simultaneous interpretation from English to Spanish and Portuguese.

Explanation of the Principles: Background, purpose, need, challenges and opportunities

Chilean and Latin American perspectives

Alberto Cerda, Derechos Digitales [Chile, ES]
Simultaneous interpretation from Spanish to English and Portuguese

Expansion of Brazilian law enforcement powers to access users’ digital information

Pablo Ortellado, GPOPAI [Brasil, PT/EN]
Simultaneous interpretation from Portuguese to Spanish and English

Surveillance and regional human rights standards

Juan Camilo Rivera, Comisión Colombiana de Juristas [Colombia, ES]
Simultaneous interpretation from Spanish to English and Portuguese

Workshops: Round III

11:50 - 1:00

Workshop 1: International surveillance and human rights principles: Perspectives from Latin America

Facilitator:
Alberto Cerda, Derechos Digitales [ES] & Carly Nyst, Privacy International [UK, EN]

Rapporteur:
Juan Camilo Rivera, Comisión Colombiana de Juristas [Colombia, ES]

Workshop 2: Technical community activism
What is the technology community doing to defend privacy?

Facilitators:

Enrique Chaparro, Fundación Vía Libre [Argentina, ES ]
João Carlos Caribé, Movimento Mega (aka Mega Não) [Brazil, PT/EN]

Rapporteur:
Eva Galperin, Electronic Frontier Foundation [USA, EN]

Plenary: Hands-on Activism

2:40 - 3:50 p.m.

• Chair: Rebecca Bowe, Electronic Frontier Foundation [United States, EN]

Simultaneous interpretation from English to Spanish and Portuguese.

• What is meant by Hands-On Activism? As you’ll learn from our panelists, there are many strategies that can be utilized to push back against a surveillance practice or proposal. We’ll cover the most effective ways to obtain public records; strategies for generating interest in digital rights issues; fresh and extraordinary approaches to creative campaigning, and tactics used by an international nonprofit to tackle privacy issues with online campaigns.

Raising digital awareness in Peru

Marco Sifuentes, Instituto Prensa y Sociedad [Peru, ES]

• Peru has a very active and influential online community. It can affect the course of elections, prove the president wrong and stop law projects. It can work very well on "real world" matters. But when it comes to online issues, it's been hard to raise awareness on the Peruvian general public and even on the media. What went wrong? However, in the past year, some digital topics have received a lot of coverage. Some not. What changed? I’ll share Peru's experience in the hope that every participant can compare it with his or her own country's situation.

Online organizing for human rights

Fabiola Carrion, Access [Peru, ES/EN]

• A recent addition to the Access Team, Fabiola will begin her presentation by talking about her own experiences in organizing and advocacy, arguing that the struggle for human rights is increasingly moving online. She will discuss new tools of organizing, and the importance of combining technology, policy, and grassroots advocacy tactics to affect holistic change in internet policy debates. Her presentation will include a series of short case studies from around the world where Access, along with its various allies, have successfully campaigned for a free and open internet. Her presentation will conclude with a discussion of lessons learned and best practices for online organizing, particularly around issues of surveillance and due process.

Surveillance and secrecy: Strategy and tactics - Using the law to uncover abuse of LEAs’ surveillance powers

Geoff King, Lawyer [United States, EN]

• Open government laws, though riddled with exemptions, are powerful tools for shedding light on the governmental operations. One way in which these laws can be used is to uncover the existence of law enforcement surveillance, as well details about the tools used to achieve such surveillance. This portion of the presentation will explore how journalists and activists can employ successful transparency strategies in the face of various procedural pitfalls. It will also give concrete examples of how such strategies have paid off in the recent past.
• Presentation Materials

Creative campaigning: tactical media mashup
Vladan Joler, Share Foundation [Serbia, EN]

• Explore the beautiful world of tactical media as a creative tool for getting your message out there.
• From creative campaigning during Serbian protests in the 90s to “lo fi” media interventions, protests inside computer games, media pranks and parasite media tactics to social media bots and Twitter bombs.
• Presentation Materials

Simultaneous interpretation from English to Spanish and Portuguese Return to Top

3:50 - 4:10 Coffee Break

Workshops: Round IV

4:10 - 5:10

Workshop 1: What the international surveillance and human rights principles are asking the governments to do?

• This session will be used to call out exactly what the International Surveillance and Human Rights Principles are asking governments to change or legislative/policy actions they are asking governments to take. This will hopefully be useful in helping individuals and organizations understand what aspects to highlight and push when proposing the principles and why.

Facilitators:

Katitza Rodriguez, Electronic Frontier Foundation [Peru, ES]
Elonnai Hickok, Center for Internet & Society India [India, EN]

Rapporteur:
Graciela Selaimen, NUPEF [Brasil, EN/ES/PT]

Workshop 2: Creative campaigning: tactical media mashup & anti-surveillance campaigns

• What are activists around the world doing to counter surveillance proposals and practices? And what could they be doing, with just a little more knowledge and inspiration? At this session, workshop facilitators will share stories about successful campaigns launched around the world in response to government surveillance. How did a humorous Twitter hashtag about a proponent of surveillance legislation rise to “trending” status on Twitter? How did a small team of digital rights activists in Argentina manage to position themselves as one of the most trusted media sources on issues relating to privacy in the digital realm? How did a small group of activists manage to reach biggest world media and how are activists creating their own media? We’ll then open it up for a group discussion in which participants can share their own stories of effective tactics from around the world, and explore ideas for collaborating and harnessing the knowledge gleaned from our collective experiences.

Facilitators:

Rebecca Bowe, Electronic Frontier Foundation [United States, EN]
Vladan Joler, Share Foundation [Serbia, EN]

Rapporteur:
Hisham Almiraat, Global Voices Advocacy [Morocco, EN]

Reporting Back Session & Closing Remarks

5:10 - 6:00

Chair:
Katitza Rodriguez, Electronic Frontier Foundation [Peru, ES]

Rapporteurs:
Graciela Selaimen, NUPEF [Brasil, EN/ES/PT]

Renzo Lavin, Asociación Civil por la Igualdad y la Justicia [Argentina, ES]
Hisham Almiraat, Global Voices Advocacy [Morocco, EN]

Each breakout session will have one designated rapporteur, one note-taker, and a module to work around.