Jump to ContentJump to Main Navigation
Bulk CollectionSystematic Government Access to Private-Sector Data$

Fred H. Cate and James X. Dempsey

Print publication date: 2017

Print ISBN-13: 9780190685515

Published to Oxford Scholarship Online: October 2017

DOI: 10.1093/oso/9780190685515.001.0001

Show Summary Details
Page of

PRINTED FROM OXFORD SCHOLARSHIP ONLINE (www.oxfordscholarship.com). (c) Copyright Oxford University Press, 2019. All Rights Reserved. An individual user may print out a PDF of a single chapter of a monograph in OSO for personal use. date: 07 December 2019

(p.449) Index

(p.449) Index

Source:
Bulk Collection
Publisher:
Oxford University Press
accountability. See also oversight; redress; transparency
France, 311
government disclosure demands and, 307–23
independent oversight, 428–29
India, 262–63, 269, 271
recommendations for companies, 430–31
recommendations for governments, 428–30
transparency, 429–30
U.K., 318
U.S., 318–19
accountability and government disclosure demands, 307–23
abstract, 307
Article 29 Data Protection Working Party, 310, 316, 323
assessment of government access programs, 319, 322
assurance reviews and external verification, 322–23
corporate accountability and government access, tension between, 308–9
data protection guidelines, 310–12
demand vs. request, distinction, 308n1
EC Commission Implementing Decision, 319–20
ECtHR, assessment of government access programs, 319, 322
elements of corporate accountability, 314–15
European Telecommunications Standards Institute (ETSI), 315
external enforcement, 323
framework for information accountability, 309–12
Global Network Initiative (GNI), 312–13, 403–4, 430–31
government accountability, 315–20
government standards for access, 321
government transparency, call for increased, 317–18
how companies can remain accountable, 313–15
human rights institutions and, 321
individual participation, mechanisms for, 323
Madrid Resolution, 310
mapping framework, 321–23
national security context, accountability difficulties, 321–22
OECD Guidelines, 310–11
Office of the High Commissioner for Human Rights (OHCHR), 316–17, 358n5, 364–67, 374–79
oversight, key characteristics, 322–23
personal data processing, 312n8
principle of accountability, 310–11
privacy policies, 322
Privacy Shield, 53, 319–20, 323
reconciling accountability and, 312–13
remediations, 323
Schrems v. Data Protection Commissioner, 308–309
Snowden revelations, impact of, 317
(p.450)
stakeholders, 309
transparency, efforts to increase, 314–15
transparency reports, 314–15
upstreaming, 11, 308n2
Vodafone’s Law Enforcement Disclosure Report, 315
adversary principle, 391
American Convention on Human Rights (ACHR), 357n4, 361, 370, 371, 378
American Declaration of the Rights and Duties of Man, 360–61, 375, 378
ANATEL, Brazil, 9, 136
anti-money laundering
Australia, 232–34
Brazil, 138–39
China, 255–56
Italy, 123
Argentina
biometric data, 329, 340
human rights principles and privacy protections, 335
Internet penetration rate, 326n2
law and practice, disparity between, 340
Necessary and Proportionate Principles, 335
surveillance legislation, 327–29
Article 29 Data Protection Working Party, 310, 316, 323
Australia, 221–40
abstract, 221
Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act), 232–34
Australian Law Reform Commission (ALRC), 222–23
authorized disclosure, 229–30
authorizing, or restricting governmental access to data, 223–25
banking data and financial data, 232–34
biometric data, 224
broad reporting of personal data, requirement, 232–34
communications data, 229–31
computer, definition of, 228
constitutional rights, 221
cross-border and multi-jurisdictional issues, 237–40
Customs Act 1901, 234
data collection, 227
data retention, 231
disclosure, 223–25, 229–30
education/higher education reporting, 234
employment reporting, 234
enforcement related activity, defined, 226n28
human rights, 222
intelligence authorities, access for, 227–31
international funds transfer instruction (IFTI) Reports, 233
judicial authorization requirements, 236
law enforcement access, 225–32
national legal context and fundamental principles, 221–23
national security access for, 225, 229–32
oversight, 227–31
personal data, broad reporting by private-sector entities requirement, 232–34
privacy rights, 222–26, 234–38
sensitive information, defined, 224
Snowden’s revelations, impact on Australia, 239–40
statutory and regulatory overview, 223–40
surveillance, 226–28, 236, 239
suspicious matter reports (SMRs), 233
taxation reporting, 234
threshold transaction reports (TTR), 233
types of reports, 233
usage requirements, 236–37
voluntary broad access to data, 235–36
voluntary disclosure, 229
banking and financial data. See also anti-money laundering
Australia, 232–34
Brazil, 138–41
Canada, 148, 157, 163–64, 170
China, 252, 255–56
Israel, 109
Italy, 123
(p.451)
Japan, 278, 280
Republic of Korea, 298–300
banking laws, India, 262–63, 267
big data techniques, xxv
biometric data, 18n38, 109, 118–19, 224, 329, 340
BKA opinion (Federal Criminal Police Office), 73, 75–76
Brazil, 129–46
abstract, 129
ANATEL, 9, 136
authorizing, or restricting governmental access, implications, 131–33
banking and financial data, 138–41
Brazilian Civil Code, 134
broad reporting of personal data requirement, 140–41
business records, authorization requirements, 142
communications data, 134–36, 142
constitutional authority, 25
constitutional provisions, 131–33
content/non-content distinction, 28
cross-border and multi-jurisdictional issues, 143–44
data categories, 142
data protection, 29, 129, 131, 134–35, 144, 146
data retention and/or destruction, 29, 31, 142–43
disclosure limitations, 29
intelligence authorities, 139–40
judicial authorization, 129, 142, 144–45
law enforcement access, 134–35, 142
law enforcement and national security, 27, 140–41, 145
Marco Civil Law, 29, 129, 131, 134–35, 144, 146
MLATs, 144
money laundering, 138–39
national legal context and fundamental principles, 130–31
national security vs. law enforcement, 27
passenger records, 140–41
privacy rights, 131–33
registration data, authorization requirements, 142
regulation of government access, implications, 131–34
regulatory enforcement, 134–40
Secrecy of Financial Data Act, 138
statutory and regulatory overview, 131–44
statutory law, 134
surveillance, 136–37
“systematic volunteerism,” 20
telecommunications providers, 134–36
travel data, 140–41
usage standards, 29, 142–43
voluntary disclosure, 20, 141–42
warrants, collection of data without, 145
wiretaps, 136–37, 145
Breard v. City of Alexandria, 202
broad access, defined, 343–44
broad reporting of personal data, requirement
Australia, 232–34
Brazil, 140–41
Canada, 162–65
China, 255–57
India, 267–69
Budapest Convention, 120, 397
bulk collection programs
rejection of recommendations, 423
U.S. termination of, xxviii
bulk data collection vs. targeted data collection, xxix
bulk or mass surveillance, xxix
recent developments, 424–26
Snowden leaks, national and international reactions to, xxvii–xxviii, 429
targeted data collection vs. bulk data collection, xxix
business laws, Japan, 278, 282
business records, 23–24, 42, 142
Canada, 147–72
access to data, 167–68
accountability, 310, 314–15
Antiterrorism File, 155–56
broad reporting of personal data, requirements, 162–65
(p.452)
Charter of Rights and Freedoms, 149, 150, 158
communications data, 147–48, 151–52, 156–58, 160–62, 166
constitutional protections, 24, 147, 150–52
courts, role of, 167
cross-border and multi-jurisdictional issues, 168–69
CSIS Act, 159–60
data collection, 153, 170–71
data protection, 147–49
data retention or destruction, 29, 153, 167–68
disclosure, 29, 153, 310, 314–15
federal government institutions, regulation of, 152–53, 172
financial data, 148, 157, 163–64, 170
intelligence agencies, 158–60
judicial authorization, 167, 172
law enforcement access, 156–58
metadata collection, recent developments, 170–71
MLATs, 148
national legal context and fundamental principles, 149
national security, 155–56, 158–60, 162–65
oversight, 149, 158–59, 171–72
Personal Information and Protection of Electronic Documents Act (PIPEDA), 153–55, 165–66, 172
prior authorization requirement, 156–58
Privacy Act, 152–53, 172
privacy protections, 150–52
recent controversies, 169–71
regulation of federal government institutions, 152–53, 172
regulation of private sector organizations, 153–55, 165–66, 172
regulatory agencies, 160–62
rule of law, 149
statutory law, 152–55
surveillance, 150–52
telecommunications data, 160–62
third-party doctrine, 29
transparency, 166, 314–15
transparency reports, 314–15
travel data, 148, 164–65
usage limitations, 29, 153
usage standards, 167–68
voluntary broad access to data, 165–67
Carey v. Brown, 195n10, 203
China, 241–58
abstract, 241
accounting law, access to data, 249
Administration of Air Transport Itineraries/receipts of e-tickets (2008), 257
Administration of Business Sites of Internet Access Services 2002, 251–52
Administration of Entertainment Venues, reporting requirements, 257
Administration of Internet Culture (2011 revision), 253
Administration of Internet E-mail Services 2006, 252
Administration of Internet Publication 2002, 253
anti-money laundering laws, reporting requirements, 255–56
authorization or restriction of governmental access, 244–47
banking and financial data, 252, 255–56
broad reporting of personal data by private-sector entities, requirements, 255–57
bulk collection (systematic access), reasons for absence of, 249
Chinese Communist Party (CCP), 241–42
communications data, 243–44
constitutional authority, 25, 243–44
courts, role of, 258
Criminal Procedure Law of the People’s Republic of China (2012 revision), 246–47
cross-border and multi-jurisdictional issues, 258
data protection, lack of, 244
data retention, 30, 31, 248, 251–52
design mandates, 31
disclosure, 30, 244–58
(p.453)
e-government national informationization process, building of, 247–48
Electronic Bulletin Services in Internet 2000, 253
golden shield projects, 247
governmental boundaries, difficult to define, 244
human rights, 242–44
intelligence authorities, access for, 254–56
interim measures, 252, 257
interim provisions, 253
Internet Information Service of the People’s Republic of China (2000), 251
Internet-related laws, access to data, 250
Internet surveillance and filtering system, 244–47
law enforcement access, 247–55
Law of Guarding State Secrets (2010 revision), 246
legal system, historical background, 241–44
management provisions, 253
Measures for the Control of Security in the Hotel Industry 1987, 256–57
national legal context and fundamental principles, 241–44
national security access, 242, 247–55
oversight mechanisms, lack of, 30
personal data, broad reporting requirements, 255–57
privacy, right to, 243–44
Regulating the Market Order of Internet Information Services 2011, 254–55
rule of law, 242–43
State Security Law (1993), 245–46
statutory and regulatory overview, 244–58
“systematic volunteerism,” 20–21
tax laws, access to data, 249–50
Technical Measures for the Protection of the Security of the Internet 2005, 251
technology/business model neutrality, 28
third-party doctrine, 29
Trading of Commodities and Services through the Internet 2010, 252
travel data, 256–57
usage limitations, 30
usage standards, 258
voluntary broad access to data, permission or restriction of, 258
Clapper v. Amnesty International USA, 45n102, 202
cloud computing, Republic of Korea, 303
cloud services, Germany, 61, 86–87, 89
Colombia
human rights principles and privacy protections, 335
Internet penetration rate, 326n2
law and practice, disparity between, 338–39
Necessary and Proportionate Principles, 335
surveillance legislation, 329–31
Commission for Oversight of Intelligence Gathering Techniques (CNCTR)
France, 52–53, 55, 57, 58, 60
communication confirmation data, defined
Republic of Korea, 292n20
Communications Assistance for Law Enforcement Act (CALEA), 12n16, 410–12, 417–18
communications data. See also encryption; telecommunications data
Australia, 229–31
Brazil, 134–36, 142
bulk data collection and surveillance, recent developments, 424–26
China, 243–44
criminal investigations, 38–42
ECtHR, 34–36
France, 55
Germany, 42
Italy, 124
Japan, 278
methods of access, 415
Republic of Korea, 291–96
right to privacy, case law, 34–36, 359–74
Snowden revelations of systematic surveillance activities, 13–14
U.K., 18–19, 42
U.S., 179–89
Verizon, 10, 317–18
(p.454) communications data in criminal investigations, 38–42. See also wiretaps
banking and financial data, 41
business records, 41–42
government access to communications, 39
interception standards, 39–40
location data/tracking, 40–41
national security investigations, 39–40
oversight mechanisms, 40
real-time surveillance/interception of communications data in, 38
transactional data, 39
travel data, 41
constitutional authority and provisions
Australia, 221
Brazil, 25, 131–33
Canada, 24, 147, 150–52
China, 25, 243–44
Germany, 64–76
India, 25, 260
Israel, 24–25, 93–94
Italy, 111–13
Republic of Korea, 288, 294, 296
content/non-content distinction, 23, 28
contraception use records, 195n2, 196–197, 200
Counter-Terrorism Database opinion, 72–73
Court of Justice of the European Union (CJEU)
bulk surveillance, recent developments, 425
cases striking down or critical of surveillance, xxx–xxxi
data retention issue, xxxi–xxxii
EU Data Protection Directive (1995) invalidated by, 31, 373
courts, role of
Canada, 167
China, 258
Germany, 83
India, 269–70
Italy, 125–26
Republic of Korea, 301–2
credit reporting, 109, 125–26, 298–300. See also banking and financial data
criminal investigations, 38–42
data collection, France, 51–52
Republic of Korea, 291–92
right to privacy, international human rights instruments, 33–34
cross-border and multi-jurisdictional issues. See also mutual legal assistance treaties (MLATs)
Australia, 237–40, 239–40
Brazil, 143–44
Canada, 168–69
China, 258
country reports, common themes, 21
Germany, 84
India, 270–71
Japan, 282–83
Republic of Korea, 303
“crypto wars,” 412–13
customs authorities access to data, 52, 234
DARPA (U.S. Defense Advanced Research Projects Agency), 174–75, 191
data protection. See also privacy protections
Brazil, 29, 129, 131, 134–35, 144, 146
Canada, 147–49
China, 244
Germany, 76–77
guidelines for, 310–12
India, 264
Israel, 95–96
Italy, 113–25
Japan, 275, 278–83
Republic of Korea, 289, 290–92
data retention, 12
Australia, 231
Brazil, 29, 31, 142–43
business records, 24
business records, government access to, 24
Canada, 29, 153, 167–68
China, 30, 31, 248, 251–52 (p.455)
Court of Justice of the European Union (CJEU), xxxi–xxxii
European Data Retention Directive, invalidation of, 29, 31, 383–88
France, 58–59
Germany, 11, 31, 61, 70–72, 83–87
government access rules, 23–24
India, 29, 261–62, 265, 270, 271, 273
Investigatory Powers Act (U.K.), xxix
Israel, 29, 106–7
Italy, 120
Japan, 277–78, 283
limitations on, 23, 29–31
mandates, 23
oversight standards, 382–83
private sector data, 23
recent developments, 424
Republic of Korea, 29, 302
retrospective surveillance, 427
right to privacy, 366, 373–74, 377
systematic access to stored data, 12
U.S., 29
Data Retention opinion, 70–72
Data Screening opinion, 42, 64, 65n13, 68–69
demand vs. request, distinction, 308n1
derogation, defined, 357n4
design mandates, 23, 31
Digital Rights Ireland Ltd. v. Minister for Commc’ns, Marine & Natural Resources, xxx, 31n63, 56, 59, 71–72, 112n5, 120n40, 364n30, 364n34, 366n42, 372n75, 373, 376, 381–84, 382n2, 386n14, 387–88, 392, 425n5
disclosure, 23
Australia, 223–25, 229–30
automatic disclosure mandates, 24
Brazil, 29
business records, government access to, 24
Canada, 29, 153, 310, 314–15
China, 30, 244–58
India, 29, 260–61
Israel, 29
Republic of Korea, 29
U.K., 318
U.S., 29, 318–19
DNA data, 119, 212–13, 291, 301, 302, 363, 373
due diligence rules, India, 264–65
ECtHR, assessment of government access programs, 319, 322
education/higher education reporting, Australia, 234
Electronic Bulletin Services in Internet 2000
China, 253
Electronic Communications Privacy Act (ECPA), U.S., 28n53, 38–39, 41, 179–83, 187–89
electronic communications service, defined, 182n36
ELENA project, rejection of, 11, 82
email providers, shift to encryption, 414–15
Emmerson Report (UN General Assembly, Report of the Special Raporteur on the Promotion and Protection of Human Rights and Fundamental Freedoms while Countering Terrorism), 366, 371, 374
employment reporting, Australia, 234
encryption
email providers, shift to encryption, 414–15
France, 58
intercept before or after encryption, 416–17
MLATs, 398–99, 400
online communications services, recent developments, 425
strong encryption, 413–16
technology advancements, 413–16
Escher v. Brazil, 143, 360n13, 364n33, 366n41, 368n53, 370n66
EU Charter, 362, 363–64, 366, 371, 378
European Commission, Commission Implementing Decision, 319–20
European Convention on Human Rights, Article 8, 25, 33–37
European Court of Human Rights (ECtHR) (also known as Strasbourg Court), xxx, 34–37, 45, 367–70, 375–77
European Court of Justice (ECJ), 384–85
European Data Protection Supervisor (EDPS), 312 (p.456)
European Data Retention Directive, invalidation of, 29, 31, 70–72, 373, 383–88
European Telecommunications Standards Institute (ETSI), 315
European Union Parliament, 41n97
Federal Communications Commission v. Pacifica Foundation, 195n9, 203
Ferguson v. Charleston, 209
financial data. See banking and financial data
First Amendment, U.S., 132n8, 193, 194, 196, 199, 201–5
FISA Amendments Act of 2008 (FAA), Section 702, 14–15
FISA Amendments Act (U.S.), 14, 181
FISA Court, 80, 179–80, 186, 391, 424n3
FISA Court, appointment of independent advocate, 424n3
FISA (U.S. Foreign Intelligence Surveillance Act), 27, 179, 186
foreign electronic surveillance, regulation of, 349–54
foreign surveillance, defined, 350n1
Fourteenth Amendment, U.S., 197
Fourth Amendment, U.S., 28, 177–78, 183, 189, 193–94, 197, 200, 205–13, 216–18
France, 49–60
abstract, 49
accountability and government disclosure demands, 311
authority/power to collect data, 49–50
black box provisions, untargeted analysis of metadata, 55–57
bulk collection (systematic access), 49–60
Commission for Oversight of Intelligence Gathering Techniques (CNCTR), 52–53, 55, 57, 58, 60
communications data, 55
computer systems hacking, 58
criminal investigations, data collection, 51–52
customs authorities, access by, 52
data retention, 58–59
encryption and decrypting information, 58
“fundamental interests of the nation,” 54
human rights and right to privacy, 50
identification data retention, 58–59
intelligence authorities, access by, 52–60
interception of the content of communications, 55
“international communications,” collection of data relating to, 57
judicial authorization, 49–50, 60
metadata, access to, 55
national security, access for intelligence authorities regarding, 52–58
oversight, 52–58, 60
proportionality test, 50, 54, 56, 59–60
radio transmissions, general monitoring of, 54
real-time interceptions of data, 49, 51, 55, 59
statutory and regulatory review, 52–58
surveillance, 52–57
tax violations, data access by customs authorities, 52
terrorist attacks, 50, 52
terrorist threats, 53–57, 59
traffic data retention, 58–59
freedom of expression and opinion
American Convention on Human Rights (ACHR), 378
American Declaration of the Rights and Duties of Man, 378
derogation, defined, 357n4
discrimination in respect of treaty rights, 379
ECtHR, 375–77
effect of mass surveillance on, 377–78
EU Charter, 378
freedoms of expression, religion, assembly, and association, 374–78
International Covenant on Civil and Political Rights (ICCPR), 378
La Rue Report, 363–64
remedies and freedom from discrimination of, 378–79
right to a remedy for violations of the foregoing rights, 378–79
(p.457)
Freedom of Information Act (FOIA), exemptions, 213–15
Frisby v. Schultz, 195n10, 203
General Security Service Act, Israel, 103–6
Germany, 61–90
abstract, 61
“Anti-Terror File,” 77–79
Automatic Number Plate Recognition (ANPR) opinion, 69–70, 72
Basic Law provisions, 61–62, 64–66, 71, 73–74, 84
basic organizational concepts, 77–79
BKA opinion, 73, 75–76
business records, communications data in criminal investigations, 42
cloud services, 61, 85–86, 87, 89
communications data, 42
constitutional law provisions, 64–76
“core area of life formation” protections, acoustic wiretaps within residences, 64–65, 74–76
Counter-Terrorism Database opinion, 72–73
courts, role of, 83
cross-border and multi-jurisdictional issues, 84
data mining, police, 42, 61, 68–69, 72–73
data protection, 76–77
data retention, 11, 31, 61, 70–72, 82–87
Data Retention opinion, 70–72
Data Screening opinion, 42, 64, 65n13, 68–69
data trustees, 86
Digital Rights Ireland decision, 31n63, 56, 59, 71–72, 382n2
domestic law enforcement agencies, 81–82
ECtHR, right to privacy, 34–36
ELENA project, rejection of, 11, 82
EU’s Data Retention Directive, 70–72, 83
expanded access, rejected proposals for, 11, 82
G-10 Act, strategic surveillance, 18–19, 34–36
G-10 opinion (1999), 66–68, 79, 84
Great Eavesdropping opinion, 65n14, 74, 79
human rights, right to privacy, 34–36
intelligence agencies, 79–81
intelligence authorities, access for, 89
law, generally, 64–77
law enforcement, regulatory, and national security access, 77–82
militant democracy, 63
national legal context and fundamental principles, 61–64
national security access, 77–82
NSA and BND collaboration, 87–89
Online Search opinion, 65n10
oversight mechanisms, 30
Preventive Telecommunications Surveillance opinion, 65n14, 74–75, 79
privacy protections, 62–63, 76–77
privacy rights, 34–36, 61–62
protecting the home, 74–76
radio-cell inquiries, 81–82
recent controversies, 85–90
rule of law concept, 61
Snowden revelations, opinions on, 63–64, 90
statutory law, 76–77
strategic searches, 61, 65
surveillance, strategic, 34–36, 79–80
technology/business model neutrality, 28
Telecommunications Act, amendment of, 70–72
terrorism, 72–79
voluntary access to data, 82
wiretaps, 64–65, 74–76
Global Network Initiative (GNI), 312–13, 403–4, 430–31
implementation guidelines, 430–31
MLATs, 403–4
golden shield projects, China, 247
government access, recommendations for, 427–30
government disclosure demands, corporate accountability and. See accountability and government disclosure demands (p.458)
governments, recommendations for, 427–30
GPS tracking, surveillance, 425
Great Eavesdropping opinion, 65n14, 74, 79
Griswold v. Connecticut, 195n2, 196–197, 200
human rights. See right to privacy
Human Rights Council, Report of UN Special Rapporteur on Promotion and Protection of the Right to Freedom of Opinion and Expression (La Rue Report), 363–64
human rights institutions, 321
human rights principles and privacy protections in Latin America, 325, 335–38
background, 325–26, 335
policy suggestions, 341
Tshwane Principles on National Security and the Right to Information, 336, 376n100
India, 259–74
abstract, 259–60
accountability, 262–63, 269, 271
banking laws, 262–63, 267
Blackberry, 271–72
broad disclosure of personal information, requirements, 267–69
categories of data, 269–70
CCTV, 261, 273
Central Monitoring System (CMS), 9, 271
communications law, 265–66
constitutional authority, 25, 260
content/non-content distinction, 28
corruption, 272–73
courts, role of, 269–70
cross-border and multi-jurisdictional issues, 270–71
cyber café rules, 265
data protection rules, 264
data retention, 29, 261–62, 265, 270, 271, 273
design mandates, 31
disclosure limitations, 29, 260–61
health law, 263
health legislation, 268–69
Information Technology Act of 2008, 30, 265–66, 270
intelligence authorities, 259, 272
Internet law, 264–65
Internet service providers and telecommunications policy, 267–68
judicial system, 260, 266
law enforcement, access for, 264–67
liability and due diligence rules, intermediary, 264–65
National Intelligence Grid (NATGRID), 272
national legal context and fundamental principles, 260–61
national security, access for, 264–67
Naz Foundation case, 260
oversight mechanisms, 30
personal information, broad disclosure requirements, 267–69
privacy rights, 260–61
PUCL v. Union of India, 269–70
recent controversies and issues, 271–73
search and seizure law, 262
securities law, 263
security practices, reasonable, 264
sensitive personal information rules, 264
statutory and regulatory overview, 261–63
statutory authority, 25–26
surveillance, 260–61, 269, 273–74
systematic access, 261–62
terrorist legislation, 266–67
transparency, 262–63, 269–73
usage standards, 29, 270
intelligence authorities, access for. See also national security, access for
Australia, 227–31
Brazil, 139–40
Canada, 158–60
China, 254–56
France, 52–60
Germany, 79–81, 89
India, 259, 272
Italy, 123
Japan, 280–81
Republic of Korea, 293–96
(p.459)
intelligence services, independent oversight standard, 388–90
Inter-American Commission on Human Rights (IACHR), 360–61, 363
Inter-American Court of Human Rights (IACtHR), 360, 364, 366–70
Interception Law of 1999, Japan, 281–82
International Covenant on Civil and Political Rights (ICCPR), 317, 357–58, 361, 363, 365–66, 374, 378
Internet
globalized Internet services, challenges presented by, 43–44
governance issues, MLATs, 399
Internet service providers (ISPs)
bulk collection, recommendations, 425
India, 267–68
Republic of Korea, 287–88, 293–95, 300–301
Snowden revelations of systematic surveillance activities, 14–15
Investigatory Powers Act, U.K., xxix, xxxi–xxxii, 18–19
Israel, 91–110
abstract, 91
Basic Law, Section 7 (text of), 93
biometric data, 109
communications data, 96–97, 100–109
constitutional authority, 24–25
constitutional right to privacy, 93–94
credit reporting database, 109
data protection statute, 95–96
data retention, 29, 106–7
disclosure limitations, 29
General Security Service Act, 103–6
government access, 96–109
human dignity and freedom, 93
human rights, right to privacy, 93–96
human rights observations, 92
judicial oversight, 100, 106, 108
law enforcement, data transfers, 107–8
law enforcement access to, 100–103
national legal context and fundamental principles, 91–92
national security, access for, 91–92, 96–109
oversight, 98, 100, 105, 106, 108–9
Privacy Protection Act (PPA), 94–96
privacy rights, 93–96
rule of law, 92
statutory authority, 26–27, 93
statutory right to privacy, 94–96
surveillance, 96–97
transparency, 94, 95, 99, 105
usage limitations, 29
wiretaps, 97–100
Issakov Inbar v. State of Israel, 94
Italy, 111–26
abstract, 111
anti-money laundering legislation, 123
banking and financial data, 123
biometric data, 118–19
cell phones, 124
constitutional rights, 111–13
courts, role of, 125–26
Data Protection Authority (Garante), 115–19, 122–25
Data Protection Code of 2003, 113–21
data retention, 120
debit and credit records of condo tenants, 125–26
DNA data, 119
freezing orders, 120–21
hotel clients, personal data, 123–24
insurance frauds, 124–25
intelligence authorities, access to, 123
interceptions, 121
judicial authorization, 125–26
law enforcement, access for, 118–21
legal system, historical background, 111–13
national legal context and fundamental principles, 111–13
national security, access for, 121–22
oversight, 115–19, 122–25
personal data, broad reporting requirement, 122–25
personal data processing, 118–20
privacy protections, 111–13, 115n15
processing of personal data in judicial sector, 117
proportionality, 116
Redditometro regulation, 125–26
sensitive data, defined, 115n15
(p.460)
statutory and regulatory overview, 112, 113–16, 122–25
Strasbourg Convention, 112–13
tax laws, 122–23
Treaty of Prüm, 119
Japan, 275–85
abstract, 275
accountability, redress for violations of established standards, 278–79
banking data and financial data, 278, 280
bulk collection (systematic access), 275–85
business laws, 278, 282
collection requirement, purpose of, 279
communications data, protection of, 278
content/non-content distinction, 28
cross-border and multi-jurisdictional issues, 282–83
data collection limitations, 277–78
data protection, 275, 278–83
data retention, 277–78, 283
intelligence agencies, access for, 280–81
Interception Law of 1999, 281–82
law enforcement, access to, 280–81
legal system, historical background, 275–77
national legal context and fundamental principles, 275–77
on-demand reports, 283
oversight, 278–80, 283
Personal Information Protection Law of 2003, 275–80, 283–85
privacy, invasion of, 275–80
recent controversies and/or pending unresolved issues, 282–83
residents, types of unique IDs for, 283
statutory and regulatory overview, 277–82
tax collection cases, 280
terrorism threats, 281
third-parties, 279
transparency, 283
judicial authorization
Australia, 236
Brazil, 129, 142, 144–45
Canada, 167, 172
France, 49–50, 60
Italy, 117, 125–26
Republic of Korea, 293, 301–2
Katz v. United States, 177, 195n1, 205–206, 210–211, 216n147
Kennedy v. United Kingdom, 368n51, 369, 372n75, 373
Klass v. Germany, 33n72, 36, 356n2, 365, 369n55, 369n56, 370, 372
Kovacs v. Cooper, 202
La Rue Report (Human Rights Council, Report of UN Special Rapporteur on Promotion and Protection of the Right to Freedom of Opinion and Expression), 363–64
Latin America, 325–41
abstract, 325
Argentina, 327–29, 335
background, 325–26
Colombia, 329–31, 335
commonalities, 327, 340
government surveillance regulation, 327–34
human rights principles and privacy protections, 335–38
Internet penetration rate, 326n2
law and practice, disparity between, 338–40
Manila Principles on Intermediary Liability, 337
Necessary and Proportionate Principles, 335–36
OAS Inter-American Juridical Committee Principles, 337–38
policy suggestions, 340–41
surveillance legislation, 327–34
Tshwane Principles, 336, 376n100
law enforcement, access for
Australia, 225–32
(p.461)
Canada, 156–58
China, 247–55
Germany, 77–82
India, 264–67
Italy, 118–21
Japan, 280–81
MLATs, U.S. goals, 400–401
Republic of Korea, 292, 293–98
U.S., 173–91
law enforcement vs. national security, 27
laws for systematic access, evaluation factors, 37–38
Lenz v. Universal Music Corp., 301
liability and due diligence rules, India, 264–65
Madrid Resolution, 310
Malone v. United Kingdom, 33n73, 364n33, 368n52, 368n54
Manila Principles on Intermediary Liability, 337
Marco Civil Law, Brazil, 29, 129, 131, 134–35, 144, 146
Maryland v. King, 212–13
mass surveillance, defined, 357n3
Mexico
human rights principles and privacy protections, 335–36
Internet penetration rate, 326n2
law and practice, disparity between, 339
Necessary and Proportionate Principles, 335–36
surveillance legislation, 331–33
Microsoft Corp. v. United States, 87
militant democracy, Germany, 63
money laundering. See anti-money laundering
Movement for Freedom of Information v. Ministry of Communications, 107–8
mutual legal assistance treaties (MLATs), 144, 148, 395–407
MYSTIC program (U.S.), 11
NAACP v. Alabama, 195n6, 201
National Intelligence Grid (NATGRID) (India), 272
national legal context and fundamental principles, 18–19
Australia, 221–23
Canada, 149
China, 241–44
Germany, 61–64
India, 260–61
Israel, 91–92
Italy, 111–13
Japan, 275–77
Republic of Korea, 288–89
national security, access for. See also intelligence authorities, access for
accountability and government disclosure demands, 321–22
Australia, 225, 229–32
Brazil, 27, 130–31
China, 242, 247–55
common themes from the country reports, 18–20
criminal investigations, 39–40
declining “wall” between national security and other uses, pre and post 9/11 policies, 20
France, 52–58
Germany, 77–82
government access rules, 27
India, 264–67
Israel, 91–92, 96–109
Italy, 121–22
law enforcement, 19–20
law enforcement vs. national security, 27
national laws, significant commonality across, 18–19
national security legal authorities, post-9/11 increase in power of, 44–46
Republic of Korea, 293–98
U.K., 39
U.S., 173–91
National Security Agency (NSA) (U.S.), 8, 13–14, 15, 176, 180–81, 186. See also Snowden revelations of systematic surveillance activities
National Security Letter (NSL) (U.S.), 178n18, 184–86, 189–90, 424n2
Naz Foundation case, 260 (p.462)
necessity or non-arbitrariness of right to privacy, 35, 371–74
Netherlands, 386–87
OAS Inter-American Juridical Committee Principles, 337–38
OECD Guidelines, 310–11
Office of International Affairs (OIA), 396, 398, 400–401, 405
Office of the High Commissioner for Human Rights (OHCHR), 316–17, 358n5, 364–67, 374–79
Olmstead v. United States, 205–6
on-demand reports, Japan, 283
Online Search opinion, 65n10
overseas transfer of data. See cross border and multi-jurisdictional issues
oversight, 23. See also accountability
Argentina, 328–29
Australia, 227–31
business records, 24
China, 30
Colombia, 329–30
communications data in criminal investigations, 40
data retention, 382–83
France, 52–58, 60
generally, xxx
Germany, 30
government access rules, 30
independent oversight standards, 388–92
India, 30
Israel, 98, 100, 105, 106, 108–9
Japan, 278–80, 283
privacy rights, 369–71
Republic of Korea, 302
standards generally, 381–93
U.S., 30, 180–86, 189
oversight, application elements of, 343–48
abstract, 343
analysis, 343–48
broad access, defined, 343–44
impact assessment framework, 344–45
key characteristics, 322–23
new technologies and big data analytics, impact on profiling, 346
People v. Weaver, 346
surveillance laws, international implications, 347–48
types of investigations and level of oversight, 346–47
USA PATRIOT Act, Section 215, 344–45
oversight standards, 381–93
abstract, 381
analysis, 392–93
case law, 382–83
data retention, 382–83
European Data Retention Directive, invalidation of, 383–88
independent oversight standards, 388–92
key characteristics, 322–23
passenger records, 41n97, 140–41, 298–300
Pen/Trap statute (U.S.), 187–89
People’s Republic of China. See China
People v. Weaver, 346
Peru
human rights principles and privacy protections, 335–36
Internet penetration rate, 326n2
law and practice, disparity between, 339–40
Necessary and Proportionate Principles, 335–36
surveillance legislation, 333–34
Plonit v. National Rabbinical Court, 93–94, 96n27
post-9/11 law enforcement (U.S.), 173, 174–75, 189–91
Presidential Policy Directive 28 (U.S.), 318–19
Preventive Telecommunications Surveillance opinion, 65n14, 74–75, 79
PRISM Data Collection Program, 14, 40, 46
Privacy Bridges project, 425–26
privacy protections. See also data protection (p.463)
Australia, 222–26, 234–38
Brazil, 131–33
Canada, 150–53, 172
Court of Justice of the European Union (CJEU), xxx–xxxi, 373–74
DNA data, 212–13, 363
France, 50
India, 260–61
Israel, 92–96
Japan, 275–80
Latin America, 335–38
Republic of Korea, 288–89, 291
Privacy Shield (U.S.), 53, 319–20, 323
proportionality. See also disclosure; usage limitations; usage standards
concept of, 428
disclosure limitations, 428
human rights and, xxvi
Italy, 116
proportionality test, France, 50, 54, 56, 59–60
Protect America Act of 2007, 181
published law and practice of law, inconsistency, 19
PUCL v. Union of India, 269–70
purpose and necessity test, ECtHR, 35
radio transmissions, general monitoring
France, 54
Rami Mor v. Barak ETC, 94
“real-time” communications content, U.S., 179–82
real-time interceptions of data, France, 49, 51, 55, 59
“real time” non-content communications data, U.S., 187–89
Redditometro regulation (Italy), 125–26
redress. See also accountability
business records, government access to, 24
independent oversight standards, 390–91
Japan, established standards for violations, 278–79
for violations of established standards, 428, 429
registration data, authorization requirements
Brazil, 142
remediation
accountability and government disclosure demands, 323
remote computing service, defined
U.S., 182n37
Republic of Korea, 287–303
abstract, 287
Act on Personal Information Protection of Public Agencies (APIPPA), 288
banking and financial data, 298–300
broad voluntary access to data, 294, 300–301
cloud computing, 303
communication confirmation data, defined, 292n20
communications data, 291–96
constitutional rights, 288, 294, 296
Criminal Procedure Act, 291–92
cross-border and multi-jurisdictional issues, 303
current legislative issues, 303
data protection, 289, 290–92
data retention and deletion, 29, 302
disclosure limitations, 29
DNA data, 291, 301, 302
electronic data, search and seizure of, 292
intelligence authorities, access for, 293–96
Internet service providers, 287–88, 293–95, 300–301
judicial authority, role of the courts, 293, 301–2
law enforcement access, 292, 293–98, 301
legal system, historical background, 288–89
Lenz v. Universal Music Corp., 301
national legal context and fundamental principles, 288–89
national security access, 293–98
oversight, 302
(p.464)
Personal Information Protection Act (PIPA), 289, 290–91, 303
privacy protections, 288–89
sensitive information, defined, 291
statutory overview and analysis, 290–303
Telecommunications Business Act (TBA), 291, 293
terrorism, 294–95
transparency, 302
travel data, passenger records, 298–300
usage limitations, 29
usage standards, 302
use, retention, disclosure limits, 29
voluntary access to data, 294, 300–301
warrants, 291–92
wiretaps, 295–96
requests for data, cross border. See also cross-border and multi-jurisdictional issues
MLATs, 395–407
Privacy Bridges project, 425–26
request vs. demand, distinction, 308n1
retention of data. See data retention
right to privacy, 359–74. See also privacy protections
American Convention on Human Rights (ACHR), 357n4, 361, 370, 371
American Declaration of the Rights and Duties of Man, 360–61, 375, 378
communications data, case law, 34–36, 359–74
Court of Justice of the European Union (CJEU), xxx–xxxi, 373–74
data retention mandates, 366, 373–74, 377
Emmerson report, 366, 371, 374
EU Charter, 362, 363–64, 366, 371
European Convention on Human Rights, Article 8, 25, 33–37
human rights instruments, 33–34, 360–62
Inter-American Commission on Human Rights (IACHR), 360–61, 363
Inter-American Court of Human Rights (IACtHR), 360, 364, 366–70
interference, 365–74
International Covenant on Civil and Political Rights (ICCPR), 317, 357–58, 361, 363, 365–66, 374
La Rue Report, 363–64
metadata, 364
necessity, xxvi, 35, 371–74
Office of the High Commissioner for Human Rights (OHCHR), 358n5, 364–67, 374–79
principles of privacy, xxx–xxxi
remedies and freedom from discrimination of, 378–79
scope, 363–65
surveillance, xxx–xxxi, 25, 33–37, 367–69
UN Human Rights Committee (HRC), 359, 367
Universal Declaration of Human Rights (UDHR), 360–61
UN Special Rapporteur, 363
violation determinations, 362
Riley v. California, 211, 212, 218, 425n6
Roe v. Wade, 195n3, 197–199, 215n144
Rowan v. U.S. Post Office, 195n8, 202–203
rule of law
Canada, 149
China, 242–43
Germany, 61
Israel, 92
principles of, 32
Russia
S. & Marper v. United Kingdom, 18n38, 364n30, 366n41, 373, 425n5
same-sex relationships and marriage, 199, 215n146
Schacter v. Whalen, 200n36, 201n37, 204
Schrems v. Data Protection Commissioner, xxx, 56, 57, 112n5, 308–309, 364n34, 366n42, 374n87, 383n5, 396n2, 398n9, 399n9, 430
search and seizure law, India, 262
Secretary of State for the Home Dep’t v. Tom Watson, xxxi–xxxii, 59n52, 359n10, 372, 373n86 (p.465)
secret surveillance, 45–46
securities law, India, 263
sensitive information, defined
Australia, 224
India, 264
Italy, 115n15
Republic of Korea, 291
service providers. See Internet service providers (ISPs)
Smith v. Maryland, 28n54, 178, 188, 206n85, 209, 212–213, 216n149, 365n36
Snowden revelations of systematic surveillance activities, xxvii–xxviii, xxix, 13–16
Australia, impact on, 239–40
criticism of telephone metadata program disclosed by Snowden, 429
Germany’s differing opinions on, 63–64, 90
USA PATRIOT Act, Section 215, 13–14, 429–30
Sorrell v. IMS Health Inc., 204–5, 216
South Korea. See Republic of Korea
Spencer decision, 150n14, 151n16, 157, 166, 170
Stanley v. Georgia, 195n7, 201–202
statutory and regulatory analysis
Australia, 223–40
Brazil, 131–44
Canada, 152–55
China, 244–58
France, 52–58
Germany, 76–77
Israel, 26–27, 93
Italy, 112, 113–25
Japan, 277–82
Republic of Korea, 290–303
U.S., 178–91
stored communications content, U.S., 182–83
Strasbourg Convention, 112–13
strong encryption, U.S., 413–16
surveillance
Argentina, 327–29
Australia, 226–28, 236, 239
Canada, 150–52
Colombia, 329–31
effect on freedom of expression and opinion, 377–78
foreign electronic surveillance, regulation of, 349–54
France, 52–57
Germany, strategic surveillance, 34–36, 79–80
impact of changing technology on, 409–10
Israel, 96–97
legislation in Latin America, 325–26, 326n2, 327–34, 340–41
Mexico, 331–33
Peru, 333–34
right to privacy and, xxx–xxxi, 25, 33–37, 45, 367–69
U.S., 14, 27, 80, 179–81, 186, 391, 424n3
systematic surveillance activities, revelations of, 13–16
“systematic volunteerism,” 20–21
systemic access, definition of, xxvi–xxvii
Szabó & Vissy v. Hungary, xxx, 356n2, 369n57, 370n63, 370n65, 373, 383n7, 427n9
targeted data collection vs. bulk data collection, xxix, 23
taxation reporting, 234
tax laws, 122–23, 249–50
tax violations, 52, 280
technological developments, challenges presented by, 43
technology advancements, 409–20
abstract, 409–10
access after the fact, in stored form, often in the cloud, 418–19
architectural rule, 417–18
assure access in unencrypted form, 417–18
break encryption in transit, 415–16
CALEA, 417–18
cloud providers, focus on, 415–19
(p.466)
cloud storage, access after the fact, 418–19
communications data, methods of access, 415
“crypto wars,” 412–13
encryption, 413–17
“haves” and “have nots,” 409, 416, 419
intercept before or after encryption, 416–17
landline calls, 417–18
surveillance access, changing technology and impact on, 409–10
technology trends, 415–19
wiretaps, 410–13, 417, 419
technology/business model neutrality, 23, 28
technology trends
access after the fact, cloud storage, 418–19
architectural rule, 417–18
assure access in unencrypted form, 417–18
break encryption in transit, 415–16
CALEA, 417–18
cloud providers, focus on, 415–19
cloud storage, access after the fact, 418–19
“haves” and “have nots,” 409, 416, 419
intercept before or after encryption, 416–17
landline calls, 417–18
Tele2 Sverige AB v. Postoch telestyrelsen, xxxi–xxxii, 59n52, 359n10, 372, 373n86
telecommunications data. See also communications data
Brazil, 134–36
Canada, 160–62
Germany, 70–72
Israel, 96–97
Republic of Korea, 291, 293
terrorism
Australia, 232–34
France, 50, 52, 53–57, 59
Germany, 72–73, 75–79
India, 266–67
Japan, 281
Republic of Korea, 294–95
U.K., 42
third-party disclosures, 23, 28–29, 177–89, 208–10, 217–18, 279
traffic data retention, France, 58–59
trans-border access and sharing. See cross-border and multi-jurisdictional issues
transborder sharing of electronic evidence. See mutual legal assistance treaties (MLATs)
trans-border surveillance, challenges and policy implications of, 43–44
transparency. See also accountability
accountability, 429–30
assessment difficulties, 17–18
business records, government access to, 24
Canada, 166, 314–15
of country reports, common themes, 17–18
efforts to increase, 314–15
generally, xxvi
government, call for increased transparency, 317–18
Israel, 94, 95, 99, 105
Japan, 283
positive developments, xxix
recommendations for companies, 431
Republic of Korea, 302
U.K., 318
U.S., 176, 181, 314
transparency reports, Canada, 314–15
trust, recommendations for companies, 430–31
Tshwane Principles on National Security and the Right to Information, 336, 376n100
UN General Assembly, Report of the Special Raporteur on the Promotion and Protection of Human Rights and Fundamental Freedoms while Countering Terrorism (Emmerson report), 366, 371, 374 (p.467)
UN Human Rights Committee (HRC), 359, 367
United Kingdom (U.K.), 7n1
accountability, 318
business records, Counter-Terrorism Act, Section 19, 42
communications data, 18–19, 42
content vs. non-content distinction, 28
design mandates, 31
disclosure, 318
European Data Retention Directive, invalidation of, 385, 387–88
Investigatory Powers Act, xxix, xxxi–xxxii, 18–19
national laws, 2016 update, 7n1
national security investigations, 39
Snowden revelations of systematic surveillance activities, xxix, 15
systematic access, assessment difficulties, 17
TEMPORA (U.K.), 15
transactional data, 39
trans-border access and sharing, 21
transparency, 318
United States (U.S.), 173–91. See also United States Supreme Court and information privacy
abstract, 173–74
accountability, 318–19
bulk collection programs, termination of, xxviii
bulk surveillance, recent developments, 424–26
communications data, 12n16, 28n53, 179–89, 410–12, 417–18
constitutional authority, 24–25
constitutional rights, 28, 177–78, 183, 189, 193–94, 197
data retention limitations, 29
disclosure, 29, 318–19
DOJ IG Reports, FBI abuses of NSL authorizations, 184–86
DOJ Manual of Searching and Seizing Computers, 187–88
Electronic Communications Privacy Act (ECPA), 28n53, 38–39, 41, 179–89, 185–86
electronic communications service, defined, 182n36
financial data privacy, 170, 176n6, 189–90
FISA Amendments Act, 14, 181
FISA Court, 80, 179–80, 186, 391, 424n3
FISA (U.S. Foreign Intelligence Surveillance Act), 27, 179, 186
Fourth Amendment, 28, 177–78, 183, 189, 193–94, 197, 200
law enforcement, access for, 173–91
law enforcement vs. national security, 27
legislation opposing bulk collection, recent developments, 424–25
MLATs goals, 400–402
MYSTIC program, 11
national security, access for, 173–91
National Security Letter (NSL), 178n18, 184–86, 189–90, 424n2
non-content communications data, 183–89
oversight, 30, 180–86, 189
passenger name record agreement (PNR), U.S. and European Union Parliament, 41n97
Pen/Trap statute, 187–89
post-9/11 law enforcement, 173, 174–75, 189–91
Presidential Policy Directive 28, 318–19
Privacy Shield, 53, 319–20, 323
Protect America Act of 2007, 181
“real-time” communications content, 179–82
“real time” non-content communications data, 187–89
regulation of third-party disclosures, 178–89
remote computing service, defined, 182n37
Snowden revelations, response to, xxix
(p.468)
statutory overview and analysis, 178–91
stored communications content, 182–83
strong encryption, 413–16
surveillance, 14, 27, 80, 179–81, 186, 391, 424n3
systematic access, assessment difficulties, 17–18
“systematic volunteerism,” discouraged, 21
technology/business model neutrality, 28
Terrorism Information Awareness Program (TIA), 174–75, 191
Terrorist Surveillance Program, 180–81
third-party doctrine, generally, 28–29, 177–78
trans-border access and sharing, 21
transparency, 176, 181, 314
travel data, 41n97
U.S. Defense Advanced Research Projects Agency (DARPA), 174–75, 191
U.S. Privacy and Civil Liberties Oversight Board (PCLOB), 15n27, 40n93, 176n8, 181, 187, 391n26
usage limitations, 29
wiretaps, 179–82
United States v. Jones, 40–41, 177, 210n119, 218, 346n5, 425n6
United States v. Miller, 28n54, 177–178, 208–210, 216n149, 217–218
United States Supreme Court and information privacy, 193–218
abortion, 195n3, 197–199, 215n144
abstract, 193–94
assessment of, 215–18
Bill of Rights, 196–97
common law privacy, 195n11
constitutional sources of privacy right, 196–213
contraception, use of, 195n2, 196–197, 200
First Amendment, 132n8, 193, 194, 196, 199, 201–5
Fourth Amendment, 200, 205–13, 216–18
Fourteenth Amendment, due process clause, 197
Freedom of Information Act (FOIA), exemptions, 213–15
fundamental rights of personal decision-making, 196–99
opinions involving privacy rights, statistics on, 194–95
personal matters, protection against government disclosure of, 200–201
privacy rights, 28, 177–78, 183, 189, 193–94, 197, 200, 215–18
same-sex relationships and marriage, 199, 215n146
United States v. Warshak, 28n55, 183, 396n3
United States v. Wurie, 211, 212
United States Dep’t of Defense v. Federal Labor Relations Auth., 214
United States Dep’t of Justice v. Reporters Comm. for Freedom of Press, 214–15
Universal Declaration of Human Rights (UDHR), 360–61
upstreaming, 11, 308n2
U.S. Defense Advanced Research Projects Agency (DARPA), 174–75, 191
U.S. Privacy and Civil Liberties Oversight Board (PCLOB), 15n27, 40n93, 176n8, 181, 187, 391n26
USA FREEDOM Act, xxviii, 14, 28, 346n6, 391n26, 424n2
usage limitations, 23
business records, government access to, 24
Canada, 29, 153
China, 30
governments use of, 12–13
Israel, 29
Republic of Korea, 29
U.S., 29
usage standards
Australia, 236–37
Brazil, 29, 142–43
Canada, 167–68
China, 258
India, 29, 270
Republic of Korea, 302
USA PATRIOT Act, Section 215, 13–14, 186–87, 188, 344–45, 429–30
Utah v. Strieff, 207n98, 207n100, 212 (p.469)
Verizon, 10, 317–18
voluntary broad access to data
Australia, 235–36
Canada, 165–67
China, 258
Germany, 82
Republic of Korea, 294, 300–301
voluntary disclosure, 20–21, 141–42, 229
Weber & Saravia v. Germany, 34–36, 365n39, 366n41, 372, 375–376
Whalen v. Roe, 195n5, 200–201, 216
Whole Woman’s Health v. Hellerstedt, 198, 199, 215
wiretaps
Brazil, 136–37, 145
CALEA, 410–12
changing technology and government access, 410–13
Germany, 64–65, 74–76
historical background of technology, 410–13
Israel, 97–100
Republic of Korea, 295–96
technology advancements, 410–13, 417, 419
U.S., 179–82
wiretap-ready, 417, 419
Zakharov v. Russia, xxx, 34n76, 36, 112n5, 365–66, 368n51, 368n52, 368n54, 370n62, 372n75, 373, 383n7