Guy Faux

UN Gets Critical About The Centralized Monitoring System (CMS). Is The CMS a Human Rights Violation?

Guy FauxIn the past year we have seen countries and governments across the world clamp down on their citizens using surveillance and censorship technologies on all types of digital communications. These methods have curtailed the freedom of expression or freedom of speech, that everyone is entitled to.

A recent report by the Human Rights Council of the UN said “ In many countries, Internet filtering is conducted under the guise of maintaining social harmony or eradicating hate speech, but is in fact used to eradicate dissent, criticism or activism.”

The report on ‘Promotion and protection of all human rights, civil, political, economic, social and cultural rights, including the right to development’ was also critical about the implementation of The Centralized Monitoring System (CMS) in India.

“The Government of India is proposing to install a Centralized Monitoring System that will route all communications to the central Government, allowing security agencies to bypass interaction with the service provider.Such arrangements take communications surveillance out of the  realm of judicial authorization and allow unregulated, secret surveillance, eliminating any transparency or accountability on the part of the State.” The report said.

The agenda of the report was to analyse the implications of States’ surveillance of communications on the exercise of the human rights to privacy and to freedom of opinion and expression.

Here are some key findings, about surveillance and censorship methodologies that were adopted by countries, from the report:

  • Countries are using real-time interception technologies in order to listen to and record the phone calls of any individual using a fixed line or mobile telephone. Using this technology, countries can assess an individual’s location can be ascertained, and their text messages read and recorded. By placing a tap on an Internet cable relating to a certain location or person, State authorities can also monitor an individual’s online activity, including the websites he or she visits.

  • Some states are using off-the-air mobile monitoring devices called International Mobile Subscriber Identity (IMSI) catchers. These devices can be installed in a location temporarily or permanently. These catchers imitate a mobile phone tower by sending and responding to mobile phone signals in order to extract the unique subscriber identification module (SIM) card number of all mobile phones within a certain area.

  • A lot of government agencies are also acquiring offensive intrusion software, including so-called “Trojans” (also known as spyware or malware), that can be used to turn on the microphone or camera of a device, to track the activity conducted on the device, and to access, alter or delete any information stored on the device without being detected.

  • Devices that can track and record Internet and telephone communications on a national scale are also being used. By placing taps on the  fibre-optic cables, and applying word, voice and speech recognition, agencies can achieve almost complete control of tele- and online communications.

  • In many countries, mandatory data retention is facilitating massive collection of communications data that can later be filtered and  analysed. Some of these technologies can scan phone calls and text messages to identify the use of certain words, voices or phrases, or filter Internet activity to determine when an individual visits certain websites or accesses particular online resources.

  • “Black boxes” are designed to inspect the data flowing through the Internet in order to filter through and deconstruct all information about online activity. This method, called “deep-packet inspection”, allows them to go beyond gaining simple knowledge about the sites that individuals visit, and instead  analyse  the content of websites visited.

  • Social media monitoring is another method employed by a lot of countries. The have the  infrastructure to physically monitor activities on social networking sites, blogs and media outlets to map connections and relationships, opinions and associations, and even locations.

  • Also highly sophisticated data mining technologies are used, Some countries have also acquired technical means to obtain usernames and passwords from social networking sites such as Facebook.

  • In addition to this agencies may also seek access to communications data held by third party service providers and Internet companies. This is mainly due to the progressively larger amounts of  varied data that reveal sensitive information about peoples’ daily lives, and individuals and businesses choose to store the content of their communications,  such as voicemails, emails and documents, with third party service providers.

  • When accessed and  analysed,  the above mentioned seemingly innocuous transactional records about communications can collectively create a profile of individual’s private life, including medical conditions,  political and religious viewpoints and/or affiliation, interactions and interests, disclosing as much detail as, or even greater detail than would be discernible from the content of communications alone.

  • By combining these informations about relationships, location, identity and activity, agencies can track the movement of individuals and their activities across a range of different areas, from where they travel to where they study, what they read or whom they interact with.

  • In the 3 years that Google has been reporting the numbers of requests for communications data it receives, such requests have almost doubled, from 12,539 in the last 6 months of 2009, to 21,389 in the last 6 months of 2012.

  • Some of the systems implemented can detect the use of specific words and phrases, in order to censor or regulate their use, or identify the individuals using them. In countries with high levels of Internet penetration, Internet filtering reportedly enables the censorship of website content and communications and  facilitates  the surveillance of human rights defenders and activists.

  • Many countries are also conducting manual Internet filtering, by creating online police forces and inspectors in order to physically monitor the content of websites, social networks, blogs and other forms of media.  In some States, “cyber police forces” are tasked with inspecting and controlling the Internet, searching websites and critical nodes within websites (particularly online discussion forums) with a view to block or shut down websites whenever they contain content the Government disapproves of, including or criticism of the country’s leadership .

  • An interesting observation is that the burden of such policing is transferred to private intermediaries, such as search engines and social network platforms, through laws that widen liability for proscribed content from the original speaker to all intermediaries.

  • One of the most important advances facilitated by the advent of the Internet was the ability to anonymously access and impart information, and to communicate securely without having to be identified. Initially, this was possible given that there  was no “identity layer”  to the Internet;  originally,  it was not possible to know who was behind a specific communication, e-mail address, or even a given computer. However, in the name of security and law enforcement agencies have been eradicating  the opportunities for anonymous communication.

  • In many countries, individuals must identify themselves at cybercafés and have their transactions on public computers recorded. Increasingly, identification and registration  are  also required when buying a SIM card or mobile telephone device, for visiting certain major websites, or for making comments on media sites or blogs.

In a report published on June 7th, the International human rights organisation, Human Rights Watch had criticized the Indian Government for its CMS project.

“The Indian government’s centralized monitoring is chilling, given its reckless and irresponsible use of the sedition and Internet laws,” said Cynthia Wong, Senior Internet researcher at HRW.

It is high time the Indian Government asses these statements made by these organisations, and make sure that its citizens are not violated by such projects.

Recommended Read: Surprised Indian Government To Seek Details From US on Snooping Software: Report

Tools: Staying Anonymous Online: Screw You CMS, PRISM