Israel Hayom | Israel airport guards may ask 'suspicious' tourists to open their email accounts

This is pretty interesting/disturbing. But I wonder, now that this is public knowledge, terrorists who want to harm Israel can easily evade this security measure by having multiple email accounts and giving the password to one of them to security staff and not telling them about the others. Or I bet there are a hundred different ways to get around this.

Israel airport guards may ask 'suspicious' tourists to open their email accounts

Israel Hayom Staff

Foreign citizens visiting Israel may be asked to open their email accounts for airport security when they land at Ben-Gurion International Airport, the Attorney-General's Office stated Wednesday in response to a petition by a leading Israeli civil rights group.

"The threat of using foreign citizens for terrorist purposes is a growing trend," the Attorney-General's Office warned, in a missive to the Association for Civil Rights in Israel, which had petitioned the Justice Ministry to overrule such invasive security measures. "Searching an email account is to be carried out in exceptional cases only after suspicious or pertinent information has been identified [by Shin Bet personnel]."

Though the Israel Security Agency [Shin Bet] can request access to an email account before the passenger passes customs and leaves the airport, it cannot demand passwords or personal information that would allow the agency itself to access private accounts. Rather, Shin Bet staff may ask the traveler to open his or her account in view of security personnel, who can then check emails for incriminating evidence that may be relevant to issues of public or national security, wrote lawyer Nadim Avod writing on behalf of the Attorney-General's Office.

In addition, the traveler can refuse access to his or her personal email to security personnel, but Shin Bet agents at Ben-Gurion airport can consequently deny the traveler entry to Israel. Avod cited the law of entry to Israel, written in 1952, which states that a foreigner does not have the explicit right to enter the country. The relevant authorities -- in this case the Shin Bet -- decide who can enter and who cannot, the statement explained, and in such cases of exceptional suspicion, access to private email may be required.

The Attorney-General's Office was responding to a petition by ACRI, which said that asking for passwords to email or social media accounts is against Israeli law. ACRI asked the Justice Ministry to clarify its position after reports in various media, such as The Associated Press, reported that airport security personnel had demanded Arab travelers open their email accounts.

The Associated Press reports that "The [Shin Bet] agent, suspecting [Sandra] Tamari was involved in pro-Palestinian activism, wanted to inspect her private email account for incriminating evidence. The 42-year-old American of Palestinian descent refused and was swiftly expelled from the country."

ACRI attorney Lila Margalit said, “Invading a computer or an email account constitutes a grave violation of privacy and dignity."

The Attorney-General's Office seemed to agree that requesting a password would be illegal, but stressed that the incidents in question were exceptional cases where security personnel did not ask for passwords, but rather asked the traveler to log in so his or her accounts could be surveyed.

Similar issues have been litigated in the US. See here for a discussion of a case where a party was ordered by the court to turn over his social media passwords. And see here for a discussion of your right to protect sensitive data (from 2011).

See here for tips on how to hide your data from law enforcement.

Army Times: U.S.: Laws of war apply to cyber attacks

In light of alleged collaboration between Israel and the U.S. in creating computer worms, it is significant that according to the Army Times, Harold Koh, the State Department’s chief legal adviser, announced yesterday that it was U.S. government policy that certain cyber attacks may constitute a "use of force." I think we can expect other nations to begin clarifying their positions regarding what determines whether a cyber attack is a "use of force."

By Aram Roston - Staff writer

Posted : Tuesday Sep 18, 2012 20:18:17 EDT 

The U.S. government believes that cyber attacks can amount to armed attacks, and are subject to international humanitarian law and rules of war, the top State Department lawyer said Tuesday.

Harold Koh, the State Department’s chief legal adviser, unveiled the U.S. government’s position on the rules of cyberwar at a conference hosted by U.S. Cyber Command at Fort Meade, Md.

Koh announced that it was U.S. government policy that certain cyber attacks may constitute a “use of force,” a legal term defined by the UN Charter. Functionally, such cyber attacks are only legal if a military engagement is authorized by the United Nations, or if the attacks are launched in self defense.

Koh also introduced a series of 10 legal principles about cyberwar. The first is the general rule that international law does indeed “apply to activities in cyberspace.”

Some cyber attacks, Koh said, can “amount to an armed attack or imminent threat thereof” and could trigger a nation’s right of self-defense. Presumably, that means that if a country is attacked with a cyber weapon, it can fight back, either with conventional military force or a cyber weapon in return.

Koh said that to constitute a “use of force” under international law, a cyber attack would probably have to “proximately result in death, injury or significant destruction.”

Cyberwar was until just years ago little more then futuristic fantasy, but capabilities have developed so quickly that deploying cyber weapons now requires legal oversight. Koh’s announcement is an important development because the DOD has been grappling with the issue.

Indeed, shortly before Koh spoke, the CYBERCOM chief of staff Rear Adm. Margaret Klein had complained that there was “a lack of clear legal guidance” about what laws applied to the use of cyber as a weapon.

CYBERCOM oversees the Defense Department’s offensive and defensive cyber operations, and is led by Gen. Keith Alexander, who also runs the National Security Agency.

Koh emphasized that in using any cyber weapon, a country had to “distinguish military objectives from civilian objectives,” and had to avoid targeting civilian infrastructure.

Michael Schmitt, head of the international law department at the Naval War College, said the announcement came at an important time.

“The problem,” he said, is that people were wringing their hands in despair: ‘Oh my God, does international law apply?’ Non-lawyers seemed captivated by the idea that these weapons operated in a legal void.”

“It is significant,” he said, “that the legal advisor comes out and says unambiguously that international law applies.”

Schmitt headed a group of experts sponsored by the NATO Cooperative Cyber Defence Centre of Excellence in Tallinn, Estonia, which prepared a draft manual on international law in cyberwar.

The United States is one of the few governments believed to have engaged in cyberwarfare, in particular the Stuxnet attack against Iran’s nuclear centrifuge infrastructure. Koh’s announcement of a legal doctrine on cyberwar comes just months after new reports surfaced about the Obama administration’s alleged central role in deploying the Stuxnet worm.