Skip to main content

Home/ Future of the Web/ Group items tagged from to

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
Paul Merrell

Most Agencies Falling Short on Mandate for Online Records - 1 views

www2.gwu.edu/...NSAEBB505

eFOIA FOIA audit National-Security-Archives agency-compliance

shared by Paul Merrell on 14 Mar 15 - No Cached
  • Nearly 20 years after Congress passed the Electronic Freedom of Information Act Amendments (E-FOIA), only 40 percent of agencies have followed the law's instruction for systematic posting of records released through FOIA in their electronic reading rooms, according to a new FOIA Audit released today by the National Security Archive at www.nsarchive.org to mark Sunshine Week. The Archive team audited all federal agencies with Chief FOIA Officers as well as agency components that handle more than 500 FOIA requests a year — 165 federal offices in all — and found only 67 with online libraries populated with significant numbers of released FOIA documents and regularly updated.
  • Congress called on agencies to embrace disclosure and the digital era nearly two decades ago, with the passage of the 1996 "E-FOIA" amendments. The law mandated that agencies post key sets of records online, provide citizens with detailed guidance on making FOIA requests, and use new information technology to post online proactively records of significant public interest, including those already processed in response to FOIA requests and "likely to become the subject of subsequent requests." Congress believed then, and openness advocates know now, that this kind of proactive disclosure, publishing online the results of FOIA requests as well as agency records that might be requested in the future, is the only tenable solution to FOIA backlogs and delays. Thus the National Security Archive chose to focus on the e-reading rooms of agencies in its latest audit. Even though the majority of federal agencies have not yet embraced proactive disclosure of their FOIA releases, the Archive E-FOIA Audit did find that some real "E-Stars" exist within the federal government, serving as examples to lagging agencies that technology can be harnessed to create state-of-the art FOIA platforms. Unfortunately, our audit also found "E-Delinquents" whose abysmal web performance recalls the teletype era.
  • E-Delinquents include the Office of Science and Technology Policy at the White House, which, despite being mandated to advise the President on technology policy, does not embrace 21st century practices by posting any frequently requested records online. Another E-Delinquent, the Drug Enforcement Administration, insults its website's viewers by claiming that it "does not maintain records appropriate for FOIA Library at this time."
  • ...9 more annotations...
  • "The presumption of openness requires the presumption of posting," said Archive director Tom Blanton. "For the new generation, if it's not online, it does not exist." The National Security Archive has conducted fourteen FOIA Audits since 2002. Modeled after the California Sunshine Survey and subsequent state "FOI Audits," the Archive's FOIA Audits use open-government laws to test whether or not agencies are obeying those same laws. Recommendations from previous Archive FOIA Audits have led directly to laws and executive orders which have: set explicit customer service guidelines, mandated FOIA backlog reduction, assigned individualized FOIA tracking numbers, forced agencies to report the average number of days needed to process requests, and revealed the (often embarrassing) ages of the oldest pending FOIA requests. The surveys include:
  • The federal government has made some progress moving into the digital era. The National Security Archive's last E-FOIA Audit in 2007, " File Not Found," reported that only one in five federal agencies had put online all of the specific requirements mentioned in the E-FOIA amendments, such as guidance on making requests, contact information, and processing regulations. The new E-FOIA Audit finds the number of agencies that have checked those boxes is now much higher — 100 out of 165 — though many (66 in 165) have posted just the bare minimum, especially when posting FOIA responses. An additional 33 agencies even now do not post these types of records at all, clearly thwarting the law's intent.
  • The FOIAonline Members (Department of Commerce, Environmental Protection Agency, Federal Labor Relations Authority, Merit Systems Protection Board, National Archives and Records Administration, Pension Benefit Guaranty Corporation, Department of the Navy, General Services Administration, Small Business Administration, U.S. Citizenship and Immigration Services, and Federal Communications Commission) won their "E-Star" by making past requests and releases searchable via FOIAonline. FOIAonline also allows users to submit their FOIA requests digitally.
  • THE E-DELINQUENTS: WORST OVERALL AGENCIES In alphabetical order
  • Key Findings
  • Excuses Agencies Give for Poor E-Performance
  • Justice Department guidance undermines the statute. Currently, the FOIA stipulates that documents "likely to become the subject of subsequent requests" must be posted by agencies somewhere in their electronic reading rooms. The Department of Justice's Office of Information Policy defines these records as "frequently requested records… or those which have been released three or more times to FOIA requesters." Of course, it is time-consuming for agencies to develop a system that keeps track of how often a record has been released, which is in part why agencies rarely do so and are often in breach of the law. Troublingly, both the current House and Senate FOIA bills include language that codifies the instructions from the Department of Justice. The National Security Archive believes the addition of this "three or more times" language actually harms the intent of the Freedom of Information Act as it will give agencies an easy excuse ("not requested three times yet!") not to proactively post documents that agency FOIA offices have already spent time, money, and energy processing. We have formally suggested alternate language requiring that agencies generally post "all records, regardless of form or format that have been released in response to a FOIA request."
  • Disabilities Compliance. Despite the E-FOIA Act, many government agencies do not embrace the idea of posting their FOIA responses online. The most common reason agencies give is that it is difficult to post documents in a format that complies with the Americans with Disabilities Act, also referred to as being "508 compliant," and the 1998 Amendments to the Rehabilitation Act that require federal agencies "to make their electronic and information technology (EIT) accessible to people with disabilities." E-Star agencies, however, have proven that 508 compliance is no barrier when the agency has a will to post. All documents posted on FOIAonline are 508 compliant, as are the documents posted by the Department of Defense and the Department of State. In fact, every document created electronically by the US government after 1998 should already be 508 compliant. Even old paper records that are scanned to be processed through FOIA can be made 508 compliant with just a few clicks in Adobe Acrobat, according to this Department of Homeland Security guide (essentially OCRing the text, and including information about where non-textual fields appear). Even if agencies are insistent it is too difficult to OCR older documents that were scanned from paper, they cannot use that excuse with digital records.
  • Privacy. Another commonly articulated concern about posting FOIA releases online is that doing so could inadvertently disclose private information from "first person" FOIA requests. This is a valid concern, and this subset of FOIA requests should not be posted online. (The Justice Department identified "first party" requester rights in 1989. Essentially agencies cannot use the b(6) privacy exemption to redact information if a person requests it for him or herself. An example of a "first person" FOIA would be a person's request for his own immigration file.) Cost and Waste of Resources. There is also a belief that there is little public interest in the majority of FOIA requests processed, and hence it is a waste of resources to post them. This thinking runs counter to the governing principle of the Freedom of Information Act: that government information belongs to US citizens, not US agencies. As such, the reason that a person requests information is immaterial as the agency processes the request; the "interest factor" of a document should also be immaterial when an agency is required to post it online. Some think that posting FOIA releases online is not cost effective. In fact, the opposite is true. It's not cost effective to spend tens (or hundreds) of person hours to search for, review, and redact FOIA requests only to mail it to the requester and have them slip it into their desk drawer and forget about it. That is a waste of resources. The released document should be posted online for any interested party to utilize. This will only become easier as FOIA processing systems evolve to automatically post the documents they track. The State Department earned its "E-Star" status demonstrating this very principle, and spent no new funds and did not hire contractors to build its Electronic Reading Room, instead it built a self-sustaining platform that will save the agency time and money going forward.
Paul Merrell

Theresa May warns Yahoo that its move to Dublin is a security worry | Technology | The ... - 0 views

www.theguardian.com/...ay-yahoo-dublin-security-worry

surveillance state Yahoo! Ireland GCHQ NSA-blowback

shared by Paul Merrell on 22 Mar 14 - No Cached
  • Theresa May summoned the internet giant Yahoo for an urgent meeting on Thursday to raise security concerns after the company announced plans to move to Dublin where it is beyond the reach of Britain's surveillance laws.By making the Irish capital rather than London the centre of its European, Middle East and Africa operations, Yahoo cannot be forced to hand over information demanded by Scotland Yard and the intelligence agencies through "warrants" issued under Britain's controversial anti-terror laws.Yahoo has had longstanding concerns about securing the privacy of its hundreds of millions of users – anxieties that have been heightened in recent months by revelations from the whistleblower Edward Snowden.
  • In February, the Guardian revealed that Britain's eavesdropping centre GCHQ intercepted and stored the images of millions of people using Yahoo webcams, regardless of whether they were suspects. The data included a large quantity of sexually explicit pictures.The company said this represented "a whole new level of violation of our users' privacy".The home secretary called the meeting with Yahoo to express the fears of Britain's counter-terrorism investigators. They can force companies based in the UK to provide information on their servers by seeking warrants under the Regulation of Investigatory Powers Act, 2000 (Ripa).
  • the Guardian has been told that Charles Farr, the head of the office for security and counter-terrorism (OSCT) within the Home Office, has been pressing May to talk to Yahoo because of anxiety in Scotland Yard's counter-terrorism command about the effect the move to Dublin could have on their inquiries.Farr, a former senior intelligence officer, coordinates the work of Scotland Yard and the security service MI5, to prevent terrorist attacks in the UK."There are concerns in the Home Office about how Ripa will apply to Yahoo once it has moved its headquarters to Dublin," said a Whitehall source. "The home secretary asked to see officials from Yahoo because in Dublin they don't have equivalent laws to Ripa. This could particularly affect investigations led by Scotland Yard and the national crime agency. They regard this as a very serious issue."
  • ...3 more annotations...
  • The move to make Dublin the centre of its headquarters for Europe, the Middle East and Africa (EMEA) was announced last month and will take effect from Friday.In a statement at the time, Yahoo said Dublin was a natural home for the company and that it would be incorporated into Irish laws.The firm insisted the move was driven by "business needs … we believe it is in the best interest of our users. Dublin is already the European home to many of the world's leading global technology brands."However, the firm has been horrified by some of the surveillance programmes revealed by Snowden and is understood to be relieved that it will be beyond the immediate reach of UK surveillance laws.
  • Following the Guardian's disclosures about snooping on Yahoo webcams, the company said it was "committed to preserving our users trust and security and continue our efforts to expand encryption across all of our services." It said GCHQ's activity was "completely unacceptable..we strongly call on the world's governments to reform surveillance law."Explaining the move to Dublin, the company said: "The principal change is that Yahoo EMEA, as the new provider of services to our European users, will replace Yahoo UK Ltd as the data controller responsible for handling your personal information. Yahoo EMEA will be responsible for complying with Irish privacy and data protection laws, which are based on the European data protection directive."Emma Carr, deputy director of Big Brother Watch, said: "It should not come as a surprise if companies concerned about maintaining their users' trust to hold their information start to move to countries with more rigorous oversight processes, particularly where courts oversee requests for information." Surveillance laws have a direct impact on our economy and Yahoo's decision should be ring an alarm in Parliament that ignoring the serious questions about surveillance that are being debated around the world will only harm Britain's digital economy."
  • From Friday, investigators may have to seek information by using a more drawn out process of approaching Yahoo through a Mutual Legal Assistance Treaty between Ireland and the UK.
Paul Merrell

Hey ITU Member States: No More Secrecy, Release the Treaty Proposals | Electronic Front... - 0 views

www.eff.org/...crecy-release-wcit-documents-0

Internet freedom Openweb ITU regulation

shared by Paul Merrell on 25 Nov 12 - No Cached
  • The International Telecommunication Union (ITU) will hold the World Conference on International Telecommunications (WCIT-12) in December in Dubai, an all-important treaty-writing event where ITU Member States will discuss the proposed revisions to the International Telecommunication Regulations (ITR). The ITU is a United Nations agency responsible for international telecom regulation, a bureaucratic, slow-moving, closed regulatory organization that issues treaty-level provisions for international telecommunication networks and services. The ITR, a legally binding international treaty signed by 178 countries, defines the boundaries of ITU’s regulatory authority and provides "general principles" on international telecommunications. However, media reports indicate that some proposed amendments to the ITR—a negotiation that is already well underway—could potentially expand the ITU’s mandate to encompass the Internet.
  • The International Telecommunication Union (ITU) will hold the World Conference on International Telecommunications (WCIT-12) in December in Dubai, an all-important treaty-writing event where ITU Member States will discuss the proposed revisions to the International Telecommunication Regulations (ITR). The ITU is a United Nations agency responsible for international telecom regulation, a bureaucratic, slow-moving, closed regulatory organization that issues treaty-level provisions for international telecommunication networks and services. The ITR, a legally binding international treaty signed by 178 countries, defines the boundaries of ITU’s regulatory authority and provides "general principles" on international telecommunications. However, media reports indicate that some proposed amendments to the ITR—a negotiation that is already well underway—could potentially expand the ITU’s mandate to encompass the Internet. In similar fashion to the secrecy surrounding ACTA and TPP, the ITR proposals are being negotiated in secret, with high barriers preventing access to any negotiating document. While aspiring to be a venue for Internet policy-making, the ITU Member States do not appear to be very open to the idea of allowing all stakeholders (including civil society) to participate. The framework under which the ITU operates does not allow for any form of open participation. Mere access to documents and decision-makers is sold by the ITU to corporate “associate” members at prohibitively high rates. Indeed, the ITU’s business model appears to depend on revenue generation from those seeking to ‘participate’ in its policy-making processes. This revenue-based principle of policy-making is deeply troubling in and of itself, as the objective of policy making should be to reach the best possible outcome.
  • EFF, European Digital Rights, CIPPIC and CDT and a coalition of civil society organizations from around the world are demanding that the ITU Secretary General, the  WCIT-12 Council Working Group, and ITU Member States open up the WCIT-12 and the Council working group negotiations, by immediately releasing all the preparatory materials and Treaty proposals. If it affects the digital rights of citizens across the globe, the public needs to know what is going on and deserves to have a say. The Council Working Group is responsible for the preparatory work towards WCIT-12, setting the agenda for and consolidating input from participating governments and Sector Members. We demand full and meaningful participation for civil society in its own right, and without cost, at the Council Working Group meetings and the WCIT on equal footing with all other stakeholders, including participating governments. A transparent, open process that is inclusive of civil society at every stage is crucial to creating sound policy.
  • ...5 more annotations...
  • Civil society has good reason to be concerned regarding an expanded ITU policy-making role. To begin with, the institution does not appear to have high regard for the distributed multi-stakeholder decision making model that has been integral to the development of an innovative, successful and open Internet. In spite of commitments at WSIS to ensure Internet policy is based on input from all relevant stakeholders, the ITU has consistently put the interests of one stakeholder—Governments—above all others. This is discouraging, as some government interests are inconsistent with an open, innovative network. Indeed, the conditions which have made the Internet the powerful tool it is today emerged in an environment where the interests of all stakeholders are given equal footing, and existing Internet policy-making institutions at least aspire, with varying success, to emulate this equal footing. This formula is enshrined in the Tunis Agenda, which was committed to at WSIS in 2005:
  • 83. Building an inclusive development-oriented Information Society will require unremitting multi-stakeholder effort. We thus commit ourselves to remain fully engaged—nationally, regionally and internationally—to ensure sustainable implementation and follow-up of the outcomes and commitments reached during the WSIS process and its Geneva and Tunis phases of the Summit. Taking into account the multifaceted nature of building the Information Society, effective cooperation among governments, private sector, civil society and the United Nations and other international organizations, according to their different roles and responsibilities and leveraging on their expertise, is essential. 84. Governments and other stakeholders should identify those areas where further effort and resources are required, and jointly identify, and where appropriate develop, implementation strategies, mechanisms and processes for WSIS outcomes at international, regional, national and local levels, paying particular attention to people and groups that are still marginalized in their access to, and utilization of, ICTs.
  • Indeed, the ITU’s current vision of Internet policy-making is less one of distributed decision-making, and more one of ‘taking control.’ For example, in an interview conducted last June with ITU Secretary General Hamadoun Touré, Russian Prime Minister Vladimir Putin raised the suggestion that the union might take control of the Internet: “We are thankful to you for the ideas that you have proposed for discussion,” Putin told Touré in that conversation. “One of them is establishing international control over the Internet using the monitoring and supervisory capabilities of the International Telecommunication Union (ITU).” Perhaps of greater concern are views espoused by the ITU regarding the nature of the Internet. Yesterday, at the World Summit of Information Society Forum, Mr. Alexander Ntoko, head of the Corporate Strategy Division of the ITU, explained the proposals made during the preparatory process for the WCIT, outlining a broad set of topics that can seriously impact people's rights. The categories include "security," "interoperability" and "quality of services," and the possibility that ITU recommendations and regulations will be not only binding on the world’s nations, but enforced.
  • Rights to online expression are unlikely to fare much better than privacy under an ITU model. During last year’s IGF in Kenya, a voluntary code of conduct was issued to further restrict free expression online. A group of nations (including China, the Russian Federation, Tajikistan and Uzbekistan) released a Resolution for the UN General Assembly titled, “International Code of Conduct for Information Security.”  The Code seems to be designed to preserve and protect national powers in information and communication. In it, governments pledge to curb “the dissemination of information that incites terrorism, secessionism or extremism or that undermines other countries’ political, economic and social stability, as well as their spiritual and cultural environment.” This overly broad provision accords any state the right to censor or block international communications, for almost any reason.
  • EFF Joins Coalition Denouncing Secretive WCIT Planning Process June 2012 Congressional Witnesses Agree: Multistakeholder Processes Are Right for Internet Regulation June 2012 Widespread Participation Is Key in Internet Governance July 2012 Blogging ITU: Internet Users Will Be Ignored Again if Flawed ITU Proposals Gain Traction June 2012 Global Telecom Governance Debated at European Parliament Workshop
  • Paul Merrell on 25 Nov 12
Paul Merrell

Assange Keeps Warning Of AI Censorship, And It's Time We Started Listening - 0 views

medium.com/...started-listening-e05d371ef120

AI Internet-censorship Google Twitter Facebook

shared by Paul Merrell on 19 Jan 18 - No Cached
  • Where power is not overtly totalitarian, wealthy elites have bought up all media, first in print, then radio, then television, and used it to advance narratives that are favorable to their interests. Not until humanity gained widespread access to the internet has our species had the ability to freely and easily share ideas and information on a large scale without regulation by the iron-fisted grip of power. This newfound ability arguably had a direct impact on the election for the most powerful elected office in the most powerful government in the world in 2016, as a leak publishing outlet combined with alternative and social media enabled ordinary Americans to tell one another their own stories about what they thought was going on in their country.This newly democratized narrative-generating power of the masses gave those in power an immense fright, and they’ve been working to restore the old order of power controlling information ever since. And the editor-in-chief of the aforementioned leak publishing outlet, WikiLeaks, has been repeatedly trying to warn us about this coming development.
  • In a statement that was recently read during the “Organising Resistance to Internet Censorship” webinar, sponsored by the World Socialist Web Site, Assange warned of how “digital super states” like Facebook and Google have been working to “re-establish discourse control”, giving authority over how ideas and information are shared back to those in power.Assange went on to say that the manipulative attempts of world power structures to regain control of discourse in the information age has been “operating at a scale, speed, and increasingly at a subtlety, that appears likely to eclipse human counter-measures.”What this means is that using increasingly more advanced forms of artificial intelligence, power structures are becoming more and more capable of controlling the ideas and information that people are able to access and share with one another, hide information which goes against the interests of those power structures and elevate narratives which support those interests, all of course while maintaining the illusion of freedom and lively debate.
  • To be clear, this is already happening. Due to a recent shift in Google’s “evaluation methods”, traffic to left-leaning and anti-establishment websites has plummeted, with sites like WikiLeaks, Alternet, Counterpunch, Global Research, Consortium News, Truthout, and WSWS losing up to 70 percent of the views they were getting prior to the changes. Powerful billionaire oligarchs Pierre Omidyar and George Soros are openly financing the development of “an automated fact-checking system” (AI) to hide “fake news” from the public.
  • ...2 more annotations...
  • To make matters even worse, there’s no way to know the exact extent to which this is going on, because we know that we can absolutely count on the digital super states in question to lie about it. In the lead-up to the 2016 election, Twitter CEO Jack Dorsey was asked point-blank if Twitter was obstructing the #DNCLeaks from trending, a hashtag people were using to build awareness of the DNC emails which had just been published by WikiLeaks, and Dorsey flatly denied it. More than a year later, we learned from a prepared testimony before the Senate Subcommittee on Crime and Terrorism by Twitter’s acting general counsel Sean J. Edgett that this was completely false and Twitter had indeed been doing exactly that to protect the interests of US political structures by sheltering the public from information allegedly gathered by Russian hackers.
  • Imagine going back to a world like the Middle Ages where you only knew the things your king wanted you to know, except you could still watch innocuous kitten videos on Youtube. That appears to be where we may be headed, and if that happens the possibility of any populist movement arising to hold power to account may be effectively locked out from the realm of possibility forever.To claim that these powerful new media corporations are just private companies practicing their freedom to determine what happens on their property is to bury your head in the sand and ignore the extent to which these digital super states are already inextricably interwoven with existing power structures. In a corporatist system of government, which America unquestionably has, corporate censorship is government censorship, of an even more pernicious strain than if Jeff Sessions were touring the country burning books. The more advanced artificial intelligence becomes, the more adept these power structures will become at manipulating us. Time to start paying very close attention to this.
Gary Edwards

Readium at the London Book Fair 2014: Open Source for an Open Publishing Ecosystem: Rea... - 0 views

www.publishersweekly.com/...tem-readium-org-turns-one.html

Readium ePUB OpenWeb-Productivity-Platform HTML5

shared by Gary Edwards on 05 Apr 14 - No Cached
  • Gary Edwards on 05 Apr 14
     
    excerpt/intro: Last month marked the one-year anniversary of the formation of the Readium Foundation (Readium.org), an independent nonprofit launched in March 2013 with the objective of developing commercial-grade open source publishing technology software. The overall goal of Readium.org is to accelerate adoption of ePub 3, HTML5, and the Open Web Platform by the digital publishing industry to help realize the full potential of open-standards-based interoperability. More specifically, the aim is to raise the bar for ePub 3 support across the industry so that ePub maintains its position as the standard distribution format for e-books and expands its reach to include other types of digital publications. In its first year, the Readium consortium added 15 organizations to its membership, including Adobe, Google, IBM, Ingram, KERIS (S. Korea Education Ministry), and the New York Public Library. The membership now boasts publishers, retailers, distributors and technology companies from around the world, including organizations based in France, Germany, Norway, U.S., Canada, China, Korea, and Japan. In addition, in February 2014 the first Readium.org board was elected by the membership and the first three projects being developed by members and other contributors are all nearing "1.0" status. The first project, Readium SDK, is a rendering "engine" enabling native apps to support ePub 3. Readium SDK is available on four platforms-Android, iOS, OS/X, and Windows- and the first product incorporating Readium SDK (by ACCESS Japan) was announced last October. Readium SDK is designed to be DRM-agnostic, and vendors Adobe and Sony have publicized plans to integrate their respective DRM solutions with Readium SDK. A second effort, Readium JS, is a pure JavaScript ePub 3 implementation, with configurations now available for cloud based deployment of ePub files, as well as Readium for Chrome, the successor to the original Readium Chrome extension developed by IDPF as the
  • Gary Edwards on 05 Apr 14
     
    excerpt/intro: Last month marked the one-year anniversary of the formation of the Readium Foundation (Readium.org), an independent nonprofit launched in March 2013 with the objective of developing commercial-grade open source publishing technology software. The overall goal of Readium.org is to accelerate adoption of ePub 3, HTML5, and the Open Web Platform by the digital publishing industry to help realize the full potential of open-standards-based interoperability. More specifically, the aim is to raise the bar for ePub 3 support across the industry so that ePub maintains its position as the standard distribution format for e-books and expands its reach to include other types of digital publications. In its first year, the Readium consortium added 15 organizations to its membership, including Adobe, Google, IBM, Ingram, KERIS (S. Korea Education Ministry), and the New York Public Library. The membership now boasts publishers, retailers, distributors and technology companies from around the world, including organizations based in France, Germany, Norway, U.S., Canada, China, Korea, and Japan. In addition, in February 2014 the first Readium.org board was elected by the membership and the first three projects being developed by members and other contributors are all nearing "1.0" status. The first project, Readium SDK, is a rendering "engine" enabling native apps to support ePub 3. Readium SDK is available on four platforms-Android, iOS, OS/X, and Windows- and the first product incorporating Readium SDK (by ACCESS Japan) was announced last October. Readium SDK is designed to be DRM-agnostic, and vendors Adobe and Sony have publicized plans to integrate their respective DRM solutions with Readium SDK. A second effort, Readium JS, is a pure JavaScript ePub 3 implementation, with configurations now available for cloud based deployment of ePub files, as well as Readium for Chrome, the successor to the original Readium Chrome extension developed by IDPF as the
Gary Edwards

Out in the Open: Hackers Build a Skype That's Not Controlled by Microsoft | Enterprise ... - 0 views

www.wired.com/tox

tox skype

shared by Gary Edwards on 04 Sep 14 - No Cached
  • The main thing the Tox team is trying to do, besides provide encryption, is create a tool that requires no central servers whatsoever—not even ones that you would host yourself. It relies on the same technology that BitTorrent uses to provide direct connections between users, so there’s no central hub to snoop on or take down.
  • Tox is trying to roll both peer-to-peer and voice calling into one.
  • Actually, it’s going a bit further than that. Tox is actually just a protocol for encrypted peer-to-peer data transmission.
  • ...2 more annotations...
  • Tox is just a tunnel to another node that’s encrypted and secure,” says David Lohle, a spokesperson for the project. “What you want to send over that pipe is up to your imagination.”
  • For example, one developer is building an e-mail replacement with the protocol, and Lohle says someone else is building an open source alternative to BitTorrent Sync.
  • Gary Edwards on 04 Sep 14
     
    "The web forum 4chan is known mostly as a place to share juvenile and, to put it mildly, politically incorrect images. But it's also the birthplace of one of the latest attempts to subvert the NSA's mass surveillance program. When whistleblower Edward Snowden revealed that full extent of the NSA's activities last year, members of the site's tech forum started talking about the need for a more secure alternative to Skype. Soon, they'd opened a chat room to discuss the project and created an account on the code hosting and collaboration site GitHub and began uploading code. Eventually, they settled on the name Tox, and you can already download prototypes of the surprisingly easy-to-use tool. The tool is part of a widespread effort to create secure online communication tools that are controlled not only by any one company, but by the world at large-a continued reaction to the Snowden revelations. This includes everything from instant messaging tools to email services. It's too early to count on Tox to protect you from eavesdroppers and spies. Like so many other new tools, it's still in the early stages of development and has yet to receive the scrutiny that other security tools, such as the instant messaging encryption plugin Off The Record has. But it endeavors to carve a unique niche within the secure communications ecosystem."
Paul Merrell

US pushing local cops to stay mum on surveillance - Yahoo News - 0 views

news.yahoo.com/;_ylt=AwrBJR4e65lTwmEAb7zQtDMD

surveillance state location-data public-records-acts litigation stingrays

shared by Paul Merrell on 13 Jun 14 - No Cached
  • WASHINGTON (AP) -- The Obama administration has been quietly advising local police not to disclose details about surveillance technology they are using to sweep up basic cellphone data from entire neighborhoods, The Associated Press has learned. Citing security reasons, the U.S. has intervened in routine state public records cases and criminal trials regarding use of the technology. This has resulted in police departments withholding materials or heavily censoring documents in rare instances when they disclose any about the purchase and use of such powerful surveillance equipment. Federal involvement in local open records proceedings is unusual. It comes at a time when President Barack Obama has said he welcomes a debate on government surveillance and called for more transparency about spying in the wake of disclosures about classified federal surveillance programs.
  • One well-known type of this surveillance equipment is known as a Stingray, an innovative way for law enforcement to track cellphones used by suspects and gather evidence. The equipment tricks cellphones into identifying some of their owners' account information, like a unique subscriber number, and transmitting data to police as if it were a phone company's tower. That allows police to obtain cellphone information without having to ask for help from service providers, such as Verizon or AT&T, and can locate a phone without the user even making a call or sending a text message. But without more details about how the technology works and under what circumstances it's used, it's unclear whether the technology might violate a person's constitutional rights or whether it's a good investment of taxpayer dollars. Interviews, court records and public-records requests show the Obama administration is asking agencies to withhold common information about the equipment, such as how the technology is used and how to turn it on. That pushback has come in the form of FBI affidavits and consultation in local criminal cases.
  • "These extreme secrecy efforts are in relation to very controversial, local government surveillance practices using highly invasive technology," said Nathan Freed Wessler, a staff attorney with the American Civil Liberties Union, which has fought for the release of these types of records. "If public participation means anything, people should have the facts about what the government is doing to them." Harris Corp., a key manufacturer of this equipment, built a secrecy element into its authorization agreement with the Federal Communications Commission in 2011. That authorization has an unusual requirement: that local law enforcement "coordinate with the FBI the acquisition and use of the equipment." Companies like Harris need FCC authorization in order to sell wireless equipment that could interfere with radio frequencies. A spokesman from Harris Corp. said the company will not discuss its products for the Defense Department and law enforcement agencies, although public filings showed government sales of communications systems such as the Stingray accounted for nearly one-third of its $5 billion in revenue. "As a government contractor, our solutions are regulated and their use is restricted," spokesman Jim Burke said.
  • ...4 more annotations...
  • Local police agencies have been denying access to records about this surveillance equipment under state public records laws. Agencies in San Diego, Chicago and Oakland County, Michigan, for instance, declined to tell the AP what devices they purchased, how much they cost and with whom they shared information. San Diego police released a heavily censored purchasing document. Oakland officials said police-secrecy exemptions and attorney-client privilege keep their hands tied. It was unclear whether the Obama administration interfered in the AP requests. "It's troubling to think the FBI can just trump the state's open records law," said Ginger McCall, director of the open government project at the Electronic Privacy Information Center. McCall suspects the surveillance would not pass constitutional muster. "The vast amount of information it sweeps in is totally irrelevant to the investigation," she said.
  • A court case challenging the public release of information from the Tucson Police Department includes an affidavit from an FBI special agent, Bradley Morrison, who said the disclosure would "result in the FBI's inability to protect the public from terrorism and other criminal activity because through public disclosures, this technology has been rendered essentially useless for future investigations." Morrison said revealing any information about the technology would violate a federal homeland security law about information-sharing and arms-control laws — legal arguments that that outside lawyers and transparency experts said are specious and don't comport with court cases on the U.S. Freedom of Information Act. The FBI did not answer questions about its role in states' open records proceedings.
  • But a former Justice Department official said the federal government should be making this argument in federal court, not a state level where different public records laws apply. "The federal government appears to be attempting to assert a federal interest in the information being sought, but it's going about it the wrong way," said Dan Metcalfe, the former director of the Justice Department's office of information and privacy. Currently Metcalfe is the executive director of American University's law school Collaboration on Government Secrecy project. A criminal case in Tallahassee cites the same homeland security laws in Morrison's affidavit, court records show, and prosecutors told the court they consulted with the FBI to keep portions of a transcript sealed. That transcript, released earlier this month, revealed that Stingrays "force" cellphones to register their location and identifying information with the police device and enables officers to track calls whenever the phone is on.
  • One law enforcement official familiar with the Tucson lawsuit, who spoke on condition of anonymity because the official was not authorized to speak about internal discussions, said federal lawyers told Tucson police they couldn't hand over a PowerPoint presentation made by local officers about how to operate the Stingray device. Federal officials forwarded Morrison's affidavit for use in the Tucson police department's reply to the lawsuit, rather than requesting the case be moved to federal court. In Sarasota, Florida, the U.S. Marshals Service confiscated local records on the use of the surveillance equipment, removing the documents from the reach of Florida's expansive open-records law after the ACLU asked under Florida law to see the documents. The ACLU has asked a judge to intervene. The Marshals Service said it deputized the officer as a federal agent and therefore the records weren't accessible under Florida law.
  • Paul Merrell on 13 Jun 14
     
    The Florida case is particularly interesting because Florida is within the jurisdiction of the U.S. Eleventh Circuit Court of Appeals, which has just ruled that law enforcement must obtain a search warrant from a court before using equipment to determine a cell phone's location.  
Paul Merrell

Vodafone reveals existence of secret wires that allow state surveillance | Business | T... - 0 views

www.theguardian.com/...es-allowing-state-surveillance

surveillance state non-U.S.-spy-agencies Vodafone

shared by Paul Merrell on 07 Jun 14 - No Cached
  • Vodafone, one of the world's largest mobile phone groups, has revealed the existence of secret wires that allow government agencies to listen to all conversations on its networks, saying they are widely used in some of the 29 countries in which it operates in Europe and beyond.The company has broken its silence on government surveillance in order to push back against the increasingly widespread use of phone and broadband networks to spy on citizens, and will publish its first Law Enforcement Disclosure Report on Friday. At 40,000 words, it is the most comprehensive survey yet of how governments monitor the conversations and whereabouts of their people.The company said wires had been connected directly to its network and those of other telecoms groups, allowing agencies to listen to or record live conversations and, in certain cases, track the whereabouts of a customer. Privacy campaigners said the revelations were a "nightmare scenario" that confirmed their worst fears on the extent of snooping.
  • Vodafone's group privacy officer, Stephen Deadman, said: "These pipes exist, the direct access model exists."We are making a call to end direct access as a means of government agencies obtaining people's communication data. Without an official warrant, there is no external visibility. If we receive a demand we can push back against the agency. The fact that a government has to issue a piece of paper is an important constraint on how powers are used."Vodafone is calling for all direct-access pipes to be disconnected, and for the laws that make them legal to be amended. It says governments should "discourage agencies and authorities from seeking direct access to an operator's communications infrastructure without a lawful mandate".
  • In America, Verizon and AT&T have published data, but only on their domestic operations. Deutsche Telekom in Germany and Telstra in Australia have also broken ground at home. Vodafone is the first to produce a global survey.
  • ...2 more annotations...
  • Peter Micek, policy counsel at the campaign group Access, said: "In a sector that has historically been quiet about how it facilitates government access to user data, Vodafone has for the first time shone a bright light on the challenges of a global telecom giant, giving users a greater understanding of the demands governments make of telcos. Vodafone's report also highlights how few governments issue any transparency reports, with little to no information about the number of wiretaps, cell site tower dumps, and other invasive surveillance practices."
  • Snowden, the National Security Agency whistleblower, joined Google, Reddit, Mozilla and other tech firms and privacy groups on Thursday to call for a strengthening of privacy rights online in a "Reset the net" campaign.Twelve months after revelations about the scale of the US government's surveillance programs were first published in the Guardian and the Washington Post, Snowden said: "One year ago, we learned that the internet is under surveillance, and our activities are being monitored to create permanent records of our private lives – no matter how innocent or ordinary those lives might be. Today, we can begin the work of effectively shutting down the collection of our online communications, even if the US Congress fails to do the same."
  • Paul Merrell on 07 Jun 14
     
    The Vodafone disclosures will undoubtedly have a very large ripple effect. Note carefully that this is the first major telephone service in the world to break ranks with the others and come out swinging at secret government voyeur agencies. Will others follow. If you follow the links to the Vodafone report, you'll find a very handy big PDF providing an overview of the relevant laws in each of the customer nations. There's a cute Guardian table that shows the aggregate number of warrants for interception of content via Vodafone for each of those nations, broken down by content type. That table has white-on-black cells noting where disclosure of those types of surveillance statistics are prohibited by law. So it is far from a complete picture, but it's a heck of a good start.  But several of those customer nations are members of the E.U., where digital privacy rights are enshrined as human rights under an EU-wide treaty. So expect some heat to roll downhill on those nations from the European treaty organizations, particularly the European Court of Human Rights, staffed with civil libertarian judges, from which there is no appeal.     
Paul Merrell

The All Writs Act, Software Licenses, and Why Judges Should Ask More Questions | Just S... - 0 views

www.justsecurity.org/...ware-licenses-judges-questions

surveillance state iPhone EULA warrant encryption-bypass

shared by Paul Merrell on 02 Nov 15 - No Cached
  • Pending before federal magistrate judge James Orenstein is the government’s request for an order obligating Apple, Inc. to unlock an iPhone and thereby assist prosecutors in decrypting data the government has seized and is authorized to search pursuant to a warrant. In an order questioning the government’s purported legal basis for this request, the All Writs Act of 1789 (AWA), Judge Orenstein asked Apple for a brief informing the court whether the request would be technically feasible and/or burdensome. After Apple filed, the court asked it to file a brief discussing whether the government had legal grounds under the AWA to compel Apple’s assistance. Apple filed that brief and the government filed a reply brief last week in the lead-up to a hearing this morning.
  • We’ve long been concerned about whether end users own software under the law. Software owners have rights of adaptation and first sale enshrined in copyright law. But software publishers have claimed that end users are merely licensees, and our rights under copyright law can be waived by mass-market end user license agreements, or EULAs. Over the years, Granick has argued that users should retain their rights even if mass-market licenses purport to take them away. The government’s brief takes advantage of Apple’s EULA for iOS to argue that Apple, the software publisher, is responsible for iPhones around the world. Apple’s EULA states that when you buy an iPhone, you’re not buying the iOS software it runs, you’re just licensing it from Apple. The government argues that having designed a passcode feature into a copy of software which it owns and licenses rather than sells, Apple can be compelled under the All Writs Act to bypass the passcode on a defendant’s iPhone pursuant to a search warrant and thereby access the software owned by Apple. Apple’s supplemental brief argues that in defining its users’ contractual rights vis-à-vis Apple with regard to Apple’s intellectual property, Apple in no way waived its own due process rights vis-à-vis the government with regard to users’ devices. Apple’s brief compares this argument to forcing a car manufacturer to “provide law enforcement with access to the vehicle or to alter its functionality at the government’s request” merely because the car contains licensed software. 
  • This is an interesting twist on the decades-long EULA versus users’ rights fight. As far as we know, this is the first time that the government has piggybacked on EULAs to try to compel software companies to provide assistance to law enforcement. Under the government’s interpretation of the All Writs Act, anyone who makes software could be dragooned into assisting the government in investigating users of the software. If the court adopts this view, it would give investigators immense power. The quotidian aspects of our lives increasingly involve software (from our cars to our TVs to our health to our home appliances), and most of that software is arguably licensed, not bought. Conscripting software makers to collect information on us would afford the government access to the most intimate information about us, on the strength of some words in some license agreements that people never read. (And no wonder: The iPhone’s EULA came to over 300 pages when the government filed it as an exhibit to its brief.)
  • ...1 more annotation...
  • The government’s brief does not acknowledge the sweeping implications of its arguments. It tries to portray its requested unlocking order as narrow and modest, because it “would not require Apple to make any changes to its software or hardware, … [or] to introduce any new ability to access data on its phones. It would simply require Apple to use its existing capability to bypass the passcode on a passcode-locked iOS 7 phone[.]” But that undersells the implications of the legal argument the government is making: that anything a company already can do, it could be compelled to do under the All Writs Act in order to assist law enforcement. Were that the law, the blow to users’ trust in their encrypted devices, services, and products would be little different than if Apple and other companies were legally required to design backdoors into their encryption mechanisms (an idea the government just can’t seem to drop, its assurances in this brief notwithstanding). Entities around the world won’t buy security software if its makers cannot be trusted not to hand over their users’ secrets to the US government. That’s what makes the encryption in iOS 8 and later versions, which Apple has told the court it “would not have the technical ability” to bypass, so powerful — and so despised by the government: Because no matter how broadly the All Writs Act extends, no court can compel Apple to do the impossible.
Paul Merrell

Activists send the Senate 6 million faxes to oppose cyber bill - CBS News - 0 views

www.cbsnews.com/...ion-faxes-to-oppose-cyber-bill

surveillance state CISA legislation faxes Obama

shared by Paul Merrell on 06 Aug 15 - No Cached
  • Activists worried about online privacy are sending Congress a message with some old-school technology: They're sending faxes -- more than 6.2 million, they claim -- to express opposition to the Cybersecurity Information Sharing Act (CISA).Why faxes? "Congress is stuck in 1984 and doesn't understand modern technology," according to the campaign Fax Big Brother. The week-long campaign was organized by the nonpartisan Electronic Frontier Foundation, the group Access and Fight for the Future, the activist group behind the major Internet protests that helped derail a pair of anti-piracy bills in 2012. It also has the backing of a dozen groups like the ACLU, the American Library Association, National Association of Criminal Defense Lawyers and others.
  • CISA aims to facilitate information sharing regarding cyberthreats between the government and the private sector. The bill gained more attention following the massive hack in which the records of nearly 22 million people were stolen from government computers."The ability to easily and quickly share cyber attack information, along with ways to counter attacks, is a key method to stop them from happening in the first place," Sen. Dianne Feinstein, D-California, who helped introduce CISA, said in a statement after the hack. Senate leadership had planned to vote on CISA this week before leaving for its August recess. However, the bill may be sidelined for the time being as the Republican-led Senate puts precedent on a legislative effort to defund Planned Parenthood.Even as the bill was put on the backburner, the grassroots campaign to stop it gained steam. Fight for the Future started sending faxes to all 100 Senate offices on Monday, but the campaign really took off after it garnered attention on the website Reddit and on social media. The faxed messages are generated by Internet users who visit faxbigbrother.com or stopcyberspying.com -- or who simply send a message via Twitter with the hashtag #faxbigbrother. To send all those faxes, Fight for the Future set up a dedicated server and a dozen phone lines and modems they say are capable of sending tens of thousands of faxes a day.
  • Fight for the Future told CBS News that it has so many faxes queued up at this point, that it may take months for Senate offices to receive them all, though the group is working on scaling up its capability to send them faster. They're also limited by the speed at which Senate offices can receive them.
  • Paul Merrell on 06 Aug 15
     
    From an Fight For the Future mailing: "Here's the deal: yesterday the Senate delayed its expected vote on CISA, the Cybersecurity Information Sharing Act that would let companies share your private information--like emails and medical records--with the government. "The delay is good news; but it's a delay, not a victory. "We just bought some precious extra time to fight CISA, but we need to use it to go big like we did with SOPA or this bill will still pass. Even if we stop it in September, they'll try again after that. "The truth is that right now, things are looking pretty grim. Democrats and Republicans have been holding closed-door meetings to work out a deal to pass CISA quickly when they return from recess. "Right before the expected Senate vote on CISA, the Obama Administration endorsed the bill, which means if Congress passes it, the White House will definitely sign it.  "We've stalled and delayed CISA and bills like it nearly half a dozen times, but this month could be our last chance to stop it for good." See also http://tumblr.fightforthefuture.org/post/125953876003/senate-fails-to-advance-cisa-before-recess-amid (;) http://www.cbsnews.com/news/activists-send-the-senate-6-million-faxes-to-oppose-cyber-bill/ (;) http://www.npr.org/2015/08/04/429386027/privacy-advocates-to-senate-cyber-security-bill (.)
Gary Edwards

Box extends its enterprise playbook, but users are still at the center | CITEworld - 0 views

www.citeworld.com/...boxworks2014.html

wordSDK Office-365

shared by Gary Edwards on 03 Sep 14 - No Cached
  • The 47,000 developers making almost two billion API calls to the Box platform per month are a good start, Levie says, but Box needs to go further and do more to customize its platform to help push this user-centric, everything-everywhere-always model at larger and larger enterprises. 
  • Box for Industries is comprised of three parts: A Box-tailored core service offering, a selection of partner apps, and the implementation services to combine the two of those into something that ideally can be used by any enterprise in any vertical. 
  • Box is announcing solutions for three specific industries: Retail, healthcare, and media/entertainment. For retail, that includes vendor collaboration (helping vendors work with manufacturers and distributors), digital asset management, and retail store enablement.
  • ...6 more annotations...
  • Ted Blosser, senior vice president of Box Platform, also took the stage to show off how managing digital assets benefit from a just-announced metadata template capability that lets you pre-define custom fields so a store's back-office can flag, say, a new jacket as "blue" or "red." Those metadata tags can be pushed to a custom app running on a retail associate's iPad, so you can sort by color, line, or inventory level. Metadata plus Box Workflows equals a powerful content platform for retail that keeps people in sync with their content across geographies and devices, or so the company is hoping. 
  • It's the same collaboration model that cloud storage vendors have been pushing, but customized for very specific verticals, which is exactly the sales pitch that Box wants you to come away with. And developers must be cheering -- Box is going to help them sell their apps to previously inaccessible markets. 
  • More on the standard enterprise side, the so-named Box + Office 365 (previewed a few months back) currently only supports the Windows desktop versions of the productivity suite, but Levie promises web and Mac integrations are on the way. It's pretty basic, but potentially handy for the enterprises that Box supports.
  • The crux of the Office 365 announcement is that people expect that their data will follow them from device to device and from app to app. If people want their Box files and storage in Jive, Box needs to support Jive. And if enterprises are using Microsoft Office 365 to work with their documents -- and they are -- then Box needs to support that too. It's easier than it used to be, Levie says, thanks to Satya Nadella's push for a more open Microsoft. 
  • "We are quite confident that this is the kind of future they're building towards," Levie says -- but just in case, he urged BoxWorks attendees to tweet at Nadella and encourage him to help Box speed development along. 
  • Box SVP of Enterprise Annie Pearl came on stage to discuss how Box Workflow can be used to improve the ways people work with their content in the real world of business. It's worth noting that Box had a workflow tool previously, but it was relatively primitive and seems to have only existed to tick the box -- it didn't really go beyond assigning tasks and soliciting approvals.
  • Gary Edwards on 03 Sep 14
     
    This will be very interesting. Looks like Box is betting their future on the success of integrating Microsoft Office 365 into the Box Productivity Cloud Service. Which competes directly with the Microsoft Office 365 - OneDrive Cloud Productivity Platform. Honestly, I don't see how this can ever work out for Box. Microsoft has them ripe for the plucking. And they have pulled it off on the eve of Box's expected IPO. "Box CEO Aaron Levie may not be able to talk about the cloud storage and collaboration company's forthcoming IPO, but he still took the stage at the company's biggest BoxWorks conference yet, with 5,000 attendees. Featured Resource Presented by Citrix Systems 10 essential elements for a secure enterprise mobility strategy Best practices for protecting sensitive business information while making people productive from LEARN MORE Levie discussed the future of the business and make some announcements -- including the beta of a Box integration with the Windows version of Microsoft Office 365; the introduction of Box Workflow, a tool coming in 2015 for creating repeatable workflows on the platform; and the unveiling of Box for Industries, an initiative to tailor Box solutions for specific industry use-cases. And if that wasn't enough, Box also announced a partnership with service firm Accenture to push the platform in large enterprises. The unifying factor for the announcements made at BoxWorks, Levie said, is that users expect their data to follow them everywhere, at home and at work. That means that Box has to think about enterprise from the user outwards, putting them at the center of the appified universe -- in effect, building an ecosystem of tools that support the things employees already use."
Paul Merrell

Canada Casts Global Surveillance Dragnet Over File Downloads - The Intercept - 0 views

firstlook.org/...e-levitation-mass-surveillance

surveillance state Canada CSE NSA-targets downloads

shared by Paul Merrell on 29 Jan 15 - No Cached
  • Canada’s leading surveillance agency is monitoring millions of Internet users’ file downloads in a dragnet search to identify extremists, according to top-secret documents. The covert operation, revealed Wednesday by CBC News in collaboration with The Intercept, taps into Internet cables and analyzes records of up to 15 million downloads daily from popular websites commonly used to share videos, photographs, music, and other files. The revelations about the spying initiative, codenamed LEVITATION, are the first from the trove of files provided by National Security Agency whistleblower Edward Snowden to show that the Canadian government has launched its own globe-spanning Internet mass surveillance system. According to the documents, the LEVITATION program can monitor downloads in several countries across Europe, the Middle East, North Africa, and North America. It is led by the Communications Security Establishment, or CSE, Canada’s equivalent of the NSA. (The Canadian agency was formerly known as “CSEC” until a recent name change.)
  • The latest disclosure sheds light on Canada’s broad existing surveillance capabilities at a time when the country’s government is pushing for a further expansion of security powers following attacks in Ottawa and Quebec last year. Ron Deibert, director of University of Toronto-based Internet security think tank Citizen Lab, said LEVITATION illustrates the “giant X-ray machine over all our digital lives.” “Every single thing that you do – in this case uploading/downloading files to these sites – that act is being archived, collected and analyzed,” Deibert said, after reviewing documents about the online spying operation for CBC News. David Christopher, a spokesman for Vancouver-based open Internet advocacy group OpenMedia.ca, said the surveillance showed “robust action” was needed to rein in the Canadian agency’s operations.
  • In a top-secret PowerPoint presentation, dated from mid-2012, an analyst from the agency jokes about how, while hunting for extremists, the LEVITATION system gets clogged with information on innocuous downloads of the musical TV series Glee. CSE finds some 350 “interesting” downloads each month, the presentation notes, a number that amounts to less than 0.0001 per cent of the total collected data. The agency stores details about downloads and uploads to and from 102 different popular file-sharing websites, according to the 2012 document, which describes the collected records as “free file upload,” or FFU, “events.” Only three of the websites are named: RapidShare, SendSpace, and the now defunct MegaUpload.
  • ...3 more annotations...
  • “The specific uses that they talk about in this [counter-terrorism] context may not be the problem, but it’s what else they can do,” said Tamir Israel, a lawyer with the University of Ottawa’s Canadian Internet Policy and Public Interest Clinic. Picking which downloads to monitor is essentially “completely at the discretion of CSE,” Israel added. The file-sharing surveillance also raises questions about the number of Canadians whose downloading habits could have been swept up as part of LEVITATION’s dragnet. By law, CSE isn’t allowed to target Canadians. In the LEVITATION presentation, however, two Canadian IP addresses that trace back to a web server in Montreal appear on a list of suspicious downloads found across the world. The same list includes downloads that CSE monitored in closely allied countries, including the United Kingdom, United States, Spain, Brazil, Germany and Portugal. It is unclear from the document whether LEVITATION has ever prevented any terrorist attacks. The agency cites only two successes of the program in the 2012 presentation: the discovery of a hostage video through a previously unknown target, and an uploaded document that contained the hostage strategy of a terrorist organization. The hostage in the discovered video was ultimately killed, according to public reports.
  • LEVITATION does not rely on cooperation from any of the file-sharing companies. A separate secret CSE operation codenamed ATOMIC BANJO obtains the data directly from internet cables that it has tapped into, and the agency then sifts out the unique IP address of each computer that downloaded files from the targeted websites. The IP addresses are valuable pieces of information to CSE’s analysts, helping to identify people whose downloads have been flagged as suspicious. The analysts use the IP addresses as a kind of search term, entering them into other surveillance databases that they have access to, such as the vast repositories of intercepted Internet data shared with the Canadian agency by the NSA and its British counterpart Government Communications Headquarters. If successful, the searches will return a list of results showing other websites visited by the people downloading the files – in some cases revealing associations with Facebook or Google accounts. In turn, these accounts may reveal the names and the locations of individual downloaders, opening the door for further surveillance of their activities.
  • Canada’s leading surveillance agency is monitoring millions of Internet users’ file downloads in a dragnet search to identify extremists, according to top-secret documents. The covert operation, revealed Wednesday by CBC News in collaboration with The Intercept, taps into Internet cables and analyzes records of up to 15 million downloads daily from popular websites commonly used to share videos, photographs, music, and other files. The revelations about the spying initiative, codenamed LEVITATION, are the first from the trove of files provided by National Security Agency whistleblower Edward Snowden to show that the Canadian government has launched its own globe-spanning Internet mass surveillance system. According to the documents, the LEVITATION program can monitor downloads in several countries across Europe, the Middle East, North Africa, and North America. It is led by the Communications Security Establishment, or CSE, Canada’s equivalent of the NSA. (The Canadian agency was formerly known as “CSEC” until a recent name change.)
Paul Merrell

Senate majority whip: Cyber bill will have to wait until fall | TheHill - 0 views

thehill.com/...l-will-have-to-wait-until-fall

surveillance state CISA legislation digital-privacy

shared by Paul Merrell on 30 Jul 15 - No Cached
  • Senate Majority Whip John Cornyn (R-Texas) on Tuesday said the upper chamber is unlikely to move on a stalled cybersecurity bill before the August recess.Senate Republican leaders, including Cornyn, had been angling to get the bill — known as the Cybersecurity Information Sharing Act (CISA) — to the floor this month.ADVERTISEMENTBut Cornyn said that there is simply too much of a time crunch in the remaining legislative days to get to the measure, intended to boost the public-private exchange of data on hackers.  “I’m sad to say I don’t think that’s going to happen,” he told reporters off the Senate floor. “The timing of this is unfortunate.”“I think we’re just running out time,” he added.An aide for Senate Majority Leader Mitch McConnell (R-Ky.) said he had not committed to a specific schedule after the upper chamber wraps up work in the coming days on a highway funding bill.Cornyn said Senate leadership will look to move on the bill sometime after the legislature returns in September from its month-long break.
  • The move would delay yet again what’s expected to be a bruising floor fight about government surveillance and digital privacy rights.“[CISA] needs a lot of work,” Sen. Patrick Leahy (D-Vt.), who currently opposes the bill, told The Hill on Tuesday. “And when it comes up, there’s going to have to be a lot of amendments otherwise it won’t pass.”Despite industry support, broad bipartisan backing, and potentially even White House support, CISA has been mired in the Senate for months over privacy concerns.Civil liberties advocates worry the bill would create another venue for the government’s intelligence wing to collect sensitive data on Americans only months after Congress voted to rein in surveillance powers.But industry groups and many lawmakers insist a bolstered data exchange is necessary to better understand and counter the growing cyber threat. Inaction will leave government and commercial networks exposed to increasingly dangerous hackers, they say.Sen. Ron Wyden (D-Ore.), who has been leading the chorus opposing the bill, rejoiced Tuesday after hearing of the likely delay.
  • “I really want to commend the advocates for the tremendous grassroots effort to highlight the fact that this bill was badly flawed from a privacy standpoint,” he told The Hill.Digital rights and privacy groups are blanketing senators’ offices this week with faxes and letters in an attempt to raise awareness of bill’s flaws.“Our side has picked up an enormous amount of support,” Wyden said.Wyden was the only senator to vote against CISA in the Senate Intelligence Committee. The panel approved the measure in March by a 14-1 vote and it looked like CISA was barrelling toward the Senate floor.After the House easily passed its companion pieces of legislation, CISA’s odds only seemed better.But the measure got tied up in the vicious debate over the National Security Agency's (NSA) spying powers that played out throughout April and May.“It’s like a number of these issues, in the committee the vote was 14-1, everyone says, ‘oh, Ron Wyden opposes another bipartisan bill,’” Wyden said Tuesday. “And I said, ‘People are going to see that this is a badly flawed bill.’”
  • ...2 more annotations...
  • CISA backers hoped that the ultimate vote to curb the NSA’s surveillance authority might quell some of the privacy fears surrounding CISA, clearing a path to passage. But numerous budget debates and the Iranian nuclear deal have chewed up much of the Senate’s floor time throughout June and July.  Following the devastating hacks at the Office of Personnel Management (OPM), Senate Republican leaders tried to jump CISA in the congressional queue by offering its language as an amendment to a defense authorization bill.Democrats — including the bill’s original co-sponsor Sen. Dianne Feinstein (D-Calif.) — revolted, angry they could not offer amendments to CISA’s language before it was attached to the defense bill.Cornyn on Tuesday chastised Democrats for stalling a bill that many of them favor.“As you know, Senate Democrats blocked that before on the defense authorization bill,” Cornyn said. “So we had an opportunity to do it then.”Now it’s unclear when the Senate will have another opportunity.When it does, however, CISA could have the votes to get through.
  • There will be vocal opposition from senators like Wyden and Leahy, and potentially from anti-surveillance advocates like Sens. Rand Paul (R-Ky.), Mike Lee (R-Utah) and Dean Heller (R-Nev.).But finding 40 votes to block the bill completely will be a difficult task.Wyden said he wouldn’t “get into speculation” about whether he could gather the support to stop CISA altogether.“I’m pleased about the progress that we’ve made,” he said.
  • Paul Merrell on 30 Jul 15
     
    NSA and crew decide to delay and try later with CISA. The Internet strikes back again.
Paul Merrell

UN Report Finds Mass Surveillance Violates International Treaties and Privacy Rights - ... - 0 views

firstlook.org/...ort-condemns-mass-surveillance

surveillance state UN-report digital-privacy

shared by Paul Merrell on 16 Oct 14 - No Cached
  • The United Nations’ top official for counter-terrorism and human rights (known as the “Special Rapporteur”) issued a formal report to the U.N. General Assembly today that condemns mass electronic surveillance as a clear violation of core privacy rights guaranteed by multiple treaties and conventions. “The hard truth is that the use of mass surveillance technology effectively does away with the right to privacy of communications on the Internet altogether,” the report concluded. Central to the Rapporteur’s findings is the distinction between “targeted surveillance” — which “depend[s] upon the existence of prior suspicion of the targeted individual or organization” — and “mass surveillance,” whereby “states with high levels of Internet penetration can [] gain access to the telephone and e-mail content of an effectively unlimited number of users and maintain an overview of Internet activity associated with particular websites.” In a system of “mass surveillance,” the report explained, “all of this is possible without any prior suspicion related to a specific individual or organization. The communications of literally every Internet user are potentially open for inspection by intelligence and law enforcement agencies in the States concerned.”
  • Mass surveillance thus “amounts to a systematic interference with the right to respect for the privacy of communications,” it declared. As a result, “it is incompatible with existing concepts of privacy for States to collect all communications or metadata all the time indiscriminately.” In concluding that mass surveillance impinges core privacy rights, the report was primarily focused on the International Covenant on Civil and Political Rights, a treaty enacted by the General Assembly in 1966, to which all of the members of the “Five Eyes” alliance are signatories. The U.S. ratified the treaty in 1992, albeit with various reservations that allowed for the continuation of the death penalty and which rendered its domestic law supreme. With the exception of the U.S.’s Persian Gulf allies (Saudi Arabia, UAE and Qatar), virtually every major country has signed the treaty. Article 17 of the Covenant guarantees the right of privacy, the defining protection of which, the report explained, is “that individuals have the right to share information and ideas with one another without interference by the State, secure in the knowledge that their communication will reach and be read by the intended recipients alone.”
  • The report’s key conclusion is that this core right is impinged by mass surveillance programs: “Bulk access technology is indiscriminately corrosive of online privacy and impinges on the very essence of the right guaranteed by article 17. In the absence of a formal derogation from States’ obligations under the Covenant, these programs pose a direct and ongoing challenge to an established norm of international law.” The report recognized that protecting citizens from terrorism attacks is a vital duty of every state, and that the right of privacy is not absolute, as it can be compromised when doing so is “necessary” to serve “compelling” purposes. It noted: “There may be a compelling counter-terrorism justification for the radical re-evaluation of Internet privacy rights that these practices necessitate. ” But the report was adamant that no such justifications have ever been demonstrated by any member state using mass surveillance: “The States engaging in mass surveillance have so far failed to provide a detailed and evidence-based public justification for its necessity, and almost no States have enacted explicit domestic legislation to authorize its use.”
  • ...5 more annotations...
  • Instead, explained the Rapporteur, states have relied on vague claims whose validity cannot be assessed because of the secrecy behind which these programs are hidden: “The arguments in favor of a complete abrogation of the right to privacy on the Internet have not been made publicly by the States concerned or subjected to informed scrutiny and debate.” About the ongoing secrecy surrounding the programs, the report explained that “states deploying this technology retain a monopoly of information about its impact,” which is “a form of conceptual censorship … that precludes informed debate.” A June report from the High Commissioner for Human Rights similarly noted “the disturbing lack of governmental transparency associated with surveillance policies, laws and practices, which hinders any effort to assess their coherence with international human rights law and to ensure accountability.” The rejection of the “terrorism” justification for mass surveillance as devoid of evidence echoes virtually every other formal investigation into these programs. A federal judge last December found that the U.S. Government was unable to “cite a single case in which analysis of the NSA’s bulk metadata collection actually stopped an imminent terrorist attack.” Later that month, President Obama’s own Review Group on Intelligence and Communications Technologies concluded that mass surveillance “was not essential to preventing attacks” and information used to detect plots “could readily have been obtained in a timely manner using conventional [court] orders.”
  • Three Democratic Senators on the Senate Intelligence Committee wrote in The New York Times that “the usefulness of the bulk collection program has been greatly exaggerated” and “we have yet to see any proof that it provides real, unique value in protecting national security.” A study by the centrist New America Foundation found that mass metadata collection “has had no discernible impact on preventing acts of terrorism” and, where plots were disrupted, “traditional law enforcement and investigative methods provided the tip or evidence to initiate the case.” It labeled the NSA’s claims to the contrary as “overblown and even misleading.” While worthless in counter-terrorism policies, the UN report warned that allowing mass surveillance to persist with no transparency creates “an ever present danger of ‘purpose creep,’ by which measures justified on counter-terrorism grounds are made available for use by public authorities for much less weighty public interest purposes.” Citing the UK as one example, the report warned that, already, “a wide range of public bodies have access to communications data, for a wide variety of purposes, often without judicial authorization or meaningful independent oversight.”
  • The report was most scathing in its rejection of a key argument often made by American defenders of the NSA: that mass surveillance is justified because Americans are given special protections (the requirement of a FISA court order for targeted surveillance) which non-Americans (95% of the world) do not enjoy. Not only does this scheme fail to render mass surveillance legal, but it itself constitutes a separate violation of international treaties (emphasis added): The Special Rapporteur concurs with the High Commissioner for Human Rights that where States penetrate infrastructure located outside their territorial jurisdiction, they remain bound by their obligations under the Covenant. Moreover, article 26 of the Covenant prohibits discrimination on grounds of, inter alia, nationality and citizenship. The Special Rapporteur thus considers that States are legally obliged to afford the same privacy protection for nationals and non-nationals and for those within and outside their jurisdiction. Asymmetrical privacy protection regimes are a clear violation of the requirements of the Covenant.
  • That principle — that the right of internet privacy belongs to all individuals, not just Americans — was invoked by NSA whistleblower Edward Snowden when he explained in a June, 2013 interview at The Guardian why he disclosed documents showing global surveillance rather than just the surveillance of Americans: “More fundamentally, the ‘US Persons’ protection in general is a distraction from the power and danger of this system. Suspicionless surveillance does not become okay simply because it’s only victimizing 95% of the world instead of 100%.” The U.N. Rapporteur was clear that these systematic privacy violations are the result of a union between governments and tech corporations: “States increasingly rely on the private sector to facilitate digital surveillance. This is not confined to the enactment of mandatory data retention legislation. Corporates [sic] have also been directly complicit in operationalizing bulk access technology through the design of communications infrastructure that facilitates mass surveillance. ”
  • The latest finding adds to the growing number of international formal rulings that the mass surveillance programs of the U.S. and its partners are illegal. In January, the European parliament’s civil liberties committee condemned such programs in “the strongest possible terms.” In April, the European Court of Justice ruled that European legislation on data retention contravened EU privacy rights. A top secret memo from the GCHQ, published last year by The Guardian, explicitly stated that one key reason for concealing these programs was fear of a “damaging public debate” and specifically “legal challenges against the current regime.” The report ended with a call for far greater transparency along with new protections for privacy in the digital age. Continuation of the status quo, it warned, imposes “a risk that systematic interference with the security of digital communications will continue to proliferate without any serious consideration being given to the implications of the wholesale abandonment of the right to online privacy.” The urgency of these reforms is underscored, explained the Rapporteur, by a conclusion of the United States Privacy and Civil Liberties Oversight Board that “permitting the government to routinely collect the calling records of the entire nation fundamentally shifts the balance of power between the state and its citizens.”
Paul Merrell

WASHINGTON: CIA admits it broke into Senate computers; senators call for spy chief's ou... - 0 views

www.mcclatchydc.com/...-staffers-accessed-senate.html

surveillance state CIA torture Senate-Intelligence_Committee-Report Brennan

shared by Paul Merrell on 01 Aug 14 - No Cached
  • An internal CIA investigation confirmed allegations that agency personnel improperly intruded into a protected database used by Senate Intelligence Committee staff to compile a scathing report on the agency’s detention and interrogation program, prompting bipartisan outrage and at least two calls for spy chief John Brennan to resign.“This is very, very serious, and I will tell you, as a member of the committee, someone who has great respect for the CIA, I am extremely disappointed in the actions of the agents of the CIA who carried out this breach of the committee’s computers,” said Sen. Saxby Chambliss, R-Ga., the committee’s vice chairman.
  • The rare display of bipartisan fury followed a three-hour private briefing by Inspector General David Buckley. His investigation revealed that five CIA employees, two lawyers and three information technology specialists improperly accessed or “caused access” to a database that only committee staff were permitted to use.Buckley’s inquiry also determined that a CIA crimes report to the Justice Department alleging that the panel staff removed classified documents from a top-secret facility without authorization was based on “inaccurate information,” according to a summary of the findings prepared for the Senate and House intelligence committees and released by the CIA.In other conclusions, Buckley found that CIA security officers conducted keyword searches of the emails of staffers of the committee’s Democratic majority _ and reviewed some of them _ and that the three CIA information technology specialists showed “a lack of candor” in interviews with Buckley’s office.
  • The inspector general’s summary did not say who may have ordered the intrusion or when senior CIA officials learned of it.Following the briefing, some senators struggled to maintain their composure over what they saw as a violation of the constitutional separation of powers between an executive branch agency and its congressional overseers.“We’re the only people watching these organizations, and if we can’t rely on the information that we’re given as being accurate, then it makes a mockery of the entire oversight function,” said Sen. Angus King, an independent from Maine who caucuses with the Democrats.The findings confirmed charges by the committee chairwoman, Sen. Dianne Feinstein, D-Calif., that the CIA intruded into the database that by agreement was to be used by her staffers compiling the report on the harsh interrogation methods used by the agency on suspected terrorists held in secret overseas prisons under the George W. Bush administration.The findings also contradicted Brennan’s denials of Feinstein’s allegations, prompting two panel members, Sens. Mark Udall, D-Colo., and Martin Heinrich, D-N.M., to demand that the spy chief resign.
  • ...7 more annotations...
  • Another committee member, Sen. Ron Wyden, D-Ore., and some civil rights groups called for a fuller investigation. The demands clashed with a desire by President Barack Obama, other lawmakers and the CIA to move beyond the controversy over the “enhanced interrogation program” after Feinstein releases her committee’s report, which could come as soon as next weekMany members demanded that Brennan explain his earlier denial that the CIA had accessed the Senate committee database.“Director Brennan should make a very public explanation and correction of what he said,” said Sen. Carl Levin, D-Mich. He all but accused the Justice Department of a coverup by deciding not to pursue a criminal investigation into the CIA’s intrusion.
  • “I thought there might have been information that was produced after the department reached their conclusion,” he said. “What I understand, they have all of the information which the IG has.”He hinted that the scandal goes further than the individuals cited in Buckley’s report.“I think it’s very clear that CIA people knew exactly what they were doing and either knew or should’ve known,” said Levin, adding that he thought that Buckley’s findings should be referred to the Justice Department.A person with knowledge of the issue insisted that the CIA personnel who improperly accessed the database “acted in good faith,” believing that they were empowered to do so because they believed there had been a security violation.“There was no malicious intent. They acted in good faith believing they had the legal standing to do so,” said the knowledgeable person, who asked not to be further identified because they weren’t authorized to discuss the issue publicly. “But it did not conform with the legal agreement reached with the Senate committee.”
  • Buckley’s findings clashed with denials by Brennan that he issued only hours after Feinstein’s blistering Senate speech.“As far as the allegations of, you know, CIA hacking into, you know, Senate computers, nothing could be further from the truth. I mean, we wouldn’t do that. I mean, that’s _ that’s just beyond the _ you know, the scope of reason in terms of what we would do,” he said in an appearance at the Council on Foreign Relations.White House Press Secretary Josh Earnest issued a strong defense of Brennan, crediting him with playing an “instrumental role” in the administration’s fight against terrorism, in launching Buckley’s investigation and in looking for ways to prevent such occurrences in the future.Earnest was asked at a news briefing whether there was a credibility issue for Brennan, given his forceful denial in March.“Not at all,” he replied, adding that Brennan had suggested the inspector general’s investigation in the first place. And, he added, Brennan had taken the further step of appointing the accountability board to review the situation and the conduct of those accused of acting improperly to “ensure that they are properly held accountable for that conduct.”
  • Feinstein called Brennan’s apology and his decision to submit Buckley’s findings to the accountability board “positive first steps.”“This IG report corrects the record and it is my understanding that a declassified report will be made available to the public shortly,” she said in a statement.“The investigation confirmed what I said on the Senate floor in March _ CIA personnel inappropriately searched Senate Intelligence Committee computers in violation of an agreement we had reached, and I believe in violation of the constitutional separation of powers,” she said.It was not clear why Feinstein didn’t repeat her charges from March that the agency also may have broken the law and had sought to “thwart” her investigation into the CIA’s use of waterboarding, which simulates drowning, sleep deprivation and other harsh interrogation methods _ tactics denounced by many experts as torture.
  • The allegations and the separate CIA charge that the committee staff removed classified documents from the secret CIA facility in Northern Virginia without authorization were referred to the Justice Department for investigation.The department earlier this month announced that it had found insufficient evidence on which to proceed with criminal probes into either matter “at this time.” Thursday, Justice Department officials declined comment.
  • In her speech, Feinstein asserted that her staff found the material _ known as the Panetta review, after former CIA Director Leon Panetta, who ordered it _ in the protected database and that the CIA discovered the staff had it by monitoring its computers in violation of the user agreement.The inspector general’s summary, which was prepared for the Senate and the House intelligence committees, didn’t identify the CIA personnel who had accessed the Senate’s protected database.Furthermore, it said, the CIA crimes report to the Justice Department alleging that panel staffers had removed classified materials without permission was grounded on inaccurate information. The report is believed to have been sent by the CIA’s then acting general counsel, Robert Eatinger, who was a legal adviser to the interrogation program.“The factual basis for the referral was not supported, as the author of the referral had been provided inaccurate information on which the letter was based,” said the summary, noting that the Justice Department decided not to pursue the issue.
  • Christopher Anders, senior legislative counsel with the American Civil Liberties Union, criticized the CIA announcement, saying that “an apology isn’t enough.”“The Justice Department must refer the (CIA) inspector general’s report to a federal prosecutor for a full investigation into any crimes by CIA personnel or contractors,” said Anders.
  • Paul Merrell on 01 Aug 14
     
    And no one but the lowest ranking staffer knew anything about it, not even the CIA lawyer who made the criminal referral to the Justice Dept., alleging that the Senate Intelligence Committee had accessed classified documents it wasn't authorized to access. So the Justice Dept. announces that there's insufficient evidence to warrant a criminal investigation. As though the CIA lawyer's allegations were not based on the unlawful surveillance of the Senate Intelligence Committee's network.  Can't we just get an official announcement that Attorney General Holder has decided that there shall be a cover-up? 
Gonzalo San Gil, PhD.

Thunderclap: Free Information from Space Outernet for Aug 11, 2014 - 0 views

www.thunderclap.it/...77-free-information-from-space

free information space Outernet thunderclap August 11 2014

shared by Gonzalo San Gil, PhD. on 24 Jul 14 - No Cached
  • Right now, only 40% of humanity can connect to the Internet. Even less than that have access to truly free, uncensored Internet. What this represents is an enormous gap in access to information. While the Internet is an amazing communication tool, it is also the largest library ever constructed. It grants access to anything from books, videos, courseware, news, and weather, to open source farm equipment or instructions on how to treat infection or prevent HIV from spreading. #ImagineIf everyone could have that information for free?On August 11, 2014, Outernet will make that library available from space for free for the first time. Help us tell the world.#ImagineIf everyone had any information they wanted - what would that world look like? What new inventions would be created or diseases cured? What would people read about if their governments no longer deprived them of their right to free information? Soon, we won't have to imagine.
  • Right now, only 40% of humanity can connect to the Internet. Even less than that have access to truly free, uncensored Internet. What this represents is an enormous gap in access to information. While the Internet is an amazing communication tool, it is also the largest library ever constructed. It grants access to anything from books, videos, courseware, news, and weather, to open source farm equipment or instructions on how to treat infection or prevent HIV from spreading. #ImagineIf everyone could have that information for free?On August 11, 2014, Outernet will make that library available from space for free for the first time. Help us tell the world.#ImagineIf everyone had any information they wanted - what would that world look like? What new inventions would be created or diseases cured? What would people read about if their governments no longer deprived them of their right to free information? 
  • Paul Merrell on 24 Jul 14
     
    INFORMATION FOR THE WORLD FROM OUTER SPACE Unrestricted, globally accessible, broadcast data. Quality content from all over the Internet. Available to all of humanity. For free. Through satellite data broadcasting, Outernet is able to bypass censorship, ensure privacy, and offer a universally-accessible information service at no cost to global citizens. It's the modern version of shortwave radio, or BitTorrent from space.
  • Gonzalo San Gil, PhD. on 25 Jul 14
     
    ""#ImagineIf every human had a free library at home... Information equality begins TODAY: Outernet is LIVE from space! http://thndr.it/1pazaP3" "
  • Gonzalo San Gil, PhD. on 25 Jul 14
     
    ""#ImagineIf every human had a free library at home... Information equality begins TODAY: Outernet is LIVE from space! http://thndr.it/1pazaP3" "
Paul Merrell

The FCC is about to kill the free Internet | PandoDaily - 0 views

pando.com/...bout-to-kill-the-free-internet

net neutrality FCC

shared by Paul Merrell on 24 Apr 14 - No Cached
  • The Federal Communications Commission is poised to ruin the free Internet on a technicality. The group is expected to introduce new net neutrality laws that would allow companies to pay for better access to consumers through deals similar to the one struck by Netflix and Comcast earlier this year. The argument is that those deals don’t technically fall under the net neutrality umbrella, so these new rules won’t apply to them even though they directly affect the Internet. At least the commission is being upfront about its disinterest in protecting the free Internet.
  • The Verge notes that the proposed rules will offer some protections to consumers: The Federal Communication Commission’s proposal for new net neutrality rules will allow internet service providers to charge companies for preferential treatment, effectively undermining the concept of net neutrality, according to The Wall Street Journal. The rules will reportedly allow providers to charge for preferential treatment so long as they offer that treatment to all interested parties on “commercially reasonable” terms, with the FCC will deciding whether the terms are reasonable on a case-by-case basis. Providers will not be able to block individual websites, however. The goal of net neutrality rules is to prevent service providers from discriminating between different content, allowing all types of data and all companies’ data to be treated equally. While it appears that outright blocking of individual services won’t be allowed, the Journal reports that some forms of discrimination will be allowed, though that will apparently not include slowing down websites.
  • Re/code summarizes the discontent with these proposed rules: Consumer groups have complained about that plan because they’re worried that Wheeler’s rules may not hold up in court either. A federal appeals court rejected two previous versions of net neutrality rules after finding fault in the FCC’s legal reasoning. During the latest smackdown, however, the court suggested that the FCC had some authority to impose net neutrality rules under a section of the law that gives the agency the ability to regulate the deployment of broadband lines. Internet activists would prefer that the FCC just re-regulate Internet lines under old rules designed for telephone networks, which they say would give the agency clear authority to police Internet lines. Wheeler has rejected that approach for now. Phone and cable companies, including Comcast, AT&T and Verizon, have vociferously fought that idea over the past few years.
  • ...2 more annotations...
  • The Chicago Tribune reports on the process directing these rules: The five-member regulatory commission may vote as soon as May to formally propose the rules and collect public comment on them. Virtually all large Internet service providers, such as Verizon Communications Inc. and Time Warner Cable Inc., have pledged to abide by the principles of open Internet reinforced by these rules. But critics have raised concerns that, without a formal rule, the voluntary pledges could be pulled back over time and also leave the door open for deals that would give unequal treatment to websites or services.
  • I wrote about the European Union’s attempts to defend the free Internet: The legislation is meant to provide access to online services ‘without discrimination, restriction or interference, independent of the sender, receiver, type, content, device, service or application.’ For example, ISPs would be barred from slowing down or ‘throttling’ the speed at which one service’s videos are delivered while allowing other services to stream at normal rates. To bastardize Gertrude Stein: a byte is a byte is a byte. Such restrictions would prevent deals like the one Comcast recently made with Netflix, which will allow the service’s videos to reach consumers faster than before. Comcast is also said to be in talks with Apple for a deal that would allow videos from its new streaming video service to reach consumers faster than videos from competitors. The Federal Communications Commission’s net neutrality laws don’t apply to those deals, according to FCC Chairman Tom Wheeler, so they are allowed to continue despite the threat they pose to the free Internet.
  • Paul Merrell on 24 Apr 14
     
    Cute. Deliberately not using the authority the court of appeals said it could use to impose net neutrality. So Europe can have net neutrality but not in the U.S.
Paul Merrell

With rules repealed, what's next for net neutrality? | TheHill - 0 views

thehill.com/...-whats-next-for-net-neutrality

net-neutrality legislation litigation

shared by Paul Merrell on 24 Feb 18 - No Cached
  • The battle over the Federal Communications Commission’s (FCC) repeal of net neutrality rules is entering a new phase, with opponents of the move launching efforts to preserve the Obama-era consumer protections.The net neutrality rules had required internet service providers to treat all web traffic equally. Republicans on the commission decried the regulatory structure as a gross overreach, and quickly moved to reverse them once the Trump administration came to power. The reversal of the rules was published in the Federal Register Thursday, and even though the order is months away from implementation, net neutrality supporters are now free to mount legal challenges to the action. A coalition of Democratic state attorneys general, public interest groups and internet companies have vowed to fight in the courts. Twenty-three states, led by New York and its attorney general, Eric Schneiderman (D), have already filed a lawsuit. 
  • The emerging court battle over net neutrality could keep the issue in limbo for years.Meanwhile, a separate battle over the rules is brewing in Congress.Senate Democrats have secured enough support to force a vote on a bill that would undo the FCC’s December vote and leave the net neutrality rules in place. The bill, which is being pushed by Sen. Ed MarkeyEdward (Ed) John MarkeyRegulators seek to remove barriers to electric grid storage Markey, Paul want to know if new rules are helping opioid treatment Oil spill tax on oil companies reinstated as part of budget deal MORE (D-Mass.), would use a legislative tool called the Congressional Review Act (CRA) to roll back the FCC’s repeal of net neutrality. The entry of the FCC’s repeal order in the Federal Register Thursday means that the Senate has 60 legislative days to move on the CRA bill. Democrats have secured support from one Republican, Sen. Susan CollinsSusan Margaret CollinsOvernight Tech: Judge blocks AT&T request for DOJ communications | Facebook VP apologizes for tweets about Mueller probe | Tech wants Treasury to fight EU tax proposal Overnight Regulation: Trump to take steps to ban bump stocks | Trump eases rules on insurance sold outside of ObamaCare | FCC to officially rescind net neutrality Thursday | Obama EPA chief: Reg rollback won't stand FCC to officially rescind net neutrality rules on Thursday MORE (Maine), and need just one more to cross the aisle for the bill to pass the chamber. 
  • Even if Democrats do manage to find the tie-breaking vote in the Senate, the bill is almost certain to die in the House. But Democrats see a roll call vote as an opportunity to make GOP members stake out a position on an issue that they think could resonate in the midterm elections. On yet another front, Democratic states around the country have already launched their own attack on the FCC’s rules. Five governors (from Montana, Hawaii, New Jersey, Vermont and New York) have in recent weeks signed executive orders forbidding their states from doing business with internet service providers who violate net neutrality principles. And, according to the pro-net neutrality group Free Press, legislatures in 26 states are weighing bills that would codify their own open internet protections. The local efforts could ignite a separate legal battle over whether states have the authority to counteract the FCC’s order, which included a provision preempting them from replacing the rules.
  • ...1 more annotation...
  • For their part, Republicans who applauded the FCC repeal are calling for a legislation that would codify some net neutrality principles. They say doing so would allow for less heavy-handed protections that provide certainty to businesses.But most net neutrality supporters reject that course, at least while the repeal is tied up in court and Republicans control majorities in both the House and Senate. They argue that such a bill would amount to little more than watered-down protections that would be unable to keep internet service providers in check. For now, Democrats seem content to let the battles in the courts and Congress play out.
Paul Merrell

Why the Sony hack is unlikely to be the work of North Korea. | Marc's Security Ramblings - 0 views

marcrogers.org/...-to-be-the-work-of-north-korea

Sony-hack North-Korea false-flag FBI Obama

shared by Paul Merrell on 25 Dec 14 - No Cached
  • Everyone seems to be eager to pin the blame for the Sony hack on North Korea. However, I think it’s unlikely. Here’s why:1. The broken English looks deliberately bad and doesn’t exhibit any of the classic comprehension mistakes you actually expect to see in “Konglish”. i.e it reads to me like an English speaker pretending to be bad at writing English. 2. The fact that the code was written on a PC with Korean locale & language actually makes it less likely to be North Korea. Not least because they don’t speak traditional “Korean” in North Korea, they speak their own dialect and traditional Korean is forbidden. This is one of the key things that has made communication with North Korean refugees difficult. I would find the presence of Chinese far more plausible.
  • 3. It’s clear from the hard-coded paths and passwords in the malware that whoever wrote it had extensive knowledge of Sony’s internal architecture and access to key passwords. While it’s plausible that an attacker could have built up this knowledge over time and then used it to make the malware, Occam’s razor suggests the simpler explanation of an insider. It also fits with the pure revenge tact that this started out as. 4. Whoever did this is in it for revenge. The info and access they had could have easily been used to cash out, yet, instead, they are making every effort to burn Sony down. Just think what they could have done with passwords to all of Sony’s financial accounts? With the competitive intelligence in their business documents? From simple theft, to the sale of intellectual property, or even extortion – the attackers had many ways to become rich. Yet, instead, they chose to dump the data, rendering it useless. Likewise, I find it hard to believe that a “Nation State” which lives by propaganda would be so willing to just throw away such an unprecedented level of access to the beating heart of Hollywood itself.
  • 5. The attackers only latched onto “The Interview” after the media did – the film was never mentioned by GOP right at the start of their campaign. It was only after a few people started speculating in the media that this and the communication from DPRK “might be linked” that suddenly it became linked. I think the attackers both saw this as an opportunity for “lulz” and as a way to misdirect everyone into thinking it was a nation state. After all, if everyone believes it’s a nation state, then the criminal investigation will likely die.
  • ...4 more annotations...
  • 6. Whoever is doing this is VERY net and social media savvy. That, and the sophistication of the operation, do not match with the profile of DPRK up until now. Grugq did an excellent analysis of this aspect his findings are here – http://0paste.com/6875#md 7. Finally, blaming North Korea is the easy way out for a number of folks, including the security vendors and Sony management who are under the microscope for this. Let’s face it – most of today’s so-called “cutting edge” security defenses are either so specific, or so brittle, that they really don’t offer much meaningful protection against a sophisticated attacker or group of attackers.
  • 8. It probably also suits a number of political agendas to have something that justifies sabre-rattling at North Korea, which is why I’m not that surprised to see politicians starting to point their fingers at the DPRK also. 9. It’s clear from the leaked data that Sony has a culture which doesn’t take security very seriously. From plaintext password files, to using “password” as the password in business critical certificates, through to just the shear volume of aging unclassified yet highly sensitive data left out in the open. This isn’t a simple slip-up or a “weak link in the chain” – this is a serious organization-wide failure to implement anything like a reasonable security architecture.
  • The reality is, as things stand, Sony has little choice but to burn everything down and start again. Every password, every key, every certificate is tainted now and that’s a terrifying place for an organization to find itself. This hack should be used as the definitive lesson in why security matters and just how bad things can get if you don’t take it seriously. 10. Who do I think is behind this? My money is on a disgruntled (possibly ex) employee of Sony.
  • EDIT: This appears (at least in part) to be substantiated by a conversation the Verge had with one of the alleged hackers – http://www.theverge.com/2014/11/25/7281097/sony-pictures-hackers-say-they-want-equality-worked-with-staff-to-break-in Finally for an EXCELLENT blow by blow analysis of the breach and the events that followed, read the following post by my friends from Risk Based Security – https://www.riskbasedsecurity.com/2014/12/a-breakdown-and-analysis-of-the-december-2014-sony-hack EDIT: Also make sure you read my good friend Krypt3ia’s post on the hack – http://krypt3ia.wordpress.com/2014/12/18/sony-hack-winners-and-losers/
  • Paul Merrell on 25 Dec 14
     
    Seems that the FBI overlooked a few clues before it told Obama to go ahead and declare war against North Korea. 
Paul Merrell

Bankrolled by broadband donors, lawmakers lobby FCC on net neutrality | Ars Technica - 1 views

arstechnica.com/...rs-lobby-fcc-on-net-neutrality

net neutrality campaign contributions corruption

shared by Paul Merrell on 18 May 14 - No Cached
  • The 28 House members who lobbied the Federal Communications Commission to drop net neutrality this week have received more than twice the amount in campaign contributions from the broadband sector than the average for all House members. These lawmakers, including the top House leadership, warned the FCC that regulating broadband like a public utility "harms" providers, would be "fatal to the Internet," and could "limit economic freedom."​ According to research provided Friday by Maplight, the 28 House members received, on average, $26,832 from the "cable & satellite TV production & distribution" sector over a two-year period ending in December. According to the data, that's 2.3 times more than the House average of $11,651. What's more, one of the lawmakers who told the FCC that he had "grave concern" (PDF) about the proposed regulation took more money from that sector than any other member of the House. Rep. Greg Walden (R-OR) was the top sector recipient, netting more than $109,000 over the two-year period, the Maplight data shows.
  • Dan Newman, cofounder and president of Maplight, the California research group that reveals money in politics, said the figures show that "it's hard to take seriously politicians' claims that they are acting in the public interest when their campaigns are funded by companies seeking huge financial benefits for themselves." Signing a letter to the FCC along with Walden, who chairs the House Committee on Energy and Commerce, were three other key members of the same committee: Reps. Fred Upton (R-MI), Robert Latta (R-OH), and Marsha Blackburn (R-TN). Over the two-year period, Upton took in $65,000, Latta took $51,000, and Blackburn took $32,500. In a letter (PDF) those representatives sent to the FCC two days before Thursday's raucous FCC net neutrality hearing, the four wrote that they had "grave concern" over the FCC's consideration of "reclassifying Internet broadband service as an old-fashioned 'Title II common carrier service.'" The letter added that a switchover "harms broadband providers, the American economy, and ultimately broadband consumers, actually doing so would be fatal to the Internet as we know it."
  • Not every one of the 28 members who publicly lobbied the FCC against net neutrality in advance of Thursday's FCC public hearing received campaign financing from the industry. One representative took no money: Rep. Nick Rahall (D-WV). In all, the FCC received at least three letters from House lawmakers with 28 signatures urging caution on classifying broadband as a telecommunications service, which would open up the sector to stricter "common carrier" rules, according to letters the members made publicly available. The US has long applied common carrier status to the telephone network, providing justification for universal service obligations that guarantee affordable phone service to all Americans and other rules that promote competition and consumer choice. Some consumer advocates say that common carrier status is needed for the FCC to impose strong network neutrality rules that would force ISPs to treat all traffic equally, not degrading competing services or speeding up Web services in exchange for payment. ISPs have argued that common carrier rules would saddle them with too much regulation and would force them to spend less on network upgrades and be less innovative.
  • ...2 more annotations...
  • Of the 28 House members signing on to the three letters, Republicans received, on average, $59,812 from the industry over the two-year period compared to $13,640 for Democrats, according to the Maplight data. Another letter (PDF) sent to the FCC this week from four top members of the House, including Speaker John Boehner (R-OH), Majority Leader Eric Cantor (R-VA), Majority Whip Kevin McCarthy (R-CA), and Republican Conference Chair Cathy McMorris Rodgers (R-WA), argued in favor of cable companies: "We are writing to respectfully urge you to halt your consideration of any plan to impose antiquated regulation on the Internet, and to warn that implementation of such a plan will needlessly inhibit the creation of American private sector jobs, limit economic freedom and innovation, and threaten to derail one of our economy's most vibrant sectors," they wrote. Over the two-year period, Boehner received $75,450; Cantor got $80,800; McCarthy got $33,000; and McMorris Rodgers got $31,500.
  • The third letter (PDF) forwarded to the FCC this week was signed by 20 House members. "We respectfully urge you to consider the effect that regressing to a Title II approach might have on private companies' ability to attract capital and their continued incentives to invest and innovate, as well as the potentially negative impact on job creation that might result from any reduction in funding or investment," the letter said. Here are the 28 lawmakers who lobbied the FCC this week and their reported campaign contributions:
« First ‹ Previous 41 - 60 of 1102 Next › Last »
Showing 20 items per page