UN report: Impact of state surveillance on privacy and freedom of expression

The following report was released in June by the U.N. Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression. For more information on the report, see Privacy International’s analysis of the document.
Modern surveillance technologies and arrangements that enable States to intrude into an individual’s private life threaten to blur the divide between the private and the public spheres. They facilitate invasive and arbitrary monitoring of individuals, who may not be able to even know they have been subjected to such surveillance, let alone challenge it. Technological advancements mean that the State’s effectiveness in conducting surveillance is no longer limited by scale or duration. Declining costs of technology and data storage have eradicated financial or practical disincentives to conducting surveillance. As such, the State now has a greater capability to conduct simultaneous, invasive, targeted and broad-scale surveillance than ever before.
States have access to a number of different techniques and technologies to conduct communications surveillance of a targeted individual’s private communications. Real-time interception capabilities allow States to listen to and record the phone calls of any individual using a fixed line or mobile telephone, through the use of interception capabilities for State surveillance that all communications networks are required to build into their systems. An individual’s location can be ascertained, and their text messages read and recorded. By placing a tap on an Internet cable relating to a certain location or person, State authorities can also monitor an individual’s online activity, including the websites he or she visits.
Access to the stored content of an individual’s e-mails and messages, in addition to other related communications data, can be obtained through Internet companies and service providers. The initiative of the European standards-setting authority, the European Telecommunications Standards Institute, to compel cloud providers to build “lawful interception capabilities” into cloud technology to enable State authorities to have direct access to content stored by these providers, including e-mails, messages and voicemails, raises concerns.
States can track the movements of specific mobile phones, identify all individuals with a mobile phone within a designated area, and intercept calls and text messages, through various methods. Some States use off-the-air mobile monitoring devices called International Mobile Subscriber Identity (IMSI) catchers, which can be installed in a location temporarily (such as at a protest or march) or permanently (such as at an airport or other border crossings). These catchers imitate a mobile phone tower by sending and responding to mobile phone signals in order to extract the unique subscriber identification module (SIM) card number of all mobile phones within a certain territory.
States are also increasingly acquiring software that can be used to infiltrate an individual’s computer, mobile phone or other digital device. Offensive intrusion software, including so-called “Trojans” (also known as spyware or malware), can be used to turn on the microphone or camera of a device, to track the activity conducted on the device, and to access, alter or delete any information stored on the device. Such software enables a State to have complete control of the device infiltrated, and is virtually undetectable.
http://info.publicintelligence.net/UN-StateSurveillancePrivacy.pdf