Group items tagged

Microsoft's new plan to keep the US government's hands off its customers' data: Germany will be a safe harbor in the digital privacy storm. Microsoft on Wednesday announced that beginning in the second half of 2016, it will give foreign customers the option of keeping data in new European facilities that, at least in theory, should shield customers from US government surveillance. It will cost more, according to the Financial Times, though pricing details weren't forthcoming. Microsoft Cloud - including Azure, Office 365 and Dynamics CRM Online - will be hosted from new datacenters in the German regions of Magdeburg and Frankfurt am Main. Access to data will be controlled by what the company called a German data trustee: T-Systems, a subsidiary of the independent German company Deutsche Telekom. Without the permission of Deutsche Telekom or customers, Microsoft won't be able to get its hands on the data. If it does get permission, the trustee will still control and oversee Microsoft's access.

Microsoft CEO Satya Nadella dropped the word "trust" into the company's statement: Microsoft’s mission is to empower every person and every individual on the planet to achieve more. Our new datacenter regions in Germany, operated in partnership with Deutsche Telekom, will not only spur local innovation and growth, but offer customers choice and trust in how their data is handled and where it is stored.

On Tuesday, at the Future Decoded conference in London, Nadella also announced that Microsoft would, for the first time, be opening two UK datacenters next year. The company's also expanding its existing operations in Ireland and the Netherlands. Officially, none of this has anything to do with the long-drawn-out squabbling over the transatlantic Safe Harbor agreement, which the EU's highest court struck down last month, calling the agreement "invalid" because it didn't protect data from US surveillance. No, Nadella said, the new datacenters and expansions are all about giving local businesses and organizations "transformative technology they need to seize new global growth." But as Diginomica reports, Microsoft EVP of Cloud and Enterprise Scott Guthrie followed up his boss’s comments by saying that yes, the driver behind the new datacenters is to let customers keep data close: We can guarantee customers that their data will always stay in the UK. Being able to very concretely tell that story is something that I think will accelerate cloud adoption further in the UK.

The United States on Friday criticized proposals to build a European communication network to avoid emails and other data passing through the United States, warning that such rules could breach international trade laws. In its annual review of telecommunications trade barriers, the office of the U.S. Trade Representative said impediments to cross-border data flows were a serious and growing concern.It was closely watching new laws in Turkey that led to the blocking of websites and restrictions on personal data, as well as calls in Europe for a local communications network following revelations last year about U.S. digital eavesdropping and surveillance."Recent proposals from countries within the European Union to create a Europe-only electronic network (dubbed a 'Schengen cloud' by advocates) or to create national-only electronic networks could potentially lead to effective exclusion or discrimination against foreign service suppliers that are directly offering network services, or dependent on them," the USTR said in the report.

Germany and France have been discussing ways to build a European network to keep data secure after the U.S. spying scandal. Even German Chancellor Angela Merkel's cell phone was reportedly monitored by American spies.The USTR said proposals by Germany's state-backed Deutsche Telekom to bypass the United States were "draconian" and likely aimed at giving European companies an advantage over their U.S. counterparts.Deutsche Telekom has suggested laws to stop data traveling within continental Europe being routed via Asia or the United States and scrapping the Safe Harbor agreement that allows U.S. companies with European-level privacy standards access to European data. (www.telekom.com/dataprotection)"Any mandatory intra-EU routing may raise questions with respect to compliance with the EU's trade obligations with respect to Internet-enabled services," the USTR said. "Accordingly, USTR will be carefully monitoring the development of any such proposals."

U.S. tech companies, the leaders in an e-commerce marketplace estimated to be worth up to $8 trillion a year, have urged the White House to undertake reforms to calm privacy concerns and fend off digital protectionism.

The chances of Theresa May reintroducing her "snooper's charter" communications data bill are practically zero in the wake of the Guardian's disclosures on the scale of internet surveillance, leading Tory and Labour civil liberties campaigners have said.David Davis, a former contender for Conservative leadership, and Tom Watson, the Labour deputy chair, both said on Thursday they felt there had been a change in the atmosphere at Westminster compared with the "great rush" to legislate in the immediate aftermath of the Woolwich murder of Drummer Lee Rigby.Both MPs said the disclosure of the mass harvesting of personal communications, including internet data, by the American National Security Agency and Britain's eavesdropping agency, GCHQ, had shown that the existing UK regulatory framework was completely ineffective.Davis said in particular that GCHQ's Tempora operation, which harvests global phone and internet traffic by tapping into the transatlantic fibre-optic cables, had "put up a big red flag" indicating it was time to think again from scratch about the legal oversight arrangements.

He said it was necessary to look at ways of rewriting the Regulation of Investigatory Powers Act 2000, which sets out the legal oversight arrangements for the interception and surveillance of communications.But the former shadow home secretary and staunch Eurosceptic also praised the efforts of Viviane Reding, the EU commissioner for justice, who wrote to the foreign secretary, William Hague, on Wednesday giving him until the end of the week to answer the charge that the fundamental rights of citizens across Europe were being flouted."I hope that Viviane Reding keeps up the pressure. This is the only time you will hear me say that the European Union might be the answer," said Davis.Watson said he shared Davis's analysis of the poor prospects for the reintroduction of May's communications data bill, which would require internet and phone companies to store for up to 12 months data tracking everyone's use of email, phone and internet.

The meeting heard from surveillance experts Casper Bowden, a former chief privacy adviser to Microsoft, and solicitor/advocate, Simon McKay. Bowden said a huge debt was owed to Snowden, who had made the most important disclosures about surveillance for more than 25 years.He said the disclosures had serious implications for the corporate and individual stampede towards the use of "cloud computing" storage, much of which was housed in the US. He said that there was a real danger now that Britain would be left in an exposed position, with the rest of Europe not willing to allow their data to be stored through the UK. "Keep your cloudbase close and local and keep it in your jurisdiction," he said, adding that encryption was very limited as a defence.Bowden, who has worked as an adviser to the EU on its new data protection directive, which has yet to come into force principally because of British opposition, said he had secured an amendment giving protection for whistleblowers.He had also argued for a warning "pop-up" to be required when data was being transferred outside the EU's borders.

One security start-up that had an encounter with the FBI was Wickr, a privacy-forward text messaging app for the iPhone with an Android version in private beta. Wickr's co-founder Nico Sell told CNET at Defcon, "Wickr has been approached by the FBI and asked for a backdoor. We said, 'No.'" The mistrust runs deep. "Even if [the NSA] stood up tomorrow and said that [they] have eliminated these programs," said Marlinspike, "How could we believe them? How can we believe that anything they say is true?" Where does security innovation go next? The immediate future of information security innovation most likely lies in software that provides an existing service but with heightened privacy protections, such as webmail that doesn't mine you for personal data.

Wickr's Sell thinks that her company has hit upon a privacy innovation that a few others are also doing, but many will soon follow: the company itself doesn't store user data. "[The FBI] would have to force us to build a new app. With the current app there's no way," she said, that they could incorporate backdoor access to Wickr users' texts or metadata. "Even if you trust the NSA 100 percent that they're going to use [your data] correctly," Sell said, "Do you trust that they're going to be able to keep it safe from hackers? What if somebody gets that database and posts it online?" To that end, she said, people will start seeing privacy innovation for services that don't currently provide it. Calling it "social networks 2.0," she said that social network competitors will arise that do a better job of protecting their customer's privacy and predicted that some that succeed will do so because of their emphasis on privacy. Abine's recent MaskMe browser add-on and mobile app for creating disposable e-mail addresses, phone numbers, and credit cards is another example of a service that doesn't have access to its own users' data.

Stamos predicted changes in services that companies with cloud storage offer, including offering customers the ability to store their data outside of the U.S. "If they want to stay competitive, they're going to have to," he said. But, he cautioned, "It's impossible to do a cloud-based ad supported service." Soghoian added, "The only way to keep a service running is to pay them money." This, he said, is going to give rise to a new wave of ad-free, privacy protective subscription services.

Snowden: That’s the key—to maintain the garden of liberty, right? This is a generational thing that we must all do continuously. We only have the rights that we protect. It doesn’t matter what we say or think we have. It’s not enough to believe in something; it matters what we actually defend. So when we think in the context of the last decade’s infringements upon personal liberty and the last year’s revelations, it’s not about surveillance. It’s about liberty. When people say, “I have nothing to hide,” what they’re saying is, “My rights don’t matter.” Because you don’t need to justify your rights as a citizen—that inverts the model of responsibility. The government must justify its intrusion into your rights. If you stop defending your rights by saying, “I don’t need them in this context” or “I can’t understand this,” they are no longer rights. You have ceded the concept of your own rights. You’ve converted them into something you get as a revocable privilege from the government, something that can be abrogated at its convenience. And that has diminished the measure of liberty within a society.

From the very beginning, I said there are two tracks of reform: there’s the political and the technical. I don’t believe the political will be successful, for exactly the reasons you underlined. The issue is too abstract for average people, who have too many things going on in their lives. And we do not live in a revolutionary time. People are not prepared to contest power. We have a system of education that is really a sort of euphemism for indoctrination. It’s not designed to create critical thinkers. We have a media that goes along with the government by parroting phrases intended to provoke a certain emotional response—for example, “national security.” Everyone says “national security” to the point that we now must use the term “national security.” But it is not national security that they’re concerned with; it is state security. And that’s a key distinction. We don’t like to use the phrase “state security” in the United States because it reminds us of all the bad regimes. But it’s a key concept, because when these officials are out on TV, they’re not talking about what’s good for you. They’re not talking about what’s good for business. They’re not talking about what’s good for society. They’re talking about the protection and perpetuation of a national state system. I’m not an anarchist. I’m not saying, “Burn it to the ground.” But I’m saying we need to be aware of it, and we need to be able to distinguish when political developments are occurring that are contrary to the public interest. And that cannot happen if we do not question the premises on which they’re founded. And that’s why I don’t think political reform is likely to succeed. [Senators] Udall and Wyden, on the intelligence committee, have been sounding the alarm, but they are a minority.

The Nation: Every president—and this seems to be confirmed by history—will seek to maximize his or her power, and will see modern-day surveillance as part of that power. Who is going to restrain presidential power in this regard? Snowden: That’s why we have separate and co-equal branches. Maybe it will be Congress, maybe not. Might be the courts, might not. But the idea is that, over time, one of these will get the courage to do so. One of the saddest and most damaging legacies of the Bush administration is the increased assertion of the “state secrets” privilege, which kept organizations like the ACLU—which had cases of people who had actually been tortured and held in indefinite detention—from getting their day in court. The courts were afraid to challenge executive declarations of what would happen. Now, over the last year, we have seen—in almost every single court that has had this sort of national-security case—that they have become markedly more skeptical. People at civil-liberties organizations say it’s a sea change, and that it’s very clear judges have begun to question more critically assertions made by the executive. Even though it seems so obvious now, it is extraordinary in the context of the last decade, because courts had simply said they were not the best branch to adjudicate these claims—which is completely wrong, because they are the only nonpolitical branch. They are the branch that is specifically charged with deciding issues that cannot be impartially decided by politicians. The power of the presidency is important, but it is not determinative. Presidents should not be exempted from the same standards of reason and evidence and justification that any other citizen or civil movement should be held to.

All existing data sharing agreements between Europe and the US should be revoked, and US web site providers should prominently inform European citizens that their data may be subject to government surveillance, according to the recommendations of a briefing report for the European Parliament. The report was produced in response to revelations about the US National Security Agency (NSA) snooping on internet traffic, and aims to highlight the subsequent effect on European Union (EU) citizens' rights.

The report warns that EU data protection authorities have failed to understand the “structural shift of data sovereignty implied by cloud computing”, and the associated risks to the rights of EU citizens. It suggests “a full industrial policy for development of an autonomous European cloud computing capacity” should be set up to reduce exposure of EU data to NSA surveillance that is undertaken by the use of US legislation that forces US-based cloud providers to provide access to data they hold.

To put pressure on the US government, the report recommends that US websites should ask EU citizens for their consent before gathering data that could be used by the NSA. “Prominent notices should be displayed by every US web site offering services in the EU to inform consent to collect data from EU citizens. The users should be made aware that the data may be subject to surveillance by the US government for any purpose which furthers US foreign policy,” it said. “A consent requirement will raise EU citizen awareness and favour growth of services solely within EU jurisdiction. This will thus have economic impact on US business and increase pressure on the US government to reach a settlement.”

IBM announced today that it would throw another billion at Linux, the open-source operating system, to run its Power System servers. The first time it had thrown a billion at Linux was in 2001, when Linux was a crazy, untested, even ludicrous proposition for the corporate world. So the moolah back then didn’t go to Linux itself, which was free, but to related technologies across hardware, software, and service, including things like sales and advertising – and into IBM’s partnership with Red Hat which was developing its enterprise operating system, Red Hat Enterprise Linux. “It helped start a flurry of innovation that has never slowed,” said Jim Zemlin, executive director of the Linux Foundation. IBM claims that the investment would “help clients capitalize on big data and cloud computing with modern systems built to handle the new wave of applications coming to the data center in the post-PC era.” Some of the moolah will be plowed into the Power Systems Linux Center in Montpellier, France, which opened today. IBM’s first Power Systems Linux Center opened in Beijing in May. IBM may be trying to make hay of the ongoing revelations that have shown that the NSA and other intelligence organizations in the US and elsewhere have roped in American tech companies of all stripes with huge contracts to perfect a seamless spy network. They even include physical aspects of surveillance, such as license plate scanners and cameras, which are everywhere [read.... Surveillance Society: If You Drive, You Get Tracked].

Then another boon for IBM. Experts at the German Federal Office for Security in Information Technology (BIS) determined that Windows 8 is dangerous for data security. It allows Microsoft to control the computer remotely through a “special surveillance chip,” the wonderfully named Trusted Platform Module (TPM), and a backdoor in the software – with keys likely accessible to the NSA and possibly other third parties, such as the Chinese. Risks: “Loss of control over the operating system and the hardware” [read.... LEAKED: German Government Warns Key Entities Not To Use Windows 8 – Links The NSA.

It would be an enormous competitive advantage for an IBM salesperson to walk into a government or corporate IT department and sell Big Data servers that don’t run on Windows, but on Linux. With the Windows 8 debacle now in public view, IBM salespeople don’t even have to mention it. In the hope of stemming the pernicious revenue decline their employer has been suffering from, they can politely and professionally hype the security benefits of IBM’s systems and mention in passing the comforting fact that some of it would be developed in the Power Systems Linux Centers in Montpellier and Beijing. Alas, Linux too is tarnished. The backdoors are there, though the code can be inspected, unlike Windows code. And then there is Security-Enhanced Linux (SELinux), which was integrated into the Linux kernel in 2003. It provides a mechanism for supporting “access control” (a backdoor) and “security policies.” Who developed SELinux? Um, the NSA – which helpfully discloses some details on its own website (emphasis mine): The results of several previous research projects in this area have yielded a strong, flexible mandatory access control architecture called Flask. A reference implementation of this architecture was first integrated into a security-enhanced Linux® prototype system in order to demonstrate the value of flexible mandatory access controls and how such controls could be added to an operating system. The architecture has been subsequently mainstreamed into Linux and ported to several other systems, including the Solaris™ operating system, the FreeBSD® operating system, and the Darwin kernel, spawning a wide range of related work.

Less than a week after the attacks in Paris — while the public and policymakers were still reeling, and the investigation had barely gotten off the ground — Cy Vance, Manhattan’s District Attorney, released a policy paper calling for legislation requiring companies to provide the government with backdoor access to their smartphones and other mobile devices. This is the first concrete proposal of this type since September 2014, when FBI Director James Comey reignited the “Crypto Wars” in response to Apple’s and Google’s decisions to use default encryption on their smartphones. Though Comey seized on Apple’s and Google’s decisions to encrypt their devices by default, his concerns are primarily related to end-to-end encryption, which protects communications that are in transit. Vance’s proposal, on the other hand, is only concerned with device encryption, which protects data stored on phones. It is still unclear whether encryption played any role in the Paris attacks, though we do know that the attackers were using unencrypted SMS text messages on the night of the attack, and that some of them were even known to intelligence agencies and had previously been under surveillance. But regardless of whether encryption was used at some point during the planning of the attacks, as I lay out below, prohibiting companies from selling encrypted devices would not prevent criminals or terrorists from being able to access unbreakable encryption. Vance’s primary complaint is that Apple’s and Google’s decisions to provide their customers with more secure devices through encryption interferes with criminal investigations. He claims encryption prevents law enforcement from accessing stored data like iMessages, photos and videos, Internet search histories, and third party app data. He makes several arguments to justify his proposal to build backdoors into encrypted smartphones, but none of them hold water.

Before addressing the major privacy, security, and implementation concerns that his proposal raises, it is worth noting that while an increase in use of fully encrypted devices could interfere with some law enforcement investigations, it will help prevent far more crimes — especially smartphone theft, and the consequent potential for identity theft. According to Consumer Reports, in 2014 there were more than two million victims of smartphone theft, and nearly two-thirds of all smartphone users either took no steps to secure their phones or their data or failed to implement passcode access for their phones. Default encryption could reduce instances of theft because perpetrators would no longer be able to break into the phone to steal the data.

Vance argues that creating a weakness in encryption to allow law enforcement to access data stored on devices does not raise serious concerns for security and privacy, since in order to exploit the vulnerability one would need access to the actual device. He considers this an acceptable risk, claiming it would not be the same as creating a widespread vulnerability in encryption protecting communications in transit (like emails), and that it would be cheap and easy for companies to implement. But Vance seems to be underestimating the risks involved with his plan. It is increasingly important that smartphones and other devices are protected by the strongest encryption possible. Our devices and the apps on them contain astonishing amounts of personal information, so much that an unprecedented level of harm could be caused if a smartphone or device with an exploitable vulnerability is stolen, not least in the forms of identity fraud and credit card theft. We bank on our phones, and have access to credit card payments with services like Apple Pay. Our contact lists are stored on our phones, including phone numbers, emails, social media accounts, and addresses. Passwords are often stored on people’s phones. And phones and apps are often full of personal details about their lives, from food diaries to logs of favorite places to personal photographs. Symantec conducted a study, where the company spread 50 “lost” phones in public to see what people who picked up the phones would do with them. The company found that 95 percent of those people tried to access the phone, and while nearly 90 percent tried to access private information stored on the phone or in other private accounts such as banking services and email, only 50 percent attempted contacting the owner.

Brazil plans to divorce itself from the U.S.-centric Internet over Washington’s widespread online spying, a move that many experts fear will be a potentially dangerous first step toward fracturing a global network built with minimal interference by governments. President Dilma Rousseff ordered a series of measures aimed at greater Brazilian online independence and security following revelations that the U.S. National Security Agency intercepted her communications, hacked into the state-owned Petrobras oil company’s network and spied on Brazilians who entrusted their personal data to U.S. tech companies such as Facebook and Google. The leader is so angered by the espionage that on Tuesday she postponed next month’s scheduled trip to Washington, where she was to be honored with a state dinner. Internet security and policy experts say the Brazilian government’s reaction to information leaked by former NSA contractor Edward Snowden is understandable, but warn it could set the Internet on a course of Balkanization.

“The global backlash is only beginning and will get far more severe in coming months,” said Sascha Meinrath, director of the Open Technology Institute at the Washington-based New America Foundation think tank. “This notion of national privacy sovereignty is going to be an increasingly salient issue around the globe.” While Brazil isn’t proposing to bar its citizens from U.S.-based Web services, it wants their data to be stored locally as the nation assumes greater control over Brazilians’ Internet use to protect them from NSA snooping. The danger of mandating that kind of geographic isolation, Meinrath said, is that it could render inoperable popular software applications and services and endanger the Internet’s open, interconnected structure.

The effort by Latin America’s biggest economy to digitally isolate itself from U.S. spying not only could be costly and difficult, it could encourage repressive governments to seek greater technical control over the Internet to crush free expression at home, experts say. In December, countries advocating greater “cyber-sovereignty” pushed for such control at an International Telecommunications Union meeting in Dubai, with Western democracies led by the United States and the European Union in opposition.

Director of National Intelligence James Clapper has won the infamous Rosemary Award for worst open government performance in 2013, according to the citation published today by the National Security Archive at www.nsarchive.org. Despite heavy competition, Clapper's "No, sir" lie to Senator Ron Wyden's question: "Does the NSA collect any type of data at all on millions or hundreds of millions of Americans?" sealed his receipt of the dubious achievement award, which cites the vastly excessive secrecy of the entire U.S. surveillance establishment. The Rosemary Award citation leads with what Clapper later called the "least untruthful" answer possible to congressional questions about the secret bulk collection of Americans' phone call data. It further cites other Clapper claims later proved false, such as his 2012 statement that "we don't hold data on U.S. citizens." But the Award also recognizes Clapper's fellow secrecy fetishists and enablers, including:

Gen. Keith Alexander, director of the NSA, for multiple Rose Mary Woods-type stretches, such as (1) claiming that the secret bulk collection prevented 54 terrorist plots against the U.S. when the actual number, according to the congressionally-established Privacy and Civil Liberties Oversight Board (PCLOB) investigation (pp. 145-153), is zero; (2) his 2009 declaration to the wiretap court that multiple NSA violations of the court's orders arose from differences over "terminology," an explanation which the chief judge said "strains credulity;" and (3) public statements by the NSA about its programs that had to be taken down from its website for inaccuracies (see Documents 78, 85, 87 in The Snowden Affair), along with public statements by other top NSA officials now known to be untrue (see "Remarks of Rajesh De," NSA General Counsel, Document 53 in The Snowden Affair).

Robert Mueller, former FBI director, for suggesting (as have Gen. Alexander and many others) that the secret bulk collection program might have been able to prevent the 9/11 attacks, when the 9/11 Commission found explicitly the problem was not lack of data points, but failing to connect the many dots the intelligence community already had about the would-be hijackers living in San Diego. The National Security Division lawyers at the Justice Department, for misleading their own Solicitor General (Donald Verrilli) who then misled (inadvertently) the U.S. Supreme Court over whether Justice let defendants know that bulk collection had contributed to their prosecutions. The same National Security Division lawyers who swore under oath in the Electronic Frontier Foundation's Freedom of Information Act lawsuit for a key wiretap court opinion that the entire text of the opinion was appropriately classified Top Secret/Sensitive Compartmented Information (release of which would cause "exceptionally grave damage" to U.S. national security). Only after the Edward Snowden leaks and the embarrassed governmental declassification of the opinion did we find that one key part of the opinion's text simply reproduced the actual language of the 4th Amendment to the U.S. Constitution, and the only "grave damage" was to the government's false claims.

Tech giants including Apple, Facebook and Google called for substantial reforms to the US government's surveillance programmes Thursday in a letter to the Senate judiciary committee.In the wake of more revelations about the lengths to which the National Security Agency has gone to intercept data, the companies have called for more transparency and "substantial enhancements to privacy protections and appropriate oversight and accountability mechanisms for those programs."The letter, also signed by AOL, Microsoft and Yahoo, follows the release of more documents obtained by former NSA contractor Edward Snowden that reveal the US authorities were secretly tapping in to the tech firm's main communications links.The letter "applauds" the USA Freedom Act, a bill sponsored by Democrat senator Patrick Leahy and Republican congressman James Sensenbrenner that would end the bulk collection of data from millions of Americans and set up a privacy advocate to monitor the Fisa court, which oversees the NSA's US activities.

In a recent report the Information Technology and Innovation Foundation (ITIF) said the US tech firms could end up losing out on tens of billions of dollars in the cloud-based computing space in the wake of Snowden's revelations. Cloud computing is a rapidly growing area and revelations that the US authorities have been scooping up the personal data of millions of users, particularly outside the US, could cost them business."On the low end, US cloud computing providers might lose $21.5bn over the next three years," ITIF concluded. On the high end the report put the figure at $35bn.

Cisco CEO John Chambers had a euphemism for it during the first quarter earnings call: the “challenging political dynamics in that country,” that country being China. But then there was India and others, including Russia where NSA leaker Edward Snowden is holed up, and where sales crashed much worse than in China. It led Cisco to chop its guidance. Overall revenues, instead of rising, would drop 8% to 10%. Or, as Tal Liani, an analyst from Bank of America, pointed out during the call, by “11% sequentially,” the worst since January 2009 when “the world was about to collapse.” It was in between the lines everywhere, but never once did Chambers, or anyone else on his team, mouth the acronym NSA. It was off limits. And that’s exactly how another tech giant, IBM, had dealt with its own China revenue fiasco.

How fast has the collapse happened? Cisco had already been struggling in China a year ago, when business was “flat.” Chambers had explained at the time that China was “very important” to Cisco. “We have invested a lot of resources in innovation in China for the last 20 years, and our commitment to China has not changed in any way,” he’d said. But China is home to some of Cisco’s largest competitors, Huawei and ZTE – whose forays into the US have been blocked by Congress for security reasons. Cisco was feeling the heat from that imbroglio – but it thought that problem would go away in a couple of quarters. In Q4, ending July 31, after the Snowden revelations had been ricocheting around for months, the China business fell 6%. “China is a little bit unique to Cisco because of some of the issues going on, which you all are aware of,” he’d said during the earnings call on August 14, once again refusing the utter NSA. Three months later, due to “the challenging political dynamics in that country?” An 18% plunge. Business in India, the “highlight in Asia-Pacific,” as Chambers had called it three months ago, had been up a dizzying 19% during Q4. Three months later, a stunning reversal: down 18%.

A year ago, Brazil was a star: orders had jumped 24%! By Q4 this year, orders were flat. Then revelations pushed Brazil center-stage in the spying scandal, and it had an allergic reaction. The government is even trying to force Google and others to keep Brazilian data in local data centers, not spread around the world. It would require the reengineering of the internet. During that quarter, orders plunged 25%! And Russia, where Snowden is trying to find new footing? Already damaged from the revelations, business in Q4 had been “approximately flat.” But now it plummeted 30%, the worst of any major market in Cisco’s book.

Google, which briefly considered moving all of its computer servers out of the United States last year after learning how they had been penetrated by the National Security Agency, was looking for a public assurance from President Obama that the government would no longer secretly suck data from the company’s corner of the Internet cloud.Microsoft was listening to see if Mr. Obama would adopt a recommendation from his advisers that the government stop routinely stockpiling flaws in its Windows operating system, then using them to penetrate some foreign computer systems and, in rare cases, launch cyberattacks.

Intel and computer security companies were eager to hear Mr. Obama embrace a commitment that the United States would never knowingly move to weaken encryption systems. They got none of that.

Perhaps the most striking element of Mr. Obama’s speech on Friday was what it omitted: While he bolstered some protections for citizens who fear the N.S.A. is downloading their every dial, tweet and text message, he did nothing, at least yet, to loosen the agency’s grip on the world’s digital pipelines. White House officials said that Mr. Obama was committed to studying the complaints by American industry that the revelations were costing them billions of dollars in business overseas, by giving everyone from the Germans to the Brazilians to the Chinese an excuse to avoid American hardware and cloud services. “The most interesting part of this speech was not how the president weighed individual privacy against the N.S.A.,” said Fred H. Cate, the director of the Center of Applied Cybersecurity Research at Indiana University, “but that he said little about what to do about the agency’s practice of vacuuming up everything it can get its hands on.”

Microsoft has joined forces with Taser to combine the Azure cloud platform with law enforcement management tools.

Taser’s Axon body camera data management software on Evidence.com will run on Azure and Windows 10 devices to integrate evidence collection, analysis, and archival features as set forth by the Federal Bureau of Investigation Criminal Justice Information Services (CJIS) Security Policy. As per the partnership, Taser will utilize Azure’s machine learning and computing technologies to store police data on Microsoft’s government cloud. In addition, redaction capabilities of Taser will be improved which will assist police departments that are subject to bulk data requests. Currently, Taser is operating on Amazon Web Services; however this deal may entice police departments to upgrade their technology, which in turn would drive up sales of Windows 10. This partnership comes after Taser was given a lucrative deal with the Los Angeles Police Department (LAPD) last year, who ordered 7,000 body cameras equipped with 800 Axom body cameras for their officers in response to the recent deaths of several African Americans at the hands of police.

In order to ensure Taser maintains a monopoly on police body cameras, the corporation acquired contracts with police departments all across the nation for the purchase of body cameras through dubious ties to certain chiefs of police. The corporation announced in 2014 that “orders for body cameras [has] soared to $24.6 million from October to December” which represents a 5-fold increase in profits from 2013. Currently, Taser is in 13 cities with negotiations for new contracts being discussed in 28 more. Taser, according to records and interviews, allegedly has “financial ties to police chiefs whose departments have bought the recording devices.” In fact, Taser has been shown to provide airfare and luxury hotels for chiefs of police when traveling for speaking engagements in Australia and the United Arab Emirates (UAE); and hired them as consultants – among other perks and deals. Since 2013, Taser has been contractually bound with “consulting agreements with two such chiefs’ weeks after they retired” as well as is allegedly “in talks with a third who also backed the purchase of its products.”

     Her 45-page motion argues that her client's subpoena has fateful repercussions in the age of cloud computing, an umbrella term describing the use of remote databases to store users' private information.     "Personal communications, daily schedules and travel itineraries that you once stored in a desk drawer or dedicated directory on a home computer are now stored for you by your ISP or social-networking site, somewhere in the cloud," the motion states. "The information is still yours. You still have control over it, but both technically and technologically someone else is now its custodian.     "The question this case poses to the court is: What, if anything, does the change in architecture and protocols of the Internet mean for the relationship between the individual and the state?

     "From Harris' perspective, not much has changed - only the address of your e-storage locker. Law enforcement is still seeking your information, still has to go to you for it, and still has to get your consent or obtain the information via discovery.     "From the [District Attorney of New York]'s perspective, the rise of e-storage has changed everything. The advent of cloud computing releases the DANY from any obligation to ask you for the information or obtain it from you through discovery. From its perspective, it can deal with the owner of the e-storage locker as though that person were the principal, rather than your agent. Since the owner of the storage locker does not have a proprietary interest or expectation of privacy in the stored information, however, that means there are no meaningful constitutional constraints on law enforcement, and your First and Fourth Amendment rights have vanished."

New or newly updated reports from the Congressional Research Service that Congress has withheld from online public distribution include the following.

Cybersecurity: Authoritative Reports and Resources, October 25, 2013

“The President… recognizes that U.S. citizens and institutions should have a reasonable expectation of privacy from foreign or domestic intercept when using the public telephone system,” according to National Security Decision Memorandum 338 of September 1, 1976 (document 180).

I thought about that March night as the election results rolled in, as the New York Times forecast showed Hillary Clinton’s chances of winning the presidency plummet from about 80% to less than 5%, while Trump’s fortunes skyrocketed by the minute. As Clinton’s future in the Oval Office evaporated, leaving only a whiff of her stale dreams, I saw all the foreign-policy certainties, all the hawkish policies and military interventions, all the would-be bin Laden raids and drone strikes she’d preside over as commander-in-chief similarly vanish into the ether. With her failed candidacy went the no-fly escalation in Syria that she was sure to pursue as president with the vigor she had applied to the disastrous Libyan intervention of 2011 while secretary of state.  So, too, went her continued pursuit of the now-nameless war on terror, the attendant “gray-zone” conflicts — marked by small contingents of U.S. troops, drone strikes, and bombing campaigns — and all those munitions she would ship to Saudi Arabia for its war in Yemen. As the life drained from Clinton’s candidacy, I saw her rabid pursuit of a new Cold War start to wither and Russo-phobic comparisons of Putin’s rickety Russian petro-state to Stalin’s Soviet Union begin to die.  I saw the end, too, of her Iron Curtain-clouded vision of NATO, of her blind faith in an alliance more in line with 1957 than 2017. As Clinton’s political fortunes collapsed, so did her Israel-Palestine policy — rooted in the fiction that American and Israeli security interests overlap — and her commitment to what was clearly an unworkable “peace process.”  Just as, for domestic considerations, she would blindly support that Middle Eastern nuclear power, so was she likely to follow President Obama’s trillion-dollarpath to modernizing America’s nuclear arsenal.  All that, along with her sure-to-be-gargantuan military budget requests, were scattered to the winds by her ringing defeat.

Clinton’s foreign policy future had been a certainty.  Trump’s was another story entirely.  He had, for instance, called for a raft of military spending: growing the Army and Marines to a ridiculous size, building a Navy to reach a seemingly arbitrary and budget-busting number of ships, creating a mammoth air armada of fighter jets, pouring money into a missile defense boondoggle, and recruiting a legion of (presumably overweight) hackers to wage cyber war.  All of it to be paid for by cutting unnamed waste, ending unspecified “federal programs,” or somehow conjuring up dollars from hither and yon.  But was any of it serious?  Was any of it true?  Would President Trump actually make good on the promises of candidate Trump?  Or would he simply bark “Wrong!” when somebody accused him of pledging to field an army of 540,000 active duty soldiers or build a Navy of 350 ships. Would Trump actually attempt to implement his plan to defeat ISIS — that is, “bomb the shit out of them” and then “take the oil” of Iraq?  Or was that just the bellicose bluster of the campaign trail?  Would he be the reckless hawk Clinton promised to be, waging wars like the Libyan intervention?  Or would he follow the dictum of candidate Trump who said, “The current strategy of toppling regimes, with no plan for what to do the day after, only produces power vacuums that are filled by terrorists.” Outgoing representative Randy Forbes of Virginia, a contender to be secretary of the Navy in the new administration, recently said that the president elect would employ “an international defense strategy that is driven by the Pentagon and not by the political National Security Council… Because if you look around the globe, over the last eight years, the National Security Council has been writing that. And find one country anywhere that we are better off than we were eight years [ago], you cannot find it.”

Such a plan might actually blunt armed adventurism, since it was war-weary military officials who reportedly pushed back against President Obama’s plans to escalate Iraq War 3.0.  According to some Pentagon-watchers, a potentially hostile bureaucracy might also put the brakes on even fielding a national security team in a timely fashion. While Wall Street investors seemed convinced that the president elect would be good for defense industry giants like Lockheed Martin and General Dynamics, whose stocks surged in the wake of Trump’s win, it’s unclear whether that indicates a belief in more armed conflicts or simply more bloated military spending. Under President Obama, the U.S. has waged war in or carried out attacks on at least eight nations — Afghanistan, Iran, Iraq, Pakistan, Somalia, Yemen, Libya, and Syria.  A Clinton presidency promised more, perhaps markedly more, of the same — an attitude summed up in her infamous comment about the late Libyan autocrat Muammar Gaddafi: “We came, we saw, he died.”  Trump advisor Senator Jeff Sessions said, “Trump does not believe in war. He sees war as bad, destructive, death and a wealth destruction.”  Of course, Trump himself said he favors committing war crimes like torture and murder.  He’s also suggested that he would risk war over the sort of naval provocations — like Iranian ships sailing close to U.S. vessels — that are currently met with nothing graver than warning shots. So there’s good reason to assume Trump will be a Clintonesque hawk or even worse, but some reason to believe — due to his propensity for lies, bluster, and backing down — that he could also turn out to be less bellicose.