Oct 15, 2014 · 2 minutes

United Nations rapporteur Ben Emmerson has released a report indicting the surveillance programs put in place by the National Security Agency and other intelligence agencies for threatening international laws and corroding the online privacy of millions of consumers.

Perhaps the most important aspect of the report is the argument that using the Internet does not open someone up to surveillance by intelligence agencies, as some have argued, because people have a reasonable expectation that their communications will remain private even though they are sent via cables to data centers around the world. As Emmerson writes in his 22-page report:

In the modern digital world, merely using the Internet as a means of private communication cannot conceivably constitute an informed waiver of the right to privacy under article 17 of the Covenant.

The Internet is not a purely public place. It is composed of many layers of private as well as social and public realms. Those making informed use of social media platforms in which messages are posted in full public view obviously have no reasonable expectation of privacy. The postcard analogy [used to justify gathering data shared via the Internet] is entirely apposite for the dissemination of information through the public dimensions of Twitter and Facebook, for example, or postings on public websites. But reading a postcard is not an apposite analogy for intercepting private messages sent by e-mail, whether they are encrypted or unencrypted. A statement like that shouldn't come as a surprise. Emmerson is right to think that there's no right for Facebook or Twitter users to expect privacy, at least if they're sharing their messages to anyone with an Internet connection, just as he's right in saying that emails shouldn't be fair game if their senders didn't bother to encrypt them before they were shot off to their recipient.

But the statement, taken with the indictment of mass surveillance demonstrated throughout the report, helps support the idea that Internet users have a reasonable expectation of privacy even though their messages are sent via a convoluted network of private and public utilities. It's not okay for governments to steal messages without due cause, and it's certainly not okay for it to break into tech companies' data centers or the connections between servers to gather them.

If there's any doubt that that's Emmerson's intent in writing the report, here's his conclusion:

The prevention and suppression of terrorism is a public interest imperative of the highest importance and may in principle form the basis of an arguable justification for mass surveillance of the internet. However, the technical reach of the programmes currently in operation is so wide that they could be compatible with article 17 of the covenant only if relevant States are in a position to justify as proportionate the systematic interference with the internet privacy rights of a potentially unlimited number of innocent people located in any part of the world. Bulk access technology is indiscriminately corrosive of online privacy and impinges on the very essence of the guaranteed by article 17.
[illustration by Brad Jonas]