Group items tagged

A secret US cybersecurity report warned that government and private computers were being left vulnerable to online attacks from Russia, China and criminal gangs because encryption technologies were not being implemented fast enough. The advice, in a newly uncovered five-year forecast written in 2009, contrasts with the pledge made by David Cameron this week to crack down on encryption use by technology companies.

In the wake of the Paris terror attacks, the prime minister said there should be no “safe spaces for terrorists to communicate” or that British authorites could not access. Cameron, who landed in the US on Thursday night, is expected to urge Barack Obama to apply more pressure to tech giants, such as Apple, Google and Facebook, which have been expanding encrypted messaging for their millions of users since the revelations of mass NSA surveillance by the whistleblower Edward Snowden.

Cameron said the companies “need to work with us. They need also to demonstrate, which they do, that they have a social responsibility to fight the battle against terrorism. We shouldn’t allow safe spaces for terrorists to communicate. That’s a huge challenge but that’s certainly the right principle”. But the document from the US National Intelligence Council, which reports directly to the US director of national intelligence, made clear that encryption was the “best defence” for computer users to protect private data. Part of the cache given to the Guardian by Snowden was published in 2009 and gives a five-year forecast on the “global cyber threat to the US information infrastructure”. It covers communications, commercial and financial networks, and government and critical infrastructure systems. It was shared with GCHQ and made available to the agency’s staff through its intranet.

A group of 47 Republican senators has written an open letter to Iran's leaders warning them that any nuclear deal they sign with President Barack Obama's administration won’t last after Obama leaves office. Organized by freshman Senator Tom Cotton and signed by the chamber's entire party leadership as well as potential 2016 presidential contenders Marco Rubio, Ted Cruz and Rand Paul, the letter is meant not just to discourage the Iranian regime from signing a deal but also to pressure the White House into giving Congress some authority over the process. “It has come to our attention while observing your nuclear negotiations with our government that you may not fully understand our constitutional system … Anything not approved by Congress is a mere executive agreement,” the senators wrote. “The next president could revoke such an executive agreement with the stroke of a pen and future Congresses could modify the terms of the agreement at any time.”

Arms-control advocates and supporters of the negotiations argue that the next president and the next Congress will have a hard time changing or canceling any Iran deal -- -- which is reportedly near done -- especially if it is working reasonably well. Many inside the Republican caucus, however, hope that by pointing out the long-term fragility of a deal with no congressional approval -- something Supreme Leader Ayatollah Ali Khamenei has also noted -- the Iranian regime might be convinced to think twice. "Iran's ayatollahs need to know before agreeing to any nuclear deal that … any unilateral executive agreement is one they accept at their own peril,” Cotton told me. The issue has already become part of the 2016 GOP campaign. Former Florida Governor Jeb Bush came out against the negotiations in a speech at the Chicago Council last month. Former Texas Governor Rick Perry released a video criticizing the negotiations and calling for Congressional oversight. “An arms control agreement that excludes our Congress, damages our security and endangers our allies has to be reconsidered by any future president,” Perry said. Republicans also have a new argument to make in asserting their role in the diplomatic process: Vice President Joe Biden similarly insisted -- in a letter to then-Secretary of State Colin Powell -- on congressional approval for the Moscow Treaty on strategic nuclear weapons with Russia in 2002, when he was head of the Senate Foreign Relations Committee.

The new letter is the latest piece of an effort by Senators in both parties to ensure that Congress will have some say if and when a deal is signed. Senators Bob Corker, Lindsey Graham, Tim Kaine and the embattled Bob Menendez have a bill pending that would mandate a Congressional review of the Iran deal, but Republicans and Democrats have been bickering over how to proceed in the face of a threatened presidential veto. Still, Senators from both parties are united in an insistence that, at some point, the administration will need their buy-in for any nuclear deal with Iran to succeed. There’s no sign yet that Obama believes this -- or, if he does, that he plans to engage Congress in any meaningful way.

The chairman of the Senate Foreign Relations Committee urged President Obama on Thursday not to seek a United Nations endorsement of the emerging nuclear agreement with Iran without first giving Congress a chance to vote on it.The warning was the latest twist in an increasingly tense standoff between the White House and congressional Republicans over the potential deal, which would impose limits on Iran’s nuclear program in return for lifting economic sanctions.“There are now reports that your administration is contemplating taking an agreement, or aspects of it, to the United Nations Security Council for a vote,” Senator Bob Corker, Republican of Tennessee, wrote in a letter to Mr. Obama, which was made public by his office.

“Enabling the United Nations to consider an agreement or portions of it” without allowing Congress to vote on the agreement would be “a direct affront to the American people and seeks to undermine Congress’s appropriate role,” Mr. Corker added.

The Obama administration does not plan to seek congressional approval for the potential accord, which is expected to last about 15 years.Secretary of State John Kerry acknowledged in testimony to Mr. Corker’s committee on Wednesday that without a congressional vote, the deal would not be “legally binding” on the succession of United States presidents who would be charged with carrying it out. But he said he was confident that future presidents would uphold an agreement as long as Iran fulfilled its obligations under the accord.

Soon after the U.S. and other major powers entered negotiations last year to curtail Iran’s nuclear program, senior White House officials learned Israel was spying on the closed-door talks. The spying operation was part of a broader campaign by Israeli Prime Minister Benjamin Netanyahu’s government to penetrate the negotiations and then help build a case against the emerging terms of the deal, current and former U.S. officials said. In addition to eavesdropping, Israel acquired information from confidential U.S. briefings, informants and diplomatic contacts in Europe, the officials said.

The espionage didn’t upset the White House as much as Israel’s sharing of inside information with U.S. lawmakers and others to drain support from a high-stakes deal intended to limit Iran’s nuclear program, current and former officials said. “It is one thing for the U.S. and Israel to spy on each other. It is another thing for Israel to steal U.S. secrets and play them back to U.S. legislators to undermine U.S. diplomacy,” said a senior U.S. official briefed on the matter.

The U.S. and Israel, longtime allies who routinely swap information on security threats, sometimes operate behind the scenes like spy-versus-spy rivals. The White House has largely tolerated Israeli snooping on U.S. policy makers—a posture Israel takes when the tables are turned. The White House discovered the operation, in fact, when U.S. intelligence agencies spying on Israel intercepted communications among Israeli officials that carried details the U.S. believed could have come only from access to the confidential talks, officials briefed on the matter said. Israeli officials denied spying directly on U.S. negotiators and said they received their information through other means, including close surveillance of Iranian leaders receiving the latest U.S. and European offers. European officials, particularly the French, also have been more transparent with Israel about the closed-door discussions than the Americans, Israeli and U.S. officials said.

n response to criticism of the hefty fees that could be charged to public requesters in its new Mandatory Declassification Review (MDR) rule, the Office of the Director of National Intelligence has agreed to modify the rule. The revised rule will adopt the more flexible and forgiving approach used in ODNI’s Freedom of Information Act (FOIA) program. “We will pull back the MDR rule and swap out the fee structure there for the fee structure in the FOIA policy,” said Jennifer Hudson, director of the ODNI Information Management Division. This represents a substantial change. In comments on the rule submitted yesterday by the Federation of American Scientists, we recommended such a change. We noted that the MDR fee schedule was inconsistent in several respects with existing law and policy and, in particular, that it differed from the cost recovery procedures in ODNI’s FOIA program: *     The MDR rule would charge 50 cents per page for photocopying, but ODNI charges only 10 cents per page for responses to FOIA requests. *     The MDR rule would have made requesters responsible “for paying all fees,” but ODNI always waives costs of $10 or lower under FOIA. *     The MDR rule did not provide for discretionary fee waivers for public interest or other reasons, but the FOIA policy does.

Now all of these discrepancies will be eliminated. Perhaps most significantly, “We will also make sure that there is room [in the MDR process] for discretion in charging fees,” Ms. Hudson said in an email message. “I’m sure you know from looking at our FOIA reports that we have exercised our discretion to not charge fees quite a bit in the past.” She noted, however, that “The search/review charges are identical” under the proposed MDR rule and under FOIA. “FOIA just breaks [the charges] down into 15 minute increments where the MDR rule is by the hour. The end result is the same.” “At the end of the day, I don’t think it will make as much of a difference as people think,” she said.

The first (and thus far only) roll-back of post-9/11 surveillance authorities was implemented over the weekend: The National Security Agency shuttered its program for collecting and holding the metadata of Americans’ phone calls under Section 215 of the Patriot Act. While bulk collection under Section 215 has ended, the government can obtain access to this information under the procedures specified in the USA Freedom Act. Indeed, some experts have argued that the Agency likely has access to more metadata because its earlier dragnet didn’t cover cell phones or Internet calling. In addition, the metadata of calls made by an individual in the United States to someone overseas and vice versa can still be collected in bulk — this takes place abroad under Executive Order 12333. No doubt the NSA wishes that this was the end of the surveillance reform story and the Paris attacks initially gave them an opening. John Brennan, the Director of the CIA, implied that the attacks were somehow related to “hand wringing” about spying and Sen. Tom Cotton (R-Ark.) introduced a bill to delay the shut down of the 215 program. Opponents of encryption were quick to say: “I told you so.”

But the facts that have emerged thus far tell a different story. It appears that much of the planning took place IRL (that’s “in real life” for those of you who don’t have teenagers). The attackers, several of whom were on law enforcement’s radar, communicated openly over the Internet. If France ever has a 9/11 Commission-type inquiry, it could well conclude that the Paris attacks were a failure of the intelligence agencies rather than a failure of intelligence authorities. Despite the passage of the USA Freedom Act, US surveillance authorities have remained largely intact. Section 702 of the FISA Amendments Act — which is the basis of programs like PRISM and the NSA’s Upstream collection of information from Internet cables — sunsets in the summer of 2017. While it’s difficult to predict the political environment that far out, meaningful reform of Section 702 faces significant obstacles. Unlike the Section 215 program, which was clearly aimed at Americans, Section 702 is supposedly targeted at foreigners and only picks up information about Americans “incidentally.” The NSA has refused to provide an estimate of how many Americans’ information it collects under Section 702, despite repeated requests from lawmakers and most recently a large cohort of advocates. The Section 215 program was held illegal by two federal courts (here and here), but civil attempts to challenge Section 702 have run into standing barriers. Finally, while two review panels concluded that the Section 215 program provided little counterterrorism benefit (here and here), they found that the Section 702 program had been useful.

There is, nonetheless, some pressure to narrow the reach of Section 702. The recent decision by the European Court of Justice in the safe harbor case suggests that data flows between Europe and the US may be restricted unless the PRISM program is modified to protect the information of Europeans (see here, here, and here for discussion of the decision and reform options). Pressure from Internet companies whose business is suffering — estimates run to the tune of $35 to 180 billion — as a result of disclosures about NSA spying may also nudge lawmakers towards reform. One of the courts currently considering criminal cases which rely on evidence derived from Section 702 surveillance may hold the program unconstitutional either on the basis of the Fourth Amendment or Article III for the reasons set out in this Brennan Center report. A federal district court in Colorado recently rejected such a challenge, although as explained in Steve’s post, the decision did not seriously explore the issues. Further litigation in the European courts too could have an impact on the debate.

ou know the old joke: How do you make a killing on Wall Street and never risk a loss? Easy—use other people’s money. Jamie Dimon and his underlings at JPMorgan Chase have perfected this dark art at America’s largest bank, which boasts a balance sheet one-eighth the size of the entire US economy.1 After JPMorgan’s deceitful activities in the housing market helped trigger the 2008 financial crash that cost millions of Americans their jobs, homes, and life savings, punishment was in order. Among a vast array of misconduct, JPMorgan engaged in the routine use of “robo-signing,” which allowed bank employees to automatically sign hundreds, even thousands, of foreclosure documents per day without verifying their contents. But in the United States, white-collar criminals rarely go to prison; instead, they negotiate settlements. Thus, on February 9, 2012, US Attorney General Eric Holder announced the National Mortgage Settlement, which fined JPMorgan Chase and four other mega-banks a total of $25 billion.2 JPMorgan’s share of the settlement was $5.3 billion, but only $1.1 billion had to be paid in cash; the other $4.2 billion was to come in the form of financial relief for homeowners in danger of losing their homes to foreclosure. The settlement called for JPMorgan to reduce the amounts owed, modify the loan terms, and take other steps to help distressed Americans keep their homes. A separate 2013 settlement against the bank for deceiving mortgage investors included another $4 billion in consumer relief.3 A Nation investigation can now reveal how JPMorgan met part of its $8.2 billion settlement burden: by using other people’s money.4 Here’s how the alleged scam worked. JPMorgan moved to forgive the mortgages of tens of thousands of homeowners; the feds, in turn, credited these canceled loans against the penalties due under the 2012 and 2013 settlements. But here’s the rub: In many instances, JPMorgan was forgiving loans on properties it no longer owned.5 The alleged fraud is described in internal JPMorgan documents, public records, testimony from homeowners and investors burned in the scam, and other evidence presented in a blockbuster lawsuit against JPMorgan, now being heard in US District Court in New York City.6 JPMorgan no longer owned the properties because it had sold the mortgages years earlier to 21 third-party investors, including three companies owned by Larry Schneider. Those companies are the plaintiffs in the lawsuit; Schneider is also aiding the federal government in a related case against the bank. In a bizarre twist, a company associated with the Church of Scientology facilitated the apparent scheme. Nationwide Title Clearing, a document-processing company with close ties to the church, produced and filed the documents that JPMorgan needed to claim ownership and cancel the loans.