Sweden has recently passed a law that allows police to hack into people’s computers. Digital rights advocates are not thrilled with the development.
Sweden has become the latest European country to pass a law that allows police to hack into people’s computers. The law was passed 286-26 (with 37 abstentions).
Europe has been gripped with such laws for a number of years now. Previously, Austria tried passing their own variation of such laws. In December, the European constitutional court struck down those laws. The argument for the law was that breaking into someone’s computer and obtaining information was no different than wiretapping someone’s phone. The judge, of course, didn’t buy it and pointed out that there is a huge difference between hacking into someones computer and issuing a wiretap on someone’s phone.
It’s that court decision that has many digital rights organizations hopeful that this, too, will get struck down. EDRI points to a number of worrying issues with the laws as well. From EDRI:
The law has a number of serious issues that has been pointed out to lawmakers over several years when the law was going through the public inquiry phase. For example, the law does not say that a minimum sentence of two years in prison is required, but that if the prosecutor just believes that the suspected crime might carry two, or more, years in prison, that already give LEAs the legal basis to ask for a court warrant.
Even more worryingly, even citizens who are not suspect of having committed any crimes, but are associated with a suspect might be the targets of hacking by the police. The law gives the LEAs a mandate to hack devices that they reasonably think a suspect might primarily use. So if a suspect might uses their mother’s phone, for example, that device is open to hacking. If you are someone that the police think their suspect will call or message, your phone might also be in danger of being hacked, just because you happen to know someone that the police suspects of a crime. They can also be allowed to use hacking to find a suspect – this means you simply shouldn’t be at the wrong place at the wrong time, or else the police might hack your devices.
The law also includes a clause that states that if the prosecutor feels like the courts will be too slow to issue a warrant, he or she can issue it. If the court then finds that the warrant was wrongly issued, the prosecutor will then have to go to court for review, and any evidence gathered can not be used against the suspect. Of course, the person whose device was hacked (who might not even be a person suspected of a crime) has already had their privacy breached, and the law doesn’t provide any recourse for such abuses.
The new law goes into effect on the 1 April 2020 and will be valid for five years, after which the Swedish parliament will decide to make it permanent or not.
Someone worth noting is that, for a number of people, April first is April Fools day. So, in a way, for many, it is almost appropriate that such a law goes into effect on that day. This is because the people have been fooled into allowing this to happen in the first place.
So, for now, this law will likely be a matter for the courts. So, there might be a period of time where police are permitted to hack people’s computers before the laws are potentially struck down. For many Swedish people, the sooner these laws are declared unconstitutional, the better.
Drew Wilson on Twitter: @icecube85 and Facebook.
