FYI, this was distributed this afternoon to Mozilla's public "governance" list (where "governance" refers to Mozilla's internal governance, not governments/nation-states). May be interesting/informative to this group.

---------- Forwarded message --------- From: merwin@mozilla.com Date: Wed, Sep 2, 2015 at 2:53 PM Subject: Surveillance principles draft To: mozilla-governance@lists.mozilla.org

Hi all,

Members of the platform, policy, and legal teams at Mozilla have been working to create a set of principles that should serve as a guide to government surveillance activities, and that are grounded in our commitment to trust and openness online. We would appreciate your input on these. Check them out below.

The following three principles, derived from the Mozilla Manifesto, offer a Mozilla way of thinking about the complex landscape of government surveillance and law enforcement access. We are not proposing a comprehensive list of good or bad government practices, but rather describing the kinds of activities in this space that would protect the underpinnings and integrity of the Web:

1) User Security Mozilla Manifesto Principle #4 states "Individuals' security and privacy on the Internet are fundamental and must not be treated as optional." Governments should act to bolster user security, not to weaken it. Encryption is a key tool in improving user security.

Requirements that systems be modified to enable government access to encrypted data are a threat to users' security. The primary aim of computer security is to protect user data against any access not authorized by the user; allowing law enforcement access violates that design requirement and makes the system inherently weaker against attacks that it is intended to defend against. Once systems are modified to enable law enforcement access by one government, vendors will be under enormous pressure to provide access to other governments. It will not be possible in practice to restrict access to only "friendly" actors. Moreover, the more government actors have access to monitoring capabilities, the greater the risk that non-governmental cyberattackers will obtain access. Endpoint law enforcement access requirements are also incompatible with open source and open systems because they conflict with users' right to know and control the software running on their own devices.

2) Minimal Impact Mozilla Principle #2 states that the Internet is a global public resource. Government surveillance decisions should take into account global implications for trust and security online by focusing activities on those with minimal impact.

Efforts should be made to collect only the information that is needed. Whenever possible, only data on specific, identifiable users should be collected, rather than collecting data from a large group of users with the expectation that it can be triaged later. Activities should be designed to minimize their impact on the Internet infrastructure and on user trust. Compromise of or unauthorized access to third party infrastructure or systems should be avoided if at all possible and is wholly unacceptable if other avenues for obtaining third party cooperation are available.

3) Accountability Mozilla Principle #8 calls for transparent community-based accountability as the basis for user trust. Because surveillance activities are (and inherently must be, to some degree) conducted in secret, independent oversight bodies must be effectively empowered and must communicate with and on behalf of the public to ensure democratic accountability.

A strong oversight regime involves several components. Oversight should be conducted outside of those agencies responsible for the programs themselves, by bodies with broad mandates and access, technical competence, and enforcement authority. Oversight should include statutory transparency requirements that allow the public to know that aggressive oversight is taking place and to be able to know the scope and scale of government access to user data. Finally, oversight should be evidence-based and start with an analysis of the national security benefits and potential harms of programs in question. _______________________________________________ governance mailing list governance@lists.mozilla.org https://lists.mozilla.org/listinfo/governance