Group items tagged

NSA as the cause of the next major disruption in the social networking service industry?  Grief ahead for Google? Note the point made that: "It's impossible to do a cloud-based ad supported service" where the encryption/decryption takes place on the client side. 

Another take on it from EFF: https://www.eff.org/deeplinks/2015/10/europes-court-justice-nsa-surveilance Expected since the Court's Advocate General released an opinion last week, presaging today's opinion.  Very big bucks involved behind the scenes because removing U.S.-based internet companies from the scene in the E.U. would pave the way for growth of E.U.-based companies.  The way forward for the U.S. companies is even more dicey because of a case now pending in the U.S.  The Second U.S. Circuit Court of Appeals is about to decide a related case in which Microsoft was ordered by the lower court to produce email records stored on a server in Ireland. . Should the Second Circuit uphold the order and the Supreme Court deny review, then under the principles announced today by the Court in the E.U., no U.S.-based company could ever be allowed to have "possession, custody, or control" of the data of E.U. citizens. You can bet that the E.U. case will weigh heavily in the Second Circuit's deliberations.  The E.U. decision is by far and away the largest legal event yet flowing out of the Edward Snowden disclosures, tectonic in scale. Up to now, Congress has succeeded in confining all NSA reforms to apply only to U.S. citizens. But now the large U.S. internet companies, Google, Facebook, Microsoft, Dropbox, etc., face the loss of all Europe as a market. Congress *will* be forced by their lobbying power to extend privacy protections to "non-U.S. persons."  Thank you again, Edward Snowden.

Considering that I'm over 10 times as likely to die from a police shoooting as I am from a terrorist attack, how about we begin this conversation, Mr. Comey, by you providing formal notice to everyone who's had the telephone metadata gathered or searched all dates on which such gatherings and searches were conducted so citizens can file suit for violation of their privacy rights? Note that the Second U.S. Circuit Court of Appeals held last week that the FBI exceeded statutory authority in gathering and searching that information. Because the gathering and searching was not authorized, that would bring the gathering and searching under the protections of the Privacy Act, including the FBI duty to account for the disclosures  and to pay at least the statutory minimum $1,500 in damges per incident.  Then I would like to have an itemization of all of the commercial software and hardware products that your agency and or your buddies at NSA built backdoors into.  Then your resignation for millions of violations of the Privacy Act would be deeply appreciated. Please feel free to delegate the above mentioned tasks to your successor. 

"Whether you think NSA whistleblower Edward Snowden is a hero or a traitor, you have to admit: The guy knows how to keep his information secure. The fact that Snowden isn't sitting in Guantanamo right now with ankle cuffs and a bag over his head demonstrates his ability to avoid detection. Snowden spoke at the Hope X conference in New York this month via a Google+ Hangout from Russia, and called on developers to build privacy and security into everyday products. He also hinted that he planned to work on building such technology. If you look into the details of what's been happening with tracking, surveillance, spying, hacking and global cyber industrial espionage, you can see that Snowden is right. We all need a lot better protection from snoops of all stripes. But how does the non-expert get started? One option is to listen to Snowden himself. Over the past year, Snowden has in one format or another, made specific product recommendations. Here are the products Snowden has explicitly recommended since the trove of documents on the NSA has been publicly revealed. (The list is in alphabetical order.) Ghostery Ghostery, made by a company called Evidon, is a browser extension for Chrome, Firefox, Safari and Internet Explorer. It exists for two purposes. The first is to block tracking code, which makes browsing the web both more private and also faster. The second purpose is, somewhat contradictory -- Evidon collects data from you to help advertisers avoid being blocked. It also enables website owners to gain insights into the tracking code deployed on their site by third-party advertising companies. Note that Snowden recommended Ghostery some time ago. But this month, the Electronic Frontier Foundation launched a competing product that I would imagine Snowden would recommend called Privacy Badger."

I'd back Snowden in 2016 as a write-in candidate for President.

The Privacy Act, 5 U.S.C. 552a, provides in relevant part: "(a)(4) the term "record" means any item, collection, or grouping of information about an individual that is maintained by an agency, including, but not limited to, his education, financial transactions, medical history, and criminal or employment history and that contains his name, or the identifying number, symbol, or other identifying particular assigned to the individual, such as a finger or voice print or a photograph[.] ... "(b) Conditions of Disclosure.-No agency shall disclose any record which is contained in a system of records by any means of communication to any person, or to another agency, except pursuant to a written request by, or with the prior written consent of, the individual to whom the record pertains, unless disclosure of the record would be- ... "(7) to another agency or to an instrumentality of any governmental jurisdiction within or under the control of the United States for a civil or criminal law enforcement activity if the activity is authorized by law, and if the head of the agency or instrumentality has made a written request to the agency which maintains the record specifying the particular portion desired and the law enforcement activity for which the record is sought[.]" So a separate written request for each "portion" of any individual record that describes the "law enforcement activity for which the record is sought[.]" That doesn't sound like the contemplated unfettered access to bulk raw data. And it gets even better, with a right to sue for any violation, attorney fees and expenses, and a statutory minimum of $1,000 damages per violation just for winning the case.  

I omitted some stuff about opposition to sunsetting the provisions. They  seem to forget, as does Obama, that the proponents of the FISA Court's expansive reading of section 215 have not yet come up with a single instance where 215-derived data caught a single terrorist or prevented a single act of terrorism. Which means that if that data is of some use, it ain't in fighting terrorism, the purpose of the section.  Patriot Act § 215 is codified as 50 USCS § 1861, https://www.law.cornell.edu/uscode/text/50/1861 That section authorizes the FBI to obtain an iorder from the FISA Court "requiring the production of *any tangible things* (including books, records, papers, documents, and other items)."  Specific examples (a non-exclusive list) include: the production of library circulation records, library patron lists, book sales records, book customer lists, firearms sales records, tax return records, educational records, or medical records containing information that would identify a person." The Court can order that the recipient of the order tell no one of its receipt of the order or its response to it.   In other words, this is about way more than your telephone metadata. Do you trust the NSA with your medical records? 

And of course, Google would never succumb to a subpoena requiring it to turn over the audio stream to the NSA. The Tor Browser just keeps looking better and better. https://www.torproject.org/projects/torbrowser.html.en

Watch for massive class action product defect litigation to be filed against the phone companies.and mobile device manufacturers.  In most U.S. jurisdictions, proof that the vendors/manufacturers  knew of the product defect is not required, only proof of the defect. Also, this is a golden opportunity for anyone who wants to get out of a pricey cellphone contract, since providing a compromised cellphone is a material breach of warranty, whether explicit or implied..   

Article is from April 2013, before the Snowden disclosures. 

There are four grounds upon which we find that the telephone records program fails to comply with Section 215. First, the telephone records acquired under the program have no connection to any specific FBI investigation at the time of their collection. Second, because the records are collected in bulk - potentially encompassing all telephone calling records across the nation - they cannot be regarded as "relevant" to any FBI investigation as required by the statute without redefining the word relevant in a manner that is circular, unlimited in scope, and out of step with the case law from analogous legal contexts involving the production of records. Third, the program operates by putting telephone companies under an obligation to furnish new calling records on a daily basis as they are generated (instead of turning over records already in their possession) - an approach lacking foundation in the statute and one that is inconsistent with FISA as a whole. Fourth, the statute permits only the FBI to obtain items for use in its investigations; it does not authorize the NSA to collect anything.  In addition, we conclude that the program violates the Electronic Communications Privacy Act. That statute prohibits telephone companies from sharing customer records with the government except in response to specific enumerated circumstances, which do not include Section 215 orders. Finally, we do not agree that the program can be considered statutorily authorized because Congress twice delayed the expiration of Section 215 during the operation of the program without amending the statute. The "reenactment doctrine," under which Congress is presumed to have adopted settled administrative or judicial interpretations of a statute, does not trump the plain meaning of a law, and cannot save an administrative or judicial interpretation that contradicts the statute itself. Moreover, the circumstances presented here differ in pivotal ways from any in which the reenact

Greenwald asks a very good question about the U.S. government accusing the Chinese government of cyber-espionage and the government's finding that Chinese-manufactured ware pose a security risk. Was that intended to drive people to purchase hardware that comes equipped with NSA backdoors? The flip side, of course, is whether the world should be beating feet to purchase their hardware from the Chinese in order to escape the NSA backdoors. Then there is the question of how those backdoors might have made their way into the hardware devices without the acquiescence of their manufacturers, who surely would have realized that their businesses might take enormous financial hits if knowledge of the backdoors became public? Bribing key staff? The manufacturers named in the Der Spiegel article surely are going to face some hard questions and they may face some very unhappy shareholders if their stock prices take a dive. It would be fun to see a shareholder's derivative class action against one of these companies for having acquiesced to NSA implantation of backdoors, leading to the disclosure and the fall in stock price. Caption the case as Wall Street, Inc. v. National Security Agency, dba Seagate Technology, PLC, then watch the feathers and blood fly.  "Seagate is the company the world trusts to store our lives - our files and photos, our libraries and histories, our science and progress."   Yes, and your stockholders trusted you not to endanger their investment by adding NSA backdoors in your products.

"Whatever the impression Trump may have given you -- a carnival barker, a hero, a jerk, a courageous leader -- he brilliantly tapped into a deep vein of millions of American men and women who believe they have been forgotten by the government they pay for. These good people have been alienated by the elites who dominate American government and culture and civic life. On Tuesday night, they found a home. The forgotten man believes that the Obama administration doesn't care about him. The forgotten man knows that the government put into place regulations of economic activity that put him out of work or into a lower-paying job. These forgotten men and women resent the Obama administration's telling them they must have health insurance or they will be taxed for it and then so incompetently manipulating the marketplace as to cause the cost of that insurance -- often an unwanted product -- to skyrocket. These good folks cringed when their family doctor told them that he could no longer afford to treat them because the feds had overregulated the practice of medicine. They simply couldn't believe that their own government would make the practice of medicine so expensive that doctors in droves could not afford to stay in business. And they were outraged when their doctors told them the feds could see their medical records and dictate their medical treatment. The forgotten man has profound resentment for a government that is telling him how to live. The forgotten man's union dues have shot up. His union leaders use his dues to support political candidates he doesn't know or like. Yet he has usually voted for the Democrats -- out of a traditional belief that the Democrats would think of him and his needs when framing federal legislation. They haven't. The forgotten man speaks his mind but isn't drawn to lofty arguments about the freedom of speech. The forgotten man wants the government to work but couldn't tell you which aspects of its behavior are unconstit

The authorizing statute clearly limits the scope of the administrative subpoena authority to drug related criminal investigations. "In any investigation relating to his functions under this subchapter with respect to controlled substances, listed chemicals, tableting machines, or encapsulating machines, the Attorney General may subpena witnesses, compel the attendance and testimony of witnesses, and require the production of any records (including books, papers, documents, and other tangible things which constitute or contain evidence) which the Attorney General finds relevant or material to the investigation."