Skip to main content

Home/ Socialism and the End of the American Dream/ Group items tagged privacy rights

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
Paul Merrell

Europe Is Spying on You - The New York Times - 0 views

www.nytimes.com/...-on-you-mass-surveillance.html

surveillance state legislation litigation France Germany Austria Netherlands Findland ECJ

shared by Paul Merrell on 28 Oct 15 - No Cached
  • When Edward Snowden disclosed details of America’s huge surveillance program two years ago, many in Europe thought that the response would be increased transparency and stronger oversight of security services. European countries, however, are moving in the opposite direction. Instead of more public scrutiny, we are getting more snooping. Pushed to respond to the atrocious attacks in Paris and Copenhagen and by the threats posed by the Islamic State to Europe’s internal security, several countries are amending their counterterrorism legislation to grant more intrusive powers to security services, especially in terms of mass electronic surveillance.
  • Governments now argue that to guarantee our security we have to sacrifice some rights. This is a specious argument. By shifting from targeted to mass surveillance, governments risk undermining democracy while pretending to protect it.They are also betraying a long political and judicial tradition affording broad protection to privacy in Europe, where democratic legal systems have evolved to protect individuals from arbitrary interference by the state in their private and family life. The European Court of Human Rights has long upheld the principle that surveillance interferes with the right to privacy. Although the court accepts that the use of confidential information is essential in combating terrorist threats, it has held that the collection, use and storage of such information should be authorized only under exceptional and precise conditions, and must be accompanied by adequate legal safeguards and independent supervision. The court has consistently applied this principle for decades when it was called to judge the conduct of several European countries, which were combating domestic terrorist groups.
  • More recently, as new technologies have offered more avenues to increase surveillance and data collection, the court has reiterated its position in a number of leading cases against several countries, including France, Romania, Russia and Britain, condemned for having infringed the right to private and family life that in the interpretation of the court covers also “the physical and psychological integrity of a person.”
  • ...1 more annotation...
  • Last year, the European Court of Justice set limits on telecommunication data retention. By invalidating a European Union directive for its unnecessary “wide-ranging and particularly serious interference with the fundamental right to respect for private life” and personal data, this court reaffirmed the outstanding place privacy holds in Europe. This judgment echoed a 2006 German Constitutional Court ruling that the German police had breached the individual right to self-determination and human dignity after they conducted a computerized search of suspected terrorists. Regrettably, these judgments are often ignored by key decision-makers. Many of the surveillance policies that have recently been adopted in Europe fail to abide by these legal standards. Worse, many of the new intrusive measures would be applied without any prior judicial review establishing their legality, proportionality or necessity. This gives excessive power to governments and creates a clear risk of arbitrary application and abuse.
Paul Merrell

Canadians have united to reject fear and stop Bill C-51. Will the government listen? | ... - 0 views

rabble.ca/...ll-c-51-will-government-listen

surveillance state Canada CSIS legislation tyranny

shared by Paul Merrell on 07 May 15 - No Cached
  • It's rare in Canadian politics to see intense public interest in government legislative proposals -- let alone to see Canadians take to the streets in the tens of thousands to protest a piece of legislation by name. Yet that's exactly what has happened in the case of Bill C-51, which critics, including The Globe and Mail's editorial team, say will undermine basic democratic values and lead to the creation of a "secret police force" in Canada. In the space of a few short months since Bill C-51 was announced, hundreds of thousands of people have taken action to stop it: signing petitions, writing letters to local newspapers, phoning and writing to their member of Parliament, and hitting the streets in nationwide demonstrations in over 70 communities across Canada. It's not hard to see why so many people are concerned. Canada's top privacy and security experts warn that this legislation will undermine democratic rights Canadians have enjoyed for generations. For example, according to professors Craig Forcese and Kent Roach, who have conducted a detailed legal analysis of the legislation, Bill C-51 will:
  • Undermine Canadians' privacy by allowing widespread information disclosures among government agencies, and by giving the Canadian Security and Intelligence Service (CSIS) access to personal information held by up to 17 government departments. Even Stephen Harper has admitted that these kinds of dragnet surveillance measures are ineffective. Chill free speech online by criminalizing what is loosely defined as the promotion of "terrorism offences in general" and even showing "reckless disregard" for whether a particular post may encourage a violent act. As Forcese and Roach point out in their testimony to the Senate Standing Committee on National Security and Defence, "The new speech crime in our view violates freedom of expression because it reaches well beyond the sort of speech that threatens actual violence." Dramatically expand the powers of CSIS, without any commensurate increase in oversight or review measures. The legislation even allows CSIS to obtain a warrant permitting them to break the law and contravene the Charter rights of Canadians. Under C-51, such warrants would be granted in a secret hearing, with no representation from the target of such measures, and with no right of appeal.
  • So it's no surprise that Canadians are worried. What is unprecedented however, is the sheer number of Canadians taking part in the campaign to stop the bill. My organization, OpenMedia, has been campaigning on privacy issues for years -- but in all our time, we've never seen a public outpouring quite like this. Our joint efforts are clearly having an impact: public opinion has swung dramatically against Bill C-51 since it was announced. Support has plummeted, with a recent Forum Research poll finding that 56 per cent of Canadians now oppose Bill C-51, with just 33 per cent in favour. The business community, civic society groups, and principled conservatives have all spoken out. Sadly, there's no sign that the government is listening. At the time of writing, the government seems determined to use its majority to ram the legislation through the Commons in the coming weeks. What's even more worrying is that this reckless, dangerous, and ineffective legislation will further undermine Canadians' privacy rights -- rights that have already been seriously damaged by the government's Bill C-13, passed late last year, and by the government's failure to address the mass surveillance activities of its Canadian Security Establishment (CSE) intelligence agency.
Paul Merrell

NSA oversight dismissed as 'illusory' as anger intensifies in Europe and beyond | World... - 0 views

www.theguardian.com/...veillance-anger-deepens-europe

surveillance state NSA NSA-oversight NSA-blowback IAHCR U.N. legislation Sensenbrenner Leahy

shared by Paul Merrell on 30 Oct 13 - No Cached
  • The Obama administration's international surveillance crisis deepened on Monday as representatives from a Latin American human rights panel told US diplomats that oversight of the programs was "illusory".Members of the Inter-American Commission on Human Rights, an arm of the Organization of American States, expressed frustration and dissatisfaction with the National Security Agency's mass surveillance of foreign nationals – something the agency argues is both central to its existence and necessary to prevent terrorism. "With a program of this scope, it's obvious that any form of control becomes illusory when there's hundreds of millions of communications that become monitored and surveilled," said Felipe Gonzales, a commissioner and Chilean national."This is of concern to us because maybe the Inter-American Committee on Human Rights may become a target as well of surveillance," said Rodrigo Escobar Gil, a commissioner and Colombian citizen.
  • Frank La Rue, the United Nations special rapporteur on the right to freedom of opinion and expression, told the commission that the right to privacy was "inextricably linked" to free expression. "What is not permissible from a human rights point of view is that those that hold political power or those that are in security agencies or, even less, those in intelligence agencies decide by themselves, for themselves, what the scope of these surveillance activities are, or who will be targeted, or who will be blank surveilled," La Rue said.While the US sent four representatives to the hearing, they offered no defence, rebuttal or elaboration about bulk surveillance, saying the October government shutdown prevented them from adequate preparation. "We are here to listen," said deputy permanent representative Lawrence Gumbiner, who pledged to submit written responses within 30 days.All 35 North, Central and South American nations are members of the commission. La Rue, originally from Guatemala and an independent expert appointed by the Human Rights Council, travels the world reporting on human rights concerns – often in countries with poor democratic standards.
  • The Obama administration has been fielding a week's worth of European outrage following media reports that the NSA had collected a similarly large volume of phone calls from France – which director of national intelligence James Clapper, who recently apologised for misleading the Senate about domestic spying, called "false" – and spying on German chancellor Angela Merkel's own cellphone, which US officials have effectively confessed to. Brazil and Mexico are also demanding answers from US intelligence officials, following reports about intrusive acts of espionage in their territory revealed by documents provided to journalists by former NSA contractor Edward Snowden. The White House has said it will provide some answers after the completion of an external review of its surveillance programs, scheduled to be completed before the end of the year. The Guardian reported on Thursday that the NSA has intercepted the communications of 35 world leaders.
  • ...3 more annotations...
  • Spying on foreigners is the core mission of the NSA, one that it vigorously defends as appropriate, legal and unexceptional given the nature of global threats and widespread spycraft. Monday's hearing suggested that there are diplomatic consequences to bulk surveillance even if there may not be legal redress for non-Americans. Brazil has already shown a willingness to challenge Washington over bulk surveillance. President Dilma Rousseff postponed a September meeting with President Obama in protest, and denounced the spying during the UN general assembly shortly thereafter. Brazil is also teaming up with Germany at the UN on a general assembly resolution demanding an end to the mass surveillance. The commission's examination of the NSA's bulk surveillance activities suggested a potential southern front could open in the spy crisis just as the administration is attempting to calm down Europe.
  • International discomfort with NSA bulk surveillance is not the only spy challenge the Obama administration now confronts. Congressman James Sensenbrenner, the Wisconsin Republican and key author of the 2001 Patriot Act, is poised to introduce a bill this week that would prevent the NSA from collecting phone records on American citizens in bulk and without an individual warrant. The National Journal reported that Sensenbrenner's bill, which has a companion in the Senate, has attracted eight co-sponsors who either voted against or abstained on a July amendment in the House that would have defunded the domestic phone records bulk collection, a legislative gambit that came within seven votes of passage.Sensenbrenner's bill, like its Senate counterpart sponsored by Vermont Democrat Patrick Leahy, would not substantially restrict the NSA's foreign-focused surveillance, which is a traditional NSA activity. There is practically no congressional appetite, and no viable legislation, to limit the NSA from intercepting the communications of foreigners. An early sign about the course of potential surveillance reforms in the House of Representatives may come as early as Tuesday. The House intelligence committee, a hotbed of support for the NSA, will hold its first public hearing of the fall legislative calendar on proposed surveillance legislation. Its chairman, Mike Rogers of Michigan, has proposed requiring greater transparency on the NSA and the surveillance court that oversees it, but would largely leave the actual surveillance activities of the NSA, inside and outside the United States, untouched.
  • Alex Abdo, a lawyer with the ACLU, which requested the hearing at the Inter-American Commission on Human Rights, warned the human rights panel that the NSA could "target the foreign members of this commission when they travel abroad", as well as foreign dissidents of US-aligned governments; foreign lawyers for Guantánamo detainees; and other foreigners."If every country were to engage in surveillance as pervasive as the NSA, we would soon live in a state … with no refuge for the world's dissidents, journalists and human rights defenders," Abdo said.
Paul Merrell

IPS - U.N. Will Censure Illegal Spying, But Not U.S. | Inter Press Service - 0 views

www.ipsnews.net/...ure-illegal-spying-but-not-u-s

surveillance state NSA NSA-blowback U.N. international law

shared by Paul Merrell on 30 Oct 13 - No Cached
  • When the 193-member General Assembly adopts a resolution next month censuring the illegal electronic surveillance of governments and world leaders by the U.S. National Security Agency (NSA), the U.N.’s highest policy-making body will spare the United States from public condemnation despite its culpability in widespread wiretapping. A draft resolution currently in limited circulation – a copy of which was obtained by IPS – criticises “the conduct of extra-territorial surveillance” and the “interception of communications in foreign jurisdictions”. But it refuses to single out the NSA or the United States, which stands accused of spying on foreign governments, including political leaders in Germany, France, Brazil, Spain and Mexico, among some 30 others.
  • The draft says that while the gathering and protection of certain sensitive information may be justified on grounds of national security and criminal activity, member states must still ensure full compliance with international human rights. The resolution will also emphasise “that illegal surveillance of private communications and the indiscriminate interception of personal data of citizens constitutes a highly intrusive act that violates the rights to freedom of expression and privacy, and threatens the foundations of a democratic society.” Additionally, it will call for the establishment of independent oversight mechanisms capable of ensuring transparency and accountability of state surveillance of communications. And the resolution will request the U.N. High Commissioner for Human Rights, Navi PIllay, to present an interim report on the issue of human rights and “indiscriminate surveillance, including on extra-territorial surveillance.” This report is to be presented to the 69th session of the General Assembly next September, and a final report to its 70th session in 2015.
  • Chakravarthi Raghavan, a veteran Indian journalist who has been reporting on the U.N. and its activities since the 1960s, both in New York and later in Geneva, told IPS the resolution may help start a process under which the national security interests of every state, international security and right to privacy and human rights of people can be discussed and a balance found in some universal forum. “Otherwise, the U.N. world order will break down, and no one will benefit or emerge unscathed,” he said. Much will depend on the follow-up action that the General Assembly resolution calls for, and with what tenacity members pursue it. “Frankly, I am not at all clear that some of the nations raising the issue now are really serious,” said Raghavan, editor-emeritus of the Geneva-based South-North Development Monitor SUNS. “If they were, any one of them in Europe would have granted asylum to Edward Snowden, and not play footsie with U.S. in its attempts to have him jailed in the U.S. on espionage charges.” The revelations of U.S. spying have come mostly from documents released by Snowden, a former NSA contractor, who sought political asylum in Russia after he was accused of espionage by the United States.
  • ...2 more annotations...
  • One Third World diplomat, speaking on condition of anonymity, told IPS the draft could undergo changes by the time it reaches the General Assembly mid-November. But he held out little hope the final resolution will specifically castigate the United States because of the political clout it wields at the United Nations, and Washington’s notoriety for exerting diplomatic pressure on its allies and aid recipients. Besides which, he said, everybody plays the spying game, including the French, the Germans, the Chinese and the Russians — and therefore none of them can afford to take a “holier than thou” attitude. Still, as the New York Times put it last week, “One thing is clear: the NSA’s Cold War-era argument, that everyone does it, seems unlikely to win the day.”
  • There has been a longstanding tradition that the “Five Eyes” do not spy on each other, the five being the United States, Britain, Canada, Australia and New Zealand. But the surveillance of European political leaders has triggered a strong rejoinder from the 28-member European Union (EU). Raghavan told IPS that even if other countries are not publicly feuding with the U.S. over this — and perhaps their own security apparatuses are secretly collaborating in this global “surveillance state” — the NSA activities at a minimum raise several systemic issues involving basic violations. These include violations of the U.N. Charter; “unauthorised” and blatantly illegal invasions and/or intrusions into national space; World Trade Organisation (WTO) agreements, in particular the Trade-Related Intellectual Property Rights (TRIPS) Agreement and the General Agreement on Trade in Services (GATS); the International Telecommunication Union Treaty and Conventions; treaties and protocols of the World Intellectual Property Organisation (WIPO); the Universal Human Rights Declaration and conventions; and the Vienna diplomatic conventions and codes of behaviour among civilised nations. “All these strike at the roots of the very basics of international law and international public law,” he said.
  • Paul Merrell on 30 Oct 13
     
    So if Raghavan is correct, a new treaty will emerge from the debacle that limits but does not end foreign surveillance. And if so, I predict that it will have no enforcement provisions and absolutely no citizen remedies for rights violated. The farther we go down the NSA rabbit hole, the more convinced I am that it is a stark choice between having spy agencies equipped for digital surveillance and Internet Freedom.  Internet Freedom seems far better equipped to produce world peace through understanding than spy agencies who deliver their "intelligence" to only the favored few. 
Paul Merrell

Republican Party Calls For End To NSA Domestic Phone Records Program | TIME.com - 0 views

swampland.time.com/...nvestigation-into-nsa-snooping

surveillance state NSA NSA-blowback RNC-resolution

shared by Paul Merrell on 26 Jan 14 - No Cached
  • In the latest indication of a growing libertarian wing of the GOP, the Republican National Committee passed a resolution Friday calling for an investigation into the “gross infringement” of Americans’ rights by National Security Agency programs that were revealed by Edward Snowden. The resolution also calls on on Republican members of Congress to enact amendments to the Section 215 law that currently allows the spy agency to collect records of almost every domestic telephone call. The amendment should make clear that “blanket surveillance of the Internet activity, phone records and correspondence — electronic, physical, and otherwise — of any person residing in the U.S. is prohibited by law and that violations can be reviewed in adversarial proceedings before a public court,” the resolution reads.
  • The measure, the “Resolution to Renounce the National Security Agency’s Surveillance Program,” passed by an “overwhelming majority” by voice vote, along with resolutions calling for the repeal of the Foreign Account Tax Compliance Act and reaffirming the party’s pro-life stance, according to Reince Priebus, the RNC chairman. Among other points, the resolution declares “the mass collection and retention of personal data is in itself contrary to the right of privacy protected by the Fourth Amendment of the United States Constitution,” a claim embraced by civil libertarians of both parties. The revelation of the NSA programs has caused deepened a rift within the Republican Party between national security hawks and libertarians, but at the meeting, no RNC member rose to speak against the resolution.
  • The full text of the resolution as given to TIME follows below: Resolution to Renounce the National Security Agency’s Surveillance Program WHEREAS, the secret surveillance program called PRISM targets, among other things, the surveillance of U.S. citizens on a vast scale and monitors searching habits of virtually every American on the internet; WHEREAS, this dragnet program is, as far as we know, the largest surveillance effort ever launched by a democratic government against its own citizens, consisting of the mass acquisition of Americans’ call details encompassing all wireless and landline subscribers of the country’s three largest phone companies; WHEREAS, every time an American citizen makes a phone call, the NSA gets a record of the location, the number called, the time of the call and the length of the conversation, all of which are an invasion into the personal lives of American citizens that violates the right of free speech and association afforded by the First Amendment of the United States Constitution;
  • ...3 more annotations...
  • WHEREAS, the mass collection and retention of personal data is in itself contrary to the right of privacy protected by the Fourth Amendment of the United States Constitution, which guarantees the right of the people to be secure in their persons, houses, papers, and effects against unreasonable searches and seizures, that warrants shall issue only upon probable cause, and generally prevents the American government from issuing modern-day writs of assistance; WHEREAS, unwarranted government surveillance is an intrusion on basic human rights that threatens the very foundations of a democratic society and this program represents a gross infringement of the freedom of association and the right to privacy and goes far beyond even the permissive limits set by the Patriot Act; and WHEREAS, Republican House Representative Jim Sensenbrenner, an author of the Patriot Act and Chairman of the House Judiciary Committee at the time of Section 215′s passage, called the Section 215 surveillance program “an abuse of that law,” writing that, “based on the scope of the released order, both the administration and the FISA (Foreign Intelligence Surveillance Act) court are relying on an unbounded interpretation of the act that Congress never intended,” therefore be it
  • RESOLVED, the Republican National Committee encourages Republican lawmakers to enact legislation to amend Section 215 of the USA Patriot Act, the state secrets privilege, and the FISA Amendments Act to make it clear that blanket surveillance of the Internet activity, phone records and correspondence — electronic, physical, and otherwise — of any person residing in the U.S. is prohibited by law and that violations can be reviewed in adversarial proceedings before a public court; RESOLVED, the Republican National Committee encourages Republican lawmakers to call for a special committee to investigate, report, and reveal to the public the extent of this domestic spying and the committee should create specific recommendations for legal and regulatory reform ot end unconstitutional surveillance as well as hold accountable those public officials who are found to be responsible for this unconstitutional surveillance; and
  • RESOLVED, the Republican National Committee encourages Republican lawmakers to immediately take action to halt current unconstitutional surveillance programs and provide a full public accounting of the NSA’s data collection programs.
  • Paul Merrell on 26 Jan 14
     
    That's more like it! Notice that the call is for a "special committee to investigate," etc., not the House Intelligence Committee chaired by Mike Rogers.  Note also the call for heads to roll.
  • Paul Merrell on 26 Jan 14
     
    Something messed up in the quoting of the resolution. Please go to the linked web site for the resolution's full text.
Paul Merrell

FBI demands new powers to hack into computers and carry out surveillance | US news | Th... - 0 views

www.theguardian.com/...hacking-computers-surveillance

surveillance state FBI Fed.R.Crim.P.-41 roving-warrants

shared by Paul Merrell on 01 Nov 14 - No Cached
  • The FBI is attempting to persuade an obscure regulatory body in Washington to change its rules of engagement in order to seize significant new powers to hack into and carry out surveillance of computers throughout the US and around the world. Civil liberties groups warn that the proposed rule change amounts to a power grab by the agency that would ride roughshod over strict limits to searches and seizures laid out under the fourth amendment of the US constitution, as well as violate first amendment privacy rights. They have protested that the FBI is seeking to transform its cyber capabilities with minimal public debate and with no congressional oversight. The regulatory body to which the Department of Justice has applied to make the rule change, the advisory committee on criminal rules, will meet for the first time on November 5 to discuss the issue. The panel will be addressed by a slew of technology experts and privacy advocates concerned about the possible ramifications were the proposals allowed to go into effect next year.
  • “This is a giant step forward for the FBI’s operational capabilities, without any consideration of the policy implications. To be seeking these powers at a time of heightened international concern about US surveillance is an especially brazen and potentially dangerous move,” said Ahmed Ghappour, an expert in computer law at University of California, Hastings college of the law, who will be addressing next week’s hearing. The proposed operating changes related to rule 41 of the federal rules of criminal procedure, the terms under which the FBI is allowed to conduct searches under court-approved warrants. Under existing wording, warrants have to be highly focused on specific locations where suspected criminal activity is occurring and approved by judges located in that same district. But under the proposed amendment, a judge can issue a warrant that would allow the FBI to hack into any computer, no matter where it is located. The change is designed specifically to help federal investigators carry out surveillance on computers that have been “anonymized” – that is, their location has been hidden using tools such as Tor.
  • Were the amendment to be granted by the regulatory committee, the FBI would have the green light to unleash its capabilities – known as “network investigative techniques” – on computers across America and beyond. The techniques involve clandestinely installing malicious software, or malware, onto a computer that in turn allows federal agents effectively to control the machine, downloading all its digital contents, switching its camera or microphone on or off, and even taking over other computers in its network.
  • ...2 more annotations...
  • Civil liberties and privacy groups are particularly alarmed that the FBI is seeking such a huge step up in its capabilities through such an apparently backdoor route. Soghoian said of next week’s meeting: “This should not be the first public forum for discussion of an issue of this magnitude.” Jennifer Granick, director of civil liberties at the Stanford center for internet and society, said that “this is an investigative technique that we haven’t seen before and we haven’t thrashed out the implications. It absolutely should not be done through a rule change – it has to be fully debated publicly, and Congress must be involved.” Ghappour has also highlighted the potential fall-out internationally were the amendment to be approved. Under current rules, there are no fourth amendment restrictions to US government surveillance activities in other countries as the US constitution only applies to domestic territory.
  • Another insight into the expansive thrust of US government thinking in terms of its cyber ambitions was gleaned recently in the prosecution of Ross Ulbricht, the alleged founder of the billion-dollar drug site the Silk Road. Experts suspect that the FBI hacked into the Silk Road server, that was located in Reykjavik, Iceland, though the agency denies that. In recent legal argument, US prosecutors claimed that even if they had hacked into the server without a warrant, it would have been justified as “a search of foreign property known to contain criminal evidence, for which a warrant was not necessary”.
  • Paul Merrell on 01 Nov 14
     
    This rule change has been in the works during the last year.  "The change is designed specifically to help federal investigators carry out surveillance on computers that have been "anonymized" - that is, their location has been hidden using tools such as Tor."  Are we dizzy yet? The State Department is pushing the use of TOR by dissidents in nations whose governments State and the CIA intends to overthrow. Meanwhile, Feed Bag, Inc. wants use of TOR to be sufficient grounds for installing malware on anyone using it to make their systems and all their systems can see or hear be an open book. Let's see. There's the First Amendment right to anonymous speech just to begin with. McIntyre v. Ohio Elections Comm'n, 514 US 334 (1995). ("Under our Constitution, anonymous pamphleteering is not a pernicious, fraudulent practice, but an honorable tradition of advocacy and of dissent. Anonymity is a shield from the tyranny of the majority. It thus exemplifies the purpose behind the Bill of Rights, and of the First Amendment in particular: to protect unpopular individuals from retaliation-and their ideas from suppression-at the hand of an intolerant society. The right to remain anonymous may be abused when it shields fraudulent conduct. But political speech by its nature will sometimes have unpalatable consequences, and, in general, our society accords greater weight to the value of free speech than to the dangers of its misuse.") (Internal citation omitted.) And of course there's the Natural Law liberty to whisper, to utter words in a way that none but the intended recipient can hear. So throw on the violation of the Fifth Amendment's Liberty clause. Then there's the plain language of the Fourth Amendment warrant clause, "particularly describing the *place* to be searched." Not to mention the major reason for the Fourth Amendment, to abolish the "general warrant" that had enabled the Crown to search wherever the warrant's executor's little heart desired.  And th
Paul Merrell

Brazilian president Rousseff: US surveillance a 'breach of international law' | World n... - 0 views

www.theguardian.com/...ent-un-speech-nsa-surveillance

surveillance state NSA NSA-blowback Brazil Internet-Balkanization

shared by Paul Merrell on 25 Sep 13 - No Cached
  • Brazil's president, Dilma Rousseff, has launched a blistering attack on US espionage at the UN general assembly, accusing the NSA of violating international law by its indiscriminate collection of personal information of Brazilian citizens and economic espionage targeted on the country's strategic industries.Rousseff's angry speech was a direct challenge to President Barack Obama, who was waiting in the wings to deliver his own address to the UN general assembly, and represented the most serious diplomatic fallout to date from the revelations by former NSA contractor Edward Snowden.
  • Washington's efforts to smooth over Brazilian outrage over NSA espionage have so far been rebuffed by Rousseff, who has proposed that Brazil build its own internet infrastructure."Friendly governments and societies that seek to build a true strategic partnership, as in our case, cannot allow recurring illegal actions to take place as if they were normal. They are unacceptable," she said."The arguments that the illegal interception of information and data aims at protecting nations against terrorism cannot be sustained. Brazil, Mr President, knows how to protect itself. We reject, fight and do not harbour terrorist groups," Rousseff said."As many other Latin Americans, I fought against authoritarianism and censorship and I cannot but defend, in an uncompromising fashion, the right to privacy of individuals and the sovereignty of my country," the Brazilian president said. She was imprisoned and tortured for her role in a guerilla movement opposed to Brazil's military dictatorship in the 1970s."In the absence of the right to privacy, there can be no true freedom of expression and opinion, and therefore no effective democracy. In the absence of the respect for sovereignty, there is no basis for the relationship among nations."
  • Paul Merrell on 25 Sep 13
     
    We should never lose sight of the fact that every time the NSA intercepts a message from a foreign nation, it violates the civil and criminal laws of that nation. The NSA and its staff are serial criminals, not patriots. The Balkanization of the Internet into a non-net of local area networks to protect nations' citizen rights from NSA voyeurs is all too predictable. This will be their legacy unless we can stop them.
Paul Merrell

SPIEGEL Exclusive: NSA Spies on International Bank Transactions - SPIEGEL ONLINE - 0 views

www.spiegel.de/...ank-transactions-a-922276.html

surveillance state NSA GCHQ VISA SWIFT banksters Tracfin

shared by Paul Merrell on 16 Sep 13 - No Cached
  • The National Security Agency (NSA) widely monitors international payments, banking and credit card transactions, according to documents seen by SPIEGEL. The information from the American foreign intelligence agency, acquired by former NSA contractor and whistleblower Edward Snowden, show that the spying is conducted by a branch called "Follow the Money" (FTM). The collected information then flows into the NSA's own financial databank, called "Tracfin," which in 2011 contained 180 million records. Some 84 percent of the data is from credit card transactions. Further NSA documents from 2010 show that the NSA also targets the transactions of customers of large credit card companies like VISA for surveillance. NSA analysts at an internal conference that year described in detail how they had apparently successfully searched through the US company's complex transaction network for tapping possibilities.
  • Their aim was to gain access to transactions by VISA customers in Europe, the Middle East and Africa, according to one presentation. The goal was to "collect, parse and ingest transactional data for priority credit card associations, focusing on priority geographic regions." In response to a SPIEGEL inquiry, however, VISA issued a statement in which it said, "We are not aware of any unauthorized access to our network. Visa takes data security seriously and, in response to any attempted intrusion, we would pursue all available remedies to the fullest extent of the law. Further, its Visa's policy to only provide transaction information in response to a subpoena or other valid legal process." The NSA's Tracfin data bank also contained data from the Brussels-based Society for Worldwide Interbank Financial Telecommunication (SWIFT), a network used by thousands of banks to send transaction information securely. SWIFT was named as a "target," according to the documents, which also show that the NSA spied on the organization on several levels, involving, among others, the agency's "tailored access operations" division. One of the ways the agency accessed the data included reading "SWIFT printer traffic from numerous banks," the documents show.
  • But even intelligence agency employees are somewhat concerned about spying on the world finance system, according to one document from the UK's intelligence agency GCHQ concerning the legal perspectives on "financial data" and the agency's own cooperations with the NSA in this area. The collection, storage and sharing of politically sensitive data is a deep invasion of privacy, and involved "bulk data" full of "rich personal information," much of which "is not about our targets," the document says.
  • Paul Merrell on 16 Sep 13
     
    NSA and GCHQ spying on banksters' transactions? I'll bet that comes to a screeching halt soon. Isn't it unwritten law in the Obama Administration that no government agencies mess with the banksters?
Paul Merrell

Edward Snowden: A 'Nation' Interview | The Nation - 0 views

www.thenation.com/...wden-exile-exclusive-interview

surveillance state Snowden-interview

shared by Paul Merrell on 30 Oct 14 - No Cached
  • Snowden: That’s the key—to maintain the garden of liberty, right? This is a generational thing that we must all do continuously. We only have the rights that we protect. It doesn’t matter what we say or think we have. It’s not enough to believe in something; it matters what we actually defend. So when we think in the context of the last decade’s infringements upon personal liberty and the last year’s revelations, it’s not about surveillance. It’s about liberty. When people say, “I have nothing to hide,” what they’re saying is, “My rights don’t matter.” Because you don’t need to justify your rights as a citizen—that inverts the model of responsibility. The government must justify its intrusion into your rights. If you stop defending your rights by saying, “I don’t need them in this context” or “I can’t understand this,” they are no longer rights. You have ceded the concept of your own rights. You’ve converted them into something you get as a revocable privilege from the government, something that can be abrogated at its convenience. And that has diminished the measure of liberty within a society.
  • From the very beginning, I said there are two tracks of reform: there’s the political and the technical. I don’t believe the political will be successful, for exactly the reasons you underlined. The issue is too abstract for average people, who have too many things going on in their lives. And we do not live in a revolutionary time. People are not prepared to contest power. We have a system of education that is really a sort of euphemism for indoctrination. It’s not designed to create critical thinkers. We have a media that goes along with the government by parroting phrases intended to provoke a certain emotional response—for example, “national security.” Everyone says “national security” to the point that we now must use the term “national security.” But it is not national security that they’re concerned with; it is state security. And that’s a key distinction. We don’t like to use the phrase “state security” in the United States because it reminds us of all the bad regimes. But it’s a key concept, because when these officials are out on TV, they’re not talking about what’s good for you. They’re not talking about what’s good for business. They’re not talking about what’s good for society. They’re talking about the protection and perpetuation of a national state system. I’m not an anarchist. I’m not saying, “Burn it to the ground.” But I’m saying we need to be aware of it, and we need to be able to distinguish when political developments are occurring that are contrary to the public interest. And that cannot happen if we do not question the premises on which they’re founded. And that’s why I don’t think political reform is likely to succeed. [Senators] Udall and Wyden, on the intelligence committee, have been sounding the alarm, but they are a minority.
  • The Nation: Every president—and this seems to be confirmed by history—will seek to maximize his or her power, and will see modern-day surveillance as part of that power. Who is going to restrain presidential power in this regard? Snowden: That’s why we have separate and co-equal branches. Maybe it will be Congress, maybe not. Might be the courts, might not. But the idea is that, over time, one of these will get the courage to do so. One of the saddest and most damaging legacies of the Bush administration is the increased assertion of the “state secrets” privilege, which kept organizations like the ACLU—which had cases of people who had actually been tortured and held in indefinite detention—from getting their day in court. The courts were afraid to challenge executive declarations of what would happen. Now, over the last year, we have seen—in almost every single court that has had this sort of national-security case—that they have become markedly more skeptical. People at civil-liberties organizations say it’s a sea change, and that it’s very clear judges have begun to question more critically assertions made by the executive. Even though it seems so obvious now, it is extraordinary in the context of the last decade, because courts had simply said they were not the best branch to adjudicate these claims—which is completely wrong, because they are the only nonpolitical branch. They are the branch that is specifically charged with deciding issues that cannot be impartially decided by politicians. The power of the presidency is important, but it is not determinative. Presidents should not be exempted from the same standards of reason and evidence and justification that any other citizen or civil movement should be held to.
  • ...14 more annotations...
  • The Nation: Explain the technical reform you mentioned. Snowden: We already see this happening. The issue I brought forward most clearly was that of mass surveillance, not of surveillance in general. It’s OK if we wiretap Osama bin Laden. I want to know what he’s planning—obviously not him nowadays, but that kind of thing. I don’t care if it’s a pope or a bin Laden. As long as investigators must go to a judge—an independent judge, a real judge, not a secret judge—and make a showing that there’s probable cause to issue a warrant, then they can do that. And that’s how it should be done. The problem is when they monitor all of us, en masse, all of the time, without any specific justification for intercepting in the first place, without any specific judicial showing that there’s a probable cause for that infringement of our rights.
  • Since the revelations, we have seen a massive sea change in the technological basis and makeup of the Internet. One story revealed that the NSA was unlawfully collecting data from the data centers of Google and Yahoo. They were intercepting the transactions of data centers of American companies, which should not be allowed in the first place because American companies are considered US persons, sort of, under our surveillance authorities. They say, “Well, we were doing it overseas,” but that falls under a different Reagan-era authority: EO 12333, an executive order for foreign-intelligence collection, as opposed to the ones we now use domestically. So this one isn’t even authorized by law. It’s just an old-ass piece of paper with Reagan’s signature on it, which has been updated a couple times since then. So what happened was that all of a sudden these massive, behemoth companies realized their data centers—sending hundreds of millions of people’s communications back and forth every day—were completely unprotected, electronically naked. GCHQ, the British spy agency, was listening in, and the NSA was getting the data and everything like that, because they could dodge the encryption that was typically used. Basically, the way it worked technically, you go from your phone to Facebook.com, let’s say—that link is encrypted. So if the NSA is trying to watch it here, they can’t understand it. But what these agencies discovered was, the Facebook site that your phone is connected to is just the front end of a larger corporate network—that’s not actually where the data comes from. When you ask for your Facebook page, you hit this part and it’s protected, but it has to go on this long bounce around the world to actually get what you’re asking for and go back. So what they did was just get out of the protected part and they went onto the back network. They went into the private network of these companies.
  • The Nation: The companies knew this? Snowden: Companies did not know it. They said, “Well, we gave the NSA the front door; we gave you the PRISM program. You could get anything you wanted from our companies anyway—all you had to do was ask us and we’re gonna give it to you.” So the companies couldn’t have imagined that the intelligence communities would break in the back door, too—but they did, because they didn’t have to deal with the same legal process as when they went through the front door. When this was published by Barton Gellman in The Washington Post and the companies were exposed, Gellman printed a great anecdote: he showed two Google engineers a slide that showed how the NSA was doing this, and the engineers “exploded in profanity.” Another example—one document I revealed was the classified inspector general’s report on a Bush surveillance operation, Stellar Wind, which basically showed that the authorities knew it was unlawful at the time. There was no statutory basis; it was happening basically on the president’s say-so and a secret authorization that no one was allowed to see. When the DOJ said, “We’re not gonna reauthorize this because it is not lawful,” Cheney—or one of Cheney’s advisers—went to Michael Hayden, director of the NSA, and said, “There is no lawful basis for this program. DOJ is not going to reauthorize it, and we don’t know what we’re going to do. Will you continue it anyway on the president’s say-so?” Hayden said yes, even though he knew it was unlawful and the DOJ was against it. Nobody has read this document because it’s like twenty-eight pages long, even though it’s incredibly important.
  • The big tech companies understood that the government had not only damaged American principles, it had hurt their businesses. They thought, “No one trusts our products anymore.” So they decided to fix these security flaws to secure their phones. The new iPhone has encryption that protects the contents of the phone. This means if someone steals your phone—if a hacker or something images your phone—they can’t read what’s on the phone itself, they can’t look at your pictures, they can’t see the text messages you send, and so forth. But it does not stop law enforcement from tracking your movements via geolocation on the phone if they think you are involved in a kidnapping case, for example. It does not stop law enforcement from requesting copies of your texts from the providers via warrant. It does not stop them from accessing copies of your pictures or whatever that are uploaded to, for example, Apple’s cloud service, which are still legally accessible because those are not encrypted. It only protects what’s physically on the phone. This is purely a security feature that protects against the kind of abuse that can happen with all these things being out there undetected. In response, the attorney general and the FBI director jumped on a soap box and said, “You are putting our children at risk.”
  • The Nation: Is there a potential conflict between massive encryption and the lawful investigation of crimes? Snowden: This is the controversy that the attorney general and the FBI director were trying to create. They were suggesting, “We have to be able to have lawful access to these devices with a warrant, but that is technically not possible on a secure device. The only way that is possible is if you compromise the security of the device by leaving a back door.” We’ve known that these back doors are not secure. I talk to cryptographers, some of the leading technologists in the world, all the time about how we can deal with these issues. It is not possible to create a back door that is only accessible, for example, to the FBI. And even if it were, you run into the same problem with international commerce: if you create a device that is famous for compromised security and it has an American back door, nobody is gonna buy it. Anyway, it’s not true that the authorities cannot access the content of the phone even if there is no back door. When I was at the NSA, we did this every single day, even on Sundays. I believe that encryption is a civic responsibility, a civic duty.
  • The Nation: Some years ago, The Nation did a special issue on patriotism. We asked about a hundred people how they define it. How do you define patriotism? And related to that, you’re probably the world’s most famous whistleblower, though you don’t like that term. What characterization of your role do you prefer? Snowden: What defines patriotism, for me, is the idea that one rises to act on behalf of one’s country. As I said before, that’s distinct from acting to benefit the government—a distinction that’s increasingly lost today. You’re not patriotic just because you back whoever’s in power today or their policies. You’re patriotic when you work to improve the lives of the people of your country, your community and your family. Sometimes that means making hard choices, choices that go against your personal interest. People sometimes say I broke an oath of secrecy—one of the early charges leveled against me. But it’s a fundamental misunderstanding, because there is no oath of secrecy for people who work in the intelligence community. You are asked to sign a civil agreement, called a Standard Form 312, which basically says if you disclose classified information, they can sue you; they can do this, that and the other. And you risk going to jail. But you are also asked to take an oath, and that’s the oath of service. The oath of service is not to secrecy, but to the Constitution—to protect it against all enemies, foreign and domestic. That’s the oath that I kept, that James Clapper and former NSA director Keith Alexander did not. You raise your hand and you take the oath in your class when you are on board. All government officials are made to do it who work for the intelligence agencies—at least, that’s where I took the oath.
  • The Nation: Creating a new system may be your transition, but it’s also a political act. Snowden: In case you haven’t noticed, I have a somewhat sneaky way of effecting political change. I don’t want to directly confront great powers, which we cannot defeat on their terms. They have more money, more clout, more airtime. We cannot be effective without a mass movement, and the American people today are too comfortable to adapt to a mass movement. But as inequality grows, the basic bonds of social fraternity are fraying—as we discussed in regard to Occupy Wall Street. As tensions increase, people will become more willing to engage in protest. But that moment is not now.
  • The Nation: You really think that if you could go home tomorrow with complete immunity, there wouldn’t be irresistible pressure on you to become a spokesperson, even an activist, on behalf of our rights and liberties? Indeed, wouldn’t that now be your duty? Snowden: But the idea for me now—because I’m not a politician, and I do not think I am as effective in this way as people who actually prepare for it—is to focus on technical reform, because I speak the language of technology. I spoke with Tim Berners-Lee, the guy who invented the World Wide Web. We agree on the necessity for this generation to create what he calls the Magna Carta for the Internet. We want to say what “digital rights” should be. What values should we be protecting, and how do we assert them? What I can do—because I am a technologist, and because I actually understand how this stuff works under the hood—is to help create the new systems that reflect our values. Of course I want to see political reform in the United States. But we could pass the best surveillance reforms, the best privacy protections in the history of the world, in the United States, and it would have zero impact internationally. Zero impact in China and in every other country, because of their national laws—they won’t recognize our reforms; they’ll continue doing their own thing. But if someone creates a reformed technical system today—technical standards must be identical around the world for them to function together.
  • As for labeling someone a whistleblower, I think it does them—it does all of us—a disservice, because it “otherizes” us. Using the language of heroism, calling Daniel Ellsberg a hero, and calling the other people who made great sacrifices heroes—even though what they have done is heroic—is to distinguish them from the civic duty they performed, and excuses the rest of us from the same civic duty to speak out when we see something wrong, when we witness our government engaging in serious crimes, abusing power, engaging in massive historic violations of the Constitution of the United States. We have to speak out or we are party to that bad action.
  • The Nation: Considering your personal experience—the risks you took, and now your fate here in Moscow—do you think other young men or women will be inspired or discouraged from doing what you did? Snowden: Chelsea Manning got thirty-five years in prison, while I’m still free. I talk to people in the ACLU office in New York all the time. I’m able to participate in the debate and to campaign for reform. I’m just the first to come forward in the manner that I did and succeed. When governments go too far to punish people for actions that are dissent rather than a real threat to the nation, they risk delegitimizing not just their systems of justice, but the legitimacy of the government itself. Because when they bring political charges against people for acts that were clearly at least intended to work in the public interest, they deny them the opportunity to mount a public-interest defense. The charges they brought against me, for example, explicitly denied my ability to make a public-interest defense. There were no whistleblower protections that would’ve protected me—and that’s known to everybody in the intelligence community. There are no proper channels for making this information available when the system fails comprehensively.
  • The government would assert that individuals who are aware of serious wrongdoing in the intelligence community should bring their concerns to the people most responsible for that wrongdoing, and rely on those people to correct the problems that those people themselves authorized. Going all the way back to Daniel Ellsberg, it is clear that the government is not concerned with damage to national security, because in none of these cases was there damage. At the trial of Chelsea Manning, the government could point to no case of specific damage that had been caused by the massive revelation of classified information. The charges are a reaction to the government’s embarrassment more than genuine concern about these activities, or they would substantiate what harms were done. We’re now more than a year since my NSA revelations, and despite numerous hours of testimony before Congress, despite tons of off-the-record quotes from anonymous officials who have an ax to grind, not a single US official, not a single representative of the United States government, has ever pointed to a single case of individualized harm caused by these revelations. This, despite the fact that former NSA director Keith Alexander said this would cause grave and irrevocable harm to the nation. Some months after he made that statement, the new director of the NSA, Michael Rogers, said that, in fact, he doesn’t see the sky falling. It’s not so serious after all.
  • The Nation: You also remind us of [Manhattan Project physicist] Robert Oppenheimer—what he created and then worried about. Snowden: Someone recently talked about mass surveillance and the NSA revelations as being the atomic moment for computer scientists. The atomic bomb was the moral moment for physicists. Mass surveillance is the same moment for computer scientists, when they realize that the things they produce can be used to harm a tremendous number of people. It is interesting that so many people who become disenchanted, who protest against their own organizations, are people who contributed something to them and then saw how it was misused. When I was working in Japan, I created a system for ensuring that intelligence data was globally recoverable in the event of a disaster. I was not aware of the scope of mass surveillance. I came across some legal questions when I was creating it. My superiors pushed back and were like, “Well, how are we going to deal with this data?” And I was like, “I didn’t even know it existed.” Later, when I found out that we were collecting more information on American communications than we were on Russian communications, for example, I was like, “Holy shit.” Being confronted with the realization that work you intended to benefit people is being used against them has a radicalizing effect.
  • The Nation: We have a sense, or certainly the hope, we’ll be seeing you in America soon—perhaps sometime after this Ukrainian crisis ends. Snowden: I would love to think that, but we’ve gone all the way up the chain at all the levels, and things like that. A political decision has been made not to irritate the intelligence community. The spy agencies are really embarrassed, they’re really sore—the revelations really hurt their mystique. The last ten years, they were getting the Zero Dark Thirty treatment—they’re the heroes. The surveillance revelations bring them back to Big Brother kind of narratives, and they don’t like that at all. The Obama administration almost appears as though it is afraid of the intelligence community. They’re afraid of death by a thousand cuts—you know, leaks and things like that.
  • The Nation: You’ve given us a lot of time, and we are very grateful, as will be The Nation’s and other readers. But before we end, any more thoughts about your future? Snowden: If I had to guess what the future’s going to look like for me—assuming it’s not an orange jumpsuit in a hole—I think I’m going to alternate between tech and policy. I think we need that. I think that’s actually what’s missing from government, for the most part. We’ve got a lot of policy people, but we have no technologists, even though technology is such a big part of our lives. It’s just amazing, because even these big Silicon Valley companies, the masters of the universe or whatever, haven’t engaged with Washington until recently. They’re still playing catch-up. As for my personal politics, some people seem to think I’m some kind of archlibertarian, a hyper-conservative. But when it comes to social policies, I believe women have the right to make their own choices, and inequality is a really important issue. As a technologist, I see the trends, and I see that automation inevitably is going to mean fewer and fewer jobs. And if we do not find a way to provide a basic income for people who have no work, or no meaningful work, we’re going to have social unrest that could get people killed. When we have increasing production—year after year after year—some of that needs to be reinvested in society. It doesn’t need to be consistently concentrated in these venture-capital funds and things like that. I’m not a communist, a socialist or a radical. But these issues have to be 
addressed.
  • Paul Merrell on 30 Oct 14
     
    Remarkable interview. Snowden finally gets asked some questions about politics. 
Paul Merrell

Court to rule on cellphone privacy : SCOTUSblog - 0 views

www.scotusblog.com/...t-to-rule-on-cellphone-privacy

surveillance state constitutional law 4th Amendment cellphone privacy

shared by Paul Merrell on 18 Jan 14 - No Cached
  • Moving into another conflict between technology and privacy, the Supreme Court agreed on Friday afternoon to rule on police authority to search the contents of a cellphone they take from an individual they have arrested.  The Court accepted for review a state case and a federal case, involving differing versions of hand-held telephone capacity.
  • Both of the new cases on cellphone privacy involve the authority of police, who do not have a search warrant, to examine the data that is stored on a cellphone taken from a suspect at the time of arrest.  The two cases span the advance in technology of cellphones:  the government case, Wurie, involves the kind of device that is now considered old-fashioned — the simple flip phone.  The Riley case involves the more sophisticated type of device, which functions literally as a hand-held computer, capable of containing a great deal more personal information. The state case involves a San Diego man, David Leon Riley, convicted of shooting at an occupied vehicle, attempted murder, and assault with a semi-automatic weapon.  Riley was not arrested at the time of the shooting incident in August 2009; instead, he was arrested later, after he was stopped for driving with expired license plates.   Police seized the cellphone he was carrying at the time of his arrest, and twice examined its contents, without a warrant. The data turned up evidence identifying him as a gang member out to kill members of a rival gang.  Other contents included a photo of him with a red car seen at the shooting site.  Police were then able to trace calls, leading to a trail of evidence pointing to Riley as a participant in the shooting.  No one positively identified him, but the data from the cellphone search was put before the jury, which convicted him of all three counts.  He has been sentenced to fifteen years to life in prison.
  • Riley’s petition had posed a general question about whether the Fourth Amendment allowed police without a warrant to search “the digital contents of an individual’s cellphone seized from the person at the time of arrest.”  In granting review, the Court said it would only rule on this issue: “Whether evidence admitted at [his] trial was obtained in a search of [his] cellphone that violated [his] Fourth Amendment rights.” The government case involves a South Boston man, Brima Wurie.  In 2007, a police officer saw him make an apparent drug sale out of his car.  The officer confronted the buyer, turning up two bags of crack cocaine. He partially identified his drug source. Officers followed Wurie from the scene, and arrested him.  He was then taken to a police station, where the officers retrieved two cellphones.   One of the phones was receiving repeated calls from a number identified as Wurie’s home.  The officers checked the phone’s call log.  They traced him to his house.  The officers deemed the fact that he had cellphones with him as an indication that he carried out drug dealing with the use of such a device. He was convicted of being a felon who had a gun and ammunition, distributing crack cocaine, and possessing the crack with intent to distribute it  He sought to block the use of the evidence taken from his cellphone, but that failed.  He was convicted on all charges, and has been sentenced to 262 months in prison.
  • ...1 more annotation...
  • Although the two cases raise the same constitutional issue, the Court did not consolidate them for review, so presumably there will be separate briefing and argument on each.  They probably would be argued one after the other, however.  The Court did not expedite the briefing schedule, but they still are expected to be heard in April.
Paul Merrell

NSA phone surveillance program likely unconstitutional, federal judge rules | World new... - 0 views

www.theguardian.com/...-likely-unconstitutional-judge

surveillance state NSA call-metadata litigation 4th Amendment constitutional law NSA-blowback

shared by Paul Merrell on 17 Dec 13 - No Cached
  • A federal judge in Washington ruled on Monday that the bulk collection of Americans’ telephone records by the National Security Agency is likely to violate the US constitution, in the most significant legal setback for the agency since the publication of the first surveillance disclosures by the whistleblower Edward Snowden. Judge Richard Leon declared that the mass collection of metadata probably violates the fourth amendment, which prohibits unreasonable searches and seizures, and was "almost Orwellian" in its scope. In a judgment replete with literary swipes against the NSA, he said James Madison, the architect of the US constitution, would be "aghast" at the scope of the agency’s collection of Americans' communications data. The ruling, by the US district court for the District of Columbia, is a blow to the Obama administration, and sets up a legal battle that will drag on for months, almost certainly destined to end up in the supreme court. It was welcomed by campaigners pressing to rein in the NSA, and by Snowden, who issued a rare public statement saying it had vindicated his disclosures. It is also likely to influence other legal challenges to the NSA, currently working their way through federal courts.
  • In Monday’s ruling, the judge concluded that the pair's constitutional challenge was likely to be successful. In what was the only comfort to the NSA in a stinging judgment, Leon put the ruling on hold, pending an appeal by the government. Leon expressed doubt about the central rationale for the program cited by the NSA: that it is necessary for preventing terrorist attacks. “The government does not cite a single case in which analysis of the NSA’s bulk metadata collection actually stopped an imminent terrorist attack,” he wrote.
  • Leon’s opinion contained stern and repeated warnings that he was inclined to rule that the metadata collection performed by the NSA – and defended vigorously by the NSA director Keith Alexander on CBS on Sunday night – was unconstitutional. “Plaintiffs have a substantial likelihood of showing that their privacy interests outweigh the government’s interest in collecting and analysing bulk telephony metadata and therefore the NSA’s bulk collection program is indeed an unreasonable search under the fourth amendment,” he wrote. Leon said that the mass collection of phone metadata, revealed by the Guardian in June, was "indiscriminatory" and "arbitrary" in its scope. "The almost-Orwellian technology that enables the government to store and analyze the phone metadata of every telephone user in the United States is unlike anything that could have been conceived in 1979," he wrote, referring to the year in which the US supreme court ruled on a fourth amendment case upon which the NSA now relies to justify the bulk records program.
  • ...5 more annotations...
  • In a statement, Snowden said the ruling justified his disclosures. “I acted on my belief that the NSA's mass surveillance programs would not withstand a constitutional challenge, and that the American public deserved a chance to see these issues determined by open courts," he said in comments released through Glenn Greenwald, the former Guardian journalist who received leaked documents from Snowden. "Today, a secret program authorised by a secret court was, when exposed to the light of day, found to violate Americans’ rights. It is the first of many.”
  • In his ruling, Judge Leon expressly rejected the government’s claim that the 1979 supreme court case, Smith v Maryland, which the NSA and the Obama administration often cite to argue that there is no reasonable expectation of privacy over metadata, applies in the NSA’s bulk-metadata collection. The mass surveillance program differs so much from the one-time request dealt with by the 1979 case that it was of “little value” in assessing whether the metadata dragnet constitutes a fourth amendment search.
  • In a decision likely to influence other federal courts hearing similar arguments from the ACLU, Leon wrote that the Guardian’s disclosure of the NSA’s bulk telephone records collection means that citizens now have standing to challenge it in court, since they can demonstrate for the first time that the government is collecting their phone data.
  • Leon also struck a blow for judicial review of government surveillance practices even when Congress explicitly restricts the ability of citizens to sue for relief. “While Congress has great latitude to create statutory schemes like Fisa,” he wrote, referring to the seminal 1978 surveillance law, “it may not hang a cloak of secrecy over the constitution.”
  • In his ruling on Monday, Judge Leon predicted the process would take six months. He urged the government to take that time to prepare for an eventual defeat. “I fully expect that during the appellate process, which will consume at least the next six months, the government will take whatever steps necessary to prepare itself to comply with this order when, and if, it is upheld,” wrote Leon in his opinion. “Suffice it to say, requesting further time to comply with this order months from now will not be well received and could result in collateral sanctions.”
  • Paul Merrell on 17 Dec 13
     
    This is the case I thought was the weakest because of poor drafting in the complaint. The judge noted those issues in dismissing the plaintiffs' claims under the Administrative Procedures Act, but picked his way through what remained to find sufficient allegations to support the 4th Amendment challenge. Because he ruled for the plaintiffs on the 4th Amendment count, the judge did not reach the plaintiffs' arguments under the First and Fifth Amendments. This case is about cellphone call metadata, which the FISA Court has been ordering cell phone companies to provide every day, with the orders updated every 90 days. The judge's 68-page opinion is at https://ecf.dcd.uscourts.gov/cgi-bin/show_public_doc?2013cv0881-40 (cleaner copy than the Guardian's, which was apparently faxed). Notably, the judge, Richard Leon, is a Bush II appointee and one of the plaintiffs is a prominent conservative civil libertarian lawyer. The other plaintiff is the father of an NSA cryptologist who worked closely with SEAL Team 6 and was killed along with members of that team when their helicopter crashed in Afghanistan. I'll add some more in a comment. But digital privacy is not yet dead.
  • Paul Merrell on 17 Dec 13
     
    Unfortunately, DRM is not dead yet either and the court's PDF file is locked. No easy copying of its content. If you want to jump directly to the discussion of 4th Amendment issues, go to page 35. That way, you can skip past all the dreary discussion of the Administrative Procedures Act claim and you won't miss much that's memorable. In ruling on the plaintiffs' standing to raise the 4th Amendment claim, Judge Leon postulated two possible search issues: [i] the bulk daily collection of metadata and its retention in the database for five years; and [ii] the analysis of that data through the NSA's querying process. The judge had no difficulty with the first issue; it definitely qualifies as a search. But the judge rejected the plaintiffs' argument on the second type (which was lame), demonstrating that at least one federal judge understands how computers work. The government's filings indicated that a "seed" telephone number or other identifier is used as the query string. Judge Leon figured out for himself from this fact that the NSA of necessity had to compare that number or identifier to every number or identifier in its database looking for a match. The judge concluded that the plaintiffs' metadata --- indeed everyone's metadata --- had to be searched for comparison purposes *every* time the NSA analysts ran any query against the database. See his incisive discussion at pp. 39-41. So having established that two searches were involved, one every time the NSA queried the database, the judge moved on to the next question, whether "the plaintiffs had a reasonable expectation of privacy that is violated when the Government indiscriminately collects their telephony metadata along with the metadata of hundreds of millions of other citizens without any particularized suspicion of wrongdoing, retains that metadata for five years, and then queries, analyzes, and investigates that data without prior judicial approval of the investigative targets." pg. 43. More later
Paul Merrell

Court gave NSA broad leeway in surveillance, documents show - The Washington Post - 0 views

www.washingtonpost.com/...3-8176-f2c941cf35f1_story.html

surveillance-state foreign-intelligence NSA-targets NSA-backdoors

shared by Paul Merrell on 01 Jul 14 - No Cached
  • Virtually no foreign government is off-limits for the National Security Agency, which has been authorized to intercept information “concerning” all but four countries, according to top-secret documents. The United States has long had broad no-spying arrangements with those four countries — Britain, Canada, Australia and New Zealand — in a group known collectively with the United States as the Five Eyes. But a classified 2010 legal certification and other documents indicate the NSA has been given a far more elastic authority than previously known, one that allows it to intercept through U.S. companies not just the communications of its overseas targets but any communications about its targets as well.
  • The certification — approved by the Foreign Intelligence Surveillance Court and included among a set of documents leaked by former NSA contractor Edward Snowden — lists 193 countries that would be of valid interest for U.S. intelligence. The certification also permitted the agency to gather intelligence about entities including the World Bank, the International Monetary Fund, the European Union and the International Atomic Energy Agency. The NSA is not necessarily targeting all the countries or organizations identified in the certification, the affidavits and an accompanying exhibit; it has only been given authority to do so. Still, the privacy implications are far-reaching, civil liberties advocates say, because of the wide spectrum of people who might be engaged in communication about foreign governments and entities and whose communications might be of interest to the United States.
  • On Friday, the Office of the Director of National Intelligence released a transparency report stating that in 2013 the government targeted nearly 90,000 foreign individuals or organizations for foreign surveillance under the program. Some tech-industry lawyers say the number is relatively low, considering that several billion people use U.S. e-mail services.
  • ...4 more annotations...
  • That language could allow for surveillance of academics, journalists and human rights researchers. A Swiss academic who has information on the German government’s position in the run-up to an international trade negotiation, for instance, could be targeted if the government has determined there is a foreign-intelligence need for that information. If a U.S. college professor e-mails the Swiss professor’s e-mail address or phone number to a colleague, the American’s e-mail could be collected as well, under the program’s court-approved rules
  • Still, some lawmakers are concerned that the potential for intrusions on Americans’ privacy has grown under the 2008 law because the government is intercepting not just communications of its targets but communications about its targets as well. The expansiveness of the foreign-powers certification increases that concern.
  • In a 2011 FISA court opinion, a judge using an NSA-provided sample estimated that the agency could be collecting as many as 46,000 wholly domestic e-mails a year that mentioned a particular target’s e-mail address or phone number, in what is referred to as “about” collection. “When Congress passed Section 702 back in 2008, most members of Congress had no idea that the government was collecting Americans’ communications simply because they contained a particular individual’s contact information,” Sen. Ron Wyden (D-Ore.), who has co-sponsored ­legislation to narrow “about” collection authority, said in an e-mail to The Washington Post. “If ‘about the target’ collection were limited to genuine national security threats, there would be very little privacy impact. In fact, this collection is much broader than that, and it is scooping up huge amounts of Americans’ wholly domestic communications.”
  • The only reason the court has oversight of the NSA program is that Congress in 2008 gave the government a new authority to gather intelligence from U.S. companies that own the Internet cables running through the United States, former officials noted. Edgar, the former privacy officer at the Office of the Director of National Intelligence, said ultimately he believes the authority should be narrowed. “There are valid privacy concerns with leaving these collection decisions entirely in the executive branch,” he said. “There shouldn’t be broad collection, using this authority, of foreign government information without any meaningful judicial role that defines the limits of what can be collected.”
Paul Merrell

Warrantless airport seizure of laptop "cannot be justified," judge rules | Ars Technica - 0 views

arstechnica.com/...annot-be-justified-judge-rules

surveillance state warrantless-search laptop border-search-&-seizure litigation

shared by Paul Merrell on 15 May 15 - No Cached
  • The US government's prosecution of a South Korean businessman accused of illegally selling technology used in aircraft and missiles to Iran was dealt a devastating blow by a federal judge. The judge ruled Friday that the authorities illegally seized the businessman's computer at Los Angeles International Airport as he was to board a flight home. The authorities who were investigating Jae Shik Kim exercised the border exception rule that allows the authorities to seize and search goods and people—without court warrants—along the border and at airport international terminals. US District Court judge Amy Berman Jackson of the District of Columbia noted that the Supreme Court has never directly addressed the issue of warrantless computer searches at an international border crossing, but she ruled (PDF) the government used Kim's flight home as an illegal pretext to seize his computer. Authorities then shipped it 150 miles south to San Diego where the hard drive was copied and examined for weeks, but the judge said the initial seizure "surely cannot be justified." After considering all of the facts and authorities set forth above, then, the Court finds, under the totality of the unique circumstances of this case, that the imaging and search of the entire contents of Kim’s laptop, aided by specialized forensic software, for a period of unlimited duration and an examination of unlimited scope, for the purpose of gathering evidence in a pre-existing investigation, was supported by so little suspicion of ongoing or imminent criminal activity, and was so invasive of Kim’s privacy and so disconnected from not only the considerations underlying the breadth of the government’s authority to search at the border, but also the border itself, that it was unreasonable.
  • "The government points to its plenary authority to conduct warrantless searches at the border. It posits that a laptop computer is simply a 'container' that was examined pursuant to this authority, and it submits that the government’s unfettered right to search cargo at the border to protect the homeland is the beginning and end of the matter," the judge wrote. Evidence discovered on his computer of his alleged involvement in the conspiracy that won an indictment is now suppressed, and it cannot be used against him according to the ruling. The authorities took the man's computer in 2012 for national security reasons but allowed him to board his flight home. The government did not comment on the decision. Judge Berman Jackson questioned whether the border search exception should apply to laptops because they carry much more private information than, say, a briefcase. Judge Jackson cited last year's Supreme Court case, known as Riley, in which the justices ruled unanimously that the authorities generally may not search the mobile phones of those they arrest unless they have a court warrant.
  • The Supreme Court said that "Modern cell phones, as a category, implicate privacy concerns far beyond those implicated by the search of a cigarette pack, a wallet, or a purse. A conclusion that inspecting the contents of an arrestee’s pockets works no substantial additional intrusion on privacy beyond the arrest itself may make sense as applied to physical items, but any extension of that reasoning to digital data has to rest on its own bottom." Seizing on that high court opinion, Judge Berman Jackson wrote: Applying the Riley framework, the national security concerns that underlie the enforcement of export control regulations at the border must be balanced against the degree to which Kim’s privacy was invaded in this instance. And as was set forth above, while the immediate national security concerns were somewhat attenuated, the invasion of privacy was substantial: the agents created an identical image of Kim’s entire computer hard drive and gave themselves unlimited time to search the tens of thousands of documents, images, and emails it contained, using an extensive list of search terms, and with the assistance of two forensic software programs that organized, expedited, and facilitated the task. Based upon the testimony of both Special Agent Hamako and Special Agent Marshall, the Court concludes that wherever the Supreme Court or the Court of Appeals eventually draws the precise boundary of a routine border search, or however either Court ultimately defines a forensic – as opposed to a conventional – computer search, this search was qualitatively and quantitatively different from a routine border examination, and therefore, it was unreasonable given the paucity of grounds to suspect that criminal activity was in progress.
  • Paul Merrell on 15 May 15
     
    The court's decision indicates that the Feds can still do a border search of a laptop but that they cross the line when they seize the computer for later forensic examination without a warrant. In this case, the government conducted the forensic examination before obtaining a warrant.
Paul Merrell

Between the Lines of the Cellphone Privacy Ruling - NYTimes.com - 0 views

www.nytimes.com/...ellphone-privacy-decision.html

digital-privacy litigation U.S. cellphone-privacy NSA-reform

shared by Paul Merrell on 26 Jun 14 - No Cached
  • In a pathbreaking case on Fourth Amendment privacy rights and modern technology, the Supreme Court unanimously ruled that the police must obtain warrants before searching the digital contents of cellphones taken from people who are placed under arrest. Here are some key points in the opinion by Chief Justice John G. Roberts Jr. and a concurrence by Justice Samuel Alito.
Paul Merrell

Privacy Day | ACLU of Oregon - 0 views

aclu-or.org/privacyday

surveillance state Oregon legislation ACLU digital-privacy

shared by Paul Merrell on 26 Feb 15 - No Cached
  • Help strengthen Oregon's privacy protections and limit the use of dragnet surveillance. We are advocating for:•    SB 339 - Strict guidelines for the use of automatic license plate readers (ALPR) •    SB 640 - A warrant requirement to access email, phone, and location records •    SB 641 - A warrant requirement to search cell phones Advances in technology have made it too easy for law enforcement to track where you go, what you do, and who you are with. Most of the data the government collects is about innocent people who are not suspected of any crimes. Yet the government collects that personal information - or accesses it directly from your internet or cell phone provider – and can keep it for years on end.  Technology has changed but your rights haven't.
  • Paul Merrell on 26 Feb 15
     
    Privacy measures that the ACLU is pushing at the state level in Oregon. Links are to short summaries of legislation.
Paul Merrell

Tomgram: Shamsi and Harwood, An Electronic Archipelago of Domestic Surveillance | TomDi... - 0 views

www.tomdispatch.com/...elago_of_domestic_surveillance

surveillance state civil-liberties shadow-ID watchlists

shared by Paul Merrell on 07 Nov 14 - No Cached
  • Uncle Sam’s Databases of Suspicion A Shadow Form of National ID
  • We do know that the nation’s domestic-intelligence network is massive, including at least 59 federal agencies, over 300 Defense Department units, and approximately 78 state-based fusion centers, as well as the multitude of law enforcement agencies they serve. We also know that local law enforcement agencies have themselves raised concerns about the system’s lack of privacy protections.
  • The SAR database is part of an ever-expanding domestic surveillance system established after 9/11 to gather intelligence on potential terrorism threats. At an abstract level, such a system may seem sensible: far better to prevent terrorism before it happens than to investigate and prosecute after a tragedy. Based on that reasoning, the government exhorts Americans to “see something, say something” -- the SAR program’s slogan. Indeed, just this week at a conference in New York City, FBI Director James Comey asked the public to report any suspicions they have to authorities. “When the hair on the back of your neck stands, listen to that instinct and just tell somebody,” said Comey. And seeking to reassure those who do not want to get their fellow Americans in trouble based on instinct alone, the FBI director added, “We investigate in secret for a very good reason, we don't want to smear innocent people.”
  • ...15 more annotations...
  • At a fundamental level, suspicious activity reporting, as well as the digital and physical infrastructure of networked computer servers and fusion centers built around it, depends on what the government defines as suspicious.  As it happens, this turns out to include innocuous, First Amendment-protected behavior. As a start, a little history: the Nationwide Suspicious Activity Reporting Initiative was established in 2008 as a way for federal agencies, law enforcement, and the public to report and share potential terrorism-related information. The federal government then developed a list of 16 behaviors that it considered “reasonably indicative of criminal activity associated with terrorism.” Nine of those 16 behaviors, as the government acknowledges, could have nothing to do with criminal activity and are constitutionally protected, including snapping photographs, taking notes, and “observation through binoculars.”
  • There are any number of problems with this approach, starting with its premise.  Predicting who exactly is a future threat before a person has done anything wrong is a perilous undertaking. That’s especially the case if the public is encouraged to report suspicions of neighbors, colleagues, and community members based on a “hair-on-the-back-of-your-neck” threshold. Nor is it any comfort that the FBI promises to protect the innocent by investigating “suspicious” people in secret. The civil liberties and privacy implications are, in fact, truly hair-raising, particularly when the Bureau engages in abusive and discriminatory sting operations and other rights violations.
  • A few months later, a scathing report from the Senate subcommittee on homeland security described similar intelligence problems in state-based fusion centers. It found that Department of Homeland Security (DHS) personnel assigned to the centers “forwarded ‘intelligence’ of uneven quality -- oftentimes shoddy, rarely timely, sometimes endangering citizens’ civil liberties and Privacy Act protections... and more often than not unrelated to terrorism.”
  • Law enforcement officials, including the Los Angeles Police Department’s top counterterrorism officer, have themselves exhibited skepticism about suspicious activity reporting (out of concern with the possibility of overloading the system). In 2012, George Washington University’s Homeland Security Policy Institute surveyed counterterrorism personnel working in fusion centers and in a report generally accepting of SARs noted that the program had “flooded fusion centers, law enforcement, and other security outfits with white noise,” complicating “the intelligence process” and distorting “resource allocation and deployment decisions.” In other words, it was wasting time and sending personnel off on wild goose chases.
  • Under federal regulations, the government can only collect and maintain criminal intelligence information on an individual if there is a “reasonable suspicion” that he or she is “involved in criminal conduct or activity and the information is relevant to that criminal conduct or activity.” The SAR program officially lowered that bar significantly, violating the federal government’s own guidelines for maintaining a “criminal intelligence system.” There’s good reason for, at a minimum, using a reasonable suspicion standard. Anything less and it’s garbage in, garbage out, meaning counterterrorism “intelligence” databases become anything but intelligent.
  • yet another burgeoning secret database that the federal government calls its “consolidated terrorism watchlist.” Inclusion in this database -- and on government blacklists that are generated from it -- can bring more severe repercussions than unwarranted law enforcement attention. It can devastate lives.
  • There is hope, however. In August, four years after the ACLU filed a lawsuit on behalf of 13 people on the no-fly list, a judge ruled that the government’s redress system is unconstitutional. In early October, the government notified Mashal and six others that they were no longer on the list. Six of the ACLU’s clients remain unable to fly, but at least the government now has to disclose just why they have been put in that category, so that they can contest their blacklisting. Soon, others should have the same opportunity.
  • As of August 2013, there were approximately 47,000 people, including 800 U.S. citizens and legal permanent residents like Mashal, on that secretive no-fly list, all branded as “known or suspected terrorists.” All were barred from flying to, from, or over the United States without ever being given a reason why. On 9/11, just 16 names had been on the predecessor “no transport” list. The resulting increase of 293,650% -- perhaps more since 2013 -- isn’t an accurate gauge of danger, especially given that names are added to the list based on vague, broad, and error-prone standards.
  • The No Fly List is only the best known of the government’s web of terrorism watchlists. Many more exist, derived from the same master list.  Currently, there are more than one million names in the Terrorist Identities Datamart Environment, a database maintained by the National Counterterrorism Center. This classified source feeds the Terrorist Screening Database (TSDB), operated by the FBI’s Terrorist Screening Center. The TSDB is an unclassified but still secret list known as the “master watchlist.” containing what the government describes as “known or suspected terrorists,” or KSTs.
  • Nothing encapsulates the post-9/11, Alice-in-Wonderland inversion of American notions of due process more strikingly than this “blacklist first, innocence later... maybe” mindset. The Terrorist Screening Database is then used to fill other lists. In the context of aviation, this means the no-fly list, as well as the selectee and expanded selectee lists. Transportation security agents subject travelers on the latter two lists to extra screenings, which can include prolonged and invasive interrogation and searches of laptops, phones, and other electronic devices. Around the border, there’s the State Department’s Consular Lookout and Support System, which it uses to flag people it thinks shouldn’t get a visa, and the TECS System, which Customs and Border Protection uses to determine whether someone can enter the country.
  • According to documents recently leaked to the Intercept, as of August 2013 that master watchlist contained 680,000 people, including 5,000 U.S. citizens and legal permanent residents. The government can add people’s names to it according to a shaky “reasonable suspicion” standard. There is, however, growing evidence that what’s “reasonable” to the government may only remotely resemble what that word means in everyday usage. Information from a single source, even an uncorroborated Facebook post, can allow a government agent to watchlist an individual with virtually no outside scrutiny. Perhaps that’s why 40% of those on the master watchlist have “no recognized terrorist group affiliation,” according to the government’s own records.
  • This opens up the possibility of increased surveillance and tense encounters with the police, not to speak of outright harassment, for a large but undivulged number of people. When a police officer stops a person for a driving infraction, for instance, information about his or her KST status will pop up as soon a driver’s license is checked.  According to FBI documents, police officers who get a KST hit are warned to “approach with caution” and “ask probing questions.” When officers believe they’re about to go face to face with a terrorist, bad things can happen. It’s hardly a stretch of the imagination, particularly after a summer of police shootings of unarmed men, to suspect that an officer approaching a driver whom he believes to be a terrorist will be quicker to go for his gun. Meanwhile, the watchlisted person may never even know why his encounters with police have taken such a peculiar and menacing turn. According to the FBI's instructions, under no circumstances is a cop to tell a suspect that he or she is on a watchlist.
  • Inside the United States, no watchlist may be as consequential as the one that goes by the moniker of the Known or Appropriately Suspected Terrorist File. The names on this blacklist are shared with more than 17,000 state, local, and tribal police departments nationwide through the FBI’s National Crime Information Center (NCIC). Unlike any other information disseminated through the NCIC, the KST File reflects mere suspicion of involvement with criminal activity, so law enforcement personnel across the country are given access to a database of people who have secretly been labeled terrorism suspects with little or no actual evidence, based on virtually meaningless criteria.
  • And once someone is on this watchlist, good luck getting off it. According to the government’s watchlist rulebook, even a jury can’t help you. “An individual who is acquitted or against whom charges are dismissed for a crime related to terrorism,” it reads, “may nevertheless meet the reasonable standard and appropriately remain on, or be nominated to, the Terrorist Watchlist.” No matter the verdict, suspicion lasts forever.
  • The SARs program and the consolidated terrorism watchlist are just two domestic government databases of suspicion. Many more exist. Taken together, they should be seen as a new form of national ID for a growing group of people accused of no crime, who may have done nothing wrong, but are nevertheless secretly labeled by the government as suspicious or worse. Innocent until proven guilty has been replaced with suspicious until determined otherwise. Think of it as a new shadow system of national identification for a shadow government that is increasingly averse to operating in the light. It’s an ID its “owners” don’t carry around with them, yet it’s imposed on them whenever they interact with government agents or agencies. It can alter their lives in disastrous ways, often without their knowledge. And they could be you. If this sounds dystopian, that’s because it is.
Paul Merrell

Here's How You Can Find Out If The NSA Shared Your Data With British Spies - Forbes - 0 views

www.forbes.com/...d-your-data-with-british-spies

surveillance state NSA GCHQ info-request

shared by Paul Merrell on 18 Feb 15 - No Cached
  • In the UK earlier this month, human rights groups Liberty and Privacy International were cheered by a tribunal decision that declared GCHQ’s access to NSA spies’ data illegal. Though it was a hollow victory, as the tribunal also declared all current activities, including all those blanket surveillance projects much derided by free speech activists, entirely legal. The practices previously broke the law because the public was unaware of what safeguards were in place for the UK’s access to data from NSA programs like Prism; as soon as Snowden blew everything wide open the snoops had to explain themselves, and that was enough for the tribunal to confirm the legality of GCHQ’s operations. But the case has had one significant effect: anyone can now figure out if their data was illegally shared by the agencies. Privacy International has set up a simple webpage that anyone in the world can sign up to. You can visit the page here.
  • Once the UK Investigatory Powers Tribunal has determined whom was affected, it has to inform them. Though participants should find out whether their data were unlawfully obtained by GCHQ from the millions of private communications hoovered up by the NSA up until December 2014, it won’t be anytime soon. Privacy International warned in its FAQs: “Count on it being many months, and likely years before this action is completed.” And somewhat ironically Privacy International has to collect participant’s information, including their name and email address, to supply the service. They may ask for more information from willing participants once the group has determined if more is required from the IPT. Anyone who wants to submit directly to the tribunal can do so here.
Paul Merrell

Silicon Valley spars with Obama over 'backdoor' surveillance | TheHill - 0 views

thehill.com/...ama-over-backdoor-surveillance

surveillance state NSA encryption-backdoors Obama

shared by Paul Merrell on 27 Mar 15 - No Cached
  • Silicon Valley and a bipartisan group of lawmakers are lining up against the Obama administration, criticizing what they see as a lack of support for total online privacy.The steady rise of sophisticated privacy techniques such as encryption and anonymity software has put the government in a difficult position — trying to support the right to privacy while figuring out how to prevent people from evading law enforcement.ADVERTISEMENT“The technologies are evolving in ways that potentially make this trickier,” President Obama said during a January news conference with British Prime Minister David Cameron.The conundrum has led to a heated debate in Washington: Should law enforcement have guaranteed access to data?
  • The Obama administration — from officials with FBI and the National Security Agency (NSA) to the president himself — has come out in favor of some form of guaranteed access while still endorsing strong encryption.“If we get into a situation in which the technologies do not allow us at all to track somebody that we're confident is a terrorist,” Obama said, “that's a problem.”What shape that access takes, however, is unclear.“The dialogue that we're engaged in is designed to make sure that all of us feel confident that if there is an actual threat out there, our law enforcement and our intelligence officers can identify that threat and track that threat at the same time that our governments are not going around phishing into whatever text you might be sending on your smartphone,” Obama said. “And I think that's something that can be achieved.”Privacy hawks on Capitol Hill aren’t buying it.
  • “I don’t think much of that,” Rep. Joe Barton (R-Texas), co-founder of the Congressional Bipartisan Privacy Caucus, told The Hill. “We have a huge homeland security apparatus with almost unlimited authority to — with some sort of a reasonable suspicion — check almost any type of communication, whether it’s voice, Internet, telephonic, electronic, you name it.”“Those were positions that did not receive rave reviews here in Silicon Valley,” said Rep. Zoe Lofgren (D-Calif.), whose district includes parts of tech-heavy San Jose.Many believe the administration’s stance is inherently at odds with robust digital protection.“In order to fully implement what he's suggesting, you would need one of two things,” Lofgren said.One would be installing so-called “backdoors” in encryption — an access point known only to law enforcement agencies. Security experts find this concept abhorrent, since cyber crooks or foreign intelligence agencies would likely exploit it.
  • ...1 more annotation...
  • The second would be to have a third-party company hold all user data, with some sort of agreement to disclose information to the government, Lofgren said.“I think actually the trend line is in a different direction, which is encryption that is not accessible to the companies that provide it, either,” she added.  Major tech companies like Apple have done exactly that, claiming that even they can’t unlock data on newer devices.
Paul Merrell

Edward Snowden Explains How To Reclaim Your Privacy - 0 views

theintercept.com/...ns-how-to-reclaim-your-privacy

surveillance state Snowden operational-security advice must-read

shared by Paul Merrell on 16 Nov 15 - No Cached
  • Micah Lee: What are some operational security practices you think everyone should adopt? Just useful stuff for average people. Edward Snowden: [Opsec] is important even if you’re not worried about the NSA. Because when you think about who the victims of surveillance are, on a day-to-day basis, you’re thinking about people who are in abusive spousal relationships, you’re thinking about people who are concerned about stalkers, you’re thinking about children who are concerned about their parents overhearing things. It’s to reclaim a level of privacy. The first step that anyone could take is to encrypt their phone calls and their text messages. You can do that through the smartphone app Signal, by Open Whisper Systems. It’s free, and you can just download it immediately. And anybody you’re talking to now, their communications, if it’s intercepted, can’t be read by adversaries. [Signal is available for iOS and Android, and, unlike a lot of security tools, is very easy to use.] You should encrypt your hard disk, so that if your computer is stolen the information isn’t obtainable to an adversary — pictures, where you live, where you work, where your kids are, where you go to school. [I’ve written a guide to encrypting your disk on Windows, Mac, and Linux.] Use a password manager. One of the main things that gets people’s private information exposed, not necessarily to the most powerful adversaries, but to the most common ones, are data dumps. Your credentials may be revealed because some service you stopped using in 2007 gets hacked, and your password that you were using for that one site also works for your Gmail account. A password manager allows you to create unique passwords for every site that are unbreakable, but you don’t have the burden of memorizing them. [The password manager KeePassX is free, open source, cross-platform, and never stores anything in the cloud.]
  • The other thing there is two-factor authentication. The value of this is if someone does steal your password, or it’s left or exposed somewhere … [two-factor authentication] allows the provider to send you a secondary means of authentication — a text message or something like that. [If you enable two-factor authentication, an attacker needs both your password as the first factor and a physical device, like your phone, as your second factor, to login to your account. Gmail, Facebook, Twitter, Dropbox, GitHub, Battle.net, and tons of other services all support two-factor authentication.]
  • We should armor ourselves using systems we can rely on every day. This doesn’t need to be an extraordinary lifestyle change. It doesn’t have to be something that is disruptive. It should be invisible, it should be atmospheric, it should be something that happens painlessly, effortlessly. This is why I like apps like Signal, because they’re low friction. It doesn’t require you to re-order your life. It doesn’t require you to change your method of communications. You can use it right now to talk to your friends.
  • ...4 more annotations...
  • Lee: What do you think about Tor? Do you think that everyone should be familiar with it, or do you think that it’s only a use-it-if-you-need-it thing? Snowden: I think Tor is the most important privacy-enhancing technology project being used today. I use Tor personally all the time. We know it works from at least one anecdotal case that’s fairly familiar to most people at this point. That’s not to say that Tor is bulletproof. What Tor does is it provides a measure of security and allows you to disassociate your physical location. … But the basic idea, the concept of Tor that is so valuable, is that it’s run by volunteers. Anyone can create a new node on the network, whether it’s an entry node, a middle router, or an exit point, on the basis of their willingness to accept some risk. The voluntary nature of this network means that it is survivable, it’s resistant, it’s flexible. [Tor Browser is a great way to selectively use Tor to look something up and not leave a trace that you did it. It can also help bypass censorship when you’re on a network where certain sites are blocked. If you want to get more involved, you can volunteer to run your own Tor node, as I do, and support the diversity of the Tor network.]
  • Lee: So that is all stuff that everybody should be doing. What about people who have exceptional threat models, like future intelligence-community whistleblowers, and other people who have nation-state adversaries? Maybe journalists, in some cases, or activists, or people like that? Snowden: So the first answer is that you can’t learn this from a single article. The needs of every individual in a high-risk environment are different. And the capabilities of the adversary are constantly improving. The tooling changes as well. What really matters is to be conscious of the principles of compromise. How can the adversary, in general, gain access to information that is sensitive to you? What kinds of things do you need to protect? Because of course you don’t need to hide everything from the adversary. You don’t need to live a paranoid life, off the grid, in hiding, in the woods in Montana. What we do need to protect are the facts of our activities, our beliefs, and our lives that could be used against us in manners that are contrary to our interests. So when we think about this for whistleblowers, for example, if you witnessed some kind of wrongdoing and you need to reveal this information, and you believe there are people that want to interfere with that, you need to think about how to compartmentalize that.
  • Tell no one who doesn’t need to know. [Lindsay Mills, Snowden’s girlfriend of several years, didn’t know that he had been collecting documents to leak to journalists until she heard about it on the news, like everyone else.] When we talk about whistleblowers and what to do, you want to think about tools for protecting your identity, protecting the existence of the relationship from any type of conventional communication system. You want to use something like SecureDrop, over the Tor network, so there is no connection between the computer that you are using at the time — preferably with a non-persistent operating system like Tails, so you’ve left no forensic trace on the machine you’re using, which hopefully is a disposable machine that you can get rid of afterward, that can’t be found in a raid, that can’t be analyzed or anything like that — so that the only outcome of your operational activities are the stories reported by the journalists. [SecureDrop is a whistleblower submission system. Here is a guide to using The Intercept’s SecureDrop server as safely as possible.]
  • And this is to be sure that whoever has been engaging in this wrongdoing cannot distract from the controversy by pointing to your physical identity. Instead they have to deal with the facts of the controversy rather than the actors that are involved in it. Lee: What about for people who are, like, in a repressive regime and are trying to … Snowden: Use Tor. Lee: Use Tor? Snowden: If you’re not using Tor you’re doing it wrong. Now, there is a counterpoint here where the use of privacy-enhancing technologies in certain areas can actually single you out for additional surveillance through the exercise of repressive measures. This is why it’s so critical for developers who are working on security-enhancing tools to not make their protocols stand out.
  • Paul Merrell on 16 Nov 15
     
    Lots more in the interview that I didn't highlight. This is a must-read.
Paul Merrell

A Zombie Bill Comes Back to Life: A Look at The Senate's Cybersecurity Information Shar... - 0 views

www.eff.org/...y-information-sharing-act-2014

surveillance state NSA legislation Cybersecurity Bill Feinstein

shared by Paul Merrell on 12 Jul 14 - No Cached
  • The Senate Intelligence Committee recently introduced the Cybersecurity Information Sharing Act of 2014. It’s the fourth time in four years that Congress has tried to pass "cybersecurity" legislation. Unfortunately, the newest Senate bill is one of the worst yet. Cybersecurity bills aim to facilitate information sharing between companies and the government, but they always seem to come with broad immunity clauses for companies, vague definitions, and aggressive spying powers. Given such calculated violence to users' privacy rights, it’s no surprise that these bills fail every year. What is a surprise is that the bills keep coming back from the dead. Last year, President Obama signed Executive Order 13636 (EO 13636) directing the Department of Homeland Security (DHS) to expand current information sharing programs that are far more privacy protective than anything seen in recent cybersecurity bills. Despite this, members of Congress like Rep. Mike Rogers and Senator Dianne Feinstein keep on introducing bills that would destroy these privacy protections and grant new spying powers to companies.
  • Aside from its redundancy, the Senate's bill grants two new authorities to companies. First, the bill authorizes companies to launch countermeasures for a "cybersecurity purpose" against a "cybersecurity threat." "Cybersecurity purpose" is so broadly defined that it means almost anything related to protecting (including physically protecting) an information system, which can be a computer or software. The same goes for a "cybersecurity threat," which includes anything that "may result" in an unauthorized effort to impact the availability of the information system. Combined, the two definitions could be read by companies to permit attacks on machines that unwittingly contribute to network congestion. The countermeasures clause will increasingly militarize the Internet—a prospect that may appeal to some "active defense" (aka offensive) cybersecurity companies, but does not favor the everyday user. Second, the bill adds a new authority for companies to monitor information systems to protect an entity's rights or property. Here again, the broad definitions could be used in conjunction with the monitoring clause to spy on users engaged in potentially innocuous activity. Once collected, companies can then share the information, which is also called “cyber threat indicators,” freely with government agencies like the NSA.
  • Such sharing will occur because under this bill, DHS would no longer be the lead agency making decisions about the cybersecurity information received, retained, or shared to companies or within the government. Its new role in the bill mandates DHS send information to agencies like the NSA—"in real-time and simultaneous[ly]." DHS is even barred from "delay[ing]" or "interfer[ing]" with the information, which ensures that DHS's current privacy protections won’t be applied to the information. The provision is ripe for improper and over-expansive information sharing. This leads to a question: What stops your sensitive personal information from being shared by companies to the government? Almost nothing. Companies must only remove personally identifiable information if the information is known to be US person information and not directly related to the threat. Such a willful blindness approach is inappropriate. Further, the bill does not even impose this weak minimization requirement on information shared by, and within, the government (including federal, state, local, and tribal governments) thereby allowing the government to share information containing personally identifiable information. The bill should require deletion of all information not directly related to a threat.
  • ...2 more annotations...
  • Once the information is sent to a government agency, it can use the information for reasons other than for cybersecurity purposes. One clause even allows the information to be used to prosecute violations of the Espionage Act—a World War I era law that was meant to prosecute spies but has been used in recent years primarily to go after journalists’ sources. The provisions grant the government far too much leeway in how to use the information for non-cybersecurity purposes. The public won’t even know what information is being collected, shared, or used because the bill will exempt all of it from disclosure under the Freedom of Information Act.
  • The bill also retains near-blanket immunity for companies to monitor information systems, to share information, and to use countermeasures. The high bar immunizes an incredible amount of activity, including negligent damage to property and may deprive private entities of legal recourse if a computer security contractor is at fault for destruction of property. Existing private rights of action for violations of the Wiretap Act, Stored Communications Act, and the Computer Fraud and Abuse Act would be precluded or at least sharply restricted by the clause. It remains to be seen why such immunity is needed when just a few months ago, the FTC and DOJ noted they would not prosecute companies for sharing such information. It's also unclear because we continue to see companies freely share information among each other and with the government both publicly via published reports and privately.
« First ‹ Previous 61 - 80 of 241 Next › Last »
Showing 20 items per page