Spain Brings In New Snooping Law; Allows Wide-Ranging Surveillance -- And Government Malware

from the making-the-digital-world-as-bad-as-the-analog-one dept

Earlier this week Spain's new Criminal Procedure Act came into force. Although this is an update to an old law from 1882, it legalizes the use of some of the most modern digital snooping techniques around, as an article in El País explains (original in Spanish). For example, one option under the new law is to install malware on a suspect's devices, a really bad idea we warned two years ago might happen. The new law specifies that surveillance can be carried on equipment used habitually or occasionally by a suspect, but does not clarify what happens with networks or a shared family computer. The Spanish police will also now be able to deploy undercover agents online who can interact with other users, and record their conversations, even if those take place with members of the public in their own homes.

The new powers generally require judicial authorization, and the exact nature of the permitted surveillance will depend on the seriousness of the alleged crime. But the law also allows the Spanish Interior Minister and, in her or his absence, the Secretary of State for Security, to grant permission to the police to snoop on private communications in an "emergency", or when the alleged crimes relate to terrorism or armed groups.

Such permission must then be quickly confirmed or revoked by a judge, but in the latter case, there's a nasty twist in the new law. Even though the police would be unable to use in court any evidence they found during surveillance whose authorization was later cancelled, they could use it to help them ask for permission to carry out more surveillance, taking advantage of the knowledge they gained. As El País notes, the new law will allow: police and judicial use of "incidental findings": those crimes which are not suspected, and discovered investigating other [crimes]. Now, the parties may bring these findings as evidence in a different judicial process from the one that led to the initial investigation, and may also be used in other investigations, although for that, specific authorization from a judge will be required. A few months ago, Techdirt wrote about Spain's terrible new "gag" law that imposed all kinds of ridiculous constraints on everyday activities in the physical world. It seems that bad things are starting to happen in the country's digital realm too.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community. Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis. While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: malware, spain, surveillance