Order the spring issue here

Norwegians' communications must be mass-stored

There is an uproar over the introduction of the most comprehensive surveillance method Norway has seen.

This article is machine translated by Google from Norwegian

If the proposal for a so-called «digital border defense» is adopted, the E-service will be able to store large parts of Norwegians' communication and internet use. In recent months, the report issued by the Lysne Committee II on so-called "digital border defense" (DGF) has been subject to consultation. The committee's recommendation is that the Intelligence Service should tap all information from the fiber cables that carry internet traffic in and out of the country, and store it for up to 18 months. The purpose will be to detect and stop digital attacks on Norwegian targets, and to expose Norwegian cells of international terrorist networks. While Ny Tid is going to press, there are still ticks in the consultation response – but it is expected that there will be controversy around the proposal.

In spite of talking about a digital boundary, it is in practice the Norwegian side of communication with foreign countries that will be recorded and stored. Much of what we do on the Internet is routed through servers abroad. Both browsing history, private documents stored with cloud services as well as communication via email and messaging services between two Norwegians in Norway could end up in the E-service's data warehouse.

New role? While the E-service's task is to gather overseas intelligence, most things that can be captured via digital border defense have either a Norwegian starting point or end point, or both. The International Law Commission's Norwegian branch (ICJ-Norge) believes the proposal clearly conflicts with today's law on the intelligence service, which states that the E-service should not monitor Norwegian people in Norway.

"The Storting can change this section, but it will be very controversial, because then you break down a divide that has been quite central between military intelligence and the fight against crime," explains the chairman of the board of ICJ-Norway Jon Wessel-Aas to Ny Tid. "We see that there may be a need for a system like this to detect threats to Norway's digital infrastructure, but what concerns counter-terrorism is PST's task. This becomes a kind of insinuation by giving the E-service powers that PST has never had, and which they will never be able to get politically and legally. "

Lysneutvalget assumes that the E-service's access will take place on Norwegian territory, but defines it so that the data storage in itself does not cause much problems before the E-service eventually opens and looks at the content. Whether the E-service should be allowed to see content is a special court that must assess and decide in each individual case. Wessel-Aas believes that this understanding is untenable: “It is quite obvious, legally speaking, under both EEA legislation and the human rights convention, that the actual storage of data is considered an encroachment on freedom of communication and privacy. This is about creating a base of information about large sections of the population, completely independent of suspicion of anything. "

Digital border? The Lysne Committee itself points out that it is becoming more and more difficult to stand outside the digital society, and that the infrastructure is structured so that the ordinary user will often not be able to predict whether their traffic will leave the country or not. This is not just a visit to foreign websites. Several of the telecom companies in the Norwegian market have parts of their technical infrastructure abroad, and thus send Norwegian user data out of the country. With last year's strategy for the use of cloud services in the public sector, it is also to be expected that more of our communication with public bodies will eventually be stored abroad, and thus cross the border. The Lysne Committee's report states that "for practical purposes it is not possible to avoid the use of communication channels which in principle will be covered by DGF".

"In the rest of society, we build trust with openness. The problem with the secret services lies in the word secret. "

Ny Tid asks department director Einar Lunde in the National Communications Authority (Nkom) how large a share of Norwegian domestic traffic there will be in what is captured by the proposed solution. "We do not have figures for that, but it will be a very significant proportion," says Lunde, who has also been part of the Lysne Committee. Ny Tid asks if we are talking about more than 90 percent of the traffic. "I do not think you are very wrong there," Lunde replies.

With such a high proportion of domestic traffic crossing Norway's physical border, one may ask whether it makes sense at all to talk about a national border in the digital space. Roar Thon, director of the National Security Authority (NSM), has stated on Twitter that "digital border defense is a somewhat strange concept if we are to store personal sensitive data outside the country's borders at the same time". "It was a slightly sloppy comment with a serious thought," he explains to Ny Tid. "It is a crossroads that a lot of data centers are apparently set up, which are then outside the country's borders, and then the term digital border defense is used. This is an increasingly borderless society. " Thon has no comments on the actual content of the Lysne Committee's proposal.

Trust in the system. The Lysne Committee proposes a number of security mechanisms so that the collected data cannot be misused. The data warehouse must in principle be locked, and it must be up to a special court to decide which searches can be made in the warehouse, and which communications the E-service should be able to see the contents of. Currently, it is an open question which searches can be accepted. If the search terms are so broad that entire groups of people can end up in the spotlight if, for example, you use encryption, or if you communicate with family or friends in areas where there are terrorist suspects, it can quickly be experienced as problematic for groups that are more vulnerable.

Ny Tid asks Olav Lysne, leader of the committee, if he thinks people will be able to have the same confidence in such a special court as in the rest of the judicial system. "It's a crucial point, and it's the debate I now want to come. How do we build this in such a way that we can have confidence in the system? ” Lysne asks. "In the rest of society, we build trust with openness. The problem with the secret services lies in the word secret. Transparency as a tool is not available, and then we must look for other ways to build trust. "

Precisely trust that the system cannot be misused will be central to the storage of communication data not having a cooling effect on democratic exchange of opinions.

The e-service has not responded to Ny Tids inquiries.

Read the case here: "Source protection and confidentiality can be set aside"

Tori Aarseth
Aarseth is a political scientist and a regular journalist at Ny Tid.

You may also like