The UK and US are far from alone in getting businesses to do their snooping dirty work. International law firms should be aware.

Here's a tip. If you're worried about the security of client-confidential data on electronic systems, consider storing it in Brazil or Japan. The two countries emerge with most credit from a critical international study of the way governments around the world increasingly turn to private companies such as telecom firms to do their snooping for them.

The authors, the Center for Democracy and Technology in Washington DC, find that much of this activity takes place with little legal oversight.

We already know that the UK and US governments are active cyber snoopers. Likewise, the report's conclusion on China will surprise only the most naive: its government maintains ‘almost unlimited and unfettered access to private sector data through a variety of regulatory requirements’. More disturbing is the conclusion that India, home to a massive IT services industry, falls in to the same category.

According to the report, India stands out ‘due to almost total lack of protection'.

Privacy safeguards under Indian laws are ‘weak, ambiguous, or non-existent’. And the report claims that the Indian government has build a ‘central monitoring system that it is intended to allow the government to engage in real-time interception of email, chats, voice calls, and texting, without intervention of the service providers.’

In almost all the 13 countries surveyed, relevant laws governing access to data ‘are at best vague and ambiguous, and government interpretations of them are often hidden or even classified', the report finds. Even where data protection laws exist, governments can usually over-ride them on national security grounds. Exceptions are Japan and Brazil, which are 'notable for the severe limits they impose on interceptions undertaken for foreign intelligence security purposes'.

The centre calls for a ‘robust debate’ about standards for government surveillance, suggesting that international human rights law provides the most useful framework for making progress to developing safeguards.

Sound words, but don't expect much action soon. Electronic snooping, especially when it can be contracted out to a third party, is too useful a tool for states to give up. What that does to the status of client-confidential information is for better minds than mine to resolve. 

Michael Cross is Gazette news editor

Topics