Group items tagged

754 F.3d 1205 (2014) UNITED STATES of America, Plaintiff-Appellee, v. Quartavious DAVIS, Defendant-Appellant. No. 12-12928. United States Court of Appeals, Eleventh Circuit. June 11, 2014.

The prosecution also offered records obtained from cell phone service providers evidencing that Davis and his co-defendants had placed and received cell phone calls in close proximity to the locations of each of the charged robberies around the 1210*1210 time that the robberies were committed, except for the Mayor's Jewelry store robbery. Davis preserved his objection to the cell phone location evidence and his claim that the government's obtaining such evidence without a warrant issued upon a showing of probable cause violated his rights under the Fourth Amendment.

The evidence obtained under the order and presented against Davis in the district court consisted of so-called "cell site location information." That location information 1211*1211 includes a record of calls made by the providers' customer, in this case Davis, and reveals which cell tower carried the call to or from the customer. The cell tower in use will normally be the cell tower closest to the customer. The cell site location information will also reflect the direction of the user from the tower. It is therefore possible to extrapolate the location of the cell phone user at the time and date reflected in the call record.

The Federal Bureau of Investigation is taking the position that court warrants are not required when deploying cell-site simulators in public places. Nicknamed "stingrays," the devices are decoy cell towers that capture locations and identities of mobile phone users and can intercept calls and texts. The FBI made its position known during private briefings with staff members of Senate Judiciary Committee Chairman Patrick Leahy (D-Vt.) and Sen. Chuck Grassley (R-Iowa). In response, the two lawmakers wrote Attorney General Eric Holder and Homeland Security chief Jeh Johnson, maintaining they were "concerned about whether the FBI and other law enforcement agencies have adequately considered the privacy interests" of Americans. According to the letter, which was released last week: For example, we understand that the FBI’s new policy requires FBI agents to obtain a search warrant whenever a cell-site simulator is used as part of a FBI investigation or operation, unless one of several exceptions apply, including (among others): (1) cases that pose an imminent danger to public safety, (2) cases that involve a fugitive, or (3) cases in which the technology is used in public places or other locations at which the FBI deems there is no reasonable expectation of privacy.

The letter was prompted in part by a Wall Street Journal report in November that said the Justice Department was deploying small airplanes equipped with cell-site simulators that enabled "investigators to scoop data from tens of thousands of cellphones in a single flight, collecting their identifying information and general location." The bureau's position on Americans' privacy isn't surprising. The Obama Administration has repeatedly maintained that the public has no privacy in public places. It began making that argument as early as 2010, when it told a federal appeals court that the authorities should be allowed to affix GPS devices on vehicles and track a suspect's every move without court authorization. The Supreme Court, however, eventually ruled that warrants are required. What's more, the administration has argued that placing a webcam with pan-and-zoom capabilities on a utility pole to spy on a suspect at his or her residence was no different from a police officer's observation from the public right-of-way. A federal judge last month disagreed with the government's position, tossing evidence gathered by the webcam that was operated from afar.

In their letter, Leahy and Grassley complained that little is known about how stingrays, also known as ISMI catchers, are used by law enforcement agencies. The Harris Corp., a maker of the devices from Florida, includes non-disclosure clauses with buyers. Baltimore authorities cited a non-disclosure agreement to a judge in November as their grounds for refusing to say how they tracked a suspect's mobile phone. They eventually dropped charges rather than disclose their techniques. Further, sometimes the authorities simply lie to judges about their use or undertake other underhanded methods to prevent the public from knowing that the cell-site simulators are being used.

Scotland Yard was thwarted yesterday in its attempt to seize a former senior Israeli army officer at Heathrow airport for alleged war crimes in occupied Palestinian lands after a British judge had issued a warrant for his arrest.British detectives were waiting for retired Major General Doron Almog who was aboard an El Al flight which arrived from Israel yesterday. It is believed he was tipped off about his impending arrest while in the air and stayed on the plane to avoid capture until it flew back to Israel. Scotland Yard detectives were armed with a warrant naming Mr Almog as a war crimes suspect for offences that breached the Geneva conventions.The Guardian understands police would have arrested him if he had set foot on British soil. The arrest warrant was issued on Saturday at Bow Street magistrates court, central London. It is believed to be the first warrant for war crimes of its kind issued in Britain against an Israeli national over conduct in the conflict with Palestinians.

Despite the alleged offences occurring in the Gaza Strip, war crimes law means Britain has a duty to arrest and prosecute alleged suspects if they arrive in Britain. The warrant alleges Mr Almog committed war crimes in the Gaza Strip in 2002 when he ordered the destruction of 59 homes near Rafah, which Palestinians say was in revenge for the death of Israeli soldiers. The warrant was issued by senior district judge Timothy Workman after an application by lawyers acting for Mr Almog's alleged Palestinian victims. According to legal sources, before granting the warrant Mr Workman decided his court had jurisdiction for the offences; that diplomatic immunity did not apply; and there was evidence to support a prima facie case for war crimes.If Mr Almog had been arrested he would have been bailed on condition that he did not leave Britain. The attorney general would have to have sanctioned any prosecution against him for war crimes.Mr Almog was commanding officer of the Israeli defence forces' southern command from December 2000 to July 2003. British lawyers representing Palestinians who say they suffered as a result of Mr Almog's orders had presented their evidence to Scotland Yard detectives last month and they began investigating him.

Google is boldly opposing an attempt by the US Justice Department to expand federal powers to search and seize digital data, warning that the changes would open the door to US “government hacking of any facility” in the world. In a strongly worded submission to the Washington committee that is considering the proposed changes, Google says that increasing the FBI’s powers set out in search warrants would raise “monumental and highly complex constitutional, legal and geopolitical concerns that should be left to Congress to decide”. The search giant warns that under updated proposals, FBI agents would be able to carry out covert raids on servers no matter where they were situated, giving the US government unfettered global access to vast amounts of private information.

In particular, Google sounds the alarm over the FBI’s desire to “remotely” search computers that have concealed their location – either through encryption or by obscuring their IP addresses using anonymity services such as Tor. Those government searches, Google says, “may take place anywhere in the world. This concern is not theoretical. ... [T]he nature of today’s technology is such that warrants issued under the proposed amendment will in many cases end up authorizing the government to conduct searches outside the United States.”

The Justice Department itself has tried to assuage anxieties about its proposed amendment. In its comment to the committee, DoJ officials say that federal agents would only request the new type of warrants where there was “probable cause to search for or seize evidence, fruits, or instrumentalities of crime”. But civil liberties and legal groups remain unconvvinced, insisting that the language is so vaguely worded that it would have draconian and global implications. In its submission, the American Civil Liberties Union said that the proposed changes could violate the fourth amendment of the US constitution, which bans unreasonable searches and seizures. The ACLU’s principal technologist, Christopher Soghoian, said: “The government is seeking a troubling expansion of its power to surreptitiously hack into computers, including using malware. Although this proposal is cloaked in the garb of a minor procedural update, in reality it would be a major and substantive change that would be better addressed by Congress.”

The government and police regularly use location data pulled off of cell phone towers to put criminals at the scenes of crimes—often without a warrant. Well, an appeals court ruled today that the practice is unconstitutional, in one of the strongest judicial defenses of technology privacy rights we've seen in a while.  The United States Court of Appeals for the Eleventh Circuit ruled that the government illegally obtained and used Quartavious Davis's cell phone location data to help convict him in a string of armed robberies in Miami and unequivocally stated that cell phone location information is protected by the Fourth Amendment. "In short, we hold that cell site location information is within the subscriber’s reasonable expectation of privacy," the court ruled in an opinion written by Judge David Sentelle. "The obtaining of that data without a warrant is a Fourth Amendment violation."

In Davis's case, police used his cell phone's call history against him to put him at the scene of several armed robberies. They obtained a court order—which does not require the government to show probable cause—not a warrant, to do so. From now on, that'll be illegal. The decision applies only in the Eleventh Circuit, but sets a strong precedent for future cases.

"One’s cell phone, unlike an automobile, can accompany its owner anywhere. Thus, the exposure of the cell site location information can convert what would otherwise be a private event into a public one," he wrote. "In that sense, cell site data is more like communications data than it is like GPS information. That is, it is private in nature rather than being public data that warrants privacy protection only when its collection creates a sufficient mosaic to expose that which would otherwise be private." Finally, the government argued that, because Davis made outgoing calls, he "voluntarily" gave up his location data. Sentelle rejected that, too, citing a prior decision by a Third Circuit Court. "The Third Circuit went on to observe that 'a cell phone customer has not ‘voluntarily’ shared his location information with a cellular provider in any meaningful way.' That circuit further noted that 'it is unlikely that cell phone customers are aware that their cell phone providers collect and store historical location information,'” Sentelle wrote.

The Electronic Frontier Foundation (EFF) has urged a federal court to block a U.S. search warrant ordering Microsoft to turn over a customer's emails held in an overseas server, arguing that the case has dangerous privacy implications for Internet users everywhere. The case started in December of last year, when a magistrate judge in New York signed a search warrant seeking records and emails from a Microsoft account in connection with a criminal investigation. However, Microsoft determined that the emails the government sought were on a Microsoft server in Dublin, Ireland. Because a U.S. judge has no authority to issue warrants to search and seize property or data abroad, Microsoft refused to turn over the emails and asked the magistrate to quash the warrant. But the magistrate denied Microsoft's request, ruling there was no foreign search because the data would be reviewed by law enforcement agents in the U.S.

Microsoft appealed the decision. In an amicus brief in support of Microsoft, EFF argues the magistrate's rationale ignores the fact that copying the emails is a "seizure" that takes place in Ireland. "The Fourth Amendment protects from unreasonable search and seizure. You can't ignore the 'seizure' part just because the property is digital and not physical," said EFF Staff Attorney Hanni Fakhoury. "Ignoring this basic point has dangerous implications – it could open the door to unfounded law enforcement access to and collection of data stored around the world."

For the full brief in this case:https://www.eff.org/document/eff-amicus-brief-support-microsoft

The Patriot Act continues to wreak its havoc on civil liberties. Section 213 was included in the Patriot Act over the protests of privacy advocates and granted law enforcement the power to conduct a search while delaying notice to the suspect of the search. Known as a “sneak and peek” warrant, law enforcement was adamant Section 213 was needed to protect against terrorism. But the latest government report detailing the numbers of “sneak and peek” warrants reveals that out of a total of over 11,000 sneak and peek requests, only 51 were used for terrorism. Yet again, terrorism concerns appear to be trampling our civil liberties. Throughout the Patriot Act debate the Department of Justice urged Congress to pass Section 213 because it needed the sneak and peak power to help investigate and prosecute terrorism crimes “without tipping off terrorists.” In 2005, FBI Director Robert Mueller continued the same exact talking point, emphasizing sneak and peek warrants were “an invaluable tool in the war on terror and our efforts to combat serious criminal conduct.”

What do the reports reveal? Two things: 1) there has been an enormous increase in the use of sneak and peek warrants and 2) they are rarely used for terrorism cases. First, the numbers: Law enforcement made 47 sneak-and-peek searches nationwide from September 2001 to April 2003. The 2010 report reveals 3,970 total requests were processed. Within three years that number jumped to 11,129. That's an increase of over 7,000 requests. Exactly what privacy advocates argued in 2001 is happening: sneak and peak warrants are not just being used in exceptional circumstances—which was their original intent—but as an everyday investigative tool.

Second, the uses: Out of the 3,970 total requests from October 1, 2009 to September 30, 2010, 3,034 were for narcotics cases and only 37 for terrorism cases (about .9%). Since then, the numbers get worse. The 2011 report reveals a total of 6,775 requests. 5,093 were used for drugs, while only 31 (or .5%) were used for terrorism cases. The 2012 report follows a similar pattern: Only .6%, or 58 requests, dealt with terrorism cases. The 2013 report confirms the incredibly low numbers. Out of 11,129 reports only 51, or .5%, of requests were used for terrorism. The majority of requests were overwhelmingly for narcotics cases, which tapped out at 9,401 requests.

British authorities are capable of tapping into bulk communications data collected by other countries' intelligence services—including the National Security Agency—without a warrant, according to secret government documents released Tuesday. The agreement between the NSA and Britain's spy agency, known as Government Communications Headquarters or GCHQ, potentially puts the Internet and phone data of Americans in the hands of another country without legal oversight when obtaining a warrant is "not technically feasible."   The data, once obtained, can be kept for up to two years, according to internal policies disclosed by the British government. GCHQ was forced to reveal that it can request and receive vast quantities of raw, unanalyzed data collected from foreign governments it partners with during legal proceedings in a closed court hearing in a case brought by various international human-rights organizations, including Privacy International, Liberty U.K., and Amnesty International. The suit challenges certain aspects of GCHQ's surveillance practices.

It is well known that the NSA and GCHQ closely share intelligence data with one another, as part of a long-standing surveillance partnership. Some details of the agencies' spy pact were exposed by former NSA contractor Edward Snowden last year, including the existence of GCHQ's Tempora program, which taps into fiber-optic cables to scoop up online and telephone traffic across the Web for up to 30 days. But this is the first time the British government has disclosed that it does not require a warrant to access data collected and maintained by its American counterparts. The revelation appears to counter statements made by an oversight committee of the British Parliament in July of last year that "in each case where GCHQ sought information from the U.S., a warrant for interception, signed by a minister, was already in place."   It is unclear whether any restrictions on Britain's access to NSA surveillance data is imposed by the U.S. However, documents provided by Snowden to The Guardian last year reveal that the NSA shares raw intelligence data with Israel without removing information about U.S. citizens.

In a statement, the NSA said it works with a number of partner countries to further its "foreign intelligence mission." But it did not specify whether it was aware of or condoned Britain's apparent warrantless access of its data. "Whenever NSA shares intelligence information, we comply with all applicable rules, including rules designed to safeguard U.S. person information," the agency said. "NSA does not ask its foreign partners to undertake any intelligence activity that the U.S. government would be legally prohibited from undertaking itself." American privacy advocates quickly condemned any warrantless access of U.S. communications data by British authorities.   "The 'arrangement' disclosed today suggests that the two countries are circumventing even the very weak safeguards that have been put in place," Jameel Jaffer, deputy legal director of the American Civil Liberties Union, said in a statement to National Journal. "It underscores both the inadequacy of existing oversight structures and the pressing need for [surveillance] reform."

Alberto Nisman, the prosecutor who accused Argentina's president of a cover-up plot over the 1994 bombing of a Jewish center before being found shot to death, met repeatedly with the US embassy in Buenos Aires during his investigation, leaked diplomatic cables show.Nisman gave US officials advanced notice on his procedural moves and was apparently coached by the embassy in "improving" his requests for arrest warrants for Iranians that Nisman suspected of carrying out the deadly attack against the Argentine Israeli Mutual Association, or AIMA, according to cables published by Wikileaks."Embassy can now more logically approach the [government of Argentina] about [its] anticipated next steps and ways we might be able to coordinate outreach to other governments [...] to bring attention to the warrants and pressure to bear on Iran and Hezbollah," says one US cable dated November 1, 2006, after a meeting with Nisman.The revelations are adding fodder to the entangled scandal over the AIMA center bombing, Nisman's mysterious death, and the reactions of President Cristina Fernandez de Kirchner and her government loyalists.The president and her supporters have piled doubt on Nisman's investigation, suggesting he didn't himself write the inquiry accusing Kirchner of a cover-up deal with Iran, and that he was influenced by foreign agents in his claims. Kirchner said this week that Nisman was manipulated and double-crossed by government spies plotting against her.

Nisman on January 16 told VICE News he had proof that Kirchner sought a back-channel deal with Iran — swapping Iranian oil for Argentine grain — in exchange for abandoning efforts to prosecute former Iranian diplomats in connection to the Jewish center bombing.Eight-five people were killed in the terror attack, which remains unsolved. Survivors and opposition forces are now blaming Kirchner's government for Nisman's death.

The prosecutor, who was found dead the night before making his blockbuster claim against Kirchner and her foreign minister in Argentina's Congress, is mentioned in 46 leaked US cables.In the cable from November 2006, Nisman informed US officials of the likelihood that a judge would follow his recommendations to seek charges against Iranian suspects for the bombing. American embassy officials discussed plans to inform "other governments" ahead of time, in an apparent push to make the case against the Iranians an international matter.Another cable, dated January 19, 2007, suggests the US embassy had a hand in shaping Nisman's warrant requests with Interpol, the international diplomatic police force. The cable shows US officials thought Nisman's work was shoddy and needed help.Before the Justice Department's Office of International Affairs intervened in the warrant applications, the cable says, Nisman's paperwork contained "statements that were presumptuous conclusions of guilt."Nisman took on the case of the AIMA center bombing in 2004, at the request of the then-President Nestor Kirchner, Cristina Fernandez's late husband. In his interview with VICE News — perhaps his last with a foreign news organization — Nisman denied connections with any foreign spy agencies.

In a seminal decision updating and consolidating its previous jurisprudence on surveillance, the Grand Chamber of the European Court of Human Rights took a sideways swing at mass surveillance programs last week, reiterating the centrality of “reasonable suspicion” to the authorization process and the need to ensure interception warrants are targeted to an individual or premises. The decision in Zakharov v. Russia — coming on the heels of the European Court of Justice’s strongly-worded condemnation in Schrems of interception systems that provide States with “generalised access” to the content of communications — is another blow to governments across Europe and the United States that continue to argue for the legitimacy and lawfulness of bulk collection programs. It also provoked the ire of the Russian government, prompting an immediate legislative move to give the Russian constitution precedence over Strasbourg judgments. The Grand Chamber’s judgment in Zakharov is especially notable because its subject matter — the Russian SORM system of interception, which includes the installation of equipment on telecommunications networks that subsequently enables the State direct access to the communications transiting through those networks — is similar in many ways to the interception systems currently enjoying public and judicial scrutiny in the United States, France, and the United Kingdom. Zakharov also provides a timely opportunity to compare the differences between UK and Russian law: Namely, Russian law requires prior independent authorization of interception measures, whereas neither the proposed UK law nor the existing legislative framework do.

The decision is lengthy and comprises a useful restatement and harmonization of the Court’s approach to standing (which it calls “victim status”) in surveillance cases, which is markedly different from that taken by the US Supreme Court. (Indeed, Judge Dedov’s separate but concurring opinion notes the contrast with Clapper v. Amnesty International.) It also addresses at length issues of supervision and oversight, as well as the role played by notification in ensuring the effectiveness of remedies. (Marko Milanovic discusses many of these issues here.) For the purpose of the ongoing debate around the legitimacy of bulk surveillance regimes under international human rights law, however, three particular conclusions of the Court are critical.

The Court took issue with legislation permitting the interception of communications for broad national, military, or economic security purposes (as well as for “ecological security” in the Russian case), absent any indication of the particular circumstances under which an individual’s communications may be intercepted. It said that such broadly worded statutes confer an “almost unlimited degree of discretion in determining which events or acts constitute such a threat and whether that threat is serious enough to justify secret surveillance” (para. 248). Such discretion cannot be unbounded. It can be limited through the requirement for prior judicial authorization of interception measures (para. 249). Non-judicial authorities may also be competent to authorize interception, provided they are sufficiently independent from the executive (para. 258). What is important, the Court said, is that the entity authorizing interception must be “capable of verifying the existence of a reasonable suspicion against the person concerned, in particular, whether there are factual indications for suspecting that person of planning, committing or having committed criminal acts or other acts that may give rise to secret surveillance measures, such as, for example, acts endangering national security” (para. 260). This finding clearly constitutes a significant threshold which a number of existing and pending European surveillance laws would not meet. For example, the existence of individualized reasonable suspicion runs contrary to the premise of signals intelligence programs where communications are intercepted in bulk; by definition, those programs collect information without any consideration of individualized suspicion. Yet the Court was clearly articulating the principle with national security-driven surveillance in mind, and with the knowledge that interception of communications in Russia is conducted by Russian intelligence on behalf of law enforcement agencies.

The Justice Department pledged Friday to to review its policies relating to the seizure of information from journalists after acknowledging that a controversial search warrant for a  Fox News reporter’s private emails  was approved “at the highest levels” of the Justice Department, including “discussions” with Attorney General  Eric Holder.

The statement, confirming an NBC News account of Holder’s role, defended the secret warrant to obtain reporter James Rosen’s emails as a legitimate step to obtain evidence as part of an investigation of Stephen Kim. A former intelligence analyst, Kim has since been indicted under the Espionage Act for leaking classified information to Rosen about North Korea. He has denied the charges.

Nevertheless, said the official, who spoke on condition of anonymity, Holder “understands the concerns that have been raised by the media and has initiated a re-evaluation of existing department policies and procedures.” The official said the department must strike “the appropriate balance” between preventing leaks of classified information and “First Amendment rights,”adding that passage of a new media shield law “and appropriate updates to the department”s internal guidelines” will help achieve that.   The statement comes  amid a firestorm of criticism from news media groups over the Rosen search warrant and a secret subpoena for the phone records of AP reporters. It also comes one day after President Obama addressed the issue in a major speech on counter-terrorism policy, saying "I am troubled by the possibility that leak investigations may chill the investigative journalism that holds government accountable," Obama said. "Journalists should not be at legal risk for doing their jobs."

The 29-year-old former NSA contractor and source of the Guardian's NSA files coverage will – with the help of Glenn Greenwald – take your questions today on why he revealed the NSA's top-secret surveillance of US citizens, the international storm that has ensued, and the uncertain future he now faces. Ask him anything.

I did not reveal any US operations against legitimate military targets. I pointed out where the NSA has hacked civilian infrastructure such as universities, hospitals, and private businesses because it is dangerous. These nakedly, aggressively criminal acts are wrong no matter the target. Not only that, when NSA makes a technical mistake during an exploitation operation, critical systems crash. Congress hasn't declared war on the countries - the majority of them are our allies - but without asking for public permission, NSA is running network operations against them that affect millions of innocent people. And for what? So we can have secret access to a computer in a country we're not even fighting? So we can potentially reveal a potential terrorist with the potential to kill fewer Americans than our own Police? No, the public needs to know the kinds of things a government does in its name, or the "consent of the governed" is meaningless.

I was debriefed by Glenn and his peers over a number of days, and not all of those conversations were recorded. The statement I made about earnings was that $200,000 was my "career high" salary. I had to take pay cuts in the course of pursuing specific work. Booz was not the most I've been paid.

UK intelligence service GCHQ can legally snoop on British use of Google, Facebook and web-based email without specific warrants because the firms are based abroad, the government has said. Classed as "external communications", such activity can be covered by a broad warrant and intercepted without extra clearance, spy boss Charles Farr said. The policy was revealed as part of a legal battle with campaign group Privacy International (PI). PI labelled the policy "patronising".

Charles Farr, director general of the Office for Security and Counter-Terrorism, told PI that Facebook, Twitter, YouTube and web searches on Google - as well as webmail services such as Hotmail and Yahoo - were classified as "external communications", which meant they could be intercepted without the need for additional legal clearance. Internal communications between citizens can only be intercepted when a targeted warrant is issued. Warrants must be signed by a minister and can only be issued when there is suspicion of illegal activity. But when someone searches for something on Google or posts on Facebook they are sending information overseas - constituting an act of external communication that could be collected under a broader warrant which does not need to be signed by a minister, explained Mr Farr in a 48-page written statement.

However, he said data collected in this way "cannot be read, looked at or listened to" except in strictly limited circumstances. Mr Farr said there was a "significant distinction" between intercepting material and a person actually reading, looking at or listening it.

HERE WAS A SIMPLE AIM at the heart of the top-secret program: Record the website browsing habits of “every visible user on the Internet.” Before long, billions of digital records about ordinary people’s online activities were being stored every day. Among them were details cataloging visits to porn, social media and news websites, search engines, chat forums, and blogs. The mass surveillance operation — code-named KARMA POLICE — was launched by British spies about seven years ago without any public debate or scrutiny. It was just one part of a giant global Internet spying apparatus built by the United Kingdom’s electronic eavesdropping agency, Government Communications Headquarters, or GCHQ. The revelations about the scope of the British agency’s surveillance are contained in documents obtained by The Intercept from National Security Agency whistleblower Edward Snowden. Previous reports based on the leaked files have exposed how GCHQ taps into Internet cables to monitor communications on a vast scale, but many details about what happens to the data after it has been vacuumed up have remained unclear.

Amid a renewed push from the U.K. government for more surveillance powers, more than two dozen documents being disclosed today by The Intercept reveal for the first time several major strands of GCHQ’s existing electronic eavesdropping capabilities.

The surveillance is underpinned by an opaque legal regime that has authorized GCHQ to sift through huge archives of metadata about the private phone calls, emails and Internet browsing logs of Brits, Americans, and any other citizens — all without a court order or judicial warrant

The National Security Agency and its British counterpart, Government Communications Headquarters, have worked to subvert anti-virus and other security software in order to track users and infiltrate networks, according to documents from NSA whistleblower Edward Snowden. The spy agencies have reverse engineered software products, sometimes under questionable legal authority, and monitored web and email traffic in order to discreetly thwart anti-virus software and obtain intelligence from companies about security software and users of such software. One security software maker repeatedly singled out in the documents is Moscow-based Kaspersky Lab, which has a holding registered in the U.K., claims more than 270,000 corporate clients, and says it protects more than 400 million people with its products. British spies aimed to thwart Kaspersky software in part through a technique known as software reverse engineering, or SRE, according to a top-secret warrant renewal request. The NSA has also studied Kaspersky Lab’s software for weaknesses, obtaining sensitive customer information by monitoring communications between the software and Kaspersky servers, according to a draft top-secret report. The U.S. spy agency also appears to have examined emails inbound to security software companies flagging new viruses and vulnerabilities.

The efforts to compromise security software were of particular importance because such software is relied upon to defend against an array of digital threats and is typically more trusted by the operating system than other applications, running with elevated privileges that allow more vectors for surveillance and attack. Spy agencies seem to be engaged in a digital game of cat and mouse with anti-virus software companies; the U.S. and U.K. have aggressively probed for weaknesses in software deployed by the companies, which have themselves exposed sophisticated state-sponsored malware.

The requested warrant, provided under Section 5 of the U.K.’s 1994 Intelligence Services Act, must be renewed by a government minister every six months. The document published today is a renewal request for a warrant valid from July 7, 2008 until January 7, 2009. The request seeks authorization for GCHQ activities that “involve modifying commercially available software to enable interception, decryption and other related tasks, or ‘reverse engineering’ software.”

A divided Fourth Circuit has ruled, in United States v. Graham, that “the government conducts a search under the Fourth Amendment when it obtains and inspects a cell phone user’s historical [cell-site location information] for an extended period of time” and that obtaining such records requires a warrant. The new case creates multiple circuit splits, which may lead to Supreme Court review. Specifically, the decision creates a clear circuit split with the Fifth and Eleventh Circuits on whether acquiring cell-site records is a search. It also creates an additional clear circuit split with the Eleventh Circuit on whether, if cell-site records are protected, a warrant is required. Finally, it also appears to deepen an existing split between the Fifth and Third Circuits on whether the Stored Communications Act allows the government to choose whether to obtain an intermediate court order or a warrant for cell-site records. This post will cover the reasoning of the new case in detail.

 Olmstead v. United States: The Constitutional Challenges of Prohibition Enforcement Historical Documents Dissenting opinion of Justice Louis D. Brandeis in Olmstead v. United States Justice Brandeis’s dissenting opinion is one of the more notable dissents in Supreme Court history. He attempted to define a general right of privacy based on the Fourth and Fifth Amendments. Brandeis had long been interested in the problem of privacy in the modern age; years earlier he and his law partner, Samuel Warren, published what many consider the seminal article on the topic (Samuel Warren & Louis D. Brandeis, “The Right to Privacy,” 4 Harv. L. Rev. 193 (1890)). Brandeis’s opinion in Olmstead attempted to apply to the current era what he said were the principles of the Fourth and Fifth Amendments. Historians often overlook how much his approach draws on the dissenting opinion of Judge Rudkin in the circuit court, but Brandeis himself acknowledged his debt to Rudkin in the text. The quotation about “the form that evil had theretofore taken” referred to the Supreme Court decision in Weems v. United States, in which Justice Joseph McKenna wrote of the need for the Court to apply the general principles of the Constitution to new problems.

Moreover, “in the application of a constitution, our contemplation cannot be only of what has been but of what may be.” The progress of science in furnishing the Government with means of espionage is not likely to stop with wire-tapping. Ways may someday be developed by which the Government, without removing papers from secret drawers, can reproduce them in court, and by which it will be enabled to expose to a jury the most intimate occurrences of the home. Advances in the psychic and related sciences may bring means of exploring unexpressed beliefs, thoughts and emotions. “That places the liberty of every man in the hands of every petty officer” was said by James Otis of much lesser intrusions than these. To Lord Camden, a far slighter intrusion seemed “subversive of all the comforts of society.” Can it be that the Constitution affords no protection against such invasions of individual security? . . .

In Ex parte Jackson, 96 U.S. 727, it was held that a sealed letter entrusted to the mail is protected by the Amendments. The mail is a public service furnished by the Government. The telephone is a public service furnished by its authority. There is, in essence, no difference between the sealed letter and the private telephone message. As Judge Rudkin said below: “True, the one is visible, the other invisible; the one is tangible, the other intangible; the one is sealed, and the other unsealed, but these are distinctions without a difference.” The evil incident to invasion of the privacy of the telephone is far greater than that involved in tampering with the mails. Whenever a telephone line is tapped, the privacy of the persons at both ends of the line is invaded and all conversations between them upon any subject, and, although proper, confidential and privileged, may be overheard. Moreover, the tapping of one man’s telephone line involves the tapping of the telephone of every other person whom he may call or who may call him. As a means of espionage, writs of assistance and general warrants are but puny instruments of tyranny and oppression when compared with wire-tapping.

AMERICAN AND BRITISH spies hacked into the internal computer network of the largest manufacturer of SIM cards in the world, stealing encryption keys used to protect the privacy of cellphone communications across the globe, according to top-secret documents provided to The Intercept by National Security Agency whistleblower Edward Snowden. The hack was perpetrated by a joint unit consisting of operatives from the NSA and its British counterpart Government Communications Headquarters, or GCHQ. The breach, detailed in a secret 2010 GCHQ document, gave the surveillance agencies the potential to secretly monitor a large portion of the world’s cellular communications, including both voice and data. The company targeted by the intelligence agencies, Gemalto, is a multinational firm incorporated in the Netherlands that makes the chips used in mobile phones and next-generation credit cards. Among its clients are AT&T, T-Mobile, Verizon, Sprint and some 450 wireless network providers around the world. The company operates in 85 countries and has more than 40 manufacturing facilities. One of its three global headquarters is in Austin, Texas and it has a large factory in Pennsylvania. In all, Gemalto produces some 2 billion SIM cards a year. Its motto is “Security to be Free.”

With these stolen encryption keys, intelligence agencies can monitor mobile communications without seeking or receiving approval from telecom companies and foreign governments. Possessing the keys also sidesteps the need to get a warrant or a wiretap, while leaving no trace on the wireless provider’s network that the communications were intercepted. Bulk key theft additionally enables the intelligence agencies to unlock any previously encrypted communications they had already intercepted, but did not yet have the ability to decrypt.

Leading privacy advocates and security experts say that the theft of encryption keys from major wireless network providers is tantamount to a thief obtaining the master ring of a building superintendent who holds the keys to every apartment. “Once you have the keys, decrypting traffic is trivial,” says Christopher Soghoian, the principal technologist for the American Civil Liberties Union. “The news of this key theft will send a shock wave through the security community.”