Group items matching

in title, tags, annotations or url

House passes bill undoing Obama internet privacy rule House passes bill undoing Obama internet privacy rule TheHill.com Mesmerizing Slow-Motion Lightning Celebrate #NationalPuppyDay with some adorable puppies on Instagram 5 plants to add to your garden this Spring House passes bill undoing Obama internet privacy rule Inform News. Coming Up... Ed Sheeran responds to his 'baby lookalike' margin: 0px; padding: 0px; borde

Great news! The House just voted to pass SJR34. We will finally be able to buy the browser history of all the Congresspeople who voted to sell our data and privacy without our consent!” he wrote on the fundraising page.Another activist from Tennessee has raised more than $152,000 from more than 9,800 people.A bill on its way to President Trump’s desk would allow internet service providers (ISPs) to sell users’ data and Web browsing history. It has not taken effect, which means there is no growing history data yet to purchase.A Washington Post reporter also wrote it would be possible to buy the data “in theory, but probably not in reality.”A former enforcement bureau chief at the Federal Communications Commission told the newspaper that most internet service providers would cover up this information, under their privacy policies. If they did sell any individual's personal data in violation of those policies, a state attorney general could take the ISPs to court.

Amid reports that Moscow is considering handing over NSA whistleblower Edward Snowden as a “gift” to U.S. President Donald Trump, a Russian government spokesperson said Monday that the Kremlin and the White House have not discussed the matter, Russia’s state TASS agency reported. “No, this issue (Snowden’s fate) was not raised,” presidential spokesperson Dmitry Peskov told reporters Monday, adding that Russian officials have not taken a position on whether Snowden should be extradited to the U.S. or granted Russian citizenship. “The issue was not raised (during the Russian-US contacts),” Peskov said. “At the moment it is not among bilateral issues.” The statement comes after Snowden — who has lived in Russia since 2013, first with one-year temporary asylum then a residence permit — revealed in recent days that he is “not afraid” of being handed over to the United States, where he faces espionage charges for his explosive 2013 leak of documents on secret U.S. mass surveillance programs.

However, Snowden also said in an interview with Yahoo News that talk of a possible trade between Moscow and Washington makes him feel “encouraged” because it vindicates him in the face of accusations that he has been a spy for Russia by laying bare the fact that he has always been independent and “worked on behalf of the United States.” “Finally: irrefutable evidence that I never cooperated with Russian intel,” he tweeted on Friday. “No country trades away spies, as the rest would fear they’re next.” In the U.S., Snowden faces charges of theft of government property and violation of the Espionage Act on two counts, which each carry a maximum sentence of 10 years.

“What I am proud of,” Snowden told Yahoo News, “is the fact that every decision that I have made I can defend.” Snowden is set to be eligible to apply for Russian citizenship next year, according to his lawyer. Last month, Moscow extended his residence permit, which is now valid until 2020.

An entry in something the government calls a “Manhunting Timeline” suggests that the United States pressured officials of countries around the world to prosecute WikiLeaks editor-in-chief, Julian Assange, in 2010. The file—marked unclassified, revealed by National Security Agency whistleblower Edward Snowden and published by The Intercept—is dated August 2010. Under the headline, “United States, Australia, Great Britain, Germany, Iceland” – it states: The United States on 10 August urged other nations with forces in Afghanistan, including Australia, United Kingdom and Germany, to consider filing criminal charges against Julian Assange, founder of the rogue WikiLeaks Internet website and responsible for the unauthorized publication of over 70,000 classified documents covering the war in Afghanistan. The documents may have been provided to WikiLeaks by Army Private First Class Bradley Manning. The appeal exemplifies the start of an international effort to focus the legal element of national power upon non-state actor Assange and the human network that supports WikiLeaks. Another document—a top-secret page from an internal wiki—indicates there has been discussion in the NSA with the Threat Operations Center Oversight and Compliance (NOC) and Office of General Counsel (OGC) on the legality of designating WikiLeaks a “malicious foreign actor” and whether this would make it permissible to conduct surveillance on Americans accessing the website. “Can we treat a foreign server who stores or potentially disseminates leaked or stolen data on its server as a ‘malicious foreign actor’ for the purpose of targeting with no defeats?” Examples: WikiLeaks, thepiratebay.org). The NOC/OGC answered, “Let me get back to you.” (The page does not indicate if anyone ever got back to the NSA. And “defeats” essentially means protections.)

GCHQ, the NSA’s counterpart in the UK, had a program called “ANTICRISIS GIRL,” which could engage in “targeted website monitoring.” This means data of hundreds of users accessing a website, like WikiLeaks, could be collected. The IP addresses of readers and supporters could be monitored. The agency could even target the publisher if it had a public dropbox or submission system. NSA and GCHQ could also target the foreign “branches” of the hacktivist group, Anonymous. An answer to another question from the wiki entry involves the question, “Is it okay to query against a foreign server known to be malicious even if there is a possibility that US persons could be using it as well? Example: thepiratebay.org.” The NOC/OGC responded, “Okay to go after foreign servers which US people use also (with no defeats). But try to minimize to ‘post’ only for example to filter out non-pertinent information.” WikiLeaks is not an example in this question, however, if it was designated as a “malicious foreign actor,” then the NSA would do queries of American users.

Michael Ratner, a lawyer from the Center for Constitutional Rights (CCR) who represents WikiLeaks, said on “Democracy Now!”, this shows he has every reason to fear what would happen if he set foot outside of the embassy. The files show some of the extent to which the US and UK have tried to destroy WikiLeaks. CCR added in a statement, “These NSA documents should make people understand why Julian Assange was granted diplomatic asylum, why he must be given safe passage to Ecuador, and why he must keep himself out of the hands of the United States and apparently other countries as well. These revelations only corroborate the expectation that Julian Assange is on a US target list for prosecution under the archaic “Espionage Act,” for what is nothing more than publishing evidence of government misconduct.” “These documents demonstrate that the political persecution of WikiLeaks is very much alive,”Baltasar Garzón, the Spanish former judge who now represents the group, told The Intercept. “The paradox is that Julian Assange and the WikiLeaks organization are being treated as a threat instead of what they are: a journalist and a media organization that are exercising their fundamental right to receive and impart information in its original form, free from omission and censorship, free from partisan interests, free from economic or political pressure.”

By James Bamford Last summer, cyber investigators plowing through the thousands of leaked emails from the Democratic National Committee uncovered a clue.A user named “Феликс Эдмундович” modified one of the documents using settings in the Russian language. Translated, his name was Felix Edmundovich, a pseudonym referring to Felix Edmundovich Dzerzhinsky, the chief of the Soviet Union’s first secret-police organization, the Cheka.It was one more link in the chain of evidence pointing to Russian President Vladimir Putin as the man ultimately behind the operation.During the Cold War, when Soviet intelligence was headquartered in Dzerzhinsky Square in Moscow, Putin was a KGB officer assigned to the First Chief Directorate. Its responsibilities included “active measures,” a form of political warfare that included media manipulation, propaganda and disinformation. Soviet active measures, retired KGB Major General Oleg Kalugin told Army historian Thomas Boghart, aimed to discredit the United States and “conquer world public opinion.”As the Cold War has turned into the code war, Putin recently unveiled his new, greatly enlarged spy organization: the Ministry of State Security, taking the name from Joseph Stalin’s secret service. Putin also resurrected, according to James Clapper, the U.S. director of national intelligence, some of the KGB’s old active- measures tactics. On October 7, Clapper issued a statement: “The U.S. Intelligence community is confident that the Russian government directed the recent compromises of emails from U.S. persons and institutions, including from U.S. political organizations.” Notably, however, the FBI declined to join the chorus, according to reports by the New York Times and CNBC.A week later, Vice President Joe Biden said on NBC’s Meet the Press that "we're sending a message" to Putin and "it will be at the time of our choosing, and under the circumstances that will have the greatest impact." When asked if the American public would know a message was sent, Biden replied, "Hope not." Meanwhile, the CIA was asked, according to an NBC report on October 14, “to deliver options to the White House for a wide-ranging ‘clandestine’ cyber operation designed to harass and ‘embarrass’ the Kremlin leadership.”But as both sides begin arming their cyberweapons, it is critical for the public to be confident that the evidence is really there, and to understand the potential consequences of a tit-for-tat cyberwar escalating into a real war. 

This is a prospect that has long worried Richard Clarke, the former White House cyber czar under President George W. Bush. “It’s highly likely that any war that began as a cyberwar,” Clarke told me last year, “would ultimately end up being a conventional war, where the United States was engaged with bombers and missiles.”The problem with attempting to draw a straight line from the Kremlin to the Clinton campaign is the number of variables that get in the way. For one, there is little doubt about Russian cyber fingerprints in various U.S. campaign activities. Moscow, like Washington, has long spied on such matters. The United States, for example, inserted malware in the recent Mexican election campaign. The question isn’t whether Russia spied on the U.S. presidential election, it’s whether it released the election emails.Then there’s the role of Guccifer 2.0, the person or persons supplying WikiLeaks and other organizations with many of the pilfered emails. Is this a Russian agent? A free agent? A cybercriminal? A combination, or some other entity? No one knows.There is also the problem of groupthink that led to the war in Iraq. For example, just as the National Security Agency, the Central Intelligence Agency and the rest of the intelligence establishment are convinced Putin is behind the attacks, they also believed it was a slam-dunk that Saddam Hussein had a trove of weapons of mass destruction. Consider as well the speed of the political-hacking investigation, followed by a lack of skepticism, culminating in a rush to judgment. After the Democratic committee discovered the potential hack last spring, it called in the cybersecurity firm CrowdStrike in May to analyze the problem.

CrowdStrike took just a month or so before it conclusively determined that Russia’s FSB, the successor to the KGB, and the Russian military intelligence organization, GRU, were behind it. Most of the other major cybersecurity firms quickly fell in line and agreed. By October, the intelligence community made it unanimous. That speed and certainty contrasts sharply with a previous suspected Russian hack in 2010, when the target was the Nasdaq stock market. According to an extensive investigation by Bloomberg Businessweek in 2014, the NSA and FBI made numerous mistakes over many months that stretched to nearly a year. “After months of work,” the article said, “there were still basic disagreements in different parts of government over who was behind the incident and why.”  There was no consensus­, with just a 70 percent certainty that the hack was a cybercrime. Months later, this determination was revised again: It was just a Russian attempt to spy on the exchange in order to design its own. The federal agents also considered the possibility that the Nasdaq snooping was not connected to the Kremlin. Instead, “someone in the FSB could have been running a for-profit operation on the side, or perhaps sold the malware to a criminal hacking group.” Again, that’s why it’s necessary to better understand the role of Guccifer 2.0 in releasing the Democratic National Committee and Clinton campaign emails before launching any cyberweapons.

The American Civil Liberties Union (ACLU) has filed a motion to reveal the secret court opinions with “novel or significant interpretations” of surveillance law, in a renewed push for government transparency. The motion, filed Wednesday by the ACLU and Yale Law School’s Media Freedom and Information Access Clinic, asks the Foreign Intelligence Surveillance Act (FISA) Court, which rules on intelligence gathering activities in secret, to release 23 classified decisions it made between 9/11 and the passage of the USA Freedom Act in June 2015. As ACLU National Security Project staff attorney Patrick Toomey explains, the opinions are part of a “much larger collection of hidden rulings on all sorts of government surveillance activities that affect the privacy rights of Americans.” Among them is the court order that the government used to direct Yahoo to secretly scanits users’ emails for “a specific set of characters.” Toomey writes: These court rulings are essential for the public to understand how federal laws are being construed and implemented. They also show how constitutional protections for personal privacy and expressive activities are being enforced by the courts. In other words, access to these opinions is necessary for the public to properly oversee their government.

Although the USA Freedom Act requires the release of novel FISA court opinions on surveillance law, the government maintains that the rule does not apply retroactively—thereby protecting the panel from publishing many of its post-9/11 opinions, which helped create an “unprecedented buildup” of secret surveillance laws. Even after National Security Agency (NSA) whistleblower Edward Snowden revealed the scope of mass surveillance in 2013, sparking widespread outcry, dozens of rulings on spying operations remain hidden from the public eye, which stymies efforts to keep the government accountable, civil liberties advocates say. “These rulings are necessary to inform the public about the scope of the government’s surveillance powers today,” the ACLU’s motion states.

Toomey writes that the rulings helped influence a number of novel spying activities, including: The government’s use of malware, which it calls “Network Investigative Techniques” The government’s efforts to compel technology companies to weaken or circumvent their own encryption protocols The government’s efforts to compel technology companies to disclose their source code so that it can identify vulnerabilities The government’s use of “cybersignatures” to search through internet communications for evidence of computer intrusions The government’s use of stingray cell-phone tracking devices under the Foreign Intelligence Surveillance Act (FISA) The government’s warrantless surveillance of Americans under FISA Section 702—a controversial authority scheduled to expire in December 2017 The bulk collection of financial records by the CIA and FBI under Section 215 of the Patriot Act Without these rulings being made public, “it simply isn’t possible to understand the government’s claimed authority to conduct surveillance,” Toomey writes. As he told The Intercept on Wednesday, “The people of this country can’t hold the government accountable for its surveillance activities unless they know what our laws allow. These secret court opinions define the limits of the government’s spying powers. Their disclosure is essential for meaningful public oversight in our democracy.”

Under the Fourth Amendment, Americans are protected from unreasonable searches and seizures, but according to one group of federal prosecutors, just being in the wrong house at the wrong time is cause enough to make every single person inside provide their fingerprints and unlock their phones.Back in 2014, a Virginia Circuit Court ruled that while suspects cannot be forced to provide phone passcodes, biometric data like fingerprints doesn’t have the same constitutional protection. Since then, multiple law enforcement agencies have tried to force individual suspects to unlock their phones with their fingers, but none have claimed the sweeping authority found in a Justice Department memorandum recently uncovered by Forbes.

In the court document filed earlier this year, federal prosecutors in California argued that a warrant for a mass finger-unlocking was constitutionally sound even though “the government does not know ahead of time the identity of every digital device or every fingerprint (or indeed, every other piece of evidence) that it will find in the search” because “it has demonstrated probable cause that evidence may exist at the search location.” Criminal defense lawyer Marina Medvin, however, disagreed. Advertisement Advertisement “They want the ability to get a warrant on the assumption that they will learn more after they have a warrant,” Medvin told Forbes. “This would be an unbelievably audacious abuse of power if it were permitted.”Unfortunately, other documents related to the case were not publicly available, so its unclear if the search was actually executed. Even so, Medvin believes the memorandum sets a deeply troubling precedent, using older case law regarding the collection of fingerprint evidence to request complete access to the “amazing amount of information” found on a cellphone.

Comcast is being forced to pay the largest fine the FCC has ever levied against a cable operator. Its offense: Charging customers for services and equipment they didn't ask for. The company agreed to pay a $2.3 million civil penalty and to submit to a "compliance plan," in which regulators will monitor Comcast for the next five years to ensure it cleans up its act.

The FCC said it received over 1,000 complaints from customers, who said Comcast charged them for premium channels, cable boxes, DVRs or other products that they never ordered. In many cases, the FCC said, customers expressly told Comcast that they didn't want the add-on options, but they were charged anyway. Complaints also describe how customers spent "significant time and energy to attempt to remove the unauthorized charges" and get refunds, the commission said. The complaints spurred the FCC to launch an investigation nearly two years ago. Today's settlement marks the conclusion of the probe. Under the five-year compliance plan, Comcast must begin sending customers special notifications every time a new charge or service is added to their bill. The company also has to add a way for customers to easily "block the addition of new services or equipment to their accounts," according to an FCC press release.

Comcast (CMCSA) will also be required to compensate or address complaints from customers who have disputed charges, and it will be barred from referring an account to collections or suspending an account that has a disputed charge. Comcast agreed to the fine without admitting any guilt.

On the 21st floor of a high-rise hotel in Cleveland, in a room full of political operatives, Microsoft’s Research Division was advertising a technology that could read each facial expression in a massive crowd, analyze the emotions, and report back in real time. “You could use this at a Trump rally,” a sales representative told me. At both the Republican and Democratic conventions, Microsoft sponsored event spaces for the news outlet Politico. Politico, in turn, hosted a series of Microsoft-sponsored discussions about the use of data technology in political campaigns. And throughout Politico’s spaces in both Philadelphia and Cleveland, Microsoft advertised an array of products from “Microsoft Cognitive Services,” its artificial intelligence and cloud computing division. At one exhibit, titled “Realtime Crowd Insights,” a small camera scanned the room, while a monitor displayed the captured image. Every five seconds, a new image would appear with data annotated for each face — an assigned serial number, gender, estimated age, and any emotions detected in the facial expression. When I approached, the machine labeled me “b2ff” and correctly identified me as a 23-year-old male.

“Realtime Crowd Insights” is an Application Programming Interface (API), or a software tool that connects web applications to Microsoft’s cloud computing services. Through Microsoft’s emotional analysis API — a component of Realtime Crowd Insights — applications send an image to Microsoft’s servers. Microsoft’s servers then analyze the faces and return emotional profiles for each one. In a November blog post, Microsoft said that the emotional analysis could detect “anger, contempt, fear, disgust, happiness, neutral, sadness or surprise.” Microsoft’s sales representatives told me that political campaigns could use the technology to measure the emotional impact of different talking points — and political scientists could use it to study crowd response at rallies.

Facial recognition technology — the identification of faces by name — is already widely used in secret by law enforcement, sports stadiums, retail stores, and even churches, despite being of questionable legality. As early as 2002, facial recognition technology was used at the Super Bowl to cross-reference the 100,000 attendees to a database of the faces of known criminals. The technology is controversial enough that in 2013, Google tried to ban the use of facial recognition apps in its Google glass system. But “Realtime Crowd Insights” is not true facial recognition — it could not identify me by name, only as “b2ff.” It did, however, store enough data on each face that it could continuously identify it with the same serial number, even hours later. The display demonstrated that capability by distinguishing between the number of total faces it had seen, and the number of unique serial numbers. Photo: Alex Emmons

Privacy Shield is the proposed new deal between the EU and the US that is supposed to safeguard all personal data on EU citizens held on computer systems in the US from being subject to mass surveillance by the US National Security Agency. The data can refer to any transaction — web purchases, cars or clothing — involving an EU citizen whose data is held on US servers. Privacy groups say Privacy Shield — which replaces the Safe Harbor agreement ruled unlawful in October 2015 — does not meet strict EU standard on the use of personal data. Monique Goyens, Director General of the European Consumer Organization (BEUC) told Sputnik: “We consider that the shield is cracked beyond repair and is unlikely to stand scrutiny by the European Court of Justice. A fundamental problem remains that the US side of the shield is made of clay, not iron.”

The agreement has been under negotiation for months ever since the because the European Court of Justice ruled in October 2015 that the previous EU-US data agreement — Safe Harbor — was invalid. The issue arises from the strict EU laws — enshrined in the Charter of Fundamental Rights of the European Union — to the privacy of their personal data.

The Safe Harbor agreement was a quasi-judicial understanding that the US undertook to agree that it would ensure that EU citizens’ data on US servers would be held and protected under the same restrictions as it would be under EU law and directives. The data covers a huge array of information — from Internet and communications usage, to sales transactions, import and exports.

The Senate narrowly rejected expanding the FBI's surveillance powers Wednesday in the wake of the worst mass shooting in U.S. history.  Senators voted 58-38 on a procedural hurdle, with 60 votes needed to move forward. Majority Leader Mitch McConnellMitch McConnellOvernight Finance: Wall Street awaits Brexit result | Clinton touts biz support | New threat to Puerto Rico bill? | Dodd, Frank hit back The Trail 2016: Berning embers McConnell quashes Senate effort on guns MORE, who initially voted "yes," switched his vote, which allows him to potentially bring the measure back up. 

The Senate GOP proposal—being offered as an amendment to the Commerce, Justice and Science appropriations bill—would allow the FBI to use "national security letters" to obtain people's internet browsing history and other information without a warrant during a terrorism or federal intelligence probe.  It would also permanently extend a Patriot Act provision — currently set to expire in 2019 — meant to monitor "lone wolf" extremists.  Senate Republicans said they would likely be able to get enough votes if McConnell schedules a redo.

Asked if he anticipates supporters will be able to get 60 votes, Sen. John CornynJohn CornynSenate to vote on two gun bills Senate Dems rip GOP on immigration ruling Post Orlando, hawks make a power play MORE (R-Texas) separately told reporters "that's certainly my expectation." McConnell urged support for the proposal earlier Wednesday, saying it would give the FBI to "connect the dots" in terrorist investigations.  "We can focus on defeating [the Islamic State in Iraq and Syria] or we can focus on partisan politics. Some of our colleagues many think this is all some game," he said. "I believe this is a serious moment that calls for serious solutions."  But Democrats—and some Republicans—raised concerns that the changes didn't go far enough to ensure Americans' privacy.  Sen. Ron WydenRon WydenPost Orlando, hawks make a power play Democrats seize spotlight with sit-in on guns Democrats stage sit-in on House floor to push for gun vote MORE (D-Ore.) blasted his colleagues for "hypocrisy" after a gunman killed 49 people and injured dozens more during the mass shooting in Orlando, Fla. "Due process ought to apply as it relates to guns, but due process wouldn't apply as it relates to the internet activity of millions of Americans," he said ahead of Wednesday's vote. "Supporters of this amendment...have suggested that Americans need to choose between protecting our security and protecting our constitutional right to privacy." 

Now that the United States government has cracked open an iPhone that belonged to a gunman in the San Bernardino, Calif., mass shooting without Apple’s help, the tech company is under pressure to find and fix the flaw.But unlike other cases where security vulnerabilities have cropped up, Apple may face a higher set of hurdles in ferreting out and repairing the particular iPhone hole that the government hacked.The challenges start with the lack of information about the method that the law enforcement authorities, with the aid of a third party, used to break into the iPhone of Syed Rizwan Farook, an attacker in the San Bernardino rampage last year. Federal officials have refused to identify the person, or organization, who helped crack the device, and have declined to specify the procedure used to open the iPhone. Apple also cannot obtain the device to reverse-engineer the problem, the way it would in other hacking situations.

A bipartisan pair of lawmakers is expressing alarm at reported changes at the National Security Agency that would allow the intelligence service’s information to be used for policing efforts in the United States.“If media accounts are true, this radical policy shift by the NSA would be unconstitutional, and dangerous,” Reps. Ted Lieu (D-Calif.) and Blake FarentholdBlake FarentholdLawmakers warn of 'radical' move by NSA to share information Overnight Tech: Netflix scores win over Postal Service Lawmakers go green for St. Patrick's Day MORE (R-Texas) wrote in a letter to the spy agency this week. “The proposed shift in the relationship between our intelligence agencies and the American people should not be done in secret.ADVERTISEMENT“NSA’s mission has never been, and should never be, domestic policing or domestic spying.”The NSA has yet to publicly announce the change, but The New York Times reported last month that the administration was poised to expand the agency's ability to share information that it picks up about people’s communications with other intelligence agencies.The modification would open the door for the NSA to give the FBI and other federal agencies uncensored communications of foreigners and Americans picked up incidentally — but without a warrant — during sweeps.  

Robert Litt, the general counsel at the Office of the Director of National Intelligence, told the Times that it was finalizing a 21-page draft of procedures to allow the expanded sharing.  Separately, the Guardian reported earlier this month that the FBI had quietly changed its internal privacy rules to allow direct access to the NSA’s massive storehouse of communication data picked up on Internet service providers and websites.The revelations unnerved civil liberties advocates, who encouraged lawmakers to demand answers of the spy agency.“Under a policy like this, information collected by the NSA would be available to a host of federal agencies that may use it to investigate and prosecute domestic crimes,” said Neema Singh Guliani, legislative counsel and the American Civil Liberties Union. “Making such a change without authorization from Congress or the opportunity for debate would ignore public demands for greater transparency and oversight over intelligence activities.”In their letter this week, Lieu and Farenthold warned that the NSA’s changes would undermine Congress and unconstitutionally violate people’s privacy rights.   

“The executive branch would be violating the separation of powers by unilaterally transferring warrantless data collected under the NSA’s extraordinary authority to domestic agencies, which do not have such authority,” they wrote.“Domestic law enforcement agencies — which need a warrant supported by probable cause to search or seize — cannot do an end run around the Fourth Amendment by searching warrantless information collected by the NSA.”

The U.S. military is spending millions on an advanced implant that would allow a human brain to communicate directly with computers.If it succeeds, cyborgs will be a reality.The Pentagon's research arm, the Defense Advanced Research Projects Agency (DARPA), hopes the implant will allow humans to directly interface with computers, which could benefit people with aural and visual disabilities, such as veterans injured in combat.The goal of the proposed implant is to "open the channel between the human brain and modern electronics" according to DARPA's program manager, Phillip Alvelda.

DARPA sees the implant as providing a foundation for new therapies that could help people with deficits in sight or hearing by "feeding digital auditory or visual information into the brain."A spokesman for DARPA told CNN that the program is not intended for military applications.

But some experts see such an implant as having the potential for numerous applications, including military ones, in the field of wearable robotics -- which aims to augment and restore human performance.Conor Walsh, a professor of mechanical and biomedical engineering at Harvard University, told CNN that the implant would "change the game," adding that "in the future, wearable robotic devices will be controlled by implants."Walsh sees the potential for wearable robotic devices or exoskeletons in everything from helping a medical patient recover from a stroke to enhancing soldiers' capabilities in combat.The U.S. military is currently developing a battery-powered exoskeleton, the Tactical Assault Light Operator Suit, to provide superior protection from enemy fire and in-helmet technologies that boost the user's communications ability and vision.The suits' development is being overseen by U.S. Special Operations Command.In theory, the proposed neural implant would allow the military member operating the suit to more effectively control the armored exoskeleton while deployed in combat.

NSA Director Finally Admits Encryption Is Needed to Protect Public’s Privacy The new stance denotes a growing awareness within the government that Americans are not comfortable with the State’s grip on their data. By Carey Wedler | AntiMedia | January 22, 2016 Share this article! https://mail.google.com/mail/?view=cm&fs=1&to&su=NSA%20Director%20Finally%20Admits%20Encryption%20Is%20Needed%20to%20Protect%20Public%E2%80%99s%20Privacy&body=http%3A%2F%2Fwww.mintpress

Rogers cited the recent Office of Personnel Management hack of over 20 million users as a reason to increase encryption rather than scale it back. “What you saw at OPM, you’re going to see a whole lot more of,” he said, referring to the massive hack that compromised the personal data about 20 million people who obtained background checks. Rogers’ comments, while forward-thinking, signify an about face in his stance on encryption. In February 2015, he said he “shares [FBI] Director [James] Comey’s concern” about cell phone companies’ decision to add encryption features to their products. Comey has been one loudest critics of encryption. However, Rogers’ comments on Thursday now directly conflict with Comey’s stated position. The FBI director has publicly chastised encryption, as well as the companies that provide it. In 2014, he claimed Apple’s then-new encryption feature could lead the world to “a very dark place.” At a Department of Justice hearing in November, Comey testified that “Increasingly, the shadow that is ‘going dark’ is falling across more and more of our work.” Though he claimed, “We support encryption,” he insisted “we have a problem that encryption is crashing into public safety and we have to figure out, as people who care about both, to resolve it. So, I think the conversation’s in a healthier place.”

At the same hearing, Comey and Attorney General Loretta Lynch declined to comment on whether they had proof the Paris attackers used encryption. Even so, Comey recently lobbied for tech companies to do away with end-to-end encryption. However, his crusade has fallen on unsympathetic ears, both from the private companies he seeks to control — and from the NSA. Prior to Rogers’ statements in support of encryption Thursday, former NSA chief Michael Hayden said, “I disagree with Jim Comey. I actually think end-to-end encryption is good for America.” Still another former NSA chair has criticized calls for backdoor access to information. In October, Mike McConnell told a panel at an encryption summit that the United States is “better served by stronger encryption, rather than baking in weaker encryption.” Former Department of Homeland Security chief, Michael Chertoff, has also spoken out against government being able to bypass encryption.

Microsoft Corp. has agreed to change its policies and always tell email customers when it suspects there has been a government hacking attempt after widespread hacking by Chinese authorities was exposed. Microsoft experts concluded several years ago that Chinese authorities had hacked into more than a thousand Hotmail email accounts, targeting international leaders of China's Tibetan and Uighur minorities in particular — but it decided not to tell the victims, allowing the hackers to continue their campaign, according to former employees of the company. On Wednesday, after a series of requests for comment from Reuters, Microsoft said it would change its policy on notifying customers. Microsoft spokesman Frank Shaw said the company was never certain of the origin of the Hotmail attacks.

The company also confirmed for the first time that it had not called, emailed or otherwise told the Hotmail users that their electronic correspondence had been collected. The company declined to say what role the exposure of the Hotmail campaign played in its decision to make the policy shift. The first public signal of the attacks came in May 2011, though no direct link was immediately made with the Chinese authorities.

That's when security firm Trend Micro Inc announced it had found an email sent to someone in Taiwan that contained a miniature computer program. The program took advantage of a previously undetected flaw in Microsoft's own web pages to direct Hotmail and other free Microsoft email services to secretly forward copies of all of a recipient's incoming mail to an account controlled by the attacker. Trend Micro found more than a thousand victims, and Microsoft patched the vulnerability before the security company announced its findings publicly

The first (and thus far only) roll-back of post-9/11 surveillance authorities was implemented over the weekend: The National Security Agency shuttered its program for collecting and holding the metadata of Americans’ phone calls under Section 215 of the Patriot Act. While bulk collection under Section 215 has ended, the government can obtain access to this information under the procedures specified in the USA Freedom Act. Indeed, some experts have argued that the Agency likely has access to more metadata because its earlier dragnet didn’t cover cell phones or Internet calling. In addition, the metadata of calls made by an individual in the United States to someone overseas and vice versa can still be collected in bulk — this takes place abroad under Executive Order 12333. No doubt the NSA wishes that this was the end of the surveillance reform story and the Paris attacks initially gave them an opening. John Brennan, the Director of the CIA, implied that the attacks were somehow related to “hand wringing” about spying and Sen. Tom Cotton (R-Ark.) introduced a bill to delay the shut down of the 215 program. Opponents of encryption were quick to say: “I told you so.”

But the facts that have emerged thus far tell a different story. It appears that much of the planning took place IRL (that’s “in real life” for those of you who don’t have teenagers). The attackers, several of whom were on law enforcement’s radar, communicated openly over the Internet. If France ever has a 9/11 Commission-type inquiry, it could well conclude that the Paris attacks were a failure of the intelligence agencies rather than a failure of intelligence authorities. Despite the passage of the USA Freedom Act, US surveillance authorities have remained largely intact. Section 702 of the FISA Amendments Act — which is the basis of programs like PRISM and the NSA’s Upstream collection of information from Internet cables — sunsets in the summer of 2017. While it’s difficult to predict the political environment that far out, meaningful reform of Section 702 faces significant obstacles. Unlike the Section 215 program, which was clearly aimed at Americans, Section 702 is supposedly targeted at foreigners and only picks up information about Americans “incidentally.” The NSA has refused to provide an estimate of how many Americans’ information it collects under Section 702, despite repeated requests from lawmakers and most recently a large cohort of advocates. The Section 215 program was held illegal by two federal courts (here and here), but civil attempts to challenge Section 702 have run into standing barriers. Finally, while two review panels concluded that the Section 215 program provided little counterterrorism benefit (here and here), they found that the Section 702 program had been useful.

There is, nonetheless, some pressure to narrow the reach of Section 702. The recent decision by the European Court of Justice in the safe harbor case suggests that data flows between Europe and the US may be restricted unless the PRISM program is modified to protect the information of Europeans (see here, here, and here for discussion of the decision and reform options). Pressure from Internet companies whose business is suffering — estimates run to the tune of $35 to 180 billion — as a result of disclosures about NSA spying may also nudge lawmakers towards reform. One of the courts currently considering criminal cases which rely on evidence derived from Section 702 surveillance may hold the program unconstitutional either on the basis of the Fourth Amendment or Article III for the reasons set out in this Brennan Center report. A federal district court in Colorado recently rejected such a challenge, although as explained in Steve’s post, the decision did not seriously explore the issues. Further litigation in the European courts too could have an impact on the debate.

Moscow has warned Twitter that it must store Russian users' personal data in Russia, under a new law, the national communications watchdog told AFP on Wednesday. Legislation that came into force on September 1 requires both Russian and foreign social media sites, messenger services and search engines to store the data held on Russian users on servers located inside the country. The controversial law was adopted amid Internet users' growing concerns about the storage of their data, but also as Russia has moved to tighten security on social media and online news sites that are crucial outlets for the political opposition. Non-compliance could lead Russia's communications watchdog Roskomnadzor to block the sites and services. Roskomnadzor spokesman Vadim Ampelonsky confirmed to AFP that Russia had changed its initial position on US-based Twitter, which it had previously said did not fall under the law. Twitter must comply because it now asks users to supply their personal data, Ampelonsky said, confirming earlier comments by the head of Roskomnadzor Alexander Zharov to Russian media.

How much extra will you have to pay for the privilege of being spied on?

UK ISPs have warned MPs that the costs of implementing the Investigatory Powers Bill (aka the Snooper's Charter) will be much greater than the £175 million the UK government has allotted for the task, and that broadband bills will need to rise as a result. Representatives from ISPs and software companies told the House of Commons Science and Technology Committee that the legislation greatly underestimates the "sheer quantity" of data generated by Internet users these days. They also pointed out that distinguishing content from metadata is a far harder task than the government seems to assume. Matthew Hare, the chief executive of ISP Gigaclear, said with "a typical 1 gigabit connection to someone's home, over 50 terabytes of data per year [are] passing over it. If you say that a proportion of that is going to be the communications data—the record of who you communicate with, when you communicate or what you communicate—there would be the most massive and enormous amount of data that in future an access provider would be expected to keep. The indiscriminate collection of mass data across effectively every user of the Internet in this country is going to have a massive cost."

Moreover, the larger the cache of stored data, the more worthwhile it will be for criminals and state-backed actors to gain access and download that highly-revealing personal information for fraud and blackmail. John Shaw, the vice president of product management at British security firm Sophos, told the MPs: "There would be a huge amount of very sensitive personal data that could be used by bad guys.

Pending before federal magistrate judge James Orenstein is the government’s request for an order obligating Apple, Inc. to unlock an iPhone and thereby assist prosecutors in decrypting data the government has seized and is authorized to search pursuant to a warrant. In an order questioning the government’s purported legal basis for this request, the All Writs Act of 1789 (AWA), Judge Orenstein asked Apple for a brief informing the court whether the request would be technically feasible and/or burdensome. After Apple filed, the court asked it to file a brief discussing whether the government had legal grounds under the AWA to compel Apple’s assistance. Apple filed that brief and the government filed a reply brief last week in the lead-up to a hearing this morning.

We’ve long been concerned about whether end users own software under the law. Software owners have rights of adaptation and first sale enshrined in copyright law. But software publishers have claimed that end users are merely licensees, and our rights under copyright law can be waived by mass-market end user license agreements, or EULAs. Over the years, Granick has argued that users should retain their rights even if mass-market licenses purport to take them away. The government’s brief takes advantage of Apple’s EULA for iOS to argue that Apple, the software publisher, is responsible for iPhones around the world. Apple’s EULA states that when you buy an iPhone, you’re not buying the iOS software it runs, you’re just licensing it from Apple. The government argues that having designed a passcode feature into a copy of software which it owns and licenses rather than sells, Apple can be compelled under the All Writs Act to bypass the passcode on a defendant’s iPhone pursuant to a search warrant and thereby access the software owned by Apple. Apple’s supplemental brief argues that in defining its users’ contractual rights vis-à-vis Apple with regard to Apple’s intellectual property, Apple in no way waived its own due process rights vis-à-vis the government with regard to users’ devices. Apple’s brief compares this argument to forcing a car manufacturer to “provide law enforcement with access to the vehicle or to alter its functionality at the government’s request” merely because the car contains licensed software. 

This is an interesting twist on the decades-long EULA versus users’ rights fight. As far as we know, this is the first time that the government has piggybacked on EULAs to try to compel software companies to provide assistance to law enforcement. Under the government’s interpretation of the All Writs Act, anyone who makes software could be dragooned into assisting the government in investigating users of the software. If the court adopts this view, it would give investigators immense power. The quotidian aspects of our lives increasingly involve software (from our cars to our TVs to our health to our home appliances), and most of that software is arguably licensed, not bought. Conscripting software makers to collect information on us would afford the government access to the most intimate information about us, on the strength of some words in some license agreements that people never read. (And no wonder: The iPhone’s EULA came to over 300 pages when the government filed it as an exhibit to its brief.)