Facial Recognition Virtual Design Jam: brainstorming litigation to challenge use of facial recognition software

By Jason Williams-Quarry, 17th September 2019

What are the research or evidence gaps when it comes to the legal implications of facial recognition technology? What research or support is needed in the short term to litigate against the use of such technology by law enforcement? Which jurisdictions are most cost effective for facial recognition litigation? What can law clinics do over the coming year to assist in these kinds of cases?

These questions were considered during DFF’s virtual design jam on facial recognition this week. The design jam continued from and built on in-group discussions that arose during DFF’s workshop on ‘connecting the field with academia’ earlier this year. During the workshop, participants were eager to explore connections between the field and academia on a number of subjects andsome of these conversations gravitated towards facial recognition. The virtual design jam was an opportunity to take a further look at the questions posed above and to identify potential lines of collaboration and research.

Recent events in the news have drawn attention to the use of facial recognition technology by both public and private actors. A recent case brought by Liberty sought to challenge the use of facial recognition cameras by the South Wales Police in the UK. In Sweden, the data protection authority (Datainspektionen) found a school’s use of facial recognition technology to register student presence violated various aspects of the General Data Protection Regulation. Outside of Europe, pro-democracy protestors in Hong Kong have been recorded tearing down facial recognition towers, in resistance to state surveillance.

During the jam, breakout groups mapped out the research and evidence that could be collected in the short and medium term to help build and develop strategic human rights litigation challenging the use of facial recognition technology. One room looked at the research and evidence that could assist litigation efforts to challenge the use of such technology by law enforcement. Another room examined what work could be done to help identify the ideal regulatory environments for taking cases against public and private actors’ use of such technology. Finally, another room considered more specifically what the role of law clinics might be in providing research or legal support for facial recognition cases.

At the end of the session, the breakout rooms reported out a number of specific research requests that could be taken on by academics, researchers or law clinics. For instance, one room sought more research on the “chilling effect” facial recognition technology has on rights, such as the rights to freedom of association and freedom of expression. Another room identified the need for a comprehensive mapping of how judiciaries and legislators in different European jurisdictions regulate audio-visual surveillance, CCTV, and facial recognition technologies.

DFF will share these research requests with its network, including academics, researchers and law clinicians who joined the workshop on ‘connecting the field with academia’ earlier this year. We also welcome hearing from other academics or researchers who are willing to assist and collaborate with digital rights litigators on this important work. If that sounds like you, please do get in touch!

We hope that this design jam will be the starting point for collaborative research projects that can later inform and strengthen litigation challenging facial recognition software.

Exchanging knowledge across the Atlantic: litigators kick off call series on digital rights

By Jason Williams-Quarry, 10th September 2019

DFF’s transatlantic call series on digital rights kicked off on 9 September with 29 experts, litigators and activists sharing knowledge from across 15 organisations.

The five-part call series seeks to facilitate dialogue on digital rights priorities and international collaboration between organisations in the US and Europe.

The first call focused on a wide range of critical digital rights issues, including facial recognition, mass surveillance and how to use anti-trust and competition law to protect digital rights. Participants met with their peers in an informal setting, shared knowledge of each other’s organisations as well as concrete experience by discussing recent cases and pending litigation.

The call series builds on initial conversations earlier in the year between DFF and lawyers from the Electronic Frontier Foundation (EFF), Knight First Amendment Institute at Columbia University and American Civil Liberties Union (ACLU).

DFF is hosting another four transatlantic calls over the coming weeks. The next transatlantic calls currently planned are:

  • 23 September (17:00 CEST)

Heat mapping thematic areas for transatlantic collaboration

  • 8 October (17:00 CEST)

Challenging anti-encryption measures

  • 15 October (17:00 CEST)

Machine learning and human rights

  • 13 November (17:00 CET)

Content moderation

Register for any of the upcoming sessions by getting in touch with us via e-mail.

Further topics and calls will be added based on the input from participants. Stay tuned!

Six years after the Snowden revelations, the fight against bulk surveillance continues

By Megan Goulding, 9th September 2019

The High Court of England and Wales recently ruled that the UK Snoopers’ Charter was compatible with rights to privacy and freedom of expression. This judgment allows the UK Government to continue to spy on people, in the UK and abroad, regardless of suspicion. Ordinary people will have their sensitive communications and data swept up and stored under wide-ranging state powers to spy en masse.

Liberty, the UK human rights organisation that brought the challenge, will appeal the judgment in the courts and will keep fighting for a targeted surveillance regime that respects people’s fundamental rights.

The People vs Snoopers’ Charter

The Investigatory Powers Act (the latest iteration of the Snoopers’ Charter) became law in late 2016. It purported to introduce transparency to state surveillance following Edward Snowden’s revelations of unlawful mass monitoring of the public’s communications.

A petition calling for its repeal attracted more than 200,000 signatures, but it was still not debated by Parliament. The judgment handed down by the High Court of England and Wales on 29 July 2019 was the latest step in Liberty’s historic legal challenge to mass surveillance powers under the Snoopers’ Charter. This legal challenge has been taken in two separate tranches.

The first tranche resulted in the High Court handing down a decision in April 2018 that found that the legislation failed to protect people’s rights in relation to the state’s accessing of their communications data. Specifically, the Court found that it was unlawful for the state agencies to be able to access people’s data held by telecommunications operators without prior independent authorisation, and that agencies should not be able to access such data for the purposes of investigating non-serious crime. The UK Government was ordered to change the law to correct these defaults and has now introduced a new body called the Office for Communications Data Authorisations (OCDA) which will authorise state access to data held by telecommunications operators.

The second tranche of the litigation focused on the illegality of “bulk” powers, including bulk interception, bulk hacking, bulk acquisition of data, and the creation of “bulk personal datasets”. It was the world’s first legal challenge to powers allowing state agencies to hack people’s information under bulk warrants.

At the hearing in June 2019, Liberty argued that the bulk powers contained in the Investigatory Powers Act 2016 breach Article 8 (the right to privacy) and Article 10 (the right to freedom of expression) of the European Convention on Human Rights.

Liberty further argued that there are insufficient safeguards in the Act to protect confidential journalistic sources and legally privileged material.

MI5’s unlawful data retention

A week before the hearing in June, as a result of Liberty’s litigation, it was revealed in court that MI5 (the UK’s Security Service) has for many years been unlawfully retaining and mishandling people’s data obtained under the bulk powers Liberty was challenging. This included mishandling sensitive legally privileged material (i.e. confidential communications between a lawyer and their client). It was only because of Liberty’s case, and the Government’s duty to report relevant issues to the Court, that the Government admitted what it knew about MI5 unlawful conduct. Though the Government is still keeping the exact details of the unlawful conduct secret, it has been forced into publicly revealing certain details as a result of Liberty insisting that it do so in court.

The Investigatory Powers Commissioner (the head of the UK oversight body for surveillance) said the breach was severe enough that he considers MI5’s handling of data to be in “special measures”, drawing an analogy to the “special measures” status that is given to schools in the UK when they are failing and require urgent remedial action. However, the Commission did not elaborate on what this designation means for MI5’s surveillance powers. Nevertheless, MI5’s startling admission in the documents revealed in court that people’s data is being held in “ungoverned spaces” shows that the Act’s safeguards, and its oversight system, are wholly inadequate for protecting people’s fundamental rights.

This inadequacy goes to the heart of Liberty’s challenge. Liberty’s case is that the safeguards in the Investigatory Powers Act 2016 fail to protect people’s privacy and free expression. The MI5 disclosures prove that. So inadequate are the safeguards that they can fail to be enforced for years without it being discovered by the oversight body, Government or public.

Pushing forward the fight against mass surveillance

In September 2018, Liberty, along with 13 other human rights and journalism groups and two individuals, won its challenge to the previous Snoopers’ Charter (the Regulation of Investigatory Powers Act 2000) at the European Court of Human Rights. The Court found that the UK’s previous regime for bulk interception was unlawful.

Liberty and the other Applicants appealed this judgment to the Grand Chamber of the European Court and were in Court in July, seeking an even firmer ruling that bulk surveillance powers inherently violate people’s rights.

The Investigatory Powers Act 2016 replicated and expanded the intrusive surveillance powers that the European Court has already found to breach people’s rights to privacy and free expression.

We will appeal the High Court’s July judgment, and will keep fighting until the UK Government gives people a targeted surveillance regime that does not demand they throw away their rights.

About the author: Megan Goulding is a solicitor at the UK human rights campaigning organisation, Liberty. Megan specialises in privacy, technology and human rights and runs Liberty’s litigation in this area.