Skip to main content

Home/ Socialism and the End of the American Dream/ Group items matching "bulk-collection" in title, tags, annotations or url

Group items matching
in title, tags, annotations or url

Sort By: Relevance | Date Filter: All | Bookmarks | Topics Simple Middle
Paul Merrell

Obama concedes NSA bulk collection of phone data may be unnecessary | World news | theguardian.com - 0 views

www.theguardian.com/...lection-phone-data-unnecessary

surveillance state 215-metadata metadata NSA Obama NSA-reform Snowden indictment amnesty

shared by Paul Merrell on 22 Dec 13 - No Cached
  • President Barack Obama has conceded that mass collection of private data by the US government may be unnecessary and said there were different ways of “skinning the cat”, which could allow intelligence agencies to keep the country safe without compromising privacy. In an apparent endorsement of a recommendation by a review panel to shift responsibility for the bulk collection of telephone records away from the National Security Agency and on to the phone companies, the president said change was necessary to restore public confidence. “In light of the disclosures, it is clear that whatever benefits the configuration of this particular programme may have, may be outweighed by the concerns that people have on its potential abuse,” Obama told an end-of-year White House press conference. “If it that’s the case, there may be a better way of skinning the cat.”
  • Though insisting he will not make a final decision until January, this is the furthest the president has gone in backing calls to dismantle the programme to collect telephone data, a practice the NSA claims has legal foundation under section 215 of the Patriot Act. This week, a federal judge said the program “very likely” violates the US constitution. “There are ways we can do this potentially that give people greater assurance that there are checks and balances, sufficient oversight and transparency,” Obama added. “Programmes like 215 could be redesigned in ways that give you the same information when you need it without creating these potentials for abuse. That’s exactly what we should be doing: to evaluate things in a very clear specific way and moving forward on changes. And that’s what I intend to do.”
  • The president would not comment on a suggestion last weekend by Richard Ledgett, the NSA official investigating the Snowden leaks, that an amnesty might be appropriate in exchange for the return of the data Snowden took from the agency. Obama said he could not comment specifically because Snowden was “under indictment”, something not previously disclosed. While the Justice Department filed a criminal complaint against Snowden on espionage-related charges in June, there has been no public subsequent indictment, although it is possible one exists under gag order. The Justice Department referred comment on a Snowden indictment to the White House. Caitlin Hayden, the chief spokeswoman for the White House National Security Council, clarified that Obama was referring to the criminal complaint against Snowden. It remains unclear if there is an indictment under seal. 
  • ...4 more annotations...
  • The president also went further than his review panel in suggesting the US needed to rein in its overseas surveillance activities. “We have got to provide more confidence to the international community. In a virtual world, some of these boundaries don’t matter any more,” he said. “The values that we have got as Americans are ones that we have to be willing to apply beyond our borders, perhaps more systematically than we have done in the past.”
  • Conspicuously, Obama declined to rebut one assessment from his surveillance review group – that the bulk collection of US call data was not essential to stopping a terrorist attack. Instead, he contended that there had been “no abuse” of the bulk phone data collection. But in 2009, a judge on the secret surveillance court prevented the NSA from searching through its databases of US phone information after discovering “daily violations” resulting from NSA searches of Americans’ phone records without reasonable suspicion of connections to terrorism. That data was inaccessible to the NSA for almost all of 2009, before the Fisa court was convinced the NSA had sufficient safeguards in place for preventing similar violations
  • In another indication of the shifting landscape on surveillance, the telecoms giant AT&T announced on Friday that it will begin publishing a semi-annual report about its complicity with government surveillance requests. AT&T followed its competitor Verizon, which announced a similar move on Thursday.
  • The first such report is expected for early 2014, Watts said. While technology firms like Yahoo and Google have pushed for greater transparency about providing their customer data to the government, the telecommunications firms – which have cooperated with the NSA since the agency’s 1952 inception – did not join them before the events of the past week.
  • Paul Merrell on 22 Dec 13
     
    Movement on the NSA. Obama hints that the NSA's section 215 metadata collection will end, fesses up that Snowden has been criminally indicted, but declines to discuss whether Snowden might be pardoned in exchange for turning over his NSA document collection, notably not ruling it out. And finally, two of the giant telcos, AT&T and Verizon, have announced intent to do semi-annual public reports on their collaboration with government spy agencies. Amazing what a federal court decision can do, particularly when immediately followed by the president's own blue-ribbon panel report, both holding that the section 215 program has resulted in no terrorist attacks being prevented and that the program in unconstitutional. Obama finally reaches his tipping point. A good week for civil libertarians.   
Paul Merrell

DEA Global Surveillance Dragnet Exposed; Access to Data Likely Continues - The Intercept - 0 views

firstlook.org/...e-phone-records-crisscross-nsa

surveillance state DEA EO-12333 litigation Human-Rights-Watch

shared by Paul Merrell on 09 May 15 - No Cached
  • Secret mass surveillance conducted by the Drug Enforcement Administration is falling under renewed scrutiny after fresh revelations about the broad scope of the agency’s electronic spying. On Tuesday, USA Today reported that for more than two decades, dating back to 1992, the DEA and the Justice Department “amassed logs of virtually all telephone calls from the USA to as many as 116 countries linked to drug trafficking.” Citing anonymous current and former officials “involved with the operation,” USA Today reported that Americans’ calls were logged between the United States and targeted countries and regions including Canada, Mexico, and Central and South America.
  • The DEA’s data dragnet was apparently shut down by Attorney General Eric Holder in September 2013. But on Wednesday, following USA Today’s report, Human Rights Watch launched a lawsuit against the DEA over its bulk collection of phone records and is seeking a retrospective declaration that the surveillance was unlawful. The latest revelations shine more light on the broad scope of the DEA’s involvement in mass surveillance programs, which can be traced back to a secret program named “Project Crisscross” in the early 1990s, as The Intercept previously revealed. Documents from National Security Agency whistleblower Edward Snowden, published by The Intercept in August last year, showed that the DEA was involved in collecting and sharing billions of phone records alongside agencies such as the NSA, the CIA and the FBI.
  • The vast program reported on by USA Today shares some of the same hallmarks of Project Crisscross: it began in the early 1990s, was ostensibly aimed at gathering intelligence about drug trafficking, and targeted countries worldwide, with focus on Central and South America. It is also reminiscent of the so-called Hemisphere Project, a DEA operation revealed in September 2013 by The New York Times, which dated as far back as 1987, and used subpoenas to collect vast amounts of international call records every day. There is crossover, too, with a DEA database called DICE, revealed by Reuters in August 2013, which reportedly contains phone and Internet communication records gathered by the DEA through subpoenas and search warrants nationwide. The precise relationship between Crisscross, DICE, Hemisphere and the surveillance program revealed by USA Today is unclear. Whether or not they were part of a single overarching operation, the phone records and other data collected by each were likely accessible to DEA agents through the same computer interfaces and search and analysis tools.
  • ...3 more annotations...
  • A Justice Department spokesman told Reuters Wednesday that “all of the information has been deleted” and that the DEA was “no longer collecting bulk telephony metadata from U.S. service providers.” What the spokesman did not say is that the DEA has access to troves of phone records from multiple sources — and not all of them are obtained from U.S. service providers. As The Intercept’s reporting on Project Crisscross revealed, the DEA has had large-scale access to data covertly collected by the NSA, CIA and other agencies for years. According to NSA documents obtained by Snowden, the DEA can sift through billions of metadata records collected by other agencies about emails, phone calls, faxes, Internet chats and text messages using systems named ICREACH and CRISSCROSS/PROTON.
  • Notably, the DEA spying reported by USA Today encompassed phone records collected by the DEA using administrative subpoenas to obtain data from phone companies without the approval of a judge. The phone records collected by the agency as part of Project Hemisphere and the data stored on the DICE system were also collected through subpoenas and warrants. But ICREACH alone was designed to handle two to five billion new records every day — the majority of them not collected using any conventional search warrant or a subpoena. Instead, most of the data accessible to the DEA through ICREACH is vacuumed up by the NSA using Executive Order 12333, a controversial Reagan-era presidential directive that underpins several NSA bulk surveillance operations that monitor communications overseas. The 12333 surveillance takes place with no court oversight and has received minimal Congressional scrutiny because it is targeted at foreign, not domestic, communication networks.
  • This means that some of the DEA’s access to mass surveillance data — records collected in bulk through subpoenas or warrants — may have been shut down by Holder in 2013. But it is likely that the agency still has the ability to tap into other huge data repositories, and questions remain about how that access is being used.
  • Paul Merrell on 09 May 15
     
    How many ways do I love thee? ... Just a few minutes. I have to consult my haystacks.  'Twas on August 20, 1982 when Ronald Reagan formally declered "War on Drugs," thereby sweeping U.S. Drug Enforcement Administration records under the umbrella of "national security" secrets. Concurrently, a document was produced by the White House that mentioned that the forerunners of today's "fusion centers" would be created to begin trawling government databases for information to wage that war, including medical records held by the then-Veterans Administration. I''ve been keeping an eye on those rascals ever since. Believe me, we have merely scratched the surface of a very few of the Feds' "haystacks." There are very many to go before they're all rooted out into the sunlight.  
Paul Merrell

Government Likens Ending Bulk Surveillance to Opening Prison Gates - 0 views

theintercept.com/...llance-to-opening-prison-gates

surveillance state NSA-reform Klayman litigation

shared by Paul Merrell on 10 Oct 15 - No Cached
  • A Justice Department prosecutor said Thursday that ordering the immediate end of bulk surveillance of millions of Americans’ phone records would be as hasty as suddenly letting criminals out of prison. “Public safety should be taken into consideration,” argued DOJ attorney Julia Berman, noting that in a 2011 Supreme Court ruling on prison overcrowding, the state of California was given two years to find a solution and relocate prisoners. By comparison, she suggested, the six months Congress granted to the National Security Agency to stop indiscriminately collecting data on American phone calls was minimal. Ending the bulk collection program even a few weeks before the current November 29 deadline would be an imminent risk to national security because it would create a dangerous “intelligence gap” during a period rife with fears of homegrown terrorism, she said.
  • The argument came during a hearing before U.S. District Court Judge Richard Leon on plaintiff Larry Klayman’s request for a preliminary injunction that would immediately halt the NSA program that tracks who in the United States is calling who, when, and for how long. The bulk telephony metadata program, which the NSA said was authorized under section 215 of the USA Patriot Act, was closed down by Congress in June with the passage of new legislation—the USA Freedom Act. However, the new bill allowed for a grace period of six months in which the government could set up a less all-inclusive alternative..
  • The Second Circuit Court of Appeals in May ruled that the bulk telephony program was illegal. Judge Leon ruled in Klayman’s favor in 2013, calling the government’s spying “almost Orwellian.” When Berman made her analogy to releasing prisoners en masse, Leon responded: “That’s really a very different kind of situation, don’t you think?”. And Berman was unable to cite any evidence that the bulk collection prevented any sort of terrorist attack, or that ending it now would be a serious threat. “That’s a problem I had before—wonderful high lofty expressions, general vague terms…but [the government] did not share a single example,” Leon said. Klayman, whose arguments consisted mostly of accusing the government of lying and violating the law, decided by the end of the hearing that he actually wanted the entire USA Freedom Act stricken from the books—because he insisted that Congress, in allowing an unconstitutional program to proceed, had violated the Constitution itself. Judge Leon promised a ruling “as soon as possible.”
Paul Merrell

A Year After Reform Push, NSA Still Collects Bulk Domestic Data, Still Lacks Way to Assess Value - The Intercept - 0 views

firstlook.org/...lueless-much-good-surveillance

surveillance state NSA-reform PCLOB implementations

shared by Paul Merrell on 02 Feb 15 - No Cached
  • The presidential advisory board on privacy that recommended a slew of domestic surveillance reforms in the wake of the Edward Snowden revelations reported today that many of its suggestions have been agreed to “in principle” by the Obama administration, but in practice, very little has changed. Most notably, the Privacy and Civil Liberties Oversight Board called attention to the obvious fact that one full year after it concluded that the government’s bulk collection of metadata on domestic telephone calls is illegal and unproductive, the program continues apace. “The Administration accepted our recommendation in principle. However, it has not ended the bulk telephone records program on its own, opting instead to seek legislation to create an alternative to the existing program,” the report notes.
  • And while Congress has variously debated, proposed, neutered, and failed to agree on any action, the report’s authors point the finger of blame squarely at President Obama. “It should be noted that the Administration can end the bulk telephone records program at any time, without congressional involvement,” the report says. Obama said a year ago that he favored an end to the government collection of those records if an alternative — such as keeping the records at the telephone companies, or with a third party — still allowed them to be searchable by the government. The White House was recently said to be “still considering” the matter. The board noted that Obama has accepted some, but not all, of the privacy safeguards it recommended — somewhat reducing the ease and depth with which National Security Agency agents can dig through the domestic data, but not, for instance, agreeing to delete the data after three years, instead of five.
  • But one recommendation in particular – that the intelligence community develop some sort of methodology to assess whether any of this stuff is actually doing any good — has been notably “not implemented.” “Determining the efficacy and value of particular counterterrorism programs is critical,” the board says. “Without such determinations, policymakers and courts cannot effectively weigh the interests of the government in conducting a program against the intrusions on privacy and civil liberties that it may cause.”
  • ...2 more annotations...
  • A year ago, the board also recommended that Congress enact legislation enabling the secretive Foreign Intelligence Surveillance Court, which currently approves both specific and blanket warrant applications without allowing anyone to argue otherwise, to hear independent views. It recommended more appellate reviews of that court’s rulings. There’s been no progress on either front. A year ago, the board recommended that “the scope of surveillance authorities affecting Americans should be public,” and that the intelligence community should “develop principles and criteria for the public articulation of the legal authorities under which it conducts surveillance affecting Americans.” Something is apparently brewing in that area, but it’s not entirely clear what. “Intelligence Community representatives have advised us that they are committed to implementing this recommendation,” with principles “that they will soon be releasing,” the report says.
  • The presidential advisory board on privacy that recommended a slew of domestic surveillance reforms in the wake of the Edward Snowden revelations reported today that many of its suggestions have been agreed to “in principle” by the Obama administration, but in practice, very little has changed. Most notably, the Privacy and Civil Liberties Oversight Board called attention to the obvious fact that one full year after it concluded that the government’s bulk collection of metadata on domestic telephone calls is illegal and unproductive, the program continues apace. “The Administration accepted our recommendation in principle. However, it has not ended the bulk telephone records program on its own, opting instead to seek legislation to create an alternative to the existing program,” the report notes.
Paul Merrell

From Radio to Porn, British Spies Track Web Users' Online Identities - 0 views

theintercept.com/...ck-web-users-online-identities

surveillance state GCHQ Black-Hole

shared by Paul Merrell on 27 Sep 15 - No Cached
  • HERE WAS A SIMPLE AIM at the heart of the top-secret program: Record the website browsing habits of “every visible user on the Internet.” Before long, billions of digital records about ordinary people’s online activities were being stored every day. Among them were details cataloging visits to porn, social media and news websites, search engines, chat forums, and blogs. The mass surveillance operation — code-named KARMA POLICE — was launched by British spies about seven years ago without any public debate or scrutiny. It was just one part of a giant global Internet spying apparatus built by the United Kingdom’s electronic eavesdropping agency, Government Communications Headquarters, or GCHQ. The revelations about the scope of the British agency’s surveillance are contained in documents obtained by The Intercept from National Security Agency whistleblower Edward Snowden. Previous reports based on the leaked files have exposed how GCHQ taps into Internet cables to monitor communications on a vast scale, but many details about what happens to the data after it has been vacuumed up have remained unclear.
  • Amid a renewed push from the U.K. government for more surveillance powers, more than two dozen documents being disclosed today by The Intercept reveal for the first time several major strands of GCHQ’s existing electronic eavesdropping capabilities.
  • The surveillance is underpinned by an opaque legal regime that has authorized GCHQ to sift through huge archives of metadata about the private phone calls, emails and Internet browsing logs of Brits, Americans, and any other citizens — all without a court order or judicial warrant
  • ...17 more annotations...
  • A huge volume of the Internet data GCHQ collects flows directly into a massive repository named Black Hole, which is at the core of the agency’s online spying operations, storing raw logs of intercepted material before it has been subject to analysis. Black Hole contains data collected by GCHQ as part of bulk “unselected” surveillance, meaning it is not focused on particular “selected” targets and instead includes troves of data indiscriminately swept up about ordinary people’s online activities. Between August 2007 and March 2009, GCHQ documents say that Black Hole was used to store more than 1.1 trillion “events” — a term the agency uses to refer to metadata records — with about 10 billion new entries added every day. As of March 2009, the largest slice of data Black Hole held — 41 percent — was about people’s Internet browsing histories. The rest included a combination of email and instant messenger records, details about search engine queries, information about social media activity, logs related to hacking operations, and data on people’s use of tools to browse the Internet anonymously.
  • Throughout this period, as smartphone sales started to boom, the frequency of people’s Internet use was steadily increasing. In tandem, British spies were working frantically to bolster their spying capabilities, with plans afoot to expand the size of Black Hole and other repositories to handle an avalanche of new data. By 2010, according to the documents, GCHQ was logging 30 billion metadata records per day. By 2012, collection had increased to 50 billion per day, and work was underway to double capacity to 100 billion. The agency was developing “unprecedented” techniques to perform what it called “population-scale” data mining, monitoring all communications across entire countries in an effort to detect patterns or behaviors deemed suspicious. It was creating what it said would be, by 2013, “the world’s biggest” surveillance engine “to run cyber operations and to access better, more valued data for customers to make a real world difference.”
  • A document from the GCHQ target analysis center (GTAC) shows the Black Hole repository’s structure.
  • The data is searched by GCHQ analysts in a hunt for behavior online that could be connected to terrorism or other criminal activity. But it has also served a broader and more controversial purpose — helping the agency hack into European companies’ computer networks. In the lead up to its secret mission targeting Netherlands-based Gemalto, the largest SIM card manufacturer in the world, GCHQ used MUTANT BROTH in an effort to identify the company’s employees so it could hack into their computers. The system helped the agency analyze intercepted Facebook cookies it believed were associated with Gemalto staff located at offices in France and Poland. GCHQ later successfully infiltrated Gemalto’s internal networks, stealing encryption keys produced by the company that protect the privacy of cell phone communications.
  • Similarly, MUTANT BROTH proved integral to GCHQ’s hack of Belgian telecommunications provider Belgacom. The agency entered IP addresses associated with Belgacom into MUTANT BROTH to uncover information about the company’s employees. Cookies associated with the IPs revealed the Google, Yahoo, and LinkedIn accounts of three Belgacom engineers, whose computers were then targeted by the agency and infected with malware. The hacking operation resulted in GCHQ gaining deep access into the most sensitive parts of Belgacom’s internal systems, granting British spies the ability to intercept communications passing through the company’s networks.
  • In March, a U.K. parliamentary committee published the findings of an 18-month review of GCHQ’s operations and called for an overhaul of the laws that regulate the spying. The committee raised concerns about the agency gathering what it described as “bulk personal datasets” being held about “a wide range of people.” However, it censored the section of the report describing what these “datasets” contained, despite acknowledging that they “may be highly intrusive.” The Snowden documents shine light on some of the core GCHQ bulk data-gathering programs that the committee was likely referring to — pulling back the veil of secrecy that has shielded some of the agency’s most controversial surveillance operations from public scrutiny. KARMA POLICE and MUTANT BROTH are among the key bulk collection systems. But they do not operate in isolation — and the scope of GCHQ’s spying extends far beyond them.
  • The agency operates a bewildering array of other eavesdropping systems, each serving its own specific purpose and designated a unique code name, such as: SOCIAL ANTHROPOID, which is used to analyze metadata on emails, instant messenger chats, social media connections and conversations, plus “telephony” metadata about phone calls, cell phone locations, text and multimedia messages; MEMORY HOLE, which logs queries entered into search engines and associates each search with an IP address; MARBLED GECKO, which sifts through details about searches people have entered into Google Maps and Google Earth; and INFINITE MONKEYS, which analyzes data about the usage of online bulletin boards and forums. GCHQ has other programs that it uses to analyze the content of intercepted communications, such as the full written body of emails and the audio of phone calls. One of the most important content collection capabilities is TEMPORA, which mines vast amounts of emails, instant messages, voice calls and other communications and makes them accessible through a Google-style search tool named XKEYSCORE.
  • As of September 2012, TEMPORA was collecting “more than 40 billion pieces of content a day” and it was being used to spy on people across Europe, the Middle East, and North Africa, according to a top-secret memo outlining the scope of the program. The existence of TEMPORA was first revealed by The Guardian in June 2013. To analyze all of the communications it intercepts and to build a profile of the individuals it is monitoring, GCHQ uses a variety of different tools that can pull together all of the relevant information and make it accessible through a single interface. SAMUEL PEPYS is one such tool, built by the British spies to analyze both the content and metadata of emails, browsing sessions, and instant messages as they are being intercepted in real time. One screenshot of SAMUEL PEPYS in action shows the agency using it to monitor an individual in Sweden who visited a page about GCHQ on the U.S.-based anti-secrecy website Cryptome.
  • Partly due to the U.K.’s geographic location — situated between the United States and the western edge of continental Europe — a large amount of the world’s Internet traffic passes through its territory across international data cables. In 2010, GCHQ noted that what amounted to “25 percent of all Internet traffic” was transiting the U.K. through some 1,600 different cables. The agency said that it could “survey the majority of the 1,600” and “select the most valuable to switch into our processing systems.”
  • According to Joss Wright, a research fellow at the University of Oxford’s Internet Institute, tapping into the cables allows GCHQ to monitor a large portion of foreign communications. But the cables also transport masses of wholly domestic British emails and online chats, because when anyone in the U.K. sends an email or visits a website, their computer will routinely send and receive data from servers that are located overseas. “I could send a message from my computer here [in England] to my wife’s computer in the next room and on its way it could go through the U.S., France, and other countries,” Wright says. “That’s just the way the Internet is designed.” In other words, Wright adds, that means “a lot” of British data and communications transit across international cables daily, and are liable to be swept into GCHQ’s databases.
  • A map from a classified GCHQ presentation about intercepting communications from undersea cables. GCHQ is authorized to conduct dragnet surveillance of the international data cables through so-called external warrants that are signed off by a government minister. The external warrants permit the agency to monitor communications in foreign countries as well as British citizens’ international calls and emails — for example, a call from Islamabad to London. They prohibit GCHQ from reading or listening to the content of “internal” U.K. to U.K. emails and phone calls, which are supposed to be filtered out from GCHQ’s systems if they are inadvertently intercepted unless additional authorization is granted to scrutinize them. However, the same rules do not apply to metadata. A little-known loophole in the law allows GCHQ to use external warrants to collect and analyze bulk metadata about the emails, phone calls, and Internet browsing activities of British people, citizens of closely allied countries, and others, regardless of whether the data is derived from domestic U.K. to U.K. communications and browsing sessions or otherwise. In March, the existence of this loophole was quietly acknowledged by the U.K. parliamentary committee’s surveillance review, which stated in a section of its report that “special protection and additional safeguards” did not apply to metadata swept up using external warrants and that domestic British metadata could therefore be lawfully “returned as a result of searches” conducted by GCHQ.
  • Perhaps unsurprisingly, GCHQ appears to have readily exploited this obscure legal technicality. Secret policy guidance papers issued to the agency’s analysts instruct them that they can sift through huge troves of indiscriminately collected metadata records to spy on anyone regardless of their nationality. The guidance makes clear that there is no exemption or extra privacy protection for British people or citizens from countries that are members of the Five Eyes, a surveillance alliance that the U.K. is part of alongside the U.S., Canada, Australia, and New Zealand. “If you are searching a purely Events only database such as MUTANT BROTH, the issue of location does not occur,” states one internal GCHQ policy document, which is marked with a “last modified” date of July 2012. The document adds that analysts are free to search the databases for British metadata “without further authorization” by inputing a U.K. “selector,” meaning a unique identifier such as a person’s email or IP address, username, or phone number. Authorization is “not needed for individuals in the U.K.,” another GCHQ document explains, because metadata has been judged “less intrusive than communications content.” All the spies are required to do to mine the metadata troves is write a short “justification” or “reason” for each search they conduct and then click a button on their computer screen.
  • Intelligence GCHQ collects on British persons of interest is shared with domestic security agency MI5, which usually takes the lead on spying operations within the U.K. MI5 conducts its own extensive domestic surveillance as part of a program called DIGINT (digital intelligence).
  • GCHQ’s documents suggest that it typically retains metadata for periods of between 30 days to six months. It stores the content of communications for a shorter period of time, varying between three to 30 days. The retention periods can be extended if deemed necessary for “cyber defense.” One secret policy paper dated from January 2010 lists the wide range of information the agency classes as metadata — including location data that could be used to track your movements, your email, instant messenger, and social networking “buddy lists,” logs showing who you have communicated with by phone or email, the passwords you use to access “communications services” (such as an email account), and information about websites you have viewed.
  • Records showing the full website addresses you have visited — for instance, www.gchq.gov.uk/what_we_do — are treated as content. But the first part of an address you have visited — for instance, www.gchq.gov.uk — is treated as metadata. In isolation, a single metadata record of a phone call, email, or website visit may not reveal much about a person’s private life, according to Ethan Zuckerman, director of Massachusetts Institute of Technology’s Center for Civic Media. But if accumulated and analyzed over a period of weeks or months, these details would be “extremely personal,” he told The Intercept, because they could reveal a person’s movements, habits, religious beliefs, political views, relationships, and even sexual preferences. For Zuckerman, who has studied the social and political ramifications of surveillance, the most concerning aspect of large-scale government data collection is that it can be “corrosive towards democracy” — leading to a chilling effect on freedom of expression and communication. “Once we know there’s a reasonable chance that we are being watched in one fashion or another it’s hard for that not to have a ‘panopticon effect,’” he said, “where we think and behave differently based on the assumption that people may be watching and paying attention to what we are doing.”
  • When compared to surveillance rules in place in the U.S., GCHQ notes in one document that the U.K. has “a light oversight regime.” The more lax British spying regulations are reflected in secret internal rules that highlight greater restrictions on how NSA databases can be accessed. The NSA’s troves can be searched for data on British citizens, one document states, but they cannot be mined for information about Americans or other citizens from countries in the Five Eyes alliance. No such constraints are placed on GCHQ’s own databases, which can be sifted for records on the phone calls, emails, and Internet usage of Brits, Americans, and citizens from any other country. The scope of GCHQ’s surveillance powers explain in part why Snowden told The Guardian in June 2013 that U.K. surveillance is “worse than the U.S.” In an interview with Der Spiegel in July 2013, Snowden added that British Internet cables were “radioactive” and joked: “Even the Queen’s selfies to the pool boy get logged.”
  • In recent years, the biggest barrier to GCHQ’s mass collection of data does not appear to have come in the form of legal or policy restrictions. Rather, it is the increased use of encryption technology that protects the privacy of communications that has posed the biggest potential hindrance to the agency’s activities. “The spread of encryption … threatens our ability to do effective target discovery/development,” says a top-secret report co-authored by an official from the British agency and an NSA employee in 2011. “Pertinent metadata events will be locked within the encrypted channels and difficult, if not impossible, to prise out,” the report says, adding that the agencies were working on a plan that would “(hopefully) allow our Internet Exploitation strategy to prevail.”
Paul Merrell

Spy Chief James Clapper Wins Rosemary Award - 0 views

www2.gwu.edu/...20140324

surveillance state NSA Rosemary-Award Obama Clapper Alexander

shared by Paul Merrell on 24 Mar 14 - No Cached
  • Director of National Intelligence James Clapper has won the infamous Rosemary Award for worst open government performance in 2013, according to the citation published today by the National Security Archive at www.nsarchive.org. Despite heavy competition, Clapper's "No, sir" lie to Senator Ron Wyden's question: "Does the NSA collect any type of data at all on millions or hundreds of millions of Americans?" sealed his receipt of the dubious achievement award, which cites the vastly excessive secrecy of the entire U.S. surveillance establishment. The Rosemary Award citation leads with what Clapper later called the "least untruthful" answer possible to congressional questions about the secret bulk collection of Americans' phone call data. It further cites other Clapper claims later proved false, such as his 2012 statement that "we don't hold data on U.S. citizens." But the Award also recognizes Clapper's fellow secrecy fetishists and enablers, including:
  • Gen. Keith Alexander, director of the NSA, for multiple Rose Mary Woods-type stretches, such as (1) claiming that the secret bulk collection prevented 54 terrorist plots against the U.S. when the actual number, according to the congressionally-established Privacy and Civil Liberties Oversight Board (PCLOB) investigation (pp. 145-153), is zero; (2) his 2009 declaration to the wiretap court that multiple NSA violations of the court's orders arose from differences over "terminology," an explanation which the chief judge said "strains credulity;" and (3) public statements by the NSA about its programs that had to be taken down from its website for inaccuracies (see Documents 78, 85, 87 in The Snowden Affair), along with public statements by other top NSA officials now known to be untrue (see "Remarks of Rajesh De," NSA General Counsel, Document 53 in The Snowden Affair).
  • Robert Mueller, former FBI director, for suggesting (as have Gen. Alexander and many others) that the secret bulk collection program might have been able to prevent the 9/11 attacks, when the 9/11 Commission found explicitly the problem was not lack of data points, but failing to connect the many dots the intelligence community already had about the would-be hijackers living in San Diego. The National Security Division lawyers at the Justice Department, for misleading their own Solicitor General (Donald Verrilli) who then misled (inadvertently) the U.S. Supreme Court over whether Justice let defendants know that bulk collection had contributed to their prosecutions. The same National Security Division lawyers who swore under oath in the Electronic Frontier Foundation's Freedom of Information Act lawsuit for a key wiretap court opinion that the entire text of the opinion was appropriately classified Top Secret/Sensitive Compartmented Information (release of which would cause "exceptionally grave damage" to U.S. national security). Only after the Edward Snowden leaks and the embarrassed governmental declassification of the opinion did we find that one key part of the opinion's text simply reproduced the actual language of the 4th Amendment to the U.S. Constitution, and the only "grave damage" was to the government's false claims.
  • ...9 more annotations...
  • President Obama for his repeated misrepresentations about the bulk collection program (calling the wiretap court "transparent" and saying "all of Congress" knew "exactly how this program works") while in effect acknowledging the public value of the Edward Snowden leaks by ordering the long-overdue declassification of key documents about the NSA's activities, and investigations both by a special panel and by the Privacy and Civil Liberties Oversight Board. The PCLOB directly contradicted the President, pointing out that "when the only means through which legislators can try to understand a prior interpretation of the law is to read a short description of an operational program, prepared by executive branch officials, made available only at certain times and locations, which cannot be discussed with others except in classified briefings conducted by those same executive branch officials, legislators are denied a meaningful opportunity to gauge the legitimacy and implications of the legal interpretation in question. Under such circumstances, it is not a legitimate method of statutory construction to presume that these legislators, when reenacting the statute, intended to adopt a prior interpretation that they had no fair means of evaluating." (p. 101)
  • Even an author of the Patriot Act, Rep. Jim Sensenbrenner (R-WI), was broadsided by the revelation of the telephone metadata dragnet. After learning of the extent of spying on Americans that his Act unleashed, he wrote that the National Security Agency "ignored restrictions painstakingly crafted by lawmakers and assumed plenary authority never imagined by Congress" by cloaking its actions behind the "thick cloud of secrecy" that even our elected representatives could not breech. Clapper recently conceded to the Daily Beast, "I probably shouldn't say this, but I will. Had we been transparent about this [phone metadata collection] from the outset … we wouldn't have had the problem we had." The NSA's former deputy director, John "Chris" Inglis, said the same when NPR asked him if he thought the metadata dragnet should have been disclosed before Snowden. "In hindsight, yes. In hindsight, yes." Speaking about potential (relatively minimal) changes to the National Security Agency even the president acknowledged, "And all too often new authorities were instituted without adequate public debate," and "Given the unique power of the state, it is not enough for leaders to say: Trust us. We won't abuse the data we collect. For history has too many examples when that trust has been breached." (Exhibit A, of course, is the NSA "watchlist" in the 1960's and 1970's that targeted not only antiwar and civil rights activists, but also journalists and even members of Congress.)
  • The Archive established the not-so-coveted Rosemary Award in 2005, named after President Nixon's secretary, Rose Mary Woods, who testified she had erased 18-and-a-half minutes of a crucial Watergate tape — stretching, as she showed photographers, to answer the phone with her foot still on the transcription pedal. Bestowed annually to highlight the lowlights of government secrecy, the Rosemary Award has recognized a rogue's gallery of open government scofflaws, including the CIA, the Treasury Department, the Air Force, the FBI, the Federal Chief Information Officers' Council, and the career Rosemary leader — the Justice Department — for the last two years. Rosemary-winner James Clapper has offered several explanations for his untruthful disavowal of the National Security Agency's phone metadata dragnet. After his lie was exposed by the Edward Snowden revelations, Clapper first complained to NBC's Andrea Mitchell that the question about the NSA's surveillance of Americans was unfair, a — in his words — "When are you going to stop beating your wife kind of question." So, he responded "in what I thought was the most truthful, or least untruthful, manner by saying 'no.'"
  • After continuing criticism for his lie, Clapper wrote a letter to Chairman of the Senate Select Committee on Intelligence Dianne Feinstein, now explaining that he misunderstood Wyden's question and thought it was about the PRISM program (under Section 702 of the Foreign Intelligence Surveillance Act) rather than the telephone metadata collection program (under Section 215 of the Patriot Act). Clapper wrote that his staff "acknowledged the error" to Senator Wyden soon after — yet he chose to reject Wyden's offer to amend his answer. Former NSA senior counsel Joel Brenner blamed Congress for even asking the question, claiming that Wyden "sandbagged" Clapper by the "vicious tactic" of asking "Does the NSA collect any type of data at all on millions or hundreds of millions of Americans?" Meanwhile, Steve Aftergood of the Federation of American Scientists countered that "it is of course wrong for officials to make false statements, as DNI Clapper did," and that in fact the Senate Intelligence Committee "became complicit in public deception" for failing to rebut or correct Clapper's statement, which they knew to be untruthful. Clapper described his unclassified testimony as a game of "stump the chump." But when it came to oversight of the National Security Agency, it appears that senators and representatives were the chumps being stumped. According to Representative Justin Amash (R-Mich), the House Intelligence Committee "decided it wasn't worthwhile to share this information" about telephone metadata surveillance with other members of Congress. Classified briefings open to the whole House were a "farce," Amash contended, often consisting of information found in newspapers and public statutes.
  • The Emmy and George Polk Award-winning National Security Archive, based at the George Washington University, has carried out thirteen government-wide audits of FOIA performance, filed more than 50,000 Freedom of Information Act requests over the past 28 years, opened historic government secrets ranging from the CIA's "Family Jewels" to documents about the testing of stealth aircraft at Area 51, and won a series of historic lawsuits that saved hundreds of millions of White House e-mails from the Reagan through Obama presidencies, among many other achievements.
  • Director Clapper joins an undistinguished list of previous Rosemary Award winners: 2012 - the Justice Department (in a repeat performance, for failure to update FOIA regulations for compliance with the law, undermining congressional intent, and hyping its open government statistics) 2011- the Justice Department (for doing more than any other agency to eviscerate President Obama's Day One transparency pledge, through pit-bull whistleblower prosecutions, recycled secrecy arguments in court cases, retrograde FOIA regulations, and mixed FOIA responsiveness) 2010 - the Federal Chief Information Officers' Council (for "lifetime failure" to address the crisis in government e-mail preservation) 2009 - the FBI (for having a record-setting rate of "no records" responses to FOIA requests) 2008 - the Treasury Department (for shredding FOIA requests and delaying responses for decades) 2007 - the Air Force (for disappearing its FOIA requests and having "failed miserably" to meet its FOIA obligations, according to a federal court ruling) 2006 - the Central Intelligence Agency (for the biggest one-year drop-off in responsiveness to FOIA requests yet recorded).   ALSO-RANS The Rosemary Award competition in 2013 was fierce, with a host of government contenders threatening to surpass the Clapper "least untruthful" standard. These secrecy over-achievers included the following FOI delinquents:
  • Admiral William McRaven, head of the Special Operations Command for the raid that killed Osama Bin Laden, who purged his command's computers and file cabinets of all records on the raid, sent any remaining copies over to CIA where they would be effectively immune from the FOIA, and then masterminded a "no records" response to the Associated Press when the AP reporters filed FOIA requests for raid-related materials and photos. If not for a one-sentence mention in a leaked draft inspector general report — which the IG deleted for the final version — no one would have been the wiser about McRaven's shell game. Subsequently, a FOIA lawsuit by Judicial Watch uncovered the sole remaining e-mail from McRaven ordering the evidence destruction, in apparent violation of federal records laws, a felony for which the Admiral seems to have paid no price. Department of Defense classification reviewers who censored from a 1962 document on the Cuban Missile Crisis direct quotes from public statements by Soviet Premier Nikita Khrushchev. The quotes referred to the U.S. Jupiter missiles in Turkey that would ultimately (and secretly) be pulled out in exchange for Soviet withdrawal of its missiles in Cuba. The denials even occurred after an appeal by the National Security Archive, which provided as supporting material the text of the Khrushchev statements and multiple other officially declassified documents (and photographs!) describing the Jupiters in Turkey. Such absurd classification decisions call into question all of the standards used by the Pentagon and the National Declassification Center to review historical documents.
  • Admiral William McRaven memo from May 13, 2011, ordering the destruction of evidence relating to the Osama bin Laden raid. (From Judicial Watch)
  • The Department of Justice Office of Information Policy, which continues to misrepresent to Congress the government's FOIA performance, while enabling dramatic increases in the number of times government agencies invoke the purely discretionary "deliberative process" exemption. Five years after President Obama declared a "presumption of openness" for FOIA requests, Justice lawyers still cannot show a single case of FOIA litigation in which the purported new standards (including orders from their own boss, Attorney General Eric Holder) have caused the Department to change its position in favor of disclosure.
Paul Merrell

Section 215 and "Fruitless" (?!?) Constitutional Adjudication | Just Security - 0 views

www.justsecurity.org/...ss-constitutional-adjudication

surveillance state 215 ACLU Clapper litigation 2nd-Circuit constitutional law

shared by Paul Merrell on 02 Nov 15 - No Cached
  • This morning, the Second Circuit issued a follow-on ruling to its May decision in ACLU v. Clapper (which had held that the NSA’s bulk telephone records program was unlawful insofar as it had not properly been authorized by Congress). In a nutshell, today’s ruling rejects the ACLU’s request for an injunction against the continued operation of the program for the duration of the 180-day transitional period (which ends on November 29) from the old program to the quite different collection regime authorized by the USA Freedom Act. As the Second Circuit (in my view, quite correctly) concluded, “Regardless of whether the bulk telephone metadata program was illegal prior to May, as we have held, and whether it would be illegal after November 29, as Congress has now explicitly provided, it is clear that Congress intended to authorize it during the transitionary period.” So far, so good. But remember that the ACLU’s challenge to bulk collection was mounted on both statutory and constitutional grounds, the latter of which the Second Circuit was able to avoid in its earlier ruling because of its conclusion that, prior to the enactment of the USA Freedom Act, bulk collection was unauthorized by Congress. Now that it has held that it is authorized during the transitional period, that therefore tees up, quite unavoidably, whether bulk collection violates the Fourth Amendment. But rather than decide that (momentous) question, the Second Circuit ducked:
  • We agree with the government that we ought not meddle with Congress’s considered decision regarding the transition away from bulk telephone metadata collection, and also find that addressing these issues at this time would not be a prudent use of judicial authority. We need not, and should not, decide such momentous constitutional issues based on a request for such narrow and temporary relief. To do so would take more time than the brief transition period remaining for the telephone metadata program, at which point, any ruling on the constitutionality of the demised program would be fruitless. In other words, because any constitutional violation is short-lived, and because it results from the “considered decision” of Congress, it would be fruitless to actually resolve the constitutionality of bulk collection during the transitional period.
  • Hopefully, it won’t take a lot of convincing for folks to understand just how wrong-headed this is. For starters, if the plaintiffs are correct, they are currently being subjected to unconstitutional government surveillance for which they are entitled to a remedy. The fact that this surveillance has a limited shelf-life (and/or that Congress was complicit in it) doesn’t in any way ameliorate the constitutional violation — which is exactly why the Supreme Court has, for generations, recognized an exception to mootness doctrine for constitutional violations that, owing to their short duration, are “capable of repetition, yet evading review.” Indeed, in this very same opinion, the Second Circuit first held that the ACLU’s challenge isn’t moot, only to then invokes mootness-like principles to justify not resolving the constitutional claim. It can’t be both; either the constitutional challenge is moot, or it isn’t. But more generally, the notion that constitutional adjudication of a claim with a short shelf-life is “fruitless” utterly misses the significance of the establishment of forward-looking judicial precedent, especially in a day and age in which courts are allowed to (and routinely do) avoid resolving the merits of constitutional claims in cases in which the relevant precedent is not “clearly established.” Maybe, if this were the kind of constitutional question that was unlikely to recur, there’d be more to the Second Circuit’s avoidance of the issue in this case. But whether and to what extent the Fourth Amendment applies to information we voluntarily provide to third parties is hardly that kind of question, and the Second Circuit’s unconvincing refusal to answer that question in a context in which it is quite squarely presented is nothing short of feckless.
Paul Merrell

Edward Snowden, a year on: reformers frustrated as NSA preserves its power | World news | theguardian.com - 1 views

www.theguardian.com/...e-year-nsa-surveillance-reform

surveillance-state NSA-reform legislation

shared by Paul Merrell on 07 Jun 14 - No Cached
  • For two weeks in May, it looked as though privacy advocates had scored a tenuous victory against the widespread surveillance practices exposed by Edward Snowden a year ago. Then came a resurgent intelligence community, armed with pens, and dry, legislative language.During several protracted sessions in secure rooms in the Capitol, intelligence veterans, often backed by the congressional leadership, sparred with House aides to abridge privacy and transparency provisions contained in the first bill rolling back National Security Agency spying powers in more than three decades. The revisions took place in secret after two congressional committees had passed the bill. The NSA and its allies took creative advantage of a twilight legislative period permitting technical or cosmetic language changes.The episode shows the lengths to which the architects and advocates of bulk surveillance have gone to preserve their authorities in the time since the Guardian, 12 months ago today, began disclosing the scope of NSA data collection. That resistance to change, aided by the power and trust enjoyed by the NSA on Capitol Hill, helps explain why most NSA powers remain intact a year after the largest leak in the agency's histo
  • But exactly one year on, the NSA’s greatest wound so far has been its PR difficulties. The agency, under public pressure, has divested itself of exactly one activity, the bulk collection of US phone data. Yet while the NSA will not itself continue to gather the data directly, the major post-Snowden legislative fix grants the agency wide berth in accessing and searching large volumes of phone records, and even wider latitude in collecting other kinds of data.There are no other mandated reforms.
  • Some NSA critics look to the courts for a fuller tally of their victories in the wake of the Snowden disclosures. Judges have begun to permit defendants to see evidence gathered against them that had its origins in NSA email or call intercepts, which could disrupt prosecutions or invalidate convictions. At least one such defendant, in Colorado, is seeking the exclusion of such evidence, arguing that its use in court is illegal.Still other cases challenging the surveillance efforts have gotten beyond the government’s longtime insistence that accusers cannot prove they were spied upon, as the Snowden trove demonstrated a dragnet that presumptively touched every American’s phone records. This week, an Idaho federal judge implored the supreme court to settle the question of the bulk surveillance's constitutionality."The litigation now is about the merits. It’s about the lawfulness of the surveillance program," said Jameel Jaffer, the ACLU’s deputy legal director.
  • ...4 more annotations...
  • The Freedom Act ultimately sped to passage in the House on May 22 by a bipartisan 303-121 vote. NSA advocates who had blasted its earlier version as hazardous to national security dropped their objections – largely because they had no more reason.Accordingly, the compromise language caused civil libertarians and technology groups not just to abandon the Freedom Act that they had long championed, but to question whether it actually banned bulk data collection. The government could acquire call-records data up to two degrees of separation from any "reasonable articulable suspicion" of wrongdoing, potentially representing hundreds or thousands of people on a single judicial order." That was not all.
  • "As the bill stands today, it could still permit the collection of email records from everyone who uses a particular email service," warned a Google legislative action alert after the bill passed the House. In a recent statement, cloud-storage firm Tresorit lamented that "there still has been no real progress in achieving truly effective security for consumer and corporate information."No one familiar with the negotiations alleges the NSA or its allies broke the law by amending the bill during the technical-fix period. But it is unusual for substantive changes to be introduced secretly after a bill has cleared committee and before its open debate by the full Senate or House."It is not out of order, but major changes in substance are rare, and appropriately so," said Norman Ornstein, an expert on congressional procedure at the American Enterprise Institute.Steve Aftergood, an intelligence policy analyst at the Federation of American Scientists, said the rewrites to the bill were an "invitation to cynicism."
  • "There does seem to be a sort of gamesmanship to it. Why go through all the troubling of crafting legislation, enlisting support and co-sponsorship, and adopting compromises if the bill is just going to be rewritten behind closed doors anyway?" Aftergood said.
  • Civil libertarians and activists now hope to strengthen the bill in the Senate. Its chief sponsor, Patrick Leahy of Vermont, vowed to take it up this month, and to push for "meaningful reforms" he said he was "disappointed" the House excluded. Obama administration officials will testify in the Senate intelligence committee about the bill on Thursday afternoon, the first anniversary of the Guardian's disclosure of bulk domestic phone records collection. That same day, Reddit, Imgur and other large websites will stage an online "Reset The Net" protest of NSA bulk surveillance.But the way the bill "morphed behind the scenes," as Lofgren put it, points to the obstacles such efforts face. It also points to a continuing opportunity for the NSA to say that Congress has actually blessed widespread data collection – a claim made after the Snowden leaks, despite most members of Congress and the public not knowing that NSA and the Fisa court secretly reinterpreted the Patriot Act in order to collect all US phone records.
  • Paul Merrell on 07 Jun 14
     
    Good Guardian article on how the American Freedom Act as reported out of House committees was gutted in secret meetings between key representatives and NSA (and other Executive Branch) officials. The House of Representatives kisses the feet of Dark Government. 
Paul Merrell

Yahoo webcam images from millions of users intercepted by GCHQ | World news | The Guardian - 0 views

www.theguardian.com/...a-webcam-images-internet-yahoo

surveillance state GCHQ NSA NSA-methods webcam-intercepts

shared by Paul Merrell on 28 Feb 14 - No Cached
  • Britain's surveillance agency GCHQ, with aid from the US National Security Agency, intercepted and stored the webcam images of millions of internet users not suspected of wrongdoing, secret documents reveal.GCHQ files dating between 2008 and 2010 explicitly state that a surveillance program codenamed Optic Nerve collected still images of Yahoo webcam chats in bulk and saved them to agency databases, regardless of whether individual users were an intelligence target or not.In one six-month period in 2008 alone, the agency collected webcam imagery – including substantial quantities of sexually explicit communications – from more than 1.8 million Yahoo user accounts globally.Yahoo reacted furiously to the webcam interception when approached by the Guardian. The company denied any prior knowledge of the program, accusing the agencies of "a whole new level of violation of our users' privacy".
  • GCHQ does not have the technical means to make sure no images of UK or US citizens are collected and stored by the system, and there are no restrictions under UK law to prevent Americans' images being accessed by British analysts without an individual warrant.The documents also chronicle GCHQ's sustained struggle to keep the large store of sexually explicit imagery collected by Optic Nerve away from the eyes of its staff, though there is little discussion about the privacy implications of storing this material in the first place.
  • "Face detection has the potential to aid selection of useful images for 'mugshots' or even for face recognition by assessing the angle of the face," it reads. "The best images are ones where the person is facing the camera with their face upright."The agency did make efforts to limit analysts' ability to see webcam images, restricting bulk searches to metadata only.However, analysts were shown the faces of people with similar usernames to surveillance targets, potentially dragging in large numbers of innocent people. One document tells agency staff they were allowed to display "webcam images associated with similar Yahoo identifiers to your known target".Optic Nerve was based on collecting information from GCHQ's huge network of internet cable taps, which was then processed and fed into systems provided by the NSA. Webcam information was fed into NSA's XKeyscore search tool, and NSA research was used to build the tool which identified Yahoo's webcam traffic.
  • ...3 more annotations...
  • Optic Nerve, the documents provided by NSA whistleblower Edward Snowden show, began as a prototype in 2008 and was still active in 2012, according to an internal GCHQ wiki page accessed that year.The system, eerily reminiscent of the telescreens evoked in George Orwell's 1984, was used for experiments in automated facial recognition, to monitor GCHQ's existing targets, and to discover new targets of interest. Such searches could be used to try to find terror suspects or criminals making use of multiple, anonymous user IDs.Rather than collecting webcam chats in their entirety, the program saved one image every five minutes from the users' feeds, partly to comply with human rights legislation, and also to avoid overloading GCHQ's servers. The documents describe these users as "unselected" – intelligence agency parlance for bulk rather than targeted collection.One document even likened the program's "bulk access to Yahoo webcam images/events" to a massive digital police mugbook of previously arrested individuals.
  • Programs like Optic Nerve, which collect information in bulk from largely anonymous user IDs, are unable to filter out information from UK or US citizens. Unlike the NSA, GCHQ is not required by UK law to "minimize", or remove, domestic citizens' information from its databases. However, additional legal authorisations are required before analysts can search for the data of individuals likely to be in the British Isles at the time of the search.There are no such legal safeguards for searches on people believed to be in the US or the other allied "Five Eyes" nations – Australia, New Zealand and Canada.
  • The documents also show that GCHQ trialled automatic searches based on facial recognition technology, for people resembling existing GCHQ targets: "[I]f you search for similar IDs to your target, you will be able to request automatic comparison of the face in the similar IDs to those in your target's ID".
Paul Merrell

NSA oversight dismissed as 'illusory' as anger intensifies in Europe and beyond | World news | theguardian.com - 0 views

www.theguardian.com/...veillance-anger-deepens-europe

surveillance state NSA NSA-oversight NSA-blowback IAHCR U.N. legislation Sensenbrenner Leahy

shared by Paul Merrell on 30 Oct 13 - No Cached
  • The Obama administration's international surveillance crisis deepened on Monday as representatives from a Latin American human rights panel told US diplomats that oversight of the programs was "illusory".Members of the Inter-American Commission on Human Rights, an arm of the Organization of American States, expressed frustration and dissatisfaction with the National Security Agency's mass surveillance of foreign nationals – something the agency argues is both central to its existence and necessary to prevent terrorism. "With a program of this scope, it's obvious that any form of control becomes illusory when there's hundreds of millions of communications that become monitored and surveilled," said Felipe Gonzales, a commissioner and Chilean national."This is of concern to us because maybe the Inter-American Committee on Human Rights may become a target as well of surveillance," said Rodrigo Escobar Gil, a commissioner and Colombian citizen.
  • Frank La Rue, the United Nations special rapporteur on the right to freedom of opinion and expression, told the commission that the right to privacy was "inextricably linked" to free expression. "What is not permissible from a human rights point of view is that those that hold political power or those that are in security agencies or, even less, those in intelligence agencies decide by themselves, for themselves, what the scope of these surveillance activities are, or who will be targeted, or who will be blank surveilled," La Rue said.While the US sent four representatives to the hearing, they offered no defence, rebuttal or elaboration about bulk surveillance, saying the October government shutdown prevented them from adequate preparation. "We are here to listen," said deputy permanent representative Lawrence Gumbiner, who pledged to submit written responses within 30 days.All 35 North, Central and South American nations are members of the commission. La Rue, originally from Guatemala and an independent expert appointed by the Human Rights Council, travels the world reporting on human rights concerns – often in countries with poor democratic standards.
  • The Obama administration has been fielding a week's worth of European outrage following media reports that the NSA had collected a similarly large volume of phone calls from France – which director of national intelligence James Clapper, who recently apologised for misleading the Senate about domestic spying, called "false" – and spying on German chancellor Angela Merkel's own cellphone, which US officials have effectively confessed to. Brazil and Mexico are also demanding answers from US intelligence officials, following reports about intrusive acts of espionage in their territory revealed by documents provided to journalists by former NSA contractor Edward Snowden. The White House has said it will provide some answers after the completion of an external review of its surveillance programs, scheduled to be completed before the end of the year. The Guardian reported on Thursday that the NSA has intercepted the communications of 35 world leaders.
  • ...3 more annotations...
  • Spying on foreigners is the core mission of the NSA, one that it vigorously defends as appropriate, legal and unexceptional given the nature of global threats and widespread spycraft. Monday's hearing suggested that there are diplomatic consequences to bulk surveillance even if there may not be legal redress for non-Americans. Brazil has already shown a willingness to challenge Washington over bulk surveillance. President Dilma Rousseff postponed a September meeting with President Obama in protest, and denounced the spying during the UN general assembly shortly thereafter. Brazil is also teaming up with Germany at the UN on a general assembly resolution demanding an end to the mass surveillance. The commission's examination of the NSA's bulk surveillance activities suggested a potential southern front could open in the spy crisis just as the administration is attempting to calm down Europe.
  • International discomfort with NSA bulk surveillance is not the only spy challenge the Obama administration now confronts. Congressman James Sensenbrenner, the Wisconsin Republican and key author of the 2001 Patriot Act, is poised to introduce a bill this week that would prevent the NSA from collecting phone records on American citizens in bulk and without an individual warrant. The National Journal reported that Sensenbrenner's bill, which has a companion in the Senate, has attracted eight co-sponsors who either voted against or abstained on a July amendment in the House that would have defunded the domestic phone records bulk collection, a legislative gambit that came within seven votes of passage.Sensenbrenner's bill, like its Senate counterpart sponsored by Vermont Democrat Patrick Leahy, would not substantially restrict the NSA's foreign-focused surveillance, which is a traditional NSA activity. There is practically no congressional appetite, and no viable legislation, to limit the NSA from intercepting the communications of foreigners. An early sign about the course of potential surveillance reforms in the House of Representatives may come as early as Tuesday. The House intelligence committee, a hotbed of support for the NSA, will hold its first public hearing of the fall legislative calendar on proposed surveillance legislation. Its chairman, Mike Rogers of Michigan, has proposed requiring greater transparency on the NSA and the surveillance court that oversees it, but would largely leave the actual surveillance activities of the NSA, inside and outside the United States, untouched.
  • Alex Abdo, a lawyer with the ACLU, which requested the hearing at the Inter-American Commission on Human Rights, warned the human rights panel that the NSA could "target the foreign members of this commission when they travel abroad", as well as foreign dissidents of US-aligned governments; foreign lawyers for Guantánamo detainees; and other foreigners."If every country were to engage in surveillance as pervasive as the NSA, we would soon live in a state … with no refuge for the world's dissidents, journalists and human rights defenders," Abdo said.
Paul Merrell

Tech firms and privacy groups press for curbs on NSA surveillance powers - The Washington Post - 0 views

www.washingtonpost.com/...4-ab77-9646eea6a4c7_story.html

surveillance state Patriot-Act 215-sunset NSA-reform legislation

shared by Paul Merrell on 29 Mar 15 - No Cached
  • The nation’s top technology firms and a coalition of privacy groups are urging Congress to place curbs on government surveillance in the face of a fast-approaching deadline for legislative action. A set of key Patriot Act surveillance authorities expire June 1, but the effective date is May 21 — the last day before Congress breaks for a Memorial Day recess. In a letter to be sent Wednesday to the Obama administration and senior lawmakers, the coalition vowed to oppose any legislation that, among other things, does not ban the “bulk collection” of Americans’ phone records and other data.
  • We know that there are some in Congress who think that they can get away with reauthorizing the expiring provisions of the Patriot Act without any reforms at all,” said Kevin Bankston, policy director of New America Foundation’s Open Technology Institute, a privacy group that organized the effort. “This letter draws a line in the sand that makes clear that the privacy community and the Internet industry do not intend to let that happen without a fight.” At issue is the bulk collection of Americans’ data by intelligence agencies such as the National Security Agency. The NSA’s daily gathering of millions of records logging phone call times, lengths and other “metadata” stirred controversy when it was revealed in June 2013 by former NSA contractor Edward Snowden. The records are placed in a database that can, with a judge’s permission, be searched for links to foreign terrorists.They do not include the content of conversations.
  • That program, placed under federal surveillance court oversight in 2006, was authorized by the court in secret under Section 215 of the Patriot Act — one of the expiring provisions. The public outcry that ensued after the program was disclosed forced President Obama in January 2014 to call for an end to the NSA’s storage of the data. He also appealed to Congress to find a way to preserve the agency’s access to the data for counterterrorism information.
  • ...3 more annotations...
  • Despite growing opposition in some quarters to ending the NSA’s program, a “clean” authorization — one that would enable its continuation without any changes — is unlikely, lawmakers from both parties say. Sen. Ron Wyden (D-Ore.), a leading opponent of the NSA’s program in its current format, said he would be “surprised if there are 60 votes” in the Senate for that. In the House, where there is bipartisan support for reining in surveillance, it’s a longer shot still. “It’s a toxic vote back in your district to reauthorize the Patriot Act, if you don’t get some reforms” with it, said Rep. Thomas Massie (R-Ky.). The House last fall passed the USA Freedom Act, which would have ended the NSA program, but the Senate failed to advance its own version.The House and Senate judiciary committees are working to come up with new bipartisan legislation to be introduced soon.
  • The tech firms and privacy groups’ demands are a baseline, they say. Besides ending bulk collection, they want companies to have the right to be more transparent in reporting on national security requests and greater declassification of opinions by the Foreign Intelligence Surveillance Court.
  • Some legal experts have pointed to a little-noticed clause in the Patriot Act that would appear to allow bulk collection to continue even if the authority is not renewed. Administration officials have conceded privately that a legal case probably could be made for that, but politically it would be a tough sell. On Tuesday, a White House spokesman indicated the administration would not seek to exploit that clause. “If Section 215 sunsets, we will not continue the bulk telephony metadata program,” National Security Council spokesman Edward Price said in a statement first reported by Reuters. Price added that allowing Section 215 to expire would result in the loss of a “critical national security tool” used in investigations that do not involve the bulk collection of data. “That is why we have underscored the imperative of Congressional action in the coming weeks, and we welcome the opportunity to work with lawmakers on such legislation,” he said.
  • Paul Merrell on 29 Mar 15
     
    I omitted some stuff about opposition to sunsetting the provisions. They  seem to forget, as does Obama, that the proponents of the FISA Court's expansive reading of section 215 have not yet come up with a single instance where 215-derived data caught a single terrorist or prevented a single act of terrorism. Which means that if that data is of some use, it ain't in fighting terrorism, the purpose of the section.  Patriot Act § 215 is codified as 50 USCS § 1861, https://www.law.cornell.edu/uscode/text/50/1861 That section authorizes the FBI to obtain an iorder from the FISA Court "requiring the production of *any tangible things* (including books, records, papers, documents, and other items)."  Specific examples (a non-exclusive list) include: the production of library circulation records, library patron lists, book sales records, book customer lists, firearms sales records, tax return records, educational records, or medical records containing information that would identify a person." The Court can order that the recipient of the order tell no one of its receipt of the order or its response to it.   In other words, this is about way more than your telephone metadata. Do you trust the NSA with your medical records? 
Paul Merrell

Privacy Board Urges New Criteria for Secrecy - Secrecy News - 0 views

blogs.fas.org/...pclob-secrecy

surveillance state NSA Privacy-Oversight-Board 215 unlawful

shared by Paul Merrell on 24 Jan 14 - No Cached
  • The public controversy that erupted over NSA bulk collection of Americans’ telephone records was a clear sign, if one were needed, that the boundaries of government secrecy had been drawn incorrectly, and that the public had been wrongly denied an opportunity to grant or withhold its consent in such cases. To remedy this systemic problem, the Privacy and Civil Liberties Oversight Board said in a new report yesterday that the government needs to develop new criteria for secrecy and openness.
  • “The Board concludes that Section 215 [of the USA Patriot Act] does not provide an adequate legal basis to support this [bulk collection] program. Because the program is not statutorily authorized, it must be ended,” the report said. Even in the absence of overt abuse, it was argued, the mere collection of American telephone records in bulk is an infringement on privacy and other civil liberties. “Permitting the government to routinely collect the calling records of the entire nation fundamentally shifts the balance of power between the state and its citizens.” While there are procedures in place to limit the official use of such records, “in our view they cannot fully ameliorate the implications for privacy, speech, and association that follow from the government’s ongoing collection of virtually all telephone records of every American. Any governmental program that entails such costs requires a strong showing of efficacy. We do not believe the NSA’s telephone records program conducted under Section 215 meets that standard.”
  • If the bulk collection program were demonstrably effective in saving lives, the report implied, then certain infringements on privacy might well be warranted. But that is not the case, the Board majority concluded. “Given the limited value this [bulk collection] program has demonstrated to date… we find little reason to expect that it is likely to provide significant value, much less essential value, in safeguarding the nation in the future,” the Board report said.
Paul Merrell

NSA mass collection of phone data is legal, federal judge rules | World news | theguardian.com - 0 views

www.theguardian.com/...sa-phone-data-collection-legal

surveillance state 4th Amendment constitutional law ACLU

shared by Paul Merrell on 27 Dec 13 - No Cached
  • NSA phone data collection deemed legal: full ruling
  • A legal battle over the scope of US government surveillance took a turn in favour of the National Security Agency on Friday with a court opinion declaring that bulk collection of telephone data does not violate the constitution. The judgement, in a case brought before a district court in New York by the American Civil Liberties Union, directly contradicts the result of a similar challenge in a Washington court last week which ruled the NSA's bulk collection program was likely to prove unconstitutional and was "almost Orwellian" in scale. Friday's ruling makes it more likely that the issue will be settled by the US supreme court, although it may be overtaken by the decision of Barack Obama on whether to accept the recommendations of a White House review panel to ban the NSA from directly collecting such data. But the ruling from Judge William Pauley, a Clinton appointee to the Southern District of New York, will provide important ammunition for those within the intelligence community urging Obama to maintain the programme.
  • Judge Pauley said privacy protections enshrined in the fourth amendment of the US constitution needed to be balanced against a government need to maintain a database of records to prevent future terrorist attacks. “The right to be free from searches is fundamental but not absolute,” he said. “Whether the fourth amendment protects bulk telephony metadata is ultimately a question of reasonableness.”
  • ...1 more annotation...
  • The ACLU case against the NSA was dismissed primarily on the grounds that bulk collection was authorised under existing laws allowing “relevant” data collection to be authorised by secret US courts. Judge Pauley took a more sympathetic view of this relevance standard than many lawmakers in Congress, although he acknowledged it was “problematic” that many were not aware of how widely the law was being interpreted before disclosures by NSA whistleblower Edward Snowden. “The ACLU argues that the category at issue – all telephony metadata – is too broad and contains too much irrelevant information. That argument has no traction here. Because without all the data points, the government cannot be certain it is connecting the pertinent ones,” said Pauley. “There is no way for the government to know which particle of telephony metadata will lead to useful counterterrorism information ... Armed with all the metadata, NSA can draw connections it might otherwise never be able to find. The collection is broad, but the scope of counterterrorism investigations is unprecedented.” The ACLU said it would appeal the decision, starting in the New York circuit.
  • Paul Merrell on 27 Dec 13
     
    So now we have one judge for an Orewellian future and one against. 
Gary Edwards

XKeyscore: NSA tool collects 'nearly everything a user does on the internet' | World news | theguardian.com - 1 views

www.theguardian.com/...top-secret-program-online-data

Edward-Snowden Glenn-Greenwald NSA NSA-Patriot-Act-NDAA NSA-Whistleblower

shared by Gary Edwards on 01 Aug 13 - No Cached
  • The latest revelations will add to the intense public and congressional debate around the extent of NSA surveillance programs. They come as senior intelligence officials testify to the Senate judiciary committee on Wednesday, releasing classified documents in response to the Guardian's earlier stories on bulk collection of phone records and Fisa surveillance court oversight.
  • The files shed light on one of Snowden's most controversial statements, made in his first video interview published by the Guardian on June 10
  • "I, sitting at my desk," said Snowden, could "wiretap anyone, from you or your accountant, to a federal judge or even the president, if I had a personal email".
  • ...23 more annotations...
  • US officials vehemently denied this specific claim. Mike Rogers, the Republican chairman of the House intelligence committee, said of Snowden's assertion: "He's lying. It's impossible for him to do what he was saying he could do."
  • But training materials for XKeyscore detail how analysts can use it and other systems to mine enormous agency databases by filling in a simple on-screen form giving only a broad justification for the search. The request is not reviewed by a court or any NSA personnel before it is processed.
  • XKeyscore, the documents boast, is the NSA's "widest reaching" system developing intelligence from computer networks – what the agency calls Digital Network Intelligence (DNI). One presentation claims the program covers "nearly everything a typical user does on the internet", including the content of emails, websites visited and searches, as well as their metadata.
  • Analysts can also use XKeyscore and other NSA systems to obtain ongoing "real-time" interception of an individual's internet activity.
  • Under US law, the NSA is required to obtain an individualized Fisa warrant only if the target of their surveillance is a 'US person', though no such warrant is required for intercepting the communications of Americans with foreign targets.
  • But XKeyscore provides the technological capability, if not the legal authority, to target even US persons for extensive electronic surveillance without a warrant provided that some identifying information, such as their email or IP address, is known to the analyst.
  • One training slide illustrates the digital activity constantly being collected by XKeyscore and the analyst's ability to query the databases at any time.
  • The purpose of XKeyscore is to allow analysts to search the metadata as well as the content of emails and other internet activity, such as browser history, even when there is no known email account (a "selector" in NSA parlance) associated with the individual being targeted.
  • Analysts can also search by name, telephone number, IP address, keywords, the language in which the internet activity was conducted or the type of browser used.
  • One document notes that this is because "strong selection [search by email address] itself gives us only a very limited capability" because "a large amount of time spent on the web is performing actions that are anonymous."
  • Email monitoring
  • One top-secret document describes how the program "searches within bodies of emails, webpages and documents", including the "To, From, CC, BCC lines" and the 'Contact Us' pages on websites".
  • To search for emails, an analyst using XKS enters the individual's email address into a simple online search form, along with the "justification" for the search and the time period for which the emails are sought.
  • One document, a top secret 2010 guide describing the training received by NSA analysts for general surveillance under the Fisa Amendments Act of 2008, explains that analysts can begin surveillance on anyone by clicking a few simple pull-down menus designed to provide both legal and targeting justifications.
  • Once options on the pull-down menus are selected, their target is marked for electronic surveillance and the analyst is able to review the content of their communications:
  • Chats, browsing history and other internet activity
  • Beyond emails, the XKeyscore system allows analysts to monitor a virtually unlimited array of other internet activities, including those within social media.
  • An NSA tool called DNI Presenter, used to read the content of stored emails, also enables an analyst using XKeyscore to read the content of Facebook chats or private messages.
  • The XKeyscore program also allows an analyst to learn the IP addresses of every person who visits any website the analyst specifies.
  • The quantity of communications accessible through programs such as XKeyscore is staggeringly large. One NSA report from 2007 estimated that there were 850bn "call events" collected and stored in the NSA databases, and close to 150bn internet records. Each day, the document says, 1-2bn records were added.
  • William Binney, a former NSA mathematician, said last year that the agency had "assembled on the order of 20tn transactions about US citizens with other US citizens", an estimate, he said, that "only was involving phone calls and emails". A 2010 Washington Post article reported that "every day, collection systems at the [NSA] intercept and store 1.7bn emails, phone calls and other type of communications."
  • The ACLU's deputy legal director, Jameel Jaffer, told the Guardian last month that national security officials expressly said that a primary purpose of the new law was to enable them to collect large amounts of Americans' communications without individualized warrants.
  • "The government doesn't need to 'target' Americans in order to collect huge volumes of their communications," said Jaffer. "The government inevitably sweeps up the communications of many Americans" when targeting foreign nationals for surveillance.
  • Gary Edwards on 01 Aug 13
     
    "One presentation claims the XKeyscore program covers 'nearly everything a typical user does on the internet' ................................................................. A top secret National Security Agency program allows analysts to search with no prior authorization through vast databases containing emails, online chats and the browsing histories of millions of individuals, according to documents provided by whistleblower Edward Snowden. The NSA boasts in training materials that the program, called XKeyscore, is its "widest-reaching" system for developing intelligence from the internet. The latest revelations will add to the intense public and congressional debate around the extent of NSA surveillance programs. They come as senior intelligence officials testify to the Senate judiciary committee on Wednesday, releasing classified documents in response to the Guardian's earlier stories on bulk collection of phone records and Fisa surveillance court oversight. The files shed light on one of Snowden's most controversial statements, made in his first video interview published by the Guardian on June 10. "I, sitting at my desk," said Snowden, could "wiretap anyone, from you or your accountant, to a federal judge or even the president, if I had a personal email". US officials vehemently denied this specific claim. Mike Rogers, the Republican chairman of the House intelligence committee, said of Snowden's assertion: "He's lying. It's impossible for him to do what he was saying he could do." But training materials for XKeyscore detail how analysts can use it and other systems to mine enormous agency databases by filling in a simple on-screen form giving only a broad justification for the search. The request is not reviewed by a court or any NSA personnel before it is processed. XKeyscore, the documents boast, is the NSA's "widest reaching" system developing intelligence from computer networks - what the agency calls Digital Network Intelligence (DNI). One
  • Paul Merrell on 02 Aug 13
     
    "But training materials for XKeyscore detail how analysts can use it and other systems to mine enormous agency databases by filling in a simple on-screen form giving only a broad justification for the search. The request is not reviewed by a court or any NSA personnel before it is processed. " Note in that regard that Snowden said in an earlier interview that use of this system rarely was audited and that when audited, the most common request if changes were requested was to beef up the justification for the search. The XScore system puts the lie to just about everything the Administration has claimed about intense oversight by all three branches of federal government and about not reading emails or listening to (Skype) phone calls. The lies keep stacking up in an ever-deepening pile.
Paul Merrell

Why the NSA's Defense of Mass Data Collection Makes No Sense - Bruce Schneier - The Atlantic - 0 views

www.theatlantic.com/...280715

surveillance state NSA constitutional law lies

shared by Paul Merrell on 25 Oct 13 - No Cached
  • The basic government defense of the NSA's bulk-collection programs—whether it be the list of all the telephone calls you made, your email address book and IM buddy list, or the messages you send your friends—is that what the agency is doing is perfectly legal, and doesn’t really count as surveillance, until a human being looks at the data. It's what Director of National Intelligence James R. Clapper meant when he lied to Congress. When asked, "Does the NSA collect any type of data at all on millions or hundreds of millions of Americans?" he replied, "No sir, not wittingly." To him, the definition of "collect" requires that a human look at it. So when the NSA collects—using the dictionary definition of the word—data on hundreds of millions of Americans, it’s not really collecting it, because only computers process it. <div><a href="http://pubads.g.doubleclick.net/gampad/jump?iu=%2F4624%2FTheAtlanticOnline%2Fchannel_politics&t=src%3Dblog%26by%3Dbruce-schneier%26title%3Dwhy-the-nsas-defense-of-mass-data-collection-makes-no-sense%26pos%3Din-article&sz=300x185&c=898722889&tile=3" title=""><img src="http://pubads.g.doubleclick.net/gampad/ad?iu=%2F4624%2FTheAtlanticOnline%2Fchannel_politics&t=src%3Dblog%26by%3Dbruce-schneier%26title%3Dwhy-the-nsas-defense-of-mass-data-collection-makes-no-sense%26pos%3Din-article&sz=300x185&c=898722889&tile=3" alt="" /></a></div> The NSA maintains that we shouldn't worry about human processing, either, because it has rules about accessing all that data. General Keith Alexander, director of the NSA, said that in a recent New York Times interview: "The agency is under rules preventing it from investigating that so-called haystack of data unless it has a 'reasonable, articulable' justification, involving communications with terrorists abroad, he added." There are lots of things wrong with this defense.
  • Paul Merrell on 25 Oct 13
     
    Bruce Schneier tackles what's wrong with the government defense of NSA bulk surveillance, in The Atlantic, and does a very nice job of it. 
Paul Merrell

NSA performed warrantless searches on Americans' calls and emails - Clapper | World news | The Guardian - 0 views

www.theguardian.com/...llance-loophole-americans-data

surveillance state NSA FISA-Court FISA-loophole lies Obama

shared by Paul Merrell on 02 Apr 14 - No Cached
  • US intelligence chiefs have confirmed that the National Security Agency has used a "back door" in surveillance law to perform warrantless searches on Americans’ communications.The NSA's collection programs are ostensibly targeted at foreigners, but in August the Guardian revealed a secret rule change allowing NSA analysts to search for Americans' details within the databases.Now, in a letter to Senator Ron Wyden, an Oregon Democrat on the intelligence committee, the director of national intelligence, James Clapper, has confirmed the use of this legal authority to search for data related to “US persons”.
  • “There have been queries, using US person identifiers, of communications lawfully acquired to obtain foreign intelligence targeting non-US persons reasonably believed to be located outside the United States,” Clapper wrote in the letter, which has been obtained by the Guardian.“These queries were performed pursuant to minimization procedures approved by the Fisa court and consistent with the statute and the fourth amendment.” The legal authority to perform the searches, revealed in top-secret NSA documents provided to the Guardian by Edward Snowden, was denounced by Wyden as a “backdoor search loophole.”Many of the NSA's most controversial programs collect information under the law affected by the so-called loophole. These include Prism, which allows the agency to collect data from Google, Apple, Facebook, Yahoo and other tech companies, and the agency's Upstream program – a huge network of internet cable taps.
  • Clapper did not say how many warrantless searches had been performed by the NSA. It was not the first time the searches had been confirmed: after the Snowden leaks, the office of the director of national intelligence declassified documents that discussed the rule change. But Clapper's letter drew greater attention to the issue.Confirmation that the NSA has searched for Americans’ communications in its phone call and email databases complicates President Barack Obama’s initial defenses of the broad surveillance in June.“When it comes to telephone calls, nobody is listening to your telephone calls. That’s not what this program’s about,” Obama said. “As was indicated, what the intelligence community is doing is looking at phone numbers and durations of calls. They are not looking at people’s names, and they’re not looking at content.”Obama was referring specifically to the bulk collection of US phone records, but his answer misleadingly suggested that the NSA could not examine Americans’ phone calls and emails.
  • ...4 more annotations...
  • At a recent hearing of the Privacy and Civil Liberties Oversight Board, administration lawyers defended their latitude to perform such searches. The board is scheduled to deliver a report on the legal authority under which the communications are collected, Section 702 of the Foreign Intelligence Surveillance Act (Fisa), passed in 2008. Wyden and Colorado Democrat Mark Udall failed in 2012 to persuade their fellow Senate intelligence committee members to prevent such warrantless searches during the re-authorisation of the 2008 Fisa Amendments Act, which wrote Section 702 into law. Dianne Feinstein, the California Democrat who chairs the committee, defended the practice, and argued that it did not violate the act’s “reverse targeting” prohibition on using NSA’s vast powers to collect content on Americans.
  • Much of the NSA's bulk data collection is covered by section 702 of the Fisa Amendments Act. This allows for the collection of communications – content and metadata alike – without individual warrants, so long as there is a reasonable belief the communications are both foreign and overseas.The communications of Americans in direct contact with foreign targets can also be collected without a warrant, and the intelligence agencies acknowledge that purely domestic communications can also be inadvertently swept into its databases. That process is known as "incidental collection".Initially, NSA rules on such data prevented the databases being searched for any details relating to "US persons" – that is, citizens or residents of the US. However, in October 2011 the Fisa court approved new procedures which allowed the agency to search for US person data, a revelation contained in documents revealed by Snowden.
  • The ruling appears to give the agency free access to search for information relating to US people within its vast databases, though not to specifically collect information against US citizens in the first place. However, until the DNI's disclosure to Wyden, it was not clear whether the NSA had ever actually used these powers.On Tuesday, Wyden and Udall said the NSA’s warrantless searches of Americans’ emails and phone calls “should be concerning to all.” “This is unacceptable. It raises serious constitutional questions, and poses a real threat to the privacy rights of law-abiding Americans. If a government agency thinks that a particular American is engaged in terrorism or espionage, the fourth amendment requires that the government secure a warrant or emergency authorisation before monitoring his or her communications. This fact should be beyond dispute,” the two senators said in a joint statement.
  • They continued: “Today’s admission by the Director of National Intelligence is further proof that meaningful surveillance reform must include closing the back-door searches loophole and requiring the intelligence community to show probable cause before deliberately searching through data collected under section 702 to find the communications of individual Americans."
Paul Merrell

Tell Congress: My Phone Calls are My Business. Reform the NSA. | EFF Action Center - 0 views

act.eff.org/...are-my-business-reform-the-nsa

Patriot-Act sunset-section-215 EFF-email-campaign phone-records medical-records

shared by Paul Merrell on 31 Jan 15 - No Cached
  • The USA PATRIOT Act granted the government powerful new spying capabilities that have grown out of control—but the provision that the FBI and NSA have been using to collect the phone records of millions of innocent people expires on June 1. Tell Congress: it’s time to rethink out-of-control spying. A vote to reauthorize Section 215 is a vote against the Constitution.
  • On June 5, 2013, the Guardian published a secret court order showing that the NSA has interpreted Section 215 to mean that, with the help of the FBI, it can collect the private calling records of millions of innocent people. The government could even try to use Section 215 for bulk collection of financial records. The NSA’s defenders argue that invading our privacy is the only way to keep us safe. But the White House itself, along with the President’s Review Board has said that the government can accomplish its goals without bulk telephone records collection. And the Privacy and Civil Liberties Oversight Board said, “We have not identified a single instance involving a threat to the United States in which [bulk collection under Section 215 of the PATRIOT Act] made a concrete difference in the outcome of a counterterrorism investigation.” Since June of 2013, we’ve continued to learn more about how out of control the NSA is. But what has not happened since June is legislative reform of the NSA. There have been myriad bipartisan proposals in Congress—some authentic and some not—but lawmakers didn’t pass anything. We need comprehensive reform that addresses all the ways the NSA has overstepped its authority and provides the NSA with appropriate and constitutional tools to keep America safe. In the meantime, tell Congress to take a stand. A vote against reauthorization of Section 215 is a vote for the Constitution.
  • Paul Merrell on 31 Jan 15
     
    EFF has launched an email campagin to press members of Congress not to renew sectiion 215 of the Patriot Act when it expires on June 1, 2015.   Sectjon 215 authorizes FBI officials to "make an application for an order requiring the production of *any tangible things* (including books, records, papers, documents, and other items) for an investigation to obtain foreign intelligence information not concerning a United States person or to protect against international terrorism or clandestine intelligence activities, provided that such investigation of a United States person is not conducted solely upon the basis of activities protected by the first amendment to the Constitution." http://www.law.cornell.edu/uscode/text/50/1861 The section has been abused to obtain bulk collecdtion of all telephone records for the NSA's storage and processing.But the section goes farther and lists as specific examples of records that can be obtained under section 215's authority, "library circulation records, library patron lists, book sales records, book customer lists, firearms sales records, tax return records, educational records, or medical records."  Think of the NSA's voracious appetite for new "haystacks" it can store  and search in its gigantic new data center in Utah. Then ask yourself, "do I want the NSA to obtain all of my personal data, store it, and search it at will?" If your anser is "no," you might consider visiting this page to send your Congress critters an email urging them to vote against renewal of section 215 and to vote for other NSA reforms listed in the EFF sample email text. Please do not procrastinate. Do it now, before you forget. Every voice counts. 
Paul Merrell

The frightening promise of self-tracking pills | The Verge - 0 views

www.theverge.com/...acking-privacy-quantified-self

surveillance state pill-tracking wireless

shared by Paul Merrell on 13 Oct 15 - No Cached
  • Some morning in the future, you take a pill — maybe something for depression or cholesterol. You take it every morning. Buried inside the pill is a sand-sized grain, one millimeter square and a third of a millimeter thick, made from copper, magnesium, and silicon. When the pill reaches your stomach, your stomach acids form a circuit with the copper and magnesium, powering up a microchip. Soon, the entire contraption will dissolve, but in the five minutes before that happens, the chip taps out a steady rhythm of electrical pulses, barely audible over the body's background hum. The signal travels as far as a patch stuck to your skin near the navel, which verifies the signal, then transmits it wirelessly to your smartphone, which passes it along to your doctor. There's now a verifiable record that the pill reached your stomach.
  • This is the vision of Proteus, a new drug-device accepted for review by the Food and Drug Administration last month. The company says it's the first in a new generation of smart drugs, a new source of data for patients and doctors alike. But bioethicists worry that the same data could be used to control patients, infringing on the intensely personal right to refuse medication and giving insurers new power over patients’ lives. As the device moves closer to market, it raises a serious question: Is tracking medicine worth the risk?
  • But not everyone's convinced that the ability to track pills will be good news for patients. The right to refuse treatment is an important, fragile principle in health care. Many are worried that tracking whether a pill is being consumed will be the first step towards punishing patients that don't comply. While doctors can’t force a patient to take a pill, court orders frequently mandate treatments involving specific drug regimens.
  • ...3 more annotations...
  • NYU bioethicist Arthur Caplan says he can imagine a judge using Proteus to enforce medication as part of a sentence: miss a pill, and your parole is revoked. "The temptation in the legal system to say, 'I can monitor you and make sure you're not a threat' is going to be huge," Caplan says. "Maybe that's good, maybe it's bad, but it's a different world than saying I consent to taking these pills." Those court orders are rare at the moment, since there’s no way to ensure a patient is taking medication outside of a controlled treatment facility — but as pill-tracking becomes easier, those measures could become much more common. That's particularly likely given the way Proteus is entering the market. The device's first partnership bundles it with Abilify, a powerful antipsychotic most commonly used to treat mood disorders, schizophrenia, and Tourette's. The most common effects are improved concentration and decreased hallucinations, but it comes with extreme side effects like increased suicide risk and a lower seizure threshold. It's most often prescribed in cases of severe mental illness, often in psychiatric institutions or as part of a court-mandated treatment program — exactly the scenarios bioethicists like Caplan are most worried about.
  • Patient's biggest protection are medical privacy laws like HIPAA, which prevent medical data from being shared with anyone outside the hospital system. That would stop your boss or your parents from using Proteus to make sure you haven't fallen behind on your anti-anxiety medication. But those laws won't keep data out of the hands of healthcare providers, and Caplan is concerned the pill could also be used to enforce compliance. Insurers might offer a discounted rate on tracked pills, then hit patients with a $100 co-pay for every treatment they miss. It's not as oppressive as a court order, but the end result would be similar.
  • Still, those concerns are unlikely to keep Proteus out of the hands of doctors. The upcoming FDA approval will focus largely on safety and efficacy, leaving the larger ethical challenges to be solved after the drug is released to doctors and patients at large. With the technology available, it will be up to the courts to decide when it’s legal and ethical to use it. As far as Proteus is concerned, the power of the technology outweighs the risks. "There are challenges with bringing digital into any sector," a company representative said. "The reason to embrace the challenge in health care is because the need is so great."
  • Paul Merrell on 13 Oct 15
     
    Let's not forget that because Congress recently decided to revive Patriot Act sect. 215, the FBI is authorized to gather medical records for foreign intelligence and anti-terrorism purposes and according to ex-NSA chief scientist William Binney, the NSA in fact collects medical records and makes them available to law enforcement agencies without a warrant or court order.  http://motherboard.vice.com/read/i-toured-stasi-hq-with-nsa-whistleblowers  One judge has found that statute unconstitutional and may rule in the next few days. A court of appeals has found that the statute did not authorize bulk collection of telephone metadata records. An Oregon federal judge ruled that the DEA cannot obtain prescription records (in part because they are medical records) without an individualized search warrant, specifically ruling against the bulk collection argument. Maybe someday someone in federal government will get a clue that medical records are not one of the "haystacks" the NSA is permitted to create.  Involuntary medical treatment is another giant legal hairball. See https://en.wikipedia.org/wiki/Involuntary_treatment   
Paul Merrell

The Latest US and World News - USATODAY.com - 0 views

www.usatoday.com/...70808616

surveillance state DEA phone-surveillance

shared by Paul Merrell on 08 Apr 15 - No Cached
  • The U.S. government started keeping secret records of Americans' international telephone calls nearly a decade before the Sept. 11 terrorist attacks, harvesting billions of calls in a program that provided a blueprint for the far broader National Security Agency surveillance that followed.For more than two decades, the Justice Department and the Drug Enforcement Administration amassed logs of virtually all telephone calls from the USA to as many as 116 countries linked to drug trafficking, current and former officials involved with the operation said. The targeted countries changed over time but included Canada, Mexico and most of Central and South America.Federal investigators used the call records to track drug cartels' distribution networks in the USA, allowing agents to detect previously unknown trafficking rings and money handlers. They also used the records to help rule out foreign ties to the bombing in 1995 of a federal building in Oklahoma City and to identify U.S. suspects in a wide range of other investigations.The Justice Department revealed in January that the DEA had collected data about calls to "designated foreign countries." But the history and vast scale of that operation have not been disclosed until now.
  • The now-discontinued operation, carried out by the DEA's intelligence arm, was the government's first known effort to gather data on Americans in bulk, sweeping up records of telephone calls made by millions of U.S. citizens regardless of whether they were suspected of a crime. It was a model for the massive phone surveillance system the NSA launched to identify terrorists after the Sept. 11 attacks. That dragnet drew sharp criticism that the government had intruded too deeply into Americans' privacy after former NSA contractor Edward Snowden leaked it to the news media two years ago.More than a dozen current and former law enforcement and intelligence officials described the details of the Justice Department operation to USA TODAY. Most did so on the condition of anonymity because they were not authorized to publicly discuss the intelligence program, part of which remains classified.The DEA program did not intercept the content of Americans' calls, but the records — which numbers were dialed and when — allowed agents to map suspects' communications and link them to troves of other police and intelligence data. At first, the drug agency did so with help from military computers and intelligence analysts
  • The extent of that surveillance alarmed privacy advocates, who questioned its legality. "This was aimed squarely at Americans," said Mark Rumold, an attorney with the Electronic Frontier Foundation. "That's very significant from a constitutional perspective."Holder halted the data collection in September 2013 amid the fallout from Snowden's revelations about other surveillance programs. In its place, current and former officials said the drug agency sends telecom companies daily subpoenas for international calling records involving only phone numbers that agents suspect are linked to the drug trade or other crimes — sometimes a thousand or more numbers a day.Tuesday, Justice Department spokesman Patrick Rodenbush said the DEA "is no longer collecting bulk telephony metadata from U.S. service providers." A DEA spokesman declined to comment.
  • ...6 more annotations...
  • The system they built ultimately allowed the drug agency to stitch together huge collections of data to map trafficking and money laundering networks both overseas and within the USA. It allowed agents to link the call records its agents gathered domestically with calling data the DEA and intelligence agencies had acquired outside the USA. (In some cases, officials said the DEA paid employees of foreign telecom firms for copies of call logs and subscriber lists.) And it eventually allowed agents to cross-reference all of that against investigative reports from the DEA, FBI and Customs Service.
  • The result "produced major international investigations that allowed us to take some big people," Constantine said, though he said he could not identify particular cases.
  • In 1992, in the last months of Bush's administration, Attorney General William Barr and his chief criminal prosecutor, Robert Mueller, gave the DEA permission to collect a much larger set of phone data to feed into that intelligence operation.Instead of simply asking phone companies for records about calls made by people suspected of drug crimes, the Justice Department began ordering telephone companies to turn over lists of all phone calls from the USA to countries where the government determined drug traffickers operated, current and former officials said
  • The DEA obtained those records using administrative subpoenas that allow the agency to collect records "relevant or material to" federal drug investigations. Officials acknowledged it was an expansive interpretation of that authority but one that was not likely to be challenged because unlike search warrants, DEA subpoenas do not require a judge's approval. "We knew we were stretching the definition," a former official involved in the process said.Officials said a few telephone companies were reluctant to provide so much information, but none challenged the subpoenas in court. Those that hesitated received letters from the Justice Department urging them to comply.
  • A spokesman for AT&T declined to comment. Sprint spokeswoman Stephanie Vinge Walsh said only that "we do comply with all state and federal laws regarding law enforcement subpoenas."Agents said that when the data collection began, they sought to limit its use mainly to drug investigations and turned away requests for access from the FBI and the NSA. They allowed searches of the data in terrorism cases, including the bombing of a federal building in Oklahoma City that killed 168 people in 1995, helping to rule out theories linking the attack to foreign terrorists. They allowed even broader use after Sept. 11, 2001. The DEA's public disclosure of its program in January came in the case of a man charged with violating U.S. export restrictions by trying to send electrical equipment to Iran.At first, officials said the DEA gathered records only of calls to a handful of countries, focusing on Colombian drug cartels and their supply lines. Its reach grew quickly, and by the late 1990s, the DEA was logging "a massive number of calls," said a former intelligence official who supervised the program.
  • At its peak, the operation gathered data on calls to 116 countries, an official involved in reviewing the list said. Two other officials said they did not recall the precise number of countries, but it was more than 100. That gave the collection a considerable sweep; the U.S. government recognizes a total of 195 countries.
Paul Merrell

NSA collects millions of text messages daily in 'untargeted' global sweep | World news | The Guardian - 0 views

www.theguardian.com/...-daily-untargeted-global-sweep

surveillance state NSA GCHQ NSA-targets SMS text-messages

shared by Paul Merrell on 23 Jan 14 - No Cached
  • The National Security Agency has collected almost 200 million text messages a day from across the globe, using them to extract data including location, contact networks and credit card details, according to top-secret documents. The untargeted collection and storage of SMS messages – including their contacts – is revealed in a joint investigation between the Guardian and the UK’s Channel 4 News based on material provided by NSA whistleblower Edward Snowden. The documents also reveal the UK spy agency GCHQ has made use of the NSA database to search the metadata of “untargeted and unwarranted” communications belonging to people in the UK.
  • The NSA program, codenamed Dishfire, collects “pretty much everything it can”, according to GCHQ documents, rather than merely storing the communications of existing surveillance targets. The NSA has made extensive use of its vast text message database to extract information on people’s travel plans, contact books, financial transactions and more – including of individuals under no suspicion of illegal activity. An agency presentation from 2011 – subtitled “SMS Text Messages: A Goldmine to Exploit” – reveals the program collected an average of 194 million text messages a day in April of that year. In addition to storing the messages themselves, a further program known as “Prefer” conducted automated analysis on the untargeted communications.
  • The Prefer program uses automated text messages such as missed call alerts or texts sent with international roaming charges to extract information, which the agency describes as “content-derived metadata”, and explains that “such gems are not in current metadata stores and would enhance current analytics”. On average, each day the NSA was able to extract:
  • ...6 more annotations...
  • • More than 5 million missed-call alerts, for use in contact-chaining analysis (working out someone’s social network from who they contact and when) • Details of 1.6 million border crossings a day, from network roaming alerts • More than 110,000 names, from electronic business cards, which also included the ability to extract and save images.
  • • Over 800,000 financial transactions, either through text-to-text payments or linking credit cards to phone users The agency was also able to extract geolocation data from more than 76,000 text messages a day, including from “requests by people for route info” and “setting up meetings”. Other travel information was obtained from itinerary texts sent by travel companies, even including cancellations and delays to travel plans.
  • Communications from US phone numbers, the documents suggest, were removed (or “minimized”) from the database – but those of other countries, including the UK, were retained. The revelation the NSA is collecting and extracting personal information from hundreds of millions of global text messages a day is likely to intensify international pressure on US president Barack Obama, who on Friday is set to give his response to the report of his NSA review panel.
  • While US attention has focused on whether the NSA’s controversial phone metadata program will be discontinued, the panel also suggested US spy agencies should pay more consideration to the privacy rights of foreigners, and reconsider spying efforts against allied heads of state and diplomats. In a statement to the Guardian, a spokeswoman for the NSA said any implication that the agency’s collection was “arbitrary and unconstrained is false”. The agency’s capabilities were directed only against “valid foreign intelligence targets” and were subject to stringent legal safeguards, she said.
  • “In contrast to [most] GCHQ equivalents, DISHFIRE contains a large volume of unselected SMS traffic,” it states (emphasis original). “This makes it particularly useful for the development of new targets, since it is possible to examine the content of messages sent months or even years before the target was known to be of interest.” It later explains in plain terms how useful this capability can be. Comparing Dishfire favourably to a GCHQ counterpart which only collects against phone numbers that have specifically been targeted, it states “Dishfire collects pretty much everything it can, so you can see SMS from a selector which is not targeted”.
  • The document also states the database allows for broad, bulk searches of keywords which could result in a high number of hits, rather than just narrow searches against particular phone numbers: “It is also possible to search against the content in bulk (e.g. for a name or home telephone number) if the target’s mobile phone number is not known.” Analysts are warned to be careful when searching content for terms relating to UK citizens or people currently residing in the UK, as these searches could be successful but would not be legal without a warrant or similar targeting authority. However, a note from GCHQ’s operational legalities team, dated May 2008, states agents can search Dishfire for “events” data relating to UK numbers – who is contacting who, and when.
‹ Previous 21 - 40 of 153 Next › Last »
Showing 20 items per page