Group items tagged

President Obama for his repeated misrepresentations about the bulk collection program (calling the wiretap court "transparent" and saying "all of Congress" knew "exactly how this program works") while in effect acknowledging the public value of the Edward Snowden leaks by ordering the long-overdue declassification of key documents about the NSA's activities, and investigations both by a special panel and by the Privacy and Civil Liberties Oversight Board. The PCLOB directly contradicted the President, pointing out that "when the only means through which legislators can try to understand a prior interpretation of the law is to read a short description of an operational program, prepared by executive branch officials, made available only at certain times and locations, which cannot be discussed with others except in classified briefings conducted by those same executive branch officials, legislators are denied a meaningful opportunity to gauge the legitimacy and implications of the legal interpretation in question. Under such circumstances, it is not a legitimate method of statutory construction to presume that these legislators, when reenacting the statute, intended to adopt a prior interpretation that they had no fair means of evaluating." (p. 101)

Even an author of the Patriot Act, Rep. Jim Sensenbrenner (R-WI), was broadsided by the revelation of the telephone metadata dragnet. After learning of the extent of spying on Americans that his Act unleashed, he wrote that the National Security Agency "ignored restrictions painstakingly crafted by lawmakers and assumed plenary authority never imagined by Congress" by cloaking its actions behind the "thick cloud of secrecy" that even our elected representatives could not breech. Clapper recently conceded to the Daily Beast, "I probably shouldn't say this, but I will. Had we been transparent about this [phone metadata collection] from the outset … we wouldn't have had the problem we had." The NSA's former deputy director, John "Chris" Inglis, said the same when NPR asked him if he thought the metadata dragnet should have been disclosed before Snowden. "In hindsight, yes. In hindsight, yes." Speaking about potential (relatively minimal) changes to the National Security Agency even the president acknowledged, "And all too often new authorities were instituted without adequate public debate," and "Given the unique power of the state, it is not enough for leaders to say: Trust us. We won't abuse the data we collect. For history has too many examples when that trust has been breached." (Exhibit A, of course, is the NSA "watchlist" in the 1960's and 1970's that targeted not only antiwar and civil rights activists, but also journalists and even members of Congress.)

The Archive established the not-so-coveted Rosemary Award in 2005, named after President Nixon's secretary, Rose Mary Woods, who testified she had erased 18-and-a-half minutes of a crucial Watergate tape — stretching, as she showed photographers, to answer the phone with her foot still on the transcription pedal. Bestowed annually to highlight the lowlights of government secrecy, the Rosemary Award has recognized a rogue's gallery of open government scofflaws, including the CIA, the Treasury Department, the Air Force, the FBI, the Federal Chief Information Officers' Council, and the career Rosemary leader — the Justice Department — for the last two years. Rosemary-winner James Clapper has offered several explanations for his untruthful disavowal of the National Security Agency's phone metadata dragnet. After his lie was exposed by the Edward Snowden revelations, Clapper first complained to NBC's Andrea Mitchell that the question about the NSA's surveillance of Americans was unfair, a — in his words — "When are you going to stop beating your wife kind of question." So, he responded "in what I thought was the most truthful, or least untruthful, manner by saying 'no.'"

After continuing criticism for his lie, Clapper wrote a letter to Chairman of the Senate Select Committee on Intelligence Dianne Feinstein, now explaining that he misunderstood Wyden's question and thought it was about the PRISM program (under Section 702 of the Foreign Intelligence Surveillance Act) rather than the telephone metadata collection program (under Section 215 of the Patriot Act). Clapper wrote that his staff "acknowledged the error" to Senator Wyden soon after — yet he chose to reject Wyden's offer to amend his answer. Former NSA senior counsel Joel Brenner blamed Congress for even asking the question, claiming that Wyden "sandbagged" Clapper by the "vicious tactic" of asking "Does the NSA collect any type of data at all on millions or hundreds of millions of Americans?" Meanwhile, Steve Aftergood of the Federation of American Scientists countered that "it is of course wrong for officials to make false statements, as DNI Clapper did," and that in fact the Senate Intelligence Committee "became complicit in public deception" for failing to rebut or correct Clapper's statement, which they knew to be untruthful. Clapper described his unclassified testimony as a game of "stump the chump." But when it came to oversight of the National Security Agency, it appears that senators and representatives were the chumps being stumped. According to Representative Justin Amash (R-Mich), the House Intelligence Committee "decided it wasn't worthwhile to share this information" about telephone metadata surveillance with other members of Congress. Classified briefings open to the whole House were a "farce," Amash contended, often consisting of information found in newspapers and public statutes.

The Emmy and George Polk Award-winning National Security Archive, based at the George Washington University, has carried out thirteen government-wide audits of FOIA performance, filed more than 50,000 Freedom of Information Act requests over the past 28 years, opened historic government secrets ranging from the CIA's "Family Jewels" to documents about the testing of stealth aircraft at Area 51, and won a series of historic lawsuits that saved hundreds of millions of White House e-mails from the Reagan through Obama presidencies, among many other achievements.

Director Clapper joins an undistinguished list of previous Rosemary Award winners: 2012 - the Justice Department (in a repeat performance, for failure to update FOIA regulations for compliance with the law, undermining congressional intent, and hyping its open government statistics) 2011- the Justice Department (for doing more than any other agency to eviscerate President Obama's Day One transparency pledge, through pit-bull whistleblower prosecutions, recycled secrecy arguments in court cases, retrograde FOIA regulations, and mixed FOIA responsiveness) 2010 - the Federal Chief Information Officers' Council (for "lifetime failure" to address the crisis in government e-mail preservation) 2009 - the FBI (for having a record-setting rate of "no records" responses to FOIA requests) 2008 - the Treasury Department (for shredding FOIA requests and delaying responses for decades) 2007 - the Air Force (for disappearing its FOIA requests and having "failed miserably" to meet its FOIA obligations, according to a federal court ruling) 2006 - the Central Intelligence Agency (for the biggest one-year drop-off in responsiveness to FOIA requests yet recorded).   ALSO-RANS The Rosemary Award competition in 2013 was fierce, with a host of government contenders threatening to surpass the Clapper "least untruthful" standard. These secrecy over-achievers included the following FOI delinquents:

Admiral William McRaven, head of the Special Operations Command for the raid that killed Osama Bin Laden, who purged his command's computers and file cabinets of all records on the raid, sent any remaining copies over to CIA where they would be effectively immune from the FOIA, and then masterminded a "no records" response to the Associated Press when the AP reporters filed FOIA requests for raid-related materials and photos. If not for a one-sentence mention in a leaked draft inspector general report — which the IG deleted for the final version — no one would have been the wiser about McRaven's shell game. Subsequently, a FOIA lawsuit by Judicial Watch uncovered the sole remaining e-mail from McRaven ordering the evidence destruction, in apparent violation of federal records laws, a felony for which the Admiral seems to have paid no price. Department of Defense classification reviewers who censored from a 1962 document on the Cuban Missile Crisis direct quotes from public statements by Soviet Premier Nikita Khrushchev. The quotes referred to the U.S. Jupiter missiles in Turkey that would ultimately (and secretly) be pulled out in exchange for Soviet withdrawal of its missiles in Cuba. The denials even occurred after an appeal by the National Security Archive, which provided as supporting material the text of the Khrushchev statements and multiple other officially declassified documents (and photographs!) describing the Jupiters in Turkey. Such absurd classification decisions call into question all of the standards used by the Pentagon and the National Declassification Center to review historical documents.

Admiral William McRaven memo from May 13, 2011, ordering the destruction of evidence relating to the Osama bin Laden raid. (From Judicial Watch)

The Department of Justice Office of Information Policy, which continues to misrepresent to Congress the government's FOIA performance, while enabling dramatic increases in the number of times government agencies invoke the purely discretionary "deliberative process" exemption. Five years after President Obama declared a "presumption of openness" for FOIA requests, Justice lawyers still cannot show a single case of FOIA litigation in which the purported new standards (including orders from their own boss, Attorney General Eric Holder) have caused the Department to change its position in favor of disclosure.

While Gemalto was indeed another casualty in Western governments’ sweeping effort to gather as much global intelligence advantage as possible, the leaked documents make clear that the company was specifically targeted. According to the materials published Thursday, GCHQ used a specific codename — DAPINO GAMMA — to refer to the operations against Gemalto. The spies also actively penetrated the email and social media accounts of Gemalto employees across the world in an effort to steal the company’s encryption keys. Evidence of the Gemalto breach rattled the digital security community. “Almost everyone in the world carries cell phones and this is an unprecedented mass attack on the privacy of citizens worldwide,” said Greg Nojeim, senior counsel at the Center for Democracy & Technology, a non-profit that advocates for digital privacy and free online expression. “While there is certainly value in targeted surveillance of cell phone communications, this coordinated subversion of the trusted technical security infrastructure of cell phones means the US and British governments now have easy access to our mobile communications.”

For Gemalto, evidence that their vaunted security systems and the privacy of customers had been compromised by the world’s top spy agencies made an immediate financial impact. The company’s shares took a dive on the Paris bourse Friday, falling $500 million. In the U.S., Gemalto’s shares fell as much 10 percent Friday morning. They had recovered somewhat — down 4 percent — by the close of trading on the Euronext stock exchange. Analysts at Dutch financial services company Rabobank speculated in a research note that Gemalto could be forced to recall “a large number” of SIM cards. The French daily L’Express noted today that Gemalto board member Alex Mandl was a founding trustee of the CIA-funded venture capital firm In-Q-Tel. Mandl resigned from In-Q-Tel’s board in 2002, when he was appointed CEO of Gemplus, which later merged with another company to become Gemalto. But the CIA connection still dogged Mandl, with the French press regularly insinuating that American spies could infiltrate the company. In 2003, a group of French lawmakers tried unsuccessfully to create a commission to investigate Gemplus’s ties to the CIA and its implications for the security of SIM cards. Mandl, an Austrian-American businessman who was once a top executive at AT&T, has denied that he had any relationship with the CIA beyond In-Q-Tel. In 2002, he said he did not even have a security clearance.

AT&T, T-Mobile and Verizon could not be reached for comment Friday. Sprint declined to comment. Vodafone, the world’s second largest telecom provider by subscribers and a customer of Gemalto, said in a statement, “[W]e have no further details of these allegations which are industrywide in nature and are not focused on any one mobile operator. We will support industry bodies and Gemalto in their investigations.” Deutsche Telekom AG, a German company, said it has changed encryption algorithms in its Gemalto SIM cards. “We currently have no knowledge that this additional protection mechanism has been compromised,” the company said in a statement. “However, we cannot rule out this completely.”

Update: Asked about the SIM card heist, White House press secretary Josh Earnest said he did not expect the news would hurt relations with the tech industry: “It’s hard for me to imagine that there are a lot of technology executives that are out there that are in a position of saying that they hope that people who wish harm to this country will be able to use their technology to do so. So, I do think in fact that there are opportunities for the private sector and the federal government to coordinate and to cooperate on these efforts, both to keep the country safe, but also to protect our civil liberties.”

Another committee member, Sen. Ron Wyden, D-Ore., and some civil rights groups called for a fuller investigation. The demands clashed with a desire by President Barack Obama, other lawmakers and the CIA to move beyond the controversy over the “enhanced interrogation program” after Feinstein releases her committee’s report, which could come as soon as next weekMany members demanded that Brennan explain his earlier denial that the CIA had accessed the Senate committee database.“Director Brennan should make a very public explanation and correction of what he said,” said Sen. Carl Levin, D-Mich. He all but accused the Justice Department of a coverup by deciding not to pursue a criminal investigation into the CIA’s intrusion.

“I thought there might have been information that was produced after the department reached their conclusion,” he said. “What I understand, they have all of the information which the IG has.”He hinted that the scandal goes further than the individuals cited in Buckley’s report.“I think it’s very clear that CIA people knew exactly what they were doing and either knew or should’ve known,” said Levin, adding that he thought that Buckley’s findings should be referred to the Justice Department.A person with knowledge of the issue insisted that the CIA personnel who improperly accessed the database “acted in good faith,” believing that they were empowered to do so because they believed there had been a security violation.“There was no malicious intent. They acted in good faith believing they had the legal standing to do so,” said the knowledgeable person, who asked not to be further identified because they weren’t authorized to discuss the issue publicly. “But it did not conform with the legal agreement reached with the Senate committee.”

Feinstein called Brennan’s apology and his decision to submit Buckley’s findings to the accountability board “positive first steps.”“This IG report corrects the record and it is my understanding that a declassified report will be made available to the public shortly,” she said in a statement.“The investigation confirmed what I said on the Senate floor in March _ CIA personnel inappropriately searched Senate Intelligence Committee computers in violation of an agreement we had reached, and I believe in violation of the constitutional separation of powers,” she said.It was not clear why Feinstein didn’t repeat her charges from March that the agency also may have broken the law and had sought to “thwart” her investigation into the CIA’s use of waterboarding, which simulates drowning, sleep deprivation and other harsh interrogation methods _ tactics denounced by many experts as torture.

Buckley’s findings clashed with denials by Brennan that he issued only hours after Feinstein’s blistering Senate speech.“As far as the allegations of, you know, CIA hacking into, you know, Senate computers, nothing could be further from the truth. I mean, we wouldn’t do that. I mean, that’s _ that’s just beyond the _ you know, the scope of reason in terms of what we would do,” he said in an appearance at the Council on Foreign Relations.White House Press Secretary Josh Earnest issued a strong defense of Brennan, crediting him with playing an “instrumental role” in the administration’s fight against terrorism, in launching Buckley’s investigation and in looking for ways to prevent such occurrences in the future.Earnest was asked at a news briefing whether there was a credibility issue for Brennan, given his forceful denial in March.“Not at all,” he replied, adding that Brennan had suggested the inspector general’s investigation in the first place. And, he added, Brennan had taken the further step of appointing the accountability board to review the situation and the conduct of those accused of acting improperly to “ensure that they are properly held accountable for that conduct.”

The allegations and the separate CIA charge that the committee staff removed classified documents from the secret CIA facility in Northern Virginia without authorization were referred to the Justice Department for investigation.The department earlier this month announced that it had found insufficient evidence on which to proceed with criminal probes into either matter “at this time.” Thursday, Justice Department officials declined comment.

In her speech, Feinstein asserted that her staff found the material _ known as the Panetta review, after former CIA Director Leon Panetta, who ordered it _ in the protected database and that the CIA discovered the staff had it by monitoring its computers in violation of the user agreement.The inspector general’s summary, which was prepared for the Senate and the House intelligence committees, didn’t identify the CIA personnel who had accessed the Senate’s protected database.Furthermore, it said, the CIA crimes report to the Justice Department alleging that panel staffers had removed classified materials without permission was grounded on inaccurate information. The report is believed to have been sent by the CIA’s then acting general counsel, Robert Eatinger, who was a legal adviser to the interrogation program.“The factual basis for the referral was not supported, as the author of the referral had been provided inaccurate information on which the letter was based,” said the summary, noting that the Justice Department decided not to pursue the issue.

Christopher Anders, senior legislative counsel with the American Civil Liberties Union, criticized the CIA announcement, saying that “an apology isn’t enough.”“The Justice Department must refer the (CIA) inspector general’s report to a federal prosecutor for a full investigation into any crimes by CIA personnel or contractors,” said Anders.

In reality, numerous telecoms companies were doing much more than that, as disclosed in a secret document prepared in 2009 by a joint working group of GCHQ, MI5 and MI6.Their report contended that allowing intercepts as evidence could damage relationships with "Communications Service Providers" (CSPs).In an extended excerpt of "the classified version" of a review prepared for the Privy Council, a formal body of advisers made up of current and former cabinet ministers, the document sets out the real nature of the relationship between telecoms firms and the UK government."Under RIPA [the Regulation of Investigatory Powers Act 2000], CSPs in the UK may be required to provide, at public expense, an adequate interception capability on their networks," it states. "In practice all significant providers do provide such a capability. But in many cases their assistance – while in conformity with the law – goes well beyond what it requires."

GCHQ's internet surveillance programme is the subject of a challenge in the European court of human rights, mounted by three privacy advocacy groups. The Open Rights Group, English PEN and Big Brother Watch argue the "unchecked surveillance" of Tempora is a challenge to the right to privacy, as set out in the European convention on human rights.That the Tempora programme appears to rely at least in part on voluntary co-operation of telecoms firms could become a major factor in that ongoing case. The revelation could also reignite the long-running debate over allowing intercept evidence in court.GCHQ's submission goes on to set out why its relationships with telecoms companies go further than what can be legally compelled under current law. It says that in the internet era, companies wishing to avoid being legally mandated to assist UK intelligence agencies would often be able to do so "at little cost or risk to their operations" by moving "some or all" of their communications services overseas.

As a result, "it has been necessary to enter into agreements with both UK-based and offshore providers for them to afford the UK agencies access, with appropriate legal authorisation, to the communications they carry outside the UK".The submission to ministers does not set out which overseas firms have entered into voluntary relationships with the UK, or even in which countries they operate, though documents detailing the Tempora programme made it clear the UK's interception capabilities relied on taps located both on UK soil and overseas.There is no indication as to whether the governments of the countries in which deals with companies have been struck would be aware of the GCHQ cable taps.

Evidence that telecoms firms and GCHQ are engaging in mass interception overseas could stoke an ongoing diplomatic row over surveillance ignited this week after the German chancellor, Angela Merkel, accused the NSA of monitoring her phone calls, and the subsequent revelation that the agency monitored communications of at least 35 other world leaders.On Friday, Merkel and the French president, François Hollande, agreed to spearhead efforts to make the NSA sign a new code of conduct on how it carried out intelligence operations within the European Union, after EU leaders warned that the international fight against terrorism was being jeopardised by the perception that mass US surveillance was out of control.Fear of diplomatic repercussions were one of the prime reasons given for GCHQ's insistence that its relationships with telecoms firms must be kept private .

Telecoms companies "feared damage to their brands internationally, if the extent of their co-operation with HMG [Her Majesty's government] became apparent", the GCHQ document warned. It added that if intercepts became admissible as evidence in UK courts "many CSPs asserted that they would withdraw their voluntary support".The report stressed that while companies are going beyond what they are required to do under UK law, they are not being asked to violate it.Shami Chakrabarti, Director of Liberty and Anthony Romero Executive Director of the American Civil Liberties Union issued a joint statement stating:"The Guardian's publication of information from Edward Snowden has uncovered a breach of trust by the US and UK Governments on the grandest scale. The newspaper's principled and selective revelations demonstrate our rulers' contempt for personal rights, freedoms and the rule of law.

"Across the globe, these disclosures continue to raise fundamental questions about the lack of effective legal protection against the interception of all our communications."Yet in Britain, that conversation is in danger of being lost beneath self-serving spin and scaremongering, with journalists who dare to question the secret state accused of aiding the enemy."A balance must of course be struck between security and transparency, but that cannot be achieved whilst the intelligence services and their political masters seek to avoid any scrutiny of, or debate about, their actions."The Guardian's decision to expose the extent to which our privacy is being violated should be applauded and not condemned."

The new license plate reader contract comes after years of internal lobbying by the agency. ICE first tested Vigilant’s system in 2012, gauging how effective it was at locating undocumented immigrants. Two years later, the agency issued an open solicitation for the technology, sparking an outcry from civil liberties group. Homeland Security secretary Jeh Johnson canceled the solicitation shortly afterward, citing privacy concerns, although two field offices subsequently formed rogue contracts with Vigilant in apparent violation of Johnson’s policy. In 2015, Homeland Security issued another call for bids, although an ICE representative said no contract resulted from that solicitation. As a result, this new contract is the first agency-wide contract ICE has completed with the company, a fact that is reflected in accompanying documents. On December 27th, 2017, Homeland Security issued an updated privacy assessment of license plate reader technology, a move it explained was necessary because “ICE has now entered into a contract with a vendor.” The new system places some limits on ICE surveillance, but not enough to quiet privacy concerns. Unlike many agencies, ICE won’t upload new data to Vigilant’s system but simply scan through the data that’s already there. In practical terms, that means driving past a Vigilant-linked camera might flag a car to ICE, but driving past an ICE camera won’t flag a car to everyone else using the system. License plates on the hot list will also expire after one year, and the system retains extensive audit logs to help supervisors trace back any abuse of the system. Still, the biggest concern for critics is the sheer scale of Vigilant’s network, assembled almost entirely outside of public accountability. “If ICE were to propose a system that would do what Vigilant does, there would be a huge privacy uproar and I don’t think Congress would approve it,” Stanley says. “But because it’s a private contract, they can sidestep that process.”

The challenges were brought by Liberty, Privacy International and other civil liberties groups who claimed that GCHQ’s receipt of private communications intercepted by the NSA through its “mass surveillance” programmes Prism and Upstream was illegal.

The legal challenge was the first of dozens of GCHQ-related claims to be examined in detail by the IPT, which hears complaints against British intelligence agencies and government bodies that carry out surveillance under Ripa. Some of the most sensitive evidence about interceptions was heard in private sessions from which the rights groups were excluded.

According to one secret GCHQ slide, the British intelligence agency penetrated Gemalto’s internal networks, planting malware on several computers, giving GCHQ secret access. We “believe we have their entire network,” the slide’s author boasted about the operation against Gemalto. Additionally, the spy agency targeted unnamed cellular companies’ core networks, giving it access to “sales staff machines for customer information and network engineers machines for network maps.” GCHQ also claimed the ability to manipulate the billing servers of cell companies to “suppress” charges in an effort to conceal the spy agency’s secret actions against an individual’s phone. Most significantly, GCHQ also penetrated “authentication servers,” allowing it to decrypt data and voice communications between a targeted individual’s phone and his or her telecom provider’s network. A note accompanying the slide asserted that the spy agency was “very happy with the data so far and [was] working through the vast quantity of product.”

The U.S. and British intelligence agencies pulled off the encryption key heist in great stealth, giving them the ability to intercept and decrypt communications without alerting the wireless network provider, the foreign government or the individual user that they have been targeted. “Gaining access to a database of keys is pretty much game over for cellular encryption,” says Matthew Green, a cryptography specialist at the Johns Hopkins Information Security Institute. The massive key theft is “bad news for phone security. Really bad news.”

If collection is universal, the collectors don’t have to explain to others (or even to themselves) why they are targeting this person or group and not another. Possessing the data in secret, they can then decide in secret who they are really interested in.

the FISA court. But that court acts not just in secret, but ex parte – hearing only one side.

From Barack Obama to Karl Rove, the ruling class is in unison: The NSA’s collection of data on virtually all Americans is essential to preventing you from “being blown to smithereens on your morning commute”

These programs stand between Americans and terrorists. Worries that they will be misused are misplaced or downright kooky.

anyone who has followed telecommunication technology and intelligence during the past three decades can only scoff at the claim that universal collection of telephone externals and access to internet traffic can thwart serious criminals or terrorists.

The drive to breach the national boundaries of money and establish a global cashless society has become a World War on cash with IMF backing to go digital and global.