Surveillance

/!\ UPDATE IN PROGRESS /!\

La Quadrature du Net fights against the mass and arbitrary surveillance of States, notably for political ends, using the pretext of security. La Quadrature du Net strives to make these illegetimate practices known and to denounce them whilst changing the law in front of Parliament as much as in front of the courts.

Technopolice

La Quadrature du Net fights against privatisation of new technologies and their use for policing purposes through surveillance, as it is the case with facial recognition and data crossing through “Big Data”. La Quadrature exercices the right to information granted to all citizens by demanding the administrative documents held by the authorities, to read tender documents and specifications, to better understand the means and ambitions of these local “Minority Report” projects.

  • The inaction of the French Data Protection Authority (CNIL) in the face of securitisation in Smart Cities (November 2018)
  • Geolocalisation of high school students by “New School” (July 2018)
  • “SafeCity” in Nice (July 2018)
  • “Big Data Observatory” at Marseille (March 2018)

Intelligence Law

The bills concerning intelligence and international surveillance from July and November 2015 have considerably overhauled and extended surveillance powers of the French administrative services. La Quadrature opposed these bills during parliamentary debates, and has fought them since in front of the judges.

  • Transfer of preliminary questions to the European Court of Justice (July 2018)
  • Summary of our actions in front of the Conseil d’Etat (July 2018)
  • Our (unheard) demands to correct the Surveillance law in the French GDPR-bill (March 2017)
  • Our victory at the Conseil d’Etat against hertzian surveillance (October 2016)
  • An explanation of our actions in front of the Conseil d’Etat, with FFDN and FDN (May 2016)
  • The International Surveillance Act (November 2015)
  • Our open letter against the International Surveillance Act (September 2015)
  • The Surveillance Law, mainly codified in Book VIII of the Internal Security Code (July 2015)
  • Our reaction to the Conseil constitutionnel (Constitutional Council)’s decision on the Surveillance Law (July 2015)
  • Our amicus curiae sent to the Conseil constitutionnel together with FFDN and FDN (June 2015)
  • Our reaction to the adoption of the Surveillance Law (June 2015)

Generalised traffic data retention

French law requires telephone and Internet operators, as well as online content service providers, to retain traffic data of all their users (who speaks to whom, from where, with which IP address, etc.) for one year. The Intelligence Services and the judicial powers can thus access, for a year, traffic data of all the population. European Union law has banned these practices since 2014.

  • Transmission of “preliminary rulings” to the European Court of Justice (July 2018)
  • Summary of our actions before the Conseil d’Etat (July 2018)
  • Massive filing of complaints before the European Commission with more than 60 NGOs against States violating EU law (June 2018)
  • Launch of our actions against the four major French mobile operators (March 2018)
  • Tribune in Liberation of the Exegetes Amateurs against general data retention (June 2017)
  • Our reaction to the Tele2 ruling of the European Court of Justice which specifies the prohibition of generalized data retention (December 2016)
  • Our referral to the Conseil d’Etat to challenge these measures with FDN and FFDN (September 2015)
  • Our reaction to the Digital Rights Ireland ruling of the EU Court of Justice, which invalidates the 2006 Directive requiring generalised data retention (April 2014)
  • The obligation imposed on web hosts and ISPs by article 6, II, of the law for “trust in the digital economy” (June 2004) and its implementing decree (February 2011)
  • The obligation imposed on telephone and Internet operators by the Post and Electronic Communications Code (CPCE) in Articles L34-1, II (July 2004), and R10-13 (March 2006)

Mega-file TES

By decree, the Government has authorized the creation of a file containing the biometric data (fingerprints, facial photographies …) of all French ID cards and passports holders. This file is useless to achieve the announced goal (fighting against the falsification of identity documents) and foreshadows above all the development and use by the government of facial recognition technologies for the purpose of mass surveillance.

  • Refusal by the Conseil d’Etat to annul the decree (October 2018)
  • Summary of our actions before the Conseil d’Etat ( September 2018)
  • Our action before the Conseil d’Etat against the file, with FFDN and FDN (December 2016)
  • Our reaction with the Observatoire des Libertés et du Numérique (Freedoms and Digital Observatory) (November 2016)
  • The Decree authorising the creation of the file (October 2016)

Privacy Shield

The “Privacy Shield” is a regulatory framework defined by the United States and recognized by the European Commission as offering a level of protection of personal data compatible with EU law. This framework allows the transfer of these data from the European Union to the United States. La Quadrature du Net questions the protection given by this framework before the European Union General Court, because it does not sufficiently take into account the massive surveillance powers held by the various US agencies.

  • Open Letter asking for the suspension of the Privacy Shield (Mars 2017)
  • Referral to the General Court of the EU asking for the annulment of the Commission’s decision, with FFDN and FDN (November 2016)
  • Our analysis about the adoption of the Privacy Shield (July 2016)
  • Our reaction to the “Shrems” ruling, which invalidates the decision of the European Commission that authorized the transfer of personal data to US companies that submitted to the Safe Harbor – the framework that preceded the Privacy Shield (October 2015)