Group items tagged

Less than a week after the attacks in Paris — while the public and policymakers were still reeling, and the investigation had barely gotten off the ground — Cy Vance, Manhattan’s District Attorney, released a policy paper calling for legislation requiring companies to provide the government with backdoor access to their smartphones and other mobile devices. This is the first concrete proposal of this type since September 2014, when FBI Director James Comey reignited the “Crypto Wars” in response to Apple’s and Google’s decisions to use default encryption on their smartphones. Though Comey seized on Apple’s and Google’s decisions to encrypt their devices by default, his concerns are primarily related to end-to-end encryption, which protects communications that are in transit. Vance’s proposal, on the other hand, is only concerned with device encryption, which protects data stored on phones. It is still unclear whether encryption played any role in the Paris attacks, though we do know that the attackers were using unencrypted SMS text messages on the night of the attack, and that some of them were even known to intelligence agencies and had previously been under surveillance. But regardless of whether encryption was used at some point during the planning of the attacks, as I lay out below, prohibiting companies from selling encrypted devices would not prevent criminals or terrorists from being able to access unbreakable encryption. Vance’s primary complaint is that Apple’s and Google’s decisions to provide their customers with more secure devices through encryption interferes with criminal investigations. He claims encryption prevents law enforcement from accessing stored data like iMessages, photos and videos, Internet search histories, and third party app data. He makes several arguments to justify his proposal to build backdoors into encrypted smartphones, but none of them hold water.

Before addressing the major privacy, security, and implementation concerns that his proposal raises, it is worth noting that while an increase in use of fully encrypted devices could interfere with some law enforcement investigations, it will help prevent far more crimes — especially smartphone theft, and the consequent potential for identity theft. According to Consumer Reports, in 2014 there were more than two million victims of smartphone theft, and nearly two-thirds of all smartphone users either took no steps to secure their phones or their data or failed to implement passcode access for their phones. Default encryption could reduce instances of theft because perpetrators would no longer be able to break into the phone to steal the data.

Vance argues that creating a weakness in encryption to allow law enforcement to access data stored on devices does not raise serious concerns for security and privacy, since in order to exploit the vulnerability one would need access to the actual device. He considers this an acceptable risk, claiming it would not be the same as creating a widespread vulnerability in encryption protecting communications in transit (like emails), and that it would be cheap and easy for companies to implement. But Vance seems to be underestimating the risks involved with his plan. It is increasingly important that smartphones and other devices are protected by the strongest encryption possible. Our devices and the apps on them contain astonishing amounts of personal information, so much that an unprecedented level of harm could be caused if a smartphone or device with an exploitable vulnerability is stolen, not least in the forms of identity fraud and credit card theft. We bank on our phones, and have access to credit card payments with services like Apple Pay. Our contact lists are stored on our phones, including phone numbers, emails, social media accounts, and addresses. Passwords are often stored on people’s phones. And phones and apps are often full of personal details about their lives, from food diaries to logs of favorite places to personal photographs. Symantec conducted a study, where the company spread 50 “lost” phones in public to see what people who picked up the phones would do with them. The company found that 95 percent of those people tried to access the phone, and while nearly 90 percent tried to access private information stored on the phone or in other private accounts such as banking services and email, only 50 percent attempted contacting the owner.

European leaders, describing themselves as stunned by revelations of an extensive U.S. surveillance program that included their citizens, moved Monday to demand more information from the U.S. government and said they would discuss ways to bolster their already stringent privacy laws. And in Britain, where intelligence agencies have long had robust cooperation with their American counterparts, a top official tried Monday to limit potential uproar, telling Parliament that the partnership had not been used to circumvent British laws.

The discontent from Europe pointed to the breadth of fallout from the affair and to the potential for fresh strains between the United States and allies wary of American intrusiveness. German Chancellor Angela Merkel vowed to raise the issue when she meets in Berlin with President Obama next week, a spokesman said, and other German officials said they were concerned by the apparent monitoring of their citizens. Top officials of the 27-nation European Union also said they would press the U.S. government on the matter at bilateral meetings this week.

The PRISM surveillance program, portions of which were described in recent days by The Washington Post and the Guardian newspaper in Britain, makes clear that U.S. intelligence services now have the power to vacuum up data about telecommunications traffic across the world. An apparent snapshot from an NSA Boundless Informant database published on the Guardian’s Web site indicated that in March 2013, foreign intelligence gathering was primarily focused on the Middle East. For that month, more pieces of intelligence were gathered in Germany than anywhere else in Europe.In Germany, where memories of East German Stasi surveillance remain fresh, privacy has powerful defenders. Individual German states have pursued cases against Facebook and Google in recent years, complaining that the companies did not do enough to give users power over their own information. The breadth and ambitions of the U.S. intelligence program far exceed any issues raised previously with private firms.

HERE WAS A SIMPLE AIM at the heart of the top-secret program: Record the website browsing habits of “every visible user on the Internet.” Before long, billions of digital records about ordinary people’s online activities were being stored every day. Among them were details cataloging visits to porn, social media and news websites, search engines, chat forums, and blogs. The mass surveillance operation — code-named KARMA POLICE — was launched by British spies about seven years ago without any public debate or scrutiny. It was just one part of a giant global Internet spying apparatus built by the United Kingdom’s electronic eavesdropping agency, Government Communications Headquarters, or GCHQ. The revelations about the scope of the British agency’s surveillance are contained in documents obtained by The Intercept from National Security Agency whistleblower Edward Snowden. Previous reports based on the leaked files have exposed how GCHQ taps into Internet cables to monitor communications on a vast scale, but many details about what happens to the data after it has been vacuumed up have remained unclear.

Amid a renewed push from the U.K. government for more surveillance powers, more than two dozen documents being disclosed today by The Intercept reveal for the first time several major strands of GCHQ’s existing electronic eavesdropping capabilities.

The surveillance is underpinned by an opaque legal regime that has authorized GCHQ to sift through huge archives of metadata about the private phone calls, emails and Internet browsing logs of Brits, Americans, and any other citizens — all without a court order or judicial warrant

On Tuesday, the European court of justice, Europe’s supreme court, lobbed a grenade into the cosy, quasi-monopolistic world of the giant American internet companies. It did so by declaring invalid a decision made by the European commission in 2000 that US companies complying with its “safe harbour privacy principles” would be allowed to transfer personal data from the EU to the US. This judgment may not strike you as a big deal. You may also think that it has nothing to do with you. Wrong on both counts, but to see why, some background might be useful. The key thing to understand is that European and American views about the protection of personal data are radically different. We Europeans are very hot on it, whereas our American friends are – how shall I put it? – more relaxed.

Given that personal data constitutes the fuel on which internet companies such as Google and Facebook run, this meant that their exponential growth in the US market was greatly facilitated by that country’s tolerant data-protection laws. Once these companies embarked on global expansion, however, things got stickier. It was clear that the exploitation of personal data that is the core business of these outfits would be more difficult in Europe, especially given that their cloud-computing architectures involved constantly shuttling their users’ data between server farms in different parts of the world. Since Europe is a big market and millions of its citizens wished to use Facebook et al, the European commission obligingly came up with the “safe harbour” idea, which allowed companies complying with its seven principles to process the personal data of European citizens. The circle having been thus neatly squared, Facebook and friends continued merrily on their progress towards world domination. But then in the summer of 2013, Edward Snowden broke cover and revealed what really goes on in the mysterious world of cloud computing. At which point, an Austrian Facebook user, one Maximilian Schrems, realising that some or all of the data he had entrusted to Facebook was being transferred from its Irish subsidiary to servers in the United States, lodged a complaint with the Irish data protection commissioner. Schrems argued that, in the light of the Snowden revelations, the law and practice of the United States did not offer sufficient protection against surveillance of the data transferred to that country by the government.

The Irish data commissioner rejected the complaint on the grounds that the European commission’s safe harbour decision meant that the US ensured an adequate level of protection of Schrems’s personal data. Schrems disagreed, the case went to the Irish high court and thence to the European court of justice. On Tuesday, the court decided that the safe harbour agreement was invalid. At which point the balloon went up. “This is,” writes Professor Lorna Woods, an expert on these matters, “a judgment with very far-reaching implications, not just for governments but for companies the business model of which is based on data flows. It reiterates the significance of data protection as a human right and underlines that protection must be at a high level.”

America is in the choosing sides phase of the coming civil war. To use a college recruiting phrase, it is accurate to state that the letters of intent to join one side or another have mostly been signed and the commitments offered. However, there is one big uncommitted piece, but very soon the sides will be drawn.

Snowden: That’s the key—to maintain the garden of liberty, right? This is a generational thing that we must all do continuously. We only have the rights that we protect. It doesn’t matter what we say or think we have. It’s not enough to believe in something; it matters what we actually defend. So when we think in the context of the last decade’s infringements upon personal liberty and the last year’s revelations, it’s not about surveillance. It’s about liberty. When people say, “I have nothing to hide,” what they’re saying is, “My rights don’t matter.” Because you don’t need to justify your rights as a citizen—that inverts the model of responsibility. The government must justify its intrusion into your rights. If you stop defending your rights by saying, “I don’t need them in this context” or “I can’t understand this,” they are no longer rights. You have ceded the concept of your own rights. You’ve converted them into something you get as a revocable privilege from the government, something that can be abrogated at its convenience. And that has diminished the measure of liberty within a society.

From the very beginning, I said there are two tracks of reform: there’s the political and the technical. I don’t believe the political will be successful, for exactly the reasons you underlined. The issue is too abstract for average people, who have too many things going on in their lives. And we do not live in a revolutionary time. People are not prepared to contest power. We have a system of education that is really a sort of euphemism for indoctrination. It’s not designed to create critical thinkers. We have a media that goes along with the government by parroting phrases intended to provoke a certain emotional response—for example, “national security.” Everyone says “national security” to the point that we now must use the term “national security.” But it is not national security that they’re concerned with; it is state security. And that’s a key distinction. We don’t like to use the phrase “state security” in the United States because it reminds us of all the bad regimes. But it’s a key concept, because when these officials are out on TV, they’re not talking about what’s good for you. They’re not talking about what’s good for business. They’re not talking about what’s good for society. They’re talking about the protection and perpetuation of a national state system. I’m not an anarchist. I’m not saying, “Burn it to the ground.” But I’m saying we need to be aware of it, and we need to be able to distinguish when political developments are occurring that are contrary to the public interest. And that cannot happen if we do not question the premises on which they’re founded. And that’s why I don’t think political reform is likely to succeed. [Senators] Udall and Wyden, on the intelligence committee, have been sounding the alarm, but they are a minority.

The Nation: Every president—and this seems to be confirmed by history—will seek to maximize his or her power, and will see modern-day surveillance as part of that power. Who is going to restrain presidential power in this regard? Snowden: That’s why we have separate and co-equal branches. Maybe it will be Congress, maybe not. Might be the courts, might not. But the idea is that, over time, one of these will get the courage to do so. One of the saddest and most damaging legacies of the Bush administration is the increased assertion of the “state secrets” privilege, which kept organizations like the ACLU—which had cases of people who had actually been tortured and held in indefinite detention—from getting their day in court. The courts were afraid to challenge executive declarations of what would happen. Now, over the last year, we have seen—in almost every single court that has had this sort of national-security case—that they have become markedly more skeptical. People at civil-liberties organizations say it’s a sea change, and that it’s very clear judges have begun to question more critically assertions made by the executive. Even though it seems so obvious now, it is extraordinary in the context of the last decade, because courts had simply said they were not the best branch to adjudicate these claims—which is completely wrong, because they are the only nonpolitical branch. They are the branch that is specifically charged with deciding issues that cannot be impartially decided by politicians. The power of the presidency is important, but it is not determinative. Presidents should not be exempted from the same standards of reason and evidence and justification that any other citizen or civil movement should be held to.

A Russian venture capitalist and tech expert whose name and company are mentioned in the now-notorious document alleging connections between the Donald Trump campaign and Russian hackers says no intelligence officers have ever contacted him about the accusations, which he says are false.A report compiled by a former Western intelligence official as opposition research against Trump was made public Tuesday when BuzzFeed posted its 35 pages. The document included unsubstantiated claims of collusion between the Trump campaign team and the Kremlin.

It also alleged that global tech firm XBT Holding, with operations in Dallas, was instrumental in the hack of leaked Democratic Party emails that embarrassed Hillary Clinton and fellow Democrats.XBT, owner of Dallas-based enterprise-hosting company Webzilla, is run by a successful Russian tech startup expert, Aleksej Gubarev. In a phone interview from Cyprus, where he said he’d lived since 2002, Gubarev said he was surprised to see his name in the report.“I don’t know why I was there,” Gubarev said, adding that perhaps a competitor sought to discredit him. “I still don’t understand the true reason for this report.”The salacious innuendoes in the periodic reports about Trump’s personal life dominated social media headlines. The mention of Webzilla and Gubarev was among the more specific allegations: that XBT and affiliates “had been using botnets and porn traffic to transmit viruses, plant bugs, steal data and conduct ‘altering operations’ against the Democratic Party leadership.” Gubarev said he operated 75,000 servers across the globe and got real-time information if there had been hacking or illicit activity tied to his businesses. There is no evidence of that, he said, adding that no one has contacted him.“I have a physical office in Dallas. Nobody contacted me,” said Gubarev, adding that 40 percent of his business is handled over the servers it runs in Dallas and the United States accounts for about 27 percent of his global business.

McClatchy has reported that Sen. John McCain, R-Ariz., gave the bulk of the report to FBI Director James Comey on Dec. 9. The final pages of the report are dated Dec. 11. McClatchy had the report earlier but couldn’t verify any of its allegations. A federal law enforcement source told McClatchy that the document was being examined as part of a broader FBI inquiry into Russia’s influence on the U.S. election but wouldn’t characterize its credibility. A source familiar with the former Western intelligence expert who compiled the dossier told McClatchy that the ex-spy has extensive experience in tracking activities in the Kremlin.The report alleges that Gubarev and another hacking expert were recruited under duress by the FSB, the Russian intelligence-agency successor to the KGB. Gubarev said he had not been threatened or blackmailed, nor had his mother, who lives in Russia.

The National Security Agency is winning its long-running secret war on encryption, using supercomputers, technical trickery, court orders and behind-the-scenes persuasion to undermine the major tools protecting the privacy of everyday communications in the Internet age, according to newly disclosed documents.

The agency has circumvented or cracked much of the encryption, or digital scrambling, that guards global commerce and banking systems, protects sensitive data like trade secrets and medical records, and automatically secures the e-mails, Web searches, Internet chats and phone calls of Americans and others around the world, the documents show.

The N.S.A. hacked into target computers to snare messages before they were encrypted. In some cases, companies say they were coerced by the government into handing over their master encryption keys or building in a back door. And the agency used its influence as the world’s most experienced code maker to covertly introduce weaknesses into the encryption standards followed by hardware and software developers around the world.

"In a review of NSA surveillance last month, President Obama called for a new approach on telephony metadata that will 'establish a mechanism that preserves the capabilities we need without the government holding this bulk metadata.' Obama said that a third party holding all the data in a single, consolidated database would be essentially doing what is a government function, and may not increase public confidence that its privacy is being protected. Now, an RFI (request for information) has been posted to get information on U.S. industry's commercially available capabilities, so that the government can investigate alternative approaches."

Almost before the votes were counted in the recent Greek elections, battle lines were being drawn all over Europe. While Alexis Tsipras, the newly elected Prime Minister from Greece’s victorious Syriza Party, was telling voters, “Greece is leaving behind catastrophic austerity, fear and autocratic government,” Jens Weidmann, president of the German Bundesbank, was warning the new government not to “make promises it cannot keep and the country cannot afford.”   On Feb. 12 those two points of view will collide when European Union (EU) heads of state gather in Brussels. Whether the storm blowing out of Southern Europe proves an irresistible force, or the European Council an immovable object, is not clear, but whatever the outcome, the continent is not likely to be the same after that meeting.   The Jan 25 victory of Greece’s leftwing Syriza Party was, on one hand, a beacon for indebted countries like Spain, Portugal, Italy and Ireland. On the other, it is a gauntlet for Germany, the Netherlands, Finland, and the “troika”—the European Central bank, the European Commission, and the International Monetary Fund (IMF)—the designers and enforcers of loans and austerity policies that have inflicted a catastrophic economic and social crisis on tens of millions of Europeans.

The troika’s policies were billed as “bailouts” for countries mired in debt—one largely caused by the 2008 financial speculation bubble over which indebted countries had little control—and as a way to restart economic growth. In return for the loans, the EU and the troika demanded massive cutbacks in social services, huge layoffs, privatization of pubic resources, and higher taxes.   However, the “bailouts” did not go toward stimulating economies, but rather to repay creditors, mostly large European banks. Out of the $266 billion loaned to Greece, 89 percent went to investors. After five years under the troika formula, Greece was the most indebted country in Europe. Gross national product dropped 26 percent, unemployment topped 27 percent (and over 50 percent for young people), and one-third of the population lost their health care coverage.   Given a chance to finally vote on the austerity strategy, Greeks overwhelmingly rejected the parties that went along with the troika and elected Syriza.

Gerry Adams of Sinn Fein—now the third largest party in the Irish Republic—hailed the vote as opening “up the real prospect of democratic change, not just for the people of Greece, but for citizens right across the EU.” Unemployment in Ireland is 10.7 percent, and tens of thousands of jobless young people have been forced to emigrate.   The German Social Democrats are generally supportive of the troika, but the Green Party hailed the Syriza victory and Die Linke Party members marched with signs reading, “We start with Greece. We change Europe.”   Italian Prime Minister Matteo Renzi—who has his own issues with the EU’s rigid approach to debt—hailed the Greek elections, and top aide Sandro Gozi said that Rome was ready to work with Syriza. The jobless rate in Italy is 13.4 percent, but 40 percent among youth.

Micah Lee: What are some operational security practices you think everyone should adopt? Just useful stuff for average people. Edward Snowden: [Opsec] is important even if you’re not worried about the NSA. Because when you think about who the victims of surveillance are, on a day-to-day basis, you’re thinking about people who are in abusive spousal relationships, you’re thinking about people who are concerned about stalkers, you’re thinking about children who are concerned about their parents overhearing things. It’s to reclaim a level of privacy. The first step that anyone could take is to encrypt their phone calls and their text messages. You can do that through the smartphone app Signal, by Open Whisper Systems. It’s free, and you can just download it immediately. And anybody you’re talking to now, their communications, if it’s intercepted, can’t be read by adversaries. [Signal is available for iOS and Android, and, unlike a lot of security tools, is very easy to use.] You should encrypt your hard disk, so that if your computer is stolen the information isn’t obtainable to an adversary — pictures, where you live, where you work, where your kids are, where you go to school. [I’ve written a guide to encrypting your disk on Windows, Mac, and Linux.] Use a password manager. One of the main things that gets people’s private information exposed, not necessarily to the most powerful adversaries, but to the most common ones, are data dumps. Your credentials may be revealed because some service you stopped using in 2007 gets hacked, and your password that you were using for that one site also works for your Gmail account. A password manager allows you to create unique passwords for every site that are unbreakable, but you don’t have the burden of memorizing them. [The password manager KeePassX is free, open source, cross-platform, and never stores anything in the cloud.]

The other thing there is two-factor authentication. The value of this is if someone does steal your password, or it’s left or exposed somewhere … [two-factor authentication] allows the provider to send you a secondary means of authentication — a text message or something like that. [If you enable two-factor authentication, an attacker needs both your password as the first factor and a physical device, like your phone, as your second factor, to login to your account. Gmail, Facebook, Twitter, Dropbox, GitHub, Battle.net, and tons of other services all support two-factor authentication.]

We should armor ourselves using systems we can rely on every day. This doesn’t need to be an extraordinary lifestyle change. It doesn’t have to be something that is disruptive. It should be invisible, it should be atmospheric, it should be something that happens painlessly, effortlessly. This is why I like apps like Signal, because they’re low friction. It doesn’t require you to re-order your life. It doesn’t require you to change your method of communications. You can use it right now to talk to your friends.

Recent revelations about the extent of surveillance by the U.S. National Security Agency come as no surprise to those with a technical background in the workings of digital communications. The leaked documents show how the NSA has taken advantage of the increased use of digital communications and cloud services, coupled with outdated privacy laws, to expand and streamline their surveillance programs. This is a predictable response to the shrinking cost and growing efficiency of surveillance brought about by new technology. The extent to which technology has reduced the time and cost necessary to conduct surveillance should play an important role in our national discussion of this issue.

What we have learned about the NSA’s capabilities suggests a move toward programmatic, automated surveillance previously unfathomable due to limitations of computing speed, scale, and cost. Technical advances have both reduced the barriers to surveillance and increased the NSA’s capacity for it. We need to remember that this is a trend with a firm lower bound. Once the cost of surveillance reaches zero we will be left with our outdated laws as the only protection. Whatever policy actions are taken as a result of the recent leaks should address the fact that technical barriers such as cost and speed offer dwindling protection from unwarranted government surveillance domestically and abroad.

(Reuters) - China's Ministry of Public Security and a cabinet-level research center are preparing to investigate IBM Corp, Oracle Corp and EMC Corp over security issues, the official Shanghai Securities News said on Friday. The report follows revelations by former U.S. spy agency contractor Edward Snowden of widespread surveillance by the National Security Agency. It also comes as Beijing probes Western drugmakers over allegations of bribery and over-pricing.

China has been a focal point for the Snowden case since he stopped in Hong Kong en route to Moscow. He also claimed that the NSA hacked into critical network infrastructure at universities in China and in Hong Kong.Daniel Castro, a senior analyst with the Information Technology & Information Foundation, said he was concerned that a Chinese government probe could result in demands for U.S. companies to provide authorities with the blueprints to their technology so that Beijing can screen them for potential security threats.

Some experts have warned that Snowden's leaks could hurt the sales of U.S. technology companies in Asia and Europe, as reports of their complicity with NSA spying programs may lead foreign businesses and governments to purchase equipment and services from non-U.S. suppliers.The foundation, a think tank, last week projected that U.S. cloud computing firms could lose $21.5 billion in sales over the next three years, eventually ceding 10 percent of the foreign market to European and Asian competitors.

Cass Sunstein has long been one of Barack Obama’s closest confidants.  Often mentioned as a likely Obama nominee to the Supreme Court, Sunstein is currently Obama’s head of the Office of Information and Regulatory Affairs where, among other things, he is responsible for “overseeing policies relating to privacy, information quality, and statistical programs.”  In 2008, while at Harvard Law School, Sunstein co-wrote a truly pernicious paper proposing that the U.S. Government employ teams of covert agents and pseudo-”independent” advocates to “cognitively infiltrate” online groups and websites — as well as other activist groups — which advocate views that Sunstein deems “false conspiracy theories” about the Government.  This would be designed to increase citizens’ faith in government officials and undermine the credibility of conspiracists.  The paper’s abstract can be read, and the full paper downloaded, here. Sunstein advocates that the Government’s stealth infiltration should be accomplished by sending covert agents into “chat rooms, online social networks, or even real-space groups.”  He also proposes that the Government make secret payments to so-called “independent” credible voices to bolster the Government’s messaging (on the ground that those who don’t believe government sources will be more inclined to listen to those who appear independent while secretly acting on behalf of the Government).   This program would target those advocating false “conspiracy theories,” which they define to mean: “an attempt to explain an event or practice by reference to the machinations of powerful people, who have also managed to conceal their role.”  Sunstein’s 2008 paper was flagged by this blogger, and then amplified in an excellent report by Raw Story‘s Daniel Tencer.

There’s no evidence that the Obama administration has actually implemented a program exactly of the type advocated by Sunstein, though in light of this paper and the fact that Sunstein’s position would include exactly such policies, that question certainly ought to be asked.  Regardless, Sunstein’s closeness to the President, as well as the highly influential position he occupies, merits an examination of the mentality behind what he wrote.  This isn’t an instance where some government official wrote a bizarre paper in college 30 years ago about matters unrelated to his official powers; this was written 18 months ago, at a time when the ascendancy of Sunstein’s close friend to the Presidency looked likely, in exactly the area he now oversees.  Additionally, the government-controlled messaging that Sunstein desires has been a prominent feature of U.S. Government actions over the last decade, including in some recently revealed practices of the current administration, and the mindset in which it is grounded explains a great deal about our political class.  All of that makes Sunstein’s paper worth examining in greater detail.

Initially, note how similar Sunstein’s proposal is to multiple, controversial stealth efforts by the Bush administration to secretly influence and shape our political debates.  The Bush Pentagon employed teams of former Generals to pose as “independent analysts” in the media while secretly coordinating their talking points and messaging about wars and detention policies with the Pentagon.  Bush officials secretly paid supposedly “independent” voices, such as Armstrong Williams and Maggie Gallagher, to advocate pro-Bush policies while failing to disclose their contracts.  In Iraq, the Bush Pentagon hired a company, Lincoln Park, which paid newspapers to plant pro-U.S. articles while pretending it came from Iraqi citizens.  In response to all of this, Democrats typically accused the Bush administration of engaging in government-sponsored propaganda — and when it was done domestically, suggested this was illegal propaganda.  Indeed, there is a very strong case to make that what Sunstein is advocating is itself illegal under long-standing statutes prohibiting government ”propaganda” within the U.S., aimed at American citizens: As explained in a March 21, 2005 report by the Congressional Research Service, “publicity or propaganda” is defined by the U.S. Government Accountability Office (GAO) to mean either (1) self-aggrandizement by public officials, (2) purely partisan activity, or (3) “covert propaganda.”  By covert propaganda, GAO means information which originates from the government but is unattributed and made to appear as though it came from a third party.

For two weeks in May, it looked as though privacy advocates had scored a tenuous victory against the widespread surveillance practices exposed by Edward Snowden a year ago. Then came a resurgent intelligence community, armed with pens, and dry, legislative language.During several protracted sessions in secure rooms in the Capitol, intelligence veterans, often backed by the congressional leadership, sparred with House aides to abridge privacy and transparency provisions contained in the first bill rolling back National Security Agency spying powers in more than three decades. The revisions took place in secret after two congressional committees had passed the bill. The NSA and its allies took creative advantage of a twilight legislative period permitting technical or cosmetic language changes.The episode shows the lengths to which the architects and advocates of bulk surveillance have gone to preserve their authorities in the time since the Guardian, 12 months ago today, began disclosing the scope of NSA data collection. That resistance to change, aided by the power and trust enjoyed by the NSA on Capitol Hill, helps explain why most NSA powers remain intact a year after the largest leak in the agency's histo

But exactly one year on, the NSA’s greatest wound so far has been its PR difficulties. The agency, under public pressure, has divested itself of exactly one activity, the bulk collection of US phone data. Yet while the NSA will not itself continue to gather the data directly, the major post-Snowden legislative fix grants the agency wide berth in accessing and searching large volumes of phone records, and even wider latitude in collecting other kinds of data.There are no other mandated reforms.

Some NSA critics look to the courts for a fuller tally of their victories in the wake of the Snowden disclosures. Judges have begun to permit defendants to see evidence gathered against them that had its origins in NSA email or call intercepts, which could disrupt prosecutions or invalidate convictions. At least one such defendant, in Colorado, is seeking the exclusion of such evidence, arguing that its use in court is illegal.Still other cases challenging the surveillance efforts have gotten beyond the government’s longtime insistence that accusers cannot prove they were spied upon, as the Snowden trove demonstrated a dragnet that presumptively touched every American’s phone records. This week, an Idaho federal judge implored the supreme court to settle the question of the bulk surveillance's constitutionality."The litigation now is about the merits. It’s about the lawfulness of the surveillance program," said Jameel Jaffer, the ACLU’s deputy legal director.

In an interesting bit of timing, just as the Washington Post was breaking the news that the NSA had infiltrated Google and Yahoo's cloud data by hacking into the (stupidly) unencrypted data links between data centers, it turned out that NSA boss Keith Alexander was on stage at a Bloomberg Government Cybersecurity conference. He was asked about the report, and he tried to tap dance around it by claiming the NSA doesn't have access to Yahoo and Google's servers. The Guardian has a brief summary: Alexander, asked about the Post report, denied it. “Not to my knowledge, that’s never happened,” the NSA director said, before reiterating an earlier denial Prism gave the NSA direct access to the servers of its internet service provider partners. “Everything we do with those companies that work with us, they are compelled to work with us,” Alexander said. “These are specific requirements that come from a court order. This is not the NSA breaking into any databases. It would be illegal for us to do that. So I don’t know what the report is, but I can tell you factually: we do not have access to Google servers, Yahoo servers, dot-dot-dot. We go through a court order.” But, of course, in typical Alexander fashion, he's choosing his words carefully -- and thankfully people can more easily see through it at this point, since they're getting so used to it. The report didn't say they were accessing those companies' servers or databases, but rather hacking into the network connection between their data centers. That's like a report breaking of the NSA hijacking armored cars with cash, and Alexander claiming "we didn't break into the bank." Nice try.

U.S. technology companies are in danger of losing more business to foreign competitors if the National Security Agency’s power to spy on customers isn’t curbed, researchers with the New America Foundation said in a report today. The report, by the foundation’s Open Technology Institute, called for prohibiting the NSA from collecting data in bulk, while letting companies report more details about what information they give the government. Senate legislation introduced today would fulfill some recommendations by the institute, a Washington-based advocacy group that has been critical of NSA programs.

Now that one of Benjamin Netanyahu's closest confidants has turned state witness, according to Israeli media reports Wednesday, it may mark a turning point for the beleaguered prime minister facing a slew of corruption allegations that could topple him from power. The testimony by Shlomo Filber, a long-time Netanyahu aide, is the latest in a dizzying series of developments and scandals that have engulfed the prime minister, his family and his inner circle. Police would not confirm whether Filber would testify against Netanyahu, but all the major Israeli media outlets said a deal to do so had been reached. Aluf Benn, editor-in-chief of the Haaretz daily, wrote Wednesday that "these are the final days of Benjamin Netanyahu's rule" and that "Netanyahu's leadership has been dealt a harsh blow, apparently a mortal one."

Former Prime Minister Ehud Barak, a bitter rival of Netanyahu, told Channel 10 TV "there is no way back" for the premier. "This chapter in the political history of Israel is about to end," he said. Barak said he closely knows Netanyahu and believes he "understands that this is the end of the story" but will try and postpone the inevitable in different ways. Other leading Israeli columnists on Wednesday suggested that if Filber told all he knew, Netanyahu was probably more worried about avoiding prison than staying in office. "When so many dark clouds accumulate in the sky, the chances of rain increase," wrote Nahum Barnea in Yediot Ahronot. "His appearance lent the fight he is waging the dimensions of a Shakespearean tragedy. This isn't the end. It isn't even the beginning of the end. But it cannot have a different end."

Filber, the former director of the Communications Ministry under Netanyahu, is under arrest on suspicion of promoting regulation worth hundreds of millions of dollars to Israel's Bezeq telecom company. In return, Bezeq's popular news site, Walla, allegedly provided favorable coverage of Netanyahu and his family. The reports came shortly after another bombshell allegation that a different Netanyahu confidant attempted to bribe a judge in exchange for dropping a corruption case against Netanyahu's wife. Nir Hefetz, a longtime media adviser to Netanyahu and his family, remains in custody. The prime minister, who held the communications portfolio until last year, has not yet been named a suspect, though he may soon be questioned. Netanyahu has denied all the charges, calling them part of a media-orchestrated witch hunt that has swept up the police and prosecution as well, and has vowed to carry on. Still, the string of accusations appears to be taking its toll. Senior Cabinet ministers from Netanyahu's ruling Likud party, who until just recently have marched out dutifully to defend him, have largely gone silent. Netanyahu himself appeared ashen in a video released late Tuesday calling the claims "total madness."